last executing test programs:

51.718553627s ago: executing program 2 (id=342):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r0}, 0x18)
r1 = memfd_create(&(0x7f00000009c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9b5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\\\xb0:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85l\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~7\x16\x02\x00(v\xe6`\"6\xfcgC\xb5\xf0\x13.zj\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1exQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{\'\x8b\xdf\xa1.E\b1\xcb\xa2\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x82\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af\v\xbcv\x83\xf3j\xaf\xd0F\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x0)
write$binfmt_misc(r1, &(0x7f0000000180)="e502", 0x2)
execveat(r1, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

51.681589317s ago: executing program 2 (id=345):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
open(&(0x7f00000001c0)='./file0\x00', 0x80ff, 0x29c)
r1 = open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
fcntl$setlease(r1, 0x400, 0x1)
openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x1300, 0x1d)
fcntl$setlease(r1, 0x400, 0x300000000000000)

51.367844882s ago: executing program 2 (id=348):
r0 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
close(r0)
write$P9_RLOPEN(r0, &(0x7f0000000100)={0x18, 0xd, 0x1, {{0x90, 0x1}, 0x3ff}}, 0x18)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000ab4000000060a01040000000000000000020000280900010073797a30000000000900020073797a320000000088000480100001800c000100636f756e7465720014000180090001006d6173710000000004000280600001800a0001006c696d6974000000500002800c000140000000000000000808000440000000010c00014000000000000080010c00024000000000000000090800034000000fba0c00024000000000000000000c000140000000000000000714000000110001"], 0xdc}}, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r6 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r5, &(0x7f0000000280)={@val={0x1700, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x3d}, @mpls={[], @ipv4=@tcp={{0x6, 0x4, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffffff, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x2, 0xb, 0x0, 0x700, 0x0, 0x1c, {[@window={0xa, 0x3}, @timestamp={0x5, 0x2, 0x0, 0x88000}, @generic={0x0, 0x2, "d58838000391"}]}}}}}}, 0x4e)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000540), r7)
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000040)={0x0, r5}, 0x8)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r9, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000240)='kfree\x00', r10, 0x0, 0x4ab}, 0x18)
sendmsg$IEEE802154_ADD_IFACE(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="01000000ecffffffffff2000000005002000000000000c001f0070687930"], 0x28}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000400)={'team0\x00', <r11=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=@newlink={0x44, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x4, 0x0, 0x311}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_LINK={0x8, 0x1, r11}]}}}, @IFLA_MASTER={0x8, 0xa, r11}]}, 0x44}, 0x1, 0x0, 0x0, 0x4}, 0x8044)
r12 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r12, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000540)=ANY=[@ANYBLOB="3c0100001a00010000000000000000007f0000010000000000000000000000000000000000000000000000e5ff00000000000000000000060000000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe800000000000000000000000000000000004d4330000002001000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000a00000300000000000000004c001400636d61632861657329"], 0x13c}}, 0x0)

50.77170458s ago: executing program 2 (id=359):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000000)={[{@discard}, {@data_err_ignore}]}, 0xfe, 0x55b, &(0x7f0000000980)="$eJzs3c9vFFUcAPDvbFt+FaUkhKgH04SDGGRLW39g4gGPRokkesdNOzSkW5Z0t4RWEuEgFy+GmBgjifEP8O6R+A/4V5AoCTGk0YOXNbOdhaXdH6UsdGU/n2TgvXmzvHkz8328t283G8DQmsz+KES8GhHfJhGHWspGIy+c3Dhu/cG1uWxLol7/7K8kknxf8/gk/3s8z7wSEb99HXGisLXe6uraYqlcTpfz/FRt6fJUdXXt5MWl0kK6kF6amZ09/c7szPvvvbv1xXt31tY3z/3zw6d3Pjr9zbH173+5d/hWEmfiYF7W2o6ncL01MxmT+TUZizObDpzuQ2WDJNntE2BHRvI4H4usDzgUI3nUAy++ryKiDgypRPzDkGqOA5pz+67z4PqLN8u7/+HGBGhr+5ON90ZiX2NudGA9eWxmlF2JiT7Un9Xx65+3b2Vb9O99CICert+IiFOjo4/1fy9HS/+3c6e2cczmOvR/8PzcycY/b+1tM/4pPBz/RJvxz3ib2N2J3vFfuNeHajrKxn8ftB3/Ply0mhjJcy81xnxjyYWL5TTr27Ju8niM7c3y3dZzTq/frXcqax3/ZVtWf3MsmJ/HvdFN613zpVrpadrc6v6NiNd6jH+TNvc/ux7ntlnH0fT2653Kerf/2ar/HPFG2/v/aK6TdF+fnGo8D1PNp2Krv28e/b1T/bvd/uz+H+je/omkdb22+uR1/LTv37RT2WSSL5o+4fO/J/m8kd6T77taqtWWpyP2JJ9s3T/z6LXNfPP4rP3Hj7WP/27P//6I+GKb7b955GbHQwfh/s8/0f3vkKgnHYvufvzlj53q317/93YjdTzfs53+r8uZPpZ4mmsHAAAAAAAAg6YQEQcjKRQfpguFYnHj8x1H4kChXKnWTlyorFyaj8Z3ZSdirNBc6R5v+TzEdP552GZ+ZlN+NiIOR8R3I/sb+eJcpTy/240HAAAAAAAAAAAAAAAAAACAATHe4fv/mT9GdvvsgGfOT37D8OoZ//34pSdgIPn/H4aX+IfhJf5heIl/GF7iH4aX+IfhJf5heIl/AAAAAAAAAAAAAAAAAAAAAAAAAAAA6KtzZ89mW339wbW5LD9/ZXVlsXLl5HxaXSwurcwV5yrLl4sLlcpCOS3OVZZ6/XvlSuXy9EysXJ2qpUltqrq6dn6psnKpdv7iUmkhPZ+OPZdWAQAAAAAAAAAAAAAAAAAAwP9LdXVtsVQup8sSEjtKjA7GaUj0ObHbPRMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPPJfAAAA//9j0zaD")
mount$bind(&(0x7f0000000c40)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2901090, 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
mount(0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuset.effective_mems\x00', 0x275a, 0x0)

50.567622734s ago: executing program 2 (id=362):
r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x2, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1, <r2=>0xffffffffffffffff}, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000200)=0x7ffffffc)
close(r0)

50.038809571s ago: executing program 2 (id=367):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
pipe2(&(0x7f0000000000)={<r1=>0x0, 0x0}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x11, 0x4, 0x4, 0xbf22, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = socket(0x2c, 0x3, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000340)={r2, &(0x7f0000000140), &(0x7f0000000080)=@udp=r3}, 0x20)
dup3(r1, r3, 0x0)

49.973118242s ago: executing program 32 (id=367):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
pipe2(&(0x7f0000000000)={<r1=>0x0, 0x0}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x11, 0x4, 0x4, 0xbf22, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = socket(0x2c, 0x3, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000340)={r2, &(0x7f0000000140), &(0x7f0000000080)=@udp=r3}, 0x20)
dup3(r1, r3, 0x0)

20.123947143s ago: executing program 0 (id=778):
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000008000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='fdb_delete\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000cc0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000200)='fdb_delete\x00', r2}, 0x18)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r3, 0x8924, &(0x7f0000000000)={'bridge_slave_0\x00', @random="010000201000"})

20.086442083s ago: executing program 0 (id=779):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$kcm(0x29, 0x2, 0x0)
sendmmsg$inet(r1, &(0x7f0000001880)=[{{0x0, 0x4, &(0x7f00000010c0)=[{&(0x7f00000000c0)="c8", 0x1}], 0x1, 0x0, 0x0, 0x60ff}}, {{0x0, 0x0, &(0x7f0000001800)=[{&(0x7f0000001280)=',', 0x1}], 0x11}}], 0x2, 0x0)

19.986843725s ago: executing program 0 (id=782):
r0 = socket$inet6(0xa, 0x2, 0x0)
sendmmsg$inet(r0, &(0x7f0000004c40)=[{{&(0x7f0000000440)={0x2, 0x4e22, @multicast2}, 0x10, 0x0, 0x0, &(0x7f0000000980)=[@ip_retopts={{0x10}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @empty}}}], 0x30}}], 0x1, 0x0)

19.814474547s ago: executing program 0 (id=787):
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f00000000c0)={[{@errors_remount}, {@init_itable_val={'init_itable', 0x3d, 0x4}}, {@mblk_io_submit}, {@minixdf}, {@jqfmt_vfsv0}, {@usrjquota, 0x2e}], [], 0x2e}, 0x84, 0x450, &(0x7f0000000940)="$eJzs289vFFUcAPDvzLYgv2xF/MEPtYrGxh8tLagcvGg04WJiogc81lIIslBDayKESDUGj4a/QD2a+Bd40otRTxqvejcmxHARPZgxszsDS7tbd7tbtrCfTzLtezNv973vzLzdN/N2AhhYY/mfJGJ7RPwaESP17M0Fxur/rl29MPv31QuzSWTZG38mtXJ/Xb0wWxYtX7etyIynEenHSextUu/CufOnZqrVubNFfnLx9LuTC+fOP3vy9MyJuRNzZ6YPHz50cOqF56ef60mcO/K27vlgft/uI29dfm326OW3f/gqb+/2YntjHHWjXdc5FmM378sGT3T97hvLjoZ0MtTHhtCRSkTkh2u41v9HohI3Dt5IvPpRXxsHrKssy7LNK9ZWysRSBtzBkuh3C4D+KL/o8+vfcrmFw4++u/JS/QIoj/tasdS3DEValBledn3bS2MRcXTpn8/yJZrehwAA6K1v8vHPM83Gf2nc31Du7mJuaDQi7omInRFxb0Tsioj7ImplH4iIBzusf2xZfuX45+ctawqsTfn478Vibuvm8V85+ovRSpHbUYt/ODl+sjp3oNgn4zG8Oc9PrVLHt6/88mmrbY3jv3zJ6y/HgkU7/hhadoPu2MziTDcxN7ryYcSeoWbxJ9fnrvL/uyNizxreP99nJ5/6cl+r7f8f/yp6MM+UfRHxZP34L8Wy+EvJ6vOTk3dFde7AZHlWrPTjT5deb1V/V/H3QH78tzY9/6/HP5o0ztcudF7Hpd8+aXlNs9bzf1PyZi29qVj3/szi4tmpiE3J0sr10zdeW+bL8nn84/ub9/+dEf9+Xrxub0TkJ/FDEfFwRDxStP3RiHgsIvavEv/3Lz/+ztrjX195/Mc6Ov6dJyqnvvu6Vf3tHf9DtdR4saadz792G9jNvgMAAIDbRVr7DXySTlxPp+nERP03/Ltia1qdX1h8+vj8e2eO1X8rPxrDaXmna6ThfuhUcW+4zE8vyx+s3TfOsizbUstPzM5X12tOHWjPthb9P/d7pd+tA9ZdR/NorZ5oA25LnteEwaX/w+DS/2Fw6f8wuJr1/4sR1/rQFOAW8/0Pg0v/h8Gl/8Pg0v9hIHXzXP9qiZ1H1uud77REZWM0o+NEpBuiGWtLpBujGfXE5ohot/DFuFUN6/cnEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQG/8FwAA//8Hl+jb")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000880)='./file0/../file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1adc11, 0x0)
mount$bind(&(0x7f0000000240)='./file0\x00', &(0x7f00000003c0)='./file0/../file0\x00', 0x0, 0x1c43, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(&(0x7f0000000400)='./file0/file0\x00', &(0x7f0000000380)='./file0\x00', 0x0, 0x3125899, 0x0)
umount2(&(0x7f00000001c0)='./file0/../file0\x00', 0x3)

19.381766264s ago: executing program 0 (id=800):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000380), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000180)={0xe, 0x18, 0xfa00, @ib_path={&(0x7f0000000580)=[{0xc, 0x0, [0x6, 0x3, 0x5, 0x5, 0x2, 0xfffffffa, 0x2, 0x0, 0x200, 0x7, 0x8001, 0x9, 0xbe, 0x1, 0x2b8]}, {0x2b, 0x0, [0x1, 0x1, 0x9, 0x4, 0x22e, 0xfffffffb, 0x0, 0x6, 0x10000000, 0xd278, 0x400, 0x55b98682, 0x2, 0xe3, 0x1f, 0x9]}], r1, 0x1, 0x1, 0x90}}, 0x20)

18.679597694s ago: executing program 0 (id=806):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=@base={0x9, 0x3, 0x8, 0x4, 0x2, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f00000006c0)=ANY=[@ANYBLOB="180000000000000000000000e001000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000ff0300007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000540)='kfree\x00', r1}, 0x18)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TIOCMIWAIT(r2, 0x5453, 0x7cb7562f2d67)

18.636339775s ago: executing program 33 (id=806):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=@base={0x9, 0x3, 0x8, 0x4, 0x2, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f00000006c0)=ANY=[@ANYBLOB="180000000000000000000000e001000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000ff0300007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000540)='kfree\x00', r1}, 0x18)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TIOCMIWAIT(r2, 0x5453, 0x7cb7562f2d67)

16.963681789s ago: executing program 5 (id=840):
r0 = socket(0x10, 0x803, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x7}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@newtfilter={0x8c, 0x2c, 0xd27, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, r6, {0xb, 0xfff3}, {}, {0x7}}, [@filter_kind_options=@f_matchall={{0xd}, {0x58, 0x2, [@TCA_MATCHALL_ACT={0x54, 0x2, [@m_skbedit={0x50, 0x1, 0x0, 0x0, {{0xc}, {0x24, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x6fe2}, @TCA_SKBEDIT_PARMS={0x18, 0x2, {0xb380, 0x4, 0x0, 0xd87, 0x6}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x3}}}}]}]}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x10}, 0x0)

16.082648042s ago: executing program 5 (id=845):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd63"], 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b80)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="180000000200000000"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x1300, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

15.967763364s ago: executing program 5 (id=846):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605b"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='netlink_extack\x00', r0}, 0x10)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="28010000170001"], 0x128}}, 0x800)

15.884084015s ago: executing program 5 (id=847):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], 0x0, 0x100000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
syz_open_dev$tty20(0xc, 0x4, 0x1)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec8500000075000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
syz_emit_ethernet(0x3a, &(0x7f0000000240)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x6, 0x4, 0x0, 0x1, 0x2c, 0x0, 0x0, 0x0, 0x5, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @private=0xa010100, {[@generic={0x83, 0x2}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x0, 0x0, 0x0, 0xfffc}}}}}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mremap(&(0x7f000040b000/0x1000)=nil, 0x1000, 0x4000, 0x3, &(0x7f00004b3000/0x4000)=nil)

14.761894102s ago: executing program 4 (id=864):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x48, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r3, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x0, '\x00', 0x0, 0x2, 0x9, 0x9}}}}]}, 0x48}}, 0x44080)
sendmsg$nl_route_sched(r1, 0x0, 0x4000)
sendmmsg$inet(r0, &(0x7f0000006300)=[{{&(0x7f0000000040)={0x2, 0x4e23, @multicast1}, 0x10, 0x0, 0x0, &(0x7f00000004c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @loopback, @multicast1}}}], 0x20}}], 0x1, 0x0)

13.51954872s ago: executing program 4 (id=869):
pipe2$9p(&(0x7f0000001900), 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[], 0x48)
inotify_add_watch(0xffffffffffffffff, &(0x7f0000000380)='./file0\x00', 0x4)
openat$uhid(0xffffffffffffff9c, 0x0, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000180)={0x0, &(0x7f0000000040)})
r0 = dup(0xffffffffffffffff)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000001540)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020816c2500000000e12020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000006fd6850000002d000000850000002300000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0xa, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02030609100000000000004c9e0000000200130002000000da16c167d803f1f805000600200000000a00060000000000ff0000000000000000001ffeff0001000003f1dc7f7c6e7c0200010000000000004000020000000005000500000000000a"], 0x80}}, 0x0)
sendmmsg(r4, &(0x7f0000000180), 0x400008a, 0x0)

13.478325801s ago: executing program 3 (id=870):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10)
bind$bt_hci(r2, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6)
bind$bt_hci(r1, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x121602, 0x0)
fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000000080)='\'\x00', &(0x7f0000000200)='/dev/ttyS3\x00', 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f00000003c0)=0x1)

13.040376507s ago: executing program 3 (id=872):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x5, 0x7, 0x8, 0x5, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x800)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0xce56fe61a68fc369, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
syz_init_net_socket$x25(0x9, 0x5, 0x0)

13.039516577s ago: executing program 1 (id=873):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x8, &(0x7f0000000080)={[{@sb={'sb', 0x3d, 0x1}}, {@nodioread_nolock}]}, 0x4, 0x523, &(0x7f00000018c0)="$eJzs3cFvG1kZAPBvnLhJs+mmC3sABGxZFgqq6iTubrTqhfYCQlUlRMWJQxsSN4pi11Hsiib0kB65V6ISJ+A/4MYBqScO3LjBjUs5IBWoQA0SB6MZT1I3sZNAnbiJfz9pMvPeTP29F/e953mR5wUwtC5ExGZEnImIOxExlecn+RbX2lt63csXDxe2XjxcSKLVuvX3JDuf5kXHv0m9k7/meER8/zsRP0r2xm2sb6zMV6uVtTw93aytTjfWNy4vF/Kc8tzs3MynVz4p962uH9R+/fzbyzd+8NvffOnZHza/+ZO0WJM/PZed66xHP7WrXozJjrzRiLhxFMEGZDT//8PJk7a2z0TEh1n7n4qR7N0EAE6zVmsqWlOdaQDgtEvv/ycjKZTyuYDJKBRKpfYc3vsxUajWG81LU/X79xYjm8M6H8XC3eVqZSafKzwfxSRNz2bHr9Ll19KPK1ci4r2IeDx2NjtfWqhXFwf5wQcAhtg7u8b/f421x/9OxUEVDgA4OuODLgAAcOyM/wAwfIz/ADB8/ofx37cDAeCUcP8PAMPH+A8Aw+fA8f/R8ZQDADgW37t5M91aW+3nX28/qfvyYqWxUqrdXygt1NdWS0v1+lK1UlpotQ56vWq9vjr78U6ysb5xu1a/f695e7k2v1S5XfEsAQAYvPc+ePqndNDfvHo226JjLQdjNZxuhUEXABiYkUEXABgY3+eB4XWIe3zTAHDKdVmity2fIEh6XfDE4q9wUl38vPl/GFZvMv9v7gBOtv9v/v9bfS8HcPyM4TC8Wq3Emv8AMGTM8QM9//6f6/mIkCf9LwsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcFJPZlhRK2Vrgm+nPQqkUcS4izkcxubtcrcxExLsR8cex4lianh10oQGAN1T4a5Kv/3Vx6qPJ3WfPJP8ey/YR8eOf3/rZg/lmc202zf/HTn7zSZp/trlWPjOICgAAna7tzcrG73K+77iRf/ni4cL2dpxFfH69vbhoGncr39pnRmM0249HMSIm/pnk6bb088pIH+JvPoqIz23XfzwedESYzOZA2iuf7o6fxj7X9/idv//d8Quv1beQnUv3xex38dnYVTjgQE+vt/vJvO2lTTxvf4W4kO27t//xrId6c2n/lzbXrT39X2Gn/xvZEz/J2vyFnfT+JXn+8e++uyezNdU+9yjiC6Pd4ic78ZPu/W/xo0PW8c9f/PKHvc61fhFxsWv9t1ekrmXd7HSztjrdWN+4vFybX6osVe6Vy3OzczOfXvmkPJ3NUbd//r5bjL9dvfRur/hp/Sd6xB/fv/7xtUPW/5f/ufPDr+wT/xtf7f7+v79P/HRM/Poh489PXOu5fHcaf7FH/Q94/+PSIeM/+8vG4iEvBQCOQWN9Y2W+Wq2sHXCQftY86BoHhz9I7+3fgmJkB7EZ0a8XzCYlIqLrNekn6rejykd1kAws+q/6/YKD7pmAo/aq0Q+6JAAAAAAAAAAAAAAAQC+N9Y2Vse7f1urbwaDrCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwOn13wAAAP//KHnENg==")
r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x181842, 0x4f)
ioctl$EXT4_IOC_GETSTATE(r0, 0x40046629, &(0x7f0000000100))

12.631504193s ago: executing program 1 (id=874):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000008c0)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9feb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000900)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1, 0x0, 0x200000000000000}, 0x18)
r2 = add_key$fscrypt_v1(&(0x7f0000000600), &(0x7f0000000280)={'fscrypt:', @desc2}, &(0x7f0000000740)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300", 0x1c}, 0x48, 0xffffffffffffffff)
keyctl$KEYCTL_MOVE(0x4, r2, 0x0, 0x0, 0x0)

12.494440965s ago: executing program 1 (id=875):
r0 = msgget$private(0x0, 0x8)
msgctl$MSG_STAT(r0, 0xb, &(0x7f0000000940)=""/190)

12.419103346s ago: executing program 1 (id=876):
r0 = socket$inet(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
close(r1)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f0000000140)={0x2, 0x0, @local}, 0x10)
sendmmsg$inet(r2, &(0x7f0000000500)=[{{&(0x7f0000000080)={0x2, 0x4e20, @multicast1}, 0x10, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='p'], 0x70}}], 0x1, 0x2000c044)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r2)
readv(r0, &(0x7f0000000480)=[{&(0x7f0000000940)=""/4096, 0x7151}], 0x1)

12.076433362s ago: executing program 4 (id=877):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
fsetxattr$trusted_overlay_redirect(r2, &(0x7f0000000040), 0x0, 0x0, 0x0)

11.966074813s ago: executing program 4 (id=878):
r0 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bond0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xb8af, @void, @value}, 0xa5)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000600)='kfree\x00', r3}, 0x18)
sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000000c0)=@newqdisc={0xa4, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, r1, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x74, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], 0x0, [0x5, 0x4, 0x2, 0x0, 0x8, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [0x0, 0x8, 0x0, 0x0, 0x2]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x400}]}]}, @TCA_TAPRIO_ATTR_SCHED_CLOCKID={0x8, 0x5, 0x7}]}}]}, 0xa4}, 0x1, 0x0, 0x0, 0x20000040}, 0x0)

11.659115618s ago: executing program 5 (id=879):
mbind(&(0x7f00005b8000/0x4000)=nil, 0x4000, 0x2, &(0x7f0000000000)=0x1, 0x8, 0x3)

11.658589808s ago: executing program 4 (id=880):
socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000840)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0xd, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x2029c1b, 0x0, 0x1, 0x0, &(0x7f00000007c0))
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x18)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/59, 0x304000, 0x800, 0x0, 0x3}, 0x20)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
syz_clone(0x2c9a4080, 0x0, 0x500, 0x0, 0x0, 0xffffffffffffffff)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
r3 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_FLUSH(r3, 0x29, 0xd1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = dup(r5)
setsockopt$IPT_SO_SET_REPLACE(r6, 0x4000000000000, 0x40, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0xc1d, &(0x7f0000000280)={[{@fat=@showexec}, {@uni_xlate}, {@numtail}, {@rodir}, {@utf8}, {@numtail}, {@uni_xlate}, {@fat=@uid}, {@uni_xlateno}, {@utf8}, {@uni_xlateno}, {@shortname_winnt}, {@fat=@time_offset={'time_offset', 0x3d, 0x54e}}, {@numtail}, {@fat=@dos1xfloppy}, {@utf8no}]}, 0xf5, 0x2e5, &(0x7f0000000540)="$eJzs3U1rE0Ecx/F/kqZJWmt6EBFRGCqIIl2agDcPFmlBDChtI1hB2NqthmyTkg2FiNgeBK+ePfTgUQQRvHkR8dqLr8CnWy+9WbC4stndNE3WNa32yX4/h3a6M7+dyc6kD9N2s3Lp6WxxxtJ+2HVx8fRLVGJeeVHOf1j6fHr8/RH3Y6VGhycyWaWiInL74cuBd9Xem2+Ovk3Icv+dldXst+VTEyI/J+5LVBUsVbJtpaupcrkaccLTBauoKXXDNHTLUIWSZVSqXr0+ZRpqxizPzdWUXpru65mrGJal9FJNFY2aqpZVtVJT+j29UFKapqm+HkF9snzRtrpIWDD/Ys22ZdWZ+cSi2LYd0HrRL/hrI/F3g8V+0jL/oW3bFkdsJ0eG3bBmd3U8//j/uM//L8+Y/8Np/NbkteFcbmRMqaTI7JP5/Hzefe/Wf+qVgphiyNLYhcl1EbtBIs7b0au5kSFV1y9nZxe8/MJ83v3iMDzj5TOSdr5PacqLn8+4ebU5H5ee5nxW0nIsOJ/18xJtynfLuTNNeU3S8vGulMWUaXGyG/lHGaWuXM+19J+qtwMAAAAAAAAA4CDSVMPG/n2k8avelKYl6n/x0ahPOYeddm6Dxv76kKRlPXh/fihwf79LTnbt4QMHAAAAAOAQsWoPirppGpWdKcSep0K6iIuIUxB5POAMJvSEx70Rd9Z7t4i0V8XCu9hUSF10+3s15g1MdvJC/aOC/88aRd187VelJKhxdEsLYLA78Mond/UBSieNJbm9hZ3oeGm1FiLr/pETgW3syJ/PY+tm3D0iGzMYmrq8pafDbwvJ1gs1+NU9rxnySeN7Y4sPAAAAwAHS9IMTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYI9u6eZh/3/7NVeK9RHz7LdlaXyee+/4DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2Id+BQAA//+FlLca")
socket$unix(0x1, 0x1, 0x0)

11.356323112s ago: executing program 5 (id=881):
accept$unix(0xffffffffffffffff, &(0x7f0000000200)=@abs, &(0x7f0000000040)=0x6e)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000440), &(0x7f0000000480)=0xc)
pipe2(&(0x7f0000001cc0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x800)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000040)={0x0, 0x0, <r4=>0x0}, &(0x7f0000cab000)=0xc)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000640)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',dfltgid=', @ANYRESHEX=r4, @ANYBLOB="2c84d7f184a1816e097ae85cbeb3bbafc5fd4c6b7172b9fc765ae6dea2629d7f7256a40dbdc57605b7944560d626217a6598c53ab5074c0ff97f6b20b5a4cc47cb9a5fe1d6d757bf64c3254753bf5eb83fae88c62c57be63f0db0aa2915032a216e89ad649ce29000100d41e7a3c2a5e1b7bfb"])
openat$rfkill(0xffffffffffffff9c, &(0x7f00000004c0), 0xe0100, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000500)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1}}, './mnt\x00'})
syz_socket_connect_nvme_tcp()
r5 = socket$inet6(0xa, 0x1, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r5, 0x89f1, &(0x7f00000004c0)={'ip6_vti0\x00', &(0x7f0000000740)={'syztnl1\x00', 0x0, 0x29, 0x0, 0x3, 0x0, 0x4f, @private1={0xfc, 0x1, '\x00', 0x1}, @local, 0x10, 0x7, 0x2, 0x8}})
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r6}, &(0x7f0000000000), &(0x7f0000000040)=r7}, 0x20)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r5, 0x89f2, &(0x7f0000000600)={'syztnl1\x00', 0x0})
openat$dir(0xffffffffffffff9c, &(0x7f0000000540)='./mnt\x00', 0x84b00, 0x14e)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000580), 0x4)
r8 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000340)='kmem_cache_free\x00'}, 0x18)
openat$cgroup_netprio_ifpriomap(0xffffffffffffffff, &(0x7f0000000600), 0x2, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000240), &(0x7f0000000280)=0xc)

11.355875112s ago: executing program 1 (id=882):
r0 = socket$rds(0x15, 0x5, 0x0)
recvmmsg(r0, &(0x7f0000002180)=[{{0x0, 0x0, 0x0}, 0x9}], 0x1, 0x2000, 0x0)

11.355539532s ago: executing program 1 (id=883):
r0 = socket(0x10, 0x803, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x7}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@newtfilter={0x8c, 0x2c, 0xd27, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0xb, 0xfff3}, {}, {0x7}}, [@filter_kind_options=@f_matchall={{0xd}, {0x58, 0x2, [@TCA_MATCHALL_ACT={0x54, 0x2, [@m_skbedit={0x50, 0x1, 0x0, 0x0, {{0xc}, {0x24, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x6fe2}, @TCA_SKBEDIT_PARMS={0x18, 0x2, {0xb380, 0x4, 0x0, 0xd87, 0x6}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x3}}}}]}]}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x10}, 0x0)

8.414113455s ago: executing program 3 (id=884):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000080000000100000000000000", @ANYRES32, @ANYRES32=0x0], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18)

8.413745275s ago: executing program 4 (id=885):
r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x80082, 0x0)
write$vga_arbiter(r0, &(0x7f00000007c0)=ANY=[@ANYBLOB='target PCI:0:7'], 0x13)

8.413421646s ago: executing program 3 (id=886):
r0 = bpf$OBJ_GET_PROG(0x7, &(0x7f00000001c0)=@o_path={&(0x7f0000000080)='./file0\x00', 0x0, 0x2010}, 0x18)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x8, &(0x7f0000000a40)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000040), 0x8, 0x10, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r1}, 0x18)
r2 = socket(0x2, 0x2, 0x0)
setsockopt$inet_int(r2, 0x0, 0xb, &(0x7f00000000c0)=0x1002, 0x4)
sendto$inet(r2, 0x0, 0xffe5, 0x0, &(0x7f0000000000)={0x2, 0x4e20}, 0x10)
r3 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet(r3, 0x0, 0x0, 0x24040800)
r4 = syz_io_uring_setup(0x72ae, &(0x7f0000000280)={0x0, 0x0, 0x10100, 0x0, 0x36}, &(0x7f0000000500), &(0x7f0000000000)=<r5=>0x0)
syz_io_uring_setup(0x2287, &(0x7f0000000200)={0x0, 0x6e79, 0x400, 0x1, 0x1}, &(0x7f0000000080)=<r6=>0x0, &(0x7f0000001540))
syz_io_uring_submit(r6, r5, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54})
io_uring_enter(r4, 0x184c, 0x0, 0x0, 0x0, 0x0)

532.49µs ago: executing program 3 (id=887):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000027b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000e00)='kfree\x00', r1, 0x0, 0x4ab}, 0x18)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000200)=ANY=[@ANYBLOB="140100002800010004000000fcdbdf2503"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x40)

0s ago: executing program 3 (id=888):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1, 0x0, 0x2}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000440)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000000)={'netdevsim0\x00', &(0x7f00000000c0)=@ethtool_gfeatures={0x33}})

0s ago: executing program 4 (id=890):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x530, 0x348, 0x18c, 0x203, 0x348, 0x19030000, 0x460, 0x2e0, 0x2e0, 0x460, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0x300, 0x348, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x80}, {}, {}, {}, {}, {}, {0x0, 0x80}, {0x16}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x8}]}}, @common=@hl={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}, {{@uncond, 0x0, 0xd0, 0x118, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x590)

kernel console output (not intermixed with test programs):

 (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   46.825740][ T4035] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.828548][ T4035] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   46.834150][ T4035] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.838866][ T4035] batman_adv: batadv0: Interface activated: batadv_slave_0
[   46.845076][ T1617] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   46.848000][ T1617] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   46.854395][ T4026] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   46.856936][ T4026] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   46.859807][ T4026] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   46.865561][ T4026] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   46.884889][ T4035] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   46.887892][ T4035] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.896781][ T4035] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   46.899775][ T4035] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.904896][ T4035] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   46.907829][ T4035] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.912444][ T4035] batman_adv: batadv0: Interface activated: batadv_slave_1
[   46.918582][ T1617] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   46.922045][ T1617] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   46.928523][ T4025] device veth1_vlan entered promiscuous mode
[   46.976505][   T26] audit: type=1326 audit(46.910:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4102 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ea7a768 code=0x7ffc0000
[   46.980948][ T4035] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   46.984939][ T4035] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   46.994985][   T26] audit: type=1326 audit(46.920:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4102 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff9ea7a768 code=0x7ffc0000
[   47.011412][   T26] audit: type=1326 audit(46.920:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4102 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ea7a768 code=0x7ffc0000
[   47.020015][ T4035] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   47.030541][ T4035] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   47.033418][   T26] audit: type=1326 audit(46.940:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4102 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff9ea7a768 code=0x7ffc0000
[   47.040087][   T26] audit: type=1326 audit(46.940:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4102 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ea7a768 code=0x7ffc0000
[   47.066014][   T26] audit: type=1326 audit(46.940:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4102 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff9ea7a768 code=0x7ffc0000
[   47.081635][   T26] audit: type=1326 audit(46.940:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4102 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ea7a768 code=0x7ffc0000
[   47.131521][   T26] audit: type=1326 audit(46.940:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4102 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=430 compat=0 ip=0xffff9ea7a768 code=0x7ffc0000
[   47.142791][   T26] audit: type=1326 audit(46.940:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4102 comm="syz.2.3" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ea7a768 code=0x7ffc0000
[   47.168793][ T4111] loop0: detected capacity change from 0 to 512
[   47.188448][ T1617] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   47.191757][ T1617] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   47.200371][ T1617] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   47.205492][ T1617] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   47.212756][ T4025] device veth0_macvtap entered promiscuous mode
[   47.218248][ T4025] device veth1_macvtap entered promiscuous mode
[   47.223473][ T4111] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   47.237096][  T153] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   47.239627][  T153] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   47.273220][ T4111] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2
[   47.276916][ T4111] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz.0.7: invalid indirect mapped block 2683928664 (level 1)
[   47.291175][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   47.292529][ T4111] EXT4-fs (loop0): Remounting filesystem read-only
[   47.294138][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   47.295881][ T4111] EXT4-fs (loop0): 1 truncate cleaned up
[   47.300921][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   47.309040][ T4111] EXT4-fs (loop0): mounted filesystem without journal. Opts: noblock_validity,dioread_nolock,errors=remount-ro,minixdf,jqfmt=vfsv0,usrjquota=.". Quota mode: writeback.
[   47.345191][ T4025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   47.365417][ T4025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.368133][ T4025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   47.371923][ T4025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.374852][ T4025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   47.377632][ T4025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.378804][ T4111] EXT4-fs error (device loop0): htree_dirblock_to_tree:1112: inode #2: block 13: comm syz.0.7: bad entry in directory: rec_len % 4 != 0 - offset=108, inode=4294901777, rec_len=65535, size=1024 fake=0
[   47.380343][ T4025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   47.380388][ T4025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.382635][ T4025] batman_adv: batadv0: Interface activated: batadv_slave_0
[   47.406332][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   47.407305][ T4025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   47.409847][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   47.411918][ T4025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.416946][ T4025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   47.419814][ T4025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.425035][ T4025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   47.426585][ T4111] EXT4-fs (loop0): Remounting filesystem read-only
[   47.428356][ T4025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.433859][ T4025] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   47.436738][ T4025] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.442220][ T4025] batman_adv: batadv0: Interface activated: batadv_slave_1
[   47.450266][ T1617] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   47.453361][ T1617] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   47.456310][ T1617] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   47.474998][ T1617] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   47.485069][ T1617] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   47.499355][   T26] audit: type=1326 audit(47.430:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4118 comm="syz.2.10" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ea7a768 code=0x7ffc0000
[   47.571697][ T4025] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   47.587829][ T4025] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   47.590269][ T4025] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   47.599666][ T4025] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   47.618058][ T1617] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   47.620388][ T1617] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   47.673294][  T153] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   47.741243][ T1617] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   47.743713][ T1617] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   47.765956][  T153] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   47.879948][    T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   47.886972][    T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.072500][ T1617] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   48.078835][  T153] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.093602][  T153] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.910242][   T25] Bluetooth: hci1: command 0x040f tx timeout
[   48.918626][   T25] Bluetooth: hci0: command 0x040f tx timeout
[   48.921326][   T25] Bluetooth: hci2: command 0x040f tx timeout
[   48.929983][   T25] Bluetooth: hci4: command 0x040f tx timeout
[   49.704260][ T4154] xt_connbytes: Forcing CT accounting to be enabled
[   49.706999][ T4154] Cannot find set identified by id 0 to match
[   49.799081][   T25] Bluetooth: hci3: command 0x040f tx timeout
[   49.811158][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   49.814810][ T4151] lo speed is unknown, defaulting to 1000
[   49.816617][ T4151] lo speed is unknown, defaulting to 1000
[   49.819373][ T4151] lo speed is unknown, defaulting to 1000
[   49.825112][ T4151] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   49.830336][ T4151] infiniband s�z0: RDMA CMA: cma_listen_on_dev, error -98
[   49.844312][ T4151] lo speed is unknown, defaulting to 1000
[   49.878790][ T4151] lo speed is unknown, defaulting to 1000
[   49.882571][ T4151] lo speed is unknown, defaulting to 1000
[   49.885036][ T4151] lo speed is unknown, defaulting to 1000
[   49.937204][ T4151] lo speed is unknown, defaulting to 1000
[   49.939605][ T4151] lo speed is unknown, defaulting to 1000
[   50.126715][ T4164] loop2: detected capacity change from 0 to 256
[   50.171601][ T4164] =======================================================
[   50.171601][ T4164] WARNING: The mand mount option has been deprecated and
[   50.171601][ T4164]          and is ignored by this kernel. Remove the mand
[   50.171601][ T4164]          option from the mount to silence this warning.
[   50.171601][ T4164] =======================================================
[   50.196367][   T13] hid-generic 0000:0004:0000.0001: unknown main item tag 0x0
[   50.198679][   T13] hid-generic 0000:0004:0000.0001: unknown main item tag 0x0
[   50.206305][   T13] hid-generic 0000:0004:0000.0001: unknown main item tag 0x0
[   50.214463][   T13] hid-generic 0000:0004:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   50.233637][ T4172] loop0: detected capacity change from 0 to 512
[   50.257474][ T4164] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000001)
[   50.259929][ T4164] FAT-fs (loop2): Filesystem has been set read-only
[   50.342315][ T4172] EXT4-fs (loop0): Ignoring removed nobh option
[   50.344132][ T4172] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   50.456143][ T4172] EXT4-fs error (device loop0): ext4_do_update_inode:5203: inode #3: comm syz.0.22: corrupted inode contents
[   50.479181][ T4172] EXT4-fs error (device loop0): ext4_dirty_inode:6039: inode #3: comm syz.0.22: mark_inode_dirty error
[   50.487062][ T4172] EXT4-fs error (device loop0): ext4_do_update_inode:5203: inode #3: comm syz.0.22: corrupted inode contents
[   50.497720][ T4172] EXT4-fs error (device loop0): __ext4_ext_dirty:183: inode #3: comm syz.0.22: mark_inode_dirty error
[   50.510390][ T4172] EXT4-fs error (device loop0): ext4_acquire_dquot:6204: comm syz.0.22: Failed to acquire dquot type 0
[   50.523719][ T4172] EXT4-fs error (device loop0): ext4_do_update_inode:5203: inode #16: comm syz.0.22: corrupted inode contents
[   50.535162][ T4172] EXT4-fs error (device loop0): ext4_dirty_inode:6039: inode #16: comm syz.0.22: mark_inode_dirty error
[   50.562736][ T4172] EXT4-fs error (device loop0): ext4_do_update_inode:5203: inode #16: comm syz.0.22: corrupted inode contents
[   50.586880][ T4172] EXT4-fs error (device loop0): __ext4_ext_dirty:183: inode #16: comm syz.0.22: mark_inode_dirty error
[   50.599159][ T4172] EXT4-fs error (device loop0): ext4_do_update_inode:5203: inode #16: comm syz.0.22: corrupted inode contents
[   50.613124][ T4172] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem
[   50.623877][ T4172] EXT4-fs error (device loop0): ext4_do_update_inode:5203: inode #16: comm syz.0.22: corrupted inode contents
[   50.664184][ T4172] EXT4-fs error (device loop0): ext4_truncate:4273: inode #16: comm syz.0.22: mark_inode_dirty error
[   50.671543][ T4172] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem
[   50.689946][ T4172] EXT4-fs (loop0): 1 truncate cleaned up
[   50.723470][ T4172] EXT4-fs (loop0): mounted filesystem without journal. Opts: journal_dev=0x000000000002d353,nobh,,errors=continue. Quota mode: writeback.
[   50.941423][ T4124] Bluetooth: hci2: command 0x0419 tx timeout
[   50.943865][ T4124] Bluetooth: hci0: command 0x0419 tx timeout
[   50.945652][ T4124] Bluetooth: hci1: command 0x0419 tx timeout
[   50.991726][ T4212] lo speed is unknown, defaulting to 1000
[   51.161199][ T4206] fido_id[4206]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   51.195763][ T4227] loop4: detected capacity change from 0 to 512
[   51.215851][ T4227] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   51.279287][ T4227] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2825: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   51.315029][ T4227] EXT4-fs (loop4): 1 truncate cleaned up
[   51.330731][ T4227] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=remount-ro,resuid=0x0000000000000000,debug_want_extra_isize=0x0000000000000068,resgid=0x0000000000000000,mb_optimize_scan=0x0000000000000001,quota,. Quota mode: writeback.
[   51.507113][ T4234] xt_hashlimit: max too large, truncated to 1048576
[   51.821895][ T4124] Bluetooth: hci3: command 0x0419 tx timeout
[   51.823723][ T4124] Bluetooth: hci4: command 0x0419 tx timeout
[   51.979707][ T4245] loop0: detected capacity change from 0 to 1024
[   52.011068][ T4243] lo speed is unknown, defaulting to 1000
[   52.079770][ T4245] EXT4-fs (loop0): mounted filesystem without journal. Opts: dioread_lock,noquota,nouid32,grpquota,,errors=continue. Quota mode: writeback.
[   52.378343][ T4253] netlink: 'syz.4.53': attribute type 6 has an invalid length.
[   52.497308][ T4257] device ip6tnl1 entered promiscuous mode
[   52.515242][ T4257] team0: Device ip6tnl1 is of different type
[   52.770086][   T26] kauditd_printk_skb: 95 callbacks suppressed
[   52.770099][   T26] audit: type=1326 audit(52.700:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4262 comm="syz.2.58" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ea7a768 code=0x7ffc0000
[   52.787240][   T26] audit: type=1326 audit(52.700:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4262 comm="syz.2.58" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ea7a768 code=0x7ffc0000
[   52.808703][   T26] audit: type=1326 audit(52.720:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4262 comm="syz.2.58" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=208 compat=0 ip=0xffff9ea7a768 code=0x7ffc0000
[   52.844817][   T26] audit: type=1326 audit(52.720:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4262 comm="syz.2.58" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ea7a768 code=0x7ffc0000
[   52.858777][ T4266] x_tables: ip_tables: socket match: used from hooks OUTPUT, but only valid from PREROUTING/INPUT
[   52.868957][   T26] audit: type=1326 audit(52.720:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4262 comm="syz.2.58" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ea7a768 code=0x7ffc0000
[   52.884470][ T4267] netlink: 40 bytes leftover after parsing attributes in process `syz.2.60'.
[   52.905176][   T26] audit: type=1326 audit(52.720:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4262 comm="syz.2.58" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=443 compat=0 ip=0xffff9ea7a768 code=0x7ffc0000
[   52.921831][ T4267] 9pnet: p9_errstr2errno: server reported unknown error �@���p��A���
��;
KZ�44�/@�q��k�p
[   52.921831][ T4267] �C<+���P5

[   52.935836][   T26] audit: type=1326 audit(52.720:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4262 comm="syz.2.58" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ea7a768 code=0x7ffc0000
[   52.968449][ T4269] loop0: detected capacity change from 0 to 1024
[   52.982791][   T26] audit: type=1326 audit(52.720:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4262 comm="syz.2.58" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ea7a768 code=0x7ffc0000
[   53.043081][ T4269] EXT4-fs error (device loop0): ext4_ext_check_inode:501: inode #2: comm syz.0.61: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[   53.072737][ T4269] EXT4-fs (loop0): get root inode failed
[   53.091802][ T4269] EXT4-fs (loop0): mount failed
[   53.223044][ T4275] loop4: detected capacity change from 0 to 128
[   53.371809][ T4275] attempt to access beyond end of device
[   53.371809][ T4275] loop4: rw=2049, want=132, limit=128
[   53.375373][ T4275] Buffer I/O error on dev loop4, logical block 131, lost async page write
[   53.377848][ T4275] attempt to access beyond end of device
[   53.377848][ T4275] loop4: rw=2049, want=133, limit=128
[   53.414740][ T4275] Buffer I/O error on dev loop4, logical block 132, lost async page write
[   53.417251][ T4275] attempt to access beyond end of device
[   53.417251][ T4275] loop4: rw=2049, want=134, limit=128
[   53.420288][ T4275] Buffer I/O error on dev loop4, logical block 133, lost async page write
[   53.456559][ T4275] attempt to access beyond end of device
[   53.456559][ T4275] loop4: rw=2049, want=135, limit=128
[   53.464162][ T4275] Buffer I/O error on dev loop4, logical block 134, lost async page write
[   53.466654][ T4275] attempt to access beyond end of device
[   53.466654][ T4275] loop4: rw=2049, want=136, limit=128
[   53.469566][ T4275] Buffer I/O error on dev loop4, logical block 135, lost async page write
[   53.499877][ T4275] attempt to access beyond end of device
[   53.499877][ T4275] loop4: rw=2049, want=137, limit=128
[   53.546981][ T4275] Buffer I/O error on dev loop4, logical block 136, lost async page write
[   53.552522][ T4292] loop1: detected capacity change from 0 to 512
[   53.555129][ T4275] attempt to access beyond end of device
[   53.555129][ T4275] loop4: rw=2049, want=218, limit=128
[   53.605669][ T4292] EXT4-fs (loop1): Unrecognized mount option "context=unconfined_u" or missing value
[   53.737173][ T4288] loop1: detected capacity change from 0 to 164
[   53.892901][ T4316] device syzkaller1 entered promiscuous mode
[   53.975365][ T4320] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.80'.
[   54.106896][ T4324] loop2: detected capacity change from 0 to 512
[   54.144738][ T4326] Zero length message leads to an empty skb
[   54.219595][ T4324] EXT4-fs (loop2): 1 orphan inode deleted
[   54.229073][ T4334] xt_hashlimit: max too large, truncated to 1048576
[   54.231610][ T4324] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   54.639634][ T4351] hid-generic 0000:0004:0000.0002: unknown main item tag 0x1
[   54.643176][ T4351] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0
[   54.646545][ T4351] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0
[   54.648745][ T4351] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0
[   54.651104][ T4351] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0
[   54.653267][ T4351] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0
[   54.655397][ T4351] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0
[   54.657744][ T4351] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0
[   54.659842][ T4351] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0
[   54.662379][ T4351] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0
[   54.664466][ T4351] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0
[   54.666556][ T4351] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0
[   54.668793][ T4351] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0
[   54.671163][ T4351] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0
[   54.673326][ T4351] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0
[   54.675393][ T4351] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0
[   54.688430][ T4351] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0
[   54.697704][ T4351] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0
[   54.709176][ T4351] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0
[   54.715172][ T4351] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0
[   54.719748][ T4351] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0
[   54.729930][ T4351] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0
[   54.733464][ T4351] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0
[   54.736728][ T4351] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0
[   54.739580][ T4351] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0
[   54.748765][ T4351] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0
[   54.751241][ T4351] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0
[   54.753511][ T4351] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0
[   54.755724][ T4351] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0
[   54.757919][ T4351] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0
[   54.773669][ T4351] hid-generic 0000:0004:0000.0002: hidraw0: <UNKNOWN> HID v0.02 Device [syz0] on syz1
[   54.962974][ T4361] fido_id[4361]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   55.010820][ T4370] netlink: 256 bytes leftover after parsing attributes in process `syz.0.101'.
[   55.278057][ T4381] loop1: detected capacity change from 0 to 512
[   55.367506][ T4381] netlink: 'syz.1.105': attribute type 4 has an invalid length.
[   55.473336][ T4384] netlink: 'syz.1.105': attribute type 4 has an invalid length.
[   55.820654][   T26] audit: type=1326 audit(55.750:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4395 comm="syz.2.112" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ea7a768 code=0x7ffc0000
[   55.837121][   T26] audit: type=1326 audit(55.770:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4395 comm="syz.2.112" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ea7a768 code=0x7ffc0000
[   56.137946][ T4404] netlink: 'syz.0.115': attribute type 30 has an invalid length.
[   56.207864][ T4411] netlink: 8 bytes leftover after parsing attributes in process `syz.3.118'.
[   56.332243][ T4413] lo speed is unknown, defaulting to 1000
[   56.547329][ T4426] loop0: detected capacity change from 0 to 512
[   56.626056][ T4426] EXT4-fs (loop0): Ignoring removed mblk_io_submit option
[   56.628576][ T4426] EXT4-fs (loop0): Unrecognized mount option "seclabel" or missing value
[   56.677559][ T4430] device bond1 entered promiscuous mode
[   56.690048][ T4430] 8021q: adding VLAN 0 to HW filter on device bond1
[   56.769476][ T4430] bond1 (unregistering): Released all slaves
[   56.772105][ T4439] netlink: '+}[@': attribute type 1 has an invalid length.
[   56.792394][ T4439] netlink: 224 bytes leftover after parsing attributes in process `+}[@'.
[   57.064254][ T4457] loop2: detected capacity change from 0 to 512
[   57.118184][ T4457] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   57.139659][ T4457] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec028, mo2=0002]
[   57.147986][ T4457] System zones: 1-12
[   57.151077][ T4457] EXT4-fs (loop2): 1 truncate cleaned up
[   57.152777][ T4457] EXT4-fs (loop2): mounted filesystem without journal. Opts: nogrpid,abort,debug,errors=remount-ro,nodiscard,quota,. Quota mode: writeback.
[   57.165045][ T4457] EXT4-fs warning (device loop2): ext4_group_extend:1823: can't shrink FS - resize aborted
[   57.342390][ T4465] vhci_hcd: invalid port number 224
[   57.592522][ T4478] loop1: detected capacity change from 0 to 256
[   58.707127][ T4496] loop2: detected capacity change from 0 to 1024
[   58.745405][ T4500] netlink: 'syz.1.157': attribute type 1 has an invalid length.
[   58.747798][ T4500] netlink: 224 bytes leftover after parsing attributes in process `syz.1.157'.
[   58.767648][ T4496] EXT4-fs (loop2): Quota format mount options ignored when QUOTA feature is enabled
[   58.791046][ T4496] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   58.794290][ T4496] EXT4-fs (loop2): orphan cleanup on readonly fs
[   58.796698][ T4496] EXT4-fs error (device loop2): ext4_free_blocks:6223: comm syz.2.155: Freeing blocks not in datazone - block = 0, count = 4096
[   58.811417][ T4496] EXT4-fs (loop2): Remounting filesystem read-only
[   58.813629][ T4496] EXT4-fs (loop2): 1 orphan inode deleted
[   58.816753][ T4496] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,barrier=0x0000000000000004,barrier=0x0000000000000009,init_itable=0x0000000000007ab4,jqfmt=vfsv0,. Quota mode: writeback.
[   58.861436][ T4496] EXT4-fs error (device loop2): ext4_search_dir:1549: inode #2: block 16: comm syz.2.155: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0
[   59.031405][ T4516] xt_hashlimit: max too large, truncated to 1048576
[   59.135066][   T26] kauditd_printk_skb: 41 callbacks suppressed
[   59.135083][   T26] audit: type=1326 audit(59.070:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4517 comm="syz.4.166" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9bc4e768 code=0x7ffc0000
[   59.159535][   T26] audit: type=1326 audit(59.080:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4517 comm="syz.4.166" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff9bc4e768 code=0x7ffc0000
[   59.171724][ T4519] loop3: detected capacity change from 0 to 1024
[   59.182345][   T26] audit: type=1326 audit(59.080:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4517 comm="syz.4.166" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9bc4e768 code=0x7ffc0000
[   59.209517][   T26] audit: type=1326 audit(59.080:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4517 comm="syz.4.166" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff9bc4e768 code=0x7ffc0000
[   59.218284][   T26] audit: type=1326 audit(59.080:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4517 comm="syz.4.166" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9bc4e768 code=0x7ffc0000
[   59.232038][   T26] audit: type=1326 audit(59.080:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4517 comm="syz.4.166" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=285 compat=0 ip=0xffff9bc4e768 code=0x7ffc0000
[   59.243846][ T4519] EXT4-fs (loop3): mounted filesystem without journal. Opts: dioread_lock,noblock_validity,lazytime,noblock_validity,,errors=continue. Quota mode: none.
[   59.244132][   T26] audit: type=1326 audit(59.080:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4517 comm="syz.4.166" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9bc4e768 code=0x7ffc0000
[   59.373873][  T136] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[   59.388572][ T4532] loop4: detected capacity change from 0 to 1024
[   59.397915][  T136] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 4 with error 28
[   59.402001][  T136] EXT4-fs (loop3): This should not happen!! Data will be lost
[   59.402001][  T136] 
[   59.405162][  T136] EXT4-fs (loop3): Total free blocks count 0
[   59.407047][  T136] EXT4-fs (loop3): Free/Dirty block details
[   59.409832][  T136] EXT4-fs (loop3): free_blocks=68451041280
[   59.419029][  T136] EXT4-fs (loop3): dirty_blocks=16
[   59.437312][  T136] EXT4-fs (loop3): Block reservation details
[   59.443955][ T4532] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   59.444987][  T136] EXT4-fs (loop3): i_reserved_data_blocks=1
[   59.501045][ T4532] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:3876: comm syz.4.170: Allocating blocks 385-513 which overlap fs metadata
[   59.565320][   T26] audit: type=1326 audit(59.500:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4538 comm="syz.2.174" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ea7a768 code=0x7ffc0000
[   59.595803][   T26] audit: type=1326 audit(59.500:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4538 comm="syz.2.174" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=159 compat=0 ip=0xffff9ea7a768 code=0x7ffc0000
[   59.624471][   T26] audit: type=1326 audit(59.500:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4538 comm="syz.2.174" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ea7a768 code=0x7ffc0000
[   59.639802][ T4540] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4)
[   59.641868][ T4540] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[   59.675005][ T4554] proc: Bad value for 'gid'
[   59.681211][ T4546] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7)
[   59.683108][ T4546] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[   59.688831][ T4531] EXT4-fs (loop4): pa 000000007474f627: logic 16, phys. 129, len 24
[   59.691679][ T4531] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:4893: group 0, free 0, pa_free 8
[   59.698299][ T4546] vhci_hcd vhci_hcd.0: Device attached
[   59.705379][ T4554] loop0: detected capacity change from 0 to 128
[   59.722320][ T4540] vhci_hcd vhci_hcd.0: Device attached
[   59.811432][ T4540] netlink: 64 bytes leftover after parsing attributes in process `+}[@'.
[   59.824029][ T4540] vhci_hcd vhci_hcd.0: pdev(0) rhport(1) sockfd(11)
[   59.826019][ T4540] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   59.854983][ T4540] vhci_hcd vhci_hcd.0: Device attached
[   59.858747][ T4549] vhci_hcd: connection closed
[   59.862100][  T136] vhci_hcd: stop threads
[   59.865904][  T136] vhci_hcd: release socket
[   59.868053][ T4548] vhci_hcd: connection closed
[   59.868666][  T136] vhci_hcd: disconnect device
[   59.886856][ T4557] vhci_hcd: connection closed
[   59.886988][  T136] vhci_hcd: stop threads
[   59.890084][  T136] vhci_hcd: release socket
[   59.896989][  T136] vhci_hcd: disconnect device
[   59.898599][  T136] vhci_hcd: stop threads
[   59.904768][  T136] vhci_hcd: release socket
[   59.909106][  T136] vhci_hcd: disconnect device
[   60.463248][ T4571] hub 8-0:1.0: USB hub found
[   60.467494][ T4571] hub 8-0:1.0: 8 ports detected
[   61.009905][ T4585] netlink: 48 bytes leftover after parsing attributes in process `syz.1.189'.
[   61.044734][ T4589] ieee802154 phy0 wpan0: encryption failed: -22
[   61.236713][ T4598] loop0: detected capacity change from 0 to 512
[   61.329747][ T4598] EXT4-fs error (device loop0): ext4_orphan_get:1401: inode #15: comm syz.0.195: casefold flag without casefold feature
[   61.334401][ T4598] EXT4-fs error (device loop0): ext4_orphan_get:1406: comm syz.0.195: couldn't read orphan inode 15 (err -117)
[   61.345648][ T4598] EXT4-fs (loop0): mounted filesystem without journal. Opts: nobarrier,,errors=continue. Quota mode: writeback.
[   62.263477][ T4635] loop1: detected capacity change from 0 to 256
[   62.444436][ T4635] futex_wake_op: syz.1.206 tries to shift op by -1; fix this program
[   62.603942][ T4653] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   62.607775][ T4653] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   62.626343][ T4653] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   62.644167][ T4653] device bridge_slave_0 left promiscuous mode
[   62.647294][ T4653] bridge0: port 1(bridge_slave_0) entered disabled state
[   62.677824][ T4657] loop3: detected capacity change from 0 to 2048
[   62.727198][ T4653] device bridge_slave_1 left promiscuous mode
[   62.729374][ T4653] bridge0: port 2(bridge_slave_1) entered disabled state
[   62.797647][ T4653] bond0: (slave bond_slave_0): Releasing backup interface
[   62.859834][ T4653] bond0: (slave bond_slave_1): Releasing backup interface
[   62.979472][ T4653] team0: Port device team_slave_0 removed
[   63.021220][ T4653] team0: Port device team_slave_1 removed
[   63.035326][ T4653] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   63.038003][ T4653] batman_adv: batadv0: Removing interface: batadv_slave_0
[   63.052066][ T4653] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   63.054390][ T4653] batman_adv: batadv0: Removing interface: batadv_slave_1
[   64.530327][ T4739] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[   64.822648][ T4762] loop2: detected capacity change from 0 to 128
[   64.897281][   T26] kauditd_printk_skb: 43 callbacks suppressed
[   64.897296][   T26] audit: type=1326 audit(64.830:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4763 comm="syz.0.260" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9c3bc768 code=0x7ffc0000
[   64.910595][   T26] audit: type=1326 audit(64.830:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4763 comm="syz.0.260" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=432 compat=0 ip=0xffff9c3bc768 code=0x7ffc0000
[   64.916406][   T26] audit: type=1326 audit(64.830:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4763 comm="syz.0.260" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9c3bc768 code=0x7ffc0000
[   64.936692][ T4762] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   64.946841][ T4762] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   64.993659][ T4766] netlink: 256 bytes leftover after parsing attributes in process `syz.0.261'.
[   65.084177][ T4758] udc-core: couldn't find an available UDC or it's busy
[   65.088144][ T4758] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[   65.416804][ T4782] netlink: 8 bytes leftover after parsing attributes in process `syz.0.268'.
[   65.619080][   T26] audit: type=1326 audit(65.550:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4790 comm="syz.0.271" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9c3bc768 code=0x7ffc0000
[   65.634452][   T26] audit: type=1326 audit(65.550:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4790 comm="syz.0.271" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9c3bc768 code=0x7ffc0000
[   65.670012][   T26] audit: type=1326 audit(65.550:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4790 comm="syz.0.271" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff9c3bc768 code=0x7ffc0000
[   65.685428][ T4795] device syzkaller1 entered promiscuous mode
[   65.694119][   T26] audit: type=1326 audit(65.550:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4790 comm="syz.0.271" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9c3bc768 code=0x7ffc0000
[   65.710382][   T26] audit: type=1326 audit(65.550:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4790 comm="syz.0.271" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9c3bc768 code=0x7ffc0000
[   65.733570][   T26] audit: type=1326 audit(65.550:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4790 comm="syz.0.271" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff9c3bc768 code=0x7ffc0000
[   65.764482][   T26] audit: type=1326 audit(65.550:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4790 comm="syz.0.271" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9c3bc768 code=0x7ffc0000
[   66.328680][ T4825] loop2: detected capacity change from 0 to 8192
[   66.463009][ T4841] process 'syz.4.291' launched './file1' with NULL argv: empty string added
[   66.653012][ T4850] binfmt_misc: register: failed to install interpreter file ./file0
[   66.665780][ T4851] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[   66.798438][ T4853] loop0: detected capacity change from 0 to 1024
[   67.047921][ T4853] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   67.080666][ T4853] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[   67.116601][ T4853] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 51 with max blocks 1 with error 28
[   67.141864][ T4853] EXT4-fs (loop0): This should not happen!! Data will be lost
[   67.141864][ T4853] 
[   67.190625][ T4853] EXT4-fs (loop0): Total free blocks count 0
[   67.192491][ T4853] EXT4-fs (loop0): Free/Dirty block details
[   67.206783][ T4853] EXT4-fs (loop0): free_blocks=68451041280
[   67.218853][ T4853] EXT4-fs (loop0): dirty_blocks=32
[   67.231079][ T4853] EXT4-fs (loop0): Block reservation details
[   67.232911][ T4853] EXT4-fs (loop0): i_reserved_data_blocks=2
[   67.254412][ T4859] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 52 with error 28
[   67.263774][ T4859] EXT4-fs (loop0): This should not happen!! Data will be lost
[   67.263774][ T4859] 
[   67.424836][ T4867] netlink: 76 bytes leftover after parsing attributes in process `syz.3.301'.
[   67.443640][ T4870] netlink: 28 bytes leftover after parsing attributes in process `syz.4.302'.
[   67.455838][ T4870] netlink: 28 bytes leftover after parsing attributes in process `syz.4.302'.
[   67.629917][ T4883] loop4: detected capacity change from 0 to 512
[   67.693653][ T4883] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   67.721011][ T4883] EXT4-fs (loop4): 1 truncate cleaned up
[   67.722621][ T4883] EXT4-fs (loop4): mounted filesystem without journal. Opts: minixdf,max_dir_size_kb=0x00000000000001ff,stripe=0x0000000000000000,noblock_validity,debug_want_extra_isize=0x0000000000000006,,errors=continue. Quota mode: none.
[   67.754253][ T4883] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[   67.760089][ T4883] team0: Device ipvlan2 is already an upper device of the team interface
[   68.161011][ T4907] loop4: detected capacity change from 0 to 128
[   68.798172][ T4930] loop2: detected capacity change from 0 to 1024
[   68.864627][ T4930] EXT4-fs (loop2): Quota format mount options ignored when QUOTA feature is enabled
[   68.871947][ T1535] cfg80211: failed to load regulatory.db
[   68.888219][ T4930] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   68.902342][ T4930] EXT4-fs (loop2): orphan cleanup on readonly fs
[   68.909716][ T4930] EXT4-fs error (device loop2): ext4_free_blocks:6223: comm syz.2.325: Freeing blocks not in datazone - block = 0, count = 4096
[   68.921460][ T4930] EXT4-fs (loop2): Remounting filesystem read-only
[   68.923639][ T4930] EXT4-fs (loop2): 1 orphan inode deleted
[   68.925191][ T4930] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,barrier=0x0000000000000004,barrier=0x0000000000000009,init_itable=0x0000000000007ab4,jqfmt=vfsv0,. Quota mode: writeback.
[   69.069944][ T4940] loop1: detected capacity change from 0 to 512
[   69.127022][ T4940] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpid,acl,,errors=continue. Quota mode: writeback.
[   69.185493][ T4947] loop2: detected capacity change from 0 to 512
[   69.229848][ T4947] EXT4-fs (loop2): Ignoring removed orlov option
[   69.236358][ T4947] EXT4-fs (loop2): Unrecognized mount option "uid>00000000000000000000" or missing value
[   69.334126][ T4959] syz.3.338 uses obsolete (PF_INET,SOCK_PACKET)
[   69.703621][ T2057] ieee802154 phy0 wpan0: encryption failed: -22
[   69.710877][ T2057] ieee802154 phy1 wpan1: encryption failed: -22
[   69.824498][ T4979] loop1: detected capacity change from 0 to 512
[   69.858921][ T4983] device ip6tnl1 entered promiscuous mode
[   69.881849][ T4983] team0: Device ip6tnl1 is of different type
[   69.906635][ T4979] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   70.083726][ T4989] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   70.169315][ T5000] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[   70.171281][ T5000] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   70.216487][ T5000] vhci_hcd vhci_hcd.0: Device attached
[   70.224189][ T4989] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   70.314636][ T4989] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   70.414861][ T4989] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   70.416561][ T1535] vhci_hcd: vhci_device speed not set
[   70.457632][ T5018] loop2: detected capacity change from 0 to 1024
[   70.493121][ T1535] usb 8-1: new full-speed USB device number 2 using vhci_hcd
[   70.537316][ T5018] EXT4-fs (loop2): mounted filesystem without journal. Opts: discard,data_err=ignore,,errors=continue. Quota mode: none.
[   70.595806][ T4989] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   70.627903][ T4032] EXT4-fs error (device loop2): ext4_lookup:1862: inode #2: comm syz-executor: deleted inode referenced: 11
[   70.644497][ T4989] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   70.653265][ T4032] EXT4-fs error (device loop2): ext4_lookup:1862: inode #2: comm syz-executor: deleted inode referenced: 11
[   70.702613][ T4989] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   70.754420][ T4989] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   70.760916][ T5026] loop1: detected capacity change from 0 to 512
[   70.865679][ T5026] EXT4-fs (loop1): Ignoring removed orlov option
[   70.872791][ T5026] EXT4-fs (loop1): orphan cleanup on readonly fs
[   70.886567][ T5026] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.363: bg 0: block 248: padding at end of block bitmap is not set
[   70.898545][ T5026] __quota_error: 66 callbacks suppressed
[   70.898560][ T5026] Quota error (device loop1): write_blk: dquota write failed
[   70.902979][ T5026] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[   70.905758][ T5026] EXT4-fs error (device loop1): ext4_acquire_dquot:6204: comm syz.1.363: Failed to acquire dquot type 1
[   70.918096][ T5030] netlink: 8 bytes leftover after parsing attributes in process `syz.4.364'.
[   70.927718][ T5026] EXT4-fs (loop1): 1 truncate cleaned up
[   70.935796][ T5001] vhci_hcd: connection reset by peer
[   70.938916][ T4576] vhci_hcd: stop threads
[   70.940149][ T4576] vhci_hcd: release socket
[   70.948815][ T4576] vhci_hcd: disconnect device
[   70.951294][ T5026] EXT4-fs (loop1): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,orlov,abort,nombcache,stripe=0x0000000000000010,,errors=continue. Quota mode: writeback.
[   71.287142][   T26] audit: type=1326 audit(71.220:285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5036 comm="syz.1.369" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9d4bb768 code=0x7ffc0000
[   71.308952][ T5039] loop0: detected capacity change from 0 to 512
[   71.309401][   T26] audit: type=1326 audit(71.240:286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5036 comm="syz.1.369" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=92 compat=0 ip=0xffff9d4bb768 code=0x7ffc0000
[   71.327239][   T26] audit: type=1326 audit(71.260:287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5036 comm="syz.1.369" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9d4bb768 code=0x7ffc0000
[   71.396598][ T5039] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2
[   71.404087][ T5039] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -2
[   71.435200][ T5039] EXT4-fs (loop0): 1 truncate cleaned up
[   71.436776][ T5039] EXT4-fs (loop0): mounted filesystem without journal. Opts: jqfmt=vfsold,grpjquota="errors=continue,noload,nombcache,usrjquota="errors=continue,errors=remount-ro,barrier,. Quota mode: writeback.
[   71.474304][  T153] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   71.484306][ T5039] EXT4-fs (loop0): re-mounted. Opts: jqfmt=vfsold,grpjquota="errors=continue,noload,nombcache,usrjquota="errors=continue,errors=remount-ro,barrier,. Quota mode: writeback.
[   71.602104][  T153] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   71.642490][   T26] audit: type=1326 audit(71.580:288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5052 comm="syz.0.373" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9c3bc768 code=0x7ffc0000
[   71.651568][   T26] audit: type=1326 audit(71.580:289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5052 comm="syz.0.373" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=217 compat=0 ip=0xffff9c3bc768 code=0x7ffc0000
[   71.668706][   T26] audit: type=1326 audit(71.580:290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5052 comm="syz.0.373" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9c3bc768 code=0x7ffc0000
[   71.681941][   T26] audit: type=1326 audit(71.580:291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5052 comm="syz.0.373" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=219 compat=0 ip=0xffff9c3bc768 code=0x7ffc0000
[   71.705131][   T26] audit: type=1326 audit(71.600:292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5052 comm="syz.0.373" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9c3bc768 code=0x7ffc0000
[   71.748663][ T5043] lo speed is unknown, defaulting to 1000
[   71.757028][  T153] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   71.786516][ T5064] syz.4.379 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   71.795285][ T5060] device veth1_macvtap left promiscuous mode
[   71.800801][ T5060] device macsec0 entered promiscuous mode
[   71.813003][ T5065] loop0: detected capacity change from 0 to 1024
[   71.858751][ T5065] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   71.874897][  T153] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   71.909703][ T5065] EXT4-fs (loop0): orphan cleanup on readonly fs
[   71.912723][ T5065] EXT4-fs warning (device loop0): ext4_enable_quotas:6456: Failed to enable quota tracking (type=0, err=-22, ino=3). Please run e2fsck to fix.
[   71.916756][ T5065] EXT4-fs (loop0): Cannot turn on quotas: error -22
[   71.942303][ T5065] EXT4-fs error (device loop0): ext4_free_blocks:6223: comm syz.0.377: Freeing blocks not in datazone - block = 0, count = 4096
[   71.977633][ T5074] rdma_op 00000000408ef150 conn xmit_rdma 0000000000000000
[   71.986328][ T5065] EXT4-fs (loop0): Remounting filesystem read-only
[   71.988323][ T5065] EXT4-fs (loop0): 1 orphan inode deleted
[   71.989899][ T5065] EXT4-fs (loop0): mounted filesystem without journal. Opts: min_batch_time=0x000000000000313b,init_itable,errors=remount-ro,grpid,. Quota mode: writeback.
[   72.144435][ T5065] EXT4-fs error (device loop0): ext4_lookup:1858: inode #15: comm syz.0.377: iget: bad extended attribute block 6
[   72.200653][ T5043] chnl_net:caif_netlink_parms(): no params data found
[   72.354106][ T5100] netlink: 16 bytes leftover after parsing attributes in process `syz.3.394'.
[   72.449446][ T5043] bridge0: port 1(bridge_slave_0) entered blocking state
[   72.458810][ T5043] bridge0: port 1(bridge_slave_0) entered disabled state
[   72.482665][ T5043] device bridge_slave_0 entered promiscuous mode
[   72.569105][ T5126] netlink: 8 bytes leftover after parsing attributes in process `syz.4.400'.
[   72.584701][ T5043] bridge0: port 2(bridge_slave_1) entered blocking state
[   72.590672][ T5043] bridge0: port 2(bridge_slave_1) entered disabled state
[   72.597918][ T5043] device bridge_slave_1 entered promiscuous mode
[   72.633086][ T5129] netlink: 72 bytes leftover after parsing attributes in process `syz.1.402'.
[   72.639792][ T5126] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[   72.657952][ T5126] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[   72.667306][ T5133] netlink: 16 bytes leftover after parsing attributes in process `syz.3.403'.
[   72.695796][ T5043] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   72.733921][ T5043] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   72.827895][ T5043] team0: Port device team_slave_0 added
[   72.838357][ T5043] team0: Port device team_slave_1 added
[   72.929250][ T5043] batman_adv: batadv0: Adding interface: batadv_slave_0
[   72.949480][ T5043] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   72.998762][ T5043] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   73.062198][ T5043] batman_adv: batadv0: Adding interface: batadv_slave_1
[   73.064372][ T5043] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   73.506136][ T4124] Bluetooth: hci2: command 0x0409 tx timeout
[   73.851430][ T5043] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   74.054874][ T5166] device dummy0 entered promiscuous mode
[   74.134131][ T5043] device hsr_slave_0 entered promiscuous mode
[   74.143029][ T5179] loop0: detected capacity change from 0 to 128
[   74.181513][ T5043] device hsr_slave_1 entered promiscuous mode
[   74.210582][ T5043] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   74.212797][ T5043] Cannot create hsr debugfs directory
[   74.214741][ T5166] netlink: 4 bytes leftover after parsing attributes in process `syz.1.415'.
[   74.235112][ T5179] loop0: detected capacity change from 0 to 128
[   74.250201][ T5166] device dummy0 left promiscuous mode
[   74.306823][ T5182] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   74.309287][ T5182] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   74.341401][ T5182] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   74.445463][ T5195] vhci_hcd: default hub control req: 0000 v0000 i0000 l65535
[   75.114213][ T5208] lo speed is unknown, defaulting to 1000
[   75.810457][    C1] sched: RT throttling activated
[   75.830589][ T4070] Bluetooth: hci2: command 0x041b tx timeout
[   75.983503][ T5226] loop0: detected capacity change from 0 to 512
[   76.078116][ T5226] EXT4-fs error (device loop0): ext4_orphan_get:1401: inode #15: comm syz.0.428: casefold flag without casefold feature
[   76.082513][ T5226] EXT4-fs error (device loop0): ext4_orphan_get:1406: comm syz.0.428: couldn't read orphan inode 15 (err -117)
[   76.097266][ T5226] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   76.784176][ T5250] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   76.786842][ T5250] IPv6: NLM_F_CREATE should be set when creating new route
[   76.821581][ T1535] vhci_hcd: vhci_device speed not set
[   76.826532][ T5043] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   76.828683][ T5223] netlink: 'syz.3.427': attribute type 1 has an invalid length.
[   76.831313][ T5223] netlink: 199824 bytes leftover after parsing attributes in process `syz.3.427'.
[   76.866545][ T5043] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   76.923253][ T5043] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   76.981320][ T5254] netlink: 'syz.0.431': attribute type 2 has an invalid length.
[   77.137856][ T5043] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   77.141824][   T26] kauditd_printk_skb: 33 callbacks suppressed
[   77.141835][   T26] audit: type=1326 audit(77.080:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5251 comm="syz.0.431" exe="/root/syz-executor" sig=9 arch=c00000b7 syscall=98 compat=0 ip=0xffff9c3bc768 code=0x0
[   77.185497][ T5259] netlink: 10 bytes leftover after parsing attributes in process `syz.0.431'.
[   77.188004][ T5253] netlink: 4 bytes leftover after parsing attributes in process `syz.1.436'.
[   77.230986][ T5260] netlink: 28 bytes leftover after parsing attributes in process `syz.4.438'.
[   77.233738][ T5260] netlink: 28 bytes leftover after parsing attributes in process `syz.4.438'.
[   77.245630][ T5259] IPv6: Can't replace route, no match found
[   77.297262][ T5264] loop3: detected capacity change from 0 to 512
[   77.378004][ T5264] EXT4-fs (loop3): mounted filesystem without journal. Opts: sb=0x0000000000000001,nodioread_nolock,,errors=continue. Quota mode: writeback.
[   77.491583][ T5043] 8021q: adding VLAN 0 to HW filter on device bond0
[   77.552382][ T5273] netlink: 4 bytes leftover after parsing attributes in process `syz.4.443'.
[   77.568918][ T5273] netlink: 4 bytes leftover after parsing attributes in process `syz.4.443'.
[   77.585744][ T5214] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   77.588358][ T5214] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   77.618344][  T153] device hsr_slave_0 left promiscuous mode
[   77.674992][   T26] audit: type=1326 audit(77.610:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5281 comm="syz.3.447" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa4a9a768 code=0x7ffc0000
[   77.685492][   T26] audit: type=1326 audit(77.620:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5281 comm="syz.3.447" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa4a9a768 code=0x7ffc0000
[   77.695361][  T153] device hsr_slave_1 left promiscuous mode
[   77.711989][   T26] audit: type=1326 audit(77.620:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5281 comm="syz.3.447" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa4a9a768 code=0x7ffc0000
[   77.738000][   T26] audit: type=1326 audit(77.620:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5281 comm="syz.3.447" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa4a9a768 code=0x7ffc0000
[   77.758736][   T26] audit: type=1326 audit(77.620:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5281 comm="syz.3.447" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa4a9a768 code=0x7ffc0000
[   77.761137][  T153] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   77.766860][  T153] batman_adv: batadv0: Removing interface: batadv_slave_0
[   77.774539][  T153] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   77.779128][  T153] batman_adv: batadv0: Removing interface: batadv_slave_1
[   77.787941][   T26] audit: type=1326 audit(77.620:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5281 comm="syz.3.447" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa4a9a768 code=0x7ffc0000
[   77.824257][  T153] device bridge_slave_1 left promiscuous mode
[   77.826247][   T26] audit: type=1326 audit(77.620:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5281 comm="syz.3.447" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa4a9a768 code=0x7ffc0000
[   77.827572][  T153] bridge0: port 2(bridge_slave_1) entered disabled state
[   77.852581][   T26] audit: type=1326 audit(77.620:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5281 comm="syz.3.447" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa4a9a768 code=0x7ffc0000
[   77.869675][   T26] audit: type=1326 audit(77.620:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5281 comm="syz.3.447" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa4a9a768 code=0x7ffc0000
[   77.876882][  T153] device bridge_slave_0 left promiscuous mode
[   77.878989][  T153] bridge0: port 1(bridge_slave_0) entered disabled state
[   77.910610][ T4070] Bluetooth: hci2: command 0x040f tx timeout
[   78.011696][  T153] device veth1_macvtap left promiscuous mode
[   78.013969][  T153] device veth0_macvtap left promiscuous mode
[   78.015969][  T153] device veth1_vlan left promiscuous mode
[   78.017912][  T153] device veth0_vlan left promiscuous mode
[   78.200181][ T5298] loop3: detected capacity change from 0 to 2048
[   78.402391][ T5300] loop3: detected capacity change from 0 to 2048
[   78.412416][  T153] team0 (unregistering): Port device team_slave_1 removed
[   78.423582][  T153] team0 (unregistering): Port device team_slave_0 removed
[   78.435344][  T153] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   78.443504][ T4196]  loop3: p1 < > p4
[   78.448345][ T4196] loop3: p4 size 8388608 extends beyond EOD, truncated
[   78.459056][ T5300]  loop3: p1 < > p4
[   78.461894][ T5300] loop3: p4 size 8388608 extends beyond EOD, truncated
[   78.491189][  T153] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   78.666426][  T153] bond0 (unregistering): Released all slaves
[   78.760932][ T5043] 8021q: adding VLAN 0 to HW filter on device team0
[   78.773474][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   78.776400][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   78.781693][  T136] bridge0: port 1(bridge_slave_0) entered blocking state
[   78.783731][  T136] bridge0: port 1(bridge_slave_0) entered forwarding state
[   78.826863][ T5300] netlink: 180 bytes leftover after parsing attributes in process `syz.3.455'.
[   78.832681][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   78.836592][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   78.846745][ T5302] loop1: detected capacity change from 0 to 1024
[   78.852060][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   78.859005][  T136] bridge0: port 2(bridge_slave_1) entered blocking state
[   78.861087][  T136] bridge0: port 2(bridge_slave_1) entered forwarding state
[   78.874379][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   78.884981][ T5302] EXT4-fs (loop1): inline encryption not supported
[   78.905579][ T4576] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   78.936711][ T5302] EXT4-fs (loop1): mounted filesystem without journal. Opts: dioread_nolock,noauto_da_alloc,inlinecrypt,dioread_lock,data_err=ignore,barrier=0x0000000000000009,data_err=ignore,grpquota,noblock_validity,user_xattr,resuid=0x0000000000000000,errors=remount-ro,. Quota mode: writeback.
[   78.936934][  T409] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   78.988090][  T409] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   79.027108][ T5043] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   79.066555][ T5043] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   79.110962][  T409] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   79.114564][  T409] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   79.117858][  T409] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   79.125953][  T409] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   79.133366][  T409] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   79.139060][  T409] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   79.146751][  T409] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   79.189858][  T409] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   79.284527][ T5316] loop4: detected capacity change from 0 to 8192
[   79.355742][ T5338]  loop4: p1 p2 p3 < > p4 < p5 p6 >
[   79.357394][ T5338] loop4: partition table partially beyond EOD, truncated
[   79.359583][ T5338] loop4: p1 start 67108864 is beyond EOD, truncated
[   79.370033][ T5338] loop4: p2 size 61546 extends beyond EOD, truncated
[   79.376616][ T5338] loop4: p3 start 100859904 is beyond EOD, truncated
[   79.377027][ T5343] loop1: detected capacity change from 0 to 512
[   79.384773][ T5338] loop4: p5 start 67108864 is beyond EOD, truncated
[   79.389403][ T5343] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[   79.402800][ T5338] loop4: p6 size 61546 extends beyond EOD, truncated
[   79.409236][ T5343] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2802e12c, mo2=0002]
[   79.412363][ T5343] System zones: 1-12
[   79.414148][ T5343] EXT4-fs (loop1): orphan cleanup on readonly fs
[   79.418863][ T5343] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.465: invalid indirect mapped block 12 (level 1)
[   79.435915][ T1617] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   79.438295][ T1617] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   79.445065][ T5316]  loop4: p1 p2 p3 < > p4 < p5 p6 >
[   79.445620][ T5343] EXT4-fs (loop1): Remounting filesystem read-only
[   79.448487][ T5343] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.465: invalid indirect mapped block 2 (level 2)
[   79.453421][ T5316] loop4: partition table partially beyond EOD, truncated
[   79.456903][ T5043] 8021q: adding VLAN 0 to HW filter on device batadv0
[   79.460333][ T5343] EXT4-fs (loop1): Remounting filesystem read-only
[   79.462812][ T5343] EXT4-fs (loop1): 1 truncate cleaned up
[   79.469034][ T5316] loop4: p1 start 67108864 is beyond EOD, truncated
[   79.474400][ T5343] EXT4-fs (loop1): mounted filesystem without journal. Opts: noinit_itable,jqfmt=vfsv1,noload,errors=remount-ro,i_version. Quota mode: none.
[   79.484474][ T5316] loop4: p2 size 61546 extends beyond EOD, truncated
[   79.499149][ T5316] loop4: p3 start 100859904 is beyond EOD, truncated
[   79.510742][ T5316] loop4: p5 start 67108864 is beyond EOD, truncated
[   79.522958][ T5316] loop4: p6 size 61546 extends beyond EOD, truncated
[   79.600715][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   79.606441][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   79.659464][ T5214] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   79.672494][ T5214] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   79.681218][ T5214] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   79.687502][ T5214] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   79.719045][ T5043] device veth0_vlan entered promiscuous mode
[   79.752495][ T5043] device veth1_vlan entered promiscuous mode
[   79.780764][ T5214] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   79.783718][ T5214] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   79.846354][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   79.850045][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   79.862383][ T5043] device veth0_macvtap entered promiscuous mode
[   79.881831][ T5043] device veth1_macvtap entered promiscuous mode
[   79.981339][ T4070] Bluetooth: hci2: command 0x0419 tx timeout
[   79.996430][ T5043] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   80.009414][ T5043] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   80.016474][ T5372] loop1: detected capacity change from 0 to 512
[   80.018807][ T5043] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   80.045263][ T4197] udevd[4197]: inotify_add_watch(7, /dev/loop4p6, 10) failed: No such file or directory
[   80.055509][ T5043] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   80.057199][ T5372] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   80.068415][ T5043] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   80.075049][ T4196] udevd[4196]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory
[   80.078913][ T4114] udevd[4114]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[   80.088685][ T5043] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   80.127358][ T5372] EXT4-fs (loop1): 1 truncate cleaned up
[   80.129050][ T5372] EXT4-fs (loop1): mounted filesystem without journal. Opts: jqfmt=vfsv0,,errors=continue. Quota mode: none.
[   80.170047][ T5043] batman_adv: batadv0: Interface activated: batadv_slave_0
[   80.205375][ T5214] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   80.208270][ T5214] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   80.212022][ T5214] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   80.215059][ T5214] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   80.255145][ T5043] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   80.258354][ T5043] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   80.272757][ T5043] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   80.275797][ T5043] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   80.278411][ T5043] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   80.327835][ T5043] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   80.352561][ T5043] batman_adv: batadv0: Interface activated: batadv_slave_1
[   80.373589][ T5214] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   80.376614][ T5214] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   80.380007][ T4196] udevd[4196]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory
[   80.386784][ T5043] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   80.389245][ T5043] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   80.395364][ T5386] futex_wake_op: syz.3.475 tries to shift op by -1; fix this program
[   80.432901][ T4114] udevd[4114]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[   80.436871][ T5043] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   80.439520][ T5043] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   80.563383][ T4197] udevd[4197]: inotify_add_watch(7, /dev/loop4p6, 10) failed: No such file or directory
[   81.442460][ T5219] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   81.444805][ T5219] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   81.487594][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   81.535128][ T4576] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   81.537615][ T4576] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   81.589552][ T4576] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   81.595749][ T4114] udevd[4114]: inotify_add_watch(7, /dev/loop4p6, 10) failed: No such file or directory
[   81.608269][ T5407] device lo entered promiscuous mode
[   81.618690][ T5407] device tunl0 entered promiscuous mode
[   81.638435][ T5407] device gre0 entered promiscuous mode
[   81.659357][ T5407] device gretap0 entered promiscuous mode
[   81.664939][ T4196] udevd[4196]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory
[   81.691709][ T5407] device erspan0 entered promiscuous mode
[   81.694171][ T5407] device ip_vti0 entered promiscuous mode
[   81.719465][ T5154] udevd[5154]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[   81.721765][ T5407] device ip6_vti0 entered promiscuous mode
[   81.739973][ T5407] device sit0 entered promiscuous mode
[   81.755992][ T5407] device ip6tnl0 entered promiscuous mode
[   81.769418][ T5407] device ip6gre0 entered promiscuous mode
[   81.785988][ T5407] device syz_tun entered promiscuous mode
[   81.800726][ T5407] device ip6gretap0 entered promiscuous mode
[   81.803249][ T5407] device bridge0 entered promiscuous mode
[   81.806644][ T5407] device vcan0 entered promiscuous mode
[   81.820871][ T5407] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   81.832631][ T5407] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   81.835018][ T5407] device bond0 entered promiscuous mode
[   81.856387][ T5407] device bond_slave_0 entered promiscuous mode
[   81.858287][ T5407] device bond_slave_1 entered promiscuous mode
[   81.867526][ T5407] device team0 entered promiscuous mode
[   81.869250][ T5407] device team_slave_0 entered promiscuous mode
[   81.877128][ T5407] device team_slave_1 entered promiscuous mode
[   81.897612][ T5407] device nlmon0 entered promiscuous mode
[   81.915333][ T5420] netlink: 4 bytes leftover after parsing attributes in process `syz.4.486'.
[   81.946535][ T5407] device caif0 entered promiscuous mode
[   81.948364][ T5407] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   82.064053][ T5429] mmap: syz.4.488 (5429) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst.
[   83.573005][ T5475] lo speed is unknown, defaulting to 1000
[   83.687390][   T26] kauditd_printk_skb: 16 callbacks suppressed
[   83.687404][   T26] audit: type=1326 audit(83.620:352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5490 comm="syz.5.510" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa9e0e768 code=0x7ffc0000
[   83.711452][   T26] audit: type=1326 audit(83.630:353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5490 comm="syz.5.510" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=167 compat=0 ip=0xffffa9e0e768 code=0x7ffc0000
[   83.737558][   T26] audit: type=1326 audit(83.630:354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5490 comm="syz.5.510" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa9e0e768 code=0x7ffc0000
[   83.748055][   T26] audit: type=1326 audit(83.650:355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5490 comm="syz.5.510" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=172 compat=0 ip=0xffffa9e0e768 code=0x7ffc0000
[   83.787681][ T5494] netlink: 92 bytes leftover after parsing attributes in process `syz.1.511'.
[   83.791769][ T5494] netem: unknown loss type 0
[   83.793500][ T5494] netem: change failed
[   83.800868][ T5482] lo speed is unknown, defaulting to 1000
[   83.816212][   T26] audit: type=1326 audit(83.650:356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5490 comm="syz.5.510" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa9e0e768 code=0x7ffc0000
[   83.847686][   T26] audit: type=1326 audit(83.650:357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5490 comm="syz.5.510" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=119 compat=0 ip=0xffffa9e0e768 code=0x7ffc0000
[   83.894651][   T26] audit: type=1326 audit(83.650:358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5490 comm="syz.5.510" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa9e0e768 code=0x7ffc0000
[   83.927016][   T26] audit: type=1326 audit(83.650:359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5490 comm="syz.5.510" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa9e0e768 code=0x7ffc0000
[   83.968549][   T26] audit: type=1326 audit(83.650:360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5490 comm="syz.5.510" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa9e0e768 code=0x7ffc0000
[   83.998127][   T26] audit: type=1326 audit(83.650:361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5490 comm="syz.5.510" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa9e0e768 code=0x7ffc0000
[   84.418662][ T5547] loop1: detected capacity change from 0 to 1024
[   84.444094][ T5548] device syzkaller1 entered promiscuous mode
[   84.547349][ T5554] ALSA: seq fatal error: cannot create timer (-19)
[   84.566566][ T5547] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   84.579421][ T5562] loop5: detected capacity change from 0 to 1024
[   84.615935][ T5562] EXT4-fs (loop5): inline encryption not supported
[   84.617890][ T5562] EXT4-fs (loop5): Ignoring removed orlov option
[   84.680694][ T5562] EXT4-fs (loop5): mounted filesystem without journal. Opts: inlinecrypt,noload,norecovery,block_validity,orlov,,errors=continue. Quota mode: none.
[   84.958245][ T5582] capability: warning: `syz.4.538' uses deprecated v2 capabilities in a way that may be insecure
[   85.216178][ T5600] xt_hashlimit: max too large, truncated to 1048576
[   85.568464][ T5633] ipt_REJECT: TCP_RESET invalid for non-tcp
[   85.586394][ T5634] netlink: 'syz.3.556': attribute type 13 has an invalid length.
[   85.679362][ T5642] loop4: detected capacity change from 0 to 128
[   87.155351][ T5634] bridge0: port 2(bridge_slave_1) entered disabled state
[   87.157774][ T5634] bridge0: port 1(bridge_slave_0) entered disabled state
[   87.878476][ T5634] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   87.914211][ T5634] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   88.336690][ T5634] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   88.339409][ T5634] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   88.342424][ T5634] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   88.344821][ T5634] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   88.806496][ T5686] netlink: 12 bytes leftover after parsing attributes in process `syz.1.567'.
[   88.851010][   T26] kauditd_printk_skb: 70 callbacks suppressed
[   88.851023][   T26] audit: type=1326 audit(88.790:432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5690 comm="syz.0.568" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9c3bc768 code=0x7ffc0000
[   88.869207][   T26] audit: type=1326 audit(88.800:433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5690 comm="syz.0.568" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=222 compat=0 ip=0xffff9c3bc768 code=0x7ffc0000
[   89.032587][ T5706] netlink: 'syz.3.574': attribute type 6 has an invalid length.
[   89.257737][ T5722] loop3: detected capacity change from 0 to 164
[   89.312647][ T5722] rock: directory entry would overflow storage
[   89.314931][ T5722] rock: sig=0x66, size=4, remaining=3
[   89.369363][ T5722] rock: directory entry would overflow storage
[   89.375985][ T5722] rock: sig=0x66, size=4, remaining=3
[   89.536641][   T26] audit: type=1326 audit(89.470:434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5690 comm="syz.0.568" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9c3bc768 code=0x7ffc0000
[   89.544773][   T26] audit: type=1326 audit(89.480:435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5690 comm="syz.0.568" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9c3bc768 code=0x7ffc0000
[   89.572933][   T26] audit: type=1326 audit(89.480:436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5690 comm="syz.0.568" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff9c3bc768 code=0x7ffc0000
[   89.580918][ T5741] netlink: 'syz.3.584': attribute type 27 has an invalid length.
[   89.595269][   T26] audit: type=1326 audit(89.480:437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5690 comm="syz.0.568" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9c3bc768 code=0x7ffc0000
[   89.661202][   T26] audit: type=1326 audit(89.480:438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5690 comm="syz.0.568" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9c3bc768 code=0x7ffc0000
[   89.667209][   T26] audit: type=1326 audit(89.490:439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5690 comm="syz.0.568" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff9c3bc768 code=0x7ffc0000
[   89.672514][ T5746] netlink: 104 bytes leftover after parsing attributes in process `syz.3.586'.
[   89.722363][   T26] audit: type=1326 audit(89.490:440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5690 comm="syz.0.568" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9c3bc768 code=0x7ffc0000
[   89.740399][   T26] audit: type=1326 audit(89.490:441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5690 comm="syz.0.568" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9c3bc768 code=0x7ffc0000
[   89.798084][ T5755] xt_recent: hitcount (16385) is larger than allowed maximum (255)
[   89.867073][ T5758] loop4: detected capacity change from 0 to 1024
[   90.056864][ T5758] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   90.269879][ T5779] lo speed is unknown, defaulting to 1000
[   91.025002][ T5806] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[   91.062667][ T5803] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   91.066132][ T5803] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   91.099789][ T5803] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   91.147612][ T5811] loop3: detected capacity change from 0 to 512
[   91.192834][ T5811] EXT4-fs (loop3): Unrecognized mount option "fscontext=sysadm_u" or missing value
[   91.256302][ T5820] netlink: 216 bytes leftover after parsing attributes in process `syz.4.612'.
[   91.259054][ T5820] netlink: 24 bytes leftover after parsing attributes in process `syz.4.612'.
[   91.268108][ T5820] netlink: 16 bytes leftover after parsing attributes in process `syz.4.612'.
[   91.425931][ T5831] netlink: 28 bytes leftover after parsing attributes in process `syz.4.617'.
[   91.438196][ T5831] netlink: 28 bytes leftover after parsing attributes in process `syz.4.617'.
[   91.756869][ T5851] lo speed is unknown, defaulting to 1000
[   91.874674][ T5860] device macvlan2 entered promiscuous mode
[   91.894648][ T5860] device batadv0 entered promiscuous mode
[   91.901379][ T5860] 8021q: adding VLAN 0 to HW filter on device macvlan2
[   91.905254][ T5860] bond0: (slave macvlan2): Enslaving as an active interface with an up link
[   91.911421][ T5867] vcan0: tx drop: invalid sa for name 0x0000000000000003
[   92.041528][ T5876] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[   92.056988][    T7] hid-generic 0000:0C15:0000.0003: unknown main item tag 0x0
[   92.059401][    T7] hid-generic 0000:0C15:0000.0003: unknown main item tag 0x0
[   92.068568][ T5879] netlink: 8 bytes leftover after parsing attributes in process `syz.3.637'.
[   92.077705][    T7] hid-generic 0000:0C15:0000.0003: unknown main item tag 0x0
[   92.079817][    T7] hid-generic 0000:0C15:0000.0003: unknown main item tag 0x0
[   92.090552][    T7] hid-generic 0000:0C15:0000.0003: unknown main item tag 0x0
[   92.093022][    T7] hid-generic 0000:0C15:0000.0003: unknown main item tag 0x0
[   92.095144][    T7] hid-generic 0000:0C15:0000.0003: unknown main item tag 0x0
[   92.097117][    T7] hid-generic 0000:0C15:0000.0003: unknown main item tag 0x0
[   92.099145][    T7] hid-generic 0000:0C15:0000.0003: unknown main item tag 0x0
[   92.110551][    T7] hid-generic 0000:0C15:0000.0003: unknown main item tag 0x0
[   92.113011][    T7] hid-generic 0000:0C15:0000.0003: unknown main item tag 0x0
[   92.114971][    T7] hid-generic 0000:0C15:0000.0003: unknown main item tag 0x0
[   92.135317][    T7] hid-generic 0000:0C15:0000.0003: unknown main item tag 0x0
[   92.137447][    T7] hid-generic 0000:0C15:0000.0003: unknown main item tag 0x0
[   92.139455][    T7] hid-generic 0000:0C15:0000.0003: unknown main item tag 0x0
[   92.142994][    T7] hid-generic 0000:0C15:0000.0003: unknown main item tag 0x0
[   92.145061][    T7] hid-generic 0000:0C15:0000.0003: unknown main item tag 0x0
[   92.147096][    T7] hid-generic 0000:0C15:0000.0003: unknown main item tag 0x0
[   92.149081][    T7] hid-generic 0000:0C15:0000.0003: unknown main item tag 0x0
[   92.158780][    T7] hid-generic 0000:0C15:0000.0003: unknown main item tag 0x0
[   92.168846][    T7] hid-generic 0000:0C15:0000.0003: unknown main item tag 0x0
[   92.172399][    T7] hid-generic 0000:0C15:0000.0003: unknown main item tag 0x0
[   92.174424][    T7] hid-generic 0000:0C15:0000.0003: unknown main item tag 0x0
[   92.176685][    T7] hid-generic 0000:0C15:0000.0003: unknown main item tag 0x0
[   92.179004][    T7] hid-generic 0000:0C15:0000.0003: unknown main item tag 0x0
[   92.181852][    T7] hid-generic 0000:0C15:0000.0003: unknown main item tag 0x0
[   92.184011][    T7] hid-generic 0000:0C15:0000.0003: unknown main item tag 0x0
[   92.186127][    T7] hid-generic 0000:0C15:0000.0003: unknown main item tag 0x0
[   92.195112][    T7] hid-generic 0000:0C15:0000.0003: unknown main item tag 0x0
[   92.197253][    T7] hid-generic 0000:0C15:0000.0003: unknown main item tag 0x0
[   92.199250][    T7] hid-generic 0000:0C15:0000.0003: unknown main item tag 0x0
[   92.209911][    T7] hid-generic 0000:0C15:0000.0003: unknown main item tag 0x0
[   92.212394][    T7] hid-generic 0000:0C15:0000.0003: unknown main item tag 0x0
[   92.214413][    T7] hid-generic 0000:0C15:0000.0003: unknown main item tag 0x0
[   92.216439][    T7] hid-generic 0000:0C15:0000.0003: unknown main item tag 0x0
[   92.218445][    T7] hid-generic 0000:0C15:0000.0003: unknown main item tag 0x0
[   92.220410][    T7] hid-generic 0000:0C15:0000.0003: unknown main item tag 0x0
[   92.232363][    T7] hid-generic 0000:0C15:0000.0003: unknown main item tag 0x0
[   92.234414][    T7] hid-generic 0000:0C15:0000.0003: unknown main item tag 0x0
[   92.236484][    T7] hid-generic 0000:0C15:0000.0003: unknown main item tag 0x0
[   92.238508][    T7] hid-generic 0000:0C15:0000.0003: unknown main item tag 0x0
[   92.244519][    T7] hid-generic 0000:0C15:0000.0003: unknown main item tag 0x0
[   92.246645][    T7] hid-generic 0000:0C15:0000.0003: unknown main item tag 0x0
[   92.258481][    T7] hid-generic 0000:0C15:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[   92.462673][ T5910] netlink: 4 bytes leftover after parsing attributes in process `syz.3.652'.
[   92.480657][ T5907] loop4: detected capacity change from 0 to 2048
[   92.558374][ T5907] EXT4-fs (loop4): mounted filesystem without journal. Opts: min_batch_time=0x000000000000000d,mb_optimize_scan=0x0000000000000001,noblock_validity,,errors=continue. Quota mode: none.
[   92.575102][ T5907] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[   92.581175][ T5907] EXT4-fs (loop4): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 17 with error 28
[   92.584885][ T5907] EXT4-fs (loop4): This should not happen!! Data will be lost
[   92.584885][ T5907] 
[   92.587675][ T5907] EXT4-fs (loop4): Total free blocks count 0
[   92.589387][ T5907] EXT4-fs (loop4): Free/Dirty block details
[   92.591313][ T5907] EXT4-fs (loop4): free_blocks=66060288
[   92.593004][ T5907] EXT4-fs (loop4): dirty_blocks=32
[   92.594578][ T5907] EXT4-fs (loop4): Block reservation details
[   92.596390][ T5907] EXT4-fs (loop4): i_reserved_data_blocks=2
[   92.632256][ T5918] netlink: 36 bytes leftover after parsing attributes in process `syz.3.654'.
[   92.640418][ T5918] loop3: detected capacity change from 0 to 512
[   92.726162][ T5918] EXT4-fs (loop3): 1 orphan inode deleted
[   92.750652][ T5918] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpid,,errors=continue. Quota mode: writeback.
[   92.811528][ T5918] EXT4-fs (loop3): re-mounted. Opts: (null). Quota mode: writeback.
[   92.840016][ T5920] fido_id[5920]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   93.037711][ T5949] vhci_hcd: invalid port number 96
[   93.039264][ T5949] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[   93.081200][ T5948] loop4: detected capacity change from 0 to 1024
[   93.175689][ T5948] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   93.271173][ T5961] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(12)
[   93.273183][ T5961] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   93.276674][ T5961] vhci_hcd vhci_hcd.0: Device attached
[   93.320652][ T5961] vhci_hcd vhci_hcd.0: pdev(1) rhport(1) sockfd(14)
[   93.322588][ T5961] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   93.329198][ T5961] vhci_hcd vhci_hcd.0: Device attached
[   93.334814][ T5970] vhci_hcd vhci_hcd.0: pdev(1) rhport(2) sockfd(17)
[   93.336675][ T5970] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   93.344141][ T5970] vhci_hcd vhci_hcd.0: Device attached
[   93.351440][ T5961] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   93.425379][ T5970] vhci_hcd vhci_hcd.0: pdev(1) rhport(4) sockfd(21)
[   93.427288][ T5970] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   93.446803][ T5970] vhci_hcd vhci_hcd.0: Device attached
[   93.468932][ T5961] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(20)
[   93.470866][ T5961] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[   93.486179][ T5961] vhci_hcd vhci_hcd.0: Device attached
[   93.488971][ T5961] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   93.493372][ T5961] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   93.513750][ T5961] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   93.540289][ T5986] loop4: detected capacity change from 0 to 1024
[   93.542730][ T5977] vhci_hcd: connection closed
[   93.542988][ T5652] vhci_hcd: stop threads
[   93.543050][ T5983] vhci_hcd: connection closed
[   93.544442][ T5652] vhci_hcd: release socket
[   93.548183][ T5652] vhci_hcd: disconnect device
[   93.549790][ T5971] vhci_hcd: connection closed
[   93.551556][   T25] usb 4-1: new low-speed USB device number 2 using vhci_hcd
[   93.557827][ T5652] vhci_hcd: stop threads
[   93.560654][ T5962] vhci_hcd: connection reset by peer
[   93.560925][ T5965] vhci_hcd: connection closed
[   93.563241][ T5652] vhci_hcd: release socket
[   93.569136][ T5652] vhci_hcd: disconnect device
[   93.572122][ T5652] vhci_hcd: stop threads
[   93.575631][ T5652] vhci_hcd: release socket
[   93.577989][ T5652] vhci_hcd: disconnect device
[   93.589114][ T5652] vhci_hcd: stop threads
[   93.591577][ T5652] vhci_hcd: release socket
[   93.595173][ T5652] vhci_hcd: disconnect device
[   93.597541][ T5652] vhci_hcd: stop threads
[   93.599974][ T5652] vhci_hcd: release socket
[   93.603883][ T5652] vhci_hcd: disconnect device
[   93.612015][ T5993] netlink: 'syz.3.674': attribute type 12 has an invalid length.
[   93.679851][ T5990] loop5: detected capacity change from 0 to 4096
[   93.687323][ T5986] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   93.695552][ T5986] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   93.708567][ T5986] JBD2: no valid journal superblock found
[   93.724970][ T5986] EXT4-fs (loop4): error loading journal
[   93.735872][ T5990] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   93.791332][ T5990] EXT4-fs (loop5): re-mounted. Opts: (null). Quota mode: writeback.
[   93.955084][ T6006] xt_hashlimit: max too large, truncated to 1048576
[   94.173292][ T6017] usb usb1: usbfs: process 6017 (syz.4.685) did not claim interface 0 before use
[   94.278547][ T6022] lo speed is unknown, defaulting to 1000
[   94.405953][ T6028] loop1: detected capacity change from 0 to 512
[   94.467811][ T6028] EXT4-fs (loop1): Ignoring removed oldalloc option
[   94.469870][ T6028] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   94.609827][ T6037] serio: Serial port ptm0
[   95.984905][ T6036] device bridge0 entered promiscuous mode
[   95.987147][ T6036] device macvlan2 entered promiscuous mode
[   96.015188][ T6036] bridge0: port 1(macvlan2) entered blocking state
[   96.048066][ T6036] bridge0: port 1(macvlan2) entered disabled state
[   96.077280][ T6028] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #16: comm syz.1.687: invalid indirect mapped block 4294967295 (level 0)
[   96.087134][ T6028] EXT4-fs (loop1): Remounting filesystem read-only
[   96.096858][ T6028] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #16: comm syz.1.687: invalid indirect mapped block 4294967295 (level 1)
[   96.128805][ T6028] EXT4-fs (loop1): Remounting filesystem read-only
[   96.163311][ T6028] EXT4-fs (loop1): 1 orphan inode deleted
[   96.179650][ T6028] EXT4-fs (loop1): 1 truncate cleaned up
[   96.189800][ T6028] EXT4-fs (loop1): mounted filesystem without journal. Opts: oldalloc,errors=remount-ro,init_itable,block_validity,block_validity,quota,. Quota mode: writeback.
[   96.195923][ T6036] device bridge0 left promiscuous mode
[   96.318523][ T6061] loop5: detected capacity change from 0 to 128
[   96.325209][ T6061] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   96.372007][ T6061] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   96.537508][ T5652] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   96.543760][ T6075] udc-core: couldn't find an available UDC or it's busy
[   96.545668][ T6075] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[   96.598697][   T26] kauditd_printk_skb: 69 callbacks suppressed
[   96.598710][   T26] audit: type=1326 audit(96.530:511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6073 comm="syz.4.703" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9bc4e768 code=0x7ffc0000
[   96.613454][ T6075] loop4: detected capacity change from 0 to 256
[   96.616880][   T26] audit: type=1326 audit(96.540:512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6073 comm="syz.4.703" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=235 compat=0 ip=0xffff9bc4e768 code=0x7ffc0000
[   96.655334][   T26] audit: type=1326 audit(96.540:513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6073 comm="syz.4.703" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9bc4e768 code=0x7ffc0000
[   96.678892][ T6075] IPVS: set_ctl: invalid protocol: 135 224.0.0.2:20000
[   96.687862][   T26] audit: type=1326 audit(96.540:514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6073 comm="syz.4.703" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=279 compat=0 ip=0xffff9bc4e768 code=0x7ffc0000
[   96.909619][   T26] audit: type=1326 audit(96.550:515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6073 comm="syz.4.703" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=222 compat=0 ip=0xffff9bc4e79c code=0x7ffc0000
[   96.988919][   T26] audit: type=1326 audit(96.550:516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6073 comm="syz.4.703" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=64 compat=0 ip=0xffff9bc4ce30 code=0x7ffc0000
[   97.058675][   T26] audit: type=1326 audit(96.550:517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6073 comm="syz.4.703" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=215 compat=0 ip=0xffff9bc4e80c code=0x7ffc0000
[   97.105937][   T26] audit: type=1326 audit(96.550:518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6073 comm="syz.4.703" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=56 compat=0 ip=0xffff9bc4cc94 code=0x7ffc0000
[   97.163355][   T26] audit: type=1326 audit(96.550:519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6073 comm="syz.4.703" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=29 compat=0 ip=0xffff9bc4e290 code=0x7ffc0000
[   97.218867][   T26] audit: type=1326 audit(96.550:520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6073 comm="syz.4.703" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=57 compat=0 ip=0xffff9bc4d06c code=0x7ffc0000
[   97.242403][ T6102] lo speed is unknown, defaulting to 1000
[   97.315756][ T6105] device ipvlan2 entered promiscuous mode
[   97.338546][ T6105] bridge0: port 1(ipvlan2) entered blocking state
[   97.347431][ T6105] bridge0: port 1(ipvlan2) entered disabled state
[   97.369670][ T6113] loop3: detected capacity change from 0 to 164
[   97.407635][ T6113] isofs_fill_super: root inode is not a directory. Corrupted media?
[   97.583180][ T6127] __nla_validate_parse: 3 callbacks suppressed
[   97.583196][ T6127] netlink: 8 bytes leftover after parsing attributes in process `syz.4.718'.
[   97.768920][ T6146] netlink: 4 bytes leftover after parsing attributes in process `syz.3.722'.
[   97.923642][ T6154] loop1: detected capacity change from 0 to 1024
[   98.009918][ T6154] EXT4-fs (loop1): mounted filesystem without journal. Opts: user_xattr,nodioread_nolock,,errors=continue. Quota mode: none.
[   98.020281][ T6154] EXT4-fs error (device loop1): ext4_map_blocks:739: inode #15: block 3: comm syz.1.727: lblock 3 mapped to illegal pblock 3 (length 1)
[   98.091880][ T6154] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 117
[   98.113867][ T6154] EXT4-fs (loop1): This should not happen!! Data will be lost
[   98.113867][ T6154] 
[   98.128319][ T6167] EXT4-fs error (device loop1): ext4_free_blocks:6223: comm syz.1.727: Freeing blocks not in datazone - block = 3, count = 1
[   98.163961][ T6154] EXT4-fs error (device loop1): ext4_map_blocks:739: inode #15: block 3: comm syz.1.727: lblock 3 mapped to illegal pblock 3 (length 1)
[   98.184786][ T6154] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 117
[   98.198709][ T6154] EXT4-fs (loop1): This should not happen!! Data will be lost
[   98.198709][ T6154] 
[   98.330268][ T6174] loop0: detected capacity change from 0 to 1024
[   98.357984][ T6178] loop4: detected capacity change from 0 to 512
[   98.401082][ T6174] EXT4-fs (loop0): mounted filesystem without journal. Opts: acl,barrier,barrier=0x0000000000000000,sysvgroups,debug_want_extra_isize=0x0000000000000080,resuid=0x0000000000000000,nodelalloc,acl,noinit_itable,,errors=continue. Quota mode: none.
[   98.452600][ T6178] EXT4-fs (loop4): 1 orphan inode deleted
[   98.454364][ T6178] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   98.627400][ T6178] infiniband syz0: set active
[   98.630806][ T6178] infiniband syz0: added batadv_slave_1
[   98.651251][ T6178] RDS/IB: syz0: added
[   98.653887][ T6178] smc: adding ib device syz0 with port count 1
[   98.655828][ T6178] smc:    ib device syz0 port 1 has pnetid 
[   98.845393][   T25] vhci_hcd: vhci_device speed not set
[   99.198802][ T6201] lo speed is unknown, defaulting to 1000
[   99.819968][ T6213] loop1: detected capacity change from 0 to 512
[   99.963258][ T6213] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.749: bg 0: block 248: padding at end of block bitmap is not set
[   99.968368][ T6213] EXT4-fs error (device loop1): ext4_acquire_dquot:6204: comm syz.1.749: Failed to acquire dquot type 1
[  100.014778][ T6213] EXT4-fs (loop1): 1 truncate cleaned up
[  100.016440][ T6213] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  100.055400][ T6213] netlink: 56 bytes leftover after parsing attributes in process `syz.1.749'.
[  100.181562][ T6227] netlink: 'syz.5.755': attribute type 298 has an invalid length.
[  100.292413][ T6231] device bond1 entered promiscuous mode
[  100.294301][ T6231] 8021q: adding VLAN 0 to HW filter on device bond1
[  100.362888][ T6231] bond1 (unregistering): Released all slaves
[  100.479562][ T6250] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3)
[  100.481508][ T6250] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  100.493674][ T6250] vhci_hcd vhci_hcd.0: Device attached
[  100.537488][ T6256] vhci_hcd vhci_hcd.0: pdev(1) rhport(1) sockfd(6)
[  100.539315][ T6256] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  100.540386][ T6260] netlink: 4 bytes leftover after parsing attributes in process `syz.0.764'.
[  100.551814][ T6256] vhci_hcd vhci_hcd.0: Device attached
[  100.553145][ T6250] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  100.558524][ T6260] netlink: 4 bytes leftover after parsing attributes in process `syz.0.764'.
[  100.569941][ T6250] vhci_hcd vhci_hcd.0: pdev(1) rhport(3) sockfd(10)
[  100.571809][ T6250] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  100.574414][ T6250] vhci_hcd vhci_hcd.0: Device attached
[  100.588276][ T6250] vhci_hcd vhci_hcd.0: pdev(1) rhport(4) sockfd(5)
[  100.590129][ T6250] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  100.593897][ T6250] vhci_hcd vhci_hcd.0: Device attached
[  100.657139][ T6256] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  100.718317][ T6250] vhci_hcd vhci_hcd.0: pdev(1) rhport(5) sockfd(13)
[  100.720246][ T6250] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  100.730779][ T6250] vhci_hcd vhci_hcd.0: Device attached
[  100.734793][ T6269] vhci_hcd: connection closed
[  100.738934][ T6274] @: renamed from vlan0
[  100.741997][ T6266] vhci_hcd: connection closed
[  100.742124][ T6262] vhci_hcd: connection closed
[  100.743620][ T6257] vhci_hcd: connection closed
[  100.745047][ T6252] vhci_hcd: connection closed
[  100.748668][  T148] vhci_hcd: stop threads
[  100.751886][  T148] vhci_hcd: release socket
[  100.753116][  T148] vhci_hcd: disconnect device
[  100.755443][  T148] vhci_hcd: stop threads
[  100.756629][  T148] vhci_hcd: release socket
[  100.768774][  T148] vhci_hcd: disconnect device
[  100.781061][  T148] vhci_hcd: stop threads
[  100.782518][  T148] vhci_hcd: release socket
[  100.784078][  T148] vhci_hcd: disconnect device
[  100.788542][  T148] vhci_hcd: stop threads
[  100.790365][  T148] vhci_hcd: release socket
[  100.801554][  T148] vhci_hcd: disconnect device
[  100.804351][  T148] vhci_hcd: stop threads
[  100.807916][  T148] vhci_hcd: release socket
[  100.835363][  T148] vhci_hcd: disconnect device
[  100.936458][ T6282] hub 9-0:1.0: USB hub found
[  100.950723][ T6282] hub 9-0:1.0: 8 ports detected
[  101.036010][ T6293] netlink: 'syz.0.775': attribute type 6 has an invalid length.
[  101.079779][ T6295] loop5: detected capacity change from 0 to 1024
[  101.203504][ T6295] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  101.419844][ T6328] loop0: detected capacity change from 0 to 512
[  101.466738][ T6328] EXT4-fs (loop0): Ignoring removed mblk_io_submit option
[  101.481168][ T6328] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -13
[  101.489061][ T6328] EXT4-fs error (device loop0): ext4_clear_blocks:883: inode #13: comm syz.0.787: attempt to clear invalid blocks 2 len 1
[  101.542444][ T6328] EXT4-fs (loop0): Remounting filesystem read-only
[  101.560948][ T6328] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  101.607443][ T6328] EXT4-fs (loop0): Remounting filesystem read-only
[  101.609568][ T6328] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz.0.787: invalid indirect mapped block 1819239214 (level 0)
[  101.665488][ T6328] EXT4-fs (loop0): Remounting filesystem read-only
[  101.667395][ T6328] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz.0.787: invalid indirect mapped block 1819239214 (level 1)
[  101.706417][ T6328] EXT4-fs (loop0): Remounting filesystem read-only
[  101.708815][ T6328] EXT4-fs (loop0): 1 truncate cleaned up
[  101.710612][ T6328] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,init_itable=0x0000000000000004,mblk_io_submit,minixdf,jqfmt=vfsv0,usrjquota=... Quota mode: writeback.
[  101.791852][ T6355] device syzkaller1 entered promiscuous mode
[  101.816222][ T4033] EXT4-fs error (device loop0): htree_dirblock_to_tree:1112: inode #2: block 13: comm syz-executor: bad entry in directory: rec_len % 4 != 0 - offset=108, inode=4294901777, rec_len=65535, size=1024 fake=0
[  101.850663][ T4033] EXT4-fs (loop0): Remounting filesystem read-only
[  101.868186][ T4033] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2228: inode #15: comm syz-executor: corrupted in-inode xattr
[  101.880808][ T4033] EXT4-fs (loop0): Remounting filesystem read-only
[  101.882985][ T4033] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2228: inode #15: comm syz-executor: corrupted in-inode xattr
[  101.890859][ T4033] EXT4-fs (loop0): Remounting filesystem read-only
[  101.896688][ T6359] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  101.947419][ T6349] lo speed is unknown, defaulting to 1000
[  102.009611][ T6359] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  102.056559][ T6364] netlink: 2108 bytes leftover after parsing attributes in process `syz.3.801'.
[  102.059198][ T6364] netlink: 1260 bytes leftover after parsing attributes in process `syz.3.801'.
[  102.104721][ T6366] netdevsim netdevsim5: Direct firmware load for @ failed with error -2
[  102.107095][ T6366] netdevsim netdevsim5: Falling back to sysfs fallback for: @
[  102.112775][ T6359] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  102.222011][ T6359] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  102.445617][ T6359] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  102.458978][ T6359] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  102.495525][ T6359] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  102.522976][ T6359] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  102.611838][ T6391] netlink: 24 bytes leftover after parsing attributes in process `syz.3.809'.
[  102.649579][ T6395] udc-core: couldn't find an available UDC or it's busy
[  102.658973][ T6395] misc raw-gadget: fail, usb_gadget_probe_driver returned -19
[  102.746118][ T6401] loop3: detected capacity change from 0 to 512
[  102.905297][ T6410] loop4: detected capacity change from 0 to 512
[  102.961285][ T6410] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=884ec01c, mo2=0002]
[  102.964314][ T6410] EXT4-fs (loop4): orphan cleanup on readonly fs
[  102.999325][ T6410] EXT4-fs warning (device loop4): ext4_enable_quotas:6456: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  103.004804][ T6410] EXT4-fs (loop4): Cannot turn on quotas: error -22
[  103.016685][ T6410] EXT4-fs error (device loop4): ext4_orphan_get:1401: inode #13: comm syz.4.815: iget: bogus i_mode (177755)
[  103.028347][ T6410] EXT4-fs error (device loop4): ext4_orphan_get:1406: comm syz.4.815: couldn't read orphan inode 13 (err -117)
[  103.051366][ T6410] EXT4-fs (loop4): mounted filesystem without journal. Opts: noquota,noblock_validity,max_dir_size_kb=0x0000000000007fff,quota,debug,debug,grpid,,errors=continue. Quota mode: writeback.
[  103.117081][ T6410] EXT4-fs error (device loop4): ext4_lookup:1858: comm syz.4.815: inode #15: comm syz.4.815: iget: illegal inode #
[  103.200209][ T6402] lo speed is unknown, defaulting to 1000
[  103.268021][ T6426] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(4)
[  103.269858][ T6426] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  103.275167][ T6426] vhci_hcd vhci_hcd.0: Device attached
[  103.288472][ T6426] loop1: detected capacity change from 0 to 512
[  103.298991][   T26] kauditd_printk_skb: 87 callbacks suppressed
[  103.299004][   T26] audit: type=1326 audit(104.227:606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6431 comm="syz.5.824" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa9e0e768 code=0x7ffc0000
[  103.330530][   T26] audit: type=1326 audit(104.237:607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6431 comm="syz.5.824" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa9e0e768 code=0x7ffc0000
[  103.346449][ T6426] EXT4-fs (loop1): Quota format mount options ignored when QUOTA feature is enabled
[  103.349284][ T6426] EXT4-fs (loop1): Unrecognized mount option "rootcontext=unconfined_u" or missing value
[  103.359431][   T26] audit: type=1326 audit(104.237:608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6431 comm="syz.5.824" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=56 compat=0 ip=0xffffa9e0e768 code=0x7ffc0000
[  103.377110][   T26] audit: type=1326 audit(104.237:609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6431 comm="syz.5.824" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa9e0e768 code=0x7ffc0000
[  103.395342][   T26] audit: type=1326 audit(104.237:610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6431 comm="syz.5.824" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa9e0e768 code=0x7ffc0000
[  103.414298][   T26] audit: type=1326 audit(104.237:611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6431 comm="syz.5.824" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=29 compat=0 ip=0xffffa9e0e768 code=0x7ffc0000
[  103.430587][   T26] audit: type=1326 audit(104.267:612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6431 comm="syz.5.824" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa9e0e768 code=0x7ffc0000
[  103.454922][ T6429] vhci_hcd: connection closed
[  103.455169][ T5652] vhci_hcd: stop threads
[  103.457260][   T26] audit: type=1326 audit(104.267:613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6431 comm="syz.5.824" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=29 compat=0 ip=0xffffa9e0e768 code=0x7ffc0000
[  103.457663][ T5652] vhci_hcd: release socket
[  103.487168][ T5652] vhci_hcd: disconnect device
[  103.500527][   T26] audit: type=1326 audit(104.267:614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6431 comm="syz.5.824" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa9e0e768 code=0x7ffc0000
[  103.525014][   T26] audit: type=1326 audit(104.267:615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6431 comm="syz.5.824" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa9e0e768 code=0x7ffc0000
[  103.550650][ T4351] usb 4-1: new low-speed USB device number 3 using vhci_hcd
[  103.552977][ T4351] usb 4-1: enqueue for inactive port 0
[  103.640576][ T4351] vhci_hcd: vhci_device speed not set
[  103.763352][ T6402] chnl_net:caif_netlink_parms(): no params data found
[  103.927942][ T6402] bridge0: port 1(bridge_slave_0) entered blocking state
[  103.940434][ T6402] bridge0: port 1(bridge_slave_0) entered disabled state
[  103.964746][ T6402] device bridge_slave_0 entered promiscuous mode
[  103.980660][ T6402] bridge0: port 2(bridge_slave_1) entered blocking state
[  103.982784][ T6402] bridge0: port 2(bridge_slave_1) entered disabled state
[  104.022296][ T6402] device bridge_slave_1 entered promiscuous mode
[  104.311294][ T6402] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  104.344305][ T6402] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  104.515303][ T6402] team0: Port device team_slave_0 added
[  104.518712][ T6402] team0: Port device team_slave_1 added
[  104.588148][ T6485] loop3: detected capacity change from 0 to 512
[  104.621045][ T6488] netlink: 4 bytes leftover after parsing attributes in process `syz.1.841'.
[  104.626315][ T6487] loop4: detected capacity change from 0 to 2048
[  104.867790][ T4071] Bluetooth: hci3: command 0x0409 tx timeout
[  105.001568][ T6402] batman_adv: batadv0: Adding interface: batadv_slave_0
[  105.003619][ T6402] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  105.023292][ T6402] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  105.035273][ T6487] EXT4-fs (loop4): Ignoring removed mblk_io_submit option
[  105.061122][ T6402] batman_adv: batadv0: Adding interface: batadv_slave_1
[  105.069973][ T6402] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  105.101452][ T6485] EXT4-fs (loop3): Ignoring removed orlov option
[  105.114061][ T6402] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  105.142175][ T6487] EXT4-fs (loop4): mounted filesystem without journal. Opts: debug_want_extra_isize=0x0000000000000004,usrjquota=,errors=remount-ro,dioread_lock,max_batch_time=0x0000000000000008,mblk_io_submit,minixdf,barrier=0x0000000000000000,nombcache,bsddf,. Quota mode: none.
[  105.150404][ T6485] EXT4-fs (loop3): orphan cleanup on readonly fs
[  105.162486][ T6485] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.843: bg 0: block 248: padding at end of block bitmap is not set
[  105.192923][ T6485] EXT4-fs error (device loop3): ext4_acquire_dquot:6204: comm syz.3.843: Failed to acquire dquot type 1
[  105.213533][ T6485] EXT4-fs (loop3): 1 truncate cleaned up
[  105.221157][ T6485] EXT4-fs (loop3): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,orlov,abort,nombcache,stripe=0x0000000000000010,,errors=continue. Quota mode: writeback.
[  105.242555][ T6402] device hsr_slave_0 entered promiscuous mode
[  105.274204][ T6402] device hsr_slave_1 entered promiscuous mode
[  105.297539][ T6487] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(9)
[  105.299440][ T6487] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  105.302084][ T6487] vhci_hcd vhci_hcd.0: Device attached
[  105.310567][ T6402] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  105.312756][ T6402] Cannot create hsr debugfs directory
[  105.405260][ T6507] vhci_hcd: connection closed
[  105.418756][ T5214] vhci_hcd: stop threads
[  105.426754][ T5214] vhci_hcd: release socket
[  105.427971][ T5214] vhci_hcd: disconnect device
[  105.474436][ T6513] device veth3 entered promiscuous mode
[  105.779708][ T6402] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  105.891285][ T6402] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  105.947820][ T6402] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  106.042506][ T6402] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  106.097698][ T6542] loop3: detected capacity change from 0 to 2048
[  106.171072][ T6542] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  106.289206][ T6542] EXT4-fs (loop3): resizing filesystem from 512 to 0 blocks
[  106.324042][ T6542] EXT4-fs warning (device loop3): ext4_resize_fs:2004: can't shrink FS - resize aborted
[  106.411396][ T6402] 8021q: adding VLAN 0 to HW filter on device bond0
[  107.259997][ T6579] netlink: 'syz.3.866': attribute type 4 has an invalid length.
[  107.262722][ T6579] netlink: 17 bytes leftover after parsing attributes in process `syz.3.866'.
[  107.523158][  T153] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  107.573425][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  107.576195][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  107.578380][ T4108] Bluetooth: hci3: command 0x041b tx timeout
[  107.634450][ T6402] 8021q: adding VLAN 0 to HW filter on device team0
[  107.662150][  T153] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  107.682321][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  107.686038][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  107.688821][  T136] bridge0: port 1(bridge_slave_0) entered blocking state
[  107.691140][  T136] bridge0: port 1(bridge_slave_0) entered forwarding state
[  107.762480][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  107.765385][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  107.798653][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  107.828066][  T136] bridge0: port 2(bridge_slave_1) entered blocking state
[  107.830118][  T136] bridge0: port 2(bridge_slave_1) entered forwarding state
[  107.840843][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  107.844216][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  107.851659][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  107.862908][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  107.879701][  T153] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  107.922942][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  107.926003][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  107.929065][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  107.984740][  T153] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  107.998164][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  108.001529][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  108.045691][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  108.048704][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  108.066830][ T6402] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  108.229428][ T6614] loop1: detected capacity change from 0 to 512
[  108.350317][ T6614] EXT4-fs (loop1): mounted filesystem without journal. Opts: sb=0x0000000000000001,nodioread_nolock,,errors=continue. Quota mode: writeback.
[  108.446430][ T5214] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  108.449145][ T5214] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  108.508354][ T6402] 8021q: adding VLAN 0 to HW filter on device batadv0
[  108.621549][   T26] kauditd_printk_skb: 87 callbacks suppressed
[  108.621562][   T26] audit: type=1326 audit(109.557:701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6626 comm="syz.1.874" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9d4bb768 code=0x7ffc0000
[  108.640977][   T26] audit: type=1326 audit(109.567:702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6626 comm="syz.1.874" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff9d4bb768 code=0x7ffc0000
[  108.672510][   T26] audit: type=1326 audit(109.567:703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6626 comm="syz.1.874" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9d4bb768 code=0x7ffc0000
[  108.709173][   T26] audit: type=1326 audit(109.577:704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6626 comm="syz.1.874" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff9d4bb768 code=0x7ffc0000
[  108.727280][   T26] audit: type=1326 audit(109.577:705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6626 comm="syz.1.874" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9d4bb768 code=0x7ffc0000
[  108.754277][   T26] audit: type=1326 audit(109.577:706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6626 comm="syz.1.874" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff9d4bb768 code=0x7ffc0000
[  108.760196][   T26] audit: type=1326 audit(109.577:707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6626 comm="syz.1.874" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9d4bb768 code=0x7ffc0000
[  108.800679][   T26] audit: type=1326 audit(109.577:708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6626 comm="syz.1.874" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff9d4bb768 code=0x7ffc0000
[  108.817288][   T26] audit: type=1326 audit(109.577:709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6626 comm="syz.1.874" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9d4bb768 code=0x7ffc0000
[  108.840774][   T26] audit: type=1326 audit(109.587:710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6626 comm="syz.1.874" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff9d4bb768 code=0x7ffc0000
[  109.001638][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  109.004766][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  109.021462][ T5214] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  109.024399][ T5214] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  109.027637][ T5214] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  109.033810][ T5214] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  109.102311][ T6402] device veth0_vlan entered promiscuous mode
[  109.137901][ T6402] device veth1_vlan entered promiscuous mode
[  109.200859][ T6402] device veth0_macvtap entered promiscuous mode
[  109.206011][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  109.216548][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  109.219826][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  109.244528][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  109.276202][    C0] hrtimer: interrupt took 17550600 ns
[  109.292743][ T6402] device veth1_macvtap entered promiscuous mode
[  109.295497][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  109.298463][  T148] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  109.577896][ T6402] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  109.591424][ T6402] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  109.610837][ T6402] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  109.623503][ T6402] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  109.650802][ T6402] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  109.662973][ T6402] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  109.681332][ T6402] batman_adv: batadv0: Interface activated: batadv_slave_0
[  109.685008][ T5220] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  109.687966][ T5220] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  109.711960][ T6402] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  109.719702][ T6402] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  109.731325][ T6402] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  109.754001][ T6402] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  109.764478][ T6402] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  109.775177][ T6402] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  109.788071][ T6402] batman_adv: batadv0: Interface activated: batadv_slave_1
[  110.818613][ T4035] syz-executor invoked oom-killer: gfp_mask=0x1100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[  110.825651][ T4035] CPU: 1 PID: 4035 Comm: syz-executor Not tainted 5.15.184-syzkaller #0
[  110.828048][ T4035] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  110.830782][ T4035] Call trace:
[  110.831749][ T4035]  dump_backtrace+0x0/0x43c
[  110.832980][ T4035]  show_stack+0x2c/0x3c
[  110.834161][ T4035]  __dump_stack+0x30/0x40
[  110.835472][ T4035]  dump_stack_lvl+0xf8/0x160
[  110.836732][ T4035]  dump_stack+0x1c/0x5c
[  110.837910][ T4035]  dump_header+0xbc/0x6b0
[  110.839105][ T4035]  oom_kill_process+0x218/0x518
[  110.840454][ T4035]  out_of_memory+0xbc4/0xf0c
[  110.841714][ T4035]  mem_cgroup_out_of_memory+0x210/0x2c8
[  110.843322][ T4035]  try_charge_memcg+0xdb0/0x11bc
[  110.844666][ T4035]  charge_memcg+0xac/0x220
[  110.845869][ T4035]  mem_cgroup_swapin_charge_page+0x268/0x3cc
[  110.847513][ T4035]  __read_swap_cache_async+0x46c/0x664
[  110.848980][ T4035]  swapin_readahead+0x57c/0x8ac
[  110.850314][ T4035]  do_swap_page+0x448/0x157c
[  110.851555][ T4035]  handle_mm_fault+0x1468/0x2950
[  110.852967][ T4035]  do_page_fault+0x694/0xad4
[  110.854242][ T4035]  do_translation_fault+0xe0/0x130
[  110.855633][ T4035]  do_mem_abort+0x6c/0x1ac
[  110.856831][ T4035]  el0_da+0x90/0x1fc
[  110.857889][ T4035]  el0t_64_sync_handler+0xd8/0xe4
[  110.859248][ T4035]  el0t_64_sync+0x1a0/0x1a4
[  110.980407][ T4035] memory: usage 307200kB, limit 307200kB, failcnt 241
[  110.982348][ T4035] memory+swap: usage 307444kB, limit 9007199254740988kB, failcnt 0
[  110.984490][ T4035] kmem: usage 307200kB, limit 9007199254740988kB, failcnt 0
[  110.986461][ T4035] Memory cgroup stats for /syz3:
[  110.987178][ T4035] anon 0
[  110.987178][ T4035] file 0
[  110.987178][ T4035] kernel_stack 32768
[  110.987178][ T4035] pagetables 122880
[  110.987178][ T4035] percpu 0
[  110.987178][ T4035] sock 0
[  110.987178][ T4035] shmem 0
[  110.987178][ T4035] file_mapped 0
[  110.987178][ T4035] file_dirty 0
[  110.987178][ T4035] file_writeback 0
[  110.987178][ T4035] swapcached 1585152
[  110.987178][ T4035] anon_thp 0
[  110.987178][ T4035] file_thp 0
[  110.987178][ T4035] shmem_thp 0
[  110.987178][ T4035] inactive_anon 0
[  110.987178][ T4035] active_anon 0
[  110.987178][ T4035] inactive_file 0
[  110.987178][ T4035] active_file 0
[  110.987178][ T4035] unevictable 0
[  110.987178][ T4035] slab_reclaimable 481616
[  110.987178][ T4035] slab_unreclaimable 1482736
[  110.987178][ T4035] slab 1964352
[  110.987178][ T4035] workingset_refault_anon 21
[  110.987178][ T4035] workingset_refault_file 0
[  110.987178][ T4035] workingset_activate_anon 6
[  110.987178][ T4035] workingset_activate_file 0
[  111.017144][ T4035] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.872,pid=6610,uid=0
[  111.022161][ T4035] Memory cgroup out of memory: Killed process 6613 (syz.3.872) total-vm:101848kB, anon-rss:932kB, file-rss:22796kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[  111.579285][ T1961] Bluetooth: hci3: command 0x040f tx timeout
[  111.598027][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  111.601401][  T136] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  111.607328][ T6402] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  111.610139][ T6402] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  111.620666][ T6402] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  111.623162][ T6402] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  112.837607][ T6688] netlink: 256 bytes leftover after parsing attributes in process `syz.3.887'.
[  121.204679][ T4108] Bluetooth: hci3: command 0x0419 tx timeout
[  121.243781][ T6690] netdevsim netdevsim3: Direct firmware load for @ failed with error -2
[  121.246387][ T6690] netdevsim netdevsim3: Falling back to sysfs fallback for: @
[  121.352702][  T335] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  121.355281][  T335] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  121.359496][ T5220] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  121.433946][  T335] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  121.436531][  T335] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  121.440998][ T5220] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  144.220443][    C1] watchdog: BUG: soft lockup - CPU#1 stuck for 23s! [syz.4.890:6701]
[  144.223293][    C1] Modules linked in:
[  144.224403][    C1] irq event stamp: 4884
[  144.225587][    C1] hardirqs last  enabled at (4883): [<ffff8000111a3bac>] exit_to_kernel_mode+0xe0/0x168
[  144.228304][    C1] hardirqs last disabled at (4884): [<ffff8000111a3e04>] enter_el1_irq_or_nmi+0x10/0x1c
[  144.230952][    C1] softirqs last  enabled at (334): [<ffff80000819d0d8>] handle_softirqs+0xa4c/0xbf0
[  144.233746][    C1] softirqs last disabled at (313): [<ffff80000819d6dc>] __irq_exit_rcu+0x240/0x440
[  144.236662][    C1] CPU: 1 PID: 6701 Comm: syz.4.890 Not tainted 5.15.184-syzkaller #0
[  144.238926][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  144.241769][    C1] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
[  144.244028][    C1] pc : smp_call_function_many_cond+0xe00/0xeb0
[  144.245678][    C1] lr : smp_call_function_many_cond+0xe18/0xeb0
[  144.247318][    C1] sp : ffff80001fad6a70
[  144.248479][    C1] x29: ffff80001fad6ac0 x28: ffff80001414d000 x27: 0000000000000000
[  144.250739][    C1] x26: 0000000000000011 x25: ffff0001a1130940 x24: ffff800014151000
[  144.252957][    C1] x23: 1fffe00034226128 x22: dfff800000000000 x21: ffff0001a1115dc8
[  144.255166][    C1] x20: ffff80001433d380 x19: 0000000000000000 x18: 0000000000000000
[  144.257317][    C1] x17: 0000000000000002 x16: ffff8000111a5644 x15: 0000000000000001
[  144.259476][    C1] x14: 0000000000ff0100 x13: ffffffffffffffff x12: 0000000000080000
[  144.261608][    C1] x11: 000000000007ffff x10: ffff800021d7c000 x9 : 0000000000000000
[  144.263722][    C1] x8 : 0000000000000011 x7 : 0000000000000000 x6 : 0000000000000000
[  144.265901][    C1] x5 : 0000000000000004 x4 : 0000000000000000 x3 : ffff8000083cc124
[  144.268059][    C1] x2 : 0000000000000000 x1 : 0000000000000004 x0 : 0000000000000001
[  144.270258][    C1] Call trace:
[  144.271180][    C1]  smp_call_function_many_cond+0xe00/0xeb0
[  144.272750][    C1]  kick_all_cpus_sync+0x40/0xa0
[  144.274034][    C1]  bpf_int_jit_compile+0x484/0xa44
[  144.275412][    C1]  bpf_prog_select_runtime+0x634/0x8fc
[  144.276859][    C1]  bpf_prepare_filter+0xd58/0xeb4
[  144.278200][    C1]  bpf_prog_create+0x100/0x1c0
[  144.279507][    C1]  bpf_mt_check+0xd4/0x198
[  144.280692][    C1]  xt_check_match+0x314/0x8a0
[  144.281967][    C1]  translate_table+0xfa4/0x1850
[  144.283275][    C1]  do_ip6t_set_ctl+0xa10/0xe00
[  144.284536][    C1]  nf_setsockopt+0x270/0x290
[  144.285771][    C1]  ipv6_setsockopt+0x1a18/0x36dc
[  144.287080][    C1]  udpv6_setsockopt+0xa8/0xc0
[  144.288380][    C1]  sock_common_setsockopt+0xb0/0xcc
[  144.289797][    C1]  __sys_setsockopt+0x2f8/0x4b0
[  144.291123][    C1]  __arm64_sys_setsockopt+0xb8/0xd4
[  144.292591][    C1]  invoke_syscall+0x98/0x2b8
[  144.293816][    C1]  el0_svc_common+0x138/0x258
[  144.295068][    C1]  do_el0_svc+0x58/0x14c
[  144.296207][    C1]  el0_svc+0x78/0x1e0
[  144.297291][    C1]  el0t_64_sync_handler+0xcc/0xe4
[  144.298660][    C1]  el0t_64_sync+0x1a0/0x1a4
[  144.299895][    C1] Kernel panic - not syncing: softlockup: hung tasks
[  144.301727][    C1] CPU: 1 PID: 6701 Comm: syz.4.890 Tainted: G             L    5.15.184-syzkaller #0
[  144.304295][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  144.307053][    C1] Call trace:
[  144.307954][    C1]  dump_backtrace+0x0/0x43c
[  144.309189][    C1]  show_stack+0x2c/0x3c
[  144.310335][    C1]  __dump_stack+0x30/0x40
[  144.311534][    C1]  dump_stack_lvl+0xf8/0x160
[  144.312833][    C1]  dump_stack+0x1c/0x5c
[  144.314020][    C1]  panic+0x2e4/0x854
[  144.315074][    C1]  softlockup_fn+0x0/0x120
[  144.316292][    C1]  __hrtimer_run_queues+0x3fc/0xb6c
[  144.317681][    C1]  hrtimer_interrupt+0x2bc/0xb5c
[  144.318999][    C1]  arch_timer_handler_virt+0x74/0x88
[  144.320436][    C1]  handle_percpu_devid_irq+0x29c/0x76c
[  144.321942][    C1]  handle_domain_irq+0x144/0x1fc
[  144.324358][    C1]  gic_handle_irq+0x78/0x1c8
[  144.325878][    C1]  call_on_irq_stack+0x24/0x4c
[  144.327207][    C1]  do_interrupt_handler+0x6c/0x88
[  144.328556][    C1]  el1_interrupt+0x30/0x58
[  144.329724][    C1]  el1h_64_irq_handler+0x18/0x24
[  144.331093][    C1]  el1h_64_irq+0x78/0x7c
[  144.332273][    C1]  smp_call_function_many_cond+0xe00/0xeb0
[  144.333877][    C1]  kick_all_cpus_sync+0x40/0xa0
[  144.335199][    C1]  bpf_int_jit_compile+0x484/0xa44
[  144.336628][    C1]  bpf_prog_select_runtime+0x634/0x8fc
[  144.338088][    C1]  bpf_prepare_filter+0xd58/0xeb4
[  144.339548][    C1]  bpf_prog_create+0x100/0x1c0
[  144.340995][    C1]  bpf_mt_check+0xd4/0x198
[  144.342315][    C1]  xt_check_match+0x314/0x8a0
[  144.343709][    C1]  translate_table+0xfa4/0x1850
[  144.345207][    C1]  do_ip6t_set_ctl+0xa10/0xe00
[  144.346535][    C1]  nf_setsockopt+0x270/0x290
[  144.347760][    C1]  ipv6_setsockopt+0x1a18/0x36dc
[  144.349092][    C1]  udpv6_setsockopt+0xa8/0xc0
[  144.350370][    C1]  sock_common_setsockopt+0xb0/0xcc
[  144.351771][    C1]  __sys_setsockopt+0x2f8/0x4b0
[  144.353105][    C1]  __arm64_sys_setsockopt+0xb8/0xd4
[  144.354553][    C1]  invoke_syscall+0x98/0x2b8
[  144.355757][    C1]  el0_svc_common+0x138/0x258
[  144.357046][    C1]  do_el0_svc+0x58/0x14c
[  144.358244][    C1]  el0_svc+0x78/0x1e0
[  144.359388][    C1]  el0t_64_sync_handler+0xcc/0xe4
[  144.360831][    C1]  el0t_64_sync+0x1a0/0x1a4
[  144.362035][    C1] SMP: stopping secondary CPUs
[  145.432617][    C1] SMP: failed to stop secondary CPUs 0-1
[  145.434329][    C1] Kernel Offset: disabled
[  145.435552][    C1] CPU features: 0x8,000081c1,21302e40
[  145.437067][    C1] Memory Limit: none
[  145.462375][    C1] 
[  145.463020][    C1] ================================
[  145.464478][    C1] WARNING: inconsistent lock state
[  145.465832][    C1] 5.15.184-syzkaller #0 Tainted: G             L   
[  145.467636][    C1] --------------------------------
[  145.469085][    C1] inconsistent {HARDIRQ-ON-W} -> {IN-HARDIRQ-W} usage.
[  145.470968][    C1] syz.4.890/6701 [HC1[1]:SC0[0]:HE0:SE1] takes:
[  145.472723][    C1] ffff80001418e778 (efi_rt_lock){?...}-{2:2}, at: virt_efi_set_variable_nonblocking+0x74/0x16c
[  145.475675][    C1] {HARDIRQ-ON-W} state was registered at:
[  145.477248][    C1]   lock_acquire+0x1f4/0x620
[  145.478521][    C1]   _raw_spin_lock+0xb0/0x10c
[  145.479789][    C1]   efi_call_rts+0x384/0x9f4
[  145.481026][    C1]   process_one_work+0x79c/0x1140
[  145.482414][    C1]   worker_thread+0x8f4/0x101c
[  145.483715][    C1]   kthread+0x374/0x454
[  145.484824][    C1]   ret_from_fork+0x10/0x20
[  145.486028][    C1] irq event stamp: 4884
[  145.487188][    C1] hardirqs last  enabled at (4883): [<ffff8000111a3bac>] exit_to_kernel_mode+0xe0/0x168
[  145.489901][    C1] hardirqs last disabled at (4884): [<ffff8000111a3e04>] enter_el1_irq_or_nmi+0x10/0x1c
[  145.492623][    C1] softirqs last  enabled at (334): [<ffff80000819d0d8>] handle_softirqs+0xa4c/0xbf0
[  145.495148][    C1] softirqs last disabled at (313): [<ffff80000819d6dc>] __irq_exit_rcu+0x240/0x440
[  145.497718][    C1] 
[  145.497718][    C1] other info that might help us debug this:
[  145.499930][    C1]  Possible unsafe locking scenario:
[  145.499930][    C1] 
[  145.501917][    C1]        CPU0
[  145.502804][    C1]        ----
[  145.503677][    C1]   lock(efi_rt_lock);
[  145.504765][    C1]   <Interrupt>
[  145.505723][    C1]     lock(efi_rt_lock);
[  145.506878][    C1] 
[  145.506878][    C1]  *** DEADLOCK ***
[  145.506878][    C1] 
[  145.509057][    C1] 2 locks held by syz.4.890/6701:
[  145.510414][    C1]  #0: ffff8000143211e0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x10/0x4c
[  145.512969][    C1]  #1: ffff800015e7b6a8 (&psinfo->buf_lock){....}-{2:2}, at: pstore_dump+0x170/0x6f8
[  145.515608][    C1] 
[  145.515608][    C1] stack backtrace:
[  145.517213][    C1] CPU: 1 PID: 6701 Comm: syz.4.890 Tainted: G             L    5.15.184-syzkaller #0
[  145.519744][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  145.522514][    C1] Call trace:
[  145.523374][    C1]  dump_backtrace+0x0/0x43c
[  145.524561][    C1]  show_stack+0x2c/0x3c
[  145.525773][    C1]  __dump_stack+0x30/0x40
[  145.526957][    C1]  dump_stack_lvl+0xf8/0x160
[  145.528195][    C1]  dump_stack+0x1c/0x5c
[  145.530828][    C1]  print_usage_bug+0x3a4/0x550
[  145.532124][    C1]  mark_lock_irq+0x788/0x9e4
[  145.533333][    C1]  mark_lock+0x224/0x320
[  145.534468][    C1]  __lock_acquire+0xd28/0x651c
[  145.535730][    C1]  lock_acquire+0x1f4/0x620
[  145.536975][    C1]  _raw_spin_lock+0xb0/0x10c
[  145.538212][    C1]  virt_efi_set_variable_nonblocking+0x74/0x16c
[  145.539925][    C1]  efivar_entry_set_safe+0x460/0x480
[  145.541365][    C1]  efi_pstore_write+0x22c/0x3ac
[  145.542734][    C1]  pstore_dump+0x4dc/0x6f8
[  145.543969][    C1]  kmsg_dump+0x170/0x260
[  145.545154][    C1]  panic+0x338/0x854
[  145.546207][    C1]  softlockup_fn+0x0/0x120
[  145.547488][    C1]  __hrtimer_run_queues+0x3fc/0xb6c
[  145.548928][    C1]  hrtimer_interrupt+0x2bc/0xb5c
[  145.550257][    C1]  arch_timer_handler_virt+0x74/0x88
[  145.551690][    C1]  handle_percpu_devid_irq+0x29c/0x76c
[  145.553134][    C1]  handle_domain_irq+0x144/0x1fc
[  145.554489][    C1]  gic_handle_irq+0x78/0x1c8
[  145.555723][    C1]  call_on_irq_stack+0x24/0x4c
[  145.557092][    C1]  do_interrupt_handler+0x6c/0x88
[  145.558447][    C1]  el1_interrupt+0x30/0x58
[  145.559637][    C1]  el1h_64_irq_handler+0x18/0x24
[  145.561018][    C1]  el1h_64_irq+0x78/0x7c
[  145.562182][    C1]  smp_call_function_many_cond+0xe00/0xeb0
[  145.563808][    C1]  kick_all_cpus_sync+0x40/0xa0
[  145.565097][    C1]  bpf_int_jit_compile+0x484/0xa44
[  145.566441][    C1]  bpf_prog_select_runtime+0x634/0x8fc
[  145.567909][    C1]  bpf_prepare_filter+0xd58/0xeb4
[  145.569272][    C1]  bpf_prog_create+0x100/0x1c0
[  145.570589][    C1]  bpf_mt_check+0xd4/0x198
[  145.571765][    C1]  xt_check_match+0x314/0x8a0
[  145.573007][    C1]  translate_table+0xfa4/0x1850
[  145.574303][    C1]  do_ip6t_set_ctl+0xa10/0xe00
[  145.575595][    C1]  nf_setsockopt+0x270/0x290
[  145.576888][    C1]  ipv6_setsockopt+0x1a18/0x36dc
[  145.578250][    C1]  udpv6_setsockopt+0xa8/0xc0
[  145.579528][    C1]  sock_common_setsockopt+0xb0/0xcc
[  145.580955][    C1]  __sys_setsockopt+0x2f8/0x4b0
[  145.582249][    C1]  __arm64_sys_setsockopt+0xb8/0xd4
[  145.583699][    C1]  invoke_syscall+0x98/0x2b8
[  145.584927][    C1]  el0_svc_common+0x138/0x258
[  145.586174][    C1]  do_el0_svc+0x58/0x14c
[  145.587305][    C1]  el0_svc+0x78/0x1e0
[  145.588386][    C1]  el0t_64_sync_handler+0xcc/0xe4
[  145.589811][    C1]  el0t_64_sync+0x1a0/0x1a4
[  146.089839][    C1] Rebooting in 86400 seconds..