last executing test programs:

18.700803142s ago: executing program 0 (id=407):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000140), 0x2101)
r1 = fcntl$dupfd(r0, 0x0, r0)
write$tun(r1, 0x0, 0x126a)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r1, 0x4058534c, &(0x7f00000000c0)={0x80, 0x1f4})
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0x12, &(0x7f0000000140), 0x4)
setsockopt$packet_rx_ring(r2, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x0, 0x0, 0xffffffff}, 0x1c)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000000c0)=@newqdisc={0x4c, 0x24, 0x0, 0x0, 0x0, {0x60}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c}}]}, 0x4c}}, 0x0)
sendto$inet6(0xffffffffffffffff, &(0x7f00000000c0)="900000001c001f4d154a817393278bff0a80a5780200", 0x16, 0x0, 0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="a00000001900010000000000000000001c140000fe000001000000"], 0xa0}}, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x6, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0)
io_setup(0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
preadv(r5, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0)
r6 = socket$l2tp(0x2, 0x2, 0x73)
setsockopt$SO_BINDTODEVICE(r6, 0x1, 0x19, &(0x7f0000000240)='wlan0\x00', 0x10)
bind$inet(r6, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10)
connect$inet(r6, &(0x7f0000000200)={0x2, 0x0, @local}, 0x10)
sendmmsg$inet(r6, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0)
syz_emit_ethernet(0x7e, &(0x7f00000000c0)={@link_local, @empty, @void, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "02000b", 0x48, 0x2f, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[], {{0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x1, 0x6558, 0x4, 0x0, [], "97de0000"}}}}}}}, 0x0)

17.838432229s ago: executing program 0 (id=411):
openat$pfkey(0xffffffffffffff9c, 0x0, 0x2000, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f00000001c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x4c8, 0x2e0, 0x9403, 0x0, 0x6602, 0x2c0, 0x3f8, 0x3d8, 0x3d8, 0x3f8, 0x3d8, 0x3, 0x0, {[{{@uncond, 0x0, 0x298, 0x2e0, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x2, 0x1, 0x0, 'syz0\x00'}}, @common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x1, 0x0, 'syz0\x00'}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@loopback, 'virt_wifi0\x00'}}}, {{@uncond, 0x0, 0xd0, 0x118, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x528)
fcntl$F_GET_RW_HINT(0xffffffffffffffff, 0x40b, 0x0)
socket$inet(0x2, 0x0, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)}, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000005b40)=[{{&(0x7f0000000000)={0x2, 0x4e20, @multicast2}, 0x10, &(0x7f00000001c0)=[{&(0x7f0000000040)="f37481d90eeaead391345b4da9d27e24c9c670da3afc5c00"/50, 0x32}, {&(0x7f0000000140)="ead5e96719a44591801f33", 0xb}, {&(0x7f0000000180)="f3f97053495b072215aee864193557c0dabdd253711d5ed9b131c5abd8796e5759ab1f639211e68e24bf4471b6ab1429b165c7248cded82bfb4a3f48e8", 0x3d}], 0x3, &(0x7f00000009c0)=[@ip_retopts={{0x40, 0x0, 0x7, {[@timestamp_addr={0x44, 0x1c, 0x93, 0x1, 0x0, [{@broadcast}, {}, {@private}]}, @noop, @timestamp={0x44, 0x10, 0x1f, 0x0, 0x0, [0x0, 0x4, 0x100]}]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @multicast2}}}], 0x60}}, {{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000380)="c1ad061c5d914eadd95de7fb63eb7b0306d91c25f3fba6c97eda8ade2420dfe1fe0f5c7a01d724be33a44f1cd52028110d8f7dd4b3421a3fe4b2066d179f938ba15c3956e1aaad35035bcde7b90ed59ee2de06c8a4af3de95bda", 0x5a}], 0x1}}, {{0x0, 0x0, &(0x7f0000001780)=[{&(0x7f0000000480)="f41fa963edcd5e2a5d", 0x9}, {&(0x7f00000004c0)}], 0x2}}, {{0x0, 0x0, &(0x7f0000004240)=[{&(0x7f0000003140)="01", 0x1}], 0x1}}], 0x4, 0xc080)
r5 = socket$inet(0x2, 0x2, 0x1)
bind$inet(r5, &(0x7f00000004c0)={0x2, 0x6e24, @empty}, 0x10)
r6 = socket$inet(0x2, 0x2, 0x1)
bind$inet(r6, &(0x7f0000000000)={0x2, 0x6ea4, @empty}, 0x10)
r7 = syz_open_dev$vcsa(0x0, 0x7b95b611, 0x802)
writev(r7, &(0x7f0000000240)=[{&(0x7f0000000200)="33568c", 0x3}, {0x0}, {0x0}], 0x3)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)

16.768029023s ago: executing program 0 (id=412):
syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000080)='./file0\x00', 0x800090, &(0x7f0000000680)=ANY=[@ANYBLOB='shortname=winnt,uni_xlate=1,shortname=mixed,rodir,shortname=lower,utf8=0,uni_xlate=1,dos1xfloppy,check=strict,uni_xlate=1,shortname=win95,iocharset=iso8859-15,codepage=855,shortname=lower,nonumtail=0,nonumtail=0,uni_xlate=0,uni_xlate=0,iocharset=iso8859-6,shortname=lower,nnonumtail=1,shortname=win95,rodir,utf8=0,nnonumtail=1,shortname=lower,shortname=mixed,iocharset=ascii,appraise,uid>', @ANYRESDEC=0x0, @ANYBLOB="00704a5ed53102c06f229ab7df8ebb0100a9bb08fcd95b2fe3708a2dec645fabf88d617119f4bafdabe8bd3890243a23231ef02a86733f0257c52e36a56d5058628c69018ffdbf08438b"], 0x6, 0x2e1, &(0x7f0000000d40)="$eJzs3T+LHGUYAPBndmd3Ry32CisRHNDCKuTS2uwhCYhXGbaIFnqYBOR2EXJw4h9crxI7v4BgLwh+EBs7S8FWsDNCYGRmZ27/ZG6zJ+yJye9XJM+98z7zPu/M7N0099wHL0+P7+Zx/+yL3yLLkuiMBhEPk9iLTjS+ihWjbwMA+D97WBTxZzHXcvjXb9YGzpbibMe1AQC78YSf/7W0+vdOOeOnq6sNANiN23feffvg8PDmO3mexa3p16fjJCLK/+fHD+7HRzGJe3E9hvEoonpR6EX1tlCGt4qimKV5aS9em85Ox2Xm9P2f6/Mf/BFR5e/HMPaqofO3jSr/rcOb+/ncUv6srOP5ev1RmX8jhvHiefJK/o2W/Bj34/VXl+q/FsP45cP4OCZxtypikf/lfp6/WXT/+vy9srwyP5mdjgfVvIWi2yw+u+J7BAAAAAAAAAAAAAAAAAAAAADA0+da3TtnEFX/nnKo7r/TfVR+0Yu8sbfan2eenzQnWvQHik5RFLMivmv661zP87yoJy7y03gprRsLAgAAAAAAAAAAAAAAAAAAwDPu5NPPjo8mk3sPtgy+r/Pa5zTdANKI+Pt2xGXOvByMlkZeuWCtJhjUax5NJp06XJ2TLo9Et5mTRGwso9zEvyp+KehuXqIJnnus5jr44cfWrHJHJ2m0HcqeXFivfa1LBp/05texdU7zdB0fJe3XcHBefFbeuFi/cf1oX70XayP97gUPZPMobredfuuh4aUvS/+FKphtmBPJps/FG7+vbCeJtcn9quNGa3qvDi78eGZbPc+RzdMf/16R6NYBAAAAAAAAAAAAAAAAAAA7tfjt35aDZxtTO8VgZ2UBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJVa/P3/bYJ0NXmLrH48OPmv9gYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCz458AAAD//1ynTfA=")
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
keyctl$KEYCTL_CAPABILITIES(0x1f, &(0x7f0000000e00)=""/4083, 0xff9)
recvmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
unshare(0x2c060000)
io_setup(0x7, &(0x7f0000000280)=<r3=>0x0)
r4 = openat$sysfs(0xffffff9c, &(0x7f0000000000)='/sys/kernel/address_bits', 0x0, 0x0)
io_submit(r3, 0x1, &(0x7f0000000500)=[&(0x7f0000000040)={0x0, 0x4000, 0x0, 0x0, 0x0, r4, &(0x7f0000000000), 0xfffffc98}])
mknod(0x0, 0x0, 0x0)
sendmsg$IPSET_CMD_SAVE(0xffffffffffffffff, 0x0, 0x0)
socket(0x10, 0x3, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002008007b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b7030000000000f7850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x103)

16.696355033s ago: executing program 1 (id=413):
mknod(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000000000bb70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000dc0)={&(0x7f0000000040)='ext4_unlink_enter\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000dc0)={&(0x7f0000000040)='ext4_unlink_enter\x00', r2}, 0x10)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000001c0)={'bridge0\x00', <r4=>0x0})
r5 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r5, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4)
setsockopt$packet_int(r5, 0x107, 0xf, &(0x7f0000001e80)=0x6, 0x4)
setsockopt$packet_rx_ring(r5, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c)
setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4)
sendto$packet(r3, &(0x7f00000000c0)="3f03fe7f0300120006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0xc9, 0x0, r4, 0x1, 0x0, 0x6, @multicast}, 0x14)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[], &(0x7f0000000100)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001d40)={&(0x7f00000009c0)='sched_switch\x00', r7}, 0x10)
r8 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
close(r8)
syz_emit_ethernet(0xfdef, &(0x7f0000000640)=ANY=[], 0x0)
unlink(0x0)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000480)='./bus\x00', 0x1e, &(0x7f00000006c0), 0x2, 0x431, &(0x7f0000000d80)="$eJzs3L9vG1UcAPDv2UlLf5FQyo+mhQYKIgKRNGmBDgwtAokBJCQYyhiStAp1G9QEiVYRBIYyokrsiBGJv4AJFgRMSKywo0oVytLCZHT2XeI4tokTp07x5yNd/d7ds977+u7Z793rJYCeNZz+k0Tsj4jfI2Kgml1bYLj6cmd5cerv5cWpJMrlt/9KKuVuLy9O5UXz9+3LM0vV/JEG9c5fvXZxslSauZLlxxYufTA2f/Xa87OXJi/MXJi5PHH69KmT4y+9OPFCR+JM23R76OO5o4dff/fGm1Pnbrz387dJHn9dHB0y3Org0x2urNsO1KSTvi42hLYUIyI9Xf2V/j8QxVg9eQPx2mddbRywrcrlcnl388NLZeB/LIlutwDojvyHPp3/5ttdGnrsCLfOVidAadx3sq16pC8KWZn+uvltJ6WzrXNL/3yVbrE99yEAANb4/mz1df34rxAP15Q7k60NDUbEAxFxMCIejIhDEfFQRKXsIxHxaJv11y+SrB//FG62H9XGpeO/l7O1rbXjv3z0F4PFLHegEn9/cn62NHMiIu6PiJHo353mx1vU8cOrv33R7Nhwzfgv3dL687Fg1o6bfXU36KYnFya3EnOtW59GDPU1ij9ZWQlIIuJwRAwd21wds89+c7TZsf+Ov4UOrDOVv454pnr+l6Iu/lzSen1y7L4ozZwYy6+K9X759fpbzerfUvwdkJ7/vQ2v/5X4B5Pa9dr59uu4/sfnTec0m73+dyXvVNK7sn0fTS4sXBmP2JW8ke0/s7p/YvW9eT4vn8Y/crxx/z8Yq5/EkYhIL+LHIuLxiDiWtf2JiHgyIo63iP+nV556f/Pxb680/um2zn/7ieLFH79bU+lgO/Gn5/9UJTWS7dnI999GG7jVzw8AAADuBYWI2B9JYXQlXSiMjlb/v/yh2Fsozc0vPHd+7sPL09VnBAajv5Df6RqouR86nk3r8/xEXf5kdt/4y+KeSn50aq403e3gocfta9L/U38Wu906YNt5Xgt6l/4PvUv/h96l/0PvatD/99TlW/yNAOBe1uj3/5MutAO4+4z/oXfp/9C79H/oXfo/9KStPNffs4lyeUc0o7uJKOyIZkhsU6Lb30wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACd8W8AAAD//wW859o=")

15.484039915s ago: executing program 0 (id=416):
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000240)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7ffffcb8}]})
mount(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000040)='devtmpfs\x00', 0x0, 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
pivot_root(&(0x7f0000000440)='./file0\x00', &(0x7f00000003c0)='./file0/../file0/../file0/../file0\x00')
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
rt_sigprocmask(0x0, &(0x7f0000000180), 0xffffffffffffffff, 0x8)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x7}, 0x4)
memfd_create(&(0x7f00000005c0)='\xa3\x9fn\xb4dR\x04i5\x02\xac\xce\xe1\x88\x9d[@8\xd7\xce\x1f 9I\x7f\x15\x1d\x93=\xb5\xe7\\\'L\xe6\xd2\x8e\xbc)JtTDq\x81\xcf\x81\xba\xe51\xf5\x00\x00\x00\x00\x00\x00\x00\x05L\xbf\xcf\x91\xdfM\xf3\x02^T*\x00\x02\xb9~B\x9f\xacl\x1d3\x06o\xf8\x16H\xaa*\x02\xf7\xfb\x06\xf1\x83\x92\xa8\xc2\xcb\xae\xb0\xb4\x93\xb8\x04\xf1\x99\xc2yY+\xd9y\x8a\xd5b\xe8\"q\x1b0)\xccm\xacz\xc1\xadd\x9b6a\xf3\xdds\xbb\x88\xff\b\x85\xb3s\x00\x0e\xbcfvi\x85\xfc.|\xd4h\xec\x82o\x8e\x93\x11\xc1\xd4\xae\x05\x17=\xd9R\xd0\xd4\x90\xcf\x9b\xdc\xaeV\x88\x94\x9f\xe3\xefqi\xed\xa8w\xbe\xd0\xd0\xc8d\x96G\xcf\x066\x84\x82-tBl\x9e+\xd3\xed\xce\x9f\x83\x86\xf9\x12\x16Ts\x80\x13]C\xfb`\xc2`\xf7\x1a\x00\x00\x00\x00\x00\x00\x00k\xae\xcb\x1a.\xc2\x8f\xd1x4]PZ\x9e\xd5Y\xf0L\xa4\xbc\x84\xf6\x04L\xff0\x8b\\*\xf9,\xb6\r\x97\xedy\xe0\x8a\xe2\x8ck\xc6S\xc3g\xb9\x1a\xf8\x8f \x9d\x00u7\xd8\'\xf1E\xa4(Q\x80Fy\xb5\xe4q\xc9\xff \xd8\x9d\xad\x11\xf8m\xd3\xbc\x9e\x10D\x7f!\xca\x0ev\x15h$\x01\xdd\xe5\xce\xf8*\xb3\x01\x85\a\xe4qv&\x9c\xac\x9aN~o\xe5\x89\xd5\a\x9f\f\x1f\xc2e/\x8d\x1e\n\xd0_\xbd!^\xa46\xb8j\xc0x\n\xdb\xe1\xa3\xd6\xae;\r\x92@\xa5I\x88Z1F\xf0\x1at\t\xd0\x8a\x04m\x06\xf3BL\xffS\x9eY\xf4\xb0U \xf8\xd00\x88y\xebX\x92\xd5\xbb\xa1h7\xf3\xe0\x0f\xbd\x02\xe4%\xf9\xb1\x87\x8aM\xfeG\xb2L\xbd\x92-\xcd\x1f\xf4\xe1,\xb7G|\xec\"\xa2\xab\xf6\x84\xe0\xcf1\x9a', 0x0)
renameat2(0xffffffffffffffff, &(0x7f00000012c0)='./file0\x00', r0, &(0x7f0000001300)='./file0/../file0/../file0/../file0\x00', 0x5)
write$binfmt_script(r0, &(0x7f0000001340)={'#! ', './file0/../file0/../file0/../file0', [{0x20, 'gre0\x00'}, {0x20, 'devtmpfs\x00'}, {0x20, '*'}, {0x20, 'gre0\x00'}, {0x20, '\x00\x00)\x88\x00\xf1'}, {0x20, '%{{'}, {0x20, 'aI\xff\xff\xff\xff'}], 0xa, "ef1f164ff163dc0600000034cdc59a73adf3bfde79dbfb7d8b027be9b949cc3aacb000de282a50264e79bb5de19c196df472b9e9b2598ac5bcbd39515ad9330829a34f3071f025e463f2d36e7b72520a75ffc41fee14ee608b0fb46ad3c7be4b98fe90e0dd2f67592e45fbf7e5913a4d46bf0df933154642275bdd6169572301c70ef1edc7d29d11a29c10e1a1d5c066e283afcebf4f6d4c46252371cd09ba76cc4f152383cea22f50e180fce1cd3c0d5e8ea7bd477ef29fa7bd69a349997b097ddb3f186bfe31f2d57099cc93d6406c38ad2461a22cc581ae7f43bfc3b199479636f430b6af4c8c64286d60128cf5ce6d0b325b1575151dbb4b4f50bda02ae48dcd7888673b"}, 0x156)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00}, 0x90)
sendto$packet(0xffffffffffffffff, &(0x7f0000000180)="43e6b4da4c60ae1bca5a5e5198", 0xd, 0x4080, &(0x7f00000001c0)={0x11, 0x2, 0x0, 0x1, 0xf7, 0x6, @broadcast}, 0x14)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x1, '\x00', 0x0, r0, 0x4, 0x3, 0x1}, 0x48)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f00000002c0)={'gre0\x00', &(0x7f0000000240)={'sit0\x00', 0x0, 0x10, 0x8, 0x0, 0x3ff, {{0x14, 0x4, 0x2, 0x23, 0x50, 0x65, 0x0, 0x80, 0x2f, 0x0, @dev={0xac, 0x14, 0x14, 0x2d}, @local, {[@generic={0x0, 0xb, "81c0a635d11256e513"}, @noop, @cipso={0x86, 0x2d, 0x2, [{0x0, 0xb, "812405229c941f619d"}, {0x0, 0x5, "89101e"}, {0x7, 0x8, "a551756fc409"}, {0x2, 0xf, "f798af53f7b8d4587b449215f2"}]}]}}}}})
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/bus/input/devices\x00', 0x0, 0x0)
pread64(r1, &(0x7f0000000280)=""/4096, 0x1000, 0x0)
r2 = socket$inet(0x2, 0x3, 0x4)
r3 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'team_slave_0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x58, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mq={0x7}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c}, {0x4}}]}, @TCA_RATE={0x6}]}, 0x58}}, 0x0)

15.276257427s ago: executing program 0 (id=417):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f"], 0x0, 0x0, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6}, 0x90)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota')
chdir(&(0x7f0000000080)='./file1\x00')
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0)
quotactl_fd$Q_SETQUOTA(r3, 0xffffffff80000800, 0x0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x7fffffff})
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
creat(&(0x7f0000000340)='./file0/file0\x00', 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
r4 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
r5 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdirat(r5, &(0x7f0000000200)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
renameat2(r4, &(0x7f0000000300)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r4, &(0x7f00000002c0)='./file0\x00', 0x2)

14.784166141s ago: executing program 0 (id=419):
r0 = socket$key(0xf, 0x3, 0x2)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x3, &(0x7f0000000040)=@framed, &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000780)=ANY=[@ANYBLOB="61128b000000000061134c0000000000bf2000000000000007000000080000002d0301000000000095000000000000007126000000000000bf670000000000005601000000ff07ad6706000002000000070300000ee60000bf250000000000002d350000000000006507000002000000070700004c0000001f75000000000000bf54000000000000160400000400f9ffad3001000000000084000000000000004500000001f0ffff95000000000000006e8ad524a56600a5585b7351ca1136aef2e9407e5c2501d11900db85604036883647b1fb3f1403b816f511c8c56e56e40b01005505f8a89dae4293b10f3631b25fc9f189084c7fddccff01361d355f6cce8ec2abcdf1bc9040daef2cfa2046e2091e269f4734ffa55eb2d4e8de20b38c8808b365b46bd54c68cd30139a8c3827a7dd6d6e2b5fea3906f8456b0000000000ff07efffffff0047018ae79db613d2aec070f718ab629b4975320dd7a7da532281fd22c7b835005bf52715396669836db6000000005b4f0591ee7c8cd263dd172b28d01c4d8ddaf2cdad3d1a74a2f078aa6402483856a6e495408d0b33047f06aec2cc590df28efc7dbec6857db922195a271af103f03e1155197e067b2ebf4e2dae06e394c9639564f000fc3cdd05a157544d0200000000000000ee48f5287123a0d246c0c4c00fe979dbc09ed4db22d7172adc6ae8faa5f9ad188e07000000000000008d88a0b4684559d46cae41db1b914e93f1f88e80ef80c6ed3e1ff91ff111000000000000000000e33de432e488ad0e724c2d14a1e770e116984a5700afb8a1f3d47277ef0e33e7e00ec5f74e10937ba0e321346977b7d1b18013f509675b5b0f352e30dffda780e95c301f4fc7d5a76475ace6b128b02bfd71023daffdf748a6bd356fcbacec96373d1101000736ac0bbcb5f4836bddfe8bf46308000000ade9e59fcf271bb98bd0b8b5216b858b414c31682f9f3db2e4d8e5898e445fe55ac56c0ddd932d838ff651023853d42210642986f8bbc7340bc8393f774318c9fc9b05788de2c6e601b50777e8dff581de1d5ae3d801ead7eba31126e2172fa1eadf5f3bec81004d00000000c8e4692e051c731f9ac766b7fd66278d40f0760f23e8c7d1f47cd8e02504e85e152955ad8acd989c0b2eea71414f533f5685c3904bfe1d0011ffc1ba5398f3d68124674478186edd036f15bf847c33f79e1a0ad3d2b5080ecb01420c9f1b534e969fce97ffff07000009000000bfe0ed7c5853a665c0805752dca0e571d75cac5a5d8e4f6e05055b6dec5a9a5696f053a92d81fd9e5f2b9dbbe24f38e745b5a95d45003d0600e413dc623f3e6b096c8b0ad7438c6631388a92c55b0671140afbfb83bba415f729fea4c8a8a86189dceedad84cdd17c46bdd847a1f4b0facd3744f5bbb06abb319204fca4bcd4297fe7b4cee75abf43e14fe861224799c0f12702964fc890a176fdafa2c9387280b5693c000c0304cece48642649375dae0b7979b229f708a97349e96e783af9a23cd3980a2c29d3d62875e5319cd51bdd224878a0b25edf0e83c930633bd9a823e28f359608ea326c77a1aa17318f392a0ec6c188916f4149c503027feccfd68ec8278a90252693fb133c4615801077e1d75420017c03990b855fe485a20b4919bb11c6d737b6545ef140a0fc339bb53953662f1454f9852e7c4e17eb8e68f076c659f56d6c7f97a94d604f45cfe88b30c170000000001000000ef931f137967de563c29d81aacb3d48226a4e4b6670900000000000000fa68bff3693afc44db2248bb38b31a14ffcddd92c38f6b6d86a0e56d47a82bad5d2a6dce4c4d353261260c9d7a6bd9f2c872c4172a3d2ac80dfb718cc159e6423065624f1300007d6072f0cf120ad2ba519afdd43a14000000000000000000000000007ef2f3c58d045f0700000094069acbe333aebd10f2118fbfeda3fa5500d52cd5241588d2b68a332edfef6d701c8936a25d68b841f982511392cc0d3a78616f8ce0f2877d099258bf85866d0ee7f803fa50fd41ef62b028d12028a7b497d92f544523290f520b0d000000000000000000007758b1267669ded883b5867c5916a74843b784955108f750c57744c76a09629dd0aaca5cb0f14f49db80a1aa2692c18fbb31cbdb3f2e138e6d5ba3491fc3617b511f24bad26466407e39000000000080d7a1bf4624d31c13a6840f45a7f4e01a50d790132abb36915e35b1ac35bf3921357f638684bba17b8fe1e2123153ecd6d1f76820d4f8fa0b96b50c457ae8d5f2351cdb7bc8170380557bc11cf6ee3395974e37018a2a7473312cb32affb8ff72a253e0d36099e460f13694b9891af526d9608271838e83d17103887f34210dd4c0cf60dec608b4ca5ba2f3037bf381e7b5d5b27820000000000000000000000b719bd34f3244730f708fdd532640edc6b82dd4ad72ecbaccafef806f5447aba2246d56a601bbd8c24ba1e16dda3296ce10de6830942eb83c24a44c48c6a5890f6441f14162e08fb3d964aa5ac94d9d5703749409deba3a702d4121547644dd581a2b34f9686dcd06"], &(0x7f0000000100)='GPL\x00'}, 0x48)
socket$inet6_sctp(0xa, 0x1, 0x84)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r1}, 0x10)
setsockopt$MRT6_DEL_MIF(0xffffffffffffffff, 0x29, 0xcb, &(0x7f0000000100)={0x1}, 0xc)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
ioctl$FS_IOC_GETFSLABEL(r2, 0x800452d2, &(0x7f0000000100))
sendmsg$key(r0, &(0x7f00005f5000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000140)={0x2, 0x400000000000003, 0x0, 0x0, 0x19, 0x0, 0x0, 0x0, [@sadb_lifetime={0x4, 0x3}, @sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @loopback}}, @sadb_lifetime={0x4, 0x4}, @sadb_sa={0x2, 0x1, 0x0, 0x40}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x4e20, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}, @sadb_address={0x3, 0x7, 0x0, 0x0, 0x0, @in={0x2, 0x0, @multicast1}}]}, 0xc8}}, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0xa80000, &(0x7f0000000a40)={[{@stripe={'stripe', 0x3d, 0x3}}, {@noauto_da_alloc}, {@jqfmt_vfsold}, {@noinit_itable}, {@noauto_da_alloc}, {@delalloc}, {@resuid}, {@oldalloc}, {@jqfmt_vfsv1}]}, 0xfc, 0x550, &(0x7f0000000340)="$eJzs3d9rW1UcAPDvTdv91nUwhvoghT04mUvX1h8TfJiPosOBvs/Q3pXRZBlNOtY6cHtwL77IEEQciH+A7z4O/wH/ioEOhoyiD75EbnrTZWvSZm22Zubzgduec89Nzz0593t6bk5CAhhaE9mPQsSrEfFtEnG4rWw08sKJteNWH16fzbYkGo3P/koiyfe1jk/y3wfzzCsR8dvXEScLG+utLa8slMrldDHPT9YrVyZryyunLlVK8+l8enl6ZubMOzPT77/3bt/a+ub5f3749O5HZ745vvr9L/eP3E7ibBzKy9rbsQM32jMTMZE/J2Nx9okDp/pQ2SBJdvsE2JaRPM7HIhsDDsdIHvXA/99XEdEAhlQi/mFIteYBrXv7Pt0HvzAefLh2A7Sx/aNrr43Evua90YHV5LE7o+x+d7wP9Wd1/PrnndvZFv17HQJgSzduRsTp0dGN41+Sj3/bd7qHY56sw/gHz8/dbP7zVqf5T2F9/hMd5j8HO8Tudmwd/4X7faimq2z+90HH+e/6otX4SJ57qTnnG0suXiqn2dj2ckSciLG9WX6z9Zwzq/ca3cra53/ZltXfmgvm53F/dO/jj5kr1Us7aXO7BzcjXus4/03W+z/p0P/Z83G+xzqOpXde71a2dfufrcbPEW907P9HK1rJ5uuTk83rYbJ1VWz0961jv3erf7fbn/X/gc3bP560r9fWnr6On/b9m3Yr2+71vyf5vJnek++7VqrXF6ci9iSfbNw//eixrXzr+Kz9J45vPv51uv73R8QXPbb/1tFbXQ8dhP6fe6r+f/rEvY+//LFb/b31/9vN1Il8Ty/jX68nuJPnDgAAAAAAAAZNISIORVIorqcLhWJx7f0dR+NAoVyt1U9erC5dnovmZ2XHY6zQWuk+3PZ+iKn8/bCt/PQT+ZmIOBIR343sb+aLs9Xy3G43HgAAAAAAAAAAAAAAAAAAAAbEwYh9nT7/n/ljZLfPDnjmfOU3DK/u8Z+X9OObnoCB5P8/DC/xD8NL/MPwEv8wvMQ/DC/xD8NL/MPwEv8AAAAAAAAAAAAAAAAAAAAAAAAAAADQV+fPncu2xurD67NZfu7q8tJC9eqpubS2UKwszRZnq4tXivPV6nw5Lc5WK1v9vXK1emVqOpauTdbTWn2ytrxyoVJduly/cKlSmk8vpGPPpVUAAAAAAAAAAAAAAAAAAADwYqktryyUyuV0UUJiW4nRwTgNiT4ndntkAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBH/gsAAP//sQI4ww==")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
pwrite64(r3, &(0x7f0000000140), 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
pwritev2(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305839, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
io_submit(0x0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, 0x0, 0x24e)
syz_open_procfs(0xffffffffffffffff, 0x0)
fanotify_init(0x0, 0x0)

14.263937804s ago: executing program 1 (id=422):
r0 = syz_open_dev$video4linux(&(0x7f0000000000), 0x0, 0x0)
ioctl$VIDIOC_QUERY_EXT_CTRL(r0, 0xc02c5625, &(0x7f00000003c0)={0x80f0f000, 0x106, "9a555c14c966e134d198b9aaaa7da80f8e4fa888dece6ffdb507a3c83e58e128"})
r1 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x1a, &(0x7f0000000000)=0x6, 0x4)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0xffffff73, &(0x7f0000000040)=0x1)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r2, &(0x7f0000000580)=[{&(0x7f0000000640)=""/102396, 0x18ffc}, {0x0}], 0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
ftruncate(r3, 0x200002)
open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
r4 = syz_open_dev$cec(&(0x7f0000000180), 0x0, 0x0)
ioctl$CEC_ADAP_S_LOG_ADDRS(r4, 0xc05c6104, &(0x7f00000001c0)={"c800", 0x0, 0x6, 0x3, 0x0, 0x0, "01cff78ea77000ebff00", "000200", "05049e3c", "798a202d", ["c2fffedbff00ffdf144000ef", "ffff08000000000000042371", "070500110800c1024b00", "38a70ed483d94574c99b9f16"]})
setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000080)={{{@in6=@mcast1, @in6=@ipv4={'\x00', '\xff\xff', @multicast2}, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee00}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@dev, 0x0, 0x32}, 0x0, @in=@remote}}, 0xe8)
connect$pppl2tp(0xffffffffffffffff, &(0x7f00000002c0)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x4, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast2}}}, 0x32)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="1400000035000107000020000000000007"], 0x14}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="60000000100001040100"/20, @ANYRES32=0x0, @ANYBLOB="7b130000000000003800128008000100677470002c00028008000100", @ANYRES32, @ANYBLOB="08000200", @ANYRES32, @ANYBLOB="08000200", @ANYRES64=r1], 0x60}}, 0x0)
syz_usb_connect(0x2, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="120100006f8db4088205e82806f50102030109021b0001000000000904000001fff14c0009050e03", @ANYRES16=0x0], 0x0)

12.912661039s ago: executing program 3 (id=424):
socket$igmp6(0xa, 0x3, 0x2)
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1810714, &(0x7f0000000440)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x1}}, {@init_itable_val}, {@nolazytime}, {@grpid}, {@prjquota}, {@norecovery}, {@lazytime}, {@errors_continue}, {@auto_da_alloc}, {@test_dummy_encryption}]}, 0xff, 0x468, &(0x7f0000000780)="$eJzs289vFFUcAPDvzG4BQdmKiIIgVTRp/NHSgsrBxGg08aCJiR7wWNtCkIUaWhMhjVZj8GhIvBuPJv4FnjwZ9WTiFY8mhoQoMQG9uGZ2Z0q77JbWbtlN9/NJBt6befve+3bmzb6dtxtA3xrK/kki7o6IyxFRaWSXFxhq/Hfj2vzk39fmJ5Oo1d78I6mXu35tfrKWK163I69zOI1IP03yRmJgabWz5y+cnqhWp8/l+dG5M++Nzp6/8PSpMxMnp09Onx0/duzokbHnnh1/pkWvf7u01jiz+K7v+3Bm/95X3770+uTxS+/8+E3W3z0HGsezONZa5+0MZYH/2fjbNB97vNONddm/tZtxJuVu94bVKkVEOR+cl6MSpbh58irxyidd7RywobJ79tb2hxdqwCaWRLd7AHRH8Uafff4ttjs09egJV19sfADK4r6Rb40j5UjzMgMb2P5QRBxf+OfLbIum5xC1Fs8NAADW67ts/vNUq/lfGnuWlNuZrw0NRsS9EbErIu6LiN0RcX9EvewDEfHgGtsfasrfOv9Mr/yvwFYpm/89n69tLZ//FbO/GCzluXvq8Q8kJ05Vpw/nf5PhGNia5cdaVV5U8fIvn7drf+n8L9uy9ou5YF7JlXLjAd22Ys/UxNxEpyalVz+O2FduFX+yuBKQRMTeiNi3tqp3FolTT3y9v12h28e/gg6sM9W+KiqZX4im+AvJyuuTo9uiOn14tLgqbvXTzxffaNf+uuLvgOz8b19+/TeVqPyVLF2vnV088MJq27j462dtP1OWV3/9L8qu/y3JW/U13S35vg8m5ubOjUVsSV6r55ftH7/52iJflM/iHz7Uevzvyl+Txf9QRGQX8YGIeDgiDubn7pGIeDQiDq0Q/w8vPfZuu2O9cP6nWt7/Fq//weXnf+2J0unvv23X/uruf0frqeF8T/3+dxvtu1PcRpuuZgAAANjE0vp345N0ZDGdpiMjje/w747taXVmdu7JEzPvn51qfId+MAbS4klXZcnz0LFkIa+xkR/PnxUXx4/kz42/KN1Vz49MzlSnuhw79LsdbcZ/5vdSt3sHbDi/14L+1Tz+0y71A7jzvP9D/zL+oX8Z/9C/Wo3/j5ry1gJgM6pVut0DoHvM/6F/Gf/Qv4x/6Evr+V3/RiXKK/x6X6JXEpH2RDd6JnGwh0ZTuQOju8s3JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgA75LwAA///foPki")
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff00}, 0xfffffffffffffd19)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x8000, 0x7, 0x0, 0xffffffffffffffff, 0x9}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x91e4b95fcc343e0a)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r4, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000001740)={r4, 0x0, &(0x7f0000001700)=""/53}, 0x20)
syz_mount_image$fuse(0x0, &(0x7f00000001c0)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = dup(0xffffffffffffffff)
write$UHID_INPUT(r6, &(0x7f0000001980)={0x9, {"a2e3ad214fc752f91b2909094bf70e0dd038e7ff7fc6e5539b324c078b089b34383b6d1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31310d076d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006)

12.197525177s ago: executing program 1 (id=426):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
modify_ldt$write(0x1, 0x0, 0x0)
r3 = syz_io_uring_setup(0x24fa, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000240)=<r4=>0x0, &(0x7f0000000140)=<r5=>0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x58}, 0x0)
write$UHID_CREATE2(r6, &(0x7f00000001c0)=ANY=[@ANYBLOB='3'], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r6, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r3, 0x2d3e, 0x0, 0x0, 0x0, 0x0)
r7 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
unshare(0x60600)
execveat(r7, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0)
r8 = syz_open_dev$vim2m(&(0x7f0000000080), 0x2, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r8, 0xc0145608, &(0x7f0000000040)={0x0, 0x1, 0x4})
ioctl$vim2m_VIDIOC_STREAMOFF(0xffffffffffffffff, 0x40045612, &(0x7f0000000240)=0x1)
ioctl$VIDIOC_SUBDEV_S_FMT(0xffffffffffffffff, 0xc0585605, &(0x7f0000000240)={0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xefb3fef2f5888af0}})

9.618397514s ago: executing program 3 (id=428):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000001400010000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00'}, 0x10)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
pipe2$9p(&(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="1500000065ffff"], 0x15)
dup(r0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$inet_tcp(0x2, 0x1, 0x0)
r2 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
getsockopt$inet_tcp_int(r2, 0x6, 0x2, 0x0, &(0x7f00000003c0)=0xfffffffffffffe2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='mm_page_alloc\x00', r1}, 0x10)
socket(0x0, 0x3, 0x0)
pipe2$9p(0x0, 0x0)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000080)=ANY=[], 0x15)
r3 = dup(0xffffffffffffffff)
write$FUSE_DIRENTPLUS(r3, &(0x7f0000000480)=ANY=[@ANYBLOB="9802"], 0x298)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x10)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl(r5, 0x4, &(0x7f0000000400)="b2671e06706622d907a1ec938626453857a976996eb6bd0372a7638e9bb5464efa537890f269d427f4b228c7c5a2fa342816cd7efb394be749cb3056260b68d568de87ecccfa468d89ebfc0e2ba2b5a272")
ioctl$VT_RESIZEX(r5, 0x560a, &(0x7f0000000040)={0x7ff, 0x40, 0x42, 0x0, 0x8000, 0x1})
ioctl$VT_RESIZE(r5, 0x5609, &(0x7f0000000080)={0x9, 0x846, 0x401})

9.498054222s ago: executing program 1 (id=429):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x40)
ioctl$SNDRV_TIMER_IOCTL_TREAD(r0, 0x40045402, &(0x7f0000000040))
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
r3 = socket(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x39, &(0x7f0000000000)=ANY=[@ANYBLOB="0002330100000000fc01000000000000000000000000f2ff"], 0x18)
r4 = fanotify_init(0x0, 0x101000)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='net_prio.prioidx\x00', 0x275a, 0x0)
fanotify_mark(r4, 0x101, 0x20, r5, 0x0)
r6 = open(&(0x7f0000000080)='./bus\x00', 0x1c5b42, 0x0)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r6, 0x6611, 0x0)
open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000280)={0x4000}, 0x10)
sendmsg$nl_generic(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x38, 0x16, 0x400, 0x70bd28, 0x0, {0xa, 0x0, 0x700}, [@nested={0x24, 0x80, 0x0, 0x1, [@typed={0xc, 0x81, 0x0, 0x0, @u64=0x101}, @typed={0x14, 0xe8, 0x0, 0x0, @ipv6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}]}]}, 0x38}}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f0000000440)={'sit0\x00', &(0x7f0000000400)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @multicast1}}}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r1, 0x89f5, &(0x7f00000001c0)={'syztnl0\x00', &(0x7f0000000000)={'ip_vti0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14}}}})
r7 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000001880), 0x2, 0x0)
r8 = eventfd2(0x0, 0x0)
ioctl$VHOST_SET_OWNER(r7, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_CALL(r7, 0x4008af21, &(0x7f0000000000)={0x0, r8})
ioctl$VHOST_SET_VRING_KICK(r7, 0x4008af20, &(0x7f0000000080)={0x0, r8})
r9 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000016c0), 0x2, 0x0)
dup3(r9, r7, 0x0)

9.292608708s ago: executing program 2 (id=430):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000e80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x3e80}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000400)='./file1\x00', 0xa08802, &(0x7f0000000140)=ANY=[], 0x1, 0x67b, &(0x7f0000001540)="$eJzs3c1rHOcdB/DvrFay5IKjJLaTlkBFDGmpqS1ZKK16idtD0SGU4B5CoRdhy7HwWgmSUpRQWvX92kP+gPSgQ6GXFno3pNBT21voTfRQAoVectLNZWZnpZX1kl1Z0lrN52Nm95l5Xue3M89odjET4HNr7mqaD1Nk7urra+X65sZ0a3Nj+lyd3UpSphtJs/2WYikpPkpupr3ki+XGunxxUD8fLM7e+vjTzU/aa816qco3DqvXm/V6yUSSofp9r+EjtXf7wPYON7+dKrb3sAzYlU7gYNAe7bHeT/UnPG+Bp0HRvm7uMZ6cTzJa/x2QenZonO7ojl9fsxwAAACcUc9sZStruTDocQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBZUj//v6iXRic9kaLz/P+Relvq9K3GgMf8JB4OegAAAAAAAAAAcAy+vJWtrOVCZ/1R+5f9l6vXi9XrF/JuVrKQ5VzLWuazmtUsZyrJeFdDI2vzq6vLUz3UvLFvzRtHG/8fj1YNAAAAAAAAAP7f/DxzO7//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA06BIhtpv1XKxkx5Po5lkNMlIWW49+UcnfUYU+218ePrjAAAAgCcyeoQ6z2xlK2u50Fl/VFT3/Jer++XRvJulrGYxq2llIXfqe+jyrr+xuTHd2tyYfrC5MV11/MNHbe12vv3fvoZRtZj2dw/79/xiVWIsd7NYbbmW29Vg7qRR1Sy9WI9ne9ndyc/KMY29VutxZHfq97Kz3x70LcJxaPRbYbyqNLwdkcl6bGVDzx4eic/8dJqH9jSVxvY3PxcP6amzS0WfMT/fqZfk14/F/LV///4HPTZzArYj0UgViRtdR9/lw2OefOXPf3jzXmvp/r27K1dP7DA6LY8fE9NdkXjhTEei2Wf5ySoSl7bX5/LdfD9XM5E3spzF/CjzWc1C6pkx8/XxXL6Od0Up2ROpm7vW3viskYzUn0t7Fu1lTBM5V6Xm83JV90IWU+Tt3MlCXq3+3chUvpGZzGS26xO+dOAnXO1bNdM2+jvrr3w1O6f6b8qZurd6yV97Ldi/9iW1jOuzXXHtnnPHq7zuLTtReq6H61Gfc2PzS3Wi7OMXR7lsnJjHIzHVFYnnD4/E76pzY6W1dH/53vw7B7S//tj6K8M76V+d5JW5b+Xx8lxG65lk99FR5j2/PcvsjtdI/YtLO6+xJ+9SlVcUnTP1e/ucqWXEZ6vSl/dt6UaV98LevKF65P/8V1ferr+38vbfBhNPAPp0/mvnR8b+M/b3sQ/Hfjl2b+z10e+c++a5l0Yy/JfhbzUnh15pvFT8KR/mJzv3/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwNGtvPf+/flWa2F5/0Tj4KzjTRT1g3wOKtPMWE5hGKeZKJL1Y285g9+vHhKdhwg+aTtv3nwqdudMJ4aS1Ft+muwcP/VHdJSHiwJnwvXVB+9cX3nv/a8vPph/a+GthaXhmZnZydmZV6ev311sLUy2Xwc9SuAk7Pw9MOiRAAAAAAAAAAAAAL06jf9p0NXdxAB3FQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADij5q6mOZwiU5PXJsv1zY3pVrl00jslm0kajaT4cVJ8lNxMe8l4V3PFQf18sDh76+NPNz/ZaavZKd84rF5v1uslE0mG6vc9Ro7W3u2D2utZsb2HZcCudAIHg/a/AAAA//9FqgbH")
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180), &(0x7f00000002c0)=ANY=[], 0xb2, 0x0)
lsetxattr$trusted_overlay_upper(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="180000000000000000000000000000009500160000000000e2bac15d3b6641a215f099e26603a050337b2ccc70a9f928ba3c529bb6e7365e7e246317380f5884d79663e7fcaa89795d7b10e88378c33265a7af06040e3d0bbc6a5864dfa023c6ac1da574242785bbb4ece12b11da52496875e1e384042aad63a3094bf3bc0e40a79960f9f1610940e67e30611d9873d1e6cb9c4cce44c999c49ff52a6400192fd021d7158438d7686a6f66778022c93c544189b684754e7e0f77a4f498609e53104c8aa70632fcc58c757bbc06f6472622dce2729d7296959ce003ec84acd015e352484c42fc29e5aea62fb7977813f7254fd6f62fec638abf292e6c33925b29"], &(0x7f0000000000)='syzkaller\x00'}, 0x80)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r3, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x7}, 0x4)
setsockopt$packet_int(r3, 0x107, 0x16, &(0x7f0000000000)=0x4, 0x4)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@dev, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@dev, 0x0, 0x33}, 0x0, @in=@loopback, 0x0, 0x0, 0x0, 0xb7}}, 0xe8)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x10)

8.14956619s ago: executing program 3 (id=431):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x0, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xcf}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r0}, 0x10)
r1 = socket$inet(0x2, 0x3, 0x4)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000440)='blkio.throttle.io_serviced\x00', 0x0, 0x0)
write$cgroup_devices(0xffffffffffffffff, 0x0, 0x8)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
process_vm_readv(0x0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0xffffff3b}], 0x2, &(0x7f0000008640)=[{&(0x7f0000000000)=""/95, 0x7ffff000}], 0x286, 0x0)
setsockopt$inet_opts(r1, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f00000000c0)='ip6_vti0\x00', 0x10)
sendmmsg$inet(r1, &(0x7f0000000f40)=[{{&(0x7f0000000040)={0x2, 0x0, @broadcast}, 0x10, 0x0}}], 0x1, 0x0)
mount(&(0x7f0000000340)=@sr0, &(0x7f0000000380)='./file0\x00', &(0x7f00000003c0)='msdos\x00', 0x20000, &(0x7f0000000400)='kmem_cache_free\x00')
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r6, 0x0, 0x40, &(0x7f0000000500)=@raw={'raw\x00', 0x8, 0x3, 0x480, 0x0, 0xa, 0x148, 0x190, 0x10, 0x3e8, 0x2a8, 0x2a8, 0x3e8, 0x2a8, 0x3, 0x0, {[{{@ip={@rand_addr, @multicast1, 0x0, 0x0, 'syz_tun\x00', 'rose0\x00'}, 0x0, 0x120, 0x190, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'dummy0\x00', {0x0, 0x0, 0x9, 0x0, 0x0, 0xffffffff, 0x7}}}, @common=@inet=@hashlimit1={{0x58}, {'pim6reg0\x00', {0x0, 0x0, 0x10001, 0x0, 0x8, 0x6, 0xa359e000}}}]}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "f2f7b90ad2b60c45cb4ea6e7bf902bdc2ff8a9304d9f655c746adc0bdc773506378bc0d27efd6abb05175089830cc46186074d7de46d5af300"}}}, {{@ip={@empty, @multicast2, 0x0, 0x0, 'pimreg1\x00', 'veth0_to_team\x00'}, 0x0, 0x1f0, 0x258, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'geneve0\x00'}}, @inet=@rpfilter={{0x28}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz1\x00'}}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x4e0)

7.931147975s ago: executing program 2 (id=433):
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x0, 0x6, &(0x7f0000000000)=@framed={{0xffffffb4, 0x9, 0x0, 0x0, 0x0, 0x71, 0x11, 0xbb}, [@func, @call, @exit]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0xe}, 0x90)
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{}]})
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000240)='numa_maps\x00')
set_mempolicy(0x1, &(0x7f0000000000)=0x3ff, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000001afc180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703000000090000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
ioprio_set$pid(0x0, 0x0, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000040), 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[], 0x1c}}, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000380), r5)
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, 0x0, 0x0)
getsockopt$inet_mtu(0xffffffffffffffff, 0x0, 0xa, &(0x7f0000000040), 0x0)
read$FUSE(r0, &(0x7f0000002140)={0x2020}, 0x2020)
mount(0x0, &(0x7f0000000240)='.\x00', &(0x7f000015bffc)='nfs\x00', 0x0, &(0x7f0000000000))

7.830672175s ago: executing program 4 (id=434):
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="00b762db125ccf07756f2e63fad8dd9e30f85132ca13e943ea4a354592e11b24761ca4cb62d56be84c24d762829961ee1206e514b7157b7e9d72f1c22f355497bfeade86697ce75bafd8a0e9b8d1d0d8786433670adee675f9d31586f013397c412624f65ab90c85554812a382bf4bed80997a75b2fac6863112088405458d3c4c6b58"], 0x1, 0x17a, &(0x7f0000000240)="$eJzsmM9KAlEUxr97x5SiJ2jTIiEjGmfGijYthJYtiv7RLslJrFFDZ5Hu2rb1CYLeIGjdC/QCrSoSInDZeuL+UW+SWouC6PwWx+96zz2ee4RvYEAQxL/l6fHtofV8cWUBmEQSCf39i9XL4UZ+udlqVkvrrzfzd5v3a9ex/noMQBR9/fdFgdushVCvo+jj6aT+3Abv6h1wzGm9BwZb6wNw7Grtg2Ff62NDV0S+bR8VA98+rAR5IRwRXBE8ETL9/bXPGfJGf8zYr9UbJ7kg8Ks/KEbNr53lWDX6M/+vzmwcY34uOFytM2DY0noFic5s1EiM+0/FevWtX74/CRIk/pro+VN0yTBr+JP50EiHpdN0rd5YKJZyBb/glz0vs+wsOs6Sl5ZGpOIQ/xuX/jRh1B8bkBtncZzlwrDqqthdeyp+5rhc+h9HakathffHB3aj9pk+x6RKWUPSCYIgCIIgCIIgCIIgCIIgvsE0mHwLOgJvQ2a/BwAA///uyXjV")
socketpair(0x0, 0x0, 0x0, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}}, 0x0)
timer_gettime(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
mknodat$loop(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ptrace$ARCH_SHSTK_STATUS(0x1e, 0x0, 0x0, 0x5005)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x24, &(0x7f00000002c0)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x3}, {{0x18, 0x1, 0x1, 0x0, r4}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x2, 0x3, 0xa, 0x9, 0xfe00}, {0x5, 0x0, 0xb, 0xa}, {0x3, 0x3, 0x3, 0xa, 0xa, 0xfff8}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8, 0x0, 0x0, 0xfffffdff}, {}, {}, {0x7, 0x0, 0xc}, {0x18, 0x2, 0x2, 0x0, r3}, {}, {0x46, 0x8, 0xfff0, 0x76}}, @printk={@u, {0x3, 0x3, 0x3, 0x4, 0x9}}], {{0x7, 0x1, 0x7, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f00000003c0))
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000500)='./file2\x00', 0x0, 0x0)
read$FUSE(r5, &(0x7f0000001a40)={0x2020}, 0x2020)

6.186903861s ago: executing program 2 (id=435):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000740)={'veth1_vlan\x00', <r2=>0x0})
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000080)={0x1b, 0x0, 0x0, 0x401, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x1}, 0x48)
fcntl$setflags(r3, 0x2, 0x1)
socket$alg(0x26, 0x5, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48)
r5 = accept$inet6(r1, &(0x7f0000000100)={0xa, 0x0, 0x0, @private2}, &(0x7f0000000140)=0x1c)
setsockopt$inet6_IPV6_HOPOPTS(r5, 0x29, 0x36, &(0x7f0000000200)={0xc, 0x1, '\x00', [@enc_lim, @padn={0x1, 0x4, [0x0, 0x0, 0x0, 0x0]}]}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r4, <r6=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
socket$nl_xfrm(0x10, 0x3, 0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r7 = epoll_create1(0x0)
close_range(r7, r6, 0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r8 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
write$cgroup_subtree(r8, &(0x7f0000000200)=ANY=[], 0x0)
preadv(r8, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket(0x0, 0x0, 0x0)
socket(0x10, 0x2, 0x0)
r9 = socket$qrtr(0x2a, 0x2, 0x0)
bind$qrtr(r9, &(0x7f0000000000)={0x2a, 0x1}, 0xc)
bind$qrtr(r9, &(0x7f00000000c0)={0x2a, 0x1, 0x4001}, 0xc)
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000400)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x14, 0x2, [@TCA_FQ_CODEL_MEMORY_LIMIT={0x8}, @TCA_FQ_CODEL_DROP_BATCH_SIZE={0x2}]}}, @TCA_INGRESS_BLOCK, @qdisc_kind_options=@q_pfifo]}, 0x48}}, 0x0)

6.120208124s ago: executing program 3 (id=436):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000090024206d041cc340000000000109022400010000a00009040000010301010009210008000122010009058103"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000240)={0x24, &(0x7f00000002c0)=ANY=[@ANYBLOB="00000c000000070001"], 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000180)={0x84, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB=' '], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x313342, 0x0)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
linkat(0xffffffffffffffff, &(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xffffffffffffffff, 0x0, 0x0)
writev(0xffffffffffffffff, &(0x7f00000003c0)=[{&(0x7f0000000000)="390000001300034700bb65e1c3e4ffff010000000100000056000000250000001900000000", 0x25}], 0x1)
ioctl$sock_SIOCGIFVLAN_SET_VLAN_NAME_TYPE_CMD(0xffffffffffffffff, 0x8982, &(0x7f0000000000)={0x6, 'dvmrp1\x00'})
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, 0x0, 0x0)
mount(0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000001800)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000792000/0x18000)=nil, &(0x7f0000000300)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$VHOST_SET_FEATURES(0xffffffffffffffff, 0x4008af00, &(0x7f0000000000)=0xc000000)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text16={0x10, 0x0}], 0x1, 0x1d, 0x0, 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000001200)={0x84, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x20, 0x0, 0x4, {0x1}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000540)={0x2c, &(0x7f0000000640)=ANY=[@ANYBLOB="000004000000a3fcb9"], 0x0, 0x0, 0x0, 0x0})
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)

5.201899172s ago: executing program 4 (id=437):
ioctl$IOC_WATCH_QUEUE_SET_FILTER(0xffffffffffffffff, 0x5761, &(0x7f0000000140)={0x2, 0x0, [{}, {0x8000}]})
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000001680)={&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000680)=""/4096, 0x1000}, &(0x7f00000016c0)=0x40)
sendmsg$DEVLINK_CMD_RATE_GET(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x34, r4, 0x701, 0x0, 0x0, {0x26}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0)
openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'vxcan1\x00'})
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000400)=0xffffffffffffffff, 0x4)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000500)=@generic={0x0, 0x0, 0x8}, 0x18)
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, &(0x7f0000000380)={0xc})
sched_setaffinity(r0, 0x8, &(0x7f0000000100))

4.171373098s ago: executing program 4 (id=438):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
syz_genetlink_get_family_id$team(0x0, 0xffffffffffffffff)
openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(0xffffffffffffffff, 0xc0045006, 0x0)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f00000001c0), 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, 0x0}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x1, 0xc, 0xffff, 0x1}, 0x48)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000200)={r3, &(0x7f0000000240), 0x20000000}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000002c0)={r3, &(0x7f0000000140), &(0x7f0000000240)=""/101}, 0x20)
r4 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x800, 0x0)
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r5=>0x0})
r6 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r6, 0x3b81, &(0x7f0000000080)={0x19, 0x0, <r7=>0x0})
ioctl$IOMMU_IOAS_COPY(r4, 0x3b83, &(0x7f0000000100)={0x28, 0x4, r5, r7, 0x5, 0xa05})

3.918183687s ago: executing program 1 (id=439):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000e00), 0x2, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000003c0)={<r1=>0x0}, &(0x7f0000000380)=0x42)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000900)=@newlink={0x3c, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0xe403}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @veth={{0x9}, {0x4, 0x2, 0x0, 0x1, @void}}}, @IFLA_NUM_RX_QUEUES={0x8, 0x20, 0x5}]}, 0x3c}}, 0x0)
syz_mount_image$minix(&(0x7f0000000180), &(0x7f00000001c0)='.\x00', 0x0, &(0x7f0000000200), 0x1, 0x171, &(0x7f0000000000)="$eJzs3NtKOlEUx/HfePz/Ox9vugoK6ibHtMJbH0V0EmmsyC5SgupRerJ6AIV6gSba2kFRZzJyML8fkFmyZrHXvti6vHAEYGotSbISUlyS53k3V9uWNsNuCsBYeHrxAEyr6FPYHQAIRysfNXPAo6SH5+tis/OKB5wfWvmIud5Kan6pTwStv7PMdSPWXZ+U9C/I/HLfrt/pWf//N9efea9/exMLWGzq2/vf3epef1bSnKR5SQuSFju/tZYlrfRZv9TT/3rwFoCRWUr55YfeENFxxXXSA/Nxk98fmE+YfMYnnx2YT5p8qnjmloa1CaCPyA/Pf9Tn/Md8zj+A8NTqjZOC6zoXBAQEBB9B2J9MAH6bfVk9t2v1xl6lWig7Zec0k8lls4fpo4OcbSZ7e/h8D2ByfX7ph90JAAAAAAAAAAAAAAAY1aqktYD38lwQAAAAYLKN4+9EYe8RAAAAAAAAAAAAAAAAAAAA+CteAwAA//8p00zj")
memfd_create(&(0x7f0000000000)='\xff\x00l\x1e\xa0</\x00\x8eO4._\x14zC\x8a\xe8\xe0u\xe0\xff\xf1\xb2\xfd\xf6nz\x05-]\xc2Vk\xaeky\xd3\x83\xe2\xc7\xd3\xe6M^\x98o\t\xe9Q1\x1dK\x9a\x045\xd37\xb22\xfdD(\xd2\xdd\xa0\xff\x0f\x00\x00\x00\x00\x00\x00v\n\xd8?]k\x14N\x18\xf4\xc2j\xed6g\x00\xd2\xd4\xe3\x1f\xa6 \xa0\x8d\xb5\x9aE<2`]<\x8cR\xd69\x0fO\xbf\xc3\xbd\xb0\x96\x90\x91k\x86\x1a\x10\xd2\xf5\x8b\xfc\xf4\xd0[\x12\xf5+\x1aS\x02/Yx\xf2jJb\x97\x9c/\x1f5i\xc6\x861\x9a\xff\xc3\xe7\xbfU\xd5\xac\xccB=\x8f\xfd\x84\xeepQ\x93nn\x0f\xc6\xa9?\xad\x8b~\x96@i=G\x9ft\x1d\xcc\xc6Ys7\x7f\x8ehv\xd3$\x13s\xa0\xbfi\xfaFS\xa9=Xe\xf8tI\x15\x882\x8b\x8e-X\xb8\xf2\x9du\x01S^\xec\xce\xfaf$S\x9f\xe7Ed\n\x84\\ u\xd2\x16\xc1\xa5\xa0\xaa\xe8.i\xc8\x0e\vt\xe2\xf1lA\x93\xdd\xce\x8f$\x06v\xbe\xe7\x95nN\xc5\xaa\x1ev\xc6P\x9c\\G&y\x8bYA\xc3}\xd9\x86[\xb2\xf3\x0f\x90%\xcbH\x19m\xdfOY\xf1E9-\xc8\xe7\x13^+(\x034\x82\xafiOO\x14\x8f^\x8c\x00'/334, 0x7)
r3 = syz_io_uring_setup(0x2bac, &(0x7f0000000340), &(0x7f0000000100)=<r4=>0x0, &(0x7f0000000140)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000180)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r3, 0x40002, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b00)={0x3, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB], &(0x7f0000000000)='syzkaller\x00'}, 0x90)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r7 = dup(r6)
write$UHID_INPUT(r7, &(0x7f0000001040)={0xf, {"a2e3ad21ed0d09f91b5b090987f70906d038e7ff7fc6e5539b0d3d0e8b089b32376d07060890e0878f0e1ac6e7049b334a959b3e9a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070b07580936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383701d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f176792a1d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541259bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a1d83c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b6080000007a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16fedd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb06ffc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b6030000000000000015da202d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d2c624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
r8 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x8, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r8}, {}, {0x85, 0x0, 0x0, 0x61}}]}, &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
timer_create(0x0, &(0x7f0000000300)={0x0, 0x3f, 0x0, @tid=r1}, &(0x7f0000000340))
r9 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_int(r9, 0x6, 0x8, &(0x7f0000000040)=0xf97, 0x4)
r10 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000a8f4dd086d0492082a6d0000000109021b0001000000000904"], 0x0)
syz_usb_control_io$hid(r10, 0x0, &(0x7f0000000480)={0x2c, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r10, 0x0, 0x0)
syz_usb_control_io$hid(r10, 0x0, &(0x7f0000000380)={0x2c, &(0x7f00000001c0)={0x0, 0x0, 0x1, 'e'}, 0x0, &(0x7f00000002c0)={0x0, 0x8, 0x1}, 0x0, 0x0})
sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0xc9)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x8, 0x18, 0xfa00, {0x0, 0x0}}, 0x20)
socket$packet(0x11, 0x3, 0x300)

3.766964399s ago: executing program 2 (id=440):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/failed_transaction_log\x00', 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000080)='./file0\x00', 0xa08886, &(0x7f0000000040)=ANY=[@ANYRES32=0x0], 0x49, 0x2a8, &(0x7f0000000500)="$eJzs3F9IU38Yx/HHPz/1Z+hGRFBQPeVNRRzcrgMdoRENjHJhCcExz2rstI2dsZqEWxB400U3/buuIEIQoosgELvoKpTwrovuvPMiu0oiOjGnudnUMnWS79fF9rDn+zl8z58dtu9g08fvXouGHSNspqS6oUqq2yUns1XilWpZkJMj10fe7zt34eLpQDDYcVa1M9Dt86tq84HR3pvDh8ZSO86/bH5dL+PeS9Mz/qnx3eN7pr93X404GnE0Fk+pqX3xeMrssy3tv+9EDdUztmU6lkZijpUs6YfteCKRUTPW39SYSFqOo2Yso1Ero6m4ppIZNa+YkZgahqFNjYKVDacfBZbvhp7Puq7MpN65bn1OXNfNv9iwidNDhc2df9ctOv93Kj0lbKKim3qDiD2UDqVDhedCPxCWiNhiSat45JvkrxH38Yg7d6nkH2/4R4KTR9++UVWvDNrZ+Xw2HaopzfvEI95CpqBQd54Kdvi0oDT/nzQW5/3ikV3l8/6y+To53FKUN8Qjk5clLrZMjB78MtU19GAhP+hTPdEVXJL/X/oXD9OzzxU6PwAAAAAAAAAArIWhP5VdvzfyA24PqGrTkn4hX+73gaXr861l1+drZW9tZfcdAAAAAIDtwskMRE3btpJ/WeS/yq/Hdv694smt3x+8v3PlMS1tNRPtH3KJrbBff1B87dkS0ygtZH71abXBNev8TlksPq3Ldqrm57f8mJO9H1+sup26X47PcsY2/q4EAAAAYCMsfuhvk2z4VTrbc+xepecEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMB2s4a/HJt4WK6l+WLn03KtSu8jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADASn4EAAD//xAR0Ao=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, 0x0)
r3 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r5 = dup(r4)
write$UHID_INPUT(r5, &(0x7f0000001980)={0x9, {"a2e3ad214fc752f91b2909094bf70e0dd038e7ff7fc6e5539b324c078b089b33393b6d1a0890e0878f0e1ac6e7049b0747959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31300d076d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x300}, 0x0)
syz_clone3(&(0x7f0000003dc0)={0x800, &(0x7f0000000440), &(0x7f0000000480), &(0x7f00000009c0), {0x15}, 0x0, 0x0, 0x0, 0x0, 0x0, {r3}}, 0x58)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r6, 0x0, 0x0)
getgid()
bpf$PROG_LOAD(0x5, 0x0, 0x0)

2.685819486s ago: executing program 2 (id=441):
pipe2(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r2, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = timerfd_create(0x0, 0x0)
timerfd_settime(r3, 0x3, &(0x7f0000000140), 0x0)
clock_adjtime(0x0, &(0x7f0000000000)={0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3b9ac9ff})
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x4, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b400000000000000dd0a00000000000073012000000000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x19, &(0x7f0000000000), 0xb5, 0x10, &(0x7f0000000000), 0x7, 0x0, 0xffffffffffffffff, 0x300}, 0x48)
timerfd_settime(r3, 0x3, &(0x7f0000000000)={{0x77359400}, {0x77359400}}, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000005280)=[{{0x0, 0x0, &(0x7f0000005180)=[{&(0x7f0000003e00)=""/4096, 0x1000}], 0x1}}], 0x1, 0x0, 0x0)
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000004100), 0x0, 0x20000040)
r4 = socket$inet6(0xa, 0x3, 0x7)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, &(0x7f0000000100)={@loopback, 0x800, 0x0, 0x2000000000903, 0x1}, 0x20)
setsockopt$inet6_int(r4, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x7fff, 0x4)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x4380000, @remote}, 0x1c)
sendmmsg$alg(r4, &(0x7f0000001840)=[{0x20000000, 0xff00, 0x0, 0x0, &(0x7f0000000040)=[@op={0x18, 0x29, 0x3, 0xffffff7f}], 0x18}], 0x1, 0x0)
close_range(r3, r1, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000000)=0xf89aa1fe87c73569, 0x4)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r4, 0x4040942c, &(0x7f00000001c0)={0x0, 0x2, [0xff, 0x4, 0x4, 0x4, 0xff, 0x28d36082]})
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r7, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="3400000000080102000000000000000000000000090001007379863000000000040004800600024000000000050003003a"], 0x34}}, 0x0)
sendmsg$IPCTNL_MSG_TIMEOUT_GET(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x20, 0x1, 0x8, 0x3, 0x0, 0x0, {}, [@CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x20}}, 0x0)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)

2.616098967s ago: executing program 4 (id=442):
socket$inet(0x2, 0x6, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x33, &(0x7f0000000040)=0x80000000, 0x1a)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r0, &(0x7f00000008c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=""/194, 0xc2}}], 0x1, 0x0, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x42, &(0x7f0000000100)=0x1e79, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x0, 0x4, &(0x7f0000000000)=@framed={{}, [@alu={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}]}, 0x0}, 0x90)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_wait_time\x00', 0x26e1, 0x0)
close(r1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0))
ioctl$SIOCSIFHWADDR(r1, 0x8b14, &(0x7f0000000000)={'wlan1\x00', @random="0100ffffffff"})
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
r3 = syz_open_procfs(r2, &(0x7f0000000000)='oom_score\x00')
syncfs(r3)
prlimit64(r2, 0xe, &(0x7f00000000c0)={0xa, 0x7fffffffffffffff}, 0x0)
sched_setscheduler(0x0, 0x0, &(0x7f0000000080)=0x5)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f066bbee6, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)

2.128594161s ago: executing program 4 (id=443):
syz_mount_image$fuse(0x0, &(0x7f0000000300)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000100)={@empty, 0x0, 0x0, 0x1, 0xc}, 0x20)
r0 = socket(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000640)={0x0, 0x0, 0x40}, 0x20)
r4 = syz_open_procfs(0xffffffffffffffff, 0x0)
lseek(r4, 0x401, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="2000000068000100000000000000000a000000000000000400040004000b00436274a344f77b1139d0529ff254a303293623ef6fe19604337a0dcb73"], 0x20}}, 0x0)
clock_getres(0xfffffffffffffff1, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
mmap(&(0x7f0000569000/0x4000)=nil, 0x4000, 0x9, 0x10010, r4, 0x2e010000)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x0, 0x40, &(0x7f00000014c0)=@nat={'nat\x00', 0x62, 0x5, 0x430, 0x188, 0xe0, 0xffffffff, 0x2a0, 0x0, 0x398, 0x398, 0xffffffff, 0x398, 0x398, 0x5, 0x0, {[{{@ip={@multicast2, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 'veth0_to_bond\x00', 'wg1\x00'}, 0x0, 0xa8, 0xe0, 0x0, {0x22e}, [@common=@unspec=@statistic={{0x38}}]}, @MASQUERADE={0x38, 'MASQUERADE\x00', 0x0, {0x1, {0x0, @multicast1, @remote, @icmp_id, @icmp_id}}}}, {{@uncond, 0x0, 0x70, 0xa8}, @REDIRECT={0x38, 'REDIRECT\x00', 0x0, {0x1, {0x0, @multicast1, @empty, @gre_key, @icmp_id}}}}, {{@ip={@broadcast, @multicast1, 0x0, 0x0, 'veth1_to_hsr\x00', 'ipvlan0\x00'}, 0x0, 0xe0, 0x118, 0x0, {}, [@common=@socket0={{0x20}}, @common=@osf={{0x50}, {'syz0\x00'}}]}, @DNAT0={0x38, 'DNAT\x00', 0x0, {0x1, {0x0, @private, @multicast2, @gre_key}}}}, {{@ip={@remote, @empty, 0x0, 0x0, 'veth1_to_batadv\x00', 'pim6reg\x00'}, 0x0, 0xc0, 0xf8, 0x0, {}, [@common=@ttl={{0x28}}, @common=@inet=@tcpmss={{0x28}}]}, @NETMAP={0x38, 'NETMAP\x00', 0x0, {0x1, {0x0, @remote, @broadcast, @icmp_id}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x490)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x10004, &(0x7f00000000c0), 0x0, 0x4c0, &(0x7f0000000540)="$eJzs3d9rXFUeAPDvnWSStJ1u0t3C/njZbtvdLpTOZLKk0IVlW/ZhF9aC2D+gxmQaQyaZkJnUJBRM/wUVLfggIvjki6DvRcRXfRH1QXzxSRAtFRF8GJk7kzZNMklImkzNfD5wuPfcO5nvORnu+c6cSe4JoGudioiViOiLiGcjYrB1PGmVuNwsjcfdv3drvFGSqNevfZek5xv1WPMzDcdazzkQEc/8N+K5ZGPc6tLy9Fi5XJpv1Qu1mblCdWn5wtTM2GRpsjQ7Mjx6abR4sVgsPra+vvRj7venP7j8rzeeeuvjt99bXEzW9HdtP3ZrZZNjza5nI7fmWG9E/H+vwZ4QPa3+9HW6IexKJiJ+GxGn0+t/MHrSVxMAOMzq9cGoD66tAwCHXePzfy6STL41F5CLTCafb87hnYyjmXKlWjt/o7IwOxHpHNZQZDM3psql4dbc2VBkk0a9mO4/rI+sq/8jIk5ExCv9R9J6frxSnujkGx8A6GLH1uX/H/qb+R8AOOQGOt0AAODAyf8A0H3kfwDoPvI/AHQf+R8Auo/8DwDdR/4HgK7y9NWrjVJfvf/1xM2lhenKzQsTpep0fmZhPD9emZ/LT1Yqk+k9e2a2e75ypTJ3MWYXFgu1UrVWqC4tX5+pLMzWrqf39b5eyh5IrwCArZz4890vkohY+eeRtMSatRzkajjcMp1uANAxPZ1uANAxVvuC7uUzPrDJEr1rZNv/idCd3cc09wCdde6P5v+hW8nB0L3M/0P3Mv8P3ateT6z5DwBdZjdz/Jf34X0I0Dlbf/+/xS1C9vD9PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPza5dKSZPKttcBzkcnk8xHHI2IossmNqXJpOCJ+ExGf92f7G/VipxsNAOxR5puktf7XucGzufVn+5Kf+tNtRLzw+rXXFsdqtfli4/j3D47X7rSOj3Si/QDAdlbz9GoeX3X/3q3x1XKQ7fn2SnNx0Y3xe6M33Q5ENiKO3k9a9abG+5WexxB/5XZE/GGz+EnkIo4MtVY+XR+/Efv4/sePh/Ezj8TPpOea28bv4nePoS3Qbe5eaS5ovvH6y8SpdLv59T+QjlB71378yzwY/3rajH+ndtrHjwb/1zb+7Yg/9W4+/qzGT9rEP7vD+F9Xvny53bn6mxHnNs0/ySOxCrWZuUJ1afnC1MzYZGmyNDsyPHpptHixWCwW0jnqwupM9Ub/fvWzF7fq/9E28Qe26f9fd9j/rz75z4d/2SL+389s/vqf3CJ+Iyf+bYfx3znz/vPtzjXiT7Tp/3av//kdxr/76bs/7/ChAMABqC4tT4+Vy6V5O3b2c6fvyWiGnZ3udHpkAvbbw4u+0y0BAAAAAAAAAAAAAADaOYh/J+p0HwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADi8fgkAAP//ZCDc4A==")
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x5, 0xa, 0x7, 0x0, 0x40}, 0x48)
mount$tmpfs(0x0, &(0x7f0000000080)='./file2\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000340)={[{@mpol={'mpol', 0x3d, {'interleave', '=static', @void}}}, {@mpol={'mpol', 0x3d, {'default', '=relative', @void}}}]})

2.067585481s ago: executing program 2 (id=444):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f00000015c0)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0)
syz_usb_ep_read(r1, 0x4, 0x1000, &(0x7f0000001640)=""/4096)
syz_usb_ep_write$ath9k_ep2(r1, 0x83, 0x10, &(0x7f0000002a80)=@ready={0x0, 0x0, 0x8, "f3c9782a"})
ioctl$sock_inet_SIOCSARP(0xffffffffffffffff, 0x8955, &(0x7f0000000140)={{0x2, 0x0, @empty}, {}, 0x4, {0x2, 0x0, @multicast2}, 'lo\x00'})
r2 = memfd_create(&(0x7f0000000180)='\x00\xac=W[[\x87\x12\x04\xd5\xbc\x80K\x06\xcd]4(\xa2\xee2>\xa1\x9c\x86x\x1c\x9f\x97\x87\xd9c\xecR\xd6\xe8\xf3Y\x121p^\xc1\x0f\x00\x00\x00\x00\x00\x00\x00t\x00\x00\x00\x00\x00\x00\x00\x05\x00\x00\x00\x00M\xc2N%\x93t[\xf3\xee\xa4\xb4\xfbf\x8dz7\\\x8e\xac\x18\x00\xfd\x89\xe1d\xfa\xcfb\xf3\xdc\xd4CY\x9a\xef\xa3\\\xa7\xa9^\xafL:[\x8e\x83U\xff\xfd\xb0\xfa\xdaL\xa99\x9b\xcfA\xe4n\xa0^\n\x1c\x84\x04\xc5a\xdf\xe5\xd4Hyn\xba:/\xa5\xf4\xaa\xfa\xcd\xc7T\x83\xf5N^\xf2n\xd0=\xb9\t\xdd-F\xacb\xac \xd3\xccj\x13\xa2\x9fLu\'\xed\x91\x867\xaa\xf5\xa0]\xb6\xaa\xea\xfd\xde\xa6\xec\b\x16\x86l:;\xf9\xdb\xcf\x88\"\xca\xe0E\xdb\xec\xf9\xb3\xed\a\x00\x00\x00\x00\x00\x00\x00\xd6.\xf7\x92\xc42\xdf\xefE\xce}\x1b\xda\xdd?\n6\xe1\xb1\xd8Y\x960\xd1\x00\x00\x00\x00\x00\x00MW\x8f\xc6\x82\xe4\x15\xf7\xe9\xd8\xc5b\x0e\x91\xc5\xc76$\x18\xa4\xbe\xe8V\x8d-\xe3\x8fC\xd5\xf5\xd6L\xe3\xce\xa1\x8dz\xce\xa7\xa5\xc8\xcbhM\x1b\xf8\x98\xc4\xfbD6\x88\xfd\xe5i\x8a\xd8\xcfm\x81Z\x19\xf0\xef\xc15\xe8\xcb\xf5\t\t\x00\x17\xfa\x1fqb\xe7\"\xcb4\xb8\xe5/\xd52\x17\x12\x1d\xd8\x87\xb9|\x8d\x83\xea\xcc\x94\xebZ\xae\xaf\x19\xa4\xb2\xc6\xe1\x926B\xb6\x89Z\xa9\xb5/\xbb\x9d&\xeeO\xb3\xb3\xd4\b`\xa9f\x84\xad\t\x1a\xc2\xd5\x88\xbfo\x80V\x93\x9fX\xd7\xff\x03\xb7J\xed\x183\xe3\x7f\xfaq,\xca\x06\xb0\xc9\x92\x93\xa5I\x89\xb7\x85\x90\xb7\x1b0\xce\xd7!\x8fD\x96\xe1 ^>\x9f\x04\x89<\xb7S\x7f\x1a\x88\xab$\xd3y\xc2\xe1\x99\xbch\xd3\x83\xcd\x7f\xc5n\xb1\xc1X \xe2\xbb\x1f\x01\x90\xb1O\x8d\x7f\xa8\xd4\xdbO\xef\x99\xf3\xd3M\x0f\t\x7f\n,\x84\x1f\xfa\xe2\xc8\x99\x97Oq\xae\x9b\x86h\xfa3\xb9\xfd\xbb\xd4^\xc0t\xa7]Y\xe9\x7f[\x11\xb1\xf3m\x17F\x9d\x18\xe2\xe1\x01\xb6f=-?\xbcI\xf2\xd9\xc4>-\xc0E\x9a\x82\xcc7S\xd4\xb6\'\xd2DY\xa5\x83,\xd1\xbc\xc7\xf6\xe0\x1f o\x06\xc2t\x14\xc2\xe0\x92\xc1\x8a\x85>@\xc9\xb0% \xc7\x13l\x8bJ\xe5\xec\x1dE\xf5\xc5\xe2\xe3\x10G7r#\xbc\x95&\x14\x1e\x97\xce\x83>Q@\xfb\xeb=\x1e\xb3\xd5H\x02\x86\xc6\xf3\xe1i\\\x1d\xf4\xc1\xacJC+\xc8}\x1b{\x86\x17\x00\n\"\xec\xa5x\xe6\xb1i\xeb\xb3\xb7I\x90\x9eai\xde\x01\xdc\xfeA\x05Sn\xe6\xe8^\xdf\x8c`\x17\xca\xbd\\QG\xb15\x82*=\xbd\xe9\xaf\x12<\xd7\xe1$\xa4\xdaU\xfb^\xd8!\xacxy\xd5X\xef\x03\xa7\x10\xa1C#S~\x0f\x17\t>X\\mv0\x9eZ\x89\xf4\xae\a\xc8\x16\xd2t\x16\xf3X%Q\xbd\xe9\x86V\xf2\x99^0\xe8xI(\xde-\x04s\x15\x06#2\xef\xef@\xa3t0d^^\xad\xf6\xad\xe0\x16\xf6\xa8\x99!\x0e\x9d+;D&\xebN\x94\x12\x04\x95o\xd6\x9fl\xcb\x16gc\xf5(\xaa_\xec\x9aiE\f\xd4\xc6\xf2\xae\x85n\x995\xcd\xa7\xbb\xf0pz\xaf\tC\x1cq\xaa\x92,Li\r\x95Z\x89\"\xaf]\x95\xb9b_\xe4\xba\xd4\x93\xab\xe1\xb9\xd8E[\xbb\xc9.M+\xbe\x81<z\xf2\xe8\xf4\x93\xe6h\x97\x7f\xaf\xc5\x06g\fI\xa58\xf5\x18x\xc9\xb9\x03\t\x06\x96gf5\xb0\xc8\x86\x14\xe2\x01\x1f\x80\xe7Ol\xba\x93\xaa\x15\x87I7W\x87\xc4;p\xc5\x1e\"K5r\xec6\xac\xf0;\xf8 \xad\xc9\xf0\x16\xce\x17\xa1%f\x12\x80\x03N[qz\xf0q\xbd\xb8s\xe5>N\xd2\xae\xf4\x18\xd0\xe7\x98\x90,\xce\ft\xc4\xc7\x02\xaa\xc7\xeb1;\x86b\x8f\x12{k#c\x1d@\xc31\x00\xd2}f\x8cX\xce\xed\xa4\xe4\xca`<_}\'\xce\x81\xb3O\xae\xa1\xbfwcN,\xf2#\x16\xc4\xad\a&\xb1U\x83w\xd0K\xaa\xdf\x84\xe5\xe4\xdb\xa3G(\x7fv\x93\xb8m\x96\xd89Kb\xa9\x852\xb9\xcaG\x8b\x11\x16\x16\xeeI\x14\xcb\xe4\x9a\x1e\xb6^\xa3\xaa^\xdc\xcfo\xfb\xd6<\xa2\xc6\xbdj\xc4\xb1B\xf3S}\xfeI\xe2e\xec}o\xcfB\xa6\x877\'\x80\x82\t\xec\xc1&\xb8\xa9\x82&\xb8XQ8M@\xaa\x1f\vj\x9aW\xec\x92\x19\xdb^\x9d\x94\x87-&\x00/z\xa2\xd7\x01\\\t\xae~\xed\no\x1a\x9cKG^+\xc9\xe0v\xc0\x96\xc4\xcc\xb7\xdd\xdf\xf9\x01\x91\xe5\to[\x97\xbe\x110\x93\x14\xf8\x8a\x8d\xeb\t\xe7?/C\xaa\xd9\xc4\xc9\xbe\x12\xed\xb3*f\xd1J\x14\x80Iy4\xa9\xf88C\xe3', 0x0)
write(r2, &(0x7f0000000140)='/', 0x1)
openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000100), 0x10000, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000c80)={'lo\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001280)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
sendfile(r2, r2, &(0x7f0000001000), 0x0)
ioctl$TUNSETTXFILTER(r0, 0x400454d1, &(0x7f0000000280))
r6 = socket$nl_rdma(0x10, 0x3, 0x14)
write$binfmt_script(r6, &(0x7f0000000980)={'#! ', './file0', [], 0xa, "33842de229"}, 0x10)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r7=>0xffffffffffffffff}, 0x0)
r8 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r8, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r9=>0x0})
bind$can_j1939(r8, &(0x7f0000000040)={0x1d, r9, 0x8000000000000003}, 0x18)
r10 = dup(r8)
syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0), r10)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r7}, 0x2c, {'wfdno', 0x3d, r10}, 0x2c, {[], [], 0x6b}})

1.041141078s ago: executing program 3 (id=445):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000500)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000140)=ANY=[@ANYRESHEX], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x37}, 0x90)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r5, 0xaf01, 0x0)
r6 = eventfd(0x0)
ioctl$VHOST_SET_VRING_KICK(r5, 0x4008af20, &(0x7f0000000040)={0x1, r6})
ioctl$VHOST_SET_VRING_KICK(r5, 0x4008af20, &(0x7f0000000cc0)={0x1})
syz_genetlink_get_family_id$ethtool(&(0x7f0000000340), r4)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f00000000c0)={0x0, @rand_addr, @remote}, &(0x7f0000000400)=0xc)
socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_BINDTODEVICE(r7, 0x1, 0x19, &(0x7f0000000440)='wlan0\x00', 0x10)
sendto$inet(r7, 0x0, 0x0, 0x20008802, &(0x7f0000000180)={0x2, 0x4e21, @multicast2}, 0x10)
sendto$inet(r7, &(0x7f0000000100)='J', 0xfdbe, 0x4004084, 0x0, 0x11000a00)

983.739049ms ago: executing program 4 (id=446):
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000003c0)={'lo\x00', <r4=>0x0})
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="7a3e67d6eb62a747180000000000000000000000000000009500000000000080"], 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r5}, 0x10)
r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IPT_SO_SET_REPLACE(r6, 0x0, 0x40, &(0x7f0000000780)=@filter={'filter\x00', 0x42, 0x4, 0x440, 0xffffffff, 0x0, 0x0, 0x0, 0xffffffff, 0xffffffff, 0x3a8, 0x3a8, 0x3a8, 0xffffffff, 0x5, 0x0, {[{{@ip={@multicast2, @private, 0x0, 0x0, 'wg1\x00', 'nr0\x00'}, 0x74000002, 0x168, 0x1b0, 0x1ba, {0x46010000, 0x2c000000000000}, [@common=@unspec=@conntrack3={{0xc8}, {{@ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', [], @ipv6=@ipv4, [], @ipv6=@mcast1, [], @ipv4=@multicast2}}}, @common=@addrtype={{0x30}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}, {{@uncond, 0x287, 0xe0, 0x108, 0x0, {}, [@common=@unspec=@cpu={{0x28}}, @common=@unspec=@limit={{0x48}}]}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x4}}}, {{@uncond, 0x0, 0xb0, 0xf0, 0x0, {}, [@common=@unspec=@connlimit={{0x40}}]}, @common=@inet=@TCPOPTSTRIP={0x40}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x4a0)
sendmsg$nl_route(r3, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)=ANY=[@ANYBLOB="4c00000010000100"/20, @ANYRES32=r4, @ANYBLOB="0000000000000000080004000300000024002b8008000800", @ANYRES32, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB='\f\x00\b'], 0x4c}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="b40500000000000061109a0000000000200000000000000095000000000000"], &(0x7f0000003ff6)='GPL\x00', 0xa, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000000c0), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90)
close(r2)
r7 = socket$inet6(0x10, 0x3, 0x0)
sendto$inet6(r7, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff3b, 0x0, 0x0, 0x0)
r8 = socket(0x1e, 0x0, 0x0)
connect$tipc(r8, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
write$binfmt_misc(r8, &(0x7f0000000080)=ANY=[], 0x2000011a)
socket$nl_generic(0x10, 0x3, 0x10)
recvmmsg$unix(r8, &(0x7f0000001440)=[{{&(0x7f0000000180)=@abs, 0x6e, &(0x7f0000000c40)=[{&(0x7f0000001680)=""/4096, 0x1000}, {&(0x7f0000000400)=""/76, 0x4c}, {&(0x7f0000002680)=""/4096, 0x1000}, {&(0x7f0000000100)=""/31, 0x1f}, {&(0x7f0000000300)=""/7, 0x7}, {&(0x7f0000000380)=""/48, 0x30}, {&(0x7f0000000480)=""/166, 0xa6}, {&(0x7f0000000680)=""/201, 0xc9}, {&(0x7f0000000540)=""/162, 0xa2}], 0x9, &(0x7f0000000d00)=[@cred={{0x1c}}], 0x20}}, {{&(0x7f0000000d40)=@abs, 0x6e, &(0x7f0000001300)=[{&(0x7f0000000dc0)=""/152, 0x98}, {&(0x7f0000000e80)=""/161, 0xa1}, {&(0x7f0000000f40)=""/158, 0x9e}, {&(0x7f0000001000)=""/43, 0x2b}, {&(0x7f0000001040)=""/239, 0xef}, {&(0x7f0000001140)=""/250, 0xfa}, {&(0x7f0000001240)=""/149, 0x95}], 0x7, &(0x7f0000001380)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xc0}}], 0x2, 0x20, &(0x7f00000014c0)={0x0, 0x989680})
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=ANY=[@ANYBLOB="600000000206010800000000000000000000000005000400000000000900020073797a31000000001400078005001500020000000800124000100000050005000a000000050001000600000012000300686173683a6e65742c706f7274"], 0x60}}, 0x0)
accept$inet(r8, 0x0, 0x0)
recvfrom$inet6(r7, &(0x7f0000000000)=""/41, 0x29, 0x0, 0x0, 0x0)
writev(0xffffffffffffffff, &(0x7f00000002c0)=[{&(0x7f0000000000)="48050000150019", 0x7}], 0x1)
write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc)
splice(r0, 0x0, r2, 0x0, 0x200000000622c, 0x0)

97.027868ms ago: executing program 1 (id=447):
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x2010480, &(0x7f00000001c0), 0x45, 0x76a, &(0x7f0000000fc0)="$eJzs3d9rW1UcAPDvTdt17aatIOh8KghaGEvtrJuCDxMfRHAw0Ge3kGZlNm1Gk461FNwQwRdBxQdBX/bsj/nmqz9e9b/wQTamdsOJD1K5adJla9KlW5MI+XzgNOfce9Nzvjn3nnuSe0kC6FsT6Z9MxKGI+CiJGKstTyJiqJobjDixud3t9bV8mpLY2Hjzj6S6za31tXw0PCd1oFZ4MiJ+fD/icGZ7veWV1flcsVhYqpWnKgvnp8orq0fOLeTmCnOFxWPTMzNHj79w/NjexfrXL6sHr3/82rPfnPjnvSeufvhTEifiYG1dYxx7ZSImaq/JUPoS3uXVva6sx5JeN4AHkh6aA5tHeRyKsRio5loY6WbLAIBOeTciNgCAPpM4/wNAn6l/DnBrfS1fT739RKK7brwSEfs3469f39xcM1i7Zre/eh109FZy15WRJCLG96D+iYj44ru3v0pTdOg6JEAzly5HxJnxie3jf7LtnoXdeq6NbSbuKRv/oHu+T+c/Lzab/2W25j/RZP4z3OTYfRD3P/4z1/agmpbS+d/LDfe23W6Iv2Z8oFZ6pDrnG0rOnisW0rHt0YiYjKHhtDy9Qx2TN/+92Wpd4/zvz0/e+TKtP328s0Xm2uDw3c+ZzVVyDxNzoxuXI54abBZ/stX/SYv576k263j9pQ8+b7UujT+Nt562x99ZG1cinmna/3fuaEt2vD9xqro7TNV3iia+/fWz0Vb1N/Z/mtL66+8FuiHt/9Gd4x9PGu/XLO++jp+vjP3Qat3942++/+9L3qrm99WWXcxVKkvTEfuSN7YvP3rnufVyffs0/smnmx//O+3/6XvCM23GP3j9968fPP7OSuOf3VX/7z5z9fb8QKv62+v/mWpusraknfGv3QY+zGsHAAAAAAAAAAAAAAAAAAAAAAAAAO3KRMTBSDLZrXwmk81u/ob34zGaKZbKlcNnS8uLs1H9rezxGMrUv+pyrOH7UKdr34dfLx+9p/x8RDwWEZ8Oj1TL2XypONvr4AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg5kCL3/9P/Tbc69YBAB2zv9cNAAC6zvkfAPrP7s7/Ix1rBwDQPd7/A0D/cf4HgP7j/A8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECHnTp5Mk0bf6+v5dPy7IWV5fnShSOzhfJ8dmE5n82Xls5n50qluWIhmy8ttPxHlzYfiqXS+ZlYXL44VSmUK1PlldXTC6Xlxcrpcwu5ucLpwlDXIgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA9pVXVudzxWJhSUZGRmYr0zhKjPRugAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4n/svAAD//9EyKso=")
socket$inet_udp(0x2, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x4, 0xd6c9, 0x8001, 0x8, 0x100, 0x1, 0xfffffff7, '\x00', 0x0, r0, 0x0, 0x1, 0x5}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
mount$bpf(0x0, 0x0, &(0x7f0000000180), 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r5 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
ioctl$SNDRV_TIMER_IOCTL_TREAD(r5, 0x400454a4, 0xfffffffffffffffe)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
listxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000100)=""/41, 0x29)

0s ago: executing program 3 (id=448):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000600)=@newlink={0x44, 0x10, 0x503, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x50100}, [@IFLA_LINK, @IFLA_VF_PORTS, @IFLA_NET_NS_FD, @IFLA_PHYS_SWITCH_ID={0x0, 0x24, "78a6885a6a1c6bebc9e1dc2542ba4a1fda5a901d"}]}, 0x44}}, 0x0)
r1 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x4, 0xc}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='mm_page_alloc\x00', r3}, 0x10)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r1, 0x0, 0x0)
r5 = openat$cgroup_int(r4, &(0x7f0000000080)='cgroup.max.depth\x00', 0x2, 0x0)
sendfile(r5, r5, 0x0, 0x10000a006)
syz_open_dev$usbfs(0x0, 0xa37, 0x2)
syz_usb_connect(0x0, 0x3d, &(0x7f0000000200)={{0x12, 0x1, 0x0, 0xee, 0xa, 0xca, 0x10, 0x1b80, 0xc161, 0xce43, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2b, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x39, 0x52, 0xea, 0x0, [@uac_control={{0xa, 0x24, 0x1, 0x80, 0x1}}], [{{0x9, 0x5, 0x0, 0x0, 0x10, 0xd, 0x6, 0x5, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0xf2, 0x7}]}}]}}]}}]}}, 0x0)
r6 = socket$tipc(0x1e, 0x4, 0x0)
connect$tipc(r6, &(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x5}}, 0x10)
getsockopt$MRT(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000c00), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r9=>0x0})
sendmsg$NL80211_CMD_ABORT_SCAN(r7, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)={0x1c, r8, 0xd9b2794f6a139537, 0x0, 0x0, {{}, {@val={0x8, 0x3, r9}, @void}}}, 0x1c}}, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e020023000b02d25a806f8c6394f96f24fc60040f030047000000053582c137153e370248018000f01700d1bd", 0x2e}], 0x1}, 0x0)
r10 = memfd_create(&(0x7f0000000d00)='Y\xff\xff\x00\x00\x00\x00\x00K\xb2\x02\x80B\xe9\xe8\xcc\xde\x06\x00l\xa8\x1aJ\xaf\xb2M\xba\xb8_\x05U\xcd<|>\x9e\xec^\x0e\xbe\x18+-\x9b\x893\x02\x00\xa6\x1f+\xb3\xc5\x90z5\xe0\xdfi\xb7\x9f\xb4QW\xc9\xc9\x92\x03\t\x00\x00\x00\x00\x00\xb2\x0f\xee\xbe\f8\xcc\x7f\x00\x00\x00Z\x81\x00\x00\x00\x00\x18I\x13\xf1\xa2x\x04\x81R\xd45R\xae\x05\x00\x00\x00\x00\x00\x00\x00_M^dQ:\xbc\xafq\x88\x19nSF|;]\xe1A\x8c\x8a\x98\xd7|\xdcLF\r\xb1\xfd\xbf!\xc7u\xccP\xdd\x13~\x89\xcf\x85\xca\xa0%\xc6\xc7\x11\x00\x00\x00\x00\x00\x00\x00?M9\\\av~\'\xd9\xb0\xacdya]8\x9d\xb7\v\xf39\xc5{\x9c!\x0f/\xb8o8\xb9\x8d\x19\xe2\xca\x01y\x83\xe7\ng\x87\xd93<u\xbe\xeag\xd2\x04e\xf2s\xde}o#\x90\xda\x9cs,r\xfd:\xcb\xc7\vTmPZJ\xac\x8b\xd0\xc0\xbcRK\xcb\x1e8\xce\xbd[N\xb0\xb4<\xeb\x86[\xec\x8f\x14\n\x83\x9e&\\\xb7!\xed\xa0\xc3,\x90m\x0f\x00\x00\x00\x00\x00\x00\xff\xd0\xb3\x94\x00\x00\x00\x00\x00\x00\x00\x9dH\xf8\xffRo\xa3W\xe1\xed\x8eS\xaeX\x93\x7f\xd3\xb9\x84Q\x9c\"\xd9\xf5\xe4e\xf9\xcam\xe3\x03\xe4\xad\xd5&A\x02\xc8\xa9\xfe\xcb\x87\xd9\xd3\x8c\f\xc08T~\xc4\xbd\x90?\x1f\x9c\x9b0\x19 \x9f\xd1p`\xc0/\x00u\x19\x1d\xac\xe8%\xb7\t\x9f4\xbb\x89\xe9\xc1\x81\xb0\xd6\xf7\x90\x1f\x94\x01M.\x16\x05\x16\xb9\xe9\xdc~\xd3-s\xe6;\x94\x1c^\x06\xdav;\xccD\x95sj\xe0\xd5\xbeS\xac\xe5N\xea\x9eyl[[\xce5\xee\x05\x9c\x96\xabJ^c\xf7\x19\xb4\xd8\xe4\x87\x9dp\xea?/\xcb\x9a\xaa5\'Q\fuG\x81\x8a@\x97M=v\xfe\a\xabp\xf3\x93\x9d\x7f@9\xc0\xd2\xf1\x00\x10\x00\x00\x00\x00\x00\x00\x82\x13\xb2\xa9\xef\xa5\xf8\x8bk\xb3\x9ev\x92\x0e\xd1\x1f\x17Dx[\xad\xb0\x9d/\x96\xe42mO\x9fh\xea\xf3\x14\xcd\x96\x89_)\x1b\xe2\xd6\b\x94b\xaf;\x92T\xafz\x94\x9fG\xfb\xfd|$k\x03\xd7;\x9ay\xee\xf9W?\xb3\xf9\xf8I.E4\xc3eWq\xfa\":$\xd0\x17Q\x94\xf5\xe5mk\x8e&\xf1;#z\xef*\xce\x99\x04\xb9\x90\xbc\xc9#-\x8di\xae\xc5\xdf\x13\xd2K\x8b\xf5\f\xb2x\xdd\xd5\xb4\xa9^~O<\x12\xe3\xc3P|7\xc4\xc8\xb1r0Z\x98\x87^\xc8C\x1b\x96\xb4lsyF\xc5\xbc\xffOE\xe9\xd70\xe7\xfep\x83\xa7\xa1\xd9\xe4\xba\x92\x17\xbf\xe0\xe1\x01\xb7\x8b\x18j\x19n\xc8\xff\xe9\xf4\xf4\xcf a\xd7_w\x0f\x9dF\xae\xccA-/\x83\xabU\xd5\xbf8\xa4O\xb4\xef\xc8\xccH\xd1=\xbe\xbex\xb5-\x05\x01\x11\xfa\xcf\x1dm\xb5X\xe9\xb5O\x15\xc7;Lb\xce\x1a\xcc\x98\xe8\xe9e\xe0\xc2N\xe7\xd7\x1d\x92\x87F8\x9e\xf7\xdd\xdaW\xf5X\x80\xa0f\xceo\xd8\x7f\xc0\x96\bSB\xce&\x04$\xc3\xe31U\x84\x82\xf0{i\x1d\x02\x10\xc6C\x01^\xcf\x93?w\x01\x84\xa0\xd6\xa2\x10\xa4\xfcG\xabD\xd6dGZ\xb2Cx\x1b\xfdD9\x17\xe6\xcauM\xe3\x05)\xe2\x03\xe2j$F1n@\xde\n9t.[\xad\xb5\f<o\xdb\xa4\x90\xc4\xd0I\xa6\x96\xa1\x00\xbb\xdd\x94\x00t/1YekG\x7f\xbdrI\x1e\x8a4=\xa2\xe9\x82<\x9e|\xf5\xa4\x05#\x7f\xa8\x01\x00\x82ih\xf9?\x03Q\xf5\xc4\x95\x99 \xa7v~:$\x02O\xe3\xaa\x1f\x00\xebh\'\xd2q\x10\x1e\x94n\xd7w\xb1\xc8G\x89\xf4\x8ct\xf9R\x85\x1b8OE\x04\x9a\xd8\x80\x10x\xbf\n0\b,r\xc6r\xf7=\xfe\xc1\x16\xe6\xee\xbb:-h\xba\x8b\x14\x9a?\x8e\x03;\xe5\x04\xd8\xa9\x9a\xd3\x05(\x7f|\xadU\xafe\x87V.i4$6U,R\x9b\n{\'\xfe1\xc4\xb09\x96{\xc0e\xa1\xe7\xa9\xb4\x1a\n\xf5\xd7zuvz\x972\xd4\xfb\x13u2\xab\x18\x01~r\xbbcW!)\xf4\x9b\x1dI\x9ex;\xb2\xe3I\xbd\x16T\xb75\xa6\a\xb7\xa1\x8d\xc9\x12\xb1\xbd\xbc\xd9c\xe9\xe6k\xee\x06\x83\xf4\xab\x18\x038\x8f\xc9^\x0f\xab\xea&P\b\xef#\xf6\xc3\xfc\xd4\xa0\xfd\x15N\xd3\xa0\x80\x9f\bU\xa63\xf6\xc9\xecZ`\xa4\xa0(\xf9\x98B\xaf\xde*\x91\xddk\xa1`d\xf0\x97\xc9e\xc1\"EC\x9a?x\x89\x8d\xb3\xfaF}\x82D\xf8\f\xf1`\x90D\xd1|%(\xd8\t\xea\x00C\xce\x7fo+?v\xee\xc6bL\x1d\xbe\x84p\x8d\xa3\xec\xf7\xe0\xfe\x8c=<\xf2\x1f@\xe66E\xa7\x9c\xd3\xb6\xf5\xe0\x14\xb8\xd4`\x85\xe3;\x8c\xf8\xf2\xd9)\x0e\xd0\xff\xa5K\xf3\xf1\xc4\x18\xf4Z\xdci\x91\x84\xe8\xb7\x10\x90\xbc\xect\x14\xdfR\xe2\x80\xf8a\x92\xb2R\xdf0\xcaQ\xdf\x87\xbdjp\x1ch3h\xcf<\x82\x97\xa5s/m\xb2\x1dd\xf7\xfc\xf5\xa9\x1d\xd34{\xcc\x1f\t,i\x16\x82\xad\x8e\xb6\x17\x0f\xaa\x85^/w\xbb~\xff\xce\x92\x90\x83\n\xe5\x14\x95\x92|\xfe-S%\x91i\xafh\x97z\x00@K\xbb\xc2\fcD\xff\xdcl\xa1\xfaR\xbc\xd0k\\\x92\x19a6Sv\x05%{\xe2\xe9\xf1\xddRB$8\xb0q9\xa1g&\x17\xe5P\xef\xb1<\xb6\xe2\xb2\xc06^\x0f4\xba\x10\xba\x00\x00\x00\x00\x00\x00\x00\x00\xef\xba\"\xb7\xc7~T\xc4Ei\xfdk\xa9\"F\xa9C\xa0\xd3\xa0\x1b\xbf\x13\xfb\x14S<\xa6\n5\x86\x9e\xb2=8\'g`\x8f\xa8\x027\xbd\xb5s\xe9dti\xc0\xbd\\H\xe5v\xdd\x0fP\x8b+-\x02i\x8eZU\xa8YB\xfc\xc2R7\xe9\x11\x06\x1aRd\xa93\xa1\\\xf4_s\xf7\xe8+\xbdg\x13\xaea\x04\xd8\x82\xf6\x90\xaf1\x86b\x81J\xb7E\xb0\xe2\xd6\x93S\xb3\x98\xcb\xf9\xde=\xd6T\x8d\xea\xab\xa9Z!\xd3-\xa6_\xc4\xa4\xb6+\x89\xdc]O<g\x06~\x12W\x86\x06\xba\x15#\xa7Q\xffa\x926>\xf0y\xd6\xb0\xf2\x9f\xa7\xcf\xad\x86\\\xec\xec\xd6\x9d\bT\xcd\xa2\xea', 0xe)
r11 = fcntl$dupfd(r10, 0x0, r10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000140)={@map, 0xffffffffffffffff, 0x20, 0x20, 0xffffffffffffffff, @prog_id}, 0x20)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x11, r11, 0x0)
ftruncate(r11, 0x1000000)

kernel console output (not intermixed with test programs):

.760023][ T5442] 8021q: adding VLAN 0 to HW filter on device bond0
[  103.772594][ T5478] veth1_vlan: entered promiscuous mode
[  103.795777][ T5442] 8021q: adding VLAN 0 to HW filter on device team0
[  103.817170][ T1284] bridge0: port 1(bridge_slave_0) entered blocking state
[  103.824319][ T1284] bridge0: port 1(bridge_slave_0) entered forwarding state
[  103.854361][ T5478] veth0_macvtap: entered promiscuous mode
[  103.880891][ T1284] bridge0: port 2(bridge_slave_1) entered blocking state
[  103.888083][ T1284] bridge0: port 2(bridge_slave_1) entered forwarding state
[  103.906574][ T5478] veth1_macvtap: entered promiscuous mode
[  103.938804][ T5478] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  103.962604][ T5478] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  103.973479][ T5478] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  103.984719][ T5478] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  103.995419][ T5478] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  104.006339][ T5478] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  104.018660][ T5478] batman_adv: batadv0: Interface activated: batadv_slave_0
[  104.040763][ T5478] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  104.053475][ T5478] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  104.064013][ T5478] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  104.075625][ T5478] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  104.088108][ T5478] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  104.099395][ T5478] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  104.112397][ T5478] batman_adv: batadv0: Interface activated: batadv_slave_1
[  104.126102][ T5478] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  104.135428][ T5478] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  104.158758][ T5478] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  104.167953][ T5478] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  104.198529][ T5442] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  104.309038][ T1078] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  104.334921][ T1078] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  104.383269][ T5328] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  104.400385][ T5328] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  104.497964][ T5442] 8021q: adding VLAN 0 to HW filter on device batadv0
[  104.574760][ T5442] veth0_vlan: entered promiscuous mode
[  104.586111][ T5770] loop4: detected capacity change from 0 to 128
[  104.612320][    C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  104.641951][ T5442] veth1_vlan: entered promiscuous mode
[  104.713061][ T5230] Bluetooth: hci5: sending frame failed (-49)
[  104.716054][ T5774] FAT-fs (loop4): FAT read failed (blocknr 234)
[  104.740907][ T5237] Bluetooth: hci5: Opcode 0x1003 failed: -49
[  104.765246][ T5775] xt_hashlimit: overflow, try lower: 3/0
[  104.844490][ T5442] veth0_macvtap: entered promiscuous mode
[  104.873397][ T5442] veth1_macvtap: entered promiscuous mode
[  104.911572][ T5442] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  104.926086][ T5442] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  104.944148][ T5781] FAT-fs (loop4): FAT read failed (blocknr 234)
[  104.945854][ T5442] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  104.965974][ T5442] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  104.980024][ T5442] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  104.992992][ T5442] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  105.007010][ T5442] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  105.025897][ T5442] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  105.067336][ T5236] usb 4-1: new low-speed USB device number 3 using dummy_hcd
[  105.078743][ T5442] batman_adv: batadv0: Interface activated: batadv_slave_0
[  105.123626][ T5442] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  105.136420][ T5442] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  105.156613][ T5442] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  105.195083][ T5442] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  105.221911][ T5442] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  105.235093][ T5442] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  105.285902][ T5442] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  105.306692][ T5236] usb 4-1: config 168 descriptor has 1 excess byte, ignoring
[  105.319494][ T5236] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt
[  105.344888][ T5442] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  105.357355][ T5236] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  105.370942][ T5442] batman_adv: batadv0: Interface activated: batadv_slave_1
[  105.381183][ T5236] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10
[  105.455801][ T5236] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  105.472654][ T5236] usb 4-1: config 168 descriptor has 1 excess byte, ignoring
[  105.484508][ T5236] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt
[  105.495233][ T5236] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  105.511776][ T5236] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10
[  105.525094][ T5236] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  105.549152][ T5236] usb 4-1: config 168 descriptor has 1 excess byte, ignoring
[  105.556565][ T5236] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt
[  105.574682][ T5236] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  105.593342][ T5236] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10
[  105.622319][ T5442] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  105.643091][ T5236] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  105.669579][ T5442] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  105.691295][ T5236] usb 4-1: string descriptor 0 read error: -22
[  105.701585][ T5236] usb 4-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  105.710804][ T5236] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  105.722439][ T5442] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  105.767670][ T5442] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  105.770030][ T5236] adutux 4-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  105.911099][ T5328] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  106.079132][ T5328] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  106.149658][ T5236] usb 4-1: USB disconnect, device number 3
[  107.780290][ T5328] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  108.803158][ T5328] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  108.877031][ T5820] loop4: detected capacity change from 0 to 2048
[  108.916400][ T5820] EXT4-fs (loop4): couldn't mount as ext3 due to feature incompatibilities
[  108.958804][ T5230] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  108.973086][ T5230] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  109.215606][ T5230] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  109.238324][ T5230] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  109.247542][ T5230] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  109.255981][ T5230] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  110.880534][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  110.957116][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  111.000370][ T5821] loop2: detected capacity change from 0 to 512
[  111.115353][   T73] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  111.124928][   T73] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  111.154356][ T5821] loop2: detected capacity change from 0 to 512
[  112.957560][ T5230] Bluetooth: hci0: command tx timeout
[  112.969411][ T5821] EXT4-fs: error -4 creating inode table initialization thread
[  113.015249][ T5821] EXT4-fs (loop2): mount failed
[  113.631192][ T5328] bridge_slave_1: left allmulticast mode
[  114.281626][ T5328] bridge_slave_1: left promiscuous mode
[  115.245561][ T5328] bridge0: port 2(bridge_slave_1) entered disabled state
[  115.804630][ T5230] Bluetooth: hci0: command tx timeout
[  115.927739][ T5328] bridge_slave_0: left allmulticast mode
[  115.946965][ T5328] bridge_slave_0: left promiscuous mode
[  115.953717][ T5328] bridge0: port 1(bridge_slave_0) entered disabled state
[  116.031326][ T5873] loop2: detected capacity change from 0 to 2048
[  116.113831][ T5873]  loop2: p1 < > p4
[  116.156090][ T5873] loop2: p4 size 8388608 extends beyond EOD, truncated
[  116.357593][ T5279] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  116.627451][ T5279] usb 2-1: Using ep0 maxpacket: 16
[  116.665845][ T5279] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  116.827934][ T5279] usb 2-1: config 1 has no interface number 1
[  116.912667][ T5279] usb 2-1: config 1 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  117.014078][ T5279] usb 2-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0
[  117.040303][ T5279] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  117.109469][ T5279] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  117.148406][ T5279] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  117.170061][ T5279] usb 2-1: Product: syz
[  117.484454][ T5279] usb 2-1: Manufacturer: syz
[  117.498364][ T5279] usb 2-1: SerialNumber: syz
[  118.153726][ T5230] Bluetooth: hci0: command tx timeout
[  118.944458][ T5916] loop4: detected capacity change from 0 to 164
[  118.944496][ T5917] loop2: detected capacity change from 0 to 4096
[  119.051141][ T5916] rock: corrupted directory entry. extent=41, offset=65536, size=8
[  119.255407][ T5328] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  119.320720][ T5328] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  119.511867][ T5328] bond0 (unregistering): Released all slaves
[  120.157256][   T29] kauditd_printk_skb: 44 callbacks suppressed
[  120.157302][   T29] audit: type=1800 audit(1723792715.645:59): pid=5927 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.94" name="bus" dev="loop2" ino=33 res=0 errno=0
[  120.247149][ T5230] Bluetooth: hci0: command tx timeout
[  120.292070][   T29] audit: type=1800 audit(1723792715.685:60): pid=5928 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.94" name="bus" dev="loop2" ino=33 res=0 errno=0
[  120.755750][ T5279] usb 2-1: found format II with max.bitrate = 0, frame size=0
[  120.948190][ T5279] usb 2-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[  121.357126][ T5279] usb 2-1: USB disconnect, device number 2
[  121.399442][ T5941] loop2: detected capacity change from 0 to 512
[  121.484980][ T5245] udevd[5245]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  121.526726][ T5939] loop4: detected capacity change from 0 to 4096
[  121.542665][ T5949] loop1: detected capacity change from 0 to 1024
[  121.609420][ T5941] sock: sock_set_timeout: `syz.2.96' (pid 5941) tries to set negative timeout
[  121.615582][ T5939] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512).
[  121.656104][ T5941] virtio-fs: tag <(null)> not found
[  121.760578][ T5955] 9pnet_fd: Insufficient options for proto=fd
[  121.897285][  T128] hfsplus: b-tree write err: -5, ino 4
[  121.952792][ T5939] ntfs3: loop4: Failed to initialize $Extend/$Reparse.
[  122.168887][ T5963] loop2: detected capacity change from 0 to 128
[  123.147342][ T5328] hsr_slave_0: left promiscuous mode
[  123.185048][ T5328] hsr_slave_1: left promiscuous mode
[  123.196095][ T5328] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  123.216016][ T5328] batman_adv: batadv0: Removing interface: batadv_slave_0
[  123.226826][ T5328] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  123.234396][ T5965] ntfs3: loop4: ino=1b, "file0" attr_set_size
[  123.235489][ T5965] ntfs3: loop4: Mark volume as dirty due to NTFS errors
[  123.252238][ T5328] batman_adv: batadv0: Removing interface: batadv_slave_1
[  123.335305][ T5328] veth1_macvtap: left promiscuous mode
[  124.083191][ T5328] veth0_macvtap: left promiscuous mode
[  124.117162][ T5328] veth1_vlan: left promiscuous mode
[  124.143638][ T5328] veth0_vlan: left promiscuous mode
[  125.197588][ T5991] loop3: detected capacity change from 0 to 2048
[  125.204782][ T5991] udf: Bad value for 'anchor'
[  127.367892][ T6016] 9pnet: Could not find request transport: frþ_	DŽm6âó�JW#*#
•nôqk¤ˆ‡¿w4ª²¨’äɪñ{3‚n“¼ˆ­H7�Û×Ë~âúGCéjÍa“û
[  127.367892][ T6016] Ÿ©°�Î9…&�)Æ.ú Àøaï+(ËsåJQ
[  127.754593][ T5890] coredump: 116(syz.4.84): written to core: VMAs: 39, size 99651584; core: 74585310 bytes, pos 99659776
[  127.780618][ T6019] loop4: detected capacity change from 0 to 8
[  127.858071][ T6019] SQUASHFS error: Failed to read block 0x2d5: -5
[  127.887326][ T6019] unable to read xattr id index table
[  128.054627][ T6022] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  128.201774][ T6024] capability: warning: `syz.4.110' uses deprecated v2 capabilities in a way that may be insecure
[  128.408051][ T5328] team0 (unregistering): Port device team_slave_1 removed
[  128.851771][ T5328] team0 (unregistering): Port device team_slave_0 removed
[  128.974916][ T6026] loop4: detected capacity change from 0 to 512
[  129.052671][ T6026] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[  129.087369][ T6026] EXT4-fs (loop4): 1 truncate cleaned up
[  129.125659][ T6026] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  129.231249][ T6026] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.561286][ T6034] loop4: detected capacity change from 0 to 512
[  129.655818][ T6034] EXT4-fs (loop4): orphan cleanup on readonly fs
[  129.699460][ T6034] Quota error (device loop4): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0
[  129.723861][ T6034] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0
[  129.756406][ T6034] EXT4-fs error (device loop4): ext4_acquire_dquot:6848: comm syz.4.113: Failed to acquire dquot type 1
[  129.815816][ T6034] EXT4-fs (loop4): 1 truncate cleaned up
[  129.823062][ T6034] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  129.904475][ T6034] 9pnet_fd: Insufficient options for proto=fd
[  129.985411][ T5825] chnl_net:caif_netlink_parms(): no params data found
[  130.054076][ T5234] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.577244][ T5825] bridge0: port 1(bridge_slave_0) entered blocking state
[  130.628263][ T5825] bridge0: port 1(bridge_slave_0) entered disabled state
[  130.635597][ T5825] bridge_slave_0: entered allmulticast mode
[  130.672885][ T5825] bridge_slave_0: entered promiscuous mode
[  130.787342][ T5825] bridge0: port 2(bridge_slave_1) entered blocking state
[  130.871019][ T5825] bridge0: port 2(bridge_slave_1) entered disabled state
[  130.888467][   T29] audit: type=1326 audit(1723792726.695:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6049 comm="syz.2.117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fa3b799b9 code=0x7ffc0000
[  131.640230][ T5825] bridge_slave_1: entered allmulticast mode
[  131.646826][ T5825] bridge_slave_1: entered promiscuous mode
[  131.693579][   T29] audit: type=1326 audit(1723792727.455:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6049 comm="syz.2.117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fa3b799b9 code=0x7ffc0000
[  132.431980][   T29] audit: type=1326 audit(1723792727.455:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6049 comm="syz.2.117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f4fa3b799b9 code=0x7ffc0000
[  132.697595][   T29] audit: type=1326 audit(1723792727.455:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6049 comm="syz.2.117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fa3b799b9 code=0x7ffc0000
[  132.837577][   T29] audit: type=1326 audit(1723792727.455:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6049 comm="syz.2.117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fa3b799b9 code=0x7ffc0000
[  132.919483][   T29] audit: type=1326 audit(1723792727.485:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6049 comm="syz.2.117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f4fa3b799b9 code=0x7ffc0000
[  132.998083][   T29] audit: type=1326 audit(1723792727.485:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6049 comm="syz.2.117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fa3b799b9 code=0x7ffc0000
[  133.027159][   T29] audit: type=1326 audit(1723792727.485:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6049 comm="syz.2.117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fa3b799b9 code=0x7ffc0000
[  133.163378][ T6080] loop4: detected capacity change from 0 to 512
[  133.315190][ T1268] ieee802154 phy0 wpan0: encryption failed: -22
[  133.322734][ T1268] ieee802154 phy1 wpan1: encryption failed: -22
[  133.367402][ T6080] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  133.381044][ T6080] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  133.395224][ T6080] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (43171!=33349)
[  133.405284][ T6080] EXT4-fs (loop4): group descriptors corrupted!
[  134.041176][ T5825] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  134.099889][ T5825] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  134.202555][ T6087] loop3: detected capacity change from 0 to 512
[  134.989963][ T5328] IPVS: stop unused estimator thread 0...
[  135.044388][ T6087] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  135.057061][ T6087] ext4 filesystem being mounted at /29/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  135.304099][ T5228] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.406238][ T5825] team0: Port device team_slave_0 added
[  135.446863][ T5825] team0: Port device team_slave_1 added
[  135.671257][ T6100] fuse: Unknown parameter 'fd0xffffffffffffffff'
[  136.515621][ T6103] loop3: detected capacity change from 0 to 512
[  136.561675][ T5825] batman_adv: batadv0: Adding interface: batadv_slave_0
[  136.578221][ T6103] EXT4-fs (loop3): orphan cleanup on readonly fs
[  137.320304][ T5825] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  137.382402][ T6103] __quota_error: 1 callbacks suppressed
[  137.382421][ T6103] Quota error (device loop3): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0
[  137.444407][ T6103] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0
[  137.445635][ T5825] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  137.474621][ T6103] EXT4-fs error (device loop3): ext4_acquire_dquot:6848: comm syz.3.124: Failed to acquire dquot type 1
[  137.507139][ T5825] batman_adv: batadv0: Adding interface: batadv_slave_1
[  137.531331][ T5825] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  137.606474][ T5825] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  137.636142][ T6103] EXT4-fs (loop3): 1 truncate cleaned up
[  137.656216][ T6103] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  137.736113][ T6098] 9pnet_fd: Insufficient options for proto=fd
[  137.760151][ T5825] hsr_slave_0: entered promiscuous mode
[  137.789952][ T5825] hsr_slave_1: entered promiscuous mode
[  137.850341][ T5825] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  137.894404][ T5825] Cannot create hsr debugfs directory
[  137.939084][ T6119] loop1: detected capacity change from 0 to 512
[  137.957655][ T6119] EXT4-fs: Ignoring removed oldalloc option
[  138.054620][ T6119] EXT4-fs (loop1): orphan cleanup on readonly fs
[  138.084730][ T5228] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.246205][ T6119] EXT4-fs error (device loop1): ext4_xattr_inode_iget:440: inode #11: comm syz.1.128: missing EA_INODE flag
[  139.377813][ T6119] EXT4-fs error (device loop1): ext4_xattr_inode_iget:445: comm syz.1.128: error while reading EA inode 11 err=-117
[  139.533673][ T6119] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2862: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  139.580512][ T6119] EXT4-fs error (device loop1): ext4_xattr_inode_iget:440: inode #11: comm syz.1.128: missing EA_INODE flag
[  139.807336][ T6119] EXT4-fs error (device loop1): ext4_xattr_inode_iget:445: comm syz.1.128: error while reading EA inode 11 err=-117
[  140.468459][ T6119] EXT4-fs (loop1): 1 orphan inode deleted
[  140.475238][ T6119] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  141.462702][ T6153] loop2: detected capacity change from 0 to 1024
[  141.585265][ T5442] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.734801][ T6153] hfsplus: request for non-existent node 1280 in B*Tree
[  141.774126][ T6153] hfsplus: request for non-existent node 1280 in B*Tree
[  141.845428][ T6159] hfsplus: request for non-existent node 1280 in B*Tree
[  141.866191][ T6159] hfsplus: request for non-existent node 1280 in B*Tree
[  143.598126][ T5825] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  143.643813][ T5825] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  143.673624][ T6179] loop3: detected capacity change from 0 to 16
[  143.728719][ T5825] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  143.782514][ T6179] erofs: (device loop3): mounted with root inode @ nid 36.
[  143.799388][ T6182] loop1: detected capacity change from 0 to 512
[  143.813200][ T5825] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  143.836972][ T6182] EXT4-fs (loop1): blocks per group (71) and clusters per group (20800) inconsistent
[  143.845436][ T6179] overlayfs: missing 'lowerdir'
[  144.382223][ T6190] evm: overlay not supported
[  145.738590][ T5825] 8021q: adding VLAN 0 to HW filter on device bond0
[  145.759624][ T5825] 8021q: adding VLAN 0 to HW filter on device team0
[  145.782601][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  145.789800][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  145.851559][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  145.858767][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  145.985853][ T6202] syz.3.142[6202] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  145.985948][ T6202] syz.3.142[6202] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  145.999649][ T6202] syz.3.142[6202] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  146.872254][ T5825] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  147.108326][ T6222] loop1: detected capacity change from 0 to 512
[  147.174746][ T6222] EXT4-fs (loop1): blocks per group (71) and clusters per group (20800) inconsistent
[  148.590813][ T5825] 8021q: adding VLAN 0 to HW filter on device batadv0
[  149.544759][ T5825] veth0_vlan: entered promiscuous mode
[  149.573721][ T6215] netlink: 12 bytes leftover after parsing attributes in process `syz.4.146'.
[  149.675741][ T5825] veth1_vlan: entered promiscuous mode
[  149.774433][ T5825] veth0_macvtap: entered promiscuous mode
[  149.831526][ T6226] loop3: detected capacity change from 0 to 32768
[  149.852620][ T6226] XFS: noikeep mount option is deprecated.
[  149.883071][ T6226] XFS (loop3): invalid log iosize: 0 [not 12-30]
[  150.023103][ T5825] veth1_macvtap: entered promiscuous mode
[  150.184128][ T5825] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  150.207779][ T5307] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  150.260274][ T5825] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  150.296926][ T5825] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  150.339008][ T5825] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  150.351832][ T5825] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  150.524203][ T5307] usb 3-1: Using ep0 maxpacket: 16
[  150.542491][ T5825] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  150.570672][ T5825] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  150.573099][ T5307] usb 3-1: unable to read config index 0 descriptor/start: -61
[  150.590900][ T5825] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  150.603039][ T5307] usb 3-1: can't read configurations, error -61
[  150.675922][ T6269] loop3: detected capacity change from 0 to 1764
[  151.728209][ T5307] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  151.839000][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_0
[  151.902895][ T5825] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  151.936611][ T5825] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  151.987614][ T5825] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  152.005916][ T5307] usb 3-1: Using ep0 maxpacket: 16
[  152.015850][ T5825] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  152.032304][ T5825] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  152.641883][ T5307] usb 3-1: unable to read config index 0 descriptor/start: -61
[  152.663439][ T5307] usb 3-1: can't read configurations, error -61
[  152.695191][ T5307] usb usb3-port1: attempt power cycle
[  152.703111][ T5825] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  152.744149][ T5825] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  152.765879][ T5825] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  152.838292][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_1
[  152.883553][ T6278] IPVS: Error connecting to the multicast addr
[  152.931226][ T5825] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  153.030339][ T5825] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  153.100473][ T5825] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  153.164705][ T5825] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  153.196019][ T6283] netlink: 64 bytes leftover after parsing attributes in process `syz.3.155'.
[  153.575298][ T6289] loop4: detected capacity change from 0 to 16
[  153.587298][ T6289] erofs: (device loop4): mounted with root inode @ nid 36.
[  153.603461][ T6291] erofs: (device loop4): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 0
[  153.613918][ T6291] erofs: (device loop4): z_erofs_fill_inode_lazy: invalid tail-packing pclustersize 0
[  153.623551][ T6291] erofs: (device loop4): z_erofs_read_folio: read error -117 @ 43 of nid 36
[  153.634145][ T6291] coredump: 179(syz.4.157): coredump has not been created, error -117
[  153.652757][ T5328] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  153.657520][ T5663] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  153.691651][ T5663] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  153.703899][ T5328] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  153.795501][ T6288] loop3: detected capacity change from 0 to 2048
[  153.838212][ T6288] udf: Bad value for 'lastblock'
[  153.897630][ T5307] usb usb3-port1: Cannot enable. Maybe the USB cable is bad?
[  154.098391][ T5307] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  154.180191][ T5307] usb 3-1: Using ep0 maxpacket: 8
[  154.321266][ T5307] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  154.523302][ T5307] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  154.688078][ T5307] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  154.710127][ T5307] usb 3-1: New USB device found, idVendor=04fc, idProduct=05d8, bcdDevice= 0.00
[  154.731031][ T5307] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  154.780521][ T5307] usb 3-1: config 0 descriptor??
[  155.210715][ T6310] overlayfs: missing 'lowerdir'
[  155.301721][ T6311] warning: `syz.0.161' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  156.973316][ T5307] sunplus 0003:04FC:05D8.0003: item fetching failed at offset 5/7
[  156.993599][ T5307] sunplus 0003:04FC:05D8.0003: probe with driver sunplus failed with error -22
[  157.034749][ T6321] syz.0.163 uses obsolete (PF_INET,SOCK_PACKET)
[  157.059580][ T6318] syz.1.162[6318] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  157.059681][ T6318] syz.1.162[6318] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  157.170576][ T6318] syz.1.162[6318] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  157.300907][   T29] audit: type=1326 audit(1723792753.105:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6317 comm="syz.1.162" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa4f53799b9 code=0x0
[  157.922686][ T6329] binder: 6324:6329 ioctl c0306201 0 returned -14
[  158.332451][   T25] usb 3-1: USB disconnect, device number 5
[  158.383421][ T6322] syz.1.162[6322] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  158.383538][ T6322] syz.1.162[6322] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  158.538055][ T6322] syz.1.162[6322] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  159.567082][   T25] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  159.796360][ T6343] loop0: detected capacity change from 0 to 2048
[  160.815527][ T6347] loop1: detected capacity change from 0 to 1024
[  160.831622][   T25] usb 4-1: config 16 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 0
[  160.876714][ T6343]  loop0: p2 < >
[  160.881447][   T25] usb 4-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  160.892730][   T25] usb 4-1: config 16 has no interfaces?
[  160.923005][   T25] usb 4-1: New USB device found, idVendor=1908, idProduct=1315, bcdDevice= 0.00
[  160.970495][   T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  160.996673][ T6342] xt_CT: No such helper "syz0"
[  161.026545][ T4681]  loop0: p2 < >
[  162.026840][ T6361] loop4: detected capacity change from 0 to 1024
[  162.034126][ T6361] hfsplus: unable to parse mount options
[  162.242240][ T6368] netlink: 40 bytes leftover after parsing attributes in process `syz.1.174'.
[  162.560436][ T6375] Bluetooth: MGMT ver 1.23
[  163.443172][ T6373] option changes via remount are deprecated (pid=6370 comm=syz.4.175)
[  163.571195][    T8] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  163.636823][ T5277] usb 4-1: USB disconnect, device number 4
[  163.802126][ T5276] usb 1-1: new low-speed USB device number 4 using dummy_hcd
[  163.817074][    T8] usb 2-1: Using ep0 maxpacket: 32
[  163.855526][    T8] usb 2-1: unable to get BOS descriptor or descriptor too short
[  163.887431][    T8] usb 2-1: New USB device found, idVendor=05ac, idProduct=0254, bcdDevice=ca.76
[  165.692258][ T6381] loop3: detected capacity change from 0 to 16
[  165.958504][ T6381] erofs: (device loop3): mounted with root inode @ nid 36.
[  166.019983][    T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  166.045836][    T8] usb 2-1: Product: syz
[  166.050412][    T8] usb 2-1: Manufacturer: syz
[  166.055259][    T8] usb 2-1: SerialNumber: syz
[  166.066152][    T8] usb 2-1: config 0 descriptor??
[  166.075459][    T8] input: bcm5974 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input7
[  166.148901][ T5276] usb 1-1: device descriptor read/all, error -71
[  166.291464][ T4666] bcm5974 2-1:0.0: could not read from device
[  166.324649][ T4666] bcm5974 2-1:0.0: could not read from device
[  166.590937][ T4666] bcm5974 2-1:0.0: could not read from device
[  166.600189][    T8] usb 2-1: USB disconnect, device number 3
[  168.263064][ T5225] udevd[5225]: Error opening device "/dev/input/event4": No such file or directory
[  168.353748][ T5225] udevd[5225]: Unable to EVIOCGABS device "/dev/input/event4"
[  168.364770][ T6401] loop3: detected capacity change from 0 to 256
[  168.485885][ T5225] udevd[5225]: Unable to EVIOCGABS device "/dev/input/event4"
[  168.495801][ T6401] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  168.504612][ T5225] udevd[5225]: Unable to EVIOCGABS device "/dev/input/event4"
[  168.515462][ T5225] udevd[5225]: Unable to EVIOCGABS device "/dev/input/event4"
[  168.747148][ T6401] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  169.826209][ T5276] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  171.316447][ T6418] loop1: detected capacity change from 0 to 2048
[  171.327467][ T6417] loop3: detected capacity change from 0 to 164
[  171.327730][ T6418] udf: Bad value for 'session'
[  171.381952][ T6417] Unable to read rock-ridge attributes
[  172.108973][ T6415] kvm: pic: non byte read
[  173.583202][ T6415] kvm: pic: non byte read
[  176.185968][ T6447] loop3: detected capacity change from 0 to 1024
[  176.719409][ T6447] hfsplus: extend alloc file! (8192,65536,366)
[  176.756128][ T6451] loop2: detected capacity change from 0 to 2048
[  176.917654][ T5236] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  177.893666][ T6458] loop2: detected capacity change from 0 to 8
[  177.905660][ T5236] usb 1-1: device descriptor read/all, error -71
[  177.934029][ T6443] kvm: vcpu 0: requested 394 ns lapic timer period limited to 200000 ns
[  177.943161][ T6459] netlink: 8 bytes leftover after parsing attributes in process `syz.1.196'.
[  177.967757][ T6458] MTD: Attempt to mount non-MTD device "/dev/loop2"
[  177.987995][ T6459] netlink: 8 bytes leftover after parsing attributes in process `syz.1.196'.
[  178.039857][ T6447] kvm: pic: non byte write
[  178.068350][ T6459] loop1: detected capacity change from 0 to 256
[  178.079226][ T5230] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  178.090456][ T5230] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  178.100294][ T5230] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  178.115945][ T5230] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  178.125304][ T5230] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  178.132779][ T5230] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  178.290294][ T6465] cramfs: Error -5 while decompressing!
[  178.297059][ T6465] cramfs: ffffffff95077c62(26)->ffff888059a18000(4096)
[  178.305570][ T6465] cramfs: Error -3 while decompressing!
[  178.312611][ T6465] cramfs: ffffffff95077c7c(16)->ffff888057071000(4096)
[  178.319688][ T6465] cramfs: Error -5 while decompressing!
[  178.326397][ T6465] cramfs: ffffffff95077c62(26)->ffff888059a18000(4096)
[  178.337566][   T29] audit: type=1800 audit(1723792774.145:71): pid=6465 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.197" name="file3" dev="loop2" ino=348 res=0 errno=0
[  180.231068][ T5230] Bluetooth: hci5: command tx timeout
[  181.016392][ T5328] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  181.074481][ T6460] chnl_net:caif_netlink_parms(): no params data found
[  181.203753][ T6497] loop0: detected capacity change from 0 to 1764
[  181.218624][ T6350] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  181.250496][ T5328] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  181.401340][ T5236] usb 3-1: new full-speed USB device number 6 using dummy_hcd
[  181.415349][ T5328] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  181.438719][ T6350] usb 2-1: config index 0 descriptor too short (expected 4114, got 18)
[  181.449660][ T6350] usb 2-1: New USB device found, idVendor=066b, idProduct=20f9, bcdDevice=ff.94
[  181.459562][ T6350] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  181.467973][ T6350] usb 2-1: Product: syz
[  181.472366][ T6350] usb 2-1: Manufacturer: syz
[  181.480426][ T6350] usb 2-1: SerialNumber: syz
[  181.485441][ T6460] bridge0: port 1(bridge_slave_0) entered blocking state
[  181.499446][ T6460] bridge0: port 1(bridge_slave_0) entered disabled state
[  181.507259][ T6350] usb 2-1: config 0 descriptor??
[  181.520866][ T6460] bridge_slave_0: entered allmulticast mode
[  181.528949][ T6460] bridge_slave_0: entered promiscuous mode
[  181.551760][ T5328] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  181.566332][ T6460] bridge0: port 2(bridge_slave_1) entered blocking state
[  181.575237][ T6460] bridge0: port 2(bridge_slave_1) entered disabled state
[  181.583402][ T6460] bridge_slave_1: entered allmulticast mode
[  181.591117][ T6460] bridge_slave_1: entered promiscuous mode
[  181.611944][ T5236] usb 3-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  181.630850][ T5236] usb 3-1: New USB device found, idVendor=0582, idProduct=28e8, bcdDevice=f5.06
[  181.640536][ T5236] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  181.652673][ T5236] usb 3-1: Product: syz
[  181.661202][ T5236] usb 3-1: Manufacturer: syz
[  181.663019][ T6460] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  181.667585][ T5236] usb 3-1: SerialNumber: syz
[  181.713986][ T6460] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  181.730632][ T5236] usb 3-1: config 0 descriptor??
[  181.883377][ T6460] team0: Port device team_slave_0 added
[  181.904049][ T5328] bridge_slave_1: left allmulticast mode
[  181.917744][ T5328] bridge_slave_1: left promiscuous mode
[  181.923642][ T5328] bridge0: port 2(bridge_slave_1) entered disabled state
[  181.946537][ T5328] bridge_slave_0: left allmulticast mode
[  181.953734][ T5328] bridge_slave_0: left promiscuous mode
[  181.972616][ T5328] bridge0: port 1(bridge_slave_0) entered disabled state
[  182.066136][ T5236] usb 3-1: USB disconnect, device number 6
[  182.106256][ T5225] udevd[5225]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  182.167730][ T6506] netlink: 'syz.3.210': attribute type 1 has an invalid length.
[  182.175767][ T6506] netlink: 9348 bytes leftover after parsing attributes in process `syz.3.210'.
[  182.307412][ T5230] Bluetooth: hci5: command tx timeout
[  186.057668][ T5230] Bluetooth: hci5: command tx timeout
[  186.199064][ T6350] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  186.210478][ T6350] asix 2-1:0.0 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9
[  186.231217][ T6350] asix 2-1:0.0: probe with driver asix failed with error -71
[  186.245639][ T6350] usb 2-1: USB disconnect, device number 4
[  186.765402][ T6527] netlink: 'syz.2.211': attribute type 13 has an invalid length.
[  186.787909][ T6527] loop2: detected capacity change from 0 to 1024
[  186.934737][ T6527] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  187.540605][ T5478] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  187.770974][ T5230] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  187.782266][ T5230] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  187.791395][ T5230] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  187.801276][ T5230] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  187.818813][ T5230] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  187.828030][ T5230] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  188.067251][ T5230] Bluetooth: hci5: command tx timeout
[  188.337944][ T5328] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  188.393224][ T5328] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  188.406226][ T5328] bond0 (unregistering): Released all slaves
[  188.426722][ T6460] team0: Port device team_slave_1 added
[  188.474831][ T6528] netlink: 'syz.1.212': attribute type 4 has an invalid length.
[  188.519317][ T6532] netlink: 'syz.1.212': attribute type 4 has an invalid length.
[  188.580083][ T6533] netlink: 'syz.1.212': attribute type 4 has an invalid length.
[  188.907347][ T6544] loop2: detected capacity change from 0 to 32768
[  189.557752][ T6544] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  189.571863][ T6557] loop3: detected capacity change from 0 to 1024
[  189.624914][ T6460] batman_adv: batadv0: Adding interface: batadv_slave_0
[  189.635848][ T6460] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  189.737152][ T6544] XFS (loop2): Ending clean mount
[  189.746926][ T6460] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  189.817842][ T6544] XFS (loop2): Quotacheck needed: Please wait.
[  189.846669][ T6557] EXT4-fs: inline encryption not supported
[  189.852854][ T6557] EXT4-fs: quotafile must be on filesystem root
[  190.120151][ T5230] Bluetooth: hci0: command tx timeout
[  190.715176][ T6460] batman_adv: batadv0: Adding interface: batadv_slave_1
[  190.722268][ T6460] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  190.751619][ T6460] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  190.762765][ T6544] XFS (loop2): Quotacheck: Done.
[  190.901127][ T5478] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  191.211217][ T6460] hsr_slave_0: entered promiscuous mode
[  191.238106][ T6460] hsr_slave_1: entered promiscuous mode
[  191.251208][ T6460] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  191.270223][ T6460] Cannot create hsr debugfs directory
[  191.353378][ T5328] hsr_slave_0: left promiscuous mode
[  191.367569][ T5328] hsr_slave_1: left promiscuous mode
[  191.382171][ T5328] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  191.398203][ T5328] batman_adv: batadv0: Removing interface: batadv_slave_0
[  191.414893][ T5328] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  191.422995][ T5328] batman_adv: batadv0: Removing interface: batadv_slave_1
[  191.501360][ T5328] veth1_macvtap: left promiscuous mode
[  191.522831][ T5328] veth0_macvtap: left promiscuous mode
[  191.544133][ T5328] veth1_vlan: left promiscuous mode
[  191.563400][ T5328] veth0_vlan: left promiscuous mode
[  191.989379][ T6576] loop2: detected capacity change from 0 to 32768
[  192.015711][ T6576] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.219 (6576)
[  192.097193][ T6576] BTRFS info (device loop2): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  192.115461][ T6576] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm
[  192.155893][ T5230] Bluetooth: hci0: command tx timeout
[  192.164258][ T6576] BTRFS info (device loop2): using free-space-tree
[  192.190868][ T6590] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'filter'
[  192.230170][ T6590] loop3: detected capacity change from 0 to 256
[  192.283202][ T6590] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d)
[  192.359654][ T6590] exFAT-fs (loop3): invalid start cluster (22)
[  192.555628][ T5328] team0 (unregistering): Port device team_slave_1 removed
[  192.716521][ T5328] team0 (unregistering): Port device team_slave_0 removed
[  193.582158][ T5478] BTRFS info (device loop2): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  193.956816][   T29] audit: type=1326 audit(1723792789.765:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6614 comm="syz.2.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fa3b799b9 code=0x7ffc0000
[  194.023920][   T29] audit: type=1326 audit(1723792789.795:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6614 comm="syz.2.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fa3b799b9 code=0x7ffc0000
[  194.027390][ T6615] loop2: detected capacity change from 0 to 512
[  194.068874][ T6615] EXT4-fs (loop2): blocks per group (95) and clusters per group (32768) inconsistent
[  194.082121][   T29] audit: type=1326 audit(1723792789.805:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6614 comm="syz.2.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f4fa3b78257 code=0x7ffc0000
[  194.132353][   T29] audit: type=1326 audit(1723792789.805:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6614 comm="syz.2.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fa3b799b9 code=0x7ffc0000
[  194.171841][   T29] audit: type=1326 audit(1723792789.805:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6614 comm="syz.2.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7f4fa3b799b9 code=0x7ffc0000
[  194.227527][ T5230] Bluetooth: hci0: command tx timeout
[  194.253489][   T29] audit: type=1326 audit(1723792789.805:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6614 comm="syz.2.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fa3b799b9 code=0x7ffc0000
[  194.353285][   T29] audit: type=1326 audit(1723792789.805:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6614 comm="syz.2.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fa3b799b9 code=0x7ffc0000
[  194.377271][   T29] audit: type=1326 audit(1723792789.815:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6614 comm="syz.2.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4fa3b799b9 code=0x7ffc0000
[  194.419685][   T29] audit: type=1326 audit(1723792789.815:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6614 comm="syz.2.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fa3b799b9 code=0x7ffc0000
[  194.484642][   T29] audit: type=1326 audit(1723792789.815:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6614 comm="syz.2.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4fa3b799b9 code=0x7ffc0000
[  194.640414][ T1268] ieee802154 phy0 wpan0: encryption failed: -22
[  194.646715][ T1268] ieee802154 phy1 wpan1: encryption failed: -22
[  194.835082][ T6590] netlink: 8 bytes leftover after parsing attributes in process `syz.3.222'.
[  194.878886][ T6615] netlink: 12 bytes leftover after parsing attributes in process `syz.2.224'.
[  194.957526][ T6620] netlink: 8 bytes leftover after parsing attributes in process `syz.1.225'.
[  196.198058][ T6632] loop3: detected capacity change from 0 to 1024
[  196.258030][ T6632] EXT4-fs: Ignoring removed orlov option
[  196.273461][ T6632] EXT4-fs (loop3): Test dummy encryption mode enabled
[  196.303073][ T6632] EXT4-fs (loop3): stripe (7) is not aligned with cluster size (16), stripe is disabled
[  196.318266][ T5230] Bluetooth: hci0: command tx timeout
[  196.381314][ T6638] loop2: detected capacity change from 0 to 256
[  196.389284][ T6638] exfat: Deprecated parameter 'utf8'
[  196.394799][ T6638] exfat: Bad value for 'errors'
[  196.416446][ T6632] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  196.718599][ T5230] Bluetooth: hci1: command 0x0406 tx timeout
[  197.605253][ T6540] chnl_net:caif_netlink_parms(): no params data found
[  197.648499][ T6658] loop1: detected capacity change from 0 to 1024
[  197.706370][ T5228] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.716555][ T6658] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  202.100152][ T5237] Bluetooth: hci4: command 0x0406 tx timeout
[  202.204008][ T6683] xt_hashlimit: Unknown mode mask 300, kernel too old?
[  202.220632][ T6685] loop2: detected capacity change from 0 to 2048
[  202.241732][ T6540] bridge0: port 1(bridge_slave_0) entered blocking state
[  202.265804][ T6685] EXT4-fs: Mount option(s) incompatible with ext3
[  202.281184][ T6540] bridge0: port 1(bridge_slave_0) entered disabled state
[  202.305665][ T6540] bridge_slave_0: entered allmulticast mode
[  202.322161][ T6540] bridge_slave_0: entered promiscuous mode
[  202.345652][ T6540] bridge0: port 2(bridge_slave_1) entered blocking state
[  202.357242][ T6540] bridge0: port 2(bridge_slave_1) entered disabled state
[  202.367230][ T6540] bridge_slave_1: entered allmulticast mode
[  202.375975][ T6540] bridge_slave_1: entered promiscuous mode
[  202.557172][ T5442] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  202.700719][ T6540] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  203.187991][ T6692] loop2: detected capacity change from 0 to 512
[  203.199575][ T6692] EXT4-fs (loop2): Test dummy encryption mode enabled
[  204.110911][ T6540] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  205.814034][ T5328] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  205.900871][ T6692] EXT4-fs: error -4 creating inode table initialization thread
[  205.909174][ T6692] EXT4-fs (loop2): mount failed
[  206.155870][ T6540] team0: Port device team_slave_0 added
[  206.298802][ T5328] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.339535][ T6540] team0: Port device team_slave_1 added
[  207.140199][ T5328] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  207.223744][ T6540] batman_adv: batadv0: Adding interface: batadv_slave_0
[  207.247019][ T6540] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  207.361433][ T6540] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  207.614485][ T5328] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  207.677826][ T6540] batman_adv: batadv0: Adding interface: batadv_slave_1
[  207.691946][ T6540] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  207.723150][ T6540] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  207.894088][ T6460] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  207.948264][ T6540] hsr_slave_0: entered promiscuous mode
[  207.950181][ T6350] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  207.971015][ T6540] hsr_slave_1: entered promiscuous mode
[  207.983403][ T6540] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  207.994556][ T6540] Cannot create hsr debugfs directory
[  208.024202][ T6460] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  208.100217][ T6460] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  208.150196][ T6460] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  208.175502][ T6350] usb 4-1: Using ep0 maxpacket: 32
[  208.189085][ T6350] usb 4-1: New USB device found, idVendor=05ac, idProduct=023f, bcdDevice=e0.d8
[  208.287377][ T6350] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  208.312203][ T6350] usb 4-1: config 0 descriptor??
[  208.322249][ T6350] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input8
[  208.360205][ T5328] bridge_slave_1: left allmulticast mode
[  208.379486][ T5328] bridge_slave_1: left promiscuous mode
[  208.387713][ T5328] bridge0: port 2(bridge_slave_1) entered disabled state
[  208.445692][ T5328] bridge_slave_0: left allmulticast mode
[  208.461711][ T5328] bridge_slave_0: left promiscuous mode
[  208.478197][ T5328] bridge0: port 1(bridge_slave_0) entered disabled state
[  209.241510][ T6733] loop2: detected capacity change from 0 to 32768
[  209.291431][ T6733] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.241 (6733)
[  209.317728][ T6746] loop1: detected capacity change from 0 to 4096
[  209.340063][ T6746] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512).
[  209.372251][ T6733] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  209.400814][ T6733] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  209.444357][ T6746] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[  209.454046][ T6733] BTRFS info (device loop2): using free-space-tree
[  209.476322][ T5328] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  209.526039][ T5328] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  209.588625][ T4666] bcm5974 4-1:0.0: could not read from device
[  209.629679][ T4666] bcm5974 4-1:0.0: could not read from device
[  209.662763][ T5328] bond0 (unregistering): Released all slaves
[  209.673668][ T4666] bcm5974 4-1:0.0: could not read from device
[  209.700388][ T6350] usb 4-1: USB disconnect, device number 5
[  209.727826][ T4666] bcm5974 4-1:0.0: could not read from device
[  209.758883][ T4666] bcm5974 4-1:0.0: could not read from device
[  209.776693][ T5225] bcm5974 4-1:0.0: could not read from device
[  209.863723][ T6772] netlink: 'syz.1.242': attribute type 1 has an invalid length.
[  209.871529][ T6772] netlink: 'syz.1.242': attribute type 3 has an invalid length.
[  209.879294][ T6772] netlink: 224 bytes leftover after parsing attributes in process `syz.1.242'.
[  212.094481][    T8] IPVS: starting estimator thread 0...
[  212.197130][ T6789] IPVS: using max 33 ests per chain, 79200 per kthread
[  212.331180][ T6790] usb usb8: usbfs: process 6790 (syz.1.244) did not claim interface 0 before use
[  212.342539][ T6460] 8021q: adding VLAN 0 to HW filter on device bond0
[  212.370717][ T5328] hsr_slave_0: left promiscuous mode
[  212.381784][ T5328] hsr_slave_1: left promiscuous mode
[  212.395493][ T5328] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  212.407315][ T5328] batman_adv: batadv0: Removing interface: batadv_slave_0
[  212.423554][ T5328] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  212.433586][ T5328] batman_adv: batadv0: Removing interface: batadv_slave_1
[  212.477205][ T5328] veth1_macvtap: left promiscuous mode
[  212.482803][ T5328] veth0_macvtap: left promiscuous mode
[  212.495074][ T5328] veth1_vlan: left promiscuous mode
[  212.500612][ T5328] veth0_vlan: left promiscuous mode
[  213.155510][ T5328] team0 (unregistering): Port device team_slave_1 removed
[  213.234437][ T5478] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  213.253214][ T5328] team0 (unregistering): Port device team_slave_0 removed
[  215.599101][ T6802] loop1: detected capacity change from 0 to 32768
[  215.828618][ T6802] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  216.014646][ T6802] XFS (loop1): Ending clean mount
[  216.225141][ T6827] loop3: detected capacity change from 0 to 2048
[  216.305802][ T6827] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  216.461294][ T6460] 8021q: adding VLAN 0 to HW filter on device team0
[  216.480601][ T6832] loop2: detected capacity change from 0 to 512
[  216.506125][   T29] kauditd_printk_skb: 51 callbacks suppressed
[  216.506143][   T29] audit: type=1400 audit(1723792812.315:133): apparmor="DENIED" operation="setprocattr" info="invalid" error=-22 profile="unconfined" pid=6825 comm="syz.3.250"
[  216.606396][ T6832] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found
[  216.635363][ T6830] wg0 speed is unknown, defaulting to 1000
[  216.643619][ T5663] bridge0: port 1(bridge_slave_0) entered blocking state
[  216.644958][ T6832] UDF-fs: Scanning with blocksize 512 failed
[  216.650801][ T5663] bridge0: port 1(bridge_slave_0) entered forwarding state
[  216.678679][ T5663] bridge0: port 2(bridge_slave_1) entered blocking state
[  216.685798][ T5663] bridge0: port 2(bridge_slave_1) entered forwarding state
[  216.735996][ T6832] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found
[  216.758227][ T5442] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  216.773366][ T6832] UDF-fs: Scanning with blocksize 1024 failed
[  216.829702][ T6832] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found
[  216.847670][ T6830] wg0 speed is unknown, defaulting to 1000
[  216.877056][ T6832] UDF-fs: Scanning with blocksize 2048 failed
[  216.952634][ T6830] wg0 speed is unknown, defaulting to 1000
[  216.958895][ T6832] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  216.964251][ T6832] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  217.075235][ T6540] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  217.113681][ T6830] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  217.180882][ T6540] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  217.194571][ T6830] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  217.208900][ T6832] netlink: 4 bytes leftover after parsing attributes in process `syz.2.251'.
[  217.282996][ T6540] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  217.316354][ T6540] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  217.430710][ T6830] wg0 speed is unknown, defaulting to 1000
[  217.502361][ T6830] wg0 speed is unknown, defaulting to 1000
[  217.703046][ T6830] wg0 speed is unknown, defaulting to 1000
[  217.718959][ T6850] Cannot find add_set index 0 as target
[  217.730859][ T6830] wg0 speed is unknown, defaulting to 1000
[  217.940483][ T5230] Bluetooth: hci4: unexpected event 0x30 length: 4 > 3
[  218.509395][ T6857] loop2: detected capacity change from 0 to 256
[  218.545639][ T6540] 8021q: adding VLAN 0 to HW filter on device bond0
[  218.559914][ T6830] wg0 speed is unknown, defaulting to 1000
[  218.605607][ T6540] 8021q: adding VLAN 0 to HW filter on device team0
[  218.794785][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  218.801991][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  219.134311][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  219.141536][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  220.889719][ T6874] loop1: detected capacity change from 0 to 32768
[  221.521263][ T6460] 8021q: adding VLAN 0 to HW filter on device batadv0
[  221.893173][ T6540] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  222.099497][ T5307] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  222.478094][ T5307] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  222.752995][ T5307] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  222.784298][ T5307] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  222.798496][ T5307] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  222.813285][ T5307] usb 2-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  222.837135][ T5307] usb 2-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  222.855565][ T5307] usb 2-1: Manufacturer: syz
[  222.872653][ T6900] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  222.882931][ T5307] usb 2-1: config 0 descriptor??
[  222.934012][ T6900] loop2: detected capacity change from 0 to 512
[  223.388109][ T6900] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  223.746144][ T6900] ext4 filesystem being mounted at /46/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  223.827171][ T6910] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 256: padding at end of block bitmap is not set
[  223.863176][ T6900] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.260: bg 0: block 256: padding at end of block bitmap is not set
[  223.908706][ T6900] Quota error (device loop2): write_blk: dquota write failed
[  223.916470][ T6900] Quota error (device loop2): find_free_dqentry: Can't write quota data block 5
[  223.925820][ T6900] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  223.941705][ T5307] appleir 0003:05AC:8243.0004: No inputs registered, leaving
[  223.951807][ T5307] appleir 0003:05AC:8243.0004: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0
[  223.959916][ T6540] 8021q: adding VLAN 0 to HW filter on device batadv0
[  223.976190][ T6900] EXT4-fs error (device loop2): ext4_acquire_dquot:6848: comm syz.2.260: Failed to acquire dquot type 1
[  224.012076][ T6460] veth0_vlan: entered promiscuous mode
[  224.022540][ T6900] netlink: 4 bytes leftover after parsing attributes in process `syz.2.260'.
[  224.034406][ T6900] Quota error (device loop2): write_blk: dquota write failed
[  224.035381][ T6917] loop3: detected capacity change from 0 to 8
[  224.042309][ T6900] Quota error (device loop2): find_free_dqentry: Can't write quota data block 5
[  224.042507][ T6900] Quota error (device loop2): qtree_write_dquot: Error -28 occurred while creating quota
[  224.042542][ T6900] EXT4-fs error (device loop2): ext4_acquire_dquot:6848: comm syz.2.260: Failed to acquire dquot type 1
[  224.055392][ T6460] veth1_vlan: entered promiscuous mode
[  224.084158][ T6918] vhci_hcd: default hub control req: 0017 v0000 i0000 l0
[  224.099406][ T6917] squashfs: Unknown parameter '0x0000000000000007'
[  224.176426][ T5478] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.204539][ T6540] veth0_vlan: entered promiscuous mode
[  224.221674][ T6540] veth1_vlan: entered promiscuous mode
[  224.281606][ T6540] veth0_macvtap: entered promiscuous mode
[  224.359308][ T6540] veth1_macvtap: entered promiscuous mode
[  225.125471][ T6540] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  225.184459][ T6540] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  225.194681][ T6540] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  225.206732][ T6540] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  225.217081][ T6540] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  225.239523][ T6540] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  225.261656][ T6540] batman_adv: batadv0: Interface activated: batadv_slave_0
[  225.285881][ T6540] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  225.313291][ T6540] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  225.324158][ T6540] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  225.334791][ T6540] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  225.344663][ T6540] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  225.474992][ T6540] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  225.599967][ T6540] batman_adv: batadv0: Interface activated: batadv_slave_1
[  225.883964][ T6540] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  225.943339][ T6540] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  226.197277][ T6540] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  226.206050][ T6540] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  226.309314][ T6350] usb 2-1: reset high-speed USB device number 5 using dummy_hcd
[  226.319272][ T6460] veth0_macvtap: entered promiscuous mode
[  226.379670][ T6460] veth1_macvtap: entered promiscuous mode
[  226.475189][   T29] audit: type=1326 audit(1723792822.285:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6934 comm="syz.1.264" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa4f53799b9 code=0x0
[  226.526314][ T6460] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  226.543521][ T6460] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  226.560890][ T6933] loop3: detected capacity change from 0 to 512
[  226.568602][ T6460] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  226.568698][ T6933] EXT4-fs (loop3): Test dummy encryption mode enabled
[  226.579238][ T6460] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  226.579260][ T6460] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  226.579277][ T6460] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  226.579311][ T6460] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  226.579324][ T6460] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  226.580999][ T6460] batman_adv: batadv0: Interface activated: batadv_slave_0
[  226.649173][ T6933] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2240: inode #12: comm syz.3.265: corrupted in-inode xattr: invalid ea_ino
[  226.680143][ T6933] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.265: couldn't read orphan inode 12 (err -117)
[  226.700612][ T6933] EXT4-fs (loop3): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  226.777153][ T6460] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  226.793090][ T6460] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  226.918548][ T6460] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  226.929117][ T6460] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  226.939129][ T6460] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  226.953197][ T6460] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  226.963921][ T6460] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  226.976795][ T6460] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  227.248462][ T6946] fscrypt (loop3): Missing crypto API support for AES-256-CBC-CTS (API name: "cts(cbc(aes))")
[  227.458422][ T5307] usb 2-1: USB disconnect, device number 5
[  227.551325][ T6460] batman_adv: batadv0: Interface activated: batadv_slave_1
[  227.566519][ T5228] EXT4-fs (loop3): unmounting filesystem 00000005-0000-0000-0000-000000000000.
[  227.622416][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  227.628718][ T6460] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  227.653787][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  227.656670][ T6460] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  227.680506][ T6460] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  227.694240][ T6460] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  227.911595][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  228.037432][ T5236] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  228.536980][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  229.012447][ T5236] usb 3-1: device descriptor read/64, error -71
[  229.645779][ T5236] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  230.013107][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  230.479731][ T6972] loop1: detected capacity change from 0 to 256
[  230.813535][ T6970] loop2: detected capacity change from 0 to 512
[  230.837839][ T5237] Bluetooth: hci3: sending frame failed (-49)
[  230.852256][ T5230] Bluetooth: hci3: Opcode 0x1003 failed: -49
[  230.871683][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  230.879937][ T6972] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  231.532186][ T6970] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  231.619641][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  231.637155][ T6970] EXT4-fs (loop2): orphan cleanup on readonly fs
[  231.677766][ T6970] Quota error (device loop2): v2_read_file_info: Block with free entry 1 out of range (1, 6).
[  231.687086][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  231.749828][ T6970] EXT4-fs warning (device loop2): ext4_enable_quotas:7066: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  231.824225][ T6970] EXT4-fs (loop2): Cannot turn on quotas: error -117
[  231.897423][ T6970] EXT4-fs error (device loop2): ext4_orphan_get:1391: inode #16: comm syz.2.271: casefold flag without casefold feature
[  231.935446][ T6970] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.271: couldn't read orphan inode 16 (err -117)
[  232.009104][ T6989] loop4: detected capacity change from 0 to 256
[  232.049589][ T6970] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  233.902822][ T5478] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  234.168282][ T6998] loop3: detected capacity change from 0 to 1024
[  234.297174][ T7000] loop1: detected capacity change from 0 to 128
[  234.622788][ T6998] EXT4-fs error (device loop3): ext4_ext_check_inode:520: inode #4: comm syz.3.275: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[  234.875444][ T6998] EXT4-fs error (device loop3): ext4_quota_enable:7025: comm syz.3.275: Bad quota inode: 4, type: 1
[  235.006218][ T6998] EXT4-fs warning (device loop3): ext4_enable_quotas:7066: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  235.128224][ T7008] binder: 7002:7008 ioctl c0306201 0 returned -14
[  235.215141][ T7005] loop2: detected capacity change from 0 to 2048
[  235.278046][ T6998] EXT4-fs (loop3): mount failed
[  235.834823][ T7005] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  235.903132][ T7013] loop1: detected capacity change from 0 to 1024
[  236.023584][ T7013] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  236.477769][ T7020] loop0: detected capacity change from 0 to 64
[  236.893925][ T7018] Driver unsupported XDP return value 0 on prog  (id 123) dev N/A, expect packet loss!
[  236.906979][   T29] audit: type=1804 audit(1723792832.545:135): pid=7005 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.277" name="/newroot/50/file0/bus" dev="loop2" ino=18 res=1 errno=0
[  238.126237][   T29] audit: type=1800 audit(1723792832.955:136): pid=7023 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.279" name="bus" dev="loop1" ino=861 res=0 errno=0
[  238.232158][ T7030] hfs: keylen 94 too large
[  239.285807][ T7023] Bluetooth: MGMT ver 1.23
[  239.291779][ T7026] netlink: 12 bytes leftover after parsing attributes in process `syz.3.282'.
[  239.402492][ T5478] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  239.585243][ T7013] syz.1.279 (7013) used greatest stack depth: 17232 bytes left
[  239.612764][ T7041] bridge: RTM_NEWNEIGH bridge0 with NTF_USE is not supported
[  242.331939][ T7048] wg0 speed is unknown, defaulting to 1000
[  242.372716][ T7049] loop2: detected capacity change from 0 to 2048
[  242.384873][ T7049] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[  242.510421][ T7064] loop3: detected capacity change from 0 to 256
[  242.908230][ T7064] FAT-fs (loop3): Directory bread(block 64) failed
[  242.926467][ T7064] FAT-fs (loop3): Directory bread(block 65) failed
[  242.955913][ T7064] FAT-fs (loop3): Directory bread(block 66) failed
[  242.991994][ T7064] FAT-fs (loop3): Directory bread(block 67) failed
[  243.015660][ T7064] FAT-fs (loop3): Directory bread(block 68) failed
[  243.041521][ T7064] FAT-fs (loop3): Directory bread(block 69) failed
[  243.066202][ T7064] FAT-fs (loop3): Directory bread(block 70) failed
[  243.084977][ T7081] loop0: detected capacity change from 0 to 2048
[  243.089027][ T5280] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  243.121547][ T7064] FAT-fs (loop3): Directory bread(block 71) failed
[  243.137283][ T7064] FAT-fs (loop3): Directory bread(block 72) failed
[  243.155706][ T7064] FAT-fs (loop3): Directory bread(block 73) failed
[  243.169764][ T7081] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  243.307891][ T5280] usb 2-1: Using ep0 maxpacket: 16
[  243.325791][ T5280] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[  243.392301][ T5280] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  243.617222][ T5280] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  243.635668][ T5280] usb 2-1: Product: syz
[  243.647034][ T5280] usb 2-1: Manufacturer: syz
[  243.651765][ T5280] usb 2-1: SerialNumber: syz
[  243.790376][ T5280] usb 2-1: config 0 descriptor??
[  244.337972][ T6540] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  245.020255][    T8] usb 2-1: USB disconnect, device number 6
[  245.661062][ T7104] delete_channel: no stack
[  246.755257][ T7119] loop0: detected capacity change from 0 to 128
[  246.762380][ T7119] msdos: Bad value for 'dmask'
[  247.922454][ T7134] Bluetooth: MGMT ver 1.23
[  248.475631][ T7143] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  248.485531][ T7143] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  249.190681][ T5236] usb 3-1: new full-speed USB device number 9 using dummy_hcd
[  249.408515][ T5236] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  249.440688][ T5236] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 576, setting to 64
[  249.476820][ T7150] loop3: detected capacity change from 0 to 512
[  249.507452][ T5236] usb 3-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22
[  249.537524][ T7150] EXT4-fs (loop3): can't mount with both data=journal and delalloc
[  249.594158][ T5236] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  249.960238][ T5276] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  250.305024][ T5236] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  250.314158][ T5236] usb 3-1: SerialNumber: syz
[  250.323782][ T7139] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  250.497798][ T5276] usb 4-1: Using ep0 maxpacket: 8
[  250.695594][ T5276] usb 4-1: config 179 has an invalid interface number: 65 but max is 0
[  250.790654][ T5276] usb 4-1: config 179 has no interface number 0
[  250.954598][ T5276] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  250.955404][ T5236] cdc_acm 3-1:1.0: Control and data interfaces are not separated!
[  251.000370][ T5236] cdc_acm 3-1:1.0: ttyACM0: USB ACM device
[  251.029933][ T5236] usb 3-1: USB disconnect, device number 9
[  251.092356][ T5276] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  251.115585][ T5276] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  251.177256][ T5276] usb 4-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  251.215077][ T5276] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  251.234585][ T5276] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  251.271446][ T7150] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  251.453476][ T7158] loop1: detected capacity change from 0 to 8192
[  251.510677][ T7158] REISERFS warning (device loop1): super-6515 reiserfs_parse_options: journaled quota format not specified.
[  251.692514][ T7163] loop4: detected capacity change from 0 to 1024
[  252.061964][ T7147] loop0: detected capacity change from 0 to 32768
[  252.346105][ T7150] loop3: detected capacity change from 0 to 512
[  252.358669][ T7150] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  252.414521][   T12] hfsplus: b-tree write err: -5, ino 4
[  252.529218][ T7150] EXT4-fs (loop3): 1 truncate cleaned up
[  252.598007][ T7150] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  252.844601][ T7150] netlink: 'syz.3.311': attribute type 9 has an invalid length.
[  253.064621][ T5236] hid-generic 0000:0000:0000.0005: item fetching failed at offset 0/1
[  253.307736][ T5236] hid-generic 0000:0000:0000.0005: probe with driver hid-generic failed with error -22
[  253.324250][ T7167] netlink: 'syz.2.317': attribute type 4 has an invalid length.
[  253.341538][    T8] usb 4-1: USB disconnect, device number 6
[  254.055890][ T5230] Bluetooth: hci5: SCO packet for unknown connection handle 3328
[  254.147744][ T7180] loop4: detected capacity change from 0 to 2048
[  254.185875][ T5228] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  254.207657][ T7184] loop0: detected capacity change from 0 to 1024
[  254.379028][ T7184] hfsplus: found bad thread record in catalog
[  254.385600][ T7184] hfsplus: catalog searching failed
[  254.492464][ T7185] hfsplus: xattr searching failed
[  255.204692][ T1284] hfsplus: found bad thread record in catalog
[  255.460888][ T1284] hfsplus: found bad thread record in catalog
[  255.689773][ T1284] hfsplus: b-tree write err: -5, ino 3
[  256.088939][ T7195] loop4: detected capacity change from 0 to 256
[  256.127920][ T1268] ieee802154 phy0 wpan0: encryption failed: -22
[  256.134254][ T1268] ieee802154 phy1 wpan1: encryption failed: -22
[  256.142403][ T7195] exFAT-fs (loop4): bogus sector size bits : 0
[  256.149523][ T7195] exFAT-fs (loop4): failed to read boot sector
[  256.155691][ T7195] exFAT-fs (loop4): failed to recognize exfat type
[  257.570447][ T7207] binder: 7202:7207 ioctl 40046205 0 returned -22
[  260.154554][ T7226] loop0: detected capacity change from 0 to 512
[  260.207977][ T7224] loop4: detected capacity change from 0 to 1024
[  260.335113][ T7226] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2
[  260.368001][ T7226] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz.0.330: invalid indirect mapped block 8 (level 2)
[  260.380925][ T7226] EXT4-fs (loop0): Remounting filesystem read-only
[  260.404520][ T7226] EXT4-fs (loop0): 1 truncate cleaned up
[  260.420267][ T7226] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  260.434284][ T7237] IPVS: sync thread started: state = MASTER, mcast_ifn = lo, syncid = 1, id = 0
[  260.619970][   T52] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  261.197885][ T6540] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  261.242001][   T52] usb 4-1: Using ep0 maxpacket: 16
[  261.279311][   T52] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[  261.323417][   T52] usb 4-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  261.354121][   T52] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  261.368618][   T29] audit: type=1326 audit(1723792857.185:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7242 comm="syz.1.334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4f53799b9 code=0x7ffc0000
[  261.424290][   T52] usb 4-1: config 0 descriptor??
[  261.447249][   T29] audit: type=1326 audit(1723792857.185:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7242 comm="syz.1.334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4f53799b9 code=0x7ffc0000
[  261.485211][ T7250] loop4: detected capacity change from 0 to 512
[  261.504957][   T29] audit: type=1326 audit(1723792857.215:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7242 comm="syz.1.334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=35 compat=0 ip=0x7fa4f53799b9 code=0x7ffc0000
[  261.538353][ T7250] EXT4-fs: Mount option(s) incompatible with ext3
[  261.552359][   T29] audit: type=1326 audit(1723792857.225:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7242 comm="syz.1.334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4f53799b9 code=0x7ffc0000
[  261.593808][ T5230] Bluetooth: hci1: unexpected Set CIG Parameters response data
[  261.609458][ T5230] Bluetooth: hci1: unexpected event for opcode 0x2062
[  261.613247][ T7245] loop1: detected capacity change from 0 to 256
[  261.638213][   T29] audit: type=1326 audit(1723792857.225:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7242 comm="syz.1.334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4f53799b9 code=0x7ffc0000
[  261.663780][   T29] audit: type=1326 audit(1723792857.225:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7242 comm="syz.1.334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa4f53799b9 code=0x7ffc0000
[  261.687859][   T29] audit: type=1326 audit(1723792857.225:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7242 comm="syz.1.334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4f53799b9 code=0x7ffc0000
[  261.697587][ T7245] exfat: Unknown parameter 'discau&'
[  261.710741][   T29] audit: type=1326 audit(1723792857.225:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7242 comm="syz.1.334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4f53799b9 code=0x7ffc0000
[  261.777042][   T29] audit: type=1326 audit(1723792857.225:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7242 comm="syz.1.334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fa4f537849f code=0x7ffc0000
[  261.831209][ T5278] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  261.840763][   T29] audit: type=1326 audit(1723792857.225:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7242 comm="syz.1.334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa4f53799b9 code=0x7ffc0000
[  261.892821][ T7230] loop3: detected capacity change from 0 to 8
[  261.994823][ T7230] SQUASHFS error: Unable to read inode 0x2221
[  262.063639][ T5278] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  262.106736][ T7260] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  262.122644][ T7259] loop4: detected capacity change from 0 to 1024
[  262.134583][ T5278] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  262.167557][ T7260] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  262.179008][ T5278] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  262.223501][   T52] hid (null): unknown global tag 0x14
[  262.247263][ T5278] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  262.257053][   T52] hid (null): unknown global tag 0xe
[  262.267263][   T52] hid (null): report_id 513379493 is invalid
[  262.301862][ T5278] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  262.317354][   T52] hid (null): unknown global tag 0xc
[  262.337404][ T5278] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  262.350243][   T52] hid-generic 0003:0158:0100.0006: unknown main item tag 0x1
[  262.371182][   T52] hid-generic 0003:0158:0100.0006: unexpected long global item
[  262.396194][ T5278] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  262.405841][ T5278] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  262.422591][   T52] hid-generic 0003:0158:0100.0006: probe with driver hid-generic failed with error -22
[  262.447344][ T5278] usb 1-1: Product: syz
[  262.451547][ T5278] usb 1-1: Manufacturer: syz
[  262.456350][ T5278] usb 1-1: SerialNumber: syz
[  262.499376][ T5230] Bluetooth: hci1: ACL packet for unknown connection handle 203
[  262.532336][ T5236] usb 4-1: USB disconnect, device number 7
[  262.740797][ T5278] cdc_ncm 1-1:1.0: bind() failure
[  262.761221][ T5278] cdc_ncm 1-1:1.1: CDC Union missing and no IAD found
[  262.772784][ T5278] cdc_ncm 1-1:1.1: bind() failure
[  263.749348][ T5278] usb 1-1: USB disconnect, device number 9
[  265.677050][ T5230] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  265.685852][ T5230] Bluetooth: hci1: Injecting HCI hardware error event
[  265.695330][ T5230] Bluetooth: hci1: hardware error 0x00
[  267.135686][ T7316] program syz.3.348 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  267.145478][ T7316] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  267.498217][ T7302] loop4: detected capacity change from 0 to 4096
[  267.539246][ T7302] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512).
[  267.587333][ T7324] loop2: detected capacity change from 0 to 1024
[  267.621259][ T7323] loop1: detected capacity change from 0 to 8
[  267.750777][ T5230] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  267.857080][ T7302] ntfs3: loop4: Mark volume as dirty due to NTFS errors
[  268.839824][ T7335] xt_CONNSECMARK: invalid mode: 0
[  268.940688][ T7335] hfsplus: bad catalog entry type
[  269.207079][ T5236] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  269.482480][ T7343] loop0: detected capacity change from 0 to 128
[  269.491028][ T7343] vfat: Unknown parameter 'U'
[  270.292362][ T5236] usb 2-1: Using ep0 maxpacket: 16
[  270.329394][ T5236] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  270.385835][ T5236] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  270.431149][ T5236] usb 2-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  270.471446][ T5236] usb 2-1: Manufacturer: syz
[  270.500006][ T5236] usb 2-1: config 0 descriptor??
[  273.548958][   T35] hfsplus: b-tree write err: -5, ino 4
[  274.706988][ T5276] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  275.435075][ T5236] usb 2-1: can't set config #0, error -71
[  275.463466][ T5236] usb 2-1: USB disconnect, device number 7
[  276.769792][ T7361] vivid-007: kernel_thread() failed
[  276.947299][ T7355] fuse: Unknown parameter '0xffffffffffffffff'
[  278.193124][ T7382] loop0: detected capacity change from 0 to 256
[  278.207378][ T7382] exfat: Unknown parameter 'iocharset?ascii'
[  278.368230][ T7385] ip6gretap0 speed is unknown, defaulting to 1000
[  278.390172][ T7385] ip6gretap0 speed is unknown, defaulting to 1000
[  278.439886][ T7385] ip6gretap0 speed is unknown, defaulting to 1000
[  279.020460][ T7385] infiniband syz2: set active
[  279.025328][ T7385] infiniband syz2: added ip6gretap0
[  279.031372][ T7385] syz2: rxe_create_cq: returned err = -12
[  279.037491][ T7385] infiniband syz2: Couldn't create ib_mad CQ
[  279.043579][ T7385] infiniband syz2: Couldn't open port 1
[  279.069097][ T5307] ip6gretap0 speed is unknown, defaulting to 1000
[  279.091500][ T7385] RDS/IB: syz2: added
[  279.096261][ T7385] smc: adding ib device syz2 with port count 1
[  279.102649][ T7385] smc:    ib device syz2 port 1 has pnetid 
[  279.111506][ T7385] ip6gretap0 speed is unknown, defaulting to 1000
[  279.170313][ T7385] ip6gretap0 speed is unknown, defaulting to 1000
[  279.228435][ T7385] ip6gretap0 speed is unknown, defaulting to 1000
[  279.284378][ T7385] ip6gretap0 speed is unknown, defaulting to 1000
[  279.340547][ T7385] ip6gretap0 speed is unknown, defaulting to 1000
[  279.404160][ T6350] ip6gretap0 speed is unknown, defaulting to 1000
[  279.462151][ T7382] loop0: detected capacity change from 0 to 16
[  279.691268][ T7382] erofs: (device loop0): mounted with root inode @ nid 36.
[  279.763695][ T7382] syz.0.363: attempt to access beyond end of device
[  279.763695][ T7382] loop0: rw=0, sector=4294967295, nr_sectors = 1 limit=16
[  279.897760][ T5237] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  279.946847][ T5237] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  279.967070][ T5237] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  279.988488][ T5237] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  279.997724][ T5237] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  280.005613][ T5237] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  280.163310][ T7394] wg0 speed is unknown, defaulting to 1000
[  280.299258][ T7394] ip6gretap0 speed is unknown, defaulting to 1000
[  280.695404][   T73] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.838619][ T7407] openvswitch: netlink: Missing key (keys=8040, expected=200000)
[  281.836009][   T73] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  282.219172][ T5230] Bluetooth: hci3: command tx timeout
[  282.778829][ T7422] loop4: detected capacity change from 0 to 128
[  282.940500][   T29] kauditd_printk_skb: 61 callbacks suppressed
[  282.940519][   T29] audit: type=1800 audit(1723792878.755:208): pid=7422 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.371" name="bus" dev="loop4" ino=1048635 res=0 errno=0
[  283.001509][   T73] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  283.024360][ T7426] netlink: 4 bytes leftover after parsing attributes in process `syz.0.372'.
[  283.210500][ T5276] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  283.600863][ T7425] wg0 speed is unknown, defaulting to 1000
[  284.215425][ T7425] ip6gretap0 speed is unknown, defaulting to 1000
[  284.227716][ T5230] Bluetooth: hci3: command tx timeout
[  284.784404][   T73] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  285.087014][ T5276] usb 2-1: device not accepting address 8, error -71
[  285.544057][ T7394] chnl_net:caif_netlink_parms(): no params data found
[  285.674151][ T7486] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.376'.
[  285.705928][   T73] bridge_slave_1: left allmulticast mode
[  285.712739][   T73] bridge_slave_1: left promiscuous mode
[  285.723930][   T73] bridge0: port 2(bridge_slave_1) entered disabled state
[  285.743613][   T73] bridge_slave_0: left allmulticast mode
[  285.750989][   T73] bridge_slave_0: left promiscuous mode
[  285.767261][ T5236] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  285.795481][   T73] bridge0: port 1(bridge_slave_0) entered disabled state
[  285.902695][   T29] audit: type=1326 audit(1723792881.715:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7485 comm="syz.3.376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e1b5799b9 code=0x7fc00000
[  285.988704][ T5236] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  286.045631][ T5236] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  286.097615][ T5236] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  286.123664][ T5236] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  286.133948][ T5236] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  286.171124][ T5236] usb 5-1: config 0 descriptor??
[  286.307061][ T5230] Bluetooth: hci3: command tx timeout
[  286.409466][ T7484] syz.4.374 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  286.560082][   T29] audit: type=1326 audit(1723792882.375:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7485 comm="syz.3.376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f7e1b5799b9 code=0x7fc00000
[  286.609717][   T29] audit: type=1326 audit(1723792882.395:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7485 comm="syz.3.376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e1b5799b9 code=0x7fc00000
[  286.647403][   T29] audit: type=1326 audit(1723792882.405:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7485 comm="syz.3.376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e1b5799b9 code=0x7fc00000
[  286.688327][   T29] audit: type=1326 audit(1723792882.405:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7485 comm="syz.3.376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e1b5799b9 code=0x7fc00000
[  286.728174][ T5236] plantronics 0003:047F:FFFF.0007: No inputs registered, leaving
[  286.742610][   T29] audit: type=1326 audit(1723792882.405:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7485 comm="syz.3.376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e1b5799b9 code=0x7fc00000
[  286.788320][ T5236] plantronics 0003:047F:FFFF.0007: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  286.798525][   T29] audit: type=1326 audit(1723792882.405:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7485 comm="syz.3.376" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e1b5799b9 code=0x7fc00000
[  286.940348][ T7508] loop3: detected capacity change from 0 to 4096
[  287.015716][ T6350] usb 5-1: USB disconnect, device number 3
[  287.072687][ T7509] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  287.119117][ T7508] openvswitch: netlink: Key 0 has unexpected len 4 expected 0
[  287.139123][   T73] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  287.161415][   T73] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  287.182704][   T73] bond0 (unregistering): Released all slaves
[  287.330276][   T73] IPVS: stopping master sync thread 7237 ...
[  287.470304][ T7394] bridge0: port 1(bridge_slave_0) entered blocking state
[  287.486362][ T7394] bridge0: port 1(bridge_slave_0) entered disabled state
[  287.494242][ T7394] bridge_slave_0: entered allmulticast mode
[  287.507104][ T5276] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  287.544193][ T7394] bridge_slave_0: entered promiscuous mode
[  287.589272][ T7394] bridge0: port 2(bridge_slave_1) entered blocking state
[  287.597617][ T7394] bridge0: port 2(bridge_slave_1) entered disabled state
[  287.646097][ T7394] bridge_slave_1: entered allmulticast mode
[  287.718513][ T5276] usb 4-1: New USB device found, idVendor=2040, idProduct=5530, bcdDevice=a8.82
[  287.721032][ T7394] bridge_slave_1: entered promiscuous mode
[  287.735185][ T5276] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  287.765800][ T5276] usb 4-1: config 0 descriptor??
[  287.780578][ T7519] loop4: detected capacity change from 0 to 2048
[  287.808828][ T5276] smsusb:smsusb_probe: board id=8, interface number 0
[  287.815719][ T5276] smsusb:smsusb_probe: Device initialized with return code -19
[  287.842245][ T7519] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  287.923787][ T7519] netlink: 104 bytes leftover after parsing attributes in process `syz.4.379'.
[  287.956090][ T7394] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  287.965387][ T6350] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  287.983505][ T7394] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  288.017039][ T5236] usb 4-1: USB disconnect, device number 8
[  288.160442][ T7394] team0: Port device team_slave_0 added
[  288.181169][ T7394] team0: Port device team_slave_1 added
[  288.358946][ T6350] usb 2-1: config 97 has an invalid interface descriptor of length 3, skipping
[  288.371921][ T6350] usb 2-1: config 97 has an invalid descriptor of length 0, skipping remainder of the config
[  288.387140][ T5230] Bluetooth: hci3: command tx timeout
[  288.395453][ T6350] usb 2-1: config 97 has 0 interfaces, different from the descriptor's value: 1
[  288.407060][ T6350] usb 2-1: New USB device found, idVendor=0480, idProduct=d010, bcdDevice=17.4d
[  288.416155][ T6350] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  288.478153][   T73] hsr_slave_0: left promiscuous mode
[  288.491043][   T73] hsr_slave_1: left promiscuous mode
[  288.508064][   T73] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  288.531325][   T73] batman_adv: batadv0: Removing interface: batadv_slave_0
[  288.562383][   T73] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  288.592100][   T73] batman_adv: batadv0: Removing interface: batadv_slave_1
[  288.656627][ T6350] usb 2-1: string descriptor 0 read error: -71
[  288.663112][   T73] veth1_macvtap: left promiscuous mode
[  288.671133][   T73] veth0_macvtap: left promiscuous mode
[  288.684132][ T6350] usb 2-1: USB disconnect, device number 10
[  288.702433][   T73] veth1_vlan: left promiscuous mode
[  288.715108][   T73] veth0_vlan: left promiscuous mode
[  290.252195][   T73] team0 (unregistering): Port device team_slave_1 removed
[  290.407585][   T73] team0 (unregistering): Port device team_slave_0 removed
[  291.703258][ T7394] batman_adv: batadv0: Adding interface: batadv_slave_0
[  291.712064][ T7394] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  291.741818][ T7394] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  291.760395][ T7394] batman_adv: batadv0: Adding interface: batadv_slave_1
[  291.767549][ T7394] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  291.796704][ T7394] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  292.066357][ T7561] loop4: detected capacity change from 0 to 16
[  292.082994][ T7394] hsr_slave_0: entered promiscuous mode
[  292.102537][ T7561] erofs: (device loop4): mounted with root inode @ nid 36.
[  292.121982][ T7563] loop0: detected capacity change from 0 to 256
[  292.129835][ T7394] hsr_slave_1: entered promiscuous mode
[  292.135620][ T7563] FAT-fs (loop0): bogus sectors per cluster 223
[  292.144291][ T7563] FAT-fs (loop0): Can't find a valid FAT filesystem
[  292.174144][ T7394] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  292.207323][ T7394] Cannot create hsr debugfs directory
[  292.460786][ T7568] loop0: detected capacity change from 0 to 8
[  292.999252][ T5280] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  293.331532][ T5280] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x9 has an invalid bInterval 0, changing to 7
[  293.461927][ T5280] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 51, changing to 9
[  293.537717][ T5280] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 33540, setting to 1024
[  293.573757][ T5280] usb 2-1: New USB device found, idVendor=05ac, idProduct=030a, bcdDevice=65.8c
[  293.615227][ T5280] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  293.757897][ T5276] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  293.809325][ T5280] usb 2-1: config 0 descriptor??
[  293.865547][ T5280] appletouch 2-1:0.0: Could not find int-in endpoint
[  294.281152][ T7583] loop4: detected capacity change from 0 to 32768
[  294.293421][ T7583] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.391 (7583)
[  294.313710][ T5280] appletouch 2-1:0.0: probe with driver appletouch failed with error -5
[  294.323197][ T5280] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[  294.338617][ T7583] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  294.349644][ T7583] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  294.358376][ T7583] BTRFS info (device loop4): using free-space-tree
[  294.417947][ T5276] usb 1-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  294.447405][ T5276] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2
[  294.457355][ T5276] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  294.472861][ T5276] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  294.482433][ T5276] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  294.490911][ T5276] usb 1-1: Product: syz
[  294.495073][ T5276] usb 1-1: Manufacturer: syz
[  294.499779][ T5276] usb 1-1: SerialNumber: syz
[  294.511178][ T5276] cdc_ncm 1-1:1.0: CDC Union missing and no IAD found
[  294.522559][ T5276] cdc_ncm 1-1:1.0: bind() failure
[  294.823688][ T6460] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  294.881826][ T5236] usb 1-1: USB disconnect, device number 10
[  295.135903][ T7559] bridge0: port 2(bridge_slave_1) entered disabled state
[  295.194713][ T7559] bridge_slave_1: left allmulticast mode
[  295.237214][ T7559] bridge_slave_1: left promiscuous mode
[  295.244973][ T7559] bridge0: port 2(bridge_slave_1) entered disabled state
[  295.339100][ T5280] usb 2-1: USB disconnect, device number 11
[  295.466099][ T7613] loop4: detected capacity change from 0 to 2048
[  295.489765][ T7613] udf: Bad value for 'gid'
[  296.379583][   T29] audit: type=1326 audit(1723792892.195:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7619 comm="syz.0.396" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f10547799b9 code=0x0
[  297.195553][ T7624] loop0: detected capacity change from 0 to 512
[  297.226110][ T7624] EXT4-fs (loop0): blocks per group (34) and clusters per group (32768) inconsistent
[  297.537906][ T7629] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  297.547563][ T7629] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  297.556463][ T7629] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  297.565355][ T7629] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  297.675858][ T7394] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  297.715183][ T7636] loop0: detected capacity change from 0 to 64
[  297.744909][ T7394] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  297.765586][ T7636] hfs: unable to parse mount options
[  298.577552][ T7394] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  298.715850][ T7636] EXT4-fs warning (device sda1): verify_group_input:137: Cannot add at group 262161 (only 8 groups)
[  298.778682][ T7394] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  298.935106][ T7640] loop4: detected capacity change from 0 to 1024
[  299.021800][ T7394] 8021q: adding VLAN 0 to HW filter on device bond0
[  299.038831][   T29] audit: type=1326 audit(1723792894.815:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7651 comm="syz.3.401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e1b5799b9 code=0x7ffc0000
[  299.110506][ T7394] 8021q: adding VLAN 0 to HW filter on device team0
[  299.128143][   T29] audit: type=1326 audit(1723792894.815:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7651 comm="syz.3.401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e1b5799b9 code=0x7ffc0000
[  299.186203][ T1284] bridge0: port 1(bridge_slave_0) entered blocking state
[  299.193403][ T1284] bridge0: port 1(bridge_slave_0) entered forwarding state
[  299.198850][   T29] audit: type=1326 audit(1723792894.815:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7651 comm="syz.3.401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f7e1b5799b9 code=0x7ffc0000
[  299.296340][ T1284] bridge0: port 2(bridge_slave_1) entered blocking state
[  299.303548][ T1284] bridge0: port 2(bridge_slave_1) entered forwarding state
[  299.312460][   T29] audit: type=1326 audit(1723792894.815:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7651 comm="syz.3.401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e1b5799b9 code=0x7ffc0000
[  299.375031][   T29] audit: type=1326 audit(1723792894.815:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7651 comm="syz.3.401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e1b5799b9 code=0x7ffc0000
[  299.488494][   T29] audit: type=1326 audit(1723792894.825:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7651 comm="syz.3.401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7e1b5799b9 code=0x7ffc0000
[  299.552407][   T29] audit: type=1326 audit(1723792894.825:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7651 comm="syz.3.401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e1b5799b9 code=0x7ffc0000
[  299.575640][ T7660] loop4: detected capacity change from 0 to 4096
[  299.576216][   T29] audit: type=1326 audit(1723792894.825:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7651 comm="syz.3.401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e1b5799b9 code=0x7ffc0000
[  299.659752][ T7660] NILFS (loop4): invalid segment: Checksum error in segment payload
[  299.714801][ T7660] NILFS (loop4): trying rollback from an earlier position
[  300.092295][   T29] audit: type=1326 audit(1723792894.825:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7651 comm="syz.3.401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7e1b5799b9 code=0x7ffc0000
[  300.242606][ T7660] NILFS (loop4): recovery complete
[  300.282641][ T7672] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  300.400745][ T7394] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  301.268393][ T7660] x_tables: duplicate underflow at hook 3
[  301.423097][ T7692] loop3: detected capacity change from 0 to 256
[  301.524627][ T7695] netlink: 132 bytes leftover after parsing attributes in process `syz.0.407'.
[  301.566651][ T7692] FAT-fs (loop3): Directory bread(block 64) failed
[  301.592707][ T7692] FAT-fs (loop3): Directory bread(block 65) failed
[  301.605559][ T7394] 8021q: adding VLAN 0 to HW filter on device batadv0
[  301.629290][ T7692] FAT-fs (loop3): Directory bread(block 66) failed
[  301.678431][ T7692] FAT-fs (loop3): Directory bread(block 67) failed
[  301.687615][ T7692] FAT-fs (loop3): Directory bread(block 68) failed
[  301.705428][ T7692] FAT-fs (loop3): Directory bread(block 69) failed
[  301.726320][ T7692] FAT-fs (loop3): Directory bread(block 70) failed
[  301.757566][ T7692] FAT-fs (loop3): Directory bread(block 71) failed
[  301.780548][ T7702] loop4: detected capacity change from 0 to 1024
[  301.797576][ T7692] FAT-fs (loop3): Directory bread(block 72) failed
[  301.802534][ T7704] loop1: detected capacity change from 0 to 256
[  301.804131][ T7692] FAT-fs (loop3): Directory bread(block 73) failed
[  301.836390][ T7394] veth0_vlan: entered promiscuous mode
[  301.883190][ T7704] FAT-fs (loop1): bogus number of directory entries (4)
[  301.888040][ T7394] veth1_vlan: entered promiscuous mode
[  301.961522][ T7704] FAT-fs (loop1): Can't find a valid FAT filesystem
[  301.996119][ T7394] veth0_macvtap: entered promiscuous mode
[  302.041222][ T7394] veth1_macvtap: entered promiscuous mode
[  302.106325][ T7394] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  302.130198][ T7394] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  302.170855][ T7394] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  302.224437][ T7394] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  302.254357][ T7711] Cannot find del_set index 2 as target
[  302.278032][ T7394] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  302.296292][ T7711] overlay: ./file0 is not a directory
[  302.298174][ T7394] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  302.336191][ T7394] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  302.355285][ T7394] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  302.418530][ T7718] xt_CT: You must specify a L4 protocol and not use inversions on it
[  303.243719][ T7394] batman_adv: batadv0: Interface activated: batadv_slave_0
[  303.320654][ T7725] loop0: detected capacity change from 0 to 256
[  303.339442][ T7394] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  303.394815][ T7394] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  303.417058][ T7394] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  303.443198][ T7394] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  303.456394][ T7394] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  303.468856][ T7394] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  303.584818][ T7394] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  303.612318][ T7394] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  303.628293][ T7394] batman_adv: batadv0: Interface activated: batadv_slave_1
[  304.227089][ T5237] Bluetooth: hci5: command 0x0406 tx timeout
[  304.311893][ T7394] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  304.320853][ T7394] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  304.329780][ T7394] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  304.342715][ T7394] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  304.343509][ T7463] hfsplus: b-tree write err: -5, ino 4
[  304.448939][ T7463] hfsplus: b-tree write err: -5, ino 8
[  304.511368][ T7735] af_packet: tpacket_rcv: packet too big, clamped from 59658 to 3956. macoff=92
[  304.679882][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  304.694660][ T7741] loop1: detected capacity change from 0 to 512
[  304.716029][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  304.834689][ T7741] EXT4-fs error (device loop1): mb_free_blocks:1948: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt.
[  304.892720][ T1284] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  304.944525][ T1284] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  305.065043][ T7741] EXT4-fs (loop1): 1 truncate cleaned up
[  305.083490][ T7741] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  305.102361][ T7761] netlink: 12 bytes leftover after parsing attributes in process `syz.3.418'.
[  305.113941][ T5276] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  305.184648][ T7741] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  305.392489][ T5276] usb 5-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  305.440336][ T5276] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  305.467768][ T5276] usb 5-1: Product: syz
[  305.476640][ T5276] usb 5-1: Manufacturer: syz
[  305.501165][ T5276] usb 5-1: SerialNumber: syz
[  305.523471][ T5276] usb 5-1: config 0 descriptor??
[  305.544070][ T5276] ch341 5-1:0.0: ch341-uart converter detected
[  305.572948][ T7466] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  305.900484][ T7466] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  305.993757][ T7778] netlink: 8 bytes leftover after parsing attributes in process `syz.1.422'.
[  306.020270][ T7775] loop2: detected capacity change from 0 to 512
[  306.033298][ T7778] netlink: 16 bytes leftover after parsing attributes in process `syz.1.422'.
[  306.073219][ T7778] gtp0: entered promiscuous mode
[  306.097565][ T7778] gtp0: entered allmulticast mode
[  306.166259][ T7775] EXT4-fs (loop2): 1 truncate cleaned up
[  306.237973][ T7775] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  306.364878][ T7775] EXT4-fs error (device loop2): ext4_add_entry:2435: inode #2: comm syz.2.362: Directory hole found for htree leaf block 0
[  306.378756][    T8] usb 2-1: new full-speed USB device number 12 using dummy_hcd
[  306.451407][ T7466] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  306.542088][ T7777] EXT4-fs error (device loop2): ext4_add_entry:2435: inode #2: comm syz.2.362: Directory hole found for htree leaf block 0
[  306.589312][ T5237] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  306.605532][ T5237] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  306.617694][ T5237] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  306.636384][ T7775] EXT4-fs error (device loop2): ext4_add_entry:2435: inode #2: comm syz.2.362: Directory hole found for htree leaf block 0
[  306.646332][ T5237] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  306.650906][ T7791] EXT4-fs error (device loop2): ext4_add_entry:2435: inode #2: comm syz.2.362: Directory hole found for htree leaf block 0
[  306.674839][    T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xE has an invalid bInterval 0, changing to 10
[  306.687118][ T5237] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  306.694577][ T5237] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  306.705952][ T7794] EXT4-fs error (device loop2): ext4_add_entry:2435: inode #2: comm syz.2.362: Directory hole found for htree leaf block 0
[  306.737369][    T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xE has invalid wMaxPacketSize 0
[  306.757282][    T8] usb 2-1: New USB device found, idVendor=0582, idProduct=28e8, bcdDevice=f5.06
[  306.766791][    T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  306.779381][    T8] usb 2-1: Product: syz
[  306.783902][    T8] usb 2-1: Manufacturer: syz
[  306.789938][    T8] usb 2-1: SerialNumber: syz
[  306.802746][    T8] usb 2-1: config 0 descriptor??
[  306.904335][ T7466] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  306.999593][ T7394] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  307.091595][ T7793] wg0 speed is unknown, defaulting to 1000
[  307.125457][ T7793] ip6gretap0 speed is unknown, defaulting to 1000
[  307.187482][ T5276] usb 5-1: failed to send control message: -110
[  307.216486][ T5276] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -110
[  307.249200][ T7801] loop3: detected capacity change from 0 to 512
[  307.293015][ T7801] EXT4-fs (loop3): Test dummy encryption mode enabled
[  307.314741][    T8] usb 2-1: USB disconnect, device number 12
[  307.390794][ T7801] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2240: inode #12: comm syz.3.424: corrupted in-inode xattr: invalid ea_ino
[  307.452558][ T7801] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.424: couldn't read orphan inode 12 (err -117)
[  307.453855][ T5245] udevd[5245]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  307.553693][ T7466] bridge_slave_1: left allmulticast mode
[  307.554590][ T7801] EXT4-fs (loop3): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  307.585654][ T7466] bridge_slave_1: left promiscuous mode
[  307.599670][ T7466] bridge0: port 2(bridge_slave_1) entered disabled state
[  307.785781][ T7466] bridge_slave_0: left allmulticast mode
[  307.794500][ T7466] bridge_slave_0: left promiscuous mode
[  307.801070][ T7466] bridge0: port 1(bridge_slave_0) entered disabled state
[  308.965941][ T5237] Bluetooth: hci0: command tx timeout
[  308.997295][ T5307] usb 5-1: USB disconnect, device number 4
[  309.213508][ T5307] ch341 5-1:0.0: device disconnected
[  310.217830][ T7808] fscrypt (loop3): Missing crypto API support for AES-256-CBC-CTS (API name: "cts(cbc(aes))")
[  310.491744][ T5228] EXT4-fs (loop3): unmounting filesystem 00000005-0000-0000-0000-000000000000.
[  311.032806][ T5237] Bluetooth: hci0: command tx timeout
[  311.206298][ T7837] loop2: detected capacity change from 0 to 1024
[  313.109974][ T5237] Bluetooth: hci0: command tx timeout
[  313.785547][ T7849] loop4: detected capacity change from 0 to 16
[  313.819922][ T7849] erofs: (device loop4): mounted with root inode @ nid 36.
[  314.670161][   T29] kauditd_printk_skb: 59 callbacks suppressed
[  314.670183][   T29] audit: type=1800 audit(1723792910.485:285): pid=7856 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.434" name="file2" dev="loop4" ino=89 res=0 errno=0
[  314.772801][ T5236] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  315.023946][ T5236] usb 4-1: Using ep0 maxpacket: 32
[  315.035676][ T5236] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  315.058761][ T5236] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  315.197104][ T5237] Bluetooth: hci0: command tx timeout
[  315.725119][ T5236] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  315.734404][ T5236] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  315.789611][ T5236] usb 4-1: config 0 descriptor??
[  315.805698][ T5236] hub 4-1:0.0: USB hub found
[  315.941250][ T7466] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  315.964615][ T7466] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  315.979556][ T7466] bond0 (unregistering): Released all slaves
[  316.015037][ T5236] hub 4-1:0.0: 1 port detected
[  316.034065][ T7863] netlink: 8 bytes leftover after parsing attributes in process `syz.2.435'.
[  316.294771][ T7872] loop1: detected capacity change from 0 to 64
[  316.302143][ T7873] loop2: detected capacity change from 0 to 128
[  316.472525][ T7872] MINIX-fs: bad superblock
[  317.374136][ T5236] hub 4-1:0.0: activate --> -90
[  317.508322][ T1268] ieee802154 phy0 wpan0: encryption failed: -22
[  317.514696][ T1268] ieee802154 phy1 wpan1: encryption failed: -22
[  317.772484][ T5278] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  317.813966][ T7793] chnl_net:caif_netlink_parms(): no params data found
[  317.829032][ T5307] usb 4-1: USB disconnect, device number 9
[  318.077468][ T5236] usb 4-1-port1: config error
[  318.213008][ T5278] usb 2-1: Using ep0 maxpacket: 8
[  318.224205][ T5278] usb 2-1: config 0 has an invalid interface number: 85 but max is 0
[  318.236982][ T5278] usb 2-1: config 0 has an invalid descriptor of length 253, skipping remainder of the config
[  318.257008][ T5278] usb 2-1: config 0 has no interface number 0
[  318.263159][ T5278] usb 2-1: too many endpoints for config 0 interface 85 altsetting 213: 172, using maximum allowed: 30
[  318.381749][ T7905] netlink: 8 bytes leftover after parsing attributes in process `syz.4.443'.
[  318.411916][ T7905] x_tables: ip_tables: REDIRECT target: used from hooks INPUT, but only usable from PREROUTING/OUTPUT
[  318.458458][ T7905] loop4: detected capacity change from 0 to 512
[  318.534974][ T7905] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a842c01c, mo2=0002]
[  318.543478][ T7905] System zones: 0-2, 18-18, 34-35
[  318.560999][ T7905] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  318.574076][ T7905] ext4 filesystem being mounted at /40/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  318.757845][ T5278] usb 2-1: config 0 interface 85 altsetting 213 has 0 endpoint descriptors, different from the interface descriptor's value: 172
[  318.917523][ T7466] hsr_slave_0: left promiscuous mode
[  318.937066][ T5278] usb 2-1: config 0 interface 85 has no altsetting 0
[  318.987541][ T7466] hsr_slave_1: left promiscuous mode
[  319.008798][ T5278] usb 2-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a
[  319.028538][ T6460] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  319.039108][ T6350] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  319.047562][ T5278] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  319.067131][ T7466] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  319.075963][ T7466] batman_adv: batadv0: Removing interface: batadv_slave_0
[  319.091426][ T5278] usb 2-1: config 0 descriptor??
[  319.098115][ T7466] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  319.107689][ T7466] batman_adv: batadv0: Removing interface: batadv_slave_1
[  319.559541][ T7466] veth1_macvtap: left promiscuous mode
[  319.721323][ T7466] veth0_macvtap: left promiscuous mode
[  319.809802][ T7466] veth1_vlan: left promiscuous mode
[  319.822108][ T7466] veth0_vlan: left promiscuous mode
[  319.849362][ T7920] xt_limit: Overflow, try lower: 0/0
[  319.872038][ T5278] usb 2-1: string descriptor 0 read error: -71
[  319.923917][ T5278] gspca_main: vc032x-2.14.0 probing 046d:0892
[  319.930794][ T6350] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  319.950791][ T6350] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  319.963723][ T6350] usb 3-1: Product: syz
[  319.976667][ T6350] usb 3-1: Manufacturer: syz
[  319.995908][ T7922] ------------[ cut here ]------------
[  319.997052][ T5278] gspca_vc032x: reg_r err -71
[  320.002347][ T7922] WARNING: CPU: 1 PID: 7922 at include/linux/memcontrol.h:373 folio_memcg+0x111/0x220
[  320.006520][ T5278] vc032x 2-1:0.85: probe with driver vc032x failed with error -71
[  320.016290][ T7922] Modules linked in:
[  320.028340][ T7922] CPU: 1 UID: 0 PID: 7922 Comm: syz.4.446 Not tainted 6.11.0-rc3-next-20240816-syzkaller #0
[  320.038517][ T7922] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  320.048845][ T7922] RIP: 0010:folio_memcg+0x111/0x220
[  320.054240][ T7922] Code: 10 48 89 d8 48 c1 e8 03 42 80 3c 20 00 74 08 48 89 df e8 e2 2f f8 ff 48 8b 1b 48 89 d8 5b 41 5c 41 5e 41 5f c3 cc cc cc cc 90 <0f> 0b 90 eb ce 44 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 55 ff ff ff
[  320.074142][ T7922] RSP: 0018:ffffc900048869e0 EFLAGS: 00010246
[  320.080320][ T7922] RAX: 0000000000000000 RBX: ffff888027d3f100 RCX: 0000000080000000
[  320.088430][ T7922] RDX: 0000000000000000 RSI: ffffffff8c0adfc0 RDI: ffffffff8c60a8c0
[  320.096432][ T7922] RBP: ffffea0001410008 R08: ffffffff9018c5af R09: 1ffffffff20318b5
[  320.104493][ T7922] R10: dffffc0000000000 R11: fffffbfff20318b6 R12: dffffc0000000000
[  320.112577][ T7922] R13: 0000000000800018 R14: ffffea0001410000 R15: ffffea0001410030
[  320.119878][ T5278] usb 2-1: USB disconnect, device number 13
[  320.120626][ T7922] FS:  00007f6dd99f96c0(0000) GS:ffff8880b9100000(0000) knlGS:0000000000000000
[  320.135486][ T7922] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  320.142424][ T7922] CR2: 00007efd279eb980 CR3: 0000000067664000 CR4: 00000000003506f0
[  320.150959][ T7922] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  320.159384][ T7922] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  320.167781][ T7922] Call Trace:
[  320.171085][ T7922]  <TASK>
[  320.174030][ T7922]  ? __warn+0x163/0x4e0
[  320.178555][ T7922]  ? folio_memcg+0x111/0x220
[  320.183179][ T7922]  ? report_bug+0x2b3/0x500
[  320.187852][ T7922]  ? folio_memcg+0x111/0x220
[  320.192569][ T7922]  ? handle_bug+0x60/0x90
[  320.196988][ T7922]  ? exc_invalid_op+0x1a/0x50
[  320.201702][ T7922]  ? asm_exc_invalid_op+0x1a/0x20
[  320.206772][ T7922]  ? folio_memcg+0x111/0x220
[  320.211475][ T7922]  split_page_memcg+0x58/0x3f0
[  320.216270][ T7922]  ? split_page+0x205/0x230
[  320.220867][ T7922]  __vmalloc_node_range_noprof+0xa63/0x1400
[  320.226818][ T7922]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  320.233575][ T7922]  ? rcu_is_watching+0x15/0xb0
[  320.238491][ T7922]  ? trace_kmalloc+0x1f/0xd0
[  320.243114][ T7922]  ? __kmalloc_node_noprof+0x247/0x440
[  320.248664][ T7922]  ? __kvmalloc_node_noprof+0x72/0x1b0
[  320.254153][ T7922]  __kvmalloc_node_noprof+0x142/0x1b0
[  320.259822][ T7922]  ? hash_netport_create+0x356/0x1040
[  320.265232][ T7922]  hash_netport_create+0x356/0x1040
[  320.270728][ T7922]  ? __pfx_hash_netport_create+0x10/0x10
[  320.276447][ T7922]  ip_set_create+0xa5c/0x1900
[  320.281239][ T7922]  ? ip_set_create+0x45e/0x1900
[  320.286118][ T7922]  ? __pfx___mutex_trylock_common+0xa/0x10
[  320.292023][ T7922]  ? __pfx_ip_set_create+0x10/0x10
[  320.297218][ T7922]  ? trace_contention_end+0x3c/0x120
[  320.302569][ T7922]  ? nfnetlink_rcv_msg+0x225/0x1180
[  320.307853][ T7922]  nfnetlink_rcv_msg+0xbec/0x1180
[  320.312907][ T7922]  ? nfnetlink_rcv_msg+0x225/0x1180
[  320.318197][ T7922]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  320.323693][ T7922]  ? stack_trace_save+0x118/0x1d0
[  320.328860][ T7922]  ? dev_hard_start_xmit+0x27a/0x7e0
[  320.334167][ T7922]  ? __dev_queue_xmit+0x1b63/0x3e90
[  320.339437][ T7922]  ? __netlink_deliver_tap+0x54d/0x7c0
[  320.344918][ T7922]  ? netlink_deliver_tap+0x19d/0x1b0
[  320.350510][ T7922]  ? netlink_unicast+0x7c4/0x990
[  320.355484][ T7922]  ? netlink_sendmsg+0x8e4/0xcb0
[  320.360666][ T7922]  ? __sock_sendmsg+0x221/0x270
[  320.365580][ T7922]  ? ____sys_sendmsg+0x525/0x7d0
[  320.370614][ T7922]  ? __sys_sendmsg+0x298/0x390
[  320.375421][ T7922]  netlink_rcv_skb+0x1e3/0x430
[  320.380275][ T7922]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  320.385774][ T7922]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  320.391172][ T7922]  ? apparmor_capable+0x13b/0x1b0
[  320.396237][ T7922]  ? bpf_lsm_capable+0x9/0x10
[  320.401018][ T7922]  ? security_capable+0x90/0xb0
[  320.405913][ T7922]  nfnetlink_rcv+0x297/0x2ad0
[  320.410708][ T7922]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  320.416471][ T7922]  ? __dev_queue_xmit+0x2da/0x3e90
[  320.421689][ T7922]  ? __dev_queue_xmit+0x1763/0x3e90
[  320.426972][ T7922]  ? kasan_save_track+0x51/0x80
[  320.431860][ T7922]  ? do_syscall_64+0xf3/0x230
[  320.436570][ T7922]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  320.441803][ T7922]  ? __dev_queue_xmit+0x2da/0x3e90
[  320.446996][ T7922]  ? __pfx___dev_queue_xmit+0x10/0x10
[  320.452633][ T7922]  ? ref_tracker_free+0x643/0x7e0
[  320.457870][ T7922]  ? __asan_memcpy+0x40/0x70
[  320.462488][ T7922]  ? __pfx_ref_tracker_free+0x10/0x10
[  320.467083][ T5280] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  320.467945][ T7922]  ? netlink_deliver_tap+0x2e/0x1b0
[  320.480744][ T7922]  ? skb_clone+0x240/0x390
[  320.482565][ T7931] loop1: detected capacity change from 0 to 2048
[  320.485171][ T7922]  ? __pfx_lock_release+0x10/0x10
[  320.485207][ T7922]  ? __netlink_deliver_tap+0x77e/0x7c0
[  320.502140][ T7922]  ? netlink_deliver_tap+0x2e/0x1b0
[  320.507447][ T7922]  netlink_unicast+0x7f6/0x990
[  320.512253][ T7922]  ? __pfx_netlink_unicast+0x10/0x10
[  320.517640][ T7922]  ? __virt_addr_valid+0x183/0x530
[  320.522794][ T7922]  ? __check_object_size+0x49c/0x900
[  320.528183][ T7922]  ? bpf_lsm_netlink_send+0x9/0x10
[  320.533341][ T7922]  netlink_sendmsg+0x8e4/0xcb0
[  320.538229][ T7922]  ? __pfx_netlink_sendmsg+0x10/0x10
[  320.543553][ T7922]  ? __import_iovec+0x536/0x820
[  320.548514][ T7922]  ? aa_sock_msg_perm+0x91/0x160
[  320.553491][ T7922]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  320.554579][ T7931] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  320.559066][ T7922]  ? security_socket_sendmsg+0x87/0xb0
[  320.559102][ T7922]  ? __pfx_netlink_sendmsg+0x10/0x10
[  320.559128][ T7922]  __sock_sendmsg+0x221/0x270
[  320.559156][ T7922]  ____sys_sendmsg+0x525/0x7d0
[  320.559194][ T7922]  ? __pfx_____sys_sendmsg+0x10/0x10
[  320.559232][ T7922]  __sys_sendmsg+0x298/0x390
[  320.559257][ T7922]  ? __pfx___sys_sendmsg+0x10/0x10
[  320.559320][ T7922]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  320.559350][ T7922]  ? do_syscall_64+0x100/0x230
[  320.559381][ T7922]  ? do_syscall_64+0xb6/0x230
[  320.559409][ T7922]  do_syscall_64+0xf3/0x230
[  320.559434][ T7922]  ? clear_bhb_loop+0x35/0x90
[  320.632128][ T7922]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  320.638121][ T7922] RIP: 0033:0x7f6dd8b799b9
[  320.642572][ T7922] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  320.662469][ T7922] RSP: 002b:00007f6dd99f9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  320.671190][ T7922] RAX: ffffffffffffffda RBX: 00007f6dd8d16130 RCX: 00007f6dd8b799b9
[  320.679256][ T7922] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000009
[  320.686983][ T5280] usb 4-1: Using ep0 maxpacket: 16
[  320.687290][ T7922] RBP: 00007f6dd8be78d8 R08: 0000000000000000 R09: 0000000000000000
[  320.694294][ T5280] usb 4-1: config 0 has an invalid descriptor of length 13, skipping remainder of the config
[  320.700356][ T7922] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  320.700377][ T7922] R13: 0000000000000000 R14: 00007f6dd8d16130 R15: 00007ffd81eb9b28
[  320.700405][ T7922]  </TASK>
[  320.729859][ T7922] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  320.737154][ T7922] CPU: 1 UID: 0 PID: 7922 Comm: syz.4.446 Not tainted 6.11.0-rc3-next-20240816-syzkaller #0
[  320.747235][ T7922] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  320.757315][ T7922] Call Trace:
[  320.760612][ T7922]  <TASK>
[  320.763543][ T7922]  dump_stack_lvl+0x241/0x360
[  320.768227][ T7922]  ? __pfx_dump_stack_lvl+0x10/0x10
[  320.773422][ T7922]  ? __pfx__printk+0x10/0x10
[  320.778011][ T7922]  ? vscnprintf+0x5d/0x90
[  320.782340][ T7922]  panic+0x349/0x870
[  320.786229][ T7922]  ? __warn+0x172/0x4e0
[  320.790378][ T7922]  ? __pfx_panic+0x10/0x10
[  320.794801][ T7922]  __warn+0x346/0x4e0
[  320.798784][ T7922]  ? folio_memcg+0x111/0x220
[  320.803367][ T7922]  report_bug+0x2b3/0x500
[  320.807691][ T7922]  ? folio_memcg+0x111/0x220
[  320.812277][ T7922]  handle_bug+0x60/0x90
[  320.816431][ T7922]  exc_invalid_op+0x1a/0x50
[  320.820937][ T7922]  asm_exc_invalid_op+0x1a/0x20
[  320.825799][ T7922] RIP: 0010:folio_memcg+0x111/0x220
[  320.831009][ T7922] Code: 10 48 89 d8 48 c1 e8 03 42 80 3c 20 00 74 08 48 89 df e8 e2 2f f8 ff 48 8b 1b 48 89 d8 5b 41 5c 41 5e 41 5f c3 cc cc cc cc 90 <0f> 0b 90 eb ce 44 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 55 ff ff ff
[  320.850622][ T7922] RSP: 0018:ffffc900048869e0 EFLAGS: 00010246
[  320.856692][ T7922] RAX: 0000000000000000 RBX: ffff888027d3f100 RCX: 0000000080000000
[  320.864665][ T7922] RDX: 0000000000000000 RSI: ffffffff8c0adfc0 RDI: ffffffff8c60a8c0
[  320.872637][ T7922] RBP: ffffea0001410008 R08: ffffffff9018c5af R09: 1ffffffff20318b5
[  320.880604][ T7922] R10: dffffc0000000000 R11: fffffbfff20318b6 R12: dffffc0000000000
[  320.888576][ T7922] R13: 0000000000800018 R14: ffffea0001410000 R15: ffffea0001410030
[  320.896559][ T7922]  split_page_memcg+0x58/0x3f0
[  320.901333][ T7922]  ? split_page+0x205/0x230
[  320.905828][ T7922]  __vmalloc_node_range_noprof+0xa63/0x1400
[  320.911732][ T7922]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  320.918060][ T7922]  ? rcu_is_watching+0x15/0xb0
[  320.922829][ T7922]  ? trace_kmalloc+0x1f/0xd0
[  320.927418][ T7922]  ? __kmalloc_node_noprof+0x247/0x440
[  320.932878][ T7922]  ? __kvmalloc_node_noprof+0x72/0x1b0
[  320.938331][ T7922]  __kvmalloc_node_noprof+0x142/0x1b0
[  320.943695][ T7922]  ? hash_netport_create+0x356/0x1040
[  320.949070][ T7922]  hash_netport_create+0x356/0x1040
[  320.954275][ T7922]  ? __pfx_hash_netport_create+0x10/0x10
[  320.959920][ T7922]  ip_set_create+0xa5c/0x1900
[  320.964622][ T7922]  ? ip_set_create+0x45e/0x1900
[  320.969495][ T7922]  ? __pfx___mutex_trylock_common+0xa/0x10
[  320.975310][ T7922]  ? __pfx_ip_set_create+0x10/0x10
[  320.980421][ T7922]  ? trace_contention_end+0x3c/0x120
[  320.985723][ T7922]  ? nfnetlink_rcv_msg+0x225/0x1180
[  320.990955][ T7922]  nfnetlink_rcv_msg+0xbec/0x1180
[  320.995977][ T7922]  ? nfnetlink_rcv_msg+0x225/0x1180
[  321.001189][ T7922]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  321.006644][ T7922]  ? stack_trace_save+0x118/0x1d0
[  321.011684][ T7922]  ? dev_hard_start_xmit+0x27a/0x7e0
[  321.016965][ T7922]  ? __dev_queue_xmit+0x1b63/0x3e90
[  321.022161][ T7922]  ? __netlink_deliver_tap+0x54d/0x7c0
[  321.027703][ T7922]  ? netlink_deliver_tap+0x19d/0x1b0
[  321.032982][ T7922]  ? netlink_unicast+0x7c4/0x990
[  321.037914][ T7922]  ? netlink_sendmsg+0x8e4/0xcb0
[  321.042854][ T7922]  ? __sock_sendmsg+0x221/0x270
[  321.047700][ T7922]  ? ____sys_sendmsg+0x525/0x7d0
[  321.052630][ T7922]  ? __sys_sendmsg+0x298/0x390
[  321.057416][ T7922]  netlink_rcv_skb+0x1e3/0x430
[  321.062206][ T7922]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  321.067686][ T7922]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  321.072996][ T7922]  ? apparmor_capable+0x13b/0x1b0
[  321.078029][ T7922]  ? bpf_lsm_capable+0x9/0x10
[  321.082698][ T7922]  ? security_capable+0x90/0xb0
[  321.087550][ T7922]  nfnetlink_rcv+0x297/0x2ad0
[  321.092235][ T7922]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  321.097957][ T7922]  ? __dev_queue_xmit+0x2da/0x3e90
[  321.103067][ T7922]  ? __dev_queue_xmit+0x1763/0x3e90
[  321.108258][ T7922]  ? kasan_save_track+0x51/0x80
[  321.113108][ T7922]  ? do_syscall_64+0xf3/0x230
[  321.117787][ T7922]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  321.122904][ T7922]  ? __dev_queue_xmit+0x2da/0x3e90
[  321.128009][ T7922]  ? __pfx___dev_queue_xmit+0x10/0x10
[  321.133386][ T7922]  ? ref_tracker_free+0x643/0x7e0
[  321.138411][ T7922]  ? __asan_memcpy+0x40/0x70
[  321.142992][ T7922]  ? __pfx_ref_tracker_free+0x10/0x10
[  321.148375][ T7922]  ? netlink_deliver_tap+0x2e/0x1b0
[  321.153571][ T7922]  ? skb_clone+0x240/0x390
[  321.157982][ T7922]  ? __pfx_lock_release+0x10/0x10
[  321.163007][ T7922]  ? __netlink_deliver_tap+0x77e/0x7c0
[  321.168474][ T7922]  ? netlink_deliver_tap+0x2e/0x1b0
[  321.173687][ T7922]  netlink_unicast+0x7f6/0x990
[  321.178460][ T7922]  ? __pfx_netlink_unicast+0x10/0x10
[  321.183738][ T7922]  ? __virt_addr_valid+0x183/0x530
[  321.188845][ T7922]  ? __check_object_size+0x49c/0x900
[  321.194128][ T7922]  ? bpf_lsm_netlink_send+0x9/0x10
[  321.199239][ T7922]  netlink_sendmsg+0x8e4/0xcb0
[  321.204013][ T7922]  ? __pfx_netlink_sendmsg+0x10/0x10
[  321.209297][ T7922]  ? __import_iovec+0x536/0x820
[  321.214146][ T7922]  ? aa_sock_msg_perm+0x91/0x160
[  321.219090][ T7922]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  321.224374][ T7922]  ? security_socket_sendmsg+0x87/0xb0
[  321.229834][ T7922]  ? __pfx_netlink_sendmsg+0x10/0x10
[  321.235121][ T7922]  __sock_sendmsg+0x221/0x270
[  321.239797][ T7922]  ____sys_sendmsg+0x525/0x7d0
[  321.244562][ T7922]  ? __pfx_____sys_sendmsg+0x10/0x10
[  321.249855][ T7922]  __sys_sendmsg+0x298/0x390
[  321.254442][ T7922]  ? __pfx___sys_sendmsg+0x10/0x10
[  321.259576][ T7922]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  321.265901][ T7922]  ? do_syscall_64+0x100/0x230
[  321.270671][ T7922]  ? do_syscall_64+0xb6/0x230
[  321.275354][ T7922]  do_syscall_64+0xf3/0x230
[  321.279861][ T7922]  ? clear_bhb_loop+0x35/0x90
[  321.284535][ T7922]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  321.290428][ T7922] RIP: 0033:0x7f6dd8b799b9
[  321.294837][ T7922] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  321.314438][ T7922] RSP: 002b:00007f6dd99f9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  321.322855][ T7922] RAX: ffffffffffffffda RBX: 00007f6dd8d16130 RCX: 00007f6dd8b799b9
[  321.330828][ T7922] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000009
[  321.338795][ T7922] RBP: 00007f6dd8be78d8 R08: 0000000000000000 R09: 0000000000000000
[  321.346767][ T7922] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  321.354740][ T7922] R13: 0000000000000000 R14: 00007f6dd8d16130 R15: 00007ffd81eb9b28
[  321.362731][ T7922]  </TASK>
[  321.365971][ T7922] Kernel Offset: disabled
[  321.370365][ T7922] Rebooting in 86400 seconds..