last executing test programs:

24.053414911s ago: executing program 4 (id=5958):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0xc906, &(0x7f0000000840)={[{@nobarrier}, {@noblock_validity}, {@mblk_io_submit}, {@barrier_val={'barrier', 0x3d, 0x3}}, {@errors_remount}, {@acl}, {@noauto_da_alloc}, {@max_batch_time={'max_batch_time', 0x3d, 0x6}}, {@grpjquota, 0x32}], [{@defcontext={'defcontext', 0x3d, 'sysadm_u'}}]}, 0x1e, 0x4e1, &(0x7f0000000a40)="$eJzs3UFvG1kdAPD/OHGbtClJBYdSiVLRoqSC2klD24hDAQnBqRJQ7iUkThTFiaPYaZuoglR8ACSEAIkTJy5IfAAk1I+AkCrBfbW72tVqt9097GG3Xnlsd9PUbhLVsaP495Om897M2P//c+Nnv5knTwB962JEXIuI59VqtVYfbWzPNJZIImK7ftyzpw/naksS1eqdD5N0V61eO2xix3Oerj8khiLiFz+N+HXyatzy5tbybLFYWG/U85WVtXx5c+vq0srsYmGxsDo9PXVj5ubM9ZnJjrRzJCJu/fjdP/3+7z+59e/v3n/r7vsTv0ka22NHOzqt3vRs+lo0DUbE+mEE64GBRnuyvU4EAIB9aX7P/1ZEXInRGEi/zQEAAADHSfUHI/FZElFtYajl1pedbLdjaO/HAgAAAN2RSefAJplcYx7ASGQyuVx9Du/X4lSmWCpXvrNQ2lidr8+VHYtsZmGpWJhszBUei2xSq0+l5S/r13bVpyPibET8cXR4OJaKhdxcqTjf65MfAAAA0CdO7xr/fzJaH/8DAAAAx8xYrxMAAAAADp3xPwAAABx/xv8AAABwrP3s9u3aUm3e/3r+3ubGcune1flCeTm3sjGXmyutr+UWS6XF9Df7VvZ6vmKptPa9WN14kK8UypV8eXPr7kppY7Vyd+mlW2ADAAAAXXT2m4//n0TE9veH06XmRK+TArpi8CAHv3N4eQDdN9DrBICeOdDnP3CsZHudANBzyR77207e+U/ncwEAAA7H+NdbX/9P9jw3sJ3pUorAIXH+D/qX6//Qv1z/h/6VjYEwkIf+dvjX/6vVAyUEAAB03Ei6JJlcRHoeYCQymVwu4kx6W4BssrBULExGxFci4n+j2ZO1+lT6yGTPMQMAAAAAAAAAAAAAAAAAAAAAAAAAUFetJlEFAAAAjrWIzHtJ4/5f46OXR3afHziRfDqariPi/l/v/PnBbKWyPlXb/tGL7ZW/NLZf68UZDAAAAGC35ji9OY4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgE569vThXHPpZtwPfhQRY63iD8ZQuh6KwYg49XGSrpuSiBjoQPztRxFxrlX8pJZWjDWyaBV/uIfxMxFxugPxoZ89rvU/P2z1/svExXTd+v13I+2h3lzb/i9pHjGU9nOt+p8z+4xx/sk/823jP4o4P9i6/2n2v0mb+Jf2Gf9Xv9zaarev+reI8ZafP8lLsfKVlbV8eXPr6tLK7GJhsbA6PT11Y+bmzPWZyfzCUrHQ+HdHl3zxRekP3/jX89e1/1Sb+GN7tP/yPtv/+ZMHT79aL2ZbxZ+41Prv71yb+JnGZ9+3G+Xa/vFmebte3unCP/574XXtn6+3f/Cg//8T+2z/lZ//7u19HgoAdEF5c2t5tlgsrPd14Y1ejdrXoiPRisMsDMeRSKPDhd8ejTSOZKG3/RIAANB5r46BAQAAAAAAAAAAAAAAAAAAgG7r5q/rNW33pqkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAK/1RQAAAP//2jzOsg==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r3}, 0x0, &(0x7f0000000040)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/cpuinfo\x00', 0x0, 0x0)
sendfile(r5, r6, 0x0, 0x20000023896)

13.386810546s ago: executing program 2 (id=5979):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0xc906, &(0x7f0000000840)={[{@nobarrier}, {@noblock_validity}, {@mblk_io_submit}, {@barrier_val={'barrier', 0x3d, 0x3}}, {@errors_remount}, {@acl}, {@noauto_da_alloc}, {@max_batch_time={'max_batch_time', 0x3d, 0x6}}, {@grpjquota, 0x32}], [{@defcontext={'defcontext', 0x3d, 'sysadm_u'}}]}, 0x1e, 0x4e1, &(0x7f0000000a40)="$eJzs3UFvG1kdAPD/OHGbtClJBYdSiVLRoqSC2klD24hDAQnBqRJQ7iUkThTFiaPYaZuoglR8ACSEAIkTJy5IfAAk1I+AkCrBfbW72tVqt9097GG3Xnlsd9PUbhLVsaP495Om897M2P//c+Nnv5knTwB962JEXIuI59VqtVYfbWzPNJZIImK7ftyzpw/naksS1eqdD5N0V61eO2xix3Oerj8khiLiFz+N+HXyatzy5tbybLFYWG/U85WVtXx5c+vq0srsYmGxsDo9PXVj5ubM9ZnJjrRzJCJu/fjdP/3+7z+59e/v3n/r7vsTv0ka22NHOzqt3vRs+lo0DUbE+mEE64GBRnuyvU4EAIB9aX7P/1ZEXInRGEi/zQEAAADHSfUHI/FZElFtYajl1pedbLdjaO/HAgAAAN2RSefAJplcYx7ASGQyuVx9Du/X4lSmWCpXvrNQ2lidr8+VHYtsZmGpWJhszBUei2xSq0+l5S/r13bVpyPibET8cXR4OJaKhdxcqTjf65MfAAAA0CdO7xr/fzJaH/8DAAAAx8xYrxMAAAAADp3xPwAAABx/xv8AAABwrP3s9u3aUm3e/3r+3ubGcune1flCeTm3sjGXmyutr+UWS6XF9Df7VvZ6vmKptPa9WN14kK8UypV8eXPr7kppY7Vyd+mlW2ADAAAAXXT2m4//n0TE9veH06XmRK+TArpi8CAHv3N4eQDdN9DrBICeOdDnP3CsZHudANBzyR77207e+U/ncwEAAA7H+NdbX/9P9jw3sJ3pUorAIXH+D/qX6//Qv1z/h/6VjYEwkIf+dvjX/6vVAyUEAAB03Ei6JJlcRHoeYCQymVwu4kx6W4BssrBULExGxFci4n+j2ZO1+lT6yGTPMQMAAAAAAAAAAAAAAAAAAAAAAAAAUFetJlEFAAAAjrWIzHtJ4/5f46OXR3afHziRfDqariPi/l/v/PnBbKWyPlXb/tGL7ZW/NLZf68UZDAAAAGC35ji9OY4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgE569vThXHPpZtwPfhQRY63iD8ZQuh6KwYg49XGSrpuSiBjoQPztRxFxrlX8pJZWjDWyaBV/uIfxMxFxugPxoZ89rvU/P2z1/svExXTd+v13I+2h3lzb/i9pHjGU9nOt+p8z+4xx/sk/823jP4o4P9i6/2n2v0mb+Jf2Gf9Xv9zaarev+reI8ZafP8lLsfKVlbV8eXPr6tLK7GJhsbA6PT11Y+bmzPWZyfzCUrHQ+HdHl3zxRekP3/jX89e1/1Sb+GN7tP/yPtv/+ZMHT79aL2ZbxZ+41Prv71yb+JnGZ9+3G+Xa/vFmebte3unCP/574XXtn6+3f/Cg//8T+2z/lZ//7u19HgoAdEF5c2t5tlgsrPd14Y1ejdrXoiPRisMsDMeRSKPDhd8ejTSOZKG3/RIAANB5r46BAQAAAAAAAAAAAAAAAAAAgG7r5q/rNW33pqkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAK/1RQAAAP//2jzOsg==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r3}, 0x0, &(0x7f0000000040)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/cpuinfo\x00', 0x0, 0x0)
sendfile(r5, r6, 0x0, 0x20000023896)

13.368151156s ago: executing program 1 (id=5981):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x5}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, 0x0}, 0x0)

13.319368337s ago: executing program 1 (id=5983):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b000000080000000100010009000000"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000800000000000000000000000018100000", @ANYRES32=r0, @ANYBLOB], &(0x7f0000000700)='GPL\x00', 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
r2 = accept$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, &(0x7f00000001c0)=0x1c)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000240)={'gretap0\x00', &(0x7f0000000380)={'tunl0\x00', <r3=>0x0, 0x40, 0x80, 0x4e8, 0x1, {{0x19, 0x4, 0x2, 0x0, 0x64, 0x68, 0x0, 0x6, 0x2f, 0x0, @rand_addr=0x64010102, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@lsrr={0x83, 0x1f, 0xbe, [@local, @multicast1, @local, @remote, @broadcast, @multicast2, @loopback]}, @timestamp_addr={0x44, 0x14, 0xd7, 0x1, 0x2, [{@dev={0xac, 0x14, 0x14, 0x3a}}, {@multicast1, 0x4}]}, @timestamp={0x44, 0x1c, 0xcf, 0x0, 0x3, [0x3, 0x986, 0xc140, 0x78, 0x8, 0x9]}]}}}}})
ioctl$sock_inet6_SIOCSIFADDR(r2, 0x8916, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRESOCT=r2, @ANYRES8=r1, @ANYRES8=r2, @ANYRES32=r2, @ANYBLOB='\x00'/13], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x13, 0x14, &(0x7f0000000500)=ANY=[@ANYRESHEX=r3, @ANYRESDEC=r3, @ANYRES32=r1], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
bpf$OBJ_GET_PROG(0x7, &(0x7f00000002c0)=@generic={&(0x7f0000000200)='./file0\x00', 0x0, 0x10}, 0x18)
r6 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000540), 0x0, 0x0)
r7 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r7, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
sendmsg$OSF_MSG_ADD(r7, &(0x7f0000000e40)={&(0x7f0000000dc0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000e00)={&(0x7f0000001180)=ANY=[@ANYBLOB="08150000000500000000000000000000030000035402010000000000010000800206d20e0200030073797a3100000000000000000000000000000000000000000000000000000000576cb1374636583b24ffe151aad17808b2d6d666655a00ac204e67e274b82116ef8cc0ac3fef3081036d81bde4680824dc0805a8ccda40d889696a49d5d1c2b70200ff0300000000ff7f0000ff7fb00000000000030000000010040002000000a30000000b00030001000000090000000300080003000000090000000900c50001000000008000000600020000000000050000000100ff070100000009000000f1000000030000000300000002000700030000000200000010007f00010000000200000008000600010000000400000000006200010000000b000000810005000200000000080000ff7f0400020000000d00000089b20600000000000d00000005000c0001000000ffffffff0100660003000000da420000fc1f090003000000090000000400003a01000000040000000900001003000000010000000300060000000000080000000000110500000000060000000000030003000000070000006002040002000000f10000000004400001000000010000000008060001000000feffffff0800030001000000050000000800fcff0100000001000100000003000000000000000000f4e4740002000000010000000900030001000000400000000000a10500000000060000000800ff0f0000000000000000feff0b0003000000090000000000020001000000080000000700030003000000001000000200008002000000090000000800020003000000000000010700f80c00000000000000005402010000000000000000000506010004000b0073797a30000000000000000000000000000000000000000000000000000000004d9d3972f18f3e17a429b903c5b8ee269de4924d2be1fc1d0f42151ab45bbc7ad56da7a53681318f0545ae6f40b91c863ecfef0d64f87f7943044bf95ba5fa04f8ff050002000000d30000000000000000000000010d00000300060003000000ab3500007b000000000000000500000002009700010000000100000000100200020000000000010008000002000000000300000002000500010000000700000000fc0600020000000002000005690008020000000f00000004000600000000000000000000000800010000000700000007000010000000000400000003000000000000004b0000000200010003000000030000000400020003000000070000007000080001000000c605000002000b0001000000ff0700000c00c7e102000000fcffffffff0100100200000002000000c0ff010002000000b70000002e050200020000000b0000000400f9ff00000000080000000600020000000000810000000d000300010000000400000000080400010000000b00000003000900030000000200000006000400000000004675000003007a0203000000040000000300000800000000080000000200090001000000030000006e00f60003000000040000000300040000000000c63d00001000390a000000000500000000000080000000008f1d000059f8060002000000090000000000f9ff020000001401000000000800030000000a0000000300010100000000090000000000ff070000000000740300540201000000000007000000be002cf89eff280073797a3100000000000000000000000000000000000000000000000000000000ca7fdfdf9733cad8274f63aabf6cfabd2a7817a62e41e8ebf532524d4c533e221fd66cb54d0026a0bdc3c026e3e7aadaacb417b0f3003717236bad7e8298adb1d70c03000000000014000000f553070001000000e4c90000070006000200000006000000d5e906000100000004000000cb19070000000000a1000000ffff060003000000030000008100ca0002000000010100000e00040000000000f0a200008000ff0f02000000030000000100080001000000e80b00004000050001000000cf010000ff7f000000000000090000000500f30002000000ff03000008000300020000007f000000fdff00ac0000000075fdffff0900060003000000090000004bf2030001000000fcffffff0500070001000000c588d8760400010002000000020000000200794a030000000400000004000180000000000300000001007f0001000000fdffffff06000600010000008e000000e405070002000000090000000900faff0200000007000000090000000000000009000000c700030002000000050000000e00070002000000010000000b009e020300000000000000930a200001000000000000000300030000000000060000000180430f03000000000000800700070001000000020000007707080002000000080000000000b2c503000000080000000900670b01000000ff010000e700a762000000000800000000000000020000000600000000fc100003000000020000000800010403000000040000005402010000000000050000000706ac063e000f0073797a310000000000000000000000000000000000000000000000000000000014ddaf954a7e995fae1f1cf7df783ecd3073f3b662563495d547e3faea5ccbe478f6b720938bd17c7ec9b026135b837e6b6412ae1ae7632416f755b3f9eef45ffe000500000000000100010004006d0003000000040000000d0001040100000008000000070000000200000084000000090003000100000006000000d200aac102000000d20e00000004010001000000ff03000001000900030000008325a01b009d274f0100d00000000000fcffffff0600080001000000ffffff7ff9ff050003000000fbffffff5b090b0302000000df4d00003300010003000000070000000500f0ff03000000150400000600e90b020000006c00000000010400000000000b00000005000400020000000c0000000300070003000000090000008000020002000000001000000200ad00030000004c0000000a00050001000000560000000900070003000000060000001338010000000000060000000500fcff000000000002000008000b0001000000ff0f0000feff0300020000005202000069c7010002000000010000000000c8ff02000000070000001c00070002000000040000000300fcff03000000cf00000009000100020000000000000006000002000000009257000000048000010000000000000009000100020000000c0000000300050000000000810000000500aa78010000000000000070000c0000000000ff030000ff7f090003000000ccdc0000000104000000000094ffffff02009a080300000006000000540201000000000006000000000889000300110073797a3000000000000000000000000300000000000000000000000000000000bbbf131e713a8bd616ed07e4779ccd9f7c1d89ab7c2778293766745f14bfeb782a26587321d9a12f3254349f1fc4ddb1c52d0f114bdc7eace6b50a5cc0698dd10800040003000000ff070000000000000000000003000000fdfff2a201000000010100000400b50001000000008000000700070001000000ff7f0000060001f029612c91010000001400070003000000cb430000060000000100000000000000bb010100000000000000000000001000030000004000000008000500020000000700000000040000010000000600000008000000000000000080000000008eec0000000006000000ba90010000000000010000000900020001000000010000000200080001000000ffff0000050004000100000005000000090006000100000000000000030006000100000004000000ffff08000200000000c0000001800100020000000900000001000100030000000000000e01000400010000000700000003000800020000000800000004000000030000000300000063c800040300000080000000d79b0300020000000c0000000100030003000000060000000900020001000000070000000200090001000000070000000100020002000000080000000000050001000000cc0400004505bda003000000ff030000ff01040000000000090000000700050001000000cf0000000100dc00030000000100000006003800030000000600000000000000020000000600000005000a0b020000000100008054020100030000000900000080ff9d0c0600210073797a31000000000000000000000000000000000000000000000000000000004d805cdf3ff6888af3497d01162b0db0df09740566d80a527ded48b5da7af5b4db9f6acd985c0364d5eac96bf9c3fcb1c0f753bf74faa6e1bfd1ddd56be43f93810009000300000000000002d805040002000000160b000048bb0800030000000600000009000e0003000000de330000b10b01000300000007000000080001040300000003000000ae92090000000000080000000c00040000000000ff0000000000000002000000ffffff7f03000300010000000800000000000900000000000700000001ff050001000000080000000900010002000000fdffffff09000600030000000e000000f9ff05000300000005000000faff04000300000008000000020005000300000002000000df000d00010000000e00000052000900020000000000000009000300030000000e0000000600070000000000fcff03003e00010000000000ffffffff03007f000000000002000000090000000000000018000000ff0007000000000096fd2f36ff000200000000000600000002000300030000000900000001010700010000007b660000ada59a1f0300000009000000f7ff0300000000000100010006000100010000000800000001010600020000000000000002003000020000000500000000000800030000000f0000000700955303000000ff0f00000004090001000000c80a00000004030003000000090000000700204001000000030000000500ab000200000002000000c30006000200000005000000540201000300000004000000090908000000230073797a3100000000000000000000000000000000000000000000000000000000387a93923827a009973d29c9cee46b687daf68d27e52a93c0aaf72976e58aa275574a94f01f2eae4b5b9386f87dfd1416c5d0c5409e05d5d083e11f0289e3f6a00800300020000004f9c00000500fc0903000000030000000900010001000000008000000900090001000000080000000400030000000000040000000800ff030100000006000000f7ff020003000000070000000300030003000000010000000700000400000000090000005f08070001000000f7ffffffff0304000100000000000000020007000200000006000000050065fa000000000e0000000100000000000000320000000800dd09030000000a000000001006000000000010050000030001000200000002000000e50001010000000034d80000040008000300000005000000660005000300000009000000060002000000000010000000100003000200000001000000170206000200000006000000070000000100000007000000060001000100000000010000f8ff0500030000000900000006000300010000000a0000000b0002000100000000000000ff01000802000000010100000300060001000000030000000900c80000000000000000000600030000000000020000000300ffff000000000100ffff0900010003000000000000000c00040001000000c802000008000800030000000300000000010004000000000900000067d4080002000000feffffff02020c0002000000ffffffffff7f0000000000000000008054020100010000000a0000008601000008001c0073797a3100000000000000000000000000000000000000000000000000000000eeddd4f00001163287d849e1612da5d57b5cc9f29cc244324b2f4ff51f89aa73584f6542e548928a12697b6c0cbab7cca0c1ba764611742943a84e22b4e4beefffff050001000000001000004000800002000000000000c00300040002000000010000000700080000000000ffff0000000004000300000007000000feff0004030000003f0c00000400a0b20000000001fffffff7ff05000000000003000000080000cb0100000007000000090010000000000000000020090085000200000091a7842e0300ff0101000000050000000500060001000000ffff00000300d1d5010000001c0000000500faff010000000900000000020008020000000800000001000700010000000100008008008f00010000000200000003000700030000000900000005000900010000000500000009001a1703000000ff00000007005a080300000004000000ff0f060003000000000000000104050003000000000100000600af1e01000000d60000000400c0ff03000000cbf200000200ffff01000000edfeffff0500090000000000001000000700020001000000008000000100090003000000090000004000010002000000d8080000ee0e020002000000090000000700050000000000d7000000ff7fff00010000007f000000004002000000000005000000bd02010003000000020000000700080001000000060000000100100003000000070000000f00060000000000070000000900030001000000ff010000540201000200000004000000060180000800040073797a3000000000000000000000000000000000000000000000000000000000d3a1a6aadb26f40116259a084ef774a1af4289106acf901816dee9c8ba08b134cefde7669ef4ffe48544fb2b7f925fc5d06e02d25f88eafa1965eed1a9e4ac500400070002000000018000000500040003000000370200000900040001000000080000000800070003000000ff03000000040000030000005c000000070002000000000005000000f406000000000000ff000000040000040100000009000000030006000300000001000000010007000200000009000000ff0f07000000000001000000050000010300000004000000000104000200000040000000040000000000000008000000820a050001000000650a00007a0005000100000001000100001098000200000096040000080001000100000008000000fbff020003000000f7ffffff00010e0002000000050000000800800001000000090000000f00000a0000000003000000f8ff50000000000001000000b800060000000000030000000200020002000000080000000101080001000000070000000700020001000000020000000900080003000000ff7f00003700040003000000000000800100000001000000040000000900090001000000040000000700010000000000080000007600040003000000"], 0x1508}, 0x1, 0x0, 0x0, 0x5}, 0x1)
syz_genetlink_get_family_id$nl80211(0x0, r4)
recvmsg(r6, &(0x7f0000000d80)={&(0x7f00000007c0)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @random}, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000840)=""/151, 0x97}, {&(0x7f0000000900)=""/192, 0xc0}, {&(0x7f0000000a00)=""/231, 0xe7}, {&(0x7f0000000b00)=""/31, 0x1f}, {&(0x7f0000000c00)=""/196, 0xc4}], 0x5, &(0x7f0000000d40)=""/19, 0x13}, 0x40000160)
r8 = getpgid(0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_WIPHY_NETNS(r6, &(0x7f0000000780)={&(0x7f0000000580), 0xc, &(0x7f00000006c0)={&(0x7f0000000640)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYBLOB='\v\x00', @ANYRES32=r8, @ANYBLOB="0c009900020000003c0000000c009900f9ffffff7e000000080001006d0000000c009900070800004c000000"], 0x60}, 0x1, 0x0, 0x0, 0x10}, 0x880)
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r9, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_emit_ethernet(0x4a, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000008004503003c000000000029904c00"/36], 0x0)

11.402331164s ago: executing program 2 (id=5985):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x42000, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000340)={0x18, 0x2, 0x1, 0x101, 0x0, 0x0, {0x7, 0x0, 0x7}, [@CTA_TUPLE_REPLY={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x4000000}, 0x4004000)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f0000000280), 0x3fffffffffffd17, 0x2, 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffd000/0x1000)=nil, 0x1000, &(0x7f0000000200)='\'\x00')
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="16000000000000000400000005", @ANYBLOB, @ANYBLOB], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000400)=@o_path={0x0}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000280)={'batadv_slave_1\x00', <r7=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000340)={0xffffffffffffffff, r7, 0x25, 0x8, @val=@netkit={@void, @value}}, 0x1c)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000800"], 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r8}, 0x10)
r9 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r9)

11.401613124s ago: executing program 3 (id=5986):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b000000080000000100010009000000"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000800000000000000000000000018100000", @ANYRES32=r0, @ANYBLOB], &(0x7f0000000700)='GPL\x00', 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
r2 = accept$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, &(0x7f00000001c0)=0x1c)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000240)={'gretap0\x00', &(0x7f0000000380)={'tunl0\x00', <r3=>0x0, 0x40, 0x80, 0x4e8, 0x1, {{0x19, 0x4, 0x2, 0x0, 0x64, 0x68, 0x0, 0x6, 0x2f, 0x0, @rand_addr=0x64010102, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@lsrr={0x83, 0x1f, 0xbe, [@local, @multicast1, @local, @remote, @broadcast, @multicast2, @loopback]}, @timestamp_addr={0x44, 0x14, 0xd7, 0x1, 0x2, [{@dev={0xac, 0x14, 0x14, 0x3a}}, {@multicast1, 0x4}]}, @timestamp={0x44, 0x1c, 0xcf, 0x0, 0x3, [0x3, 0x986, 0xc140, 0x78, 0x8, 0x9]}]}}}}})
ioctl$sock_inet6_SIOCSIFADDR(r2, 0x8916, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRESOCT=r2, @ANYRES8=r1, @ANYRES8=r2, @ANYRES32=r2, @ANYBLOB='\x00'/13], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x13, 0x14, &(0x7f0000000500)=ANY=[@ANYRESHEX=r3, @ANYRESDEC=r3, @ANYRES32=r1], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
r6 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000540), 0x0, 0x0)
r7 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r7, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
sendmsg$OSF_MSG_ADD(r7, &(0x7f0000000e40)={&(0x7f0000000dc0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000e00)={&(0x7f0000001180)=ANY=[@ANYBLOB="08150000000500000000000000000000030000035402010000000000010000800206d20e0200030073797a3100000000000000000000000000000000000000000000000000000000576cb1374636583b24ffe151aad17808b2d6d666655a00ac204e67e274b82116ef8cc0ac3fef3081036d81bde4680824dc0805a8ccda40d889696a49d5d1c2b70200ff0300000000ff7f0000ff7fb00000000000030000000010040002000000a30000000b00030001000000090000000300080003000000090000000900c50001000000008000000600020000000000050000000100ff070100000009000000f1000000030000000300000002000700030000000200000010007f00010000000200000008000600010000000400000000006200010000000b000000810005000200000000080000ff7f0400020000000d00000089b20600000000000d00000005000c0001000000ffffffff0100660003000000da420000fc1f090003000000090000000400003a01000000040000000900001003000000010000000300060000000000080000000000110500000000060000000000030003000000070000006002040002000000f10000000004400001000000010000000008060001000000feffffff0800030001000000050000000800fcff0100000001000100000003000000000000000000f4e4740002000000010000000900030001000000400000000000a10500000000060000000800ff0f0000000000000000feff0b0003000000090000000000020001000000080000000700030003000000001000000200008002000000090000000800020003000000000000010700f80c00000000000000005402010000000000000000000506010004000b0073797a30000000000000000000000000000000000000000000000000000000004d9d3972f18f3e17a429b903c5b8ee269de4924d2be1fc1d0f42151ab45bbc7ad56da7a53681318f0545ae6f40b91c863ecfef0d64f87f7943044bf95ba5fa04f8ff050002000000d30000000000000000000000010d00000300060003000000ab3500007b000000000000000500000002009700010000000100000000100200020000000000010008000002000000000300000002000500010000000700000000fc0600020000000002000005690008020000000f00000004000600000000000000000000000800010000000700000007000010000000000400000003000000000000004b0000000200010003000000030000000400020003000000070000007000080001000000c605000002000b0001000000ff0700000c00c7e102000000fcffffffff0100100200000002000000c0ff010002000000b70000002e050200020000000b0000000400f9ff00000000080000000600020000000000810000000d000300010000000400000000080400010000000b00000003000900030000000200000006000400000000004675000003007a0203000000040000000300000800000000080000000200090001000000030000006e00f60003000000040000000300040000000000c63d00001000390a000000000500000000000080000000008f1d000059f8060002000000090000000000f9ff020000001401000000000800030000000a0000000300010100000000090000000000ff070000000000740300540201000000000007000000be002cf89eff280073797a3100000000000000000000000000000000000000000000000000000000ca7fdfdf9733cad8274f63aabf6cfabd2a7817a62e41e8ebf532524d4c533e221fd66cb54d0026a0bdc3c026e3e7aadaacb417b0f3003717236bad7e8298adb1d70c03000000000014000000f553070001000000e4c90000070006000200000006000000d5e906000100000004000000cb19070000000000a1000000ffff060003000000030000008100ca0002000000010100000e00040000000000f0a200008000ff0f02000000030000000100080001000000e80b00004000050001000000cf010000ff7f000000000000090000000500f30002000000ff03000008000300020000007f000000fdff00ac0000000075fdffff0900060003000000090000004bf2030001000000fcffffff0500070001000000c588d8760400010002000000020000000200794a030000000400000004000180000000000300000001007f0001000000fdffffff06000600010000008e000000e405070002000000090000000900faff0200000007000000090000000000000009000000c700030002000000050000000e00070002000000010000000b009e020300000000000000930a200001000000000000000300030000000000060000000180430f03000000000000800700070001000000020000007707080002000000080000000000b2c503000000080000000900670b01000000ff010000e700a762000000000800000000000000020000000600000000fc100003000000020000000800010403000000040000005402010000000000050000000706ac063e000f0073797a310000000000000000000000000000000000000000000000000000000014ddaf954a7e995fae1f1cf7df783ecd3073f3b662563495d547e3faea5ccbe478f6b720938bd17c7ec9b026135b837e6b6412ae1ae7632416f755b3f9eef45ffe000500000000000100010004006d0003000000040000000d0001040100000008000000070000000200000084000000090003000100000006000000d200aac102000000d20e00000004010001000000ff03000001000900030000008325a01b009d274f0100d00000000000fcffffff0600080001000000ffffff7ff9ff050003000000fbffffff5b090b0302000000df4d00003300010003000000070000000500f0ff03000000150400000600e90b020000006c00000000010400000000000b00000005000400020000000c0000000300070003000000090000008000020002000000001000000200ad00030000004c0000000a00050001000000560000000900070003000000060000001338010000000000060000000500fcff000000000002000008000b0001000000ff0f0000feff0300020000005202000069c7010002000000010000000000c8ff02000000070000001c00070002000000040000000300fcff03000000cf00000009000100020000000000000006000002000000009257000000048000010000000000000009000100020000000c0000000300050000000000810000000500aa78010000000000000070000c0000000000ff030000ff7f090003000000ccdc0000000104000000000094ffffff02009a080300000006000000540201000000000006000000000889000300110073797a3000000000000000000000000300000000000000000000000000000000bbbf131e713a8bd616ed07e4779ccd9f7c1d89ab7c2778293766745f14bfeb782a26587321d9a12f3254349f1fc4ddb1c52d0f114bdc7eace6b50a5cc0698dd10800040003000000ff070000000000000000000003000000fdfff2a201000000010100000400b50001000000008000000700070001000000ff7f0000060001f029612c91010000001400070003000000cb430000060000000100000000000000bb010100000000000000000000001000030000004000000008000500020000000700000000040000010000000600000008000000000000000080000000008eec0000000006000000ba90010000000000010000000900020001000000010000000200080001000000ffff0000050004000100000005000000090006000100000000000000030006000100000004000000ffff08000200000000c0000001800100020000000900000001000100030000000000000e01000400010000000700000003000800020000000800000004000000030000000300000063c800040300000080000000d79b0300020000000c0000000100030003000000060000000900020001000000070000000200090001000000070000000100020002000000080000000000050001000000cc0400004505bda003000000ff030000ff01040000000000090000000700050001000000cf0000000100dc00030000000100000006003800030000000600000000000000020000000600000005000a0b020000000100008054020100030000000900000080ff9d0c0600210073797a31000000000000000000000000000000000000000000000000000000004d805cdf3ff6888af3497d01162b0db0df09740566d80a527ded48b5da7af5b4db9f6acd985c0364d5eac96bf9c3fcb1c0f753bf74faa6e1bfd1ddd56be43f93810009000300000000000002d805040002000000160b000048bb0800030000000600000009000e0003000000de330000b10b01000300000007000000080001040300000003000000ae92090000000000080000000c00040000000000ff0000000000000002000000ffffff7f03000300010000000800000000000900000000000700000001ff050001000000080000000900010002000000fdffffff09000600030000000e000000f9ff05000300000005000000faff04000300000008000000020005000300000002000000df000d00010000000e00000052000900020000000000000009000300030000000e0000000600070000000000fcff03003e00010000000000ffffffff03007f000000000002000000090000000000000018000000ff0007000000000096fd2f36ff000200000000000600000002000300030000000900000001010700010000007b660000ada59a1f0300000009000000f7ff0300000000000100010006000100010000000800000001010600020000000000000002003000020000000500000000000800030000000f0000000700955303000000ff0f00000004090001000000c80a00000004030003000000090000000700204001000000030000000500ab000200000002000000c30006000200000005000000540201000300000004000000090908000000230073797a3100000000000000000000000000000000000000000000000000000000387a93923827a009973d29c9cee46b687daf68d27e52a93c0aaf72976e58aa275574a94f01f2eae4b5b9386f87dfd1416c5d0c5409e05d5d083e11f0289e3f6a00800300020000004f9c00000500fc0903000000030000000900010001000000008000000900090001000000080000000400030000000000040000000800ff030100000006000000f7ff020003000000070000000300030003000000010000000700000400000000090000005f08070001000000f7ffffffff0304000100000000000000020007000200000006000000050065fa000000000e0000000100000000000000320000000800dd09030000000a000000001006000000000010050000030001000200000002000000e50001010000000034d80000040008000300000005000000660005000300000009000000060002000000000010000000100003000200000001000000170206000200000006000000070000000100000007000000060001000100000000010000f8ff0500030000000900000006000300010000000a0000000b0002000100000000000000ff01000802000000010100000300060001000000030000000900c80000000000000000000600030000000000020000000300ffff000000000100ffff0900010003000000000000000c00040001000000c802000008000800030000000300000000010004000000000900000067d4080002000000feffffff02020c0002000000ffffffffff7f0000000000000000008054020100010000000a0000008601000008001c0073797a3100000000000000000000000000000000000000000000000000000000eeddd4f00001163287d849e1612da5d57b5cc9f29cc244324b2f4ff51f89aa73584f6542e548928a12697b6c0cbab7cca0c1ba764611742943a84e22b4e4beefffff050001000000001000004000800002000000000000c00300040002000000010000000700080000000000ffff0000000004000300000007000000feff0004030000003f0c00000400a0b20000000001fffffff7ff05000000000003000000080000cb0100000007000000090010000000000000000020090085000200000091a7842e0300ff0101000000050000000500060001000000ffff00000300d1d5010000001c0000000500faff010000000900000000020008020000000800000001000700010000000100008008008f00010000000200000003000700030000000900000005000900010000000500000009001a1703000000ff00000007005a080300000004000000ff0f060003000000000000000104050003000000000100000600af1e01000000d60000000400c0ff03000000cbf200000200ffff01000000edfeffff0500090000000000001000000700020001000000008000000100090003000000090000004000010002000000d8080000ee0e020002000000090000000700050000000000d7000000ff7fff00010000007f000000004002000000000005000000bd02010003000000020000000700080001000000060000000100100003000000070000000f00060000000000070000000900030001000000ff010000540201000200000004000000060180000800040073797a3000000000000000000000000000000000000000000000000000000000d3a1a6aadb26f40116259a084ef774a1af4289106acf901816dee9c8ba08b134cefde7669ef4ffe48544fb2b7f925fc5d06e02d25f88eafa1965eed1a9e4ac500400070002000000018000000500040003000000370200000900040001000000080000000800070003000000ff03000000040000030000005c000000070002000000000005000000f406000000000000ff000000040000040100000009000000030006000300000001000000010007000200000009000000ff0f07000000000001000000050000010300000004000000000104000200000040000000040000000000000008000000820a050001000000650a00007a0005000100000001000100001098000200000096040000080001000100000008000000fbff020003000000f7ffffff00010e0002000000050000000800800001000000090000000f00000a0000000003000000f8ff50000000000001000000b800060000000000030000000200020002000000080000000101080001000000070000000700020001000000020000000900080003000000ff7f00003700040003000000000000800100000001000000040000000900090001000000040000000700010000000000080000007600040003000000"], 0x1508}, 0x1, 0x0, 0x0, 0x5}, 0x1)
syz_genetlink_get_family_id$nl80211(0x0, r4)
recvmsg(r6, &(0x7f0000000d80)={&(0x7f00000007c0)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @random}, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000840)=""/151, 0x97}, {&(0x7f0000000900)=""/192, 0xc0}, {&(0x7f0000000a00)=""/231, 0xe7}, {&(0x7f0000000b00)=""/31, 0x1f}, {&(0x7f0000000c00)=""/196, 0xc4}], 0x5, &(0x7f0000000d40)=""/19, 0x13}, 0x40000160)
r8 = getpgid(0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_WIPHY_NETNS(r6, &(0x7f0000000780)={&(0x7f0000000580), 0xc, &(0x7f00000006c0)={&(0x7f0000000640)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYBLOB='\v\x00', @ANYRES32=r8, @ANYBLOB="0c009900020000003c0000000c009900f9ffffff7e000000080001006d0000000c009900070800004c000000"], 0x60}, 0x1, 0x0, 0x0, 0x10}, 0x880)
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r9, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_emit_ethernet(0x4a, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000008004503003c000000000029904c00"/36], 0x0)

10.622699275s ago: executing program 0 (id=5988):
socket$packet(0x11, 0xa, 0x300)
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'veth1_to_hsr\x00', <r2=>0x0})
setsockopt$packet_int(r1, 0x107, 0xf, 0x0, 0x0)
sendto$packet(r1, &(0x7f00000000c0)="3f031c000302140006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0xc9, 0x0, r2, 0x1, 0x0, 0x6, @multicast}, 0x14)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'syz_tun\x00', <r3=>0x0})
bind$packet(r0, &(0x7f0000000300)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @remote}, 0x14)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000001000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
syz_emit_ethernet(0x5e, &(0x7f0000000c00)={@broadcast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00\x00\b', 0x28, 0x3a, 0xff, @local, @mcast2, {[], @ndisc_redir={0x87, 0x0, 0x0, '\x00', @local, @mcast2={0xe}}}}}}}, 0x0)

10.147997403s ago: executing program 0 (id=5989):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x42000, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000340)={0x18, 0x2, 0x1, 0x101, 0x0, 0x0, {0x7, 0x0, 0x7}, [@CTA_TUPLE_REPLY={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x4000000}, 0x4004000)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f0000000280), 0x3fffffffffffd17, 0x2, 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffd000/0x1000)=nil, 0x1000, &(0x7f0000000200)='\'\x00')
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="16000000000000000400000005", @ANYBLOB, @ANYBLOB], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000280)={'batadv_slave_1\x00', <r7=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000340)={0xffffffffffffffff, r7, 0x25, 0x8, @val=@netkit={@void, @value}}, 0x1c)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000"], 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r8}, 0x10)
r9 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r9)

10.090158253s ago: executing program 3 (id=5990):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x42000, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000340)={0x18, 0x2, 0x1, 0x101, 0x0, 0x0, {0x7, 0x0, 0x7}, [@CTA_TUPLE_REPLY={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x4000000}, 0x4004000)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f0000000280), 0x3fffffffffffd17, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="16000000000000000400000005", @ANYBLOB, @ANYBLOB], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000400)=@o_path={0x0}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000280)={'batadv_slave_1\x00', <r7=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000340)={0xffffffffffffffff, r7, 0x25, 0x8, @val=@netkit={@void, @value}}, 0x1c)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000800"], 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r8}, 0x10)
r9 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r9)

8.25229929s ago: executing program 2 (id=5991):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0xc906, &(0x7f0000000840)={[{@nobarrier}, {@noblock_validity}, {@mblk_io_submit}, {@barrier_val={'barrier', 0x3d, 0x3}}, {@errors_remount}, {@acl}, {@noauto_da_alloc}, {@max_batch_time={'max_batch_time', 0x3d, 0x6}}, {@grpjquota, 0x32}], [{@defcontext={'defcontext', 0x3d, 'sysadm_u'}}]}, 0x1e, 0x4e1, &(0x7f0000000a40)="$eJzs3UFvG1kdAPD/OHGbtClJBYdSiVLRoqSC2klD24hDAQnBqRJQ7iUkThTFiaPYaZuoglR8ACSEAIkTJy5IfAAk1I+AkCrBfbW72tVqt9097GG3Xnlsd9PUbhLVsaP495Om897M2P//c+Nnv5knTwB962JEXIuI59VqtVYfbWzPNJZIImK7ftyzpw/naksS1eqdD5N0V61eO2xix3Oerj8khiLiFz+N+HXyatzy5tbybLFYWG/U85WVtXx5c+vq0srsYmGxsDo9PXVj5ubM9ZnJjrRzJCJu/fjdP/3+7z+59e/v3n/r7vsTv0ka22NHOzqt3vRs+lo0DUbE+mEE64GBRnuyvU4EAIB9aX7P/1ZEXInRGEi/zQEAAADHSfUHI/FZElFtYajl1pedbLdjaO/HAgAAAN2RSefAJplcYx7ASGQyuVx9Du/X4lSmWCpXvrNQ2lidr8+VHYtsZmGpWJhszBUei2xSq0+l5S/r13bVpyPibET8cXR4OJaKhdxcqTjf65MfAAAA0CdO7xr/fzJaH/8DAAAAx8xYrxMAAAAADp3xPwAAABx/xv8AAABwrP3s9u3aUm3e/3r+3ubGcune1flCeTm3sjGXmyutr+UWS6XF9Df7VvZ6vmKptPa9WN14kK8UypV8eXPr7kppY7Vyd+mlW2ADAAAAXXT2m4//n0TE9veH06XmRK+TArpi8CAHv3N4eQDdN9DrBICeOdDnP3CsZHudANBzyR77207e+U/ncwEAAA7H+NdbX/9P9jw3sJ3pUorAIXH+D/qX6//Qv1z/h/6VjYEwkIf+dvjX/6vVAyUEAAB03Ei6JJlcRHoeYCQymVwu4kx6W4BssrBULExGxFci4n+j2ZO1+lT6yGTPMQMAAAAAAAAAAAAAAAAAAAAAAAAAUFetJlEFAAAAjrWIzHtJ4/5f46OXR3afHziRfDqariPi/l/v/PnBbKWyPlXb/tGL7ZW/NLZf68UZDAAAAGC35ji9OY4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgE569vThXHPpZtwPfhQRY63iD8ZQuh6KwYg49XGSrpuSiBjoQPztRxFxrlX8pJZWjDWyaBV/uIfxMxFxugPxoZ89rvU/P2z1/svExXTd+v13I+2h3lzb/i9pHjGU9nOt+p8z+4xx/sk/823jP4o4P9i6/2n2v0mb+Jf2Gf9Xv9zaarev+reI8ZafP8lLsfKVlbV8eXPr6tLK7GJhsbA6PT11Y+bmzPWZyfzCUrHQ+HdHl3zxRekP3/jX89e1/1Sb+GN7tP/yPtv/+ZMHT79aL2ZbxZ+41Prv71yb+JnGZ9+3G+Xa/vFmebte3unCP/574XXtn6+3f/Cg//8T+2z/lZ//7u19HgoAdEF5c2t5tlgsrPd14Y1ejdrXoiPRisMsDMeRSKPDhd8ejTSOZKG3/RIAANB5r46BAQAAAAAAAAAAAAAAAAAAgG7r5q/rNW33pqkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAK/1RQAAAP//2jzOsg==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r3}, 0x0, &(0x7f0000000040)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/cpuinfo\x00', 0x0, 0x0)
sendfile(r5, r6, 0x0, 0x20000023896)

8.25187291s ago: executing program 3 (id=5992):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x40082, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000640)=0x1)
pwritev(r0, &(0x7f0000000040)=[{&(0x7f0000000180)="80fd", 0x2}], 0x1, 0x0, 0x0)

7.614369639s ago: executing program 0 (id=5993):
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f00000022c0)={[{@errors_remount}, {@nobarrier}, {@init_itable}, {@errors_remount}, {@block_validity}, {@dioread_lock}]}, 0x3, 0x44b, &(0x7f0000000780)="$eJzs3MtvG1UXAPAz46TvfslXlUcfQKAgKh5Jk5bSBRsQSCxAQoJFWYYkrUrdBjVBolUFBaGyRJXYI5ZI/AWsYIOAFRJb2KNKFeqmhZXR2DON7dpJ4zqegn8/adx7Z8a953jm2nfm2glgaE1kD0nEjoj4LSLGGtXWHSYa/9y8fnHur+sX55Ko1d78M6nvd+P6xbli1+J524vKSET6aRL7OrS7dP7C6dlqdeFcXp9aPvPe1NL5C8+eOjN7cuHkwtmZY8eOHJ5+/ujMc33JM8vrxt4PF/fvefXtK6/PHb/yzk/fJEX+bXn0ycRqG5+o1frcXLl2NpWTkRIDYV0qjW4ao/X+PxaVWDl4Y/HKJ6UGB2yoWq1Wu7/75ks14D8sibIjAMpRfNBn17/FMqChxz3h2ouNC6As75v50tgyEmm+z2jb9W0/TUTE8Ut/f5ktsTH3IQAAWnyXjX+e6TT+S6P5vtD/8jmU8Yj4f0TsioijEbE7Iu6LqO/7QEQ8uM722ydJbh//pFd7SuwOZeO/F/K5rdbxXzH6i/FKXttZz380OXGqunAof00OxujmrD69Shvfv/zr5922NY//siVrvxgL5nFcHdnc+pz52eXZu8m52bWPI/aOdMo/uTUTkETEnojY22Mbp576en+3bWvnv4o+zDPVvop4snH8L0Vb/oVk9fnJqS1RXTg0VZwVt/v5l8tvdGv/rvLvg+z4b+t4/t/Kfzxpnq9dWn8bl3//rOs1Ta/n/6bkrZZ1H8wuL5+bjtiUvNYIemV95dxM234zK/tn+R880Ln/74qVV2JfRGQn8UMR8XBEPJLH/mhEPBYRB1bJ/8eXHn+39/w3Vpb//LqO/0phU7Sv6VyonP7h25ZGx9eTf3b8j9RLB/M1d/L+tznWjqu3sxkAAAD+fdKI2BFJOnmrnKaTk43v8O+ObWl1cWn56ROL75+db/xGYDxG0+JO11jT/dDp/LK+qM+01Q/n942/qGyt1yfnFqvzZScPQ257l/6f+aNSdnTAhuttHi3texzA4Pm9Jgwv/R+Gl/4Pw6tD/99aRhzA4HX6/P+ohDiAwRtpesz/JhgwJNa8/r8xmDiAwXP/D4aX/g9DaWlrrP0jeQWF2wqRbsD/HFtKz6vMQvGV2nshnpLfmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPrknwAAAP//qkbiWw==")
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec8500000075000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x69703000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000280)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x48, 0xffffffffffffffff)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f00000021c0)={0x2020}, 0x2020)
syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000000010c41090ea40000000040109022400010000000009040000010e01000009210000000122050009058103"], 0x0)

7.60757008s ago: executing program 1 (id=5994):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x42000, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000340)={0x18, 0x2, 0x1, 0x101, 0x0, 0x0, {0x7, 0x0, 0x7}, [@CTA_TUPLE_REPLY={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x4000000}, 0x4004000)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f0000000280), 0x3fffffffffffd17, 0x2, 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffd000/0x1000)=nil, 0x1000, &(0x7f0000000200)='\'\x00')
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="16000000000000000400000005", @ANYBLOB, @ANYBLOB], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000400)=@o_path={0x0}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000280)={'batadv_slave_1\x00', <r7=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000340)={0xffffffffffffffff, r7, 0x25, 0x8, @val=@netkit={@void, @value}}, 0x1c)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000800"], 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r8}, 0x10)
r9 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r9)

7.302025704s ago: executing program 2 (id=5995):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0xc906, &(0x7f0000000840)={[{@nobarrier}, {@noblock_validity}, {@mblk_io_submit}, {@barrier_val={'barrier', 0x3d, 0x3}}, {@errors_remount}, {@acl}, {@noauto_da_alloc}, {@max_batch_time={'max_batch_time', 0x3d, 0x6}}, {@grpjquota, 0x32}], [{@defcontext={'defcontext', 0x3d, 'sysadm_u'}}]}, 0x1e, 0x4e1, &(0x7f0000000a40)="$eJzs3UFvG1kdAPD/OHGbtClJBYdSiVLRoqSC2klD24hDAQnBqRJQ7iUkThTFiaPYaZuoglR8ACSEAIkTJy5IfAAk1I+AkCrBfbW72tVqt9097GG3Xnlsd9PUbhLVsaP495Om897M2P//c+Nnv5knTwB962JEXIuI59VqtVYfbWzPNJZIImK7ftyzpw/naksS1eqdD5N0V61eO2xix3Oerj8khiLiFz+N+HXyatzy5tbybLFYWG/U85WVtXx5c+vq0srsYmGxsDo9PXVj5ubM9ZnJjrRzJCJu/fjdP/3+7z+59e/v3n/r7vsTv0ka22NHOzqt3vRs+lo0DUbE+mEE64GBRnuyvU4EAIB9aX7P/1ZEXInRGEi/zQEAAADHSfUHI/FZElFtYajl1pedbLdjaO/HAgAAAN2RSefAJplcYx7ASGQyuVx9Du/X4lSmWCpXvrNQ2lidr8+VHYtsZmGpWJhszBUei2xSq0+l5S/r13bVpyPibET8cXR4OJaKhdxcqTjf65MfAAAA0CdO7xr/fzJaH/8DAAAAx8xYrxMAAAAADp3xPwAAABx/xv8AAABwrP3s9u3aUm3e/3r+3ubGcune1flCeTm3sjGXmyutr+UWS6XF9Df7VvZ6vmKptPa9WN14kK8UypV8eXPr7kppY7Vyd+mlW2ADAAAAXXT2m4//n0TE9veH06XmRK+TArpi8CAHv3N4eQDdN9DrBICeOdDnP3CsZHudANBzyR77207e+U/ncwEAAA7H+NdbX/9P9jw3sJ3pUorAIXH+D/qX6//Qv1z/h/6VjYEwkIf+dvjX/6vVAyUEAAB03Ei6JJlcRHoeYCQymVwu4kx6W4BssrBULExGxFci4n+j2ZO1+lT6yGTPMQMAAAAAAAAAAAAAAAAAAAAAAAAAUFetJlEFAAAAjrWIzHtJ4/5f46OXR3afHziRfDqariPi/l/v/PnBbKWyPlXb/tGL7ZW/NLZf68UZDAAAAGC35ji9OY4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgE569vThXHPpZtwPfhQRY63iD8ZQuh6KwYg49XGSrpuSiBjoQPztRxFxrlX8pJZWjDWyaBV/uIfxMxFxugPxoZ89rvU/P2z1/svExXTd+v13I+2h3lzb/i9pHjGU9nOt+p8z+4xx/sk/823jP4o4P9i6/2n2v0mb+Jf2Gf9Xv9zaarev+reI8ZafP8lLsfKVlbV8eXPr6tLK7GJhsbA6PT11Y+bmzPWZyfzCUrHQ+HdHl3zxRekP3/jX89e1/1Sb+GN7tP/yPtv/+ZMHT79aL2ZbxZ+41Prv71yb+JnGZ9+3G+Xa/vFmebte3unCP/574XXtn6+3f/Cg//8T+2z/lZ//7u19HgoAdEF5c2t5tlgsrPd14Y1ejdrXoiPRisMsDMeRSKPDhd8ejTSOZKG3/RIAANB5r46BAQAAAAAAAAAAAAAAAAAAgG7r5q/rNW33pqkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAK/1RQAAAP//2jzOsg==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r3}, 0x0, &(0x7f0000000040)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/cpuinfo\x00', 0x0, 0x0)
sendfile(r5, r6, 0x0, 0x20000023896)

7.219631575s ago: executing program 3 (id=5996):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ENABLE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x54, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @loopback}}, {0x14, 0x2, @in={0x2, 0x0, @multicast2}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x54}}, 0x0)
sendmsg$TIPC_NL_KEY_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={0x54, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x40, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "e3de3d7b4cd07ec3ee777de774fc7987cca41989"}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x4}, 0x4000004)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
getpgid(0x0)
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000200), 0x1, 0x187, &(0x7f00000003c0)="$eJzslM1K+0AUxc9M+m/pH3fuBHFhwbpomqQqbkSKL1DwC3dWm5ZqaksbwdZVcesDuHXrK3Qj+CLqSgSXriPJTNIR+oUoFby/xc2Z9M6dO7fkgCCIP8vz0/vj9WvvUgMwgxQS8v2L1s/hSv55IXk0m9m66908XG025uuDanre5OfHANznNbjR3s+7U/K5Ax7pXXAsS70PBl3qQ3DsSW2D4UDqE0XX/XxdL1cdWz+uOyVfGH4w/WD5IRcd7pTFs8tQUvpjSn+tdue06Dh2uLab4ZvvE+Pm95bn2FD6U/+vcDaGMj8THKbUOTBsS72ORDgbMZKwfpdhLtavrw24/w9cmwQJEpML73d9jH1/8m4ZlhR/iin+kXVrjWyr3clUa8WKXbHPLCu3ZqwYxqqVDYxIxBH+lwz86b9S/9+Q3DiL46Louk1TxGhtiTjIcXngfxzpRbH2vT8+tBvxO5P7WKDS2oh0giCIqbEAFnjmGKzCtBslCIIgCIIgCIIgCOLLfAQAAP//jLxy5Q==")
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={0x54, r3, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x40, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "e3de3d7b4cd07ec3ee777de774fc7987cca41989"}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x4}, 0x4000004)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000e40), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r6 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x48)
accept4$tipc(0xffffffffffffffff, 0x0, &(0x7f0000000640), 0x80800)
sendmsg$TIPC_NL_BEARER_ENABLE(r4, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000001080)={&(0x7f0000000000)={0x6c, r5, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x58, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x0, 0x0, @loopback}}, {0x20, 0x2, @in6={0xa, 0x0, 0x0, @mcast2}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}]}]}, 0x6c}}, 0x0)

5.709481537s ago: executing program 2 (id=5997):
openat$tun(0xffffffffffffff9c, 0x0, 0x20702, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="01000000040000000800000008"], 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x82000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
listen(r4, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000002040)='net/tcp\x00')
read$FUSE(r5, &(0x7f0000000000)={0x2020}, 0x96)

5.587698339s ago: executing program 4 (id=5964):
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000980)=ANY=[@ANYBLOB="61124c00000000006113860000000000bf2000000000000007000000080000002d030100000000009500000c000000006926000000000000bf67000000000000150600000fff070056060000200000006a0200000ee60000bf050000000000003d350000000000006507000002000000070700004a0000000f75000000000000bf54000000000000070400000400f9ff6d53010000000000840400000000000073720000000000009500000000000000db13d5d8b741f2cdaabc8383caf56b8c2b84a8d09535a157f9005bd38addaa65b925cd3ded85d3cdd66d9c79f0529d045625b8b9e2a095d2c51ef45c5588ec78c7f32946b17cecfe54c53ab530c58b67851b7e0e82452a083b98a6aa766401047d150203b0417edef332233b081df18961d6822d133bf72a4de1c2ea17f04537fc211576846ac629d1d93265ba474580047a9dc88de358ce795731891a2031de4e09740c64e5306f991ed4785a9773a433e0db9c1a7d4ab9d658ce9cfdb4db3bed62bcb2bc91ddcdfac2e6d4421c49fb6641cbf56914e76702f673b586c700e3806f825f1d0da2a304e06543b56d35235d7897a7fe912971aab876022e96f5143b6234f5a6b701690b07fb664b44e22b72e843e7cf55f394cf75d1cd57c9150bfb98cc45b3fde43e42e150d4a2fddd9a9767748ca3522443097c55dc97c09d38485b18ad2cff787338bab324336f50c97b751f2ed2c4281858b428d1b2c1194b06f9bb7ffcc95c1bcfc5540f9574f20e7f513a2a7c5dad90e7d479724d69fa0c0bf97af1231a49ea166f743279d240e2e6f01d8704f313d68b16198be5f6a50e9e0fd20893b2922df566d2622edee5000000000000000000d91c6da09fa7cdbbf16d4780d8c2401c55aff772aced3ff966ff76d796c171f5f7a31e1b14b0c0c712c0fdd2710f37a3d15710d68e7326a7db043c57784bd9bdb047db75"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0x21, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000001850000001b000000b70000000000070095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000240)='./file1/file0\x00', 0x200010, &(0x7f0000000340)={[], [{@euid_eq}]}, 0xfe, 0x57a, &(0x7f0000000580)="$eJzs3U1rG0cfAPD/yi95fZ44EELbQzHk0JQ0cmz3JYUe0mNpQwPtPRWyYoLlKFhyiN1AkkNzyaWEQikNlH6A3nsM/QL9FIE2EEow7aEXlZVXjhJJsezItlr9frDJzM6uZ0azM5rRSmwAQ2sy/ScX8WpEfJ1EHGlJG40scXL9uLUnN4rplkS9/tkfSSTZvubxSfb/oSzySkT88lXEqVx7vtWV1YVCuVxayuJTtcWrU9WV1dOXFwvzpfnSlZnZ2bPvzM68/967favrmxf++u7TBx+dvXti7dufHh29l8S5OJyltdbjJdxqjUzGZPaajMW55w6c7kNmgyTZ6wKwLSNZPx+LdAw4EiNZrwf++25GRB0YUon+D0OqOQ9oru37tA7+13j84foCqL3+o+ufjcT+xtro4FryzMooXe9O9CH/NI+ff79/L92if59DAGzq1u2IODM62j7+Jdn4t31nejjm+TyMf7B7HqTzn7c6zX9yG/Of6DD/OdSh727H5v0/96jDaUm/PqVO538fdJz/bty0mhjJYv9rzPnGkkuXy6V0bPt/RJyMsX1p/EX3c86uPax3S2ud/6Vbmn9zLpiV49HovmfPmSvUCi9T51aPb0e81nH+m2y0f9Kh/dPX40KPeRwv3X+9W9rm9d9Z9R8j3mhp/6cpyTOhF9yfnGpcD1PNq6Ldn3eO/9ot/72uf9r+Bzte/xv1n0ha79dWt57HD/v/LnVL2+71P5583giPZ/uuF2q1pemI8eST9v0zT89txpvHp/U/eeLF41+n6/9ARHzRY/3vHLvT9dBBaP+5LbX/1gMPP/7y+27599b+bzdCJ7M9vYx/vRbwZV47AAAAAAAAGDS5iDgcSS6/Ec7l8vn173cci4O5cqVaO3WpsnxlLhq/lZ2IsVzzTveRlu9DTGffh23GZ5rx8fX4bEQcjYhvRg404vlipTy315UHAAAAAAAAAAAAAAAAAACAAXGoy+//U7+NdDxlfHdLCOwoj/yG4bVp/+/Hk56AgbTV9/99O1QOYPdta/5/oP/lAHaf9T8MqbG9LgCwl7z/w/DS/2F46f8wvPR/AAAAAAAAAAAAAAAAAAAAAAAAAAAA6KsL58+nW33tyY1iGp+7trK8ULl2eq5UXcgvLhfzxcrS1fx8pTJfLuWLlcXN/l65Urk6PRPL16dqpWptqrqyenGxsnyldvHyYmG+dLHkaUMAAAAAAAAAAAAAAAAAAADQrrqyulAol0tLAoMdGBmMYrQHRgejGL0GbsZAFGNnA3f70Ls7DBbFXR6cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACDzTwAAAP//dzsyzQ==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8efffffb703000008000000b704000000000000850000000300008071ffffdc"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
ioctl$AUTOFS_IOC_PROTOSUBVER(r3, 0x80049367, &(0x7f0000000380))
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000df00"/28], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7140000000000008500000055000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r8 = openat$cgroup_int(r7, &(0x7f00000001c0)='cpuset.cpus\x00', 0x2, 0x0)
write$cgroup_int(r8, &(0x7f0000000040), 0x1)

4.512516864s ago: executing program 2 (id=5998):
r0 = socket$nl_route(0x10, 0x3, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
setxattr$security_capability(0x0, &(0x7f0000000280), 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=@newlink={0x54, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x208}, [@IFLA_LINKINFO={0x34, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x20, 0x2, 0x0, 0x1, [@IFLA_GRE_IFLAGS={0x6, 0x2, 0x30}, @IFLA_GRE_REMOTE={0x14, 0x7, @mcast1}]}}}]}, 0x54}}, 0x0)

4.511456174s ago: executing program 4 (id=5999):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0xc906, &(0x7f0000000840)={[{@nobarrier}, {@noblock_validity}, {@mblk_io_submit}, {@barrier_val={'barrier', 0x3d, 0x3}}, {@errors_remount}, {@acl}, {@noauto_da_alloc}, {@max_batch_time={'max_batch_time', 0x3d, 0x6}}, {@grpjquota, 0x32}], [{@defcontext={'defcontext', 0x3d, 'sysadm_u'}}]}, 0x1e, 0x4e1, &(0x7f0000000a40)="$eJzs3UFvG1kdAPD/OHGbtClJBYdSiVLRoqSC2klD24hDAQnBqRJQ7iUkThTFiaPYaZuoglR8ACSEAIkTJy5IfAAk1I+AkCrBfbW72tVqt9097GG3Xnlsd9PUbhLVsaP495Om897M2P//c+Nnv5knTwB962JEXIuI59VqtVYfbWzPNJZIImK7ftyzpw/naksS1eqdD5N0V61eO2xix3Oerj8khiLiFz+N+HXyatzy5tbybLFYWG/U85WVtXx5c+vq0srsYmGxsDo9PXVj5ubM9ZnJjrRzJCJu/fjdP/3+7z+59e/v3n/r7vsTv0ka22NHOzqt3vRs+lo0DUbE+mEE64GBRnuyvU4EAIB9aX7P/1ZEXInRGEi/zQEAAADHSfUHI/FZElFtYajl1pedbLdjaO/HAgAAAN2RSefAJplcYx7ASGQyuVx9Du/X4lSmWCpXvrNQ2lidr8+VHYtsZmGpWJhszBUei2xSq0+l5S/r13bVpyPibET8cXR4OJaKhdxcqTjf65MfAAAA0CdO7xr/fzJaH/8DAAAAx8xYrxMAAAAADp3xPwAAABx/xv8AAABwrP3s9u3aUm3e/3r+3ubGcune1flCeTm3sjGXmyutr+UWS6XF9Df7VvZ6vmKptPa9WN14kK8UypV8eXPr7kppY7Vyd+mlW2ADAAAAXXT2m4//n0TE9veH06XmRK+TArpi8CAHv3N4eQDdN9DrBICeOdDnP3CsZHudANBzyR77207e+U/ncwEAAA7H+NdbX/9P9jw3sJ3pUorAIXH+D/qX6//Qv1z/h/6VjYEwkIf+dvjX/6vVAyUEAAB03Ei6JJlcRHoeYCQymVwu4kx6W4BssrBULExGxFci4n+j2ZO1+lT6yGTPMQMAAAAAAAAAAAAAAAAAAAAAAAAAUFetJlEFAAAAjrWIzHtJ4/5f46OXR3afHziRfDqariPi/l/v/PnBbKWyPlXb/tGL7ZW/NLZf68UZDAAAAGC35ji9OY4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgE569vThXHPpZtwPfhQRY63iD8ZQuh6KwYg49XGSrpuSiBjoQPztRxFxrlX8pJZWjDWyaBV/uIfxMxFxugPxoZ89rvU/P2z1/svExXTd+v13I+2h3lzb/i9pHjGU9nOt+p8z+4xx/sk/823jP4o4P9i6/2n2v0mb+Jf2Gf9Xv9zaarev+reI8ZafP8lLsfKVlbV8eXPr6tLK7GJhsbA6PT11Y+bmzPWZyfzCUrHQ+HdHl3zxRekP3/jX89e1/1Sb+GN7tP/yPtv/+ZMHT79aL2ZbxZ+41Prv71yb+JnGZ9+3G+Xa/vFmebte3unCP/574XXtn6+3f/Cg//8T+2z/lZ//7u19HgoAdEF5c2t5tlgsrPd14Y1ejdrXoiPRisMsDMeRSKPDhd8ejTSOZKG3/RIAANB5r46BAQAAAAAAAAAAAAAAAAAAgG7r5q/rNW33pqkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAK/1RQAAAP//2jzOsg==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r3}, 0x0, &(0x7f0000000040)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/cpuinfo\x00', 0x0, 0x0)
sendfile(r5, r6, 0x0, 0x20000023896)

4.412588096s ago: executing program 1 (id=6000):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
io_submit(0x0, 0x2, &(0x7f0000000380)=[&(0x7f00000001c0)={0x0, 0x4, 0x0, 0x0, 0x1, 0xffffffffffffffff, &(0x7f0000000100)="02", 0x1}, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x3, 0x0, 0xffffffffffffffff, 0x0}])
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)

4.310744107s ago: executing program 3 (id=6001):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b000000080000000100010009000000"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000800000000000000000000000018100000", @ANYRES32=r0, @ANYBLOB], &(0x7f0000000700)='GPL\x00', 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
r2 = accept$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, &(0x7f00000001c0)=0x1c)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000240)={'gretap0\x00', &(0x7f0000000380)={'tunl0\x00', <r3=>0x0, 0x40, 0x80, 0x4e8, 0x1, {{0x19, 0x4, 0x2, 0x0, 0x64, 0x68, 0x0, 0x6, 0x2f, 0x0, @rand_addr=0x64010102, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@lsrr={0x83, 0x1f, 0xbe, [@local, @multicast1, @local, @remote, @broadcast, @multicast2, @loopback]}, @timestamp_addr={0x44, 0x14, 0xd7, 0x1, 0x2, [{@dev={0xac, 0x14, 0x14, 0x3a}}, {@multicast1, 0x4}]}, @timestamp={0x44, 0x1c, 0xcf, 0x0, 0x3, [0x3, 0x986, 0xc140, 0x78, 0x8, 0x9]}]}}}}})
ioctl$sock_inet6_SIOCSIFADDR(r2, 0x8916, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRESOCT=r2, @ANYRES8=r1, @ANYRES8=r2, @ANYRES32=r2, @ANYBLOB='\x00'/13], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x13, 0x14, &(0x7f0000000500)=ANY=[@ANYRESHEX=r3, @ANYRESDEC=r3, @ANYRES32=r1], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$OBJ_GET_PROG(0x7, &(0x7f00000002c0)=@generic={&(0x7f0000000200)='./file0\x00', 0x0, 0x10}, 0x18)
r5 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000540), 0x0, 0x0)
r6 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r6, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
sendmsg$OSF_MSG_ADD(r6, &(0x7f0000000e40)={&(0x7f0000000dc0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000e00)={&(0x7f0000001180)=ANY=[@ANYBLOB="08150000000500000000000000000000030000035402010000000000010000800206d20e0200030073797a3100000000000000000000000000000000000000000000000000000000576cb1374636583b24ffe151aad17808b2d6d666655a00ac204e67e274b82116ef8cc0ac3fef3081036d81bde4680824dc0805a8ccda40d889696a49d5d1c2b70200ff0300000000ff7f0000ff7fb00000000000030000000010040002000000a30000000b00030001000000090000000300080003000000090000000900c50001000000008000000600020000000000050000000100ff070100000009000000f1000000030000000300000002000700030000000200000010007f00010000000200000008000600010000000400000000006200010000000b000000810005000200000000080000ff7f0400020000000d00000089b20600000000000d00000005000c0001000000ffffffff0100660003000000da420000fc1f090003000000090000000400003a01000000040000000900001003000000010000000300060000000000080000000000110500000000060000000000030003000000070000006002040002000000f10000000004400001000000010000000008060001000000feffffff0800030001000000050000000800fcff0100000001000100000003000000000000000000f4e4740002000000010000000900030001000000400000000000a10500000000060000000800ff0f0000000000000000feff0b0003000000090000000000020001000000080000000700030003000000001000000200008002000000090000000800020003000000000000010700f80c00000000000000005402010000000000000000000506010004000b0073797a30000000000000000000000000000000000000000000000000000000004d9d3972f18f3e17a429b903c5b8ee269de4924d2be1fc1d0f42151ab45bbc7ad56da7a53681318f0545ae6f40b91c863ecfef0d64f87f7943044bf95ba5fa04f8ff050002000000d30000000000000000000000010d00000300060003000000ab3500007b000000000000000500000002009700010000000100000000100200020000000000010008000002000000000300000002000500010000000700000000fc0600020000000002000005690008020000000f00000004000600000000000000000000000800010000000700000007000010000000000400000003000000000000004b0000000200010003000000030000000400020003000000070000007000080001000000c605000002000b0001000000ff0700000c00c7e102000000fcffffffff0100100200000002000000c0ff010002000000b70000002e050200020000000b0000000400f9ff00000000080000000600020000000000810000000d000300010000000400000000080400010000000b00000003000900030000000200000006000400000000004675000003007a0203000000040000000300000800000000080000000200090001000000030000006e00f60003000000040000000300040000000000c63d00001000390a000000000500000000000080000000008f1d000059f8060002000000090000000000f9ff020000001401000000000800030000000a0000000300010100000000090000000000ff070000000000740300540201000000000007000000be002cf89eff280073797a3100000000000000000000000000000000000000000000000000000000ca7fdfdf9733cad8274f63aabf6cfabd2a7817a62e41e8ebf532524d4c533e221fd66cb54d0026a0bdc3c026e3e7aadaacb417b0f3003717236bad7e8298adb1d70c03000000000014000000f553070001000000e4c90000070006000200000006000000d5e906000100000004000000cb19070000000000a1000000ffff060003000000030000008100ca0002000000010100000e00040000000000f0a200008000ff0f02000000030000000100080001000000e80b00004000050001000000cf010000ff7f000000000000090000000500f30002000000ff03000008000300020000007f000000fdff00ac0000000075fdffff0900060003000000090000004bf2030001000000fcffffff0500070001000000c588d8760400010002000000020000000200794a030000000400000004000180000000000300000001007f0001000000fdffffff06000600010000008e000000e405070002000000090000000900faff0200000007000000090000000000000009000000c700030002000000050000000e00070002000000010000000b009e020300000000000000930a200001000000000000000300030000000000060000000180430f03000000000000800700070001000000020000007707080002000000080000000000b2c503000000080000000900670b01000000ff010000e700a762000000000800000000000000020000000600000000fc100003000000020000000800010403000000040000005402010000000000050000000706ac063e000f0073797a310000000000000000000000000000000000000000000000000000000014ddaf954a7e995fae1f1cf7df783ecd3073f3b662563495d547e3faea5ccbe478f6b720938bd17c7ec9b026135b837e6b6412ae1ae7632416f755b3f9eef45ffe000500000000000100010004006d0003000000040000000d0001040100000008000000070000000200000084000000090003000100000006000000d200aac102000000d20e00000004010001000000ff03000001000900030000008325a01b009d274f0100d00000000000fcffffff0600080001000000ffffff7ff9ff050003000000fbffffff5b090b0302000000df4d00003300010003000000070000000500f0ff03000000150400000600e90b020000006c00000000010400000000000b00000005000400020000000c0000000300070003000000090000008000020002000000001000000200ad00030000004c0000000a00050001000000560000000900070003000000060000001338010000000000060000000500fcff000000000002000008000b0001000000ff0f0000feff0300020000005202000069c7010002000000010000000000c8ff02000000070000001c00070002000000040000000300fcff03000000cf00000009000100020000000000000006000002000000009257000000048000010000000000000009000100020000000c0000000300050000000000810000000500aa78010000000000000070000c0000000000ff030000ff7f090003000000ccdc0000000104000000000094ffffff02009a080300000006000000540201000000000006000000000889000300110073797a3000000000000000000000000300000000000000000000000000000000bbbf131e713a8bd616ed07e4779ccd9f7c1d89ab7c2778293766745f14bfeb782a26587321d9a12f3254349f1fc4ddb1c52d0f114bdc7eace6b50a5cc0698dd10800040003000000ff070000000000000000000003000000fdfff2a201000000010100000400b50001000000008000000700070001000000ff7f0000060001f029612c91010000001400070003000000cb430000060000000100000000000000bb010100000000000000000000001000030000004000000008000500020000000700000000040000010000000600000008000000000000000080000000008eec0000000006000000ba90010000000000010000000900020001000000010000000200080001000000ffff0000050004000100000005000000090006000100000000000000030006000100000004000000ffff08000200000000c0000001800100020000000900000001000100030000000000000e01000400010000000700000003000800020000000800000004000000030000000300000063c800040300000080000000d79b0300020000000c0000000100030003000000060000000900020001000000070000000200090001000000070000000100020002000000080000000000050001000000cc0400004505bda003000000ff030000ff01040000000000090000000700050001000000cf0000000100dc00030000000100000006003800030000000600000000000000020000000600000005000a0b020000000100008054020100030000000900000080ff9d0c0600210073797a31000000000000000000000000000000000000000000000000000000004d805cdf3ff6888af3497d01162b0db0df09740566d80a527ded48b5da7af5b4db9f6acd985c0364d5eac96bf9c3fcb1c0f753bf74faa6e1bfd1ddd56be43f93810009000300000000000002d805040002000000160b000048bb0800030000000600000009000e0003000000de330000b10b01000300000007000000080001040300000003000000ae92090000000000080000000c00040000000000ff0000000000000002000000ffffff7f03000300010000000800000000000900000000000700000001ff050001000000080000000900010002000000fdffffff09000600030000000e000000f9ff05000300000005000000faff04000300000008000000020005000300000002000000df000d00010000000e00000052000900020000000000000009000300030000000e0000000600070000000000fcff03003e00010000000000ffffffff03007f000000000002000000090000000000000018000000ff0007000000000096fd2f36ff000200000000000600000002000300030000000900000001010700010000007b660000ada59a1f0300000009000000f7ff0300000000000100010006000100010000000800000001010600020000000000000002003000020000000500000000000800030000000f0000000700955303000000ff0f00000004090001000000c80a00000004030003000000090000000700204001000000030000000500ab000200000002000000c30006000200000005000000540201000300000004000000090908000000230073797a3100000000000000000000000000000000000000000000000000000000387a93923827a009973d29c9cee46b687daf68d27e52a93c0aaf72976e58aa275574a94f01f2eae4b5b9386f87dfd1416c5d0c5409e05d5d083e11f0289e3f6a00800300020000004f9c00000500fc0903000000030000000900010001000000008000000900090001000000080000000400030000000000040000000800ff030100000006000000f7ff020003000000070000000300030003000000010000000700000400000000090000005f08070001000000f7ffffffff0304000100000000000000020007000200000006000000050065fa000000000e0000000100000000000000320000000800dd09030000000a000000001006000000000010050000030001000200000002000000e50001010000000034d80000040008000300000005000000660005000300000009000000060002000000000010000000100003000200000001000000170206000200000006000000070000000100000007000000060001000100000000010000f8ff0500030000000900000006000300010000000a0000000b0002000100000000000000ff01000802000000010100000300060001000000030000000900c80000000000000000000600030000000000020000000300ffff000000000100ffff0900010003000000000000000c00040001000000c802000008000800030000000300000000010004000000000900000067d4080002000000feffffff02020c0002000000ffffffffff7f0000000000000000008054020100010000000a0000008601000008001c0073797a3100000000000000000000000000000000000000000000000000000000eeddd4f00001163287d849e1612da5d57b5cc9f29cc244324b2f4ff51f89aa73584f6542e548928a12697b6c0cbab7cca0c1ba764611742943a84e22b4e4beefffff050001000000001000004000800002000000000000c00300040002000000010000000700080000000000ffff0000000004000300000007000000feff0004030000003f0c00000400a0b20000000001fffffff7ff05000000000003000000080000cb0100000007000000090010000000000000000020090085000200000091a7842e0300ff0101000000050000000500060001000000ffff00000300d1d5010000001c0000000500faff010000000900000000020008020000000800000001000700010000000100008008008f00010000000200000003000700030000000900000005000900010000000500000009001a1703000000ff00000007005a080300000004000000ff0f060003000000000000000104050003000000000100000600af1e01000000d60000000400c0ff03000000cbf200000200ffff01000000edfeffff0500090000000000001000000700020001000000008000000100090003000000090000004000010002000000d8080000ee0e020002000000090000000700050000000000d7000000ff7fff00010000007f000000004002000000000005000000bd02010003000000020000000700080001000000060000000100100003000000070000000f00060000000000070000000900030001000000ff010000540201000200000004000000060180000800040073797a3000000000000000000000000000000000000000000000000000000000d3a1a6aadb26f40116259a084ef774a1af4289106acf901816dee9c8ba08b134cefde7669ef4ffe48544fb2b7f925fc5d06e02d25f88eafa1965eed1a9e4ac500400070002000000018000000500040003000000370200000900040001000000080000000800070003000000ff03000000040000030000005c000000070002000000000005000000f406000000000000ff000000040000040100000009000000030006000300000001000000010007000200000009000000ff0f07000000000001000000050000010300000004000000000104000200000040000000040000000000000008000000820a050001000000650a00007a0005000100000001000100001098000200000096040000080001000100000008000000fbff020003000000f7ffffff00010e0002000000050000000800800001000000090000000f00000a0000000003000000f8ff50000000000001000000b800060000000000030000000200020002000000080000000101080001000000070000000700020001000000020000000900080003000000ff7f00003700040003000000000000800100000001000000040000000900090001000000040000000700010000000000080000007600040003000000"], 0x1508}, 0x1, 0x0, 0x0, 0x5}, 0x1)
syz_genetlink_get_family_id$nl80211(0x0, r4)
recvmsg(r5, &(0x7f0000000d80)={&(0x7f00000007c0)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @random}, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000840)=""/151, 0x97}, {&(0x7f0000000900)=""/192, 0xc0}, {&(0x7f0000000a00)=""/231, 0xe7}, {&(0x7f0000000b00)=""/31, 0x1f}, {&(0x7f0000000c00)=""/196, 0xc4}], 0x5, &(0x7f0000000d40)=""/19, 0x13}, 0x40000160)
r7 = getpgid(0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_WIPHY_NETNS(r5, &(0x7f0000000780)={&(0x7f0000000580), 0xc, &(0x7f00000006c0)={&(0x7f0000000640)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYBLOB='\v\x00', @ANYRES32=r7, @ANYBLOB="0c009900020000003c0000000c009900f9ffffff7e000000080001006d0000000c009900070800004c000000"], 0x60}, 0x1, 0x0, 0x0, 0x10}, 0x880)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_emit_ethernet(0x4a, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000008004503003c000000000029904c00"/36], 0x0)

3.324673792s ago: executing program 0 (id=6002):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x42000, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000340)={0x18, 0x2, 0x1, 0x101, 0x0, 0x0, {0x7, 0x0, 0x7}, [@CTA_TUPLE_REPLY={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x4000000}, 0x4004000)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f0000000280), 0x3fffffffffffd17, 0x2, 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffd000/0x1000)=nil, 0x1000, &(0x7f0000000200)='\'\x00')
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="16000000000000000400000005", @ANYBLOB, @ANYBLOB], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000400)=@o_path={0x0}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x25, 0x8, @val=@netkit={@void, @value}}, 0x1c)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500"], 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r7}, 0x10)
r8 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r8)

3.200119744s ago: executing program 1 (id=6003):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x42000, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000340)={0x18, 0x2, 0x1, 0x101, 0x0, 0x0, {0x7, 0x0, 0x7}, [@CTA_TUPLE_REPLY={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x4000000}, 0x4004000)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f0000000280), 0x3fffffffffffd17, 0x2, 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffd000/0x1000)=nil, 0x1000, &(0x7f0000000200)='\'\x00')
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="16000000000000000400000005", @ANYBLOB, @ANYBLOB], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000400)=@o_path={0x0}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000280)={'batadv_slave_1\x00', <r7=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000340)={0xffffffffffffffff, r7, 0x25, 0x8, @val=@netkit={@void, @value}}, 0x1c)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000"], 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r8}, 0x10)
r9 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r9)

3.049770146s ago: executing program 4 (id=6004):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec85"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="4c00000010004b0400f4ed00000000007a000000", @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800b00010062726964676500001c0002800800040000000000060006"], 0x4c}}, 0x0)

1.861377043s ago: executing program 0 (id=6005):
socket(0x1e, 0x4, 0x0)
r0 = socket(0x1e, 0x2, 0x0)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, 0x0, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
futex(&(0x7f0000000040)=0x2, 0xc, 0x1, &(0x7f0000000100), &(0x7f0000000140)=0x1, 0x2)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYBLOB, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/27], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00'}, 0x10)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_mreqn(r4, 0x0, 0x27, &(0x7f0000000000)={@multicast1, @local}, 0xc)
getsockopt$inet_buf(r4, 0x0, 0x29, &(0x7f0000000000)=""/145, &(0x7f0000695ffc)=0x24b)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
dup(0xffffffffffffffff)

1.854045783s ago: executing program 4 (id=6006):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x42000, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000340)={0x18, 0x2, 0x1, 0x101, 0x0, 0x0, {0x7, 0x0, 0x7}, [@CTA_TUPLE_REPLY={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x4000000}, 0x4004000)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f0000000280), 0x3fffffffffffd17, 0x2, 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffd000/0x1000)=nil, 0x1000, &(0x7f0000000200)='\'\x00')
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="16000000000000000400000005", @ANYBLOB, @ANYBLOB], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000400)=@o_path={0x0}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000280)={'batadv_slave_1\x00', <r7=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000340)={0xffffffffffffffff, r7, 0x25, 0x8, @val=@netkit={@void, @value}}, 0x1c)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000800"], 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r8}, 0x10)
r9 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r9)

1.237496022s ago: executing program 1 (id=6007):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/cpuinfo\x00', 0x0, 0x0)

765.698769ms ago: executing program 0 (id=6008):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b000000080000000100010009000000"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000800000000000000000000000018100000", @ANYRES32=r0, @ANYBLOB], &(0x7f0000000700)='GPL\x00', 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
r2 = accept$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0x0, @empty}, &(0x7f00000001c0)=0x1c)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000240)={'gretap0\x00', &(0x7f0000000380)={'tunl0\x00', 0x0, 0x40, 0x80, 0x4e8, 0x1, {{0x19, 0x4, 0x2, 0x0, 0x64, 0x68, 0x0, 0x6, 0x2f, 0x0, @rand_addr=0x64010102, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@lsrr={0x83, 0x1f, 0xbe, [@local, @multicast1, @local, @remote, @broadcast, @multicast2, @loopback]}, @timestamp_addr={0x44, 0x14, 0xd7, 0x1, 0x2, [{@dev={0xac, 0x14, 0x14, 0x3a}}, {@multicast1, 0x4}]}, @timestamp={0x44, 0x1c, 0xcf, 0x0, 0x3, [0x3, 0x986, 0xc140, 0x78, 0x8, 0x9]}]}}}}})
ioctl$sock_inet6_SIOCSIFADDR(r2, 0x8916, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRESOCT=r2, @ANYRES8=r1, @ANYRES8=r2, @ANYRES32=r2, @ANYBLOB='\x00'/13], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
bpf$OBJ_GET_PROG(0x7, &(0x7f00000002c0)=@generic={&(0x7f0000000200)='./file0\x00', 0x0, 0x10}, 0x18)
r4 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000540), 0x0, 0x0)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r5, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
sendmsg$OSF_MSG_ADD(r5, &(0x7f0000000e40)={&(0x7f0000000dc0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000e00)={&(0x7f0000001180)=ANY=[@ANYBLOB="08150000000500000000000000000000030000035402010000000000010000800206d20e0200030073797a3100000000000000000000000000000000000000000000000000000000576cb1374636583b24ffe151aad17808b2d6d666655a00ac204e67e274b82116ef8cc0ac3fef3081036d81bde4680824dc0805a8ccda40d889696a49d5d1c2b70200ff0300000000ff7f0000ff7fb00000000000030000000010040002000000a30000000b00030001000000090000000300080003000000090000000900c50001000000008000000600020000000000050000000100ff070100000009000000f1000000030000000300000002000700030000000200000010007f00010000000200000008000600010000000400000000006200010000000b000000810005000200000000080000ff7f0400020000000d00000089b20600000000000d00000005000c0001000000ffffffff0100660003000000da420000fc1f090003000000090000000400003a01000000040000000900001003000000010000000300060000000000080000000000110500000000060000000000030003000000070000006002040002000000f10000000004400001000000010000000008060001000000feffffff0800030001000000050000000800fcff0100000001000100000003000000000000000000f4e4740002000000010000000900030001000000400000000000a10500000000060000000800ff0f0000000000000000feff0b0003000000090000000000020001000000080000000700030003000000001000000200008002000000090000000800020003000000000000010700f80c00000000000000005402010000000000000000000506010004000b0073797a30000000000000000000000000000000000000000000000000000000004d9d3972f18f3e17a429b903c5b8ee269de4924d2be1fc1d0f42151ab45bbc7ad56da7a53681318f0545ae6f40b91c863ecfef0d64f87f7943044bf95ba5fa04f8ff050002000000d30000000000000000000000010d00000300060003000000ab3500007b000000000000000500000002009700010000000100000000100200020000000000010008000002000000000300000002000500010000000700000000fc0600020000000002000005690008020000000f00000004000600000000000000000000000800010000000700000007000010000000000400000003000000000000004b0000000200010003000000030000000400020003000000070000007000080001000000c605000002000b0001000000ff0700000c00c7e102000000fcffffffff0100100200000002000000c0ff010002000000b70000002e050200020000000b0000000400f9ff00000000080000000600020000000000810000000d000300010000000400000000080400010000000b00000003000900030000000200000006000400000000004675000003007a0203000000040000000300000800000000080000000200090001000000030000006e00f60003000000040000000300040000000000c63d00001000390a000000000500000000000080000000008f1d000059f8060002000000090000000000f9ff020000001401000000000800030000000a0000000300010100000000090000000000ff070000000000740300540201000000000007000000be002cf89eff280073797a3100000000000000000000000000000000000000000000000000000000ca7fdfdf9733cad8274f63aabf6cfabd2a7817a62e41e8ebf532524d4c533e221fd66cb54d0026a0bdc3c026e3e7aadaacb417b0f3003717236bad7e8298adb1d70c03000000000014000000f553070001000000e4c90000070006000200000006000000d5e906000100000004000000cb19070000000000a1000000ffff060003000000030000008100ca0002000000010100000e00040000000000f0a200008000ff0f02000000030000000100080001000000e80b00004000050001000000cf010000ff7f000000000000090000000500f30002000000ff03000008000300020000007f000000fdff00ac0000000075fdffff0900060003000000090000004bf2030001000000fcffffff0500070001000000c588d8760400010002000000020000000200794a030000000400000004000180000000000300000001007f0001000000fdffffff06000600010000008e000000e405070002000000090000000900faff0200000007000000090000000000000009000000c700030002000000050000000e00070002000000010000000b009e020300000000000000930a200001000000000000000300030000000000060000000180430f03000000000000800700070001000000020000007707080002000000080000000000b2c503000000080000000900670b01000000ff010000e700a762000000000800000000000000020000000600000000fc100003000000020000000800010403000000040000005402010000000000050000000706ac063e000f0073797a310000000000000000000000000000000000000000000000000000000014ddaf954a7e995fae1f1cf7df783ecd3073f3b662563495d547e3faea5ccbe478f6b720938bd17c7ec9b026135b837e6b6412ae1ae7632416f755b3f9eef45ffe000500000000000100010004006d0003000000040000000d0001040100000008000000070000000200000084000000090003000100000006000000d200aac102000000d20e00000004010001000000ff03000001000900030000008325a01b009d274f0100d00000000000fcffffff0600080001000000ffffff7ff9ff050003000000fbffffff5b090b0302000000df4d00003300010003000000070000000500f0ff03000000150400000600e90b020000006c00000000010400000000000b00000005000400020000000c0000000300070003000000090000008000020002000000001000000200ad00030000004c0000000a00050001000000560000000900070003000000060000001338010000000000060000000500fcff000000000002000008000b0001000000ff0f0000feff0300020000005202000069c7010002000000010000000000c8ff02000000070000001c00070002000000040000000300fcff03000000cf00000009000100020000000000000006000002000000009257000000048000010000000000000009000100020000000c0000000300050000000000810000000500aa78010000000000000070000c0000000000ff030000ff7f090003000000ccdc0000000104000000000094ffffff02009a080300000006000000540201000000000006000000000889000300110073797a3000000000000000000000000300000000000000000000000000000000bbbf131e713a8bd616ed07e4779ccd9f7c1d89ab7c2778293766745f14bfeb782a26587321d9a12f3254349f1fc4ddb1c52d0f114bdc7eace6b50a5cc0698dd10800040003000000ff070000000000000000000003000000fdfff2a201000000010100000400b50001000000008000000700070001000000ff7f0000060001f029612c91010000001400070003000000cb430000060000000100000000000000bb010100000000000000000000001000030000004000000008000500020000000700000000040000010000000600000008000000000000000080000000008eec0000000006000000ba90010000000000010000000900020001000000010000000200080001000000ffff0000050004000100000005000000090006000100000000000000030006000100000004000000ffff08000200000000c0000001800100020000000900000001000100030000000000000e01000400010000000700000003000800020000000800000004000000030000000300000063c800040300000080000000d79b0300020000000c0000000100030003000000060000000900020001000000070000000200090001000000070000000100020002000000080000000000050001000000cc0400004505bda003000000ff030000ff01040000000000090000000700050001000000cf0000000100dc00030000000100000006003800030000000600000000000000020000000600000005000a0b020000000100008054020100030000000900000080ff9d0c0600210073797a31000000000000000000000000000000000000000000000000000000004d805cdf3ff6888af3497d01162b0db0df09740566d80a527ded48b5da7af5b4db9f6acd985c0364d5eac96bf9c3fcb1c0f753bf74faa6e1bfd1ddd56be43f93810009000300000000000002d805040002000000160b000048bb0800030000000600000009000e0003000000de330000b10b01000300000007000000080001040300000003000000ae92090000000000080000000c00040000000000ff0000000000000002000000ffffff7f03000300010000000800000000000900000000000700000001ff050001000000080000000900010002000000fdffffff09000600030000000e000000f9ff05000300000005000000faff04000300000008000000020005000300000002000000df000d00010000000e00000052000900020000000000000009000300030000000e0000000600070000000000fcff03003e00010000000000ffffffff03007f000000000002000000090000000000000018000000ff0007000000000096fd2f36ff000200000000000600000002000300030000000900000001010700010000007b660000ada59a1f0300000009000000f7ff0300000000000100010006000100010000000800000001010600020000000000000002003000020000000500000000000800030000000f0000000700955303000000ff0f00000004090001000000c80a00000004030003000000090000000700204001000000030000000500ab000200000002000000c30006000200000005000000540201000300000004000000090908000000230073797a3100000000000000000000000000000000000000000000000000000000387a93923827a009973d29c9cee46b687daf68d27e52a93c0aaf72976e58aa275574a94f01f2eae4b5b9386f87dfd1416c5d0c5409e05d5d083e11f0289e3f6a00800300020000004f9c00000500fc0903000000030000000900010001000000008000000900090001000000080000000400030000000000040000000800ff030100000006000000f7ff020003000000070000000300030003000000010000000700000400000000090000005f08070001000000f7ffffffff0304000100000000000000020007000200000006000000050065fa000000000e0000000100000000000000320000000800dd09030000000a000000001006000000000010050000030001000200000002000000e50001010000000034d80000040008000300000005000000660005000300000009000000060002000000000010000000100003000200000001000000170206000200000006000000070000000100000007000000060001000100000000010000f8ff0500030000000900000006000300010000000a0000000b0002000100000000000000ff01000802000000010100000300060001000000030000000900c80000000000000000000600030000000000020000000300ffff000000000100ffff0900010003000000000000000c00040001000000c802000008000800030000000300000000010004000000000900000067d4080002000000feffffff02020c0002000000ffffffffff7f0000000000000000008054020100010000000a0000008601000008001c0073797a3100000000000000000000000000000000000000000000000000000000eeddd4f00001163287d849e1612da5d57b5cc9f29cc244324b2f4ff51f89aa73584f6542e548928a12697b6c0cbab7cca0c1ba764611742943a84e22b4e4beefffff050001000000001000004000800002000000000000c00300040002000000010000000700080000000000ffff0000000004000300000007000000feff0004030000003f0c00000400a0b20000000001fffffff7ff05000000000003000000080000cb0100000007000000090010000000000000000020090085000200000091a7842e0300ff0101000000050000000500060001000000ffff00000300d1d5010000001c0000000500faff010000000900000000020008020000000800000001000700010000000100008008008f00010000000200000003000700030000000900000005000900010000000500000009001a1703000000ff00000007005a080300000004000000ff0f060003000000000000000104050003000000000100000600af1e01000000d60000000400c0ff03000000cbf200000200ffff01000000edfeffff0500090000000000001000000700020001000000008000000100090003000000090000004000010002000000d8080000ee0e020002000000090000000700050000000000d7000000ff7fff00010000007f000000004002000000000005000000bd02010003000000020000000700080001000000060000000100100003000000070000000f00060000000000070000000900030001000000ff010000540201000200000004000000060180000800040073797a3000000000000000000000000000000000000000000000000000000000d3a1a6aadb26f40116259a084ef774a1af4289106acf901816dee9c8ba08b134cefde7669ef4ffe48544fb2b7f925fc5d06e02d25f88eafa1965eed1a9e4ac500400070002000000018000000500040003000000370200000900040001000000080000000800070003000000ff03000000040000030000005c000000070002000000000005000000f406000000000000ff000000040000040100000009000000030006000300000001000000010007000200000009000000ff0f07000000000001000000050000010300000004000000000104000200000040000000040000000000000008000000820a050001000000650a00007a0005000100000001000100001098000200000096040000080001000100000008000000fbff020003000000f7ffffff00010e0002000000050000000800800001000000090000000f00000a0000000003000000f8ff50000000000001000000b800060000000000030000000200020002000000080000000101080001000000070000000700020001000000020000000900080003000000ff7f00003700040003000000000000800100000001000000040000000900090001000000040000000700010000000000080000007600040003000000"], 0x1508}, 0x1, 0x0, 0x0, 0x5}, 0x1)
syz_genetlink_get_family_id$nl80211(0x0, r3)
recvmsg(r4, &(0x7f0000000d80)={&(0x7f00000007c0)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @random}, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000840)=""/151, 0x97}, {&(0x7f0000000900)=""/192, 0xc0}, {&(0x7f0000000a00)=""/231, 0xe7}, {&(0x7f0000000b00)=""/31, 0x1f}, {&(0x7f0000000c00)=""/196, 0xc4}], 0x5, &(0x7f0000000d40)=""/19, 0x13}, 0x40000160)
r6 = getpgid(0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_WIPHY_NETNS(r4, &(0x7f0000000780)={&(0x7f0000000580), 0xc, &(0x7f00000006c0)={&(0x7f0000000640)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYBLOB='\v\x00', @ANYRES32=r6, @ANYBLOB="0c009900020000003c0000000c009900f9ffffff7e000000080001006d0000000c009900070800004c000000"], 0x60}, 0x1, 0x0, 0x0, 0x10}, 0x880)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_emit_ethernet(0x4a, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000008004503003c000000000029904c00"/36], 0x0)

629.461331ms ago: executing program 3 (id=6009):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x42000, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000340)={0x18, 0x2, 0x1, 0x101, 0x0, 0x0, {0x7, 0x0, 0x7}, [@CTA_TUPLE_REPLY={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x4000000}, 0x4004000)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f0000000280), 0x3fffffffffffd17, 0x2, 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffd000/0x1000)=nil, 0x1000, &(0x7f0000000200)='\'\x00')
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="16000000000000000400000005", @ANYBLOB, @ANYBLOB], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000400)=@o_path={0x0}, 0x18)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x25, 0x8, @val=@netkit={@void, @value}}, 0x1c)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500"], 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r7}, 0x10)
r8 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r8)

0s ago: executing program 4 (id=6010):
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000980)=ANY=[@ANYBLOB="61124c00000000006113860000000000bf2000000000000007000000080000002d030100000000009500000c000000006926000000000000bf67000000000000150600000fff070056060000200000006a0200000ee60000bf050000000000003d350000000000006507000002000000070700004a0000000f75000000000000bf54000000000000070400000400f9ff6d53010000000000840400000000000073720000000000009500000000000000db13d5d8b741f2cdaabc8383caf56b8c2b84a8d09535a157f9005bd38addaa65b925cd3ded85d3cdd66d9c79f0529d045625b8b9e2a095d2c51ef45c5588ec78c7f32946b17cecfe54c53ab530c58b67851b7e0e82452a083b98a6aa766401047d150203b0417edef332233b081df18961d6822d133bf72a4de1c2ea17f04537fc211576846ac629d1d93265ba474580047a9dc88de358ce795731891a2031de4e09740c64e5306f991ed4785a9773a433e0db9c1a7d4ab9d658ce9cfdb4db3bed62bcb2bc91ddcdfac2e6d4421c49fb6641cbf56914e76702f673b586c700e3806f825f1d0da2a304e06543b56d35235d7897a7fe912971aab876022e96f5143b6234f5a6b701690b07fb664b44e22b72e843e7cf55f394cf75d1cd57c9150bfb98cc45b3fde43e42e150d4a2fddd9a9767748ca3522443097c55dc97c09d38485b18ad2cff787338bab324336f50c97b751f2ed2c4281858b428d1b2c1194b06f9bb7ffcc95c1bcfc5540f9574f20e7f513a2a7c5dad90e7d479724d69fa0c0bf97af1231a49ea166f743279d240e2e6f01d8704f313d68b16198be5f6a50e9e0fd20893b2922df566d2622edee5000000000000000000d91c6da09fa7cdbbf16d4780d8c2401c55aff772aced3ff966ff76d796c171f5f7a31e1b14b0c0c712c0fdd2710f37a3d15710d68e7326a7db043c57784bd9bdb047db75"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0x21, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000001850000001b000000b70000000000070095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000240)='./file1/file0\x00', 0x200010, &(0x7f0000000340)={[], [{@euid_eq}]}, 0xfe, 0x57a, &(0x7f0000000580)="$eJzs3U1rG0cfAPD/yi95fZ44EELbQzHk0JQ0cmz3JYUe0mNpQwPtPRWyYoLlKFhyiN1AkkNzyaWEQikNlH6A3nsM/QL9FIE2EEow7aEXlZVXjhJJsezItlr9frDJzM6uZ0azM5rRSmwAQ2sy/ScX8WpEfJ1EHGlJG40scXL9uLUnN4rplkS9/tkfSSTZvubxSfb/oSzySkT88lXEqVx7vtWV1YVCuVxayuJTtcWrU9WV1dOXFwvzpfnSlZnZ2bPvzM68/967favrmxf++u7TBx+dvXti7dufHh29l8S5OJyltdbjJdxqjUzGZPaajMW55w6c7kNmgyTZ6wKwLSNZPx+LdAw4EiNZrwf++25GRB0YUon+D0OqOQ9oru37tA7+13j84foCqL3+o+ufjcT+xtro4FryzMooXe9O9CH/NI+ff79/L92if59DAGzq1u2IODM62j7+Jdn4t31nejjm+TyMf7B7HqTzn7c6zX9yG/Of6DD/OdSh727H5v0/96jDaUm/PqVO538fdJz/bty0mhjJYv9rzPnGkkuXy6V0bPt/RJyMsX1p/EX3c86uPax3S2ud/6Vbmn9zLpiV49HovmfPmSvUCi9T51aPb0e81nH+m2y0f9Kh/dPX40KPeRwv3X+9W9rm9d9Z9R8j3mhp/6cpyTOhF9yfnGpcD1PNq6Ldn3eO/9ot/72uf9r+Bzte/xv1n0ha79dWt57HD/v/LnVL2+71P5583giPZ/uuF2q1pemI8eST9v0zT89txpvHp/U/eeLF41+n6/9ARHzRY/3vHLvT9dBBaP+5LbX/1gMPP/7y+27599b+bzdCJ7M9vYx/vRbwZV47AAAAAAAAGDS5iDgcSS6/Ec7l8vn173cci4O5cqVaO3WpsnxlLhq/lZ2IsVzzTveRlu9DTGffh23GZ5rx8fX4bEQcjYhvRg404vlipTy315UHAAAAAAAAAAAAAAAAAACAAXGoy+//U7+NdDxlfHdLCOwoj/yG4bVp/+/Hk56AgbTV9/99O1QOYPdta/5/oP/lAHaf9T8MqbG9LgCwl7z/w/DS/2F46f8wvPR/AAAAAAAAAAAAAAAAAAAAAAAAAAAA6KsL58+nW33tyY1iGp+7trK8ULl2eq5UXcgvLhfzxcrS1fx8pTJfLuWLlcXN/l65Urk6PRPL16dqpWptqrqyenGxsnyldvHyYmG+dLHkaUMAAAAAAAAAAAAAAAAAAADQrrqyulAol0tLAoMdGBmMYrQHRgejGL0GbsZAFGNnA3f70Ls7DBbFXR6cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACDzTwAAAP//dzsyzQ==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8efffffb703000008000000b704000000000000850000000300008071ffffdcf475"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
ioctl$AUTOFS_IOC_PROTOSUBVER(r3, 0x80049367, &(0x7f0000000380))
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000df00"/28], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7140000000000008500000055000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r8 = openat$cgroup_int(r7, &(0x7f00000001c0)='cpuset.cpus\x00', 0x2, 0x0)
write$cgroup_int(r8, &(0x7f0000000040), 0x1)

kernel console output (not intermixed with test programs):

 promiscuous mode
[ 1743.693736][T12667] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1743.714069][T12667] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1743.834105][T12667] usb 3-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40
[ 1743.843757][T12667] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=4
[ 1743.852615][T12667] usb 3-1: SerialNumber: syz
[ 1743.862793][T12667] usb 3-1: config 0 descriptor??
[ 1743.867806][   T39] usb 5-1: new high-speed USB device number 41 using dummy_hcd
[ 1743.899974][T12667] usb 3-1: can't set config #0, error -71
[ 1744.402059][T12667] usb 3-1: USB disconnect, device number 53
[ 1744.534076][   T39] usb 5-1: Using ep0 maxpacket: 16
[ 1744.863996][   T39] usb 5-1: config 0 has an invalid interface number: 105 but max is 0
[ 1744.882459][   T39] usb 5-1: config 0 has an invalid descriptor of length 131, skipping remainder of the config
[ 1744.903123][   T39] usb 5-1: config 0 has no interface number 0
[ 1744.922154][   T39] usb 5-1: too many endpoints for config 0 interface 105 altsetting 50: 182, using maximum allowed: 30
[ 1745.001088][   T39] usb 5-1: config 0 interface 105 altsetting 50 has 0 endpoint descriptors, different from the interface descriptor's value: 182
[ 1745.014792][   T39] usb 5-1: config 0 interface 105 has no altsetting 0
[ 1745.109522][T18179] overlayfs: failed to resolve './file0': -2
[ 1745.174000][   T39] usb 5-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28
[ 1745.189951][   T39] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1745.260969][   T39] usb 5-1: Product: syz
[ 1745.265207][   T39] usb 5-1: Manufacturer: syz
[ 1745.269831][   T39] usb 5-1: SerialNumber: syz
[ 1745.278893][   T39] usb 5-1: config 0 descriptor??
[ 1745.903340][T18186] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4955'.
[ 1745.931661][T18186] device bridge0 entered promiscuous mode
[ 1745.942117][T18186] bridge0: port 3(macsec1) entered blocking state
[ 1745.948701][T18186] bridge0: port 3(macsec1) entered disabled state
[ 1746.116528][T18186] device bridge0 left promiscuous mode
[ 1746.137311][T18190] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4956'.
[ 1746.156559][T18190] device bridge0 entered promiscuous mode
[ 1746.164424][T18190] bridge0: port 3(macsec1) entered blocking state
[ 1746.170896][T18190] bridge0: port 3(macsec1) entered disabled state
[ 1746.218044][T18190] device bridge0 left promiscuous mode
[ 1746.427834][T18198] UDC core: couldn't find an available UDC or it's busy: -16
[ 1746.435315][T18198] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 1746.447105][T18199] usb usb8: usbfs: process 18199 (syz.3.4958) did not claim interface 0 before use
[ 1748.897147][   T39] usb 5-1: USB disconnect, device number 41
[ 1749.590482][   T30] audit: type=1326 audit(1749305688.770:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18202 comm="syz.1.4959" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f410b0a8929 code=0x0
[ 1750.355121][T18234] 9pnet: Insufficient options for proto=fd
[ 1751.683747][T18261] overlayfs: failed to resolve './file0': -2
[ 1752.205884][T18270] 9pnet: Insufficient options for proto=fd
[ 1752.417796][T18273] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4972'.
[ 1752.469292][T18273] device bridge0 entered promiscuous mode
[ 1752.557520][T18273] bridge0: port 3(macsec1) entered blocking state
[ 1752.827147][T18273] bridge0: port 3(macsec1) entered disabled state
[ 1752.926873][T18273] device bridge0 left promiscuous mode
[ 1753.233165][T18283] overlayfs: failed to resolve './file0': -2
[ 1753.399971][T18288] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1753.757680][T18295] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[ 1755.299488][T18309] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4988'.
[ 1755.340687][T18309] device bridge0 entered promiscuous mode
[ 1755.351075][T18309] bridge0: port 3(macsec1) entered blocking state
[ 1755.357660][T18309] bridge0: port 3(macsec1) entered disabled state
[ 1755.382883][T18309] device bridge0 left promiscuous mode
[ 1757.576795][T18335] overlayfs: failed to resolve './file0': -2
[ 1758.465217][T18343] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1758.649048][T18349] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[ 1762.635172][T18381] overlayfs: failed to resolve './file0': -2
[ 1763.121357][T18396] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5008'.
[ 1763.134473][T18396] device bridge0 entered promiscuous mode
[ 1763.141606][T18396] bridge0: port 3(macsec1) entered blocking state
[ 1763.148119][T18396] bridge0: port 3(macsec1) entered disabled state
[ 1763.557352][T18396] device bridge0 left promiscuous mode
[ 1764.302024][T18400] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1764.977046][T18403] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[ 1765.334389][   T39] usb 2-1: new high-speed USB device number 37 using dummy_hcd
[ 1766.963906][   T39] usb 2-1: Using ep0 maxpacket: 16
[ 1767.063369][   T30] audit: type=1326 audit(1749305706.240:278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18419 comm="syz.0.5014" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa5a7742929 code=0x0
[ 1767.086337][   T39] usb 2-1: device descriptor read/all, error -71
[ 1767.212549][T18433] overlayfs: failed to resolve './file0': -2
[ 1768.023789][T18383] udevd[18383]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory
[ 1770.339453][T18468] overlayfs: failed to resolve './file0': -2
[ 1771.614003][  T343] usb 4-1: new full-speed USB device number 51 using dummy_hcd
[ 1771.623004][T18492] udevd[18492]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory
[ 1772.024124][  T343] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1772.074092][  T343] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1772.214168][  T343] usb 4-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40
[ 1772.241182][  T343] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=4
[ 1772.334996][  T343] usb 4-1: SerialNumber: syz
[ 1772.357459][  T343] usb 4-1: config 0 descriptor??
[ 1772.404598][  T343] usb 4-1: Found UVC 0.00 device <unnamed> (10c4:ea90)
[ 1772.414822][  T343] usb 4-1: No valid video chain found.
[ 1772.689738][T18501] xt_socket: unknown flags 0xc
[ 1775.575528][   T39] usb 4-1: USB disconnect, device number 51
[ 1775.642570][T18528] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1775.775634][T18537] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1775.908638][T18538] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[ 1776.195088][T18542] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[ 1780.787871][T18577] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1781.120203][T18582] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[ 1783.108704][T18579] xt_socket: unknown flags 0xc
[ 1783.779557][T18580] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5053'.
[ 1783.790083][T18580] device bridge0 entered promiscuous mode
[ 1783.796510][T18580] bridge0: port 3(macsec1) entered blocking state
[ 1783.802941][T18580] bridge0: port 3(macsec1) entered disabled state
[ 1783.810214][T18580] device bridge0 left promiscuous mode
[ 1785.902375][T18614] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1786.749796][T18621] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[ 1789.359340][T18637] overlayfs: failed to resolve './file0': -2
[ 1793.395590][T18686] overlayfs: failed to resolve './file0': -2
[ 1795.919512][T18709] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1796.269686][T18718] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[ 1797.830890][T18733] loop0: detected capacity change from 0 to 512
[ 1798.722686][T18733] EXT4-fs (loop0): Ignoring removed mblk_io_submit option
[ 1799.855776][T18733] EXT4-fs (loop0): Journaled quota options ignored when QUOTA feature is enabled
[ 1799.869967][T18733] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1799.881562][T18740] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1801.119825][T18747] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[ 1802.171491][T12667] usb 4-1: new full-speed USB device number 52 using dummy_hcd
[ 1802.173462][T18757] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1802.291851][T18733] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 56 vs 41 free clusters
[ 1802.306780][T18733] EXT4-fs (loop0): Remounting filesystem read-only
[ 1802.320117][T18733] Quota error (device loop0): write_blk: dquota write failed
[ 1802.743354][T18765] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[ 1802.818522][T18733] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[ 1802.834958][T18733] EXT4-fs error (device loop0): ext4_acquire_dquot:6195: comm syz.0.5099: Failed to acquire dquot type 0
[ 1802.847112][T18733] EXT4-fs (loop0): Remounting filesystem read-only
[ 1802.854118][T18733] Quota error (device loop0): write_blk: dquota write failed
[ 1802.861810][T18733] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[ 1802.966553][T18733] EXT4-fs error (device loop0): ext4_acquire_dquot:6195: comm syz.0.5099: Failed to acquire dquot type 0
[ 1803.122113][T18733] EXT4-fs (loop0): Remounting filesystem read-only
[ 1803.128797][T18733] Quota error (device loop0): write_blk: dquota write failed
[ 1803.136521][T18733] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[ 1803.162781][T18733] EXT4-fs error (device loop0): ext4_acquire_dquot:6195: comm syz.0.5099: Failed to acquire dquot type 0
[ 1803.194182][T18733] EXT4-fs (loop0): Remounting filesystem read-only
[ 1803.200885][T18733] EXT4-fs (loop0): 1 orphan inode deleted
[ 1803.212824][T18733] EXT4-fs (loop0): mounted filesystem without journal. Opts: nobarrier,noblock_validity,mblk_io_submit,barrier=0x0000000000000003,errors=remount-ro,acl,noauto_da_alloc,max_batch_time=0x0000000000000006,grpjquota=2defcontext=sysadm_u,. Quota mode: writeback.
[ 1804.183549][T18783] loop0: detected capacity change from 0 to 2048
[ 1804.283199][T18783] EXT4-fs (loop0): Ignoring removed mblk_io_submit option
[ 1804.303918][T18783] EXT4-fs (loop0): dax option not supported
[ 1804.314173][T18781] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1804.866456][T18791] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[ 1804.891458][T18790] loop1: detected capacity change from 0 to 1024
[ 1806.170569][T18802] loop0: detected capacity change from 0 to 2048
[ 1806.233530][T18802] EXT4-fs (loop0): Ignoring removed mblk_io_submit option
[ 1806.249600][T18802] EXT4-fs (loop0): dax option not supported
[ 1806.750875][T18810] usb usb8: usbfs: process 18810 (syz.4.5117) did not claim interface 0 before use
[ 1807.740332][T18817] loop0: detected capacity change from 0 to 2048
[ 1807.758413][T18821] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1807.789399][T18821] loop1: detected capacity change from 0 to 16
[ 1807.798469][T18716] udevd[18716]: incorrect erofs checksum on /dev/loop1
[ 1807.806090][T18821] erofs: (device loop1): erofs_superblock_csum_verify: invalid checksum 0x80a9593b, 0x7bbbea8c expected
[ 1807.835703][T18817] EXT4-fs (loop0): Ignoring removed mblk_io_submit option
[ 1807.842899][T18817] EXT4-fs (loop0): dax option not supported
[ 1808.122268][T18827] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[ 1809.083970][T18838] loop1: detected capacity change from 0 to 1024
[ 1809.258106][T18842] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1809.785351][T18842] loop0: detected capacity change from 0 to 16
[ 1810.535210][T18842] erofs: (device loop0): erofs_superblock_csum_verify: invalid checksum 0x80a9593b, 0x7bbbea8c expected
[ 1810.902401][T18716] udevd[18716]: incorrect erofs checksum on /dev/loop0
[ 1811.114030][T11283] usb 3-1: new full-speed USB device number 54 using dummy_hcd
[ 1811.167900][T18862] overlayfs: failed to resolve './file0': -2
[ 1811.200593][T18868] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[ 1811.642917][T18871] loop0: detected capacity change from 0 to 512
[ 1811.654269][T18871] EXT4-fs (loop0): Ignoring removed mblk_io_submit option
[ 1811.661542][T18871] EXT4-fs (loop0): Journaled quota options ignored when QUOTA feature is enabled
[ 1811.671516][T18871] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1811.686521][T18871] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 56 vs 41 free clusters
[ 1811.701111][T18871] EXT4-fs (loop0): Remounting filesystem read-only
[ 1811.707986][T18871] Quota error (device loop0): write_blk: dquota write failed
[ 1811.715750][T18871] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[ 1811.725699][T18871] EXT4-fs error (device loop0): ext4_acquire_dquot:6195: comm syz.0.5132: Failed to acquire dquot type 0
[ 1811.737246][T18871] EXT4-fs (loop0): Remounting filesystem read-only
[ 1811.743813][T18871] Quota error (device loop0): write_blk: dquota write failed
[ 1811.751357][T18871] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[ 1811.764113][T18871] EXT4-fs error (device loop0): ext4_acquire_dquot:6195: comm syz.0.5132: Failed to acquire dquot type 0
[ 1811.776133][T18871] EXT4-fs (loop0): Remounting filesystem read-only
[ 1811.782831][T18871] Quota error (device loop0): write_blk: dquota write failed
[ 1811.790659][T11283] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1811.803123][T18871] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[ 1811.813548][T11283] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1811.816173][T18871] EXT4-fs error (device loop0): ext4_acquire_dquot:6195: comm syz.0.5132: Failed to acquire dquot type 0
[ 1811.835948][T18871] EXT4-fs (loop0): Remounting filesystem read-only
[ 1811.842536][T18871] EXT4-fs (loop0): 1 orphan inode deleted
[ 1811.848833][T18871] EXT4-fs (loop0): mounted filesystem without journal. Opts: nobarrier,noblock_validity,mblk_io_submit,barrier=0x0000000000000003,errors=remount-ro,acl,noauto_da_alloc,max_batch_time=0x0000000000000006,grpjquota=2defcontext=sysadm_u,. Quota mode: writeback.
[ 1811.896435][T18878] bridge: RTM_NEWNEIGH with invalid ether address
[ 1811.920655][T18880] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1811.933994][T11283] usb 3-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40
[ 1811.943867][T11283] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=4
[ 1811.952002][T11283] usb 3-1: SerialNumber: syz
[ 1812.059490][T11283] usb 3-1: config 0 descriptor??
[ 1812.118414][T11283] usb 3-1: Found UVC 0.00 device <unnamed> (10c4:ea90)
[ 1812.125759][T11283] usb 3-1: No valid video chain found.
[ 1812.421574][T11283] usb 3-1: USB disconnect, device number 54
[ 1812.943059][T18894] loop0: detected capacity change from 0 to 1024
[ 1812.973330][T18897] loop1: detected capacity change from 0 to 2048
[ 1813.088691][T18897] EXT4-fs (loop1): Ignoring removed mblk_io_submit option
[ 1813.104321][T18897] EXT4-fs (loop1): dax option not supported
[ 1813.832295][T18906] usb usb8: usbfs: process 18906 (syz.2.5143) did not claim interface 0 before use
[ 1813.846893][T18908] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1813.860061][T18908] loop0: detected capacity change from 0 to 16
[ 1813.870237][T18716] udevd[18716]: incorrect erofs checksum on /dev/loop0
[ 1813.878879][T18908] erofs: (device loop0): erofs_superblock_csum_verify: invalid checksum 0x80a9593b, 0x7bbbea8c expected
[ 1814.263785][T18918] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[ 1814.581499][T18921] loop1: detected capacity change from 0 to 2048
[ 1814.614489][T18921] EXT4-fs (loop1): Ignoring removed mblk_io_submit option
[ 1814.631294][T18921] EXT4-fs (loop1): dax option not supported
[ 1814.800441][T18923] loop0: detected capacity change from 0 to 2048
[ 1814.867496][T18923] EXT4-fs (loop0): Ignoring removed mblk_io_submit option
[ 1814.994325][T18923] EXT4-fs (loop0): dax option not supported
[ 1817.268845][T18961] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1818.303414][T18984] loop0: detected capacity change from 0 to 512
[ 1818.311009][T18984] EXT4-fs (loop0): Ignoring removed mblk_io_submit option
[ 1818.318440][T18984] EXT4-fs (loop0): Journaled quota options ignored when QUOTA feature is enabled
[ 1818.333070][T18984] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1819.701681][T18996] loop1: detected capacity change from 0 to 1024
[ 1819.754637][T18984] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 56 vs 41 free clusters
[ 1819.814795][T18984] EXT4-fs (loop0): Remounting filesystem read-only
[ 1819.831727][T18984] Quota error (device loop0): write_blk: dquota write failed
[ 1819.844037][T18984] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[ 1819.854333][T18984] EXT4-fs error (device loop0): ext4_acquire_dquot:6195: comm syz.0.5165: Failed to acquire dquot type 0
[ 1819.874388][T18984] EXT4-fs (loop0): Remounting filesystem read-only
[ 1819.886494][T18984] Quota error (device loop0): write_blk: dquota write failed
[ 1819.896016][T18984] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[ 1820.018583][T18984] EXT4-fs error (device loop0): ext4_acquire_dquot:6195: comm syz.0.5165: Failed to acquire dquot type 0
[ 1820.182704][T18984] EXT4-fs (loop0): Remounting filesystem read-only
[ 1820.189789][T18984] Quota error (device loop0): write_blk: dquota write failed
[ 1820.197446][T18984] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[ 1820.207610][T18984] EXT4-fs error (device loop0): ext4_acquire_dquot:6195: comm syz.0.5165: Failed to acquire dquot type 0
[ 1820.219570][T18984] EXT4-fs (loop0): Remounting filesystem read-only
[ 1820.226414][T18984] EXT4-fs (loop0): 1 orphan inode deleted
[ 1820.369797][T18984] EXT4-fs (loop0): mounted filesystem without journal. Opts: nobarrier,noblock_validity,mblk_io_submit,barrier=0x0000000000000003,errors=remount-ro,acl,noauto_da_alloc,max_batch_time=0x0000000000000006,grpjquota=2defcontext=sysadm_u,. Quota mode: writeback.
[ 1821.321452][T19012] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1821.357762][T19012] loop1: detected capacity change from 0 to 16
[ 1821.387489][T18716] udevd[18716]: incorrect erofs checksum on /dev/loop1
[ 1821.395924][T19012] erofs: (device loop1): erofs_superblock_csum_verify: invalid checksum 0x80a9593b, 0x7bbbea8c expected
[ 1821.448038][T19019] loop0: detected capacity change from 0 to 512
[ 1821.463337][T19019] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[ 1821.494111][T19019] EXT4-fs (loop0): 1 truncate cleaned up
[ 1821.499829][T19019] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,nobarrier,init_itable,errors=remount-ro,block_validity,dioread_lock,. Quota mode: none.
[ 1821.910050][T19024] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[ 1823.339233][T19052] loop1: detected capacity change from 0 to 1024
[ 1825.771220][T19071] loop1: detected capacity change from 0 to 2048
[ 1825.824231][T19071] EXT4-fs (loop1): Ignoring removed mblk_io_submit option
[ 1825.916309][T19071] EXT4-fs (loop1): dax option not supported
[ 1826.503337][T19088] device bridge0 entered promiscuous mode
[ 1826.808529][T19090] loop0: detected capacity change from 0 to 2048
[ 1826.877768][T19092] loop1: detected capacity change from 0 to 2048
[ 1826.884943][T19090] EXT4-fs (loop0): Ignoring removed mblk_io_submit option
[ 1826.914416][T19090] EXT4-fs (loop0): dax option not supported
[ 1826.924967][T19092] EXT4-fs (loop1): Ignoring removed mblk_io_submit option
[ 1826.942877][T19092] EXT4-fs (loop1): dax option not supported
[ 1828.175821][   T30] audit: type=1400 audit(1749305767.360:279): avc:  denied  { bind } for  pid=19106 comm="syz.3.5199" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 1829.275928][T19120] loop1: detected capacity change from 0 to 2048
[ 1829.307416][T19120] EXT4-fs (loop1): Ignoring removed mblk_io_submit option
[ 1829.315531][T19120] EXT4-fs (loop1): dax option not supported
[ 1832.584092][T19150] device bridge0 entered promiscuous mode
[ 1835.905888][T19183] loop1: detected capacity change from 0 to 512
[ 1835.913097][T19183] EXT4-fs (loop1): Ignoring removed mblk_io_submit option
[ 1835.954761][T19183] EXT4-fs (loop1): Journaled quota options ignored when QUOTA feature is enabled
[ 1835.966959][T19183] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1836.020965][T19183] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 56 vs 41 free clusters
[ 1836.036475][T19183] EXT4-fs (loop1): Remounting filesystem read-only
[ 1836.043405][T19183] Quota error (device loop1): write_blk: dquota write failed
[ 1836.051793][T19183] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota
[ 1836.062451][T19183] EXT4-fs error (device loop1): ext4_acquire_dquot:6195: comm syz.1.5220: Failed to acquire dquot type 0
[ 1836.074702][T19183] EXT4-fs (loop1): Remounting filesystem read-only
[ 1836.091715][T19183] Quota error (device loop1): write_blk: dquota write failed
[ 1836.099358][T19183] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota
[ 1836.109433][T19183] EXT4-fs error (device loop1): ext4_acquire_dquot:6195: comm syz.1.5220: Failed to acquire dquot type 0
[ 1836.121000][T19183] EXT4-fs (loop1): Remounting filesystem read-only
[ 1836.127941][T19183] Quota error (device loop1): write_blk: dquota write failed
[ 1836.135612][T19183] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota
[ 1836.145678][T19183] EXT4-fs error (device loop1): ext4_acquire_dquot:6195: comm syz.1.5220: Failed to acquire dquot type 0
[ 1836.157672][T19183] EXT4-fs (loop1): Remounting filesystem read-only
[ 1836.164496][T19183] EXT4-fs (loop1): 1 orphan inode deleted
[ 1836.170384][T19183] EXT4-fs (loop1): mounted filesystem without journal. Opts: nobarrier,noblock_validity,mblk_io_submit,barrier=0x0000000000000003,errors=remount-ro,acl,noauto_da_alloc,max_batch_time=0x0000000000000006,grpjquota=2defcontext=sysadm_u,. Quota mode: writeback.
[ 1836.443226][T19198] overlayfs: failed to resolve './file0': -2
[ 1841.132281][T19254] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1841.323055][T19260] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[ 1842.306189][T19261] overlayfs: failed to resolve './file0': -2
[ 1842.546148][T19262] loop1: detected capacity change from 0 to 512
[ 1842.709110][T11693] usb 4-1: new full-speed USB device number 53 using dummy_hcd
[ 1842.865230][T19262] EXT4-fs (loop1): orphan cleanup on readonly fs
[ 1842.875074][T19262] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.5240: bg 0: block 248: padding at end of block bitmap is not set
[ 1842.890438][T19262] Quota error (device loop1): write_blk: dquota write failed
[ 1842.898042][T19262] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[ 1842.908049][T19262] EXT4-fs error (device loop1): ext4_acquire_dquot:6195: comm syz.1.5240: Failed to acquire dquot type 1
[ 1842.921716][T19262] EXT4-fs (loop1): 1 truncate cleaned up
[ 1842.938961][T19262] EXT4-fs (loop1): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,auto_da_alloc,noload,nodiscard,,errors=continue. Quota mode: writeback.
[ 1846.504358][   T39] usb 5-1: new full-speed USB device number 42 using dummy_hcd
[ 1847.797951][T19313] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1847.835287][T19313] loop1: detected capacity change from 0 to 16
[ 1847.846517][T19179] udevd[19179]: incorrect erofs checksum on /dev/loop1
[ 1847.853753][T19313] erofs: (device loop1): erofs_superblock_csum_verify: invalid checksum 0x80a9593b, 0x7bbbea8c expected
[ 1848.054030][   T39] usb 5-1: device descriptor read/all, error -71
[ 1848.124297][T19319] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[ 1848.490307][   T30] audit: type=1326 audit(1749305787.670:280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19295 comm="syz.0.5249" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa5a7742929 code=0x0
[ 1854.009320][T19359] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1854.025406][T19361] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1854.553938][T19366] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[ 1854.963910][T14396] usb 2-1: new full-speed USB device number 39 using dummy_hcd
[ 1855.094785][T19373] bridge: RTM_NEWNEIGH with invalid ether address
[ 1857.358807][T14396] usb 2-1: device descriptor read/64, error -71
[ 1860.994282][T19408] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1861.013422][T19408] loop0: detected capacity change from 0 to 16
[ 1861.031207][T19179] udevd[19179]: incorrect erofs checksum on /dev/loop0
[ 1861.070637][T19408] erofs: (device loop0): erofs_superblock_csum_verify: invalid checksum 0x80a9593b, 0x7bbbea8c expected
[ 1861.344452][T19413] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1861.526868][T11834] usb 5-1: new full-speed USB device number 44 using dummy_hcd
[ 1861.546570][T19417] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1862.091262][T19424] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[ 1862.710847][T19429] xt_socket: unknown flags 0xc
[ 1865.574977][T19453] loop0: detected capacity change from 0 to 2048
[ 1865.714463][T19453] EXT4-fs (loop0): Ignoring removed mblk_io_submit option
[ 1865.765472][T19453] EXT4-fs (loop0): dax option not supported
[ 1867.150211][   T30] audit: type=1326 audit(1749305806.330:281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19454 comm="syz.3.5293" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fca9fc91929 code=0x0
[ 1867.446880][T19488] overlayfs: failed to resolve './file0': -2
[ 1868.006045][T19493] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1868.215462][T19498] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[ 1871.009872][T19517] loop0: detected capacity change from 0 to 512
[ 1871.173313][T19517] EXT4-fs (loop0): Ignoring removed mblk_io_submit option
[ 1871.191291][T19517] EXT4-fs (loop0): Journaled quota options ignored when QUOTA feature is enabled
[ 1871.216157][T19517] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1871.258262][T19517] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 56 vs 41 free clusters
[ 1871.275331][T19517] EXT4-fs (loop0): Remounting filesystem read-only
[ 1871.317515][T19517] Quota error (device loop0): write_blk: dquota write failed
[ 1871.368802][T19517] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[ 1871.396488][T19517] EXT4-fs error (device loop0): ext4_acquire_dquot:6195: comm syz.0.5312: Failed to acquire dquot type 0
[ 1871.408843][T19517] EXT4-fs (loop0): Remounting filesystem read-only
[ 1871.457191][T19517] Quota error (device loop0): write_blk: dquota write failed
[ 1871.536368][T19517] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[ 1871.547059][T19517] EXT4-fs error (device loop0): ext4_acquire_dquot:6195: comm syz.0.5312: Failed to acquire dquot type 0
[ 1871.559907][T19517] EXT4-fs (loop0): Remounting filesystem read-only
[ 1871.567327][T19517] Quota error (device loop0): write_blk: dquota write failed
[ 1871.575277][T19517] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[ 1871.586451][T19517] EXT4-fs error (device loop0): ext4_acquire_dquot:6195: comm syz.0.5312: Failed to acquire dquot type 0
[ 1871.602692][T19517] EXT4-fs (loop0): Remounting filesystem read-only
[ 1871.610040][T19517] EXT4-fs (loop0): 1 orphan inode deleted
[ 1871.616576][T19517] EXT4-fs (loop0): mounted filesystem without journal. Opts: nobarrier,noblock_validity,mblk_io_submit,barrier=0x0000000000000003,errors=remount-ro,acl,noauto_da_alloc,max_batch_time=0x0000000000000006,grpjquota=2defcontext=sysadm_u,. Quota mode: writeback.
[ 1872.805203][T19544] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5317'.
[ 1873.027260][T19546] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1873.075912][T19546] loop0: detected capacity change from 0 to 16
[ 1873.190655][T19546] erofs: (device loop0): erofs_superblock_csum_verify: invalid checksum 0x80a9593b, 0x7bbbea8c expected
[ 1873.240430][T19550] overlayfs: failed to resolve './file0': -2
[ 1873.478299][T19515] udevd[19515]: incorrect erofs checksum on /dev/loop0
[ 1873.499256][T19553] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1873.943930][T19554] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[ 1874.287855][T19558] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[ 1875.225161][T19562] loop0: detected capacity change from 0 to 2048
[ 1876.667028][T19569] udevd[19569]: inotify_add_watch(7, /dev/loop1, 10) failed: No such file or directory
[ 1876.788108][T19562] EXT4-fs (loop0): Ignoring removed mblk_io_submit option
[ 1876.811587][T19562] EXT4-fs (loop0): dax option not supported
[ 1878.691672][T19595] loop0: detected capacity change from 0 to 512
[ 1878.706438][T19595] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[ 1878.758251][T19595] EXT4-fs (loop0): 1 truncate cleaned up
[ 1878.765111][T19595] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,nobarrier,init_itable,errors=remount-ro,block_validity,dioread_lock,. Quota mode: none.
[ 1879.044871][T19606] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1879.174673][T19608] overlayfs: failed to resolve './file0': -2
[ 1879.242171][T19609] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[ 1879.688062][T11693] usb 4-1: new full-speed USB device number 54 using dummy_hcd
[ 1880.107238][T19620] usb usb8: usbfs: process 19620 (syz.2.5337) did not claim interface 0 before use
[ 1880.611080][T11693] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1880.626603][T11693] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1881.547383][T11693] usb 4-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40
[ 1882.133686][T11693] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=4
[ 1882.166178][T11693] usb 4-1: SerialNumber: syz
[ 1882.180518][T11693] usb 4-1: config 0 descriptor??
[ 1882.295751][T11693] usb 4-1: can't set config #0, error -71
[ 1882.314663][T11693] usb 4-1: USB disconnect, device number 54
[ 1884.898901][T19663] overlayfs: failed to resolve './file0': -2
[ 1888.186976][T19702] loop0: detected capacity change from 0 to 2048
[ 1889.239256][T19711] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1889.305644][   T30] audit: type=1326 audit(1749305828.490:282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19678 comm="syz.3.5354" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fca9fc91929 code=0x0
[ 1889.378080][T19702] EXT4-fs (loop0): Ignoring removed mblk_io_submit option
[ 1889.385275][T19702] EXT4-fs (loop0): dax option not supported
[ 1889.460739][T19715] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[ 1890.377846][T19714] xt_socket: unknown flags 0xc
[ 1891.346481][T19732] loop0: detected capacity change from 0 to 512
[ 1891.394589][T19732] EXT4-fs (loop0): Ignoring removed mblk_io_submit option
[ 1891.401801][T19732] EXT4-fs (loop0): Journaled quota options ignored when QUOTA feature is enabled
[ 1891.435755][T19732] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1891.503970][T19732] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 56 vs 41 free clusters
[ 1891.677388][T19732] EXT4-fs (loop0): Remounting filesystem read-only
[ 1891.726858][T19732] Quota error (device loop0): write_blk: dquota write failed
[ 1891.827864][T19732] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[ 1891.837861][T19732] EXT4-fs error (device loop0): ext4_acquire_dquot:6195: comm syz.0.5369: Failed to acquire dquot type 0
[ 1891.863716][T19732] EXT4-fs (loop0): Remounting filesystem read-only
[ 1891.876455][T19732] Quota error (device loop0): write_blk: dquota write failed
[ 1891.883972][T19732] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[ 1891.894047][T19732] EXT4-fs error (device loop0): ext4_acquire_dquot:6195: comm syz.0.5369: Failed to acquire dquot type 0
[ 1891.909496][T19732] EXT4-fs (loop0): Remounting filesystem read-only
[ 1891.932643][T19732] Quota error (device loop0): write_blk: dquota write failed
[ 1891.953022][T19732] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[ 1891.982413][T19732] EXT4-fs error (device loop0): ext4_acquire_dquot:6195: comm syz.0.5369: Failed to acquire dquot type 0
[ 1892.027981][T19732] EXT4-fs (loop0): Remounting filesystem read-only
[ 1892.111709][T19732] EXT4-fs (loop0): 1 orphan inode deleted
[ 1892.158966][T19732] EXT4-fs (loop0): mounted filesystem without journal. Opts: nobarrier,noblock_validity,mblk_io_submit,barrier=0x0000000000000003,errors=remount-ro,acl,noauto_da_alloc,max_batch_time=0x0000000000000006,grpjquota=2defcontext=sysadm_u,. Quota mode: writeback.
[ 1893.069750][T19760] loop0: detected capacity change from 0 to 1024
[ 1894.174204][   T30] audit: type=1326 audit(1749305833.360:283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19743 comm="syz.1.5371" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f410b0a8929 code=0x0
[ 1894.202059][T19773] loop0: detected capacity change from 0 to 512
[ 1894.313111][T19773] EXT4-fs (loop0): Ignoring removed mblk_io_submit option
[ 1894.320413][T19773] EXT4-fs (loop0): Journaled quota options ignored when QUOTA feature is enabled
[ 1894.330005][T19773] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1894.355253][T19773] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 56 vs 41 free clusters
[ 1894.864507][T19773] EXT4-fs (loop0): Remounting filesystem read-only
[ 1894.877389][T19773] Quota error (device loop0): write_blk: dquota write failed
[ 1894.933260][T19773] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[ 1894.961132][T19773] EXT4-fs error (device loop0): ext4_acquire_dquot:6195: comm syz.0.5378: Failed to acquire dquot type 0
[ 1895.003425][T19773] EXT4-fs (loop0): Remounting filesystem read-only
[ 1895.129826][T19773] Quota error (device loop0): write_blk: dquota write failed
[ 1895.137376][T19773] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[ 1895.153936][T19773] EXT4-fs error (device loop0): ext4_acquire_dquot:6195: comm syz.0.5378: Failed to acquire dquot type 0
[ 1895.178924][T19773] EXT4-fs (loop0): Remounting filesystem read-only
[ 1895.197737][T19773] Quota error (device loop0): write_blk: dquota write failed
[ 1895.244036][T19773] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[ 1895.264146][T19773] EXT4-fs error (device loop0): ext4_acquire_dquot:6195: comm syz.0.5378: Failed to acquire dquot type 0
[ 1895.285105][T19773] EXT4-fs (loop0): Remounting filesystem read-only
[ 1895.295291][T19773] EXT4-fs (loop0): 1 orphan inode deleted
[ 1895.301274][T19773] EXT4-fs (loop0): mounted filesystem without journal. Opts: nobarrier,noblock_validity,mblk_io_submit,barrier=0x0000000000000003,errors=remount-ro,acl,noauto_da_alloc,max_batch_time=0x0000000000000006,grpjquota=2defcontext=sysadm_u,. Quota mode: writeback.
[ 1896.467070][T19797] bridge: RTM_NEWNEIGH with invalid ether address
[ 1898.803919][   T39] usb 4-1: new full-speed USB device number 55 using dummy_hcd
[ 1898.943842][T12481] usb 5-1: new full-speed USB device number 45 using dummy_hcd
[ 1899.194045][   T39] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1899.214318][   T39] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1899.374408][   T39] usb 4-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40
[ 1899.400800][   T39] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=4
[ 1899.460854][   T39] usb 4-1: SerialNumber: syz
[ 1899.535605][   T39] usb 4-1: config 0 descriptor??
[ 1899.575083][   T39] usb 4-1: Found UVC 0.00 device <unnamed> (10c4:ea90)
[ 1899.585193][   T39] usb 4-1: No valid video chain found.
[ 1899.634191][T12481] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1899.650959][T12481] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1899.763972][T12481] usb 5-1: string descriptor 0 read error: -71
[ 1899.771359][T12481] usb 5-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40
[ 1899.819079][T12481] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=4
[ 1899.831972][T12481] usb 5-1: config 0 descriptor??
[ 1899.853948][T12481] usb 5-1: can't set config #0, error -71
[ 1899.865488][T12481] usb 5-1: USB disconnect, device number 45
[ 1901.395608][T19847] loop0: detected capacity change from 0 to 512
[ 1901.402527][T11283] usb 4-1: USB disconnect, device number 55
[ 1901.457857][T19855] bridge: RTM_NEWNEIGH with invalid ether address
[ 1901.598291][T19847] EXT4-fs (loop0): Ignoring removed mblk_io_submit option
[ 1901.621188][T19847] EXT4-fs (loop0): Journaled quota options ignored when QUOTA feature is enabled
[ 1901.632324][T19847] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1901.702038][T19847] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 56 vs 41 free clusters
[ 1901.742480][T19847] EXT4-fs (loop0): Remounting filesystem read-only
[ 1901.751787][T19847] Quota error (device loop0): write_blk: dquota write failed
[ 1901.761602][T19847] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[ 1901.772217][T19847] EXT4-fs error (device loop0): ext4_acquire_dquot:6195: comm syz.0.5398: Failed to acquire dquot type 0
[ 1903.230292][T19847] EXT4-fs (loop0): Remounting filesystem read-only
[ 1903.236996][T19847] Quota error (device loop0): write_blk: dquota write failed
[ 1903.244745][T19847] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[ 1903.254958][T19847] EXT4-fs error (device loop0): ext4_acquire_dquot:6195: comm syz.0.5398: Failed to acquire dquot type 0
[ 1903.266796][T19847] EXT4-fs (loop0): Remounting filesystem read-only
[ 1903.281211][T19847] Quota error (device loop0): write_blk: dquota write failed
[ 1903.377667][T19847] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[ 1903.387896][T19847] EXT4-fs error (device loop0): ext4_acquire_dquot:6195: comm syz.0.5398: Failed to acquire dquot type 0
[ 1903.439170][T19847] EXT4-fs (loop0): Remounting filesystem read-only
[ 1903.446042][T19847] EXT4-fs (loop0): 1 orphan inode deleted
[ 1903.451822][T19847] EXT4-fs (loop0): mounted filesystem without journal. Opts: nobarrier,noblock_validity,mblk_io_submit,barrier=0x0000000000000003,errors=remount-ro,acl,noauto_da_alloc,max_batch_time=0x0000000000000006,grpjquota=2defcontext=sysadm_u,. Quota mode: writeback.
[ 1907.913879][T14396] usb 2-1: new full-speed USB device number 40 using dummy_hcd
[ 1907.984384][T19906] loop0: detected capacity change from 0 to 512
[ 1908.002729][T19906] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[ 1908.033701][T19906] EXT4-fs (loop0): 1 truncate cleaned up
[ 1908.174500][T19906] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,nobarrier,init_itable,errors=remount-ro,block_validity,dioread_lock,. Quota mode: none.
[ 1909.593921][   T30] audit: type=1326 audit(1749305848.770:284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19901 comm="syz.4.5415" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9fc369a929 code=0x0
[ 1918.010987][T20000] usb usb8: usbfs: process 20000 (syz.3.5441) did not claim interface 0 before use
[ 1918.776320][T20005] loop0: detected capacity change from 0 to 512
[ 1918.828723][T20005] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[ 1918.891103][T20005] EXT4-fs (loop0): 1 truncate cleaned up
[ 1918.909331][T20005] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,nobarrier,init_itable,errors=remount-ro,block_validity,dioread_lock,. Quota mode: none.
[ 1919.173995][T10673] usb 3-1: new full-speed USB device number 55 using dummy_hcd
[ 1919.604205][T10673] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1919.647401][T10673] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1919.692532][T20021] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1919.815872][T10673] usb 3-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40
[ 1919.826397][T10673] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=4
[ 1919.838880][T10673] usb 3-1: SerialNumber: syz
[ 1919.886689][T20025] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[ 1920.061377][T10673] usb 3-1: config 0 descriptor??
[ 1920.118672][T20030] loop0: detected capacity change from 0 to 512
[ 1920.164523][T10673] usb 3-1: Found UVC 0.00 device <unnamed> (10c4:ea90)
[ 1920.171508][T10673] usb 3-1: No valid video chain found.
[ 1920.224364][T20030] EXT4-fs (loop0): Ignoring removed mblk_io_submit option
[ 1920.234727][T20030] EXT4-fs (loop0): Journaled quota options ignored when QUOTA feature is enabled
[ 1920.374119][T20030] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1920.490891][T20030] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 56 vs 41 free clusters
[ 1920.522106][T10673] usb 3-1: USB disconnect, device number 55
[ 1920.573916][T20030] EXT4-fs (loop0): Remounting filesystem read-only
[ 1920.583982][T20030] Quota error (device loop0): write_blk: dquota write failed
[ 1920.609136][T20030] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[ 1920.632147][T20030] EXT4-fs error (device loop0): ext4_acquire_dquot:6195: comm syz.0.5449: Failed to acquire dquot type 0
[ 1920.644188][T20030] EXT4-fs (loop0): Remounting filesystem read-only
[ 1920.650881][T20030] Quota error (device loop0): write_blk: dquota write failed
[ 1920.658443][T20030] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[ 1920.733968][T20030] EXT4-fs error (device loop0): ext4_acquire_dquot:6195: comm syz.0.5449: Failed to acquire dquot type 0
[ 1920.755740][T20030] EXT4-fs (loop0): Remounting filesystem read-only
[ 1920.762399][T20030] Quota error (device loop0): write_blk: dquota write failed
[ 1921.151572][T20030] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[ 1921.161897][T20030] EXT4-fs error (device loop0): ext4_acquire_dquot:6195: comm syz.0.5449: Failed to acquire dquot type 0
[ 1921.173608][T20030] EXT4-fs (loop0): Remounting filesystem read-only
[ 1921.180435][T20030] EXT4-fs (loop0): 1 orphan inode deleted
[ 1921.189409][T20030] EXT4-fs (loop0): mounted filesystem without journal. Opts: nobarrier,noblock_validity,mblk_io_submit,barrier=0x0000000000000003,errors=remount-ro,acl,noauto_da_alloc,max_batch_time=0x0000000000000006,grpjquota=2defcontext=sysadm_u,. Quota mode: writeback.
[ 1922.630881][T20047] overlayfs: failed to resolve './file0': -2
[ 1924.853577][T20075] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5456'.
[ 1927.969684][T14396] usb 5-1: new full-speed USB device number 46 using dummy_hcd
[ 1929.217853][T20121] loop0: detected capacity change from 0 to 2048
[ 1929.294494][T20121] EXT4-fs (loop0): Ignoring removed mblk_io_submit option
[ 1929.334266][T20121] EXT4-fs (loop0): dax option not supported
[ 1929.373950][T14396] usb 5-1: device descriptor read/all, error -71
[ 1931.157682][T20137] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5474'.
[ 1932.694231][T20150] usb usb8: usbfs: process 20150 (syz.2.5479) did not claim interface 0 before use
[ 1934.421034][T20166] loop0: detected capacity change from 0 to 512
[ 1934.447580][T20166] EXT4-fs (loop0): Ignoring removed mblk_io_submit option
[ 1934.455647][T20166] EXT4-fs (loop0): Journaled quota options ignored when QUOTA feature is enabled
[ 1934.466323][T20166] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1934.900701][T20166] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 56 vs 41 free clusters
[ 1934.915396][T20166] EXT4-fs (loop0): Remounting filesystem read-only
[ 1934.922092][T20166] Quota error (device loop0): write_blk: dquota write failed
[ 1934.930003][T20166] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[ 1934.940192][T20166] EXT4-fs error (device loop0): ext4_acquire_dquot:6195: comm syz.0.5486: Failed to acquire dquot type 0
[ 1934.952247][T20166] EXT4-fs (loop0): Remounting filesystem read-only
[ 1934.959081][T20166] Quota error (device loop0): write_blk: dquota write failed
[ 1935.000711][T20166] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[ 1935.011104][T20166] EXT4-fs error (device loop0): ext4_acquire_dquot:6195: comm syz.0.5486: Failed to acquire dquot type 0
[ 1935.023211][T20166] EXT4-fs (loop0): Remounting filesystem read-only
[ 1935.029988][T20166] Quota error (device loop0): write_blk: dquota write failed
[ 1935.038118][T20166] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[ 1935.048346][T20166] EXT4-fs error (device loop0): ext4_acquire_dquot:6195: comm syz.0.5486: Failed to acquire dquot type 0
[ 1935.215238][T20166] EXT4-fs (loop0): Remounting filesystem read-only
[ 1935.245604][T20166] EXT4-fs (loop0): 1 orphan inode deleted
[ 1935.306631][T20166] EXT4-fs (loop0): mounted filesystem without journal. Opts: nobarrier,noblock_validity,mblk_io_submit,barrier=0x0000000000000003,errors=remount-ro,acl,noauto_da_alloc,max_batch_time=0x0000000000000006,grpjquota=2defcontext=sysadm_u,. Quota mode: writeback.
[ 1936.068868][T20191] loop0: detected capacity change from 0 to 512
[ 1936.158893][T20191] EXT4-fs (loop0): Ignoring removed mblk_io_submit option
[ 1936.208174][T20191] EXT4-fs (loop0): Journaled quota options ignored when QUOTA feature is enabled
[ 1936.393301][T20191] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1936.507417][T20191] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 56 vs 41 free clusters
[ 1936.534094][T20191] EXT4-fs (loop0): Remounting filesystem read-only
[ 1936.540803][T20191] Quota error (device loop0): write_blk: dquota write failed
[ 1936.555090][T20191] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[ 1936.597843][T20191] EXT4-fs error (device loop0): ext4_acquire_dquot:6195: comm syz.0.5492: Failed to acquire dquot type 0
[ 1936.626615][T20199] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5493'.
[ 1936.645264][T20199] device bridge0 entered promiscuous mode
[ 1936.653165][T20199] bridge0: port 3(macsec1) entered blocking state
[ 1936.659703][T20199] bridge0: port 3(macsec1) entered disabled state
[ 1936.670962][T20199] device bridge0 left promiscuous mode
[ 1936.710284][T20191] EXT4-fs (loop0): Remounting filesystem read-only
[ 1936.725267][T20191] Quota error (device loop0): write_blk: dquota write failed
[ 1936.894869][T20191] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[ 1936.905004][T20191] EXT4-fs error (device loop0): ext4_acquire_dquot:6195: comm syz.0.5492: Failed to acquire dquot type 0
[ 1936.965048][T20191] EXT4-fs (loop0): Remounting filesystem read-only
[ 1937.006716][T20191] EXT4-fs error (device loop0): ext4_acquire_dquot:6195: comm syz.0.5492: Failed to acquire dquot type 0
[ 1937.069043][T20191] EXT4-fs (loop0): Remounting filesystem read-only
[ 1937.075951][T20191] EXT4-fs (loop0): 1 orphan inode deleted
[ 1937.081823][T20191] EXT4-fs (loop0): mounted filesystem without journal. Opts: nobarrier,noblock_validity,mblk_io_submit,barrier=0x0000000000000003,errors=remount-ro,acl,noauto_da_alloc,max_batch_time=0x0000000000000006,grpjquota=2defcontext=sysadm_u,. Quota mode: writeback.
[ 1941.917552][T20231] loop0: detected capacity change from 0 to 512
[ 1941.968295][T20231] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[ 1942.013308][T20231] EXT4-fs (loop0): 1 truncate cleaned up
[ 1942.019267][T20231] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,nobarrier,init_itable,errors=remount-ro,block_validity,dioread_lock,. Quota mode: none.
[ 1946.407651][T20263] bridge: RTM_NEWNEIGH with invalid ether address
[ 1952.204897][T20322] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5525'.
[ 1952.971025][T20329] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1954.691073][T20349] loop0: detected capacity change from 0 to 512
[ 1954.748135][T20350] overlayfs: failed to resolve './file0': -2
[ 1954.916126][T20349] EXT4-fs (loop0): Ignoring removed mblk_io_submit option
[ 1954.948362][T20349] EXT4-fs (loop0): Journaled quota options ignored when QUOTA feature is enabled
[ 1955.732031][T20349] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1955.794963][T20349] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 56 vs 41 free clusters
[ 1955.863855][T20349] EXT4-fs (loop0): Remounting filesystem read-only
[ 1956.043968][T20349] __quota_error: 2 callbacks suppressed
[ 1956.043988][T20349] Quota error (device loop0): write_blk: dquota write failed
[ 1956.074958][T20349] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[ 1956.093918][T20349] EXT4-fs error (device loop0): ext4_acquire_dquot:6195: comm syz.0.5534: Failed to acquire dquot type 0
[ 1956.113873][T20349] EXT4-fs (loop0): Remounting filesystem read-only
[ 1956.120700][T20349] Quota error (device loop0): write_blk: dquota write failed
[ 1956.128178][T20349] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[ 1956.138326][T20349] EXT4-fs error (device loop0): ext4_acquire_dquot:6195: comm syz.0.5534: Failed to acquire dquot type 0
[ 1956.153947][T20349] EXT4-fs (loop0): Remounting filesystem read-only
[ 1956.161915][T20349] Quota error (device loop0): write_blk: dquota write failed
[ 1956.174821][T20349] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[ 1956.192352][T20349] EXT4-fs error (device loop0): ext4_acquire_dquot:6195: comm syz.0.5534: Failed to acquire dquot type 0
[ 1956.204112][T20349] EXT4-fs (loop0): Remounting filesystem read-only
[ 1956.210777][T20349] EXT4-fs (loop0): 1 orphan inode deleted
[ 1956.216793][T20349] EXT4-fs (loop0): mounted filesystem without journal. Opts: nobarrier,noblock_validity,mblk_io_submit,barrier=0x0000000000000003,errors=remount-ro,acl,noauto_da_alloc,max_batch_time=0x0000000000000006,grpjquota=2defcontext=sysadm_u,. Quota mode: writeback.
[ 1956.750177][T18107] usb 2-1: new full-speed USB device number 41 using dummy_hcd
[ 1957.143960][T18107] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1957.155360][T18107] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1957.254270][T18107] usb 2-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40
[ 1957.265921][T18107] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=4
[ 1957.274407][T18107] usb 2-1: SerialNumber: syz
[ 1957.294327][T18107] usb 2-1: config 0 descriptor??
[ 1957.475652][T20388] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5542'.
[ 1957.521819][T20388] device bridge0 entered promiscuous mode
[ 1957.533658][T20388] bridge0: port 3(macsec1) entered blocking state
[ 1957.540204][T20388] bridge0: port 3(macsec1) entered disabled state
[ 1957.733825][T20389] usb usb8: usbfs: process 20389 (syz.4.5544) did not claim interface 0 before use
[ 1957.767959][T20388] device bridge0 left promiscuous mode
[ 1957.846693][T18107] usb 2-1: Found UVC 0.00 device <unnamed> (10c4:ea90)
[ 1957.875898][T18107] usb 2-1: No valid video chain found.
[ 1958.174346][T20195] usb 2-1: USB disconnect, device number 41
[ 1959.281248][T20407] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1959.290370][T20407] loop0: detected capacity change from 0 to 16
[ 1959.300131][T20315] udevd[20315]: incorrect erofs checksum on /dev/loop0
[ 1959.321117][T20407] erofs: (device loop0): erofs_superblock_csum_verify: invalid checksum 0x80a9593b, 0x7bbbea8c expected
[ 1959.961592][   T39] usb 3-1: new full-speed USB device number 56 using dummy_hcd
[ 1960.256012][T20427] loop1: detected capacity change from 0 to 1024
[ 1960.311224][T20429] loop0: detected capacity change from 0 to 2048
[ 1960.346652][   T39] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1960.358043][   T39] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1960.390047][T20429] EXT4-fs (loop0): Ignoring removed mblk_io_submit option
[ 1960.397721][T20429] EXT4-fs (loop0): dax option not supported
[ 1960.543267][   T39] usb 3-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40
[ 1960.552610][   T39] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=4
[ 1960.561003][   T39] usb 3-1: SerialNumber: syz
[ 1960.597292][   T39] usb 3-1: config 0 descriptor??
[ 1960.656235][   T39] usb 3-1: Found UVC 0.00 device <unnamed> (10c4:ea90)
[ 1960.669973][   T39] usb 3-1: No valid video chain found.
[ 1961.006483][T20436] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5555'.
[ 1961.576357][T20452] usb usb8: usbfs: process 20452 (syz.1.5559) did not claim interface 0 before use
[ 1963.229853][T20460] loop1: detected capacity change from 0 to 512
[ 1963.239217][T12667] usb 3-1: USB disconnect, device number 56
[ 1963.394054][T20460] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[ 1963.500816][T20467] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5563'.
[ 1963.748090][T20460] EXT4-fs (loop1): 1 truncate cleaned up
[ 1963.759059][T20460] EXT4-fs (loop1): mounted filesystem without journal. Opts: errors=remount-ro,nobarrier,init_itable,errors=remount-ro,block_validity,dioread_lock,. Quota mode: none.
[ 1963.934050][T20462] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[ 1964.753872][T14396] usb 2-1: new full-speed USB device number 42 using dummy_hcd
[ 1964.937380][T20489] usb usb8: usbfs: process 20489 (syz.4.5569) did not claim interface 0 before use
[ 1965.065522][T20491] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5568'.
[ 1965.109160][T20491] device bridge0 entered promiscuous mode
[ 1965.121867][T20491] bridge0: port 3(macsec1) entered blocking state
[ 1965.128401][T20491] bridge0: port 3(macsec1) entered disabled state
[ 1965.182952][T20491] device bridge0 left promiscuous mode
[ 1965.811202][T14396] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1966.682800][T14396] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1969.551781][T20505] usb usb8: usbfs: process 20505 (syz.2.5573) did not claim interface 0 before use
[ 1970.033852][T14396] usb 2-1: string descriptor 0 read error: -71
[ 1970.041037][T14396] usb 2-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40
[ 1970.050862][T14396] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=4
[ 1970.064321][T14396] usb 2-1: config 0 descriptor??
[ 1970.083917][T14396] usb 2-1: can't set config #0, error -71
[ 1970.100363][T14396] usb 2-1: USB disconnect, device number 42
[ 1970.113921][   T39] usb 4-1: new full-speed USB device number 56 using dummy_hcd
[ 1970.740762][   T39] usb 4-1: unable to read config index 0 descriptor/start: -71
[ 1970.748492][   T39] usb 4-1: can't read configurations, error -71
[ 1971.093237][T20523] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5578'.
[ 1971.667215][T20528] loop1: detected capacity change from 0 to 512
[ 1971.684446][T20528] EXT4-fs (loop1): Ignoring removed mblk_io_submit option
[ 1971.692013][T20528] EXT4-fs (loop1): Journaled quota options ignored when QUOTA feature is enabled
[ 1971.701409][T20528] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1971.839306][T20528] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 56 vs 41 free clusters
[ 1971.855459][T20528] EXT4-fs (loop1): Remounting filesystem read-only
[ 1971.862370][T20528] Quota error (device loop1): write_blk: dquota write failed
[ 1972.831034][T20538] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5581'.
[ 1972.843873][T20538] device bridge0 entered promiscuous mode
[ 1972.850858][T20538] bridge0: port 3(macsec1) entered blocking state
[ 1972.857397][T20538] bridge0: port 3(macsec1) entered disabled state
[ 1972.871785][T20538] device bridge0 left promiscuous mode
[ 1973.125039][T20528] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota
[ 1973.211326][T20528] EXT4-fs error (device loop1): ext4_acquire_dquot:6195: comm syz.1.5580: Failed to acquire dquot type 0
[ 1973.250939][T20528] EXT4-fs (loop1): Remounting filesystem read-only
[ 1973.258086][T20528] Quota error (device loop1): write_blk: dquota write failed
[ 1973.267057][T20528] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota
[ 1973.277267][T20528] EXT4-fs error (device loop1): ext4_acquire_dquot:6195: comm syz.1.5580: Failed to acquire dquot type 0
[ 1973.294269][T20528] EXT4-fs (loop1): Remounting filesystem read-only
[ 1973.306378][T20528] Quota error (device loop1): write_blk: dquota write failed
[ 1973.320464][T20528] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota
[ 1973.332265][T20545] netlink: 44 bytes leftover after parsing attributes in process `syz.2.5585'.
[ 1973.337231][T20528] EXT4-fs error (device loop1): ext4_acquire_dquot:6195: comm syz.1.5580: Failed to acquire dquot type 0
[ 1973.381741][T20528] EXT4-fs (loop1): Remounting filesystem read-only
[ 1973.388564][T20528] EXT4-fs (loop1): 1 orphan inode deleted
[ 1973.394665][T20528] EXT4-fs (loop1): mounted filesystem without journal. Opts: nobarrier,noblock_validity,mblk_io_submit,barrier=0x0000000000000003,errors=remount-ro,acl,noauto_da_alloc,max_batch_time=0x0000000000000006,grpjquota=2defcontext=sysadm_u,. Quota mode: writeback.
[ 1974.751284][T20555] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5587'.
[ 1975.189036][T20564] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5593'.
[ 1977.007345][T20579] bridge: RTM_NEWNEIGH with invalid ether address
[ 1977.184862][T20583] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5594'.
[ 1977.203354][T20583] device bridge0 entered promiscuous mode
[ 1977.211031][T20583] bridge0: port 3(macsec1) entered blocking state
[ 1977.217524][T20583] bridge0: port 3(macsec1) entered disabled state
[ 1977.228640][T20583] device bridge0 left promiscuous mode
[ 1979.052514][T20595] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5598'.
[ 1979.533865][   T39] usb 4-1: new full-speed USB device number 58 using dummy_hcd
[ 1980.074081][   T39] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1980.085356][   T39] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1980.184502][   T39] usb 4-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40
[ 1980.194087][   T39] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=4
[ 1980.202351][   T39] usb 4-1: SerialNumber: syz
[ 1980.207496][T13667] usb 3-1: new full-speed USB device number 57 using dummy_hcd
[ 1980.227637][   T39] usb 4-1: config 0 descriptor??
[ 1980.264537][   T39] usb 4-1: Found UVC 0.00 device <unnamed> (10c4:ea90)
[ 1980.271454][   T39] usb 4-1: No valid video chain found.
[ 1980.412549][ T7026] usb 4-1: USB disconnect, device number 58
[ 1981.114414][T13667] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1981.359985][T13667] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1983.901974][T20642] loop1: detected capacity change from 0 to 512
[ 1983.924771][T20642] EXT4-fs (loop1): Ignoring removed mblk_io_submit option
[ 1983.939764][T20642] EXT4-fs (loop1): Journaled quota options ignored when QUOTA feature is enabled
[ 1984.036591][T20642] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1984.053993][T13667] usb 3-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40
[ 1984.063314][T13667] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=4
[ 1984.071948][T13667] usb 3-1: SerialNumber: syz
[ 1984.077873][T13667] usb 3-1: config 0 descriptor??
[ 1984.083862][T20642] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 56 vs 41 free clusters
[ 1984.101734][T20642] EXT4-fs (loop1): Remounting filesystem read-only
[ 1984.109653][T20642] Quota error (device loop1): write_blk: dquota write failed
[ 1984.137214][T13667] usb 3-1: Found UVC 0.00 device <unnamed> (10c4:ea90)
[ 1984.377448][T20642] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota
[ 1984.387691][T13667] usb 3-1: No valid video chain found.
[ 1984.402275][T13667] usb 3-1: USB disconnect, device number 57
[ 1984.412149][T20642] EXT4-fs error (device loop1): ext4_acquire_dquot:6195: comm syz.1.5611: Failed to acquire dquot type 0
[ 1984.424582][T20642] EXT4-fs (loop1): Remounting filesystem read-only
[ 1984.438493][T20642] Quota error (device loop1): write_blk: dquota write failed
[ 1984.446101][T20642] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota
[ 1984.462385][T20642] EXT4-fs error (device loop1): ext4_acquire_dquot:6195: comm syz.1.5611: Failed to acquire dquot type 0
[ 1984.513254][T20642] EXT4-fs (loop1): Remounting filesystem read-only
[ 1984.520041][T20642] Quota error (device loop1): write_blk: dquota write failed
[ 1984.528122][T20642] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota
[ 1984.538068][T20642] EXT4-fs error (device loop1): ext4_acquire_dquot:6195: comm syz.1.5611: Failed to acquire dquot type 0
[ 1984.549607][T20642] EXT4-fs (loop1): Remounting filesystem read-only
[ 1984.556285][T20642] EXT4-fs (loop1): 1 orphan inode deleted
[ 1984.562103][T20642] EXT4-fs (loop1): mounted filesystem without journal. Opts: nobarrier,noblock_validity,mblk_io_submit,barrier=0x0000000000000003,errors=remount-ro,acl,noauto_da_alloc,max_batch_time=0x0000000000000006,grpjquota=2defcontext=sysadm_u,. Quota mode: writeback.
[ 1984.703621][T20661] bridge: RTM_NEWNEIGH with invalid ether address
[ 1986.960312][T20679] usb usb8: usbfs: process 20679 (syz.2.5621) did not claim interface 0 before use
[ 1987.248503][  T343] usb 4-1: new full-speed USB device number 59 using dummy_hcd
[ 1987.962439][T20683] loop1: detected capacity change from 0 to 512
[ 1988.056097][T20683] EXT4-fs (loop1): Ignoring removed mblk_io_submit option
[ 1988.082701][T20683] EXT4-fs (loop1): Journaled quota options ignored when QUOTA feature is enabled
[ 1988.126567][T20683] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1988.227860][T20683] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 56 vs 41 free clusters
[ 1988.272732][T20683] EXT4-fs (loop1): Remounting filesystem read-only
[ 1988.300597][T20683] Quota error (device loop1): write_blk: dquota write failed
[ 1988.332597][T20683] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota
[ 1988.374007][T20683] EXT4-fs error (device loop1): ext4_acquire_dquot:6195: comm syz.1.5620: Failed to acquire dquot type 0
[ 1988.412339][T20683] EXT4-fs (loop1): Remounting filesystem read-only
[ 1988.432395][T20683] Quota error (device loop1): write_blk: dquota write failed
[ 1988.470390][T20683] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota
[ 1988.517946][T20683] EXT4-fs error (device loop1): ext4_acquire_dquot:6195: comm syz.1.5620: Failed to acquire dquot type 0
[ 1988.597757][T20683] EXT4-fs (loop1): Remounting filesystem read-only
[ 1988.618139][T20683] EXT4-fs error (device loop1): ext4_acquire_dquot:6195: comm syz.1.5620: Failed to acquire dquot type 0
[ 1988.643868][T20683] EXT4-fs (loop1): Remounting filesystem read-only
[ 1988.657925][T20683] EXT4-fs (loop1): 1 orphan inode deleted
[ 1989.055510][T20683] EXT4-fs (loop1): mounted filesystem without journal. Opts: nobarrier,noblock_validity,mblk_io_submit,barrier=0x0000000000000003,errors=remount-ro,acl,noauto_da_alloc,max_batch_time=0x0000000000000006,grpjquota=2defcontext=sysadm_u,. Quota mode: writeback.
[ 1989.088364][T20698] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5625'.
[ 1989.106203][T20698] device bridge0 entered promiscuous mode
[ 1989.114089][T20698] bridge0: port 3(macsec1) entered blocking state
[ 1989.120545][T20698] bridge0: port 3(macsec1) entered disabled state
[ 1989.132367][T20698] device bridge0 left promiscuous mode
[ 1991.783821][T14396] usb 3-1: new full-speed USB device number 58 using dummy_hcd
[ 1991.804612][T20727] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5634'.
[ 1991.908323][T20733] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5636'.
[ 1991.983891][  T343] usb 4-1: device descriptor read/64, error -71
[ 1992.493928][T14396] usb 3-1: unable to read config index 0 descriptor/all
[ 1992.502007][T14396] usb 3-1: can't read configurations, error -71
[ 1992.597260][T20742] loop1: detected capacity change from 0 to 512
[ 1992.696368][T20743] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5638'.
[ 1992.716043][T20743] device bridge0 entered promiscuous mode
[ 1992.723936][T20743] bridge0: port 3(macsec1) entered blocking state
[ 1992.730401][T20743] bridge0: port 3(macsec1) entered disabled state
[ 1992.742534][T20743] device bridge0 left promiscuous mode
[ 1992.897043][T20742] EXT4-fs (loop1): Ignoring removed mblk_io_submit option
[ 1992.914607][T20742] EXT4-fs (loop1): Journaled quota options ignored when QUOTA feature is enabled
[ 1992.924014][T20742] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1992.954832][T20742] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 56 vs 41 free clusters
[ 1992.969515][T20742] EXT4-fs (loop1): Remounting filesystem read-only
[ 1992.976175][T20742] __quota_error: 2 callbacks suppressed
[ 1992.976192][T20742] Quota error (device loop1): write_blk: dquota write failed
[ 1992.989781][T20742] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota
[ 1993.000204][T20742] EXT4-fs error (device loop1): ext4_acquire_dquot:6195: comm syz.1.5639: Failed to acquire dquot type 0
[ 1993.012268][T20742] EXT4-fs (loop1): Remounting filesystem read-only
[ 1993.029489][T20742] Quota error (device loop1): write_blk: dquota write failed
[ 1993.037180][T20742] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota
[ 1993.047346][T20742] EXT4-fs error (device loop1): ext4_acquire_dquot:6195: comm syz.1.5639: Failed to acquire dquot type 0
[ 1993.059038][T20742] EXT4-fs (loop1): Remounting filesystem read-only
[ 1993.065939][T20742] Quota error (device loop1): write_blk: dquota write failed
[ 1993.073542][T20742] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota
[ 1994.084217][T20742] EXT4-fs error (device loop1): ext4_acquire_dquot:6195: comm syz.1.5639: Failed to acquire dquot type 0
[ 1994.105257][T20742] EXT4-fs (loop1): Remounting filesystem read-only
[ 1994.112038][T20742] EXT4-fs (loop1): 1 orphan inode deleted
[ 1994.132257][T20742] EXT4-fs (loop1): mounted filesystem without journal. Opts: nobarrier,noblock_validity,mblk_io_submit,barrier=0x0000000000000003,errors=remount-ro,acl,noauto_da_alloc,max_batch_time=0x0000000000000006,grpjquota=2defcontext=sysadm_u,. Quota mode: writeback.
[ 1995.600727][T20774] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5647'.
[ 1996.518674][T20775] usb usb8: usbfs: process 20775 (syz.0.5646) did not claim interface 0 before use
[ 1996.529521][  T343] usb 4-1: device not accepting address 59, error -71
[ 1996.958780][T20779] overlayfs: failed to resolve './file0': -2
[ 1998.410638][T20788] loop1: detected capacity change from 0 to 512
[ 1998.566036][T20788] EXT4-fs (loop1): Ignoring removed mblk_io_submit option
[ 1998.576403][T20788] EXT4-fs (loop1): Journaled quota options ignored when QUOTA feature is enabled
[ 1998.585875][T20788] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1998.607715][T20788] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 56 vs 41 free clusters
[ 1998.622737][T20788] EXT4-fs (loop1): Remounting filesystem read-only
[ 1999.709541][T20788] Quota error (device loop1): write_blk: dquota write failed
[ 1999.730010][T20788] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota
[ 1999.740631][T20788] EXT4-fs error (device loop1): ext4_acquire_dquot:6195: comm syz.1.5650: Failed to acquire dquot type 0
[ 1999.769772][T20788] EXT4-fs (loop1): Remounting filesystem read-only
[ 1999.783981][T20788] Quota error (device loop1): write_blk: dquota write failed
[ 1999.831550][T20788] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota
[ 1999.842149][T20788] EXT4-fs error (device loop1): ext4_acquire_dquot:6195: comm syz.1.5650: Failed to acquire dquot type 0
[ 1999.854002][T20788] EXT4-fs (loop1): Remounting filesystem read-only
[ 1999.860812][T20788] Quota error (device loop1): write_blk: dquota write failed
[ 1999.875913][T20788] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota
[ 2000.447768][T20788] EXT4-fs error (device loop1): ext4_acquire_dquot:6195: comm syz.1.5650: Failed to acquire dquot type 0
[ 2000.469909][T20788] EXT4-fs (loop1): Remounting filesystem read-only
[ 2000.476777][T20788] EXT4-fs (loop1): 1 orphan inode deleted
[ 2000.482610][T20788] EXT4-fs (loop1): mounted filesystem without journal. Opts: nobarrier,noblock_validity,mblk_io_submit,barrier=0x0000000000000003,errors=remount-ro,acl,noauto_da_alloc,max_batch_time=0x0000000000000006,grpjquota=2defcontext=sysadm_u,. Quota mode: writeback.
[ 2001.805269][T20835] loop1: detected capacity change from 0 to 2048
[ 2001.864121][T20835] EXT4-fs (loop1): Ignoring removed mblk_io_submit option
[ 2001.871297][T20835] EXT4-fs (loop1): dax option not supported
[ 2001.954830][  T343] usb 3-1: new full-speed USB device number 60 using dummy_hcd
[ 2002.832912][T20844] loop1: detected capacity change from 0 to 1024
[ 2004.423894][  T343] usb 3-1: unable to read config index 0 descriptor/start: -71
[ 2004.443871][  T343] usb 3-1: can't read configurations, error -71
[ 2006.714750][T20881] 9pnet: Insufficient options for proto=fd
[ 2008.486692][T20911] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5688'.
[ 2008.950225][ T7026] usb 5-1: new full-speed USB device number 48 using dummy_hcd
[ 2009.123803][T13667] usb 3-1: new full-speed USB device number 62 using dummy_hcd
[ 2009.324226][ T7026] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 2009.335575][ T7026] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2009.394708][T20930] bridge: RTM_NEWNEIGH with invalid ether address
[ 2009.526608][ T7026] usb 5-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40
[ 2009.564875][T13667] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 2009.566875][T20412] udevd[20412]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory
[ 2009.577156][ T7026] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=4
[ 2009.602120][T13667] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2009.720031][ T7026] usb 5-1: SerialNumber: syz
[ 2009.802380][T13667] usb 3-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40
[ 2010.473869][T20944] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5698'.
[ 2011.407469][ T7026] usb 5-1: config 0 descriptor??
[ 2011.417944][T13667] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=4
[ 2011.491781][T13667] usb 3-1: SerialNumber: syz
[ 2011.496677][ T7026] usb 5-1: can't set config #0, error -71
[ 2011.511314][ T7026] usb 5-1: USB disconnect, device number 48
[ 2011.530489][T13667] usb 3-1: config 0 descriptor??
[ 2011.573944][T13667] usb 3-1: can't set config #0, error -71
[ 2011.593129][T13667] usb 3-1: USB disconnect, device number 62
[ 2012.313892][T13667] usb 2-1: new full-speed USB device number 43 using dummy_hcd
[ 2012.339381][   T30] audit: type=1400 audit(1749305951.520:285): avc:  denied  { append } for  pid=20962 comm="syz.3.5704" name="kvm" dev="devtmpfs" ino=82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 2013.011515][T13667] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 2014.211002][T13667] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2016.923901][T13667] usb 2-1: string descriptor 0 read error: -71
[ 2016.934298][T13667] usb 2-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40
[ 2016.997705][T20999] netlink: 44 bytes leftover after parsing attributes in process `syz.1.5715'.
[ 2017.006114][T13667] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=4
[ 2017.958571][T13667] usb 2-1: config 0 descriptor??
[ 2018.422960][T21007] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5714'.
[ 2018.443186][T21007] device bridge0 entered promiscuous mode
[ 2018.840680][T21007] bridge0: port 3(macsec1) entered blocking state
[ 2018.847188][T21007] bridge0: port 3(macsec1) entered disabled state
[ 2018.854998][T21007] device bridge0 left promiscuous mode
[ 2018.869082][T13667] usb 2-1: can't set config #0, error -71
[ 2018.916033][T13667] usb 2-1: USB disconnect, device number 43
[ 2022.016025][T21041] loop0: detected capacity change from 0 to 512
[ 2022.048099][T21041] EXT4-fs (loop0): Ignoring removed mblk_io_submit option
[ 2022.073654][T21041] EXT4-fs (loop0): Journaled quota options ignored when QUOTA feature is enabled
[ 2022.102648][T21041] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[ 2022.281027][T21041] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 56 vs 41 free clusters
[ 2022.312485][T21041] EXT4-fs (loop0): Remounting filesystem read-only
[ 2022.328550][T21041] Quota error (device loop0): write_blk: dquota write failed
[ 2023.000213][T21061] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5731'.
[ 2023.011040][T21061] device bridge0 entered promiscuous mode
[ 2023.015287][T21041] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[ 2023.017751][T21061] bridge0: port 3(macsec1) entered blocking state
[ 2023.033331][T21061] bridge0: port 3(macsec1) entered disabled state
[ 2023.056903][T21061] device bridge0 left promiscuous mode
[ 2023.117621][T21041] EXT4-fs error (device loop0): ext4_acquire_dquot:6195: comm syz.0.5727: Failed to acquire dquot type 0
[ 2023.361684][T21041] EXT4-fs (loop0): Remounting filesystem read-only
[ 2023.368377][T21041] Quota error (device loop0): write_blk: dquota write failed
[ 2023.376371][T21041] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[ 2023.386307][T21041] EXT4-fs error (device loop0): ext4_acquire_dquot:6195: comm syz.0.5727: Failed to acquire dquot type 0
[ 2023.398015][T21041] EXT4-fs (loop0): Remounting filesystem read-only
[ 2023.404675][T21041] Quota error (device loop0): write_blk: dquota write failed
[ 2023.425630][T21041] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[ 2023.475995][T21071] usb usb8: usbfs: process 21071 (syz.2.5735) did not claim interface 0 before use
[ 2023.522399][T21041] EXT4-fs error (device loop0): ext4_acquire_dquot:6195: comm syz.0.5727: Failed to acquire dquot type 0
[ 2023.713526][T21041] EXT4-fs (loop0): Remounting filesystem read-only
[ 2023.721687][T21041] EXT4-fs (loop0): 1 orphan inode deleted
[ 2023.728310][T21041] EXT4-fs (loop0): mounted filesystem without journal. Opts: nobarrier,noblock_validity,mblk_io_submit,barrier=0x0000000000000003,errors=remount-ro,acl,noauto_da_alloc,max_batch_time=0x0000000000000006,grpjquota=2defcontext=sysadm_u,. Quota mode: writeback.
[ 2025.450452][T21088] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5741'.
[ 2026.289742][T21093] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5742'.
[ 2026.348957][T21102] loop0: detected capacity change from 0 to 2048
[ 2026.424215][T21102] EXT4-fs (loop0): Ignoring removed mblk_io_submit option
[ 2026.481406][T21102] EXT4-fs (loop0): dax option not supported
[ 2027.483066][T21115] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5746'.
[ 2027.793910][T14396] usb 4-1: new full-speed USB device number 61 using dummy_hcd
[ 2028.490706][T21130] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5761'.
[ 2029.777189][T21140] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5754'.
[ 2030.027519][T21145] netlink: 44 bytes leftover after parsing attributes in process `syz.3.5756'.
[ 2030.453890][T14396] usb 4-1: device descriptor read/all, error -71
[ 2034.909028][T21204] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5772'.
[ 2035.621730][T14396] usb 4-1: new full-speed USB device number 63 using dummy_hcd
[ 2040.130618][T21226] udevd[21226]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory
[ 2040.549826][T21254] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5791'.
[ 2040.983451][T21226] udevd[21226]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory
[ 2041.105791][T21261] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 2041.447330][T21266] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[ 2042.452053][T21276] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5796'.
[ 2042.483528][T21257] udevd[21257]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory
[ 2045.187239][T21257] udevd[21257]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory
[ 2045.253662][T21305] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5805'.
[ 2047.224514][T21324] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5810'.
[ 2047.456856][T21340] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 2047.649203][T21343] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[ 2051.765234][T21386] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5828'.
[ 2051.775865][T21386] device bridge0 entered promiscuous mode
[ 2051.782163][T21386] bridge0: port 3(macsec1) entered blocking state
[ 2051.788622][T21386] bridge0: port 3(macsec1) entered disabled state
[ 2051.797963][T21386] device bridge0 left promiscuous mode
[ 2052.078177][T21399] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 2053.205143][T21400] usb usb8: usbfs: process 21400 (syz.0.5832) did not claim interface 0 before use
[ 2054.247171][T21412] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[ 2054.868448][T21408] udevd[21408]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory
[ 2057.204386][T21445] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5844'.
[ 2057.214986][T21445] device bridge0 entered promiscuous mode
[ 2057.221284][T21445] bridge0: port 3(macsec1) entered blocking state
[ 2057.227730][T21445] bridge0: port 3(macsec1) entered disabled state
[ 2057.235353][T21445] device bridge0 left promiscuous mode
[ 2057.894087][T21450] overlayfs: failed to resolve './file1': -2
[ 2061.814044][T21494] overlayfs: failed to resolve './file1': -2
[ 2062.025636][T21501] loop0: detected capacity change from 0 to 2048
[ 2062.458318][T21507] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5863'.
[ 2062.556958][T21501] EXT4-fs (loop0): Ignoring removed mblk_io_submit option
[ 2062.564491][T21501] EXT4-fs (loop0): dax option not supported
[ 2063.460609][T21513] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5861'.
[ 2064.597743][T16058] usb 5-1: new full-speed USB device number 49 using dummy_hcd
[ 2065.243487][T16058] usb 5-1: device descriptor read/all, error -71
[ 2067.779631][T21554] overlayfs: failed to resolve './file1': -2
[ 2068.510058][T21485] udevd[21485]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory
[ 2068.573482][T21563] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5877'.
[ 2068.584340][T21563] device bridge0 entered promiscuous mode
[ 2068.590627][T21563] bridge0: port 3(macsec1) entered blocking state
[ 2068.597078][T21563] bridge0: port 3(macsec1) entered disabled state
[ 2068.662780][T21563] device bridge0 left promiscuous mode
[ 2068.742434][T21566] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 2069.013189][T21566] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[ 2069.885810][  T314] tipc: Disabling bearer <udp:syz2>
[ 2069.892128][  T314] tipc: Disabling bearer <udp:syz0>
[ 2069.900730][  T314] tipc: Left network mode
[ 2071.021657][T21585] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2071.029163][T21585] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2071.042342][T21585] device bridge_slave_0 entered promiscuous mode
[ 2071.056532][T21585] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2071.063965][T21585] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2071.130104][T21585] device bridge_slave_1 entered promiscuous mode
[ 2072.287958][T16058] usb 5-1: new full-speed USB device number 51 using dummy_hcd
[ 2072.326905][ T9095] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 2072.335027][ T9095] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2072.347555][ T9095] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 2072.356329][ T9095] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 2072.366319][ T9095] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2072.373367][ T9095] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2072.381212][ T9095] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 2072.389841][ T9095] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 2072.398492][ T9095] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2072.405598][ T9095] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2072.510846][ T9095] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 2072.518873][ T9095] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 2072.528408][ T9095] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 2072.539002][ T9095] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 2072.548479][ T9095] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 2072.868974][T21608] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5887'.
[ 2073.071016][ T9095] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 2073.079575][ T9095] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 2073.093528][T21585] device veth0_vlan entered promiscuous mode
[ 2073.100684][ T9095] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 2073.109287][ T9095] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2073.126882][ T9095] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 2073.135576][ T9095] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 2073.143183][ T9095] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2073.153429][T21585] device veth1_macvtap entered promiscuous mode
[ 2073.165646][ T9095] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 2073.166043][T16058] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 2073.174451][ T9095] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2073.240423][T16058] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2073.283898][ T9095] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 2073.300093][ T9095] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 2073.311623][T21613] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5890'.
[ 2073.389047][T21621] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5893'.
[ 2074.129186][T21497] udevd[21497]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory
[ 2074.241014][T16058] usb 5-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40
[ 2074.250187][T16058] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=4
[ 2074.279569][T16058] usb 5-1: config 0 descriptor??
[ 2076.937033][T16058] usb 5-1: can't set config #0, error -71
[ 2076.951968][T16058] usb 5-1: USB disconnect, device number 51
[ 2076.960272][  T314] device bridge_slave_1 left promiscuous mode
[ 2076.966665][  T314] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2076.974450][  T314] device bridge_slave_0 left promiscuous mode
[ 2076.980587][  T314] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2077.403563][  T314] device bridge0 left promiscuous mode
[ 2077.409392][  T314] device veth1_macvtap left promiscuous mode
[ 2077.421032][  T314] device veth0_vlan left promiscuous mode
[ 2082.779432][T16058] usb 2-1: new full-speed USB device number 44 using dummy_hcd
[ 2082.832145][T21671] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5905'.
[ 2082.842909][T21671] device bridge0 entered promiscuous mode
[ 2082.849228][T21671] bridge0: port 3(macsec1) entered blocking state
[ 2082.855702][T21671] bridge0: port 3(macsec1) entered disabled state
[ 2082.907847][T21671] device bridge0 left promiscuous mode
[ 2088.106030][T21720] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5917'.
[ 2088.223963][T16058] usb 2-1: device descriptor read/all, error -71
[ 2088.396339][T21734] usb usb8: usbfs: process 21734 (syz.1.5920) did not claim interface 0 before use
[ 2088.954068][T14396] usb 4-1: new full-speed USB device number 64 using dummy_hcd
[ 2089.580502][T21739] loop0: detected capacity change from 0 to 512
[ 2089.653981][T14396] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 2089.677388][T14396] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2089.698433][T21739] EXT4-fs (loop0): Ignoring removed mblk_io_submit option
[ 2089.725526][T21739] EXT4-fs (loop0): Journaled quota options ignored when QUOTA feature is enabled
[ 2089.751329][T21739] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[ 2090.098898][T21743] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5923'.
[ 2090.120331][T21743] device bridge0 entered promiscuous mode
[ 2090.129395][T21743] bridge0: port 3(macsec1) entered blocking state
[ 2090.135894][T21743] bridge0: port 3(macsec1) entered disabled state
[ 2090.146891][T21743] device bridge0 left promiscuous mode
[ 2090.260033][T21739] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 56 vs 41 free clusters
[ 2090.274766][T21739] EXT4-fs (loop0): Remounting filesystem read-only
[ 2090.281434][T21739] Quota error (device loop0): write_blk: dquota write failed
[ 2090.289632][T21739] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[ 2090.356351][T21739] EXT4-fs error (device loop0): ext4_acquire_dquot:6195: comm syz.0.5932: Failed to acquire dquot type 0
[ 2090.383301][T21739] EXT4-fs (loop0): Remounting filesystem read-only
[ 2090.398921][T21739] Quota error (device loop0): write_blk: dquota write failed
[ 2090.406999][T21739] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[ 2090.416868][T14396] usb 4-1: string descriptor 0 read error: -71
[ 2090.416903][T14396] usb 4-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40
[ 2090.416928][T14396] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=4
[ 2090.418004][T14396] usb 4-1: config 0 descriptor??
[ 2090.511675][T21739] EXT4-fs error (device loop0): ext4_acquire_dquot:6195: comm syz.0.5932: Failed to acquire dquot type 0
[ 2090.533362][T21739] EXT4-fs (loop0): Remounting filesystem read-only
[ 2090.540266][T21739] Quota error (device loop0): write_blk: dquota write failed
[ 2090.547929][T14396] usb 4-1: can't set config #0, error -71
[ 2090.555639][T14396] usb 4-1: USB disconnect, device number 64
[ 2090.562771][T21739] Quota error (device loop0): qtree_write_dquot: Error -28 occurred while creating quota
[ 2090.572893][T21739] EXT4-fs error (device loop0): ext4_acquire_dquot:6195: comm syz.0.5932: Failed to acquire dquot type 0
[ 2090.602400][T21739] EXT4-fs (loop0): Remounting filesystem read-only
[ 2090.610911][T21739] EXT4-fs (loop0): 1 orphan inode deleted
[ 2090.642603][T21739] EXT4-fs (loop0): mounted filesystem without journal. Opts: nobarrier,noblock_validity,mblk_io_submit,barrier=0x0000000000000003,errors=remount-ro,acl,noauto_da_alloc,max_batch_time=0x0000000000000006,grpjquota=2defcontext=sysadm_u,. Quota mode: writeback.
[ 2094.010958][T21773] usb usb8: usbfs: process 21773 (syz.1.5929) did not claim interface 0 before use
[ 2095.173945][    C0] ------------[ cut here ]------------
[ 2095.179453][    C0] refcount_t: addition on 0; use-after-free.
[ 2095.185586][    C0] WARNING: CPU: 0 PID: 21775 at lib/refcount.c:25 refcount_warn_saturate+0x104/0x1a0
[ 2095.194760][T21783] loop1: detected capacity change from 0 to 2048
[ 2095.195195][    C0] Modules linked in:
[ 2095.205421][    C0] CPU: 0 PID: 21775 Comm: syz.3.5928 Not tainted 5.15.185-syzkaller-00339-ge678c93d43cc #0
[ 2095.215487][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2095.225602][    C0] RIP: 0010:refcount_warn_saturate+0x104/0x1a0
[ 2095.231840][    C0] Code: 04 01 48 c7 c7 60 ef 62 85 e8 08 9d 50 02 0f 0b eb df e8 5f d6 1c ff c6 05 ba f8 99 04 01 48 c7 c7 a0 ee 62 85 e8 ec 9c 50 02 <0f> 0b eb c3 e8 43 d6 1c ff c6 05 9f f8 99 04 01 48 c7 c7 00 ef 62
[ 2095.251595][    C0] RSP: 0018:ffffc900000079e0 EFLAGS: 00010246
[ 2095.253895][    C1] ------------[ cut here ]------------
[ 2095.257780][    C0] RAX: bbc0fad06e567c00 RBX: 0000000000000002 RCX: ffff8881100ea780
[ 2095.263375][    C1] refcount_t: saturated; leaking memory.
[ 2095.271332][    C0] RDX: 0000000000000100 RSI: 0000000000000101 RDI: 0000000000000000
[ 2095.277072][    C1] WARNING: CPU: 1 PID: 21785 at lib/refcount.c:22 refcount_warn_saturate+0x158/0x1a0
[ 2095.284926][    C0] RBP: ffffc900000079f0 R08: dffffc0000000000 R09: fffff52000000e89
[ 2095.294372][    C1] Modules linked in:
[ 2095.302323][    C0] R10: fffff52000000e89 R11: 1ffff92000000e88 R12: ffff888107f8ce08
[ 2095.306210][    C1] CPU: 1 PID: 21785 Comm: syz-executor Not tainted 5.15.185-syzkaller-00339-ge678c93d43cc #0
[ 2095.314174][    C0] R13: dffffc0000000000 R14: 0000000000000002 R15: ffffc90000007ba0
[ 2095.324312][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2095.332276][    C0] FS:  0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[ 2095.342333][    C1] RIP: 0010:refcount_warn_saturate+0x158/0x1a0
[ 2095.351264][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2095.357409][    C1] Code: 04 01 48 c7 c7 40 ee 62 85 e8 b4 9c 50 02 0f 0b eb 8b e8 0b d6 1c ff c6 05 65 f8 99 04 01 48 c7 c7 40 ee 62 85 e8 98 9c 50 02 <0f> 0b e9 6c ff ff ff e8 ec d5 1c ff c6 05 4a f8 99 04 01 48 c7 c7
[ 2095.363984][    C0] CR2: 0000200001000000 CR3: 000000011b3f9000 CR4: 00000000003506b0
[ 2095.383590][    C1] RSP: 0018:ffffc900001d09e0 EFLAGS: 00010246
[ 2095.391563][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2095.397627][    C1] RAX: 6a18c0c44a362400 RBX: 0000000000000001 RCX: ffff888115838000
[ 2095.405595][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 2095.413552][    C1] RDX: 0000000000000100 RSI: 0000000000000102 RDI: 0000000000000000
[ 2095.421518][    C0] Call Trace:
[ 2095.429486][    C1] RBP: ffffc900001d09f0 R08: 0000000000000004 R09: 0000000000000003
[ 2095.432756][    C0]  <IRQ>
[ 2095.440724][    C1] R10: fffff5200003a09c R11: 1ffff9200003a09c R12: ffff888107f8ce08
[ 2095.443563][    C0]  tipc_crypto_xmit+0x1938/0x2400
[ 2095.451527][    C1] R13: dffffc0000000000 R14: 0000000000000001 R15: ffffc900001d0ba0
[ 2095.456551][    C0]  ? tipc_crypto_do_cmd+0xcf0/0xcf0
[ 2095.464514][    C1] FS:  000055558b893500(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 2095.469703][    C0]  ? __copy_skb_header+0x437/0x600
[ 2095.478625][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2095.483735][    C0]  tipc_bearer_xmit_skb+0x226/0x360
[ 2095.490297][    C1] CR2: 00007fea1e5571b8 CR3: 0000000127cb0000 CR4: 00000000003506a0
[ 2095.495519][    C0]  ? __skb_clone+0x47a/0x790
[ 2095.503479][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2095.508059][    C0]  ? tipc_bearer_mtu+0x160/0x160
[ 2095.516023][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 2095.520939][    C0]  ? skb_clone+0x202/0x360
[ 2095.528918][    C1] Call Trace:
[ 2095.528930][    C1]  <IRQ>
[ 2095.533331][    C0]  tipc_disc_timeout+0x6a2/0x830
[ 2095.536610][    C1]  tipc_crypto_xmit+0x1938/0x2400
[ 2095.539442][    C0]  ? update_rq_clock+0x4f0/0x580
[ 2095.544375][    C1]  ? tipc_crypto_do_cmd+0xcf0/0xcf0
[ 2095.549373][    C0]  ? tipc_disc_init_msg+0x600/0x600
[ 2095.554333][    C1]  ? __copy_skb_header+0x437/0x600
[ 2095.559511][    C0]  ? __kasan_check_write+0x14/0x20
[ 2095.564717][    C1]  tipc_bearer_xmit_skb+0x226/0x360
[ 2095.569812][    C0]  ? _raw_spin_lock_irq+0x8f/0xe0
[ 2095.574919][    C1]  ? __skb_clone+0x47a/0x790
[ 2095.580095][    C0]  ? _raw_spin_lock_irqsave+0x110/0x110
[ 2095.585132][    C1]  ? tipc_bearer_mtu+0x160/0x160
[ 2095.589710][    C0]  ? tipc_disc_init_msg+0x600/0x600
[ 2095.595259][    C1]  ? skb_clone+0x202/0x360
[ 2095.600179][    C0]  call_timer_fn+0x38/0x290
[ 2095.605377][    C1]  tipc_disc_timeout+0x6a2/0x830
[ 2095.609772][    C0]  ? tipc_disc_init_msg+0x600/0x600
[ 2095.614272][    C1]  ? tipc_disc_init_msg+0x600/0x600
[ 2095.619189][    C0]  __run_timers+0x639/0x9a0
[ 2095.624377][    C1]  ? _raw_spin_unlock_irqrestore+0x5b/0x80
[ 2095.629555][    C0]  ? calc_index+0x200/0x200
[ 2095.634046][    C1]  ? __kasan_check_write+0x14/0x20
[ 2095.639830][    C0]  ? sched_clock_cpu+0x18/0x3c0
[ 2095.644427][    C1]  ? _raw_spin_lock_irq+0x8f/0xe0
[ 2095.649520][    C0]  run_timer_softirq+0x6a/0xf0
[ 2095.654362][    C1]  ? _raw_spin_lock_irqsave+0x110/0x110
[ 2095.659367][    C0]  handle_softirqs+0x250/0x560
[ 2095.664124][    C1]  ? tipc_disc_init_msg+0x600/0x600
[ 2095.669654][    C0]  __irq_exit_rcu+0x52/0xf0
[ 2095.674416][    C1]  call_timer_fn+0x38/0x290
[ 2095.679591][    C0]  irq_exit_rcu+0x9/0x10
[ 2095.684087][    C1]  ? tipc_disc_init_msg+0x600/0x600
[ 2095.688574][    C0]  sysvec_apic_timer_interrupt+0xa9/0xc0
[ 2095.692795][    C1]  __run_timers+0x639/0x9a0
[ 2095.697987][    C0]  </IRQ>
[ 2095.703600][    C1]  ? calc_index+0x200/0x200
[ 2095.708092][    C0]  <TASK>
[ 2095.708102][    C0]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[ 2095.711015][    C1]  ? sched_clock_cpu+0x18/0x3c0
[ 2095.715529][    C0] RIP: 0010:unlock_page_memcg+0x1/0x130
[ 2095.718464][    C1]  run_timer_softirq+0x6a/0xf0
[ 2095.724443][    C0] Code: 48 83 c4 10 5b 41 5c 41 5d 41 5e 41 5f 5d c3 48 ff c8 48 89 c3 e9 62 fe ff ff 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 55 <48> 89 e5 41 57 41 56 41 55 41 54 53 48 89 fb 49 bc 00 00 00 00 00
[ 2095.729279][    C1]  handle_softirqs+0x250/0x560
[ 2095.734818][    C0] RSP: 0018:ffffc90000b47430 EFLAGS: 00000293
[ 2095.739566][    C1]  __irq_exit_rcu+0x52/0xf0
[ 2095.759175][    C0] 
[ 2095.759182][    C0] RAX: ffffffff81a065a3 RBX: ffffc90000b47400 RCX: ffff8881100ea780
[ 2095.763938][    C1]  irq_exit_rcu+0x9/0x10
[ 2095.769981][    C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffea0004a58b80
[ 2095.774479][    C1]  sysvec_apic_timer_interrupt+0xa9/0xc0
[ 2095.776792][    C0] RBP: ffffc90000b47550 R08: dffffc0000000000 R09: fffff9400094b177
[ 2095.784782][    C1]  </IRQ>
[ 2095.789005][    C0] R10: fffff9400094b177 R11: 1ffffd400094b176 R12: 1ffff92000168e90
[ 2095.796990][    C1]  <TASK>
[ 2095.802607][    C0] R13: 0000000000000000 R14: ffffea0004a58b80 R15: dffffc0000000000
[ 2095.810585][    C1]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[ 2095.813511][    C0]  ? page_remove_rmap+0xe33/0xef0
[ 2095.821483][    C1] RIP: 0010:update_stack_state+0x6/0x480
[ 2095.824430][    C0]  ? page_remove_rmap+0xe3b/0xef0
[ 2095.832412][    C1] Code: 8c 6e fe ff ff e8 aa e4 75 00 e9 64 fe ff ff 0f 1f 44 00 00 55 48 89 e5 48 8b 07 5d c3 0f 1f 80 00 00 00 00 55 48 89 e5 41 57 <41> 56 41 55 41 54 53 48 81 ec 98 00 00 00 49 89 f7 48 89 fb 49 bd
[ 2095.838360][    C0]  ? page_add_file_rmap+0x6f0/0x6f0
[ 2095.843363][    C1] RSP: 0018:ffffc90000af6118 EFLAGS: 00000246
[ 2095.848987][    C0]  ? __kasan_check_write+0x14/0x20
[ 2095.854006][    C1] 
[ 2095.854014][    C1] RAX: ffffc90000af62b0 RBX: ffffc90000af6228 RCX: 1ffff9200015ec4c
[ 2095.873629][    C0]  ? _raw_spin_lock+0x8e/0xe0
[ 2095.878836][    C1] RDX: dffffc0000000000 RSI: ffffc90000af62b0 RDI: ffffc90000af6228
[ 2095.884907][    C0]  ? _raw_spin_trylock_bh+0x40/0x130
[ 2095.890000][    C1] RBP: ffffc90000af6120 R08: dffffc0000000001 R09: ffffc90000af6228
[ 2095.892318][    C0]  ? vm_normal_page+0x99/0x1f0
[ 2095.900285][    C1] R10: fffff5200015ec51 R11: 1ffff9200015ec45 R12: 0000000000000000
[ 2095.904958][    C0]  unmap_page_range+0xfce/0x1ce0
[ 2095.912916][    C1] R13: 1ffff9200015ec50 R14: ffffc90000af6280 R15: ffffc90000af6218
[ 2095.918201][    C0]  ? mmu_notifier_invalidate_range_end+0xe0/0xe0
[ 2095.926171][    C1]  unwind_next_frame+0x3d5/0x700
[ 2095.930908][    C0]  ? rcu_gp_kthread_wake+0x90/0x90
[ 2095.938883][    C1]  __unwind_start+0x31f/0x3a0
[ 2095.943816][    C0]  unmap_vmas+0x258/0x360
[ 2095.951770][    C1]  ? stack_trace_save+0xe0/0xe0
[ 2095.958088][    C0]  ? unmap_page_range+0x1ce0/0x1ce0
[ 2095.963001][    C1]  arch_stack_walk+0xd6/0x140
[ 2095.968107][    C0]  ? __kasan_check_write+0x14/0x20
[ 2095.972764][    C1]  ? arch_stack_walk+0xd6/0x140
[ 2095.977088][    C0]  ? tlb_gather_mmu_fullmm+0x144/0x1c0
[ 2095.981922][    C1]  stack_trace_save+0x98/0xe0
[ 2095.987107][    C0]  exit_mmap+0x3e6/0x860
[ 2095.991784][    C1]  ? stack_trace_snprint+0xf0/0xf0
[ 2095.996886][    C0]  ? vm_brk+0x30/0x30
[ 2096.001715][    C1]  ? memset+0x35/0x40
[ 2096.007160][    C0]  ? mutex_unlock+0x89/0x220
[ 2096.011817][    C1]  __kasan_slab_alloc+0xbd/0xf0
[ 2096.016052][    C0]  ? uprobe_clear_state+0x2c1/0x320
[ 2096.021154][    C1]  slab_post_alloc_hook+0x4f/0x2b0
[ 2096.025111][    C0]  __mmput+0x93/0x320
[ 2096.029066][    C1]  ? should_failslab+0x9/0x20
[ 2096.033634][    C0]  ? mmput+0x48/0x150
[ 2096.038483][    C1]  ? radix_tree_node_alloc+0x18e/0x380
[ 2096.043659][    C0]  mmput+0x50/0x150
[ 2096.048757][    C1]  kmem_cache_alloc+0xf7/0x260
[ 2096.052717][    C0]  do_exit+0x9ca/0x27a0
[ 2096.057390][    C1]  radix_tree_node_alloc+0x18e/0x380
[ 2096.061373][    C0]  ? put_task_struct+0x90/0x90
[ 2096.066824][    C1]  ? netlink_rcv_skb+0x1e0/0x430
[ 2096.070609][    C0]  ? _raw_spin_lock+0xe0/0xe0
[ 2096.075363][    C1]  ? rtnetlink_rcv+0x1c/0x20
[ 2096.079505][    C0]  ? __kasan_check_write+0x14/0x20
[ 2096.084780][    C1]  ? netlink_unicast+0x87c/0xa40
[ 2096.089521][    C0]  ? _raw_spin_lock_irq+0x8f/0xe0
[ 2096.094464][    C1]  idr_get_free+0x2b1/0xab0
[ 2096.099113][    C0]  do_group_exit+0x141/0x310
[ 2096.103687][    C1]  idr_alloc_cyclic+0x196/0x530
[ 2096.108786][    C0]  ? __kasan_check_write+0x14/0x20
[ 2096.113703][    C1]  ? idr_alloc+0x2a0/0x2a0
[ 2096.118722][    C0]  get_signal+0x66a/0x1480
[ 2096.123202][    C1]  ? __kasan_check_write+0x14/0x20
[ 2096.127813][    C0]  arch_do_signal_or_restart+0xc1/0x10f0
[ 2096.132640][    C1]  ? _raw_spin_lock+0x8e/0xe0
[ 2096.137756][    C0]  ? selinux_file_ioctl+0x377/0x480
[ 2096.142152][    C1]  ? debug_smp_processor_id+0x17/0x20
[ 2096.146577][    C0]  ? irqentry_exit_cond_resched+0x29/0x30
[ 2096.151672][    C1]  __kernfs_new_node+0x120/0x680
[ 2096.157301][    C0]  ? irqentry_exit+0x37/0x40
[ 2096.161959][    C1]  ? clear_nonspinnable+0x60/0x60
[ 2096.167157][    C0]  ? selinux_file_alloc_security+0x120/0x120
[ 2096.172518][    C1]  ? kernfs_new_node+0x260/0x260
[ 2096.178228][    C0]  ? asm_sysvec_reschedule_ipi+0x1b/0x20
[ 2096.183144][    C1]  ? rwsem_write_trylock+0x130/0x300
[ 2096.187749][    C0]  ? get_sigframe_size+0x10/0x10
[ 2096.192786][    C1]  ? up_write+0x7b/0x290
[ 2096.198771][    C0]  ? __fget_files+0x2c4/0x320
[ 2096.203696][    C1]  kernfs_new_node+0x150/0x260
[ 2096.209334][    C0]  ? fput_many+0x15a/0x1a0
[ 2096.214606][    C1]  __kernfs_create_file+0x4e/0x270
[ 2096.219524][    C0]  ? fput+0x1a/0x20
[ 2096.223772][    C1]  sysfs_add_file_mode_ns+0x29a/0x350
[ 2096.228427][    C0]  exit_to_user_mode_loop+0xa7/0xe0
[ 2096.233220][    C1]  internal_create_group+0x489/0xcf0
[ 2096.237659][    C0]  exit_to_user_mode_prepare+0x5a/0xa0
[ 2096.242754][    C1]  ? up_write+0x7b/0x290
[ 2096.246563][    C0]  syscall_exit_to_user_mode+0x1a/0x30
[ 2096.251925][    C1]  ? sysfs_create_group+0x30/0x30
[ 2096.257142][    C0]  do_syscall_64+0x58/0xa0
[ 2096.262413][    C1]  ? __kasan_check_write+0x14/0x20
[ 2096.267870][    C0]  ? clear_bhb_loop+0x50/0xa0
[ 2096.272092][    C1]  ? kernfs_put+0x449/0x480
[ 2096.277546][    C0]  ? clear_bhb_loop+0x50/0xa0
[ 2096.282561][    C1]  sysfs_create_groups+0x58/0x120
[ 2096.286970][    C0]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2096.292067][    C1]  device_add_attrs+0x8c/0x700
[ 2096.296737][    C0] RIP: 0033:0x7fca9fc9152b
[ 2096.301223][    C1]  device_add+0x5e3/0xed0
[ 2096.305888][    C0] Code: Unable to access opcode bytes at RIP 0x7fca9fc91501.
[ 2096.310899][    C1]  netdev_register_kobject+0x179/0x320
[ 2096.316788][    C0] RSP: 002b:00007fca9e2d6f10 EFLAGS: 00000246
[ 2096.321555][    C1]  ? raw_notifier_call_chain+0xe9/0x100
[ 2096.325964][    C0]  ORIG_RAX: 0000000000000010
[ 2096.330275][    C1]  register_netdevice+0xdfa/0x13a0
[ 2096.337632][    C0] RAX: fffffffffffffffc RBX: 0000000000000007 RCX: 00007fca9fc9152b
[ 2096.343075][    C1]  ? get_random_bytes+0x30/0x30
[ 2096.349136][    C0] RDX: 00007fca9e2d7fe0 RSI: 0000000080085502 RDI: 0000000000000007
[ 2096.354680][    C1]  ? netif_stacked_transfer_operstate+0x220/0x220
[ 2096.359332][    C0] RBP: 00007fca9e2d7fe0 R08: 0000000000000000 R09: 00332e6364755f79
[ 2096.364441][    C1]  ip6gre_newlink_common+0x392/0x530
[ 2096.372393][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000080085502
[ 2096.377242][    C1]  ? ip6gre_tunnel_validate+0x120/0x120
[ 2096.385209][    C0] R13: 0000000800000000 R14: 0000200000000000 R15: 00007fca9fd1ea88
[ 2096.391600][    C1]  ? ip6gre_tunnel_find+0x5d0/0x5d0
[ 2096.399572][    C0]  </TASK>
[ 2096.404847][    C1]  ip6gre_newlink+0x1a3/0x760
[ 2096.412801][    C0] ---[ end trace acd46cae890a102f ]---
[ 2096.418341][    C1]  ? ip6gre_tap_validate+0x360/0x360
[ 2096.426320][    C0] ------------[ cut here ]------------
[ 2096.431476][    C1]  rtnl_newlink+0x112d/0x17b0
[ 2096.434510][    C0] refcount_t: underflow; use-after-free.
[ 2096.434634][    C0] WARNING: CPU: 0 PID: 21775 at lib/refcount.c:28 refcount_warn_saturate+0x120/0x1a0
[ 2096.439173][    C1]  ? rtnl_newlink+0x391/0x17b0
[ 2096.444620][    C0] Modules linked in:
[ 2096.449881][    C1]  ? rtnl_setlink+0x400/0x400
[ 2096.455335][    C0] CPU: 0 PID: 21775 Comm: syz.3.5928 Tainted: G        W         5.15.185-syzkaller-00339-ge678c93d43cc #0
[ 2096.460008][    C1]  ? memcpy+0x56/0x70
[ 2096.465610][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2096.475215][    C1]  ? 0xffffffffa0028f44
[ 2096.479948][    C0] RIP: 0010:refcount_warn_saturate+0x120/0x1a0
[ 2096.483841][    C1]  ? is_bpf_text_address+0x177/0x190
[ 2096.488496][    C0] Code: 04 01 48 c7 c7 a0 ee 62 85 e8 ec 9c 50 02 0f 0b eb c3 e8 43 d6 1c ff c6 05 9f f8 99 04 01 48 c7 c7 00 ef 62 85 e8 d0 9c 50 02 <0f> 0b eb a7 e8 27 d6 1c ff c6 05 80 f8 99 04 01 48 c7 c7 40 ee 62
[ 2096.499863][    C1]  ? __kasan_check_write+0x14/0x20
[ 2096.503833][    C0] RSP: 0018:ffffc900000079e0 EFLAGS: 00010246
[ 2096.513881][    C1]  ? wait_for_completion_killable_timeout+0x10/0x10
[ 2096.518011][    C0] 
[ 2096.518018][    C0] RAX: bbc0fad06e567c00 RBX: 0000000000000003 RCX: ffff8881100ea780
[ 2096.524154][    C1]  ? ns_capable+0x8c/0xf0
[ 2096.529423][    C0] RDX: 0000000000000100 RSI: 0000000000000101 RDI: 0000000000000000
[ 2096.549049][    C1]  ? netlink_net_capable+0x125/0x160
[ 2096.554166][    C0] RBP: ffffc900000079f0 R08: 0000000000000004 R09: 0000000000000003
[ 2096.560216][    C1]  ? rtnl_setlink+0x400/0x400
[ 2096.566804][    C0] R10: fffff52000000eec R11: 1ffff92000000eec R12: ffff888107f8ce08
[ 2096.569122][    C1]  rtnetlink_rcv_msg+0x9e4/0xb90
[ 2096.577091][    C0] R13: dffffc0000000000 R14: 0000000000000003 R15: 00000000c0000000
[ 2096.581409][    C1]  ? rtnetlink_bind+0x80/0x80
[ 2096.589374][    C0] FS:  0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[ 2096.594666][    C1]  ? memcpy+0x56/0x70
[ 2096.602617][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2096.607284][    C1]  ? avc_has_perm_noaudit+0x2f4/0x460
[ 2096.615246][    C0] CR2: 0000200001000000 CR3: 000000011b3f9000 CR4: 00000000003506b0
[ 2096.620166][    C1]  ? arch_stack_walk+0xee/0x140
[ 2096.628148][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2096.632804][    C1]  ? avc_denied+0x1b0/0x1b0
[ 2096.641725][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 2096.645701][    C1]  ? stack_trace_save+0x98/0xe0
[ 2096.652272][    C0] Call Trace:
[ 2096.652281][    C0]  <IRQ>
[ 2096.657641][    C1]  ? avc_has_perm+0x158/0x240
[ 2096.665605][    C0]  tipc_crypto_xmit+0x1a82/0x2400
[ 2096.670439][    C1]  ? avc_has_perm_noaudit+0x460/0x460
[ 2096.678600][    C0]  ? tipc_crypto_do_cmd+0xcf0/0xcf0
[ 2096.683086][    C1]  ? do_syscall_64+0x4c/0xa0
[ 2096.691333][    C0]  ? __copy_skb_header+0x437/0x600
[ 2096.696196][    C1]  ? selinux_nlmsg_lookup+0x400/0x4c0
[ 2096.699500][    C0]  tipc_bearer_xmit_skb+0x226/0x360
[ 2096.702343][    C1]  netlink_rcv_skb+0x1e0/0x430
[ 2096.707024][    C0]  ? __skb_clone+0x47a/0x790
[ 2096.712034][    C1]  ? rtnetlink_bind+0x80/0x80
[ 2096.717406][    C0]  ? tipc_bearer_mtu+0x160/0x160
[ 2096.722582][    C1]  ? netlink_ack+0xb60/0xb60
[ 2096.727177][    C0]  ? skb_clone+0x202/0x360
[ 2096.732266][    C1]  ? __netlink_lookup+0x387/0x3b0
[ 2096.737766][    C0]  tipc_disc_timeout+0x6a2/0x830
[ 2096.742948][    C1]  rtnetlink_rcv+0x1c/0x20
[ 2096.747718][    C0]  ? update_rq_clock+0x4f0/0x580
[ 2096.752290][    C1]  netlink_unicast+0x87c/0xa40
[ 2096.756963][    C0]  ? tipc_disc_init_msg+0x600/0x600
[ 2096.761969][    C1]  netlink_sendmsg+0x86a/0xb70
[ 2096.766552][    C0]  ? __kasan_check_write+0x14/0x20
[ 2096.770947][    C1]  ? netlink_getsockopt+0x530/0x530
[ 2096.775961][    C0]  ? _raw_spin_lock_irq+0x8f/0xe0
[ 2096.780877][    C1]  ? kmem_cache_alloc+0xf7/0x260
[ 2096.785290][    C0]  ? _raw_spin_lock_irqsave+0x110/0x110
[ 2096.790209][    C1]  ? security_socket_sendmsg+0x82/0xa0
[ 2096.794973][    C0]  ? tipc_disc_init_msg+0x600/0x600
[ 2096.800222][    C1]  __sys_sendto+0x423/0x580
[ 2096.804984][    C0]  call_timer_fn+0x38/0x290
[ 2096.810103][    C1]  ? __ia32_sys_getpeername+0x90/0x90
[ 2096.815290][    C0]  ? tipc_disc_init_msg+0x600/0x600
[ 2096.820301][    C1]  ? alloc_empty_file_noaccount+0x80/0x80
[ 2096.825228][    C0]  __run_timers+0x639/0x9a0
[ 2096.830887][    C1]  ? preempt_count_add+0x90/0x1b0
[ 2096.836365][    C0]  ? calc_index+0x200/0x200
[ 2096.841546][    C1]  ? fd_install+0x169/0x2a0
[ 2096.846046][    C0]  ? sched_clock_cpu+0x18/0x3c0
[ 2096.850527][    C1]  ? __sys_socket+0x15a/0x190
[ 2096.855915][    C0]  run_timer_softirq+0x6a/0xf0
[ 2096.861095][    C1]  __x64_sys_sendto+0xe5/0x100
[ 2096.866836][    C0]  handle_softirqs+0x250/0x560
[ 2096.871319][    C1]  x64_sys_call+0x178/0x9a0
[ 2096.876342][    C0]  __irq_exit_rcu+0x52/0xf0
[ 2096.880838][    C1]  do_syscall_64+0x4c/0xa0
[ 2096.885334][    C0]  irq_exit_rcu+0x9/0x10
[ 2096.890169][    C1]  ? clear_bhb_loop+0x50/0xa0
[ 2096.894839][    C0]  sysvec_apic_timer_interrupt+0xa9/0xc0
[ 2096.899585][    C1]  ? clear_bhb_loop+0x50/0xa0
[ 2096.904345][    C0]  </IRQ>
[ 2096.909087][    C1]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2096.913602][    C0]  <TASK>
[ 2096.918096][    C1] RIP: 0033:0x7fea1e369763
[ 2096.922499][    C0]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[ 2096.926738][    C1] Code: 64 89 02 48 c7 c0 ff ff ff ff eb b7 66 2e 0f 1f 84 00 00 00 00 00 90 80 3d e1 4d 1f 00 00 41 89 ca 74 14 b8 2c 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 75 c3 0f 1f 40 00 55 48 83 ec 30 44 89 4c 24
[ 2096.931390][    C0] RIP: 0010:unlock_page_memcg+0x1/0x130
[ 2096.937012][    C1] RSP: 002b:00007ffcd2e32d68 EFLAGS: 00000202
[ 2096.941666][    C0] Code: 48 83 c4 10 5b 41 5c 41 5d 41 5e 41 5f 5d c3 48 ff c8 48 89 c3 e9 62 fe ff ff 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 55 <48> 89 e5 41 57 41 56 41 55 41 54 53 48 89 fb 49 bc 00 00 00 00 00
[ 2096.944596][    C1]  ORIG_RAX: 000000000000002c
[ 2096.950466][    C0] RSP: 0018:ffffc90000b47430 EFLAGS: 00000293
[ 2096.953383][    C1] RAX: ffffffffffffffda RBX: 00007fea1f0bd620 RCX: 00007fea1e369763
[ 2096.957788][    C0] 
[ 2096.957794][    C0] RAX: ffffffff81a065a3 RBX: ffffc90000b47400 RCX: ffff8881100ea780
[ 2096.963763][    C1] RDX: 0000000000000044 RSI: 00007fea1f0bd670 RDI: 0000000000000003
[ 2096.983360][    C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffea0004a58b80
[ 2096.988919][    C1] RBP: 0000000000000001 R08: 00007ffcd2e32d84 R09: 000000000000000c
[ 2096.994976][    C0] RBP: ffffc90000b47550 R08: dffffc0000000000 R09: fffff9400094b177
[ 2097.014577][    C1] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000003
[ 2097.019237][    C0] R10: fffff9400094b177 R11: 1ffffd400094b176 R12: 1ffff92000168e90
[ 2097.025296][    C1] R13: 0000000000000000 R14: 00007fea1f0bd670 R15: 0000000000000000
[ 2097.033256][    C0] R13: 0000000000000000 R14: ffffea0004a58b80 R15: dffffc0000000000
[ 2097.035596][    C1]  </TASK>
[ 2097.043544][    C0]  ? page_remove_rmap+0xe33/0xef0
[ 2097.051512][    C1] ---[ end trace acd46cae890a1030 ]---
[ 2097.059491][    C0]  ? page_remove_rmap+0xe3b/0xef0
[ 2097.125941][    C0]  ? page_add_file_rmap+0x6f0/0x6f0
[ 2097.131159][    C0]  ? __kasan_check_write+0x14/0x20
[ 2097.136322][    C0]  ? _raw_spin_lock+0x8e/0xe0
[ 2097.141027][    C0]  ? _raw_spin_trylock_bh+0x40/0x130
[ 2097.146367][    C0]  ? vm_normal_page+0x99/0x1f0
[ 2097.151148][    C0]  unmap_page_range+0xfce/0x1ce0
[ 2097.156146][    C0]  ? mmu_notifier_invalidate_range_end+0xe0/0xe0
[ 2097.162482][    C0]  ? rcu_gp_kthread_wake+0x90/0x90
[ 2097.167608][    C0]  unmap_vmas+0x258/0x360
[ 2097.171949][    C0]  ? unmap_page_range+0x1ce0/0x1ce0
[ 2097.177192][    C0]  ? __kasan_check_write+0x14/0x20
[ 2097.182317][    C0]  ? tlb_gather_mmu_fullmm+0x144/0x1c0
[ 2097.187927][    C0]  exit_mmap+0x3e6/0x860
[ 2097.192181][    C0]  ? vm_brk+0x30/0x30
[ 2097.196180][    C0]  ? mutex_unlock+0x89/0x220
[ 2097.200782][    C0]  ? uprobe_clear_state+0x2c1/0x320
[ 2097.206022][    C0]  __mmput+0x93/0x320
[ 2097.210014][    C0]  ? mmput+0x48/0x150
[ 2097.214010][    C0]  mmput+0x50/0x150
[ 2097.217826][    C0]  do_exit+0x9ca/0x27a0
[ 2097.222003][    C0]  ? put_task_struct+0x90/0x90
[ 2097.226794][    C0]  ? _raw_spin_lock+0xe0/0xe0
[ 2097.231480][    C0]  ? __kasan_check_write+0x14/0x20
[ 2097.236607][    C0]  ? _raw_spin_lock_irq+0x8f/0xe0
[ 2097.241640][    C0]  do_group_exit+0x141/0x310
[ 2097.246263][    C0]  ? __kasan_check_write+0x14/0x20
[ 2097.251383][    C0]  get_signal+0x66a/0x1480
[ 2097.255852][    C0]  arch_do_signal_or_restart+0xc1/0x10f0
[ 2097.261494][    C0]  ? selinux_file_ioctl+0x377/0x480
[ 2097.266728][    C0]  ? irqentry_exit_cond_resched+0x29/0x30
[ 2097.272452][    C0]  ? irqentry_exit+0x37/0x40
[ 2097.277055][    C0]  ? selinux_file_alloc_security+0x120/0x120
[ 2097.283045][    C0]  ? asm_sysvec_reschedule_ipi+0x1b/0x20
[ 2097.288728][    C0]  ? get_sigframe_size+0x10/0x10
[ 2097.293670][    C0]  ? __fget_files+0x2c4/0x320
[ 2097.298372][    C0]  ? fput_many+0x15a/0x1a0
[ 2097.302795][    C0]  ? fput+0x1a/0x20
[ 2097.306631][    C0]  exit_to_user_mode_loop+0xa7/0xe0
[ 2097.311831][    C0]  exit_to_user_mode_prepare+0x5a/0xa0
[ 2097.317298][    C0]  syscall_exit_to_user_mode+0x1a/0x30
[ 2097.322780][    C0]  do_syscall_64+0x58/0xa0
[ 2097.327242][    C0]  ? clear_bhb_loop+0x50/0xa0
[ 2097.331924][    C0]  ? clear_bhb_loop+0x50/0xa0
[ 2097.336612][    C0]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2097.342509][    C0] RIP: 0033:0x7fca9fc9152b
[ 2097.346949][    C0] Code: Unable to access opcode bytes at RIP 0x7fca9fc91501.
[ 2097.354333][    C0] RSP: 002b:00007fca9e2d6f10 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2097.362745][    C0] RAX: fffffffffffffffc RBX: 0000000000000007 RCX: 00007fca9fc9152b
[ 2097.370736][    C0] RDX: 00007fca9e2d7fe0 RSI: 0000000080085502 RDI: 0000000000000007
[ 2097.378738][    C0] RBP: 00007fca9e2d7fe0 R08: 0000000000000000 R09: 00332e6364755f79
[ 2097.386754][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000080085502
[ 2097.394756][    C0] R13: 0000000800000000 R14: 0000200000000000 R15: 00007fca9fd1ea88
[ 2097.402734][    C0]  </TASK>
[ 2097.405777][    C0] ---[ end trace acd46cae890a1031 ]---
[ 2097.454858][T21783] EXT4-fs (loop1): Ignoring removed mblk_io_submit option
[ 2097.462021][T21783] EXT4-fs (loop1): dax option not supported
[ 2097.556831][T21785] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2098.280042][T21785] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2098.291576][T21785] device bridge_slave_0 entered promiscuous mode
[ 2098.300489][T21785] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2098.307720][T21785] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2099.592503][T21785] device bridge_slave_1 entered promiscuous mode
[ 2099.615676][T21807] loop1: detected capacity change from 0 to 1024
[ 2101.363455][T15525] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 2101.374793][T15525] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2101.393148][ T9095] tipc: Disabling bearer <udp:syz2>
[ 2101.398817][ T9095] tipc: Disabling bearer <udp:syz0>
[ 2101.509333][T15525] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 2101.519481][ T9095] tipc: Left network mode
[ 2101.539005][T15525] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 2101.730147][T15525] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2101.737273][T15525] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2102.615883][T15525] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 2102.626629][T15525] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 2102.652985][T15525] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2102.660076][T15525] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2102.846911][T15525] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 2102.865463][T15525] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 2102.874222][T15525] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 2104.790042][T21785] device veth0_vlan entered promiscuous mode
[ 2104.820220][T21785] device veth1_macvtap entered promiscuous mode
[ 2106.032080][ T9095] ------------[ cut here ]------------
[ 2106.053553][ T9095] refcount_t: saturated; leaking memory.
[ 2106.059625][ T9095] WARNING: CPU: 0 PID: 9095 at lib/refcount.c:19 refcount_warn_saturate+0x13c/0x1a0
[ 2106.069362][ T9095] Modules linked in:
[ 2106.073311][ T9095] CPU: 0 PID: 9095 Comm: kworker/u4:0 Tainted: G        W         5.15.185-syzkaller-00339-ge678c93d43cc #0
[ 2106.085237][ T9095] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2106.095581][ T9095] Workqueue: netns cleanup_net
[ 2106.100498][ T9095] RIP: 0010:refcount_warn_saturate+0x13c/0x1a0
[ 2106.107070][ T9095] Code: 04 01 48 c7 c7 00 ef 62 85 e8 d0 9c 50 02 0f 0b eb a7 e8 27 d6 1c ff c6 05 80 f8 99 04 01 48 c7 c7 40 ee 62 85 e8 b4 9c 50 02 <0f> 0b eb 8b e8 0b d6 1c ff c6 05 65 f8 99 04 01 48 c7 c7 40 ee 62
[ 2106.127134][ T9095] RSP: 0018:ffffc900081577c0 EFLAGS: 00010246
[ 2106.133271][ T9095] RAX: 07a6d8cad2b58300 RBX: 0000000000000000 RCX: ffff88811337a780
[ 2106.144597][ T9095] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
[ 2106.152642][ T9095] RBP: ffffc900081577d0 R08: dffffc0000000000 R09: ffffed103ee065e8
[ 2106.160910][ T9095] R10: ffffed103ee065e8 R11: 1ffff1103ee065e7 R12: 1ffff9200102af04
[ 2106.168944][ T9095] R13: ffff88811688c08c R14: 0000000000000000 R15: 0000000000000cc0
[ 2106.177458][ T9095] FS:  0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 2106.186422][ T9095] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2106.193008][ T9095] CR2: 0000001b2cc1dff8 CR3: 0000000113278000 CR4: 00000000003506a0
[ 2106.201147][ T9095] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2106.899546][ T9095] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 2106.907826][ T9095] Call Trace:
[ 2106.911247][ T9095]  <TASK>
[ 2106.919499][ T9095]  nf_nat_masq_schedule+0x439/0x4c0
[ 2106.925689][ T9095]  ? __kasan_check_write+0x14/0x20
[ 2106.931011][ T9095]  ? nf_nat_masq_schedule+0x4c0/0x4c0
[ 2106.937486][ T9095]  ? masq_device_event+0xd0/0xd0
[ 2106.942628][ T9095]  ? nfqnl_rcv_dev_event+0x441/0x470
[ 2106.948262][ T9095]  ? __kasan_check_read+0x11/0x20
[ 2106.953363][ T9095]  masq_device_event+0x9b/0xd0
[ 2106.958316][ T9095]  raw_notifier_call_chain+0x90/0x100
[ 2106.963822][ T9095]  dev_close_many+0x32d/0x4d0
[ 2106.968570][ T9095]  ? __ww_mutex_lock_interruptible_slowpath+0x20/0x20
[ 2106.975570][ T9095]  ? __dev_open+0x4c0/0x4c0
[ 2106.980186][ T9095]  ? __mutex_unlock_slowpath+0x262/0x3b0
[ 2106.986068][ T9095]  ? __kasan_check_read+0x11/0x20
[ 2106.991221][ T9095]  unregister_netdevice_many+0x44c/0x1990
[ 2106.997150][ T9095]  ? alloc_netdev_mqs+0xc90/0xc90
[ 2107.008373][ T9095]  ? unregister_netdevice_queue+0x1aa/0x360
[ 2107.014615][ T9095]  ? list_netdevice+0x4c0/0x4c0
[ 2107.019485][ T9095]  ip6gre_exit_batch_net+0x5a5/0x5f0
[ 2107.025077][ T9095]  ? ip6gre_init_net+0x340/0x340
[ 2107.030029][ T9095]  ? ip6gre_init_net+0x340/0x340
[ 2107.035906][ T9095]  cleanup_net+0x602/0xad0
[ 2107.040345][ T9095]  ? ops_init+0x4a0/0x4a0
[ 2107.044887][ T9095]  ? pwq_dec_nr_in_flight+0x18c/0x3c0
[ 2107.055594][ T9095]  process_one_work+0x6be/0xba0
[ 2107.063612][ T9095]  worker_thread+0xa59/0x1200
[ 2107.071764][ T9095]  ? _raw_spin_lock_irqsave+0xb0/0x110
[ 2107.077573][ T9095]  kthread+0x411/0x500
[ 2107.081977][ T9095]  ? worker_clr_flags+0x190/0x190
[ 2107.087559][ T9095]  ? kthread_blkcg+0xd0/0xd0
[ 2107.092265][ T9095]  ret_from_fork+0x1f/0x30
[ 2107.097000][ T9095]  </TASK>
[ 2107.100028][ T9095] ---[ end trace acd46cae890a1032 ]---
[ 2107.115099][T17558] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 2107.131029][T17558] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 2107.139993][T17558] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 2107.157788][T17558] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2107.166039][T17558] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 2107.174346][T17558] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 2107.182609][T17558] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 2107.191325][T17558] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 2107.199850][T17558] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2107.208638][T17558] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 2107.217195][T17558] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 2107.225890][T17558] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 2107.233474][T17558] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2108.093885][T21846] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5953'.
[ 2112.300645][T21884] udevd[21884]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory
[ 2113.491561][T21897] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2113.498766][T21897] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2113.506814][T21897] device bridge_slave_0 entered promiscuous mode
[ 2113.514165][T21897] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2113.521259][T21897] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2113.529256][T21897] device bridge_slave_1 entered promiscuous mode
[ 2113.541928][ T9095] device bridge_slave_1 left promiscuous mode
[ 2113.548236][ T9095] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2113.556047][ T9095] device bridge_slave_0 left promiscuous mode
[ 2113.562287][ T9095] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2113.570948][ T9095] device veth1_macvtap left promiscuous mode
[ 2113.577913][ T9095] device veth0_vlan left promiscuous mode
[ 2114.471267][T21916] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5970'.
[ 2115.787197][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 2115.795262][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 2115.805672][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 2115.814556][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 2115.822749][  T314] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2115.829938][  T314] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2115.838098][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 2117.010590][T15525] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 2117.027026][T21939] udevd[21939]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory
[ 2117.160898][T15525] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 2117.943557][T15525] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2117.950786][T15525] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2119.074387][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 2119.689582][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 2119.843981][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 2119.852758][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 2122.286911][ T9095] tipc: Disabling bearer <udp:syz2>
[ 2122.310394][ T9095] tipc: Disabling bearer <udp:syz0>
[ 2122.319029][ T9095] tipc: Left network mode
[ 2123.254098][T17558] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 2123.274382][T17558] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 2124.782740][T21940] udevd[21940]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory
[ 2124.817385][   T30] audit: type=1400 audit(1749306064.000:286): avc:  denied  { read write } for  pid=21998 comm="syz.3.5992" name="ppp" dev="devtmpfs" ino=154 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[ 2124.857341][T17558] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 2124.969397][T17558] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 2124.982571][   T30] audit: type=1400 audit(1749306064.030:287): avc:  denied  { open } for  pid=21998 comm="syz.3.5992" path="/dev/ppp" dev="devtmpfs" ino=154 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[ 2125.010916][T21897] device veth0_vlan entered promiscuous mode
[ 2125.437805][   T30] audit: type=1400 audit(1749306064.030:288): avc:  denied  { ioctl } for  pid=21998 comm="syz.3.5992" path="/dev/ppp" dev="devtmpfs" ino=154 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[ 2125.444513][T17558] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 2125.478775][T17558] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 2125.495802][T17558] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 2125.504173][T17558] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 2125.513126][T21897] device veth1_macvtap entered promiscuous mode
[ 2125.536011][T17558] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 2125.546406][T17558] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 2125.555729][T17558] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 2125.781668][T17558] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 2125.851423][T17558] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 2130.147051][T22050] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6004'.
[ 2130.158591][T22046] udevd[22046]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory
[ 2131.195962][ T9095] device bridge_slave_1 left promiscuous mode
[ 2131.219171][ T9095] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2131.226823][ T9095] device bridge_slave_0 left promiscuous mode
[ 2131.232959][ T9095] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2131.241127][ T9095] device veth1_macvtap left promiscuous mode
[ 2131.247269][ T9095] device veth0_vlan left promiscuous mode
[ 2133.070143][T22045] udevd[22045]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory
[ 2133.246989][ T9095] ==================================================================
[ 2133.255125][ T9095] BUG: KASAN: use-after-free in tcp_metrics_flush_all+0xd3/0x210
[ 2133.262965][ T9095] Read of size 4 at addr ffff88811688c08c by task kworker/u4:0/9095
[ 2133.270971][ T9095] 
[ 2133.273321][ T9095] CPU: 0 PID: 9095 Comm: kworker/u4:0 Tainted: G        W         5.15.185-syzkaller-00339-ge678c93d43cc #0
[ 2133.284783][ T9095] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2133.294847][ T9095] Workqueue: netns cleanup_net
[ 2133.299637][ T9095] Call Trace:
[ 2133.302919][ T9095]  <TASK>
[ 2133.305853][ T9095]  __dump_stack+0x21/0x30
[ 2133.310227][ T9095]  dump_stack_lvl+0xee/0x150
[ 2133.314842][ T9095]  ? show_regs_print_info+0x20/0x20
[ 2133.320050][ T9095]  ? load_image+0x3a0/0x3a0
[ 2133.324635][ T9095]  ? ____kasan_slab_free+0x130/0x160
[ 2133.329934][ T9095]  ? __kasan_check_read+0x11/0x20
[ 2133.335051][ T9095]  ? preempt_schedule_common+0xbe/0xf0
[ 2133.340519][ T9095]  print_address_description+0x7f/0x2c0
[ 2133.346082][ T9095]  ? tcp_metrics_flush_all+0xd3/0x210
[ 2133.351470][ T9095]  kasan_report+0xf1/0x140
[ 2133.355893][ T9095]  ? _raw_spin_lock_bh+0x8e/0xe0
[ 2133.360844][ T9095]  ? tcp_metrics_flush_all+0xd3/0x210
[ 2133.366233][ T9095]  kasan_check_range+0x280/0x290
[ 2133.371181][ T9095]  __kasan_check_read+0x11/0x20
[ 2133.376038][ T9095]  tcp_metrics_flush_all+0xd3/0x210
[ 2133.381244][ T9095]  ? tcp_net_metrics_init+0x150/0x150
[ 2133.386625][ T9095]  tcp_net_metrics_exit_batch+0x10/0x20
[ 2133.392177][ T9095]  cleanup_net+0x602/0xad0
[ 2133.396600][ T9095]  ? ops_init+0x4a0/0x4a0
[ 2133.400942][ T9095]  process_one_work+0x6be/0xba0
[ 2133.405809][ T9095]  worker_thread+0xa59/0x1200
[ 2133.410497][ T9095]  ? _raw_spin_lock_irqsave+0xb0/0x110
[ 2133.415975][ T9095]  kthread+0x411/0x500
[ 2133.420053][ T9095]  ? worker_clr_flags+0x190/0x190
[ 2133.425083][ T9095]  ? kthread_blkcg+0xd0/0xd0
[ 2133.429678][ T9095]  ret_from_fork+0x1f/0x30
[ 2133.434107][ T9095]  </TASK>
[ 2133.437131][ T9095] 
[ 2133.439455][ T9095] Allocated by task 11508:
[ 2133.443932][ T9095]  __kasan_slab_alloc+0xbd/0xf0
[ 2133.448796][ T9095]  slab_post_alloc_hook+0x4f/0x2b0
[ 2133.453912][ T9095]  kmem_cache_alloc+0xf7/0x260
[ 2133.458681][ T9095]  copy_net_ns+0x145/0x5c0
[ 2133.463105][ T9095]  create_new_namespaces+0x3a2/0x660
[ 2133.468397][ T9095]  unshare_nsproxy_namespaces+0x120/0x170
[ 2133.474120][ T9095]  ksys_unshare+0x4ac/0x7b0
[ 2133.478634][ T9095]  __x64_sys_unshare+0x38/0x40
[ 2133.483403][ T9095]  x64_sys_call+0x442/0x9a0
[ 2133.487909][ T9095]  do_syscall_64+0x4c/0xa0
[ 2133.492343][ T9095]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2133.498247][ T9095] 
[ 2133.500575][ T9095] Freed by task 9095:
[ 2133.504614][ T9095]  kasan_set_track+0x4a/0x70
[ 2133.509214][ T9095]  kasan_set_free_info+0x23/0x40
[ 2133.514158][ T9095]  ____kasan_slab_free+0x125/0x160
[ 2133.519272][ T9095]  __kasan_slab_free+0x11/0x20
[ 2133.524032][ T9095]  slab_free_freelist_hook+0xc2/0x190
[ 2133.529407][ T9095]  kmem_cache_free+0x100/0x320
[ 2133.534303][ T9095]  cleanup_net+0xa2d/0xad0
[ 2133.538737][ T9095]  process_one_work+0x6be/0xba0
[ 2133.543600][ T9095]  worker_thread+0xa59/0x1200
[ 2133.548285][ T9095]  kthread+0x411/0x500
[ 2133.552367][ T9095]  ret_from_fork+0x1f/0x30
[ 2133.556792][ T9095] 
[ 2133.559126][ T9095] Last potentially related work creation:
[ 2133.564847][ T9095]  kasan_save_stack+0x3a/0x60
[ 2133.569550][ T9095]  __kasan_record_aux_stack+0xd2/0x100
[ 2133.575018][ T9095]  kasan_record_aux_stack_noalloc+0xb/0x10
[ 2133.580832][ T9095]  insert_work+0x51/0x310
[ 2133.585167][ T9095]  __queue_work+0x8e5/0xc60
[ 2133.589673][ T9095]  queue_work_on+0xd2/0x140
[ 2133.594178][ T9095]  xfrm_hash_grow_check+0xd7/0x140
[ 2133.599405][ T9095]  xfrm_state_find+0x26a0/0x2a70
[ 2133.604443][ T9095]  xfrm_resolve_and_create_bundle+0x626/0x28d0
[ 2133.610604][ T9095]  xfrm_lookup_with_ifid+0xa3e/0x2120
[ 2133.615983][ T9095]  xfrm_lookup_route+0x3c/0x170
[ 2133.620841][ T9095]  ip6_dst_lookup_flow+0x9b/0xc0
[ 2133.625857][ T9095]  rawv6_sendmsg+0xc07/0x16d0
[ 2133.630586][ T9095]  inet_sendmsg+0xa5/0xc0
[ 2133.634939][ T9095]  ____sys_sendmsg+0x5a2/0x8c0
[ 2133.639712][ T9095]  ___sys_sendmsg+0x1f0/0x260
[ 2133.644388][ T9095]  __sys_sendmmsg+0x278/0x480
[ 2133.649067][ T9095]  __x64_sys_sendmmsg+0xa0/0xb0
[ 2133.653925][ T9095]  x64_sys_call+0x6c6/0x9a0
[ 2133.658431][ T9095]  do_syscall_64+0x4c/0xa0
[ 2133.662847][ T9095]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2133.668750][ T9095] 
[ 2133.671072][ T9095] Second to last potentially related work creation:
[ 2133.677653][ T9095]  kasan_save_stack+0x3a/0x60
[ 2133.682334][ T9095]  __kasan_record_aux_stack+0xd2/0x100
[ 2133.687799][ T9095]  kasan_record_aux_stack_noalloc+0xb/0x10
[ 2133.693608][ T9095]  insert_work+0x51/0x310
[ 2133.697942][ T9095]  __queue_work+0x8e5/0xc60
[ 2133.702451][ T9095]  queue_work_on+0xd2/0x140
[ 2133.706956][ T9095]  xfrm_hash_grow_check+0xd7/0x140
[ 2133.712073][ T9095]  xfrm_state_find+0x26a0/0x2a70
[ 2133.717012][ T9095]  xfrm_resolve_and_create_bundle+0x626/0x28d0
[ 2133.723170][ T9095]  xfrm_lookup_with_ifid+0xa3e/0x2120
[ 2133.728554][ T9095]  xfrm_lookup_route+0x3c/0x170
[ 2133.733418][ T9095]  ip6_dst_lookup_flow+0x9b/0xc0
[ 2133.738387][ T9095]  rawv6_sendmsg+0xc07/0x16d0
[ 2133.743078][ T9095]  inet_sendmsg+0xa5/0xc0
[ 2133.747413][ T9095]  ____sys_sendmsg+0x5a2/0x8c0
[ 2133.752185][ T9095]  ___sys_sendmsg+0x1f0/0x260
[ 2133.756875][ T9095]  __sys_sendmmsg+0x278/0x480
[ 2133.761558][ T9095]  __x64_sys_sendmmsg+0xa0/0xb0
[ 2133.766416][ T9095]  x64_sys_call+0x6c6/0x9a0
[ 2133.770923][ T9095]  do_syscall_64+0x4c/0xa0
[ 2133.775345][ T9095]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2133.781246][ T9095] 
[ 2133.783568][ T9095] The buggy address belongs to the object at ffff88811688c000
[ 2133.783568][ T9095]  which belongs to the cache net_namespace of size 3968
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 2133.797890][ T9095] The buggy address is located 140 bytes inside of
[ 2133.797890][ T9095]  3968-byte region [ffff88811688c000, ffff88811688cf80)
[ 2133.811298][ T9095] The buggy address belongs to the page:
[ 2133.816927][ T9095] page:ffffea00045a2200 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88811688a000 pfn:0x116888
[ 2133.828491][ T9095] head:ffffea00045a2200 order:3 compound_mapcount:0 compound_pincount:0
[ 2133.836832][ T9095] flags: 0x4000000000010200(slab|head|zone=1)
[ 2133.842928][ T9095] raw: 4000000000010200 0000000000000000 0000000100000001 ffff8881001c4000
[ 2133.851543][ T9095] raw: ffff88811688a000 0000000080080003 00000001ffffffff 0000000000000000
[ 2133.860129][ T9095] page dumped because: kasan: bad access detected
[ 2133.866543][ T9095] page_owner tracks the page as allocated
[ 2133.872260][ T9095] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 10710, ts 1070048851346, free_ts 1069905915655
[ 2133.893194][ T9095]  post_alloc_hook+0x192/0x1b0
[ 2133.897980][ T9095]  prep_new_page+0x1c/0x110
[ 2133.902491][ T9095]  get_page_from_freelist+0x2cc5/0x2d50
[ 2133.908044][ T9095]  __alloc_pages+0x18f/0x440
[ 2133.912636][ T9095]  new_slab+0xa1/0x4d0
[ 2133.916723][ T9095]  ___slab_alloc+0x381/0x810
[ 2133.921326][ T9095]  __slab_alloc+0x49/0x90
[ 2133.925665][ T9095]  kmem_cache_alloc+0x138/0x260
[ 2133.930554][ T9095]  copy_net_ns+0x145/0x5c0
[ 2133.933776][   T30] audit: type=1400 audit(1749306073.010:289): avc:  denied  { write } for  pid=273 comm="syz-executor" path="pipe:[1546]" dev="pipefs" ino=1546 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
[ 2133.934981][ T9095]  create_new_namespaces+0x3a2/0x660
[ 2133.963159][ T9095]  unshare_nsproxy_namespaces+0x120/0x170
[ 2133.968892][ T9095]  ksys_unshare+0x4ac/0x7b0
[ 2133.973412][ T9095]  __x64_sys_unshare+0x38/0x40
[ 2133.978182][ T9095]  x64_sys_call+0x442/0x9a0
[ 2133.982693][ T9095]  do_syscall_64+0x4c/0xa0
[ 2133.987114][ T9095]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 2133.993027][ T9095] page last free stack trace:
[ 2133.997700][ T9095]  free_unref_page_prepare+0x542/0x550
[ 2134.003166][ T9095]  free_unref_page+0xa2/0x550
[ 2134.007848][ T9095]  free_compound_page+0x78/0xa0
[ 2134.012706][ T9095]  __put_compound_page+0x77/0xb0
[ 2134.017717][ T9095]  __put_page+0xbc/0xe0
[ 2134.021872][ T9095]  page_to_skb+0x7b9/0xb60
[ 2134.026349][ T9095]  receive_buf+0xc17/0x49f0
[ 2134.030843][ T9095]  virtnet_poll+0x545/0xef0
[ 2134.035349][ T9095]  __napi_poll+0xbe/0x590
[ 2134.039668][ T9095]  net_rx_action+0x371/0x8e0
[ 2134.044245][ T9095]  handle_softirqs+0x250/0x560
[ 2134.049000][ T9095]  __irq_exit_rcu+0x52/0xf0
[ 2134.053507][ T9095]  irq_exit_rcu+0x9/0x10
[ 2134.057743][ T9095]  common_interrupt+0xbe/0xe0
[ 2134.062412][ T9095]  asm_common_interrupt+0x27/0x40
[ 2134.067432][ T9095] 
[ 2134.069747][ T9095] Memory state around the buggy address:
[ 2134.075364][ T9095]  ffff88811688bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 2134.083424][ T9095]  ffff88811688c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2134.091471][ T9095] >ffff88811688c080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2134.099516][ T9095]                       ^
[ 2134.103830][ T9095]  ffff88811688c100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2134.111878][ T9095]  ffff88811688c180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 2134.119928][ T9095] ==================================================================
[ 2134.127976][ T9095] Disabling lock debugging due to kernel taint
[ 2134.220007][   T30] audit: type=1400 audit(1749306073.400:290): avc:  denied  { read } for  pid=83 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[ 2134.247673][   T30] audit: type=1400 audit(1749306073.400:291): avc:  denied  { search } for  pid=83 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 2134.269549][   T30] audit: type=1400 audit(1749306073.400:292): avc:  denied  { write } for  pid=83 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 2134.290863][   T30] audit: type=1400 audit(1749306073.400:293): avc:  denied  { add_name } for  pid=83 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 2134.311738][   T30] audit: type=1400 audit(1749306073.400:294): avc:  denied  { create } for  pid=83 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 2134.332625][   T30] audit: type=1400 audit(1749306073.410:295): avc:  denied  { append open } for  pid=83 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 2134.355595][   T30] audit: type=1400 audit(1749306073.410:296): avc:  denied  { getattr } for  pid=83 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 2135.074640][T17558] device bridge_slave_1 left promiscuous mode
[ 2135.080980][T17558] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2135.088657][T17558] device bridge_slave_0 left promiscuous mode
[ 2135.094886][T17558] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2135.102820][T17558] device veth1_macvtap left promiscuous mode
[ 2135.108895][T17558] device veth0_vlan left promiscuous mode
[ 2135.617748][T17558] tipc: Disabling bearer <udp:syz2>
[ 2135.623033][T17558] tipc: Disabling bearer <udp:syz0>
[ 2135.628469][T17558] tipc: Left network mode
[ 2135.633540][T17558] tipc: Disabling bearer <udp:syz2>
[ 2135.638895][T17558] tipc: Disabling bearer <udp:syz0>
[ 2135.644197][T17558] tipc: Left network mode
[ 2136.435999][T17558] device bridge_slave_1 left promiscuous mode
[ 2136.442133][T17558] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2136.449624][T17558] device bridge_slave_0 left promiscuous mode
[ 2136.455805][T17558] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2136.464098][T17558] device bridge_slave_1 left promiscuous mode
[ 2136.470211][T17558] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2136.477801][T17558] device bridge_slave_0 left promiscuous mode
[ 2136.484026][T17558] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2136.492133][T17558] device bridge_slave_1 left promiscuous mode
[ 2136.498344][T17558] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2136.505965][T17558] device bridge_slave_0 left promiscuous mode
[ 2136.512118][T17558] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2136.521399][T17558] device bridge_slave_1 left promiscuous mode
[ 2136.527679][T17558] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2136.535215][T17558] device bridge_slave_0 left promiscuous mode
[ 2136.541332][T17558] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2136.550261][T17558] device bridge0 left promiscuous mode
[ 2136.555814][T17558] device veth1_macvtap left promiscuous mode
[ 2136.561821][T17558] device veth0_vlan left promiscuous mode
[ 2136.568155][T17558] device veth1_macvtap left promiscuous mode
[ 2136.574204][T17558] device veth0_vlan left promiscuous mode
[ 2136.580271][T17558] device veth1_macvtap left promiscuous mode
[ 2136.586513][T17558] device veth0_vlan left promiscuous mode
[ 2136.592601][T17558] device veth1_macvtap left promiscuous mode
[ 2136.598785][T17558] device veth0_vlan left promiscuous mode