last executing test programs:

7m2.461244511s ago: executing program 32 (id=124):
r0 = openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
syz_open_dev$mouse(0x0, 0x5, 0x2001)
ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0)
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe)
request_key(&(0x7f0000000040)='rxrpc\x00', &(0x7f0000000000)={'syz', 0x3}, &(0x7f0000000080)=')\x00I\xe3\x9a\x01\xb8b\xeb\x96\xd1\xc4\x88\x0e.\\\x88W\xa3?\xaf&DZzqi3\x1a\x02\x84\x9a\x02H\xef\xd8\x944%8:\xf3#n\xd4q\xf7\xc7\xf3\xbcf8d\xe3]\xbb\x95C<\xda\xa5\xe3\xe0\x81b\x16\x10>w\xdft\xffU\x8dn\xcaL_A\xecC|?F\xe9\x00\x131\xde\x84-6\xec\x0f\x00\x00\x00\x00\x00\x00\x00\xed{0\xe6\xb8', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
fsmount(r1, 0x0, 0x0)
bpf$BPF_LINK_CREATE(0x1c, 0x0, 0x0)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x4, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000840)=@abs={0x0, 0x0, 0x4e20}, 0x9)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r6}, 0x10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x800700, &(0x7f0000000340)={[{@grpjquota}, {@discard}, {@norecovery}, {@noinit_itable}, {@test_dummy_encryption}, {@minixdf}, {@usrjquota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@jqfmt_vfsold}, {@dioread_lock}, {@noblock_validity}, {@nouid32}]}, 0x3, 0x465, &(0x7f0000000f00)="$eJzs3M9vFFUcAPDvzLYgP1sRf4CoVWJs/NHSgsrBi0YTDxhN9IDH2hZCWKihNRFCpBqDFxND1LPxaOJf4M2LUU8mXvVuSIhyAT3VzOwM7C67pYXtLnQ/n2SX92Ze+963b97Mm3m7BNC3RrK3JGJrRPwREUO1bGOBkdo/Vy+fnf738tnpJJaW3v47yctduXx2uixa/tyWIjOaRqSfJkUljeZPnzk+Va3Oniry4wsn3h+fP33muWMnpo7OHp09OXnw4IH9Ey++MPn8Mq3fuOI4s7iu7P5obs+u19+98Mb04Qvv/fJ91t6txf76ODplJAv8n6Vc3eYvs7cnO11Zj22rSycDPWwIq1KJiKy7BvPxPxSVuN55Q/HaJz1tHLCmsmvTMlfRxSVgHUtihcViZQWBu0V5oc/uf8tXl6Yed4RLL9dugLK4rxav2p6BSIsyg033t500EhGHF//7JnvFGj2HAACo9/n014fi2VbzvzQeqCu3vVhDGY6IeyNiR0TcFxE7I+L+iLzsgxHxUNuaNrTc2rw0dOP8J714y8GtQDb/e6lY22qc/5Wzv8pwpchty+MfTI4cq87uK/4mozG4MctPLFPHj6/+/kW7ffXzv+yV1V/OBYt2XBxoekA3M7UwlU9KO+DSxxG7B1rFn1xbCchu/XdFxO7V/ertZeLY09/taVfo5vEvowPrTEvfRjxV6//FaIq/lCy/Pjl+T1Rn942XR8WNfv3t/Fvt6r+t+Dsg6//Njcd/c5HhpH69dn71dZz/87O29zS3evxvSN7J+6U8q3w4tbBwaiJiQ3Iozzdsn7z+s2W+LJ/FP7q39fjfUUtsyt4ejojsIH4kIh6NiMeKtj8eEU9ExN5l4v/5lfb77oT+n2l5/rt2/Df1/+oTleM//dCu/pX1/4E8NVpsyc9/N7HSBt7O3w4AAADuFmn+GfgkHbuWTtOxsdpn+HfG5rQ6N7/wzJG5D07O1D4rPxyDafmka6jueehEslj8xlp+snhWXO7fXzw3/qqyKc+PTc9VZ3ocO/S7LW3Gf+avSq9bB6y5Vutoky3Xaxu+yAasA83jP23Mnnuzm40Busr3taF/3WT8p91qB9B9rv/Qv1qN/3NNeWsBsD65/kP/Mv6hfxn/0L+Mf+hLt/O9/n5OZKfMO6AZ1aGiH7tfe6S9jl1iLRKt/58mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAu9X/AQAA//9l+OT1")
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0xfdfe, 0x7, @remote, 0x4}, 0x1c)
connect$pppl2tp(r2, &(0x7f00000002c0)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}}, 0x32)

6m58.146931479s ago: executing program 33 (id=133):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x3, &(0x7f0000000440)=@framed, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$packet(0x11, 0x2, 0x300)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x402000, 0x0)
setsockopt$packet_fanout(r3, 0x107, 0x12, &(0x7f0000000000)={0x400, 0x9004}, 0x4)
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000340)=[{0x6, 0x0, 0x0, 0x67b}]}, 0x10)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r4, &(0x7f0000000240)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2d}}, 0x10)
sendmmsg$inet(r4, &(0x7f00000039c0)=[{{&(0x7f0000000800)={0x2, 0x6e20, @multicast1}, 0x10, 0x0}}], 0x1, 0x2000c044)

6m14.345175357s ago: executing program 6 (id=158):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0xc, 0x14, &(0x7f0000000180)=@framed={{}, [@ringbuf_output={{0x18, 0x5}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x15}}, @printk={@x, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0xe, 0xfeff, &(0x7f0000000100)="e0857f9f582f0300000000000000", 0x0, 0x2f00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

6m13.775936364s ago: executing program 6 (id=232):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ec0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f00000008c0)=ANY=[@ANYBLOB="9feb0100180000000000000034000000340000000a000000040000000000000804000000000000000000000a01000000060000000000000e020000000100000008000000000000070000000000000000612e"], 0x0, 0x56}, 0x28)

6m11.272228855s ago: executing program 6 (id=237):
socket(0x10, 0x3, 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000280)='kmem_cache_free\x00', r0}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x101000, 0x108)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
clock_adjtime(0x0, &(0x7f0000000640)={0x7, 0x9, 0x380000, 0x8, 0xfffffffffffffff9, 0xfffffffffffffff7, 0x9, 0x0, 0xae, 0x6, 0x7, 0x4, 0xfffffffffffff04f, 0x7, 0x80000000, 0xfffffffffffffff8, 0xffffffffffffffff, 0x6, 0x0, 0x100, 0x4, 0x2, 0x5, 0x3, 0x8, 0x8})

5m57.4781762s ago: executing program 34 (id=233):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0xc)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@nfs_export_on}]})
chdir(&(0x7f00000001c0)='./bus\x00')
rmdir(&(0x7f0000000380)='./file0/../file0\x00')

5m55.680451514s ago: executing program 35 (id=237):
socket(0x10, 0x3, 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000280)='kmem_cache_free\x00', r0}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x101000, 0x108)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
clock_adjtime(0x0, &(0x7f0000000640)={0x7, 0x9, 0x380000, 0x8, 0xfffffffffffffff9, 0xfffffffffffffff7, 0x9, 0x0, 0xae, 0x6, 0x7, 0x4, 0xfffffffffffff04f, 0x7, 0x80000000, 0xfffffffffffffff8, 0xffffffffffffffff, 0x6, 0x0, 0x100, 0x4, 0x2, 0x5, 0x3, 0x8, 0x8})

4m28.907122988s ago: executing program 8 (id=412):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001300)={&(0x7f00000012c0)='sys_enter\x00', r1}, 0x10)
setuid(0x0)

4m26.931835049s ago: executing program 8 (id=415):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000200)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x4010, &(0x7f0000000500)={[{@nombcache}, {@barrier_val={'barrier', 0x3d, 0x3ff}}, {@errors_continue}, {@stripe={'stripe', 0x3d, 0x9}}, {@norecovery}, {@test_dummy_encryption}, {@max_batch_time}, {@test_dummy_encryption}]}, 0xd, 0x5fd, &(0x7f00000009c0)="$eJzs3c1rHOUfAPDvbF6aNP39khZR68EGRFrQJk3aShEP7VVKqC948WJs0lq7bUMT0VShKdSLIF5EBE+CVvCP0GKvPSkIHrx4kkJR6VFwZTYzaTb7kmSbZGPn84FtZuaZmeeZbr55nnn2eWYDKKzh9J9SxN6ImEkiBpOFpbTuyBKHF/e799cHp9NXEpXKK38kkWTb8v2T7OdAdnBfRPz4QxJ7uurznZ2/cn6yXJ6+nK2Pzl2YGZ2dv3Lw3IXJs9Nnpy+OPzd+7OiRo8fGDrV1XVcbbDt5/e13Bz+aeP3rL/5Oxr75dSKJ4/FituPy64iIn0tt5VprOIar/ydJfdLAsQ04/3bQlf2eLH+Lk+4OFoh1yd+/noh4LAajK+6/eYPx4UsdLRywqSpJRAUoqET8Q0Hl7YD83n7FfXBsxH0wsD3dPbHYAVAf/92LfYPRV+0b2HkvieXdOklEtNczV2tXRNy+NXH9zK2J61HfDwdsooVrEfF4o/hPqvE/FH0xVI3/Uk38p+2CU9nPdPvLbea/sn1RH/+H2zwzsJrF+O9rGf/RJP7fWBb/b7aZ//D9xbf6a+K/v91LAgAAAAAAgMK6eSIinm30+X9pafxPNBj/MxARxzcg/+EV6/Wf/5fubEA2QAN3T0S80HD8bykfnTPUlS39rzoeoCc5c648fSgi/h8RB6JnR7o+1iKPgx/v+bxZ2nA2/i9/pfnfzsYCZuW4072j9pipybnJB71uIOLutYgnGo7/TZbq/6RB/Z/+PZhZYx57nr5xqlna6vEPbJbKlxH7G9b/959akbR+PsdotT0wmrcK6j35/iffNcu/3fj3iAl4cGn9v7N1/A8ly5/XM7v+PA7Pd1eapbXb/u9NXq0+cqY32/be5Nzc5bGI3uRkV7q1Zvv4+ssMD6M8HvJ4SeP/wFOt+/8atf/7I2JhxbmTP2vnFOce/Wfgt2bl0f6Hzknjf2pd9f/6F8ZvDH3fLP+11f9HqnX9gWyL/j9Y9Fkepr212+ujcCmga5K2urwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DAoRcSuSEojS8ul0shIxEBEPBI7S+VLs3PPnLn0zsWpNK36/f+l/Jt+BxfXk/z7/4eWrY+vWD8cEbsj4tOu/ur6yOlL5alOXzwAAAAAAAAAAAAAAAAAAABsEwNN5v+nfu/qdOmATdfd6QIAHdMg/n/qRDmAraf+h+IS/1Bc4h+KS/xDcYl/KC7xD8Ul/qG4xD8AAAAAADxUdu+7+UsSEQvP91dfqd4sraejJQM2W6nTBQA6xiN+oLgM/YHico8PJKuk9zU9aLUjW5k5/QAHAwAAAAAAAAAAAEDh7N9r/j8Ulfn/UFzm/0Nx5fP/93W4HMDWc48PxCoz+RvO/1/1KAAAAAAAAAAAAABgI83OXzk/WS5PX177wlcR0XqfHbHGE367/tw3b+G17VGMrVyoVCpX09+C7VKe//hCPhR+i3PvjrXtnM/1W9uZO/c3CQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAqPVvAAAA//+sZiLP")

4m26.566271196s ago: executing program 7 (id=416):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r2}, 0x10)
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)

4m24.354355154s ago: executing program 7 (id=419):
socket(0x9, 0x801, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xffffffffffffff77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x61, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
sched_getaffinity(r1, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x101042, 0x40)
write$binfmt_register(r4, &(0x7f0000000200)={0x3a, 'syz1', 0x3a, 'M', 0x3a, 0xe, 0x3a, '.))', 0x3a, '&@', 0x3a, './file2'}, 0x2c)
syz_mount_image$fuse(0x0, 0x0, 0x3000009, 0x0, 0x1, 0x0, 0x0)
linkat(0xffffffffffffff9c, 0x0, 0xffffffffffffff9c, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x9)
r5 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000280)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x48, 0xffffffffffffffff)
keyctl$revoke(0x3, r5)
add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc3}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300", 0x2b}, 0x48, 0xfffffffffffffffb)
timer_create(0x7, &(0x7f0000000100)={0x0, 0xa, 0x1, @tid=0xffffffffffffffff}, &(0x7f0000000140))
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f00000004c0)='xs_stream_read_data\x00', r6}, 0x18)
syz_emit_ethernet(0x12, &(0x7f0000000300)=ANY=[@ANYBLOB="aac8aa5c18a67f0251f34500810044008864"], 0x0)
clock_nanosleep(0x2, 0x1, &(0x7f0000000240), &(0x7f0000000340))

4m20.316129469s ago: executing program 8 (id=423):
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
ioctl$VHOST_SET_OWNER(0xffffffffffffffff, 0xaf01, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs={0x0, 0x0, 0x40}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)

4m18.804744407s ago: executing program 8 (id=424):
socket$key(0xf, 0x3, 0x2)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000001040)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in=@broadcast, @in6=@remote}, {@in6=@remote, 0x0, 0x32}, @in6=@mcast1, {0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0xa, 0x2, 0x0, 0x37}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}]}, 0x138}, 0x1, 0xe}, 0x0)

4m17.511443768s ago: executing program 7 (id=428):
r0 = socket$kcm(0x10, 0x2, 0x0)
recvmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000580)=""/116, 0x74}, {&(0x7f00000047c0)=""/4057, 0xfd9}, {&(0x7f00000037c0)=""/4073, 0xfe9}, {&(0x7f0000000700)=""/237, 0xed}, {&(0x7f00000002c0)=""/130, 0x82}], 0x5}, 0x100)
sendmsg$inet(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)=[{0x0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x20000000)

4m17.388657695s ago: executing program 8 (id=430):
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x301c48a, &(0x7f0000004040)=ANY=[@ANYBLOB="757466383d302c73686f72746e616d653d77696e39352c696f636861727365743d63703836392c757466383d302c696f636861727365743d63703836362c696f636861727365743d63703733372c756e695f786c6174653d302c73686f72746e616d653d6d697865642c756e695f786c6174653d302c636f6465706167653d3836312c756e695f786c6174653d312c757466383d302c73686f72746e616d653d77696e39352c726f6469722c696f636861727365743d6d61637475726b6973682c6572726f72733d636f6e74696e75652c756e695f786c6174653d312c00e1d625f10b9ee0a39b75b922489840691b55fdd962d869c07e5720a738d425cd66a3c97ccd3f631568b5d6c3"], 0x6, 0x2d5, &(0x7f0000000980)="$eJzs3T+LHGUcB/Df7O3tTrTYLaxEcEALq5BLa7OHJCBeZdhCLfQwCcjtIiRw4B+cTWUl2FhY+AoEwRdi4zsQbAU7IwRGZnYmM5vbXPbk9sTc59PcM8883+f5zdxwO1fccx+9Mj+6ncXdB1/+FmmaRG8Sk3iYxDh60VgUS/nycPJtAAD/Zw+LIv6sP9/PkksiIt1eWQDAFm32+d9vmz9fSFkAwBbdeu/9d/YPDm68m2Vp3Jx/fTwtf7Mvvy7P79+NT2IWd+JajOJRRPWisBvV20LZvFkURd7PSuN4fZ4fT8vk/MNf6vn3/4io8nsxinHV9fhto8q/fXBjL1vq5POyjhfq9Sdl/nqM4qXH4ZX89TX5mA7ijdc69V+NUfz6cXwas7hdFdHmv9rLsreK7/764oOyvDKf5MfTYTWuVex0j65czLcHAAAAAAAAAAAAAAAAAAAAAIDn1NV675xhVPv3lF31/js7j8qD3cga49X9eZb5pJmouz9QURR5ET80++tcy7KsqAe2+X683O9uLAgAAAAAAAAAAAAAAAAAAACX1/3PPj86nM3u3DuXRrMbQD8i/r4V8W/nmXR6Xo3TBw/rNQ9ns17dXB3T7/bETjMmiTi1jPIizum2PKtx5UTNdePHnzaaJ4lY1D3psxfdXb/WeTaap+voMFl/D4fR9KT1Q/L9IKIdM4inLbFY7Rk8rYwizvL4DdaeGm0W/6a+2nKeF6uevDm1OJmK5InCkqQz5s3fl3PVPcmTVzGo7uq6MiJtGm18dUy60fMc6TJ+8mdFYrcOAAAAAAAAAAAAAAAAAADYqvavf9ecfHBqtFcMt1YWAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFyo9v//n6GR1+ENBg/i3v3/+BIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4BP4JAAD//47KXt4=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
capset(0x0, &(0x7f0000000040)={0x200000, 0x200003, 0x0, 0x0, 0x3})

4m14.202863759s ago: executing program 8 (id=434):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000180)=@abs={0x0, 0x0, 0x40}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)

4m13.804180616s ago: executing program 7 (id=435):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
setitimer(0x1, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
write$FUSE_DIRENTPLUS(0xffffffffffffffff, 0x0, 0xb0)
mount$9p_fd(0x0, 0x0, 0x0, 0x0, 0x0)
setuid(0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmmsg$unix(r4, 0x0, 0x0, 0x0)
recvmmsg(r3, 0x0, 0x0, 0x2, 0x0)
r5 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r5, &(0x7f0000000080)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c)
write$binfmt_script(r5, 0x0, 0x0)
sendmsg(r5, &(0x7f00000000c0)={0x0, 0x9504, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0xd8ef}], 0x1, 0x0, 0x0, 0x2c}, 0x4)

4m7.663630886s ago: executing program 7 (id=441):
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r2 = dup(r1)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000240)={r3, &(0x7f00000002c0), &(0x7f0000000280)=@udp, 0x1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])

4m5.97301463s ago: executing program 7 (id=444):
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x301c48a, &(0x7f0000004040)=ANY=[@ANYBLOB="757466383d302c73686f72746e616d653d77696e39352c696f636861727365743d63703836392c757466383d302c696f636861727365743d63703836362c696f636861727365743d63703733372c756e695f786c6174653d302c73686f72746e616d653d6d697865642c756e695f786c6174653d302c636f6465706167653d3836312c756e695f786c6174653d312c757466383d302c73686f72746e616d653d77696e39352c726f6469722c696f636861727365743d6d61637475726b6973682c6572726f72733d636f6e74696e75652c756e695f786c6174653d312c00e1d625f10b9ee0a39b75b922489840691b55fdd962d869c07e5720a738d425cd66a3c97ccd3f631568b5d6c3"], 0x6, 0x2d5, &(0x7f0000000980)="$eJzs3T+LHGUcB/Df7O3tTrTYLaxEcEALq5BLa7OHJCBeZdhCLfQwCcjtIiRw4B+cTWUl2FhY+AoEwRdi4zsQbAU7IwRGZnYmM5vbXPbk9sTc59PcM8883+f5zdxwO1fccx+9Mj+6ncXdB1/+FmmaRG8Sk3iYxDh60VgUS/nycPJtAAD/Zw+LIv6sP9/PkksiIt1eWQDAFm32+d9vmz9fSFkAwBbdeu/9d/YPDm68m2Vp3Jx/fTwtf7Mvvy7P79+NT2IWd+JajOJRRPWisBvV20LZvFkURd7PSuN4fZ4fT8vk/MNf6vn3/4io8nsxinHV9fhto8q/fXBjL1vq5POyjhfq9Sdl/nqM4qXH4ZX89TX5mA7ijdc69V+NUfz6cXwas7hdFdHmv9rLsreK7/764oOyvDKf5MfTYTWuVex0j65czLcHAAAAAAAAAAAAAAAAAAAAAIDn1NV675xhVPv3lF31/js7j8qD3cga49X9eZb5pJmouz9QURR5ET80++tcy7KsqAe2+X683O9uLAgAAAAAAAAAAAAAAAAAAACX1/3PPj86nM3u3DuXRrMbQD8i/r4V8W/nmXR6Xo3TBw/rNQ9ns17dXB3T7/bETjMmiTi1jPIizum2PKtx5UTNdePHnzaaJ4lY1D3psxfdXb/WeTaap+voMFl/D4fR9KT1Q/L9IKIdM4inLbFY7Rk8rYwizvL4DdaeGm0W/6a+2nKeF6uevDm1OJmK5InCkqQz5s3fl3PVPcmTVzGo7uq6MiJtGm18dUy60fMc6TJ+8mdFYrcOAAAAAAAAAAAAAAAAAADYqvavf9ecfHBqtFcMt1YWAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFyo9v//n6GR1+ENBg/i3v3/+BIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4BP4JAAD//47KXt4=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
capset(0x0, &(0x7f0000000040)={0x200000, 0x200003, 0x0, 0x0, 0x3})

4m2.456030842s ago: executing program 4 (id=448):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000800000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10)
r1 = gettid()
rt_sigqueueinfo(r1, 0x21, &(0x7f0000002d00)={0x0, 0x0, 0xffffffff})

4m2.180185674s ago: executing program 4 (id=451):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000540)={{r0}, &(0x7f00000004c0), &(0x7f0000000300)=r1}, 0x20)
creat(&(0x7f0000000000)='./file0\x00', 0x60)
quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f0000000440)=@filename='./file0\x00', 0x0, &(0x7f0000000480)='./file0\x00')

4m1.698563933s ago: executing program 4 (id=453):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f00000001c0)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "69dcaf20127e9a854528f45826cb35be51ca73845d177dd8dba7221daeccfda56b75cfe286fdd14cb5b11b1cab614fec2236da7d88ea0f0700", 0x3f}, 0x48, 0xfffffffffffffffe)
keyctl$search(0xa, r1, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000100)={'syz', 0x0}, 0x0)

4m0.904138852s ago: executing program 4 (id=455):
socket(0x9, 0x801, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xffffffffffffff77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x61, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
sched_getaffinity(r1, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x101042, 0x40)
write$binfmt_register(r4, &(0x7f0000000200)={0x3a, 'syz1', 0x3a, 'M', 0x3a, 0xe, 0x3a, '.))', 0x3a, '&@', 0x3a, './file2'}, 0x2c)
syz_mount_image$fuse(0x0, 0x0, 0x3000009, 0x0, 0x1, 0x0, 0x0)
linkat(0xffffffffffffff9c, 0x0, 0xffffffffffffff9c, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x9)
r5 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000280)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x48, 0xffffffffffffffff)
keyctl$revoke(0x3, r5)
add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc3}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300", 0x2b}, 0x48, 0xfffffffffffffffb)
timer_create(0x7, &(0x7f0000000100)={0x0, 0xa, 0x1, @tid=0xffffffffffffffff}, &(0x7f0000000140))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
clock_gettime(0x0, &(0x7f0000000000)={<r6=>0x0, <r7=>0x0})
clock_nanosleep(0x2, 0x1, &(0x7f0000000240)={r6, r7+60000000}, &(0x7f0000000340))

3m57.586940985s ago: executing program 36 (id=434):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000180)=@abs={0x0, 0x0, 0x40}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)

3m57.533258105s ago: executing program 4 (id=458):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="1080656249f1cba7080000000100000000000000", @ANYRES32, @ANYBLOB='\x00'/15, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000fcffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioprio_set$pid(0x2, 0x0, 0x4007)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r6, 0x29, 0x20, &(0x7f0000000000)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x0, 0x2, 0x9}, 0x20)
write$cgroup_int(r6, 0x0, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r6, 0x29, 0x20, &(0x7f0000000180)={@mcast1, 0x8000000, 0x0, 0x1, 0xa, 0x7f, 0x7}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000380)=ANY=[@ANYBLOB="1a253b17cf76156384eba2d61e1cccbb478446891c42ceebf8cca18112d4f90000a8741c0398eff5e86b770ec858562162b13dc6b7009e5d2c21d4bbde99ee9413a8c31718d33a1631cd571d640936efd3104fbac7f57a84f0f736604848a1957360499bfe6315670d63816a2326dc1e718a1cabda2adb16e20a", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b7000000000000009500000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = socket$packet(0x11, 0x2, 0x300)
mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r7, 0x0)

3m55.657594252s ago: executing program 4 (id=459):
syz_open_dev$evdev(&(0x7f0000000280), 0x0, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0xffffffffffffe)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{}, &(0x7f0000000000), &(0x7f0000000180)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
timer_create(0x3, 0x0, &(0x7f0000bbdffc))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000640)=@newsa={0x158, 0x10, 0x413, 0x70bd2c, 0x25dfdbf9, {{@in6=@dev, @in=@remote, 0x0, 0x1}, {@in6=@private0={0xfc, 0x0, '\x00', 0x1}, 0x0, 0x32}, @in6=@private2={0xfc, 0x2, '\x00', 0x1}, {0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1ebf5fdf}, {0x0, 0x0, 0x0, 0x90}, {}, 0x4, 0x0, 0xa, 0x2, 0x0, 0xa0}, [@algo_aead={0x4c, 0x12, {{'rfc4106(gcm(aes))\x00'}, 0x0, 0x60}}, @replay_esn_val={0x1c, 0x17, {0x0, 0x70bd27, 0x70bd2d, 0x70bd2b, 0x70bd2d, 0x1}}]}, 0x158}}, 0x0)

3m50.523296828s ago: executing program 37 (id=444):
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x301c48a, &(0x7f0000004040)=ANY=[@ANYBLOB="757466383d302c73686f72746e616d653d77696e39352c696f636861727365743d63703836392c757466383d302c696f636861727365743d63703836362c696f636861727365743d63703733372c756e695f786c6174653d302c73686f72746e616d653d6d697865642c756e695f786c6174653d302c636f6465706167653d3836312c756e695f786c6174653d312c757466383d302c73686f72746e616d653d77696e39352c726f6469722c696f636861727365743d6d61637475726b6973682c6572726f72733d636f6e74696e75652c756e695f786c6174653d312c00e1d625f10b9ee0a39b75b922489840691b55fdd962d869c07e5720a738d425cd66a3c97ccd3f631568b5d6c3"], 0x6, 0x2d5, &(0x7f0000000980)="$eJzs3T+LHGUcB/Df7O3tTrTYLaxEcEALq5BLa7OHJCBeZdhCLfQwCcjtIiRw4B+cTWUl2FhY+AoEwRdi4zsQbAU7IwRGZnYmM5vbXPbk9sTc59PcM8883+f5zdxwO1fccx+9Mj+6ncXdB1/+FmmaRG8Sk3iYxDh60VgUS/nycPJtAAD/Zw+LIv6sP9/PkksiIt1eWQDAFm32+d9vmz9fSFkAwBbdeu/9d/YPDm68m2Vp3Jx/fTwtf7Mvvy7P79+NT2IWd+JajOJRRPWisBvV20LZvFkURd7PSuN4fZ4fT8vk/MNf6vn3/4io8nsxinHV9fhto8q/fXBjL1vq5POyjhfq9Sdl/nqM4qXH4ZX89TX5mA7ijdc69V+NUfz6cXwas7hdFdHmv9rLsreK7/764oOyvDKf5MfTYTWuVex0j65czLcHAAAAAAAAAAAAAAAAAAAAAIDn1NV675xhVPv3lF31/js7j8qD3cga49X9eZb5pJmouz9QURR5ET80++tcy7KsqAe2+X683O9uLAgAAAAAAAAAAAAAAAAAAACX1/3PPj86nM3u3DuXRrMbQD8i/r4V8W/nmXR6Xo3TBw/rNQ9ns17dXB3T7/bETjMmiTi1jPIizum2PKtx5UTNdePHnzaaJ4lY1D3psxfdXb/WeTaap+voMFl/D4fR9KT1Q/L9IKIdM4inLbFY7Rk8rYwizvL4DdaeGm0W/6a+2nKeF6uevDm1OJmK5InCkqQz5s3fl3PVPcmTVzGo7uq6MiJtGm18dUy60fMc6TJ+8mdFYrcOAAAAAAAAAAAAAAAAAADYqvavf9ecfHBqtFcMt1YWAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFyo9v//n6GR1+ENBg/i3v3/+BIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4BP4JAAD//47KXt4=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
capset(0x0, &(0x7f0000000040)={0x200000, 0x200003, 0x0, 0x0, 0x3})

3m39.987918394s ago: executing program 38 (id=459):
syz_open_dev$evdev(&(0x7f0000000280), 0x0, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0xffffffffffffe)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{}, &(0x7f0000000000), &(0x7f0000000180)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
timer_create(0x3, 0x0, &(0x7f0000bbdffc))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000640)=@newsa={0x158, 0x10, 0x413, 0x70bd2c, 0x25dfdbf9, {{@in6=@dev, @in=@remote, 0x0, 0x1}, {@in6=@private0={0xfc, 0x0, '\x00', 0x1}, 0x0, 0x32}, @in6=@private2={0xfc, 0x2, '\x00', 0x1}, {0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1ebf5fdf}, {0x0, 0x0, 0x0, 0x90}, {}, 0x4, 0x0, 0xa, 0x2, 0x0, 0xa0}, [@algo_aead={0x4c, 0x12, {{'rfc4106(gcm(aes))\x00'}, 0x0, 0x60}}, @replay_esn_val={0x1c, 0x17, {0x0, 0x70bd27, 0x70bd2d, 0x70bd2b, 0x70bd2d, 0x1}}]}, 0x158}}, 0x0)

2m19.996393135s ago: executing program 9 (id=583):
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0)
fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
sendfile(r0, r1, 0x0, 0x20000023896)
ioctl$TCSETSW(r0, 0x5403, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000030000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='sys_enter\x00', r3}, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x2, 0x0, 0x3, 0xfffffffffffffffd, 0x3, 0x0, 0x0, 0xe}, 0x0, &(0x7f0000000300)={0x3ff, 0x7e7, 0x0, 0xfffffffffffffff9, 0x4, 0x0, 0x7fffffff, 0x39}, 0x0, 0x0)

2m18.222472423s ago: executing program 9 (id=586):
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)

2m17.490615676s ago: executing program 9 (id=588):
r0 = socket$kcm(0x10, 0x2, 0x0)
recvmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000580)=""/116, 0x74}, {&(0x7f00000047c0)=""/4057, 0xfd9}, {&(0x7f00000037c0)=""/4073, 0xfe9}, {&(0x7f0000000700)=""/237, 0xed}, {&(0x7f00000002c0)=""/130, 0x82}], 0x5}, 0x100)
sendmsg$inet(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000900)="5c00000012006bab9a3fe3d86e17aa0a046b4877c4aaf68187bae53dca2ba35bda6a876c1d0048007ea608649e75", 0x2e}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x20000000)

2m16.223597304s ago: executing program 9 (id=589):
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000640)='./bus\x00', 0x0, &(0x7f0000000440)=ANY=[], 0x1, 0x1268, &(0x7f0000002500)="$eJzs3U9rI2UcB/Bf2vTv2qbquroL4oNeFCFue/DkpcguiAWl2gUVhFmbamialCYUIuLWkyfBlyHq0ZsgvoFevHgWBJFePO5BHGmT1aZJu7ptU5HP5zIPzzzfeWYyzMCE+TF7L32+sb7WLK9lrRgpFKK4ORbFuylSjMRodOzEc7d+/OnJN956+9XFpaUbyyndXHxz/sWU0uxT373z0ddPf9+6dOub2W8nYnfu3b3fFn7evbJ7de+Pr6LaTNVmqjdaKUu3G41WdrtWSavV5no5pddrlaxZSdV6s7LVs36t1tjcbKesvjozvblVaTZTVm+n9Uo7tQqptdVO2ftZtZ7K5XKamQ5OY+XLu3meR+T5WIxHnuf5VEzHpXgoZmI2SjEXD8cj8WhcjsfiSjweT8TVg1EXvd8AAAAAAAAAAAAAAAAAAADw/3Kf+v+C+n8AAAAAAAAAAAAAAAAAAAA4f0fr/4sRvv8PAAAAAAAAAAAAAAAAAAAAQ3af7/8fqf9/Xv0/AAAAAAAAAAAAAAAAAAAAnIfJzmI5pcmIjU+3V7ZXOstO/+JaVKMWlbgepfg9Dqr/Ozrtm68s3bieDszFCxt3uvk72yujvfn5sVLMFQbm5zv51JufiOnD+YUoxeXB8y8MzE/Gs8/s5z/p5MtRih/ei0bUYjWi0D36g/zH8ym9/NrSVG/+2v64Y42e82kBAACAs1ROf+l/ft/pDhq4vrOq+3yeuiMLJ/w/cOT5vBjXihd11NzTbH+4ntVqla0HbIwfv53x0225r1GIiCwO98xO/7K8P/mZTfGgjdGhTjp28phTnNMo/gd+zDNo/PrFoZ7JGO7sI91LIqvt3z//WSp28vxcd2zgxThxUur4e0ZhCPclhuPvk37RewIAAAAAAAAAAMC/MfDtv6mI6Hsf8IO+nnuvh/fG+7d8/OyfDeEIAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/mQHjgUAAAAAhPlbp9GxAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFcBAAD///ME0UM=")
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xb, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000476c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = open(&(0x7f00000005c0)='./bus\x00', 0x147842, 0x0)
write$FUSE_NOTIFY_DELETE(r0, &(0x7f0000000080)={0x29, 0x6, 0x0, {0x5, 0x2}}, 0x29)
preadv2(r0, &(0x7f0000000040)=[{&(0x7f0000001200)=""/4096, 0xfffffdef}], 0x1, 0x0, 0x0, 0x7)

2m14.259913072s ago: executing program 9 (id=596):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.stat\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000180), 0x4)
copy_file_range(r2, &(0x7f0000000080), r1, 0x0, 0xfffffffffffffff8, 0x0)

2m9.471279396s ago: executing program 9 (id=605):
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mremap(&(0x7f00005ab000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ffe000/0x1000)=nil)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r3, 0x29, 0x2e, &(0x7f0000000080)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @empty}}}, 0x108)
r4 = fsopen(&(0x7f0000000180)='proc\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r5 = fsmount(r4, 0x0, 0x1)
fchdir(r5)
r6 = openat$dir(0xffffffffffffff9c, &(0x7f00000002c0)='.\x00', 0x0, 0x0)
getdents64(r6, &(0x7f0000000040)=""/53, 0x2457a0be381e3a04)

1m56.255889223s ago: executing program 0 (id=621):
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000014c0)={0x0, &(0x7f0000001400)=""/149, 0x0, 0x95, 0x1}, 0x28)

1m55.472231037s ago: executing program 0 (id=623):
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="1080656249f1cba7080000000100000000000000", @ANYRES32, @ANYBLOB='\x00'/15, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000fcffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioprio_set$pid(0x2, 0x0, 0x4007)

1m51.811792121s ago: executing program 39 (id=605):
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mremap(&(0x7f00005ab000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ffe000/0x1000)=nil)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r3, 0x29, 0x2e, &(0x7f0000000080)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @empty}}}, 0x108)
r4 = fsopen(&(0x7f0000000180)='proc\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r5 = fsmount(r4, 0x0, 0x1)
fchdir(r5)
r6 = openat$dir(0xffffffffffffff9c, &(0x7f00000002c0)='.\x00', 0x0, 0x0)
getdents64(r6, &(0x7f0000000040)=""/53, 0x2457a0be381e3a04)

1m51.764137238s ago: executing program 0 (id=627):
rt_sigaction(0x25, 0x0, 0x0, 0x8, &(0x7f0000000300))
flock(0xffffffffffffffff, 0x1)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8c}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4000000}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b000000000000000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000fdffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x200000, &(0x7f0000000200), 0x3, 0x570, &(0x7f0000000680)="$eJzs3V1rHFUYAOB3Nkm/tSmUoiIS6IWV2k2T+FFBsF6KFgt6X5dkGmo23ZLdlCYW2l7YG2+kCCIWxB/gvZfFP+CvKGihSAl64U1kNrPtNtnN52q2zvPAtOfMzObM2TPv2Xd2dtkACmsk+6cU8WLcjK+TiMNt2wYj3ziyst/So+uT2ZLE8vInfySR5Ota+yf5/wfzygsR8cuXESdLa9utLyzOVKrVdC6vjzZmr4zWFxZPXZqtTKfT6eXxiYkzb06Mv/P2Wz3r62vn//ru43sfnPnq+NK3Pz04cieJs3Eo39bejx242V4ZiZH8ORmKs6t2HOtBY/0k2e0DYFsG8jgfimwOOBwDedQD/383ImIZKKhE/ENBtfKA1rV9j66DnxkP31+5AFrb/8GV90ZiX/Pa6MBS8tSVUXa9O9yD9rM2fv797p1siQ3eh7jRg/YAWm7eiojTg4Nr578kn/+273TzzeP1rW6jaK8/sJvuZfnP653yn9Lj/Cc65D8HO8Tudmwc/6UHPWimqyz/e7dj/vt46hoeyGvPNXO+oeTipWp6OiKej4gTMbQ3q693P+fM0v3lbtva879sydpv5YL5cTwY3Pv0Y6YqjcpO+tzu4a2Il57kv0msmf/3NXPd1eOfPR/nN9nGsfTuK922bdz/dr3PgJd/jHi14/g/uaOVrH9/crR5Poy2zoq1/rx97Ndu7W+t/72Xjf+B9fs/nLTfr61vvY0f9v2ddtu23fN/T/Jps7wnX3et0mjMjUXsST5au378yWNb9db+Wf9PHF9//ut0/u+PiM822f/bR2933bUfxn9qS+O/9cL9D7/4vlv7mxv/N5qlE/mazcx/mz3AnTx3AAAAAAAA0G9KEXEoklL5cblUKpdXPt9xNA6UqrV64+TF2vzlqWh+V3Y4hkqtO92H2z4PMZZ/HrZVH19Vn4iIIxHxzcD+Zr08WatO7XbnAQAAAAAAAAAAAAAAAAAAoE8c7PL9/8xvA7t9dMC/zk9+Q3FtGP+9+KUnoC95/Yfi6hL/pgUoAIEOxSX+objEPxSX+IfiEv9QXOIfAAAAAAAAAAAAAAAAAAAAAAAAAAAAeur8uXPZsrz06PpkVp+6ujA/U7t6aiqtz5Rn5yfLk7W5K+XpWm26mpYna7Mb/b1qrXZlbDzmr4020npjtL6weGG2Nn+5ceHSbGU6vZAO/Se9AgAAAAAAAAAAAAAAAAAAgGdLfWFxplKtpnMKXQvvxW4fxucv7+ThSedRTto6uGJbTQz2yzAp9LSwyxMTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALT5JwAA//821zOC")
open(&(0x7f00000001c0)='./file1\x00', 0x4827e, 0x9)
getpid()
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000080)={'ip6gre0\x00', &(0x7f0000000000)={'syztnl1\x00', 0x0, 0x29, 0x10, 0xbe, 0xc, 0x0, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}, @ipv4={'\x00', '\xff\xff', @remote}, 0x8000, 0x7800, 0x2970, 0x2f7a}})
sendmsg$nl_route(r0, 0x0, 0x1)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = add_key$keyring(&(0x7f00000004c0), &(0x7f0000000580)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r5, &(0x7f0000000200)='asymmetric\x00', 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)

1m41.939611618s ago: executing program 0 (id=634):
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1000, 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1/file0\x00', 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000280)='./file1/file0\x00', 0x0, 0x201008, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000000), 0x0, &(0x7f00000004c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1/file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000001180)='./bus\x00')
truncate(&(0x7f0000000000)='./file0/file1\x00', 0x1)
rmdir(&(0x7f0000000440)='./file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000007000000ff"], 0x48)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
creat(&(0x7f0000000180)='./bus\x00', 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r1 = userfaultfd(0x801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000140)={0xaa, 0x298})
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./bus\x00', 0x1010000, &(0x7f0000000140)={[{@shortname_winnt}, {@numtail}, {@uni_xlate}, {@utf8no}, {@utf8no}, {@utf8}, {@iocharset={'iocharset', 0x3d, 'cp869'}}, {@uni_xlate}, {@numtail}, {@shortname_winnt}, {@utf8no}, {@fat=@codepage={'codepage', 0x3d, '865'}}, {@shortname_mixed}, {@fat=@dos1xfloppy}, {@utf8no}, {@fat=@check_strict}, {@shortname_mixed}]}, 0x1, 0x36b, &(0x7f0000000500)="$eJzs3U1oY0UcAPB/+tKkXdD2JgpC9CZo2e5NL7ZIFxZ7UQl+HMTgdlWSKrRYbA+b1oPiUfCoJ28KevAgHkVQxJsHr64gq+JB97bg4kjy8vGapN3uYivF3w+aTGfmP/N/HySv4WX6wlI0L07HpWvXrsbMTCnKS48txfVSzEcWfbsxrjKhDgA4Ha6nFH+m3GjbzOSQ0gmkBQAco+77/0sRUYv5vObNrw/rn7z7A8Cp1/v7f/awPgd8DhDx2rGkBAAcs7HP/+/f11zp/pT7v5YLdwUAAKfVU88+9/jyasSTtdpMxPrbW/WtejwybF++FK9EK9bibMzFjYj8QqHzUOo+nr+wunK2Vqu145f5qEfEVC+wnl8pLGfd+GosxlzM9+J7Vxsppez8Z6sri7WuiNhtd+eP9dJWfTrO9Ob/8UysDS88+oN0nyIurK6cq/UGqK/349sRe8MbFTr5L8RcfP/iYJiU+ncwrq5cXuwnPYzfqlfj4mAvHPgJCAAAAAAAAAAAAAAAAAAAAAAA3JaF2sD8YP2c1HnOV8pZWJjQ3l0fJ4/vrQ+0l68PlKopUvrjjYfq72Sxb32g0fV5tiwkCAAAAAAAAAAAAAAAAAAAAAOb25VotFprG5vbO81iob2xuT0VEZ2aV7/95KvZGO9zk0I5n6IaMZii1pt2p9lIWb9zyiLGw7PO5P2ajz4fZFzsUx1sxcQ0qgc3tVp33Pfz+8Oae7P+yH8P+2QxeQOzQhqPjoy8fmee0q3sqEHhXLGmOj77lZRSoeatYvjl58cHjFJE+dYP3E5zKg7ukzqFb66+fHd/7ze+TLkHHpx7+sp7H/7WbLQ6M0f3CFY2Nm+kZqPU73yE2XvDpe4hGJ4bpcgLpeKZUD5swL39NY3sh9+fuefd7462E1Kx5vXO+TzSJ8s359PR8Epe6KQ50jQ7DJ/ubURrbXrCyX+zwm0c07s++OLjlH769chTDE2NvWyU/p1XHwAAAAAAAAAAAAAAAAAAoKjwXfHel67becP0YVEPP3FC6QEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAiRj+//9CYW83RmqOUvirPSGquraxGVH5rzcTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/uX8CAAD//3wwZok=")
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, 0xffffffffffffffff, 0x0)
syz_emit_ethernet(0x67, &(0x7f0000000180)={@broadcast, @dev, @void, {@ipv4={0x800, @gre={{0x5, 0x4, 0x3, 0x0, 0x59, 0x0, 0x0, 0x0, 0x2f, 0x0, @private, @multicast1}, {{0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x4, 0x8100, 0x1, 0x0, [], "7f"}, {0x0, 0x0, 0x0, 0x0, 0x11}, {}, {0x8, 0x88be, 0xfffffffe, {{0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3e}}}, {0x8, 0x22eb, 0x0, {{0x0, 0x2, 0xb}}}, {0x8, 0x6558, 0x2}}}}}}, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x8042, 0x0)
ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000040)={&(0x7f00002b9000/0x400000)=nil, &(0x7f00005cf000/0x4000)=nil, 0x400000, 0x2, 0x2})
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = dup(r0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="16", @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',\x00'])

1m40.207537342s ago: executing program 0 (id=638):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/12, @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000"], 0x0, 0x8, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x30}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYRESOCT=r5, @ANYRES8=r6], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, 0x0, 0x0)
pipe2$9p(&(0x7f0000000240), 0x0)
r7 = openat$cgroup_procs(r0, &(0x7f0000000040)='tasks\x00', 0x2, 0x0)
write$cgroup_pid(r7, &(0x7f0000000080), 0x12)
syz_clone(0x43000300, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)

1m39.592395518s ago: executing program 0 (id=639):
r0 = socket$kcm(0x10, 0x2, 0x0)
recvmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000580)=""/116, 0x74}, {&(0x7f00000047c0)=""/4057, 0xfd9}, {&(0x7f00000037c0)=""/4073, 0xfe9}, {&(0x7f0000000700)=""/237, 0xed}, {&(0x7f00000002c0)=""/130, 0x82}], 0x5}, 0x100)
sendmsg$inet(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000900)="5c00000012006bab9a3fe3d86e17aa0a046b4877c4aaf68187bae53dca2ba35bda6a876c1d0048007ea608649e7524765f0ef82e3c0000a705259a3651f60a84c9f4d4938037e70e4509c5bb00000000e5", 0x51}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x20000000)

1m35.853629226s ago: executing program 40 (id=639):
r0 = socket$kcm(0x10, 0x2, 0x0)
recvmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000580)=""/116, 0x74}, {&(0x7f00000047c0)=""/4057, 0xfd9}, {&(0x7f00000037c0)=""/4073, 0xfe9}, {&(0x7f0000000700)=""/237, 0xed}, {&(0x7f00000002c0)=""/130, 0x82}], 0x5}, 0x100)
sendmsg$inet(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000900)="5c00000012006bab9a3fe3d86e17aa0a046b4877c4aaf68187bae53dca2ba35bda6a876c1d0048007ea608649e7524765f0ef82e3c0000a705259a3651f60a84c9f4d4938037e70e4509c5bb00000000e5", 0x51}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x20000000)

10.528240365s ago: executing program 5 (id=745):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b7"], 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
symlinkat(0x0, 0xffffffffffffffff, 0x0)

9.996831729s ago: executing program 5 (id=748):
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$uhid(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0x8, &(0x7f0000000200)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0ff5b14104fe62cc60e413905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf2364149215108333719acd97cfa107d40224edc5465a93df8513a32ec450bebc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe511195418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4929330142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da8c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000dd11e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15f2a169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f000010000000000000905ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400bee3dfc8fb24f67c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341b74abaa7c95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb232bbdb9dc33cbd7643866fde41f94290c2a5ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595270fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f76dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d2e959efc71f665c4d75cf2458e3322c9062ece84c99a061997a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99f0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d164118e4cbe02400000000ff0700000000cc9d8046c216c1f895778cb25122a2a998de44aeadea2a40da8daccf080842a4867217373934bbd42dcb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcd62981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba495aea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b60000000000001700d6d5210d7560eb92d6a97a27602b81f76386f1535b1fad6ec9a31137abf9a404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294059323e7a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd704e4214de5946932d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1fc8df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1785eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba891cea599b079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be2f5656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fd78f9743af932cd6db49a47613808bad959719c0000000000378a921c7f7f6933c2e24c7e800003c9e8095e02985f28de0bbc76d58dd92606b1ef6486c85fa3e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6968d12418a4d2a0d086d8438d415d713acebc5b014e61a543a5a391f03daca80f08f0e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e112645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c000000000000000000000000000000a1c3da144589dcaddb71cf9374843e23f992a237a9040747e0434a8a643990b4059a98411ce867d1af7e8ea89f49e6f564d4dce8a7d6939a9214a7f39e83bd247e03a09dba000000000000000000000000aaf033d47249c8444bc13844cbf1be617d82b269e5ea0c0d525603c0ec543ea581f63893ae414a6683e941fdbdff03cfc5f8744583c0aa766a65321f907927a59d75b47f06895e8471ebc2840ce5bd054df223fb09b9c739ad64cfcfd2d498b0f11056f6c40874cb977c99b6bc1a8732198a17e610082b7ce0365f271b11d4b4a3d4c7d0bb273f406ecd4b26c93151c30f5a269991402d109becb1b9bafcb2b47e940000000000e540d8b0db3774effb7469a21f96e2594b2973ebf7a1bd9ace2ed4d6eb1735f85885be5be74dc2ea5d7d499bd28271b98f187f5879b16b409a04d78175cc8d0f707c822805d7011ed4b22419186dd2b22aadf15828db2ca19d79e1bf2f7989237ee5cb2e1eb7b2bfc92d3aa95a26f060935c4fee8b2d7d0bf3c6d82d04329164bd4ee0b8060183f36762b0440d9082d7c8b06e4c2024f77e1018758d28e7ee290f32a48bfc2aa10b3dba9bff00d2410f3477a8e0df689c880dc9a677cfaa16603527c06625a3363744cea5f2d350224cc0fea76c72ca08507235c67346722f20690fde0790f040f5fd3eff75f9b291cc5e9c686ebaadbe756c6fa039ff441e427ed12578d5cb041ebf729cfaa575cc852fbdb54e60435e6d62b9d270433b220ed9ff1ff042b8d3d866231c460765"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x1f)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
ioctl$F2FS_IOC_DECOMPRESS_FILE(0xffffffffffffffff, 0xf517, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1c916, &(0x7f0000000100)={[{@nobarrier}, {@noblock_validity}, {@nombcache}, {@norecovery}, {@acl}, {@resgid={'resgid', 0x3d, 0xee01}}, {@norecovery}, {@noauto_da_alloc}, {@resgid={'resgid', 0x3d, 0xee00}, 0x32}]}, 0x9b, 0x4d8, &(0x7f0000000f40)="$eJzs3d1rW+cZAPDnHFtZPpzZYbvIAsvCkmGHLZIdL4kZLNtgbFeBbdnF7jLPlo2xbBlLTmITNof9AYMRtsGuetWbQv+AQsldb0tLoL0vbWkpbdJe9KKNir5Sx5H8QWQrWL8fHOs9H/LzvBJ6dd73vOgE0LPORMTFiHhcqVTOR8RgY3vaWO4fi4j1+nGPHt6Zqi5JVCrXP00iaWyrHj+y4X82nlLzp99H/C15Nm5pdW1+slDILzfWc+WFpVxpde3C3MLkbH42vzg+PnZ54srEpYnRjtRzICKu/vbD//zr5d9dff1nt9678fHI36tp/bKxv1mPTqtXPROHN2zrj4jlvQjWBX2N+mS6nQgAADvSPM//cUScj8Hoq53NAQAAAAdJ5VcD8VUSUQEAAAAOrLQ2NzZJs415AAORptlsfQ7v9+NoWiiWyj+dKa4sTtfn0A5FJp2ZK+RHG3OFhyKTVNfHauVv1y9uWh+PiBMRcW/wSG09O1UsTHd78AMAAAB6xLFN/f8vBuv9fwAAAOCAGep2AgAAAMCe0/8HAACAg69F//8v3cgDAAAA2BN/uHatulSa97+evrm6Ml+8eWE6X5rPLqxMZaeKy0vZ2WJxtvabfQvb/b9Csbj081hcuZ0r50vlXGl17cZCcWWxfGPuqVtgAwAAAPvoxI/uv5tExPovjtSWqkPdTgrYF/27OfiDvcsD2H993U4A6Jpdff8DB0qm2wkAXZdss7/t5J03O58LAACwN4Z/0Pr6f7Lt2MB6uk8pAnvE+B/0Ltf/oXe5/g+9KxN9oSMPvW3vr/9XKrtKCAAA6LiB2pKk2YjaOMBApGk2G3G8dluATDIzV8iPRsR3I+Kdwcx3qutjtWcm2/YZAAAAAAAAAAAAAAAAAAAAAAAAAIC6SiWJCgAAAHCgRaQfJY37fw0PnhvYPD5wKPlysPYYEbf+f/2/tyfL5eWx6vbPnmwv/6+x/WI3RjAAAACAzZr99GY/HgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA66dHDO1PNZT/jfvKbiBhqFb8/DtceD0cmIo5+nkT/huclEdHXgfjrdyPiZKv4STWtGGpk0Sr+kS7GTyPiWAfiQy+7X21/ft3q85fGmdpj68/f5VoL9fzat3/pk/avr037c3yHMU49eDXXNv7diFP9rdufZvykTfyzO4z/1z+vrbXbV3kpYrjl90/yVKxceWEpV1pduzC3MDmbn80vjo+PXZ64MnFpYjQ3M1fIN/62iHAo/v3D1x5vVf+jca9t+7tV/c/tsP5fP7j98Hv1YqZV/JGzrd//k23ip43vvp80ytX9w83yer280elX3jod8fYb7eo/3eb13+79H9lh/c//8Z/v7/BQAGAflFbX5icLhfxyTxee69Wonha9ELVQ2G3hHy9GGi9kobvtEgAA0HnP9oGf1olr7AAAAAAAAAAAAAAAAAAAAMDW9vPX9ZrWu1NVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAtfRMAAP//lOzXow==")
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x104)
renameat2(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x2)

9.930267718s ago: executing program 1 (id=749):
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000200)='./bus\x00', 0x1400c, &(0x7f0000000680)={[{@test_dummy_encryption}, {@init_itable}, {@noload}]}, 0x3, 0x470, &(0x7f0000001240)="$eJzs3MtvG1UXAPAzkzj98qUloZRXyyNQEBWPpGkLdMECEEgsioQEC1haSVqVpi1qjESrSKQsygohJPaIJf8CK9ggxAqJLexRpQp1Q8vKaOyZxHZsp2nsuMW/n+T23Hn43uOZa9+ZayeAoTWd/ZNE7I6I3yNisl5s3mC6/t+N6yvzN6+vzCdRrb77V1Lb7u/rK/PFpsV+E42FSOJAm3qXL146U15aWryQl2crZz+aXb546YXTZ8unFk8tnjty/Pixo3Mvv3TkxZ7kORFpHr31wVdvn/iiKf+WPHpkutvKp6vVHlc3WHsa4tEBtoOtGcmPV6nW/ydjpOHoTcabn60VPh1QA4G+qVar1YnOq1erwH9YEs1lXR6GRfFBX1z/trsOfrVvo4/Bu/Za/QIoy/tG/qivGV27Y1Bqub7tpemIeH/1n2+yR/TnPgQAQJMfsvHP89loZ2U+G3usjz/SeKBhu3vyuaGpiLg3IvZGxH1xLvZFxP0RtW0fjIiHtlh/6yTJxvFPevW2ErtF2fjvlXxuq3n8V4z+YmokL+2p5V9KTp5eWjycvyaHorQrK891qePHN377stO6xvFf9sjqL8aCeTuuju5q3mehXClvJ+dG1y5H7B9tl3+yNhOQRMTDEbG/3ROkm9dx+tnvHum0bvP8u+jBRFP124hn6sd/NVryLyTd5ydn/xdLi4dni7Nio19+vfJOp/q3lX8PZMf//23P/7X8p5LG+drlrddx5Y/PO17TTJfyYAvn/2q5Uh5L3qvFY/myT8qVyoW5iLHkRL3RjcuPrO9blIvts/wPHWzf//fG+itxICKyk/jRiHgsIh7Pj90TEfFkRBzskv/Prz/1Yeuy8SL/O+D4L2zp+K8HY9G6pH0wcuan75sqnVoP8/xvdn//O1aLDuVLbuX971badXtnMwAAANx90ojYHUk6sxan6cxM/Tv8+yLSpfPLledOnv/43EL9NwJTUUqLO12TDfdD5/LL+nr5ckTUv1pQrD8aae2+8dcj47XyzPz5pYVBJw9DbqJD/8/8OTLo1gF95wdbMLz0fxheXft/aefaAey8Df2/a5/f1de2ADurzef/+CDaAey8duN/f+8HhkNL/zftB0PE/X8YXvo/DC/9H4bS8nhs/iP5rkHxTLe5+2bBZMR2WziYIEp3RDP6FkTa9yrG+ntq9S1I7sI2bwgG954EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQS/8GAAD//3hZ0MA=")
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
ioctl$KVM_GET_MSR_INDEX_LIST(0xffffffffffffffff, 0xc004ae02, &(0x7f0000000300))
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000005700)={{r3}, 0x0, &(0x7f00000056c0)}, 0x20)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
getdents64(0xffffffffffffffff, 0x0, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="4c00000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="81ffffff000000001c0012800b00010067726574617000000c000280080001", @ANYRES32, @ANYBLOB], 0x4c}}, 0x0)

9.40613438s ago: executing program 3 (id=750):
socket(0x9, 0x801, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xffffffffffffff77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x61, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
sched_getaffinity(r1, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x101042, 0x40)
write$binfmt_register(r4, &(0x7f0000000200)={0x3a, 'syz1', 0x3a, 'M', 0x3a, 0xe, 0x3a, '.))', 0x3a, '&@', 0x3a, './file2'}, 0x2c)
syz_mount_image$fuse(0x0, 0x0, 0x3000009, 0x0, 0x1, 0x0, 0x0)
linkat(0xffffffffffffff9c, 0x0, 0xffffffffffffff9c, 0x0, 0x0)
clock_gettime(0x0, &(0x7f0000000000)={<r5=>0x0, <r6=>0x0})
clock_nanosleep(0x2, 0x1, &(0x7f0000000240)={r5, r6+60000000}, &(0x7f0000000340))

9.224327708s ago: executing program 5 (id=751):
listen(0xffffffffffffffff, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000003c0)=0x2)

6.562266945s ago: executing program 3 (id=753):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @remote}, 0x6}, 0x1c)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0x106}, 0x1c)
syz_emit_ethernet(0x7a, &(0x7f0000000740)={@local, @remote, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x2, 0x3, 0x6c, 0x66, 0x0, 0x7, 0x6, 0x0, @remote, @remote}, {{0x4e22, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x16, 0x7c56c988f0195595, 0x6071, 0x0, 0xe7, {[@mptcp=@remove_addr={0x1e, 0x41, 0x3, 0x0, "a281cb8304b6ca52e4043674da2151970829ebe17758f02409381be3872fa5c5cb295d679e6399cd38a9874d313573f0270d698f4f1be1efb983a360eec1"}]}}}}}}}, 0x0)

6.200055234s ago: executing program 2 (id=754):
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000040)='ns/net\x00')
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$KVM_CAP_EXIT_HYPERCALL(0xffffffffffffffff, 0x4068aea3, 0x0)
r2 = userfaultfd(0x801)
ioctl$UFFDIO_API(r2, 0xc018aa3f, 0x0)
setrlimit(0xe, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000700)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r8}, 0x10)
syz_mount_image$vfat(&(0x7f0000000280), &(0x7f0000000000)='./file0\x00', 0x101c08a, &(0x7f0000000440)=ANY=[@ANYBLOB='shortname=mixed,iocharset=iso8859-=winnt,uni_xlate=1,uni_xlate=1,nonumtail=0,utf8=0,errors=continue,utf8=1,check=strict,iocharset=cp855,utf8=0,iocharset=koi8-u,codepage=857,utf8=0,rodir,shortname=win95,\x00'], 0x6, 0x2d4, &(0x7f00000006c0)="$eJzs3T9rZFUUAPDzkjdvZlWYKaxE8IEWVutmW5sJsgExlUsKtdDg7oJkgrALAf/g7Fa2NhYWfgJB8IPY+A0EW8HOVRauvH/MSzKJO8GJaH6/Jod7z3n3vJdL8lLkzgcvHh7cKePeo89/jtEoi41pTONxFpPYiM7DOGb6VQAA/2WPU4rfUuPMpOdOD2URMVpvawDAmpz9+7/sxfki/OHSWgMA1uT2O+++tb27e+vtshzFzuGXR3vVX/bV12Z++158FLO4GzdiHE8i6heFQdRvC1W4k1Ka52VlEq8czo/2qsrD939sr7/9a0RdvxXjmNRDKaW8C9LOm7u3tspGr35e9fFMu/60qr8Z43i+Xb99W+nqby6pj70iXn251//1GMdPH8bHMYs79dqL+i+2yvKN9PXvn71XdVXVZ/OjvWGdt5A2L/UbAwAAAAAAAAAAAAAAAAAAAADA/9r19uycYZSTP5szANvzdzafVPODKDuT4+fzNPVZd6H++UAppXmKb7vzdW6UZZnaxEV9Hi/k/YMFAQAAAAAAAAAAAAAAAAAA4Op68MmnB/uz2d37Fw6uxWKkOw0gj4g/bkdc9MrT3shLUQf5Wa0O2zX3Z7ONNjyek/dHYrPLySLObaO6iYs/loNVkq+d6rkNvvt+1dVHf58zWL7WPxl0u+tgP1v+DIfRjYzaTfJNEb2NVMRTrlWcNZVile1XLJ0ar3zvxbN1MD8nJ7LzGnv9l+bJtSPZybso6qfajLw2aHLbqUGb0ys/sTeeaj/HqCk//bMic1oHAAAAAAAAAAAAAAAAAACs1eK/f5dMPjq3dCMN19YWAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFyqxef/rxDM2+KTU/GwGe8lF3H/wb95fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFwNfwUAAP//ThJUUw==")
open(&(0x7f0000000000)='./file0\x00', 0x80140, 0x0)
r9 = socket$unix(0x1, 0x1, 0x0)
accept$unix(r9, &(0x7f0000000080)=@abs, &(0x7f0000000000)=0x6e)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000500)={0x20, r1, 0x1, 0x70bd2d, 0x25dfdbfe, {}, [@ETHTOOL_A_CHANNELS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x20000040}, 0x0)

6.070832433s ago: executing program 3 (id=755):
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = syz_usb_connect(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x141, 0x48, 0x13, 0x44, 0x20, 0x424, 0x7500, 0x69ee, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0xb8, 0x7, 0x2, 0x96, 0xd1, 0xca, 0x0, [], [{{0x9, 0x5, 0x6, 0x2, 0x200, 0xd, 0x0, 0x6}}, {{0x9, 0x5, 0x82, 0x2, 0x200, 0x0, 0x1, 0x10}}]}}]}}]}}, 0x0)
syz_usb_control_io$uac1(r1, 0x0, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, 0x0)
syz_usb_control_io(r1, 0x0, &(0x7f0000000900)={0x84, &(0x7f0000000300)={0x0, 0x17, 0x4, "9ee763a8"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r1, 0x0, &(0x7f00000002c0)={0x1c, &(0x7f0000000140)={0x40, 0x7, 0x4, "dbc9fb21"}, 0x0, 0x0})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xffffffb7, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001700)={&(0x7f0000000080)='kmem_cache_free\x00', r2}, 0x10)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r3, 0xc004743e, 0x110e22fff6)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x82301, 0x0)
ioctl$TUNSETOFFLOAD(r4, 0x4004743d, 0x110e22fff6)
ioctl$F2FS_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0xf50f, 0x0)
write$cgroup_type(r4, &(0x7f0000000280), 0x9)

5.458014104s ago: executing program 1 (id=756):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f00000003c0)="18607651149d7b10b4024fbbdc08899b8f589df2dbb5d7a8d1b36cfab675cb3976ee8100e2878c9cfa178cac130eb046eda93df39ed4b41924dc225ad4028dd63defb87d698be5c749450b350a789dcfc6b2d6a696b5026d1e52f19274566d1da0f353dd65e330ebf71c5e823f2753c5fd76724828ef31b353e71805205c3dceb44cc4c7b3664e29fb")
ptrace$getregset(0x4205, r0, 0x2, 0x0)
ptrace$getregset(0x4204, r0, 0x2, &(0x7f0000000740)={0x0})
ptrace$PTRACE_SECCOMP_GET_FILTER(0x420c, r0, 0x9, &(0x7f0000001300)=""/4103)

5.07219414s ago: executing program 5 (id=757):
socketpair$tipc(0x1e, 0x2, 0x0, 0x0)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x7, 0x4, 0x200, 0x21db}, 0x50)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = eventfd(0xffffffff)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r2})

5.071949074s ago: executing program 2 (id=758):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed074479000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0xc, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r0}, 0x18)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000900)={{}, 0x0, 0x0}, 0x20)
io_setup(0x3ff, &(0x7f0000000280)=<r1=>0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder1\x00', 0x0, 0x0)
io_submit(r1, 0x1, &(0x7f0000000700)=[&(0x7f00000002c0)={0x0, 0x0, 0x0, 0x5, 0x0, r2, 0x0}])
ioctl$BINDER_WRITE_READ(r2, 0x40046208, 0x0)

4.981450226s ago: executing program 1 (id=759):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'veth1_to_hsr\x00', <r1=>0x0})
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4)
sendto$packet(r0, &(0x7f00000000c0)="3f031c000302140006001e0089e9aa0500000000000000dd1300000000643c4a1b7880610cc9", 0x26, 0x0, &(0x7f0000000040)={0xc9, 0x0, r1, 0x1, 0x0, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}}, 0x14)

4.562585154s ago: executing program 1 (id=760):
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000180)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x3938700}, {0x0, 0x3938700}}, 0x0)
timer_create(0x0, &(0x7f0000000180)={0x0, 0x13}, &(0x7f0000000240)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000340)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
clock_nanosleep(0x2, 0x0, &(0x7f00000001c0)={0x77359400}, &(0x7f0000000200))

4.562132563s ago: executing program 2 (id=761):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x2}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000005b80)={{{@in=@rand_addr=0x64010100, @in6=@rand_addr=' \x01\x00', 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x9}, {0x0, 0x0, 0x0, 0x6}}, {{@in=@dev={0xac, 0x14, 0x14, 0x1d}, 0x4d3, 0x6c}, 0x0, @in=@broadcast, 0x0, 0x0, 0x3}}, 0xe8)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x18)
syz_emit_ethernet(0x3e, &(0x7f00000002c0)={@local, @random="f368656e065b", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x2, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, @dest_unreach={0x3, 0x0, 0x0, 0x0, 0x90, 0x7f, {0x5, 0x4, 0x2, 0x24, 0x5, 0x67, 0x3ff, 0xa7, 0x5c, 0x8, @private=0xa010102, @dev={0xac, 0x14, 0x14, 0x34}}}}}}}, 0x0)

4.068310054s ago: executing program 2 (id=762):
socket(0x9, 0x801, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xffffffffffffff77, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x61, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
sched_getaffinity(r1, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x101042, 0x40)
write$binfmt_register(r4, &(0x7f0000000200)={0x3a, 'syz1', 0x3a, 'M', 0x3a, 0xe, 0x3a, '.))', 0x3a, '&@', 0x3a, './file2'}, 0x2c)
syz_mount_image$fuse(0x0, 0x0, 0x3000009, 0x0, 0x1, 0x0, 0x0)
clock_gettime(0x0, &(0x7f0000000000)={<r5=>0x0, <r6=>0x0})
clock_nanosleep(0x2, 0x1, &(0x7f0000000240)={r5, r6+60000000}, &(0x7f0000000340))

2.34518674s ago: executing program 3 (id=763):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@func={0x0, 0x0, 0x0, 0x2}]}}, 0x0, 0x26}, 0x20)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000780)=@base={0x19, 0x4, 0x8, 0x8}, 0x50)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000600)={r0, 0x2, 0x0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f0000000100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x3}, {0x0, [0x5f]}}, 0x0, 0x1b, 0x0, 0x1}, 0x28)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r3, 0xae9a)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x81, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x10001, 0x36, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0x0, 0x200})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x4, 0x5, 0x6, 0x4004, 0x2, 0x4, 0xefffffffffffffff, 0x0, 0x0, 0x2000000, 0x0, 0x1c, 0x0, 0xffffffffffffffff, 0x6], 0x0, 0x41901})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

1.250749249s ago: executing program 5 (id=764):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x6, 0x8}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0xc, 0xc, &(0x7f0000000180)=@framed={{}, [@ringbuf_output={{0x18, 0x5, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x15}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x0, 0xe, 0xfeff, &(0x7f0000000100)="e0857f9f582f0300000000000000", 0x0, 0x2f00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

1.188391738s ago: executing program 2 (id=765):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x141800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_REINJECT_CONTROL(r1, 0xae71, &(0x7f0000000100)={0x80})

1.177675284s ago: executing program 1 (id=766):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r2, &(0x7f000000e280)={0x2020}, 0x2020)
dup3(r0, r2, 0x0)

996.396906ms ago: executing program 3 (id=767):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
syz_mount_image$fuse(0x0, &(0x7f00000020c0)='./file0\x00', 0x8402, 0x0, 0x0, 0x0, 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f00000000c0)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}, {@metacopy_on}], [], 0x2c})
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x88000, 0x0)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x8800, 0x8)
syz_mount_image$fuse(0x0, &(0x7f0000000580)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
renameat2(r2, &(0x7f0000000380)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', r3, &(0x7f0000000040)='./file1\x00', 0x2)

748.109971ms ago: executing program 2 (id=768):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000"], 0x48)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r3)
ptrace$setregs(0xd, r3, 0x0, &(0x7f00000003c0)="18607651149d7b10b4024fbbdc08899b8f589df2dbb5d7a8d1b36cfab675cb3976ee8100e2878c9cfa178cac130eb046eda93df39ed4b41924dc225ad4028dd63defb87d698be5c749450b350a789dcfc6b2d6a696b5026d1e52f19274566d1da0f353dd65e330ebf71c5e823f2753c5fd76724828ef31b353e71805205c3dceb44cc4c7b3664e29fb")
ptrace$getregset(0x4205, r3, 0x2, 0x0)
ptrace$PTRACE_SECCOMP_GET_FILTER(0x420c, r3, 0x9, &(0x7f0000001300)=""/4103)

747.859071ms ago: executing program 1 (id=769):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x40, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x2, 0x3000, 0x1000, &(0x7f0000feb000/0x1000)=nil})
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000100)="f4440f20c03504000000440f8cc066ba4267663e66460fe750bf26430858fac4a2fd252f410f2ed8f30fc7303439c74424000c000000c7442402bb000000c7442406000000000f0114244e48c2c971dd13", 0x51}], 0x1, 0x80, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x4840, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = socket$netlink(0x10, 0x3, 0xf)
r5 = socket$netlink(0x10, 0x3, 0xf)
setsockopt$sock_int(r5, 0x1, 0x8, 0x0, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, 0x0, 0x0)
sendmsg$IPCTNL_MSG_TIMEOUT_GET(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000400)=ANY=[], 0x14}}, 0x0)

398.76588ms ago: executing program 3 (id=770):
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x9, 0xfffffffffffffff9, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x6)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000c00)=@framed={{}, [@printk={@llu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmmsg$unix(r4, &(0x7f0000004080)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1400000000000000010000000100"], 0x18}}], 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0xb, 0x5, 0x2, 0x2, 0x5}, 0x50)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r6, 0x6, 0x17, &(0x7f0000000040)=0x5, 0x4)
bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r5}, 0x10)
unshare(0x42000800)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1)
mount(&(0x7f00000001c0)=@filename='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000001200)='vfat\x00', 0x0, 0x0)

0s ago: executing program 5 (id=771):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
syz_open_dev$evdev(0x0, 0x3214, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x6, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="18020000fdffffff0000000000000000850000002c00000095"], &(0x7f0000000040)='GPL\x00', 0x5, 0xbf, &(0x7f00000020c0)=""/191}, 0x80)
write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000280)={0xa6, 0x29, 0x1, {0x1, [{{0x1, 0x1, 0x2}, 0xfffffffffffffffb, 0x81, 0x7, './file0'}, {{0x40, 0x0, 0x1}, 0x5, 0x5, 0x7, './file0'}, {{0x20, 0x0, 0x5}, 0x8, 0xf7, 0x7, './file0'}, {{0x4, 0x4, 0x4}, 0x40, 0xf7, 0x7, './file0'}, {{0x20, 0x3, 0x3}, 0x1, 0x5, 0x7, './file0'}]}}, 0xa6)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r2=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r1, r2}, 0x10)
syz_emit_ethernet(0xfdef, &(0x7f0000000300)=ANY=[], 0x0)

kernel console output (not intermixed with test programs):

[  299.839362][ T6477] 8021q: adding VLAN 0 to HW filter on device bond0
[  299.931524][ T6605] netlink: 'syz.4.194': attribute type 10 has an invalid length.
[  299.940839][ T6605] netlink: 'syz.4.194': attribute type 28 has an invalid length.
[  299.948889][ T6605] netlink: 'syz.4.194': attribute type 5 has an invalid length.
[  299.956866][ T6605] netlink: 'syz.4.194': attribute type 8 has an invalid length.
[  299.964796][ T6605] netlink: 'syz.4.194': attribute type 31 has an invalid length.
[  300.061623][ T6477] 8021q: adding VLAN 0 to HW filter on device team0
[  300.183841][   T35] bridge0: port 1(bridge_slave_0) entered blocking state
[  300.191542][   T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[  300.334576][   T35] bridge0: port 2(bridge_slave_1) entered blocking state
[  300.342119][   T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[  300.660062][ T6477] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  300.760912][ T6506] 8021q: adding VLAN 0 to HW filter on device bond0
[  300.810884][   T30] audit: type=1326 audit(1755846706.830:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6608 comm="syz.3.196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ca1d8ebe9 code=0x7ffc0000
[  300.833735][   T30] audit: type=1326 audit(1755846706.830:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6608 comm="syz.3.196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ca1d8ebe9 code=0x7ffc0000
[  301.028001][ T6506] 8021q: adding VLAN 0 to HW filter on device team0
[  301.141056][ T3881] bridge0: port 1(bridge_slave_0) entered blocking state
[  301.148884][ T3881] bridge0: port 1(bridge_slave_0) entered forwarding state
[  301.305482][ T3881] bridge0: port 2(bridge_slave_1) entered blocking state
[  301.313031][ T3881] bridge0: port 2(bridge_slave_1) entered forwarding state
[  301.537423][ T6618] syz.4.199 uses obsolete (PF_INET,SOCK_PACKET)
[  303.048801][ T6477] 8021q: adding VLAN 0 to HW filter on device batadv0
[  303.807014][ T6389] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  305.201960][ T6506] 8021q: adding VLAN 0 to HW filter on device batadv0
[  307.158339][ T6477] veth0_vlan: entered promiscuous mode
[  307.260477][ T6477] veth1_vlan: entered promiscuous mode
[  307.825977][ T6477] veth0_macvtap: entered promiscuous mode
[  307.941901][ T6477] veth1_macvtap: entered promiscuous mode
[  310.003648][ T6506] veth0_vlan: entered promiscuous mode
[  310.199116][ T6506] veth1_vlan: entered promiscuous mode
[  310.230819][ T6477] batman_adv: batadv0: Interface activated: batadv_slave_0
[  310.387670][ T6477] batman_adv: batadv0: Interface activated: batadv_slave_1
[  310.568371][ T4252] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  310.625343][ T6506] veth0_macvtap: entered promiscuous mode
[  310.665799][ T4252] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  310.707015][   T57] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  310.745285][ T6506] veth1_macvtap: entered promiscuous mode
[  310.788193][   T57] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  310.995401][ T6506] batman_adv: batadv0: Interface activated: batadv_slave_0
[  311.075219][ T6506] batman_adv: batadv0: Interface activated: batadv_slave_1
[  311.175712][ T4239] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  311.249145][ T4239] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  311.304719][ T4239] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  311.313704][ T4239] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  311.869244][ T3973] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  312.223171][ T3973] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  312.950245][ T3973] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  313.203439][ T3973] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  314.501850][ T3973] bridge_slave_1: left allmulticast mode
[  314.509963][ T3973] bridge_slave_1: left promiscuous mode
[  314.517623][ T3973] bridge0: port 2(bridge_slave_1) entered disabled state
[  314.669972][ T3973] bridge_slave_0: left allmulticast mode
[  314.681294][ T3973] bridge_slave_0: left promiscuous mode
[  314.687999][ T3973] bridge0: port 1(bridge_slave_0) entered disabled state
[  315.461068][ T3973] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  315.488365][ T3973] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  315.528855][ T3973] bond0 (unregistering): Released all slaves
[  315.831794][ T6716] loop3: detected capacity change from 0 to 256
[  315.886482][ T6716] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  317.094525][ T6725] loop4: detected capacity change from 0 to 128
[  317.277226][ T3973] hsr_slave_0: left promiscuous mode
[  317.291764][ T3973] hsr_slave_1: left promiscuous mode
[  317.299868][ T3973] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  317.307561][ T3973] batman_adv: batadv0: Removing interface: batadv_slave_0
[  317.387771][ T3973] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  317.395557][ T3973] batman_adv: batadv0: Removing interface: batadv_slave_1
[  317.511275][ T3973] veth1_macvtap: left promiscuous mode
[  317.518603][ T3973] veth0_macvtap: left promiscuous mode
[  317.524677][ T3973] veth1_vlan: left promiscuous mode
[  317.530162][ T3973] veth0_vlan: left promiscuous mode
[  318.063610][ T6729] loop3: detected capacity change from 0 to 8192
[  318.297089][ T3973] team0 (unregistering): Port device team_slave_1 removed
[  318.327571][ T3973] team0 (unregistering): Port device team_slave_0 removed
[  319.233748][ T6742] netem: change failed
[  320.608912][ T4252] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  320.619990][ T4252] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  320.740056][ T4204] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  320.748434][ T4204] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  320.880291][ T4204] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  320.889243][ T4204] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  320.989793][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  320.998051][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  321.293127][ T6770] loop5: detected capacity change from 0 to 1024
[  321.314958][ T6770] EXT4-fs (loop5): Test dummy encryption mode enabled
[  321.334797][ T6770] EXT4-fs (loop5): stripe (9) is not aligned with cluster size (16), stripe is disabled
[  321.363640][ T6770] EXT4-fs error (device loop5): ext4_quota_enable:7128: inode #3: comm syz.5.155: iget: bad extra_isize 2 (inode size 1024)
[  321.621832][ T6770] EXT4-fs error (device loop5): ext4_quota_enable:7131: comm syz.5.155: Bad quota inode: 3, type: 0
[  321.801388][ T6770] EXT4-fs warning (device loop5): ext4_enable_quotas:7172: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  321.817702][ T6770] EXT4-fs (loop5): mount failed
[  324.437418][ T6795] loop4: detected capacity change from 0 to 1024
[  324.446437][ T6795] ext4: Unknown parameter 'nouser_xattr'
[  324.712462][ T6795] syz.4.234 (6795) used greatest stack depth: 2440 bytes left
[  330.682920][   T30] kauditd_printk_skb: 2 callbacks suppressed
[  330.683076][   T30] audit: type=1326 audit(1755846736.701:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6824 comm="syz.1.244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdecb8ebe9 code=0x7ffc0000
[  330.712032][   T30] audit: type=1326 audit(1755846736.711:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6824 comm="syz.1.244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=429 compat=0 ip=0x7fcdecb8ebe9 code=0x7ffc0000
[  330.734836][   T30] audit: type=1326 audit(1755846736.711:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6824 comm="syz.1.244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdecb8ebe9 code=0x7ffc0000
[  332.574141][ T6836] Zero length message leads to an empty skb
[  332.863958][ T5867] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  333.107333][ T5867] usb 2-1: Using ep0 maxpacket: 32
[  333.144109][ T5867] usb 2-1: New USB device found, idVendor=05e3, idProduct=0502, bcdDevice=b2.ac
[  333.153368][ T5867] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  333.559522][ T5867] usb 2-1: config 0 descriptor??
[  333.743516][ T5867] gl620a 2-1:0.0: probe with driver gl620a failed with error -22
[  337.423595][ T6853] loop3: detected capacity change from 0 to 1024
[  337.442922][ T6853] EXT4-fs (loop3): Test dummy encryption mode enabled
[  337.507632][ T6853] EXT4-fs (loop3): stripe (9) is not aligned with cluster size (16), stripe is disabled
[  337.534241][ T6853] EXT4-fs error (device loop3): ext4_quota_enable:7128: inode #3: comm syz.3.254: iget: bad extra_isize 2 (inode size 1024)
[  337.552956][ T6853] EXT4-fs error (device loop3): ext4_quota_enable:7131: comm syz.3.254: Bad quota inode: 3, type: 0
[  337.569528][ T6853] EXT4-fs warning (device loop3): ext4_enable_quotas:7172: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  337.585562][ T6853] EXT4-fs (loop3): mount failed
[  339.106688][ T5897] usb 2-1: USB disconnect, device number 8
[  341.191182][ T5821] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  341.207895][ T5821] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  341.217206][ T5821] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  341.231864][ T5821] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  341.243861][ T5821] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  341.724144][   T30] audit: type=1326 audit(1755846747.751:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6874 comm="syz.3.263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ca1d8ebe9 code=0x7ffc0000
[  341.871362][   T30] audit: type=1326 audit(1755846747.781:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6874 comm="syz.3.263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=280 compat=0 ip=0x7f1ca1d8ebe9 code=0x7ffc0000
[  341.894447][   T30] audit: type=1326 audit(1755846747.781:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6874 comm="syz.3.263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ca1d8ebe9 code=0x7ffc0000
[  342.171719][ T5821] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  342.204117][ T6868] chnl_net:caif_netlink_parms(): no params data found
[  342.235394][ T5821] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  342.307715][ T5821] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  342.339172][ T5821] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  342.354665][ T5821] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  343.289708][ T5821] Bluetooth: hci0: command tx timeout
[  343.568943][ T6899] 9pnet_virtio: no channels available for device syz
[  344.178516][   T57] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  344.270803][ T6868] bridge0: port 1(bridge_slave_0) entered blocking state
[  344.278779][ T6868] bridge0: port 1(bridge_slave_0) entered disabled state
[  344.286804][ T6868] bridge_slave_0: entered allmulticast mode
[  344.296240][ T6868] bridge_slave_0: entered promiscuous mode
[  344.314087][ T6903] loop3: detected capacity change from 0 to 8192
[  344.341617][ T6881] chnl_net:caif_netlink_parms(): no params data found
[  344.407065][ T5821] Bluetooth: hci4: command tx timeout
[  344.418669][   T57] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  344.456618][ T6868] bridge0: port 2(bridge_slave_1) entered blocking state
[  344.464311][ T6868] bridge0: port 2(bridge_slave_1) entered disabled state
[  344.480602][ T6868] bridge_slave_1: entered allmulticast mode
[  344.492841][ T6868] bridge_slave_1: entered promiscuous mode
[  344.545003][   T57] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  344.948074][   T57] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  345.048056][ T6868] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  345.134723][ T6868] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  345.363372][ T5821] Bluetooth: hci0: command tx timeout
[  345.616990][   T57] bridge_slave_1: left allmulticast mode
[  345.622908][   T57] bridge_slave_1: left promiscuous mode
[  345.629859][   T57] bridge0: port 2(bridge_slave_1) entered disabled state
[  345.734113][   T57] bridge_slave_0: left allmulticast mode
[  345.740062][   T57] bridge_slave_0: left promiscuous mode
[  345.750149][   T57] bridge0: port 1(bridge_slave_0) entered disabled state
[  346.319760][   T57] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  346.354483][   T57] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  346.375028][   T57] bond0 (unregistering): Released all slaves
[  346.438303][ T6868] team0: Port device team_slave_0 added
[  346.457821][ T6922] loop4: detected capacity change from 0 to 1024
[  346.510670][ T5821] Bluetooth: hci4: command tx timeout
[  346.525858][ T6922] EXT4-fs (loop4): Test dummy encryption mode enabled
[  346.563766][ T6868] team0: Port device team_slave_1 added
[  346.589158][ T6922] EXT4-fs (loop4): stripe (9) is not aligned with cluster size (16), stripe is disabled
[  346.663457][ T6922] EXT4-fs error (device loop4): ext4_quota_enable:7128: inode #3: comm syz.4.273: iget: bad extra_isize 2 (inode size 1024)
[  346.695679][ T6922] EXT4-fs error (device loop4): ext4_quota_enable:7131: comm syz.4.273: Bad quota inode: 3, type: 0
[  346.732083][ T6922] EXT4-fs warning (device loop4): ext4_enable_quotas:7172: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  346.786227][ T6922] EXT4-fs (loop4): mount failed
[  346.874430][ T6881] bridge0: port 1(bridge_slave_0) entered blocking state
[  346.882124][ T6881] bridge0: port 1(bridge_slave_0) entered disabled state
[  346.889973][ T6881] bridge_slave_0: entered allmulticast mode
[  346.899172][ T6881] bridge_slave_0: entered promiscuous mode
[  346.990667][ T6881] bridge0: port 2(bridge_slave_1) entered blocking state
[  346.998377][ T6881] bridge0: port 2(bridge_slave_1) entered disabled state
[  347.006286][ T6881] bridge_slave_1: entered allmulticast mode
[  347.015569][ T6881] bridge_slave_1: entered promiscuous mode
[  347.027281][ T6868] batman_adv: batadv0: Adding interface: batadv_slave_0
[  347.036919][ T6868] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  347.064005][ T6868] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  347.347210][ T6931] loop4: detected capacity change from 0 to 128
[  347.376294][ T6931] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  347.428387][ T6931] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  347.473239][ T5821] Bluetooth: hci0: command tx timeout
[  347.483625][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[  347.490325][ T1287] ieee802154 phy1 wpan1: encryption failed: -22
[  347.512207][   T30] audit: type=1400 audit(1755846753.542:85): apparmor="DENIED" operation="setprocattr" info="invalid" error=-22 profile="unconfined" pid=6928 comm="syz.3.277"
[  347.615567][   T57] hsr_slave_0: left promiscuous mode
[  347.653098][   T57] hsr_slave_1: left promiscuous mode
[  347.661046][   T57] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  347.668757][   T57] batman_adv: batadv0: Removing interface: batadv_slave_0
[  347.718795][   T57] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  347.726796][   T57] batman_adv: batadv0: Removing interface: batadv_slave_1
[  347.830570][   T57] veth1_macvtap: left promiscuous mode
[  347.838404][   T57] veth0_macvtap: left promiscuous mode
[  347.844695][   T57] veth1_vlan: left promiscuous mode
[  347.854897][   T57] veth0_vlan: left promiscuous mode
[  348.228957][ T6935] usb usb7: usbfs: process 6935 (syz.3.280) did not claim interface 0 before use
[  348.586608][   T57] team0 (unregistering): Port device team_slave_1 removed
[  348.619759][   T57] team0 (unregistering): Port device team_slave_0 removed
[  348.782160][ T5821] Bluetooth: hci4: command tx timeout
[  349.171317][ T6868] batman_adv: batadv0: Adding interface: batadv_slave_1
[  349.181539][ T6868] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  349.209572][ T6868] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  349.234181][ T6881] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  349.273206][ T6881] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  349.758598][ T5821] Bluetooth: hci0: command tx timeout
[  350.874888][ T5821] Bluetooth: hci4: command tx timeout
[  351.517999][ T6868] hsr_slave_0: entered promiscuous mode
[  351.528118][ T6868] hsr_slave_1: entered promiscuous mode
[  351.539952][ T6868] debugfs: 'hsr0' already exists in 'hsr'
[  351.545946][ T6868] Cannot create hsr debugfs directory
[  351.750632][ T6881] team0: Port device team_slave_0 added
[  351.783425][ T6881] team0: Port device team_slave_1 added
[  352.038207][ T4239] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  352.119009][ T6881] batman_adv: batadv0: Adding interface: batadv_slave_0
[  352.126280][ T6881] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  352.157121][ T6881] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  352.361032][ T6881] batman_adv: batadv0: Adding interface: batadv_slave_1
[  352.368498][ T6881] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  352.394835][ T6881] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  353.030733][ T6881] hsr_slave_0: entered promiscuous mode
[  353.040605][ T6881] hsr_slave_1: entered promiscuous mode
[  353.049672][ T6881] debugfs: 'hsr0' already exists in 'hsr'
[  353.055837][ T6881] Cannot create hsr debugfs directory
[  353.946774][ T6955] loop3: detected capacity change from 0 to 256
[  354.113533][ T6955] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  355.032712][ T6868] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  355.145894][ T6868] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  355.214997][ T6868] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  355.264287][ T6868] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  355.616086][ T6967] binder: 6966:6967 ioctl c0306201 2000000002c0 returned -14
[  355.624227][ T5530] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  355.812895][ T5530] usb 2-1: Using ep0 maxpacket: 16
[  355.824146][ T5530] usb 2-1: config 0 has an invalid interface number: 105 but max is 0
[  355.832717][ T5530] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  355.847482][ T5530] usb 2-1: config 0 has no interface number 0
[  355.951458][ T6881] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  355.956651][ T5530] usb 2-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28
[  355.967837][ T5530] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  355.976148][ T5530] usb 2-1: Product: syz
[  355.980480][ T5530] usb 2-1: Manufacturer: syz
[  355.985522][ T5530] usb 2-1: SerialNumber: syz
[  356.002850][ T5530] usb 2-1: config 0 descriptor??
[  356.049468][ T5530] usb 2-1: Found UVC 0.00 device syz (046d:08f3)
[  356.056337][ T5530] usb 2-1: No valid video chain found.
[  356.058351][ T6881] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  356.122686][ T6881] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  356.232149][ T6973] loop4: detected capacity change from 0 to 256
[  356.240998][ T6973] exfat: Unknown parameter '18446744073709551615ÿÿÿÿÇÜ•O½w'
[  356.358415][ T6881] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  357.795651][ T6868] 8021q: adding VLAN 0 to HW filter on device bond0
[  358.027449][ T5897] usb 2-1: USB disconnect, device number 9
[  358.280630][ T6868] 8021q: adding VLAN 0 to HW filter on device team0
[  358.474428][ T3973] bridge0: port 1(bridge_slave_0) entered blocking state
[  358.481888][ T3973] bridge0: port 1(bridge_slave_0) entered forwarding state
[  358.771496][ T3973] bridge0: port 2(bridge_slave_1) entered blocking state
[  358.779063][ T3973] bridge0: port 2(bridge_slave_1) entered forwarding state
[  359.516761][ T6881] 8021q: adding VLAN 0 to HW filter on device bond0
[  360.005174][ T6881] 8021q: adding VLAN 0 to HW filter on device team0
[  360.259670][ T3973] bridge0: port 1(bridge_slave_0) entered blocking state
[  360.267252][ T3973] bridge0: port 1(bridge_slave_0) entered forwarding state
[  360.494747][ T3973] bridge0: port 2(bridge_slave_1) entered blocking state
[  360.502385][ T3973] bridge0: port 2(bridge_slave_1) entered forwarding state
[  361.169969][ T6881] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  361.735016][ T6994] loop3: detected capacity change from 0 to 256
[  364.855715][ T6994] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  365.942607][ T6868] 8021q: adding VLAN 0 to HW filter on device batadv0
[  366.052435][   T42] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  366.376507][   T42] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  366.391467][   T42] usb 2-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  366.402476][   T42] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  366.546553][   T42] usb 2-1: config 0 descriptor??
[  366.696023][ T6881] 8021q: adding VLAN 0 to HW filter on device batadv0
[  366.978273][   T42] keytouch 0003:0926:3333.0003: fixing up Keytouch IEC report descriptor
[  367.045405][   T42] input: HID 0926:3333 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:0926:3333.0003/input/input8
[  367.195247][   T42] keytouch 0003:0926:3333.0003: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.1-1/input0
[  367.262595][ T5867] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  367.428614][ T5897] usb 2-1: USB disconnect, device number 10
[  367.472773][ T5867] usb 5-1: Using ep0 maxpacket: 16
[  367.517480][ T5867] usb 5-1: config 0 has an invalid interface number: 105 but max is 0
[  367.526107][ T5867] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  367.537390][ T5867] usb 5-1: config 0 has no interface number 0
[  367.657997][ T5867] usb 5-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28
[  367.667527][ T5867] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  367.676120][ T5867] usb 5-1: Product: syz
[  367.680529][ T5867] usb 5-1: Manufacturer: syz
[  367.685452][ T5867] usb 5-1: SerialNumber: syz
[  367.766461][ T5867] usb 5-1: config 0 descriptor??
[  367.805514][ T5867] usb 5-1: Found UVC 0.00 device syz (046d:08f3)
[  367.813479][ T5867] usb 5-1: No valid video chain found.
[  368.299059][ T5897] usb 5-1: USB disconnect, device number 3
[  368.469104][ T6868] veth0_vlan: entered promiscuous mode
[  368.590158][ T6868] veth1_vlan: entered promiscuous mode
[  368.902261][ T6881] veth0_vlan: entered promiscuous mode
[  368.953762][ T6868] veth0_macvtap: entered promiscuous mode
[  368.974434][ T7040] fuse: Bad value for 'fd'
[  369.001404][ T6881] veth1_vlan: entered promiscuous mode
[  369.049952][ T6868] veth1_macvtap: entered promiscuous mode
[  369.256912][ T6868] batman_adv: batadv0: Interface activated: batadv_slave_0
[  369.394168][ T6881] veth0_macvtap: entered promiscuous mode
[  369.486176][ T6881] veth1_macvtap: entered promiscuous mode
[  369.684159][ T6881] batman_adv: batadv0: Interface activated: batadv_slave_0
[  369.804303][ T6881] batman_adv: batadv0: Interface activated: batadv_slave_1
[  369.949926][ T6868] batman_adv: batadv0: Interface activated: batadv_slave_1
[  369.959505][ T4204] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  370.088453][   T35] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  370.142727][   T35] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  370.211499][   T35] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  370.267205][   T35] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  370.328316][   T35] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  370.379310][   T35] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  370.398973][   T35] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  371.218271][ T7065] loop4: detected capacity change from 0 to 512
[  371.293835][ T7065] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  371.505439][ T7065] EXT4-fs error (device loop4): ext4_iget_extra_inode:5104: inode #15: comm syz.4.314: corrupted in-inode xattr: overlapping e_value 
[  371.622820][ T7065] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.314: couldn't read orphan inode 15 (err -117)
[  371.690989][ T7065] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  371.836996][   T30] audit: type=1326 audit(1755846777.863:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7063 comm="syz.4.314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5cdbb8ebe9 code=0x7ffc0000
[  371.859831][   T30] audit: type=1326 audit(1755846777.863:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7063 comm="syz.4.314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=115 compat=0 ip=0x7f5cdbb8ebe9 code=0x7ffc0000
[  371.883222][   T30] audit: type=1326 audit(1755846777.863:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7063 comm="syz.4.314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5cdbb8ebe9 code=0x7ffc0000
[  371.905900][   T30] audit: type=1326 audit(1755846777.863:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7063 comm="syz.4.314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f5cdbb8ebe9 code=0x7ffc0000
[  372.203016][   T30] audit: type=1326 audit(1755846777.973:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7063 comm="syz.4.314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5cdbb8ebe9 code=0x7ffc0000
[  372.229377][   T30] audit: type=1326 audit(1755846777.973:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7063 comm="syz.4.314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5cdbb8ebe9 code=0x7ffc0000
[  372.253183][   T30] audit: type=1326 audit(1755846777.983:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7063 comm="syz.4.314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f5cdbb8ebe9 code=0x7ffc0000
[  372.275798][   T30] audit: type=1326 audit(1755846778.103:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7063 comm="syz.4.314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5cdbb8ebe9 code=0x7ffc0000
[  372.298768][   T30] audit: type=1326 audit(1755846778.103:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7063 comm="syz.4.314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5cdbb8ebe9 code=0x7ffc0000
[  372.325044][   T30] audit: type=1326 audit(1755846778.123:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7063 comm="syz.4.314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f5cdbb8d457 code=0x7ffc0000
[  372.816419][ T5813] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  376.483846][ T7110] netlink: 4 bytes leftover after parsing attributes in process `syz.3.320'.
[  378.047792][ T3590] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  378.380249][ T3590] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  378.707410][ T3590] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  378.944028][ T3590] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  379.325817][ T3590] bridge_slave_1: left allmulticast mode
[  379.331954][ T3590] bridge_slave_1: left promiscuous mode
[  379.338496][ T3590] bridge0: port 2(bridge_slave_1) entered disabled state
[  379.452767][ T3590] bridge_slave_0: left allmulticast mode
[  379.458606][ T3590] bridge_slave_0: left promiscuous mode
[  379.465344][ T3590] bridge0: port 1(bridge_slave_0) entered disabled state
[  379.924388][ T3590] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  379.959723][ T3590] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  380.006294][ T3590] bond0 (unregistering): Released all slaves
[  380.230847][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  380.240222][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  380.461590][ T4171] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  380.470010][ T4171] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  380.527748][ T3973] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  380.536029][ T3973] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  380.570645][ T4252] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  380.579734][ T4252] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  380.805924][ T3590] hsr_slave_0: left promiscuous mode
[  380.833294][ T3590] hsr_slave_1: left promiscuous mode
[  380.841616][ T3590] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  380.849239][ T3590] batman_adv: batadv0: Removing interface: batadv_slave_0
[  380.893525][ T3590] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  380.902798][ T3590] batman_adv: batadv0: Removing interface: batadv_slave_1
[  380.997823][ T3590] veth1_macvtap: left promiscuous mode
[  381.004898][ T3590] veth0_macvtap: left promiscuous mode
[  381.011369][ T3590] veth1_vlan: left promiscuous mode
[  381.017325][ T3590] veth0_vlan: left promiscuous mode
[  381.350599][ T7149] fuse: Bad value for 'fd'
[  381.735183][ T3590] team0 (unregistering): Port device team_slave_1 removed
[  381.883879][ T3590] team0 (unregistering): Port device team_slave_0 removed
[  382.638494][   T30] kauditd_printk_skb: 7 callbacks suppressed
[  382.638657][   T30] audit: type=1326 audit(1755846788.674:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7156 comm="syz.7.255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe92df8ebe9 code=0x7ffc0000
[  382.669880][   T30] audit: type=1326 audit(1755846788.674:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7156 comm="syz.7.255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fe92df8ebe9 code=0x7ffc0000
[  382.697607][   T30] audit: type=1326 audit(1755846788.674:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7156 comm="syz.7.255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe92df8ebe9 code=0x7ffc0000
[  382.721958][   T30] audit: type=1326 audit(1755846788.714:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7156 comm="syz.7.255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe92df8ebe9 code=0x7ffc0000
[  382.744668][   T30] audit: type=1326 audit(1755846788.734:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7156 comm="syz.7.255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe92df8ebe9 code=0x7ffc0000
[  382.772023][   T30] audit: type=1326 audit(1755846788.734:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7156 comm="syz.7.255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe92df8ebe9 code=0x7ffc0000
[  382.796868][   T30] audit: type=1326 audit(1755846788.734:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7156 comm="syz.7.255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe92df8ebe9 code=0x7ffc0000
[  382.819553][   T30] audit: type=1326 audit(1755846788.734:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7156 comm="syz.7.255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe92df8ebe9 code=0x7ffc0000
[  382.842694][   T30] audit: type=1326 audit(1755846788.734:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7156 comm="syz.7.255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=103 compat=0 ip=0x7fe92df8ebe9 code=0x7ffc0000
[  383.161577][   T30] audit: type=1326 audit(1755846789.124:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7156 comm="syz.7.255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe92df8ebe9 code=0x7ffc0000
[  383.393550][ T7165] loop4: detected capacity change from 0 to 256
[  383.512881][ T7165] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  384.848711][ T7178] fuse: Bad value for 'fd'
[  388.710943][ T5897] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  389.798832][ T5897] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  389.809044][ T5897] usb 4-1: New USB device found, idVendor=056e, idProduct=010d, bcdDevice= 0.00
[  389.818405][ T5897] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  390.687489][ T7210] fuse: Bad value for 'fd'
[  390.867269][ T5897] usb 4-1: config 0 descriptor??
[  391.809632][ T7220] netlink: 8 bytes leftover after parsing attributes in process `syz.8.352'.
[  392.393056][ T7224] Unsupported ieee802154 address type: 0
[  392.907612][ T7228] loop7: detected capacity change from 0 to 256
[  393.160099][ T7228] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  393.198107][ T5897] usbhid 4-1:0.0: can't add hid device: -71
[  393.206928][ T5897] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  393.241809][ T5897] usb 4-1: USB disconnect, device number 4
[  400.095189][   T30] kauditd_printk_skb: 1 callbacks suppressed
[  400.095260][   T30] audit: type=1326 audit(1755846806.125:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7259 comm="syz.7.365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe92df8ebe9 code=0x7ffc0000
[  400.140351][   T30] audit: type=1326 audit(1755846806.165:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7259 comm="syz.7.365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe92df8ebe9 code=0x7ffc0000
[  400.140568][   T30] audit: type=1326 audit(1755846806.165:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7259 comm="syz.7.365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7fe92df8ebe9 code=0x7ffc0000
[  400.140766][   T30] audit: type=1326 audit(1755846806.165:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7259 comm="syz.7.365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe92df8ebe9 code=0x7ffc0000
[  400.140973][   T30] audit: type=1326 audit(1755846806.165:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7259 comm="syz.7.365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe92df8ebe9 code=0x7ffc0000
[  400.141171][   T30] audit: type=1326 audit(1755846806.175:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7259 comm="syz.7.365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=287 compat=0 ip=0x7fe92df8ebe9 code=0x7ffc0000
[  400.141470][   T30] audit: type=1326 audit(1755846806.175:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7259 comm="syz.7.365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe92df8ebe9 code=0x7ffc0000
[  400.618058][ T7263] loop3: detected capacity change from 0 to 256
[  400.698547][ T7263] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  403.160902][ T7272] loop4: detected capacity change from 0 to 512
[  403.232152][ T7272] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  403.248252][ T7272] ext4 filesystem being mounted at /97/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  403.391190][   T30] audit: type=1800 audit(1755846809.435:121): pid=7272 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.370" name="file1" dev="loop4" ino=15 res=0 errno=0
[  403.650021][ T5813] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  404.993352][ T5897] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  405.225047][ T5897] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  405.237473][ T5897] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  405.248698][ T5897] usb 9-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  405.258827][ T5897] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  405.512224][ T5897] usb 9-1: config 0 descriptor??
[  406.772377][ T5897] keytouch 0003:0926:3333.0004: fixing up Keytouch IEC report descriptor
[  406.804757][ T5897] input: HID 0926:3333 as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.0/0003:0926:3333.0004/input/input9
[  407.429897][   T42] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  407.661084][   T42] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  407.671733][   T42] usb 2-1: New USB device found, idVendor=056e, idProduct=010d, bcdDevice= 0.00
[  407.681070][   T42] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  407.792357][   T42] usb 2-1: config 0 descriptor??
[  408.034758][ T5897] keytouch 0003:0926:3333.0004: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.8-1/input0
[  408.857583][ T5897] usb 9-1: USB disconnect, device number 2
[  408.902859][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[  408.909756][ T1287] ieee802154 phy1 wpan1: encryption failed: -22
[  409.801218][ T5867] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  410.032352][ T5867] usb 5-1: Using ep0 maxpacket: 32
[  410.067281][ T5867] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  410.078776][ T5867] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  410.363499][ T5867] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  410.373100][ T5867] usb 5-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  410.382053][ T5867] usb 5-1: Product: syz
[  410.386473][ T5867] usb 5-1: Manufacturer: syz
[  410.738594][ T5867] hub 5-1:4.0: USB hub found
[  410.950435][   T42] usbhid 2-1:0.0: can't add hid device: -71
[  410.957612][   T42] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  411.668183][ T5867] hub 5-1:4.0: 2 ports detected
[  411.677294][   T42] usb 2-1: USB disconnect, device number 11
[  413.847426][ T5867] hub 5-1:4.0: hub_ext_port_status failed (err = -32)
[  414.238177][   T42] usb 5-1: USB disconnect, device number 4
[  417.720871][ T5895] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  417.852921][ T7370] loop4: detected capacity change from 0 to 256
[  418.114017][ T7370] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  419.850390][ T5895] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  419.860578][ T5895] usb 2-1: New USB device found, idVendor=056e, idProduct=010d, bcdDevice= 0.00
[  419.870032][ T5895] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  419.926478][ T5895] usb 2-1: config 0 descriptor??
[  425.619574][ T5895] usbhid 2-1:0.0: can't add hid device: -71
[  425.626180][ T5895] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  426.786231][ T5895] usb 2-1: USB disconnect, device number 12
[  429.308848][ T7407] loop8: detected capacity change from 0 to 1024
[  429.403479][ T7407] EXT4-fs (loop8): Test dummy encryption mode enabled
[  429.483931][ T7407] EXT4-fs (loop8): stripe (9) is not aligned with cluster size (16), stripe is disabled
[  429.629885][ T7407] EXT4-fs error (device loop8): ext4_quota_enable:7128: inode #3: comm syz.8.415: iget: bad extra_isize 2 (inode size 1024)
[  429.806502][ T7407] EXT4-fs error (device loop8): ext4_quota_enable:7131: comm syz.8.415: Bad quota inode: 3, type: 0
[  429.889578][ T7407] EXT4-fs warning (device loop8): ext4_enable_quotas:7172: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  430.015404][ T7407] EXT4-fs (loop8): mount failed
[  430.393885][ T7416] loop3: detected capacity change from 0 to 256
[  430.505968][ T7416] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  436.415171][ T5895] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  437.276373][ T7438] netlink: 4 bytes leftover after parsing attributes in process `syz.4.426'.
[  437.321451][ T7438] netlink: 12 bytes leftover after parsing attributes in process `syz.4.426'.
[  438.069127][ T5895] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  438.079403][ T5895] usb 4-1: New USB device found, idVendor=056e, idProduct=010d, bcdDevice= 0.00
[  438.092533][ T5895] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  438.105680][ T5895] usb 4-1: config 0 descriptor??
[  438.345908][ T7450] loop8: detected capacity change from 0 to 256
[  438.371439][ T5895] usbhid 4-1:0.0: can't add hid device: -71
[  438.378459][ T5895] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  438.429155][ T5895] usb 4-1: USB disconnect, device number 5
[  438.463914][ T7450] FAT-fs (loop8): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  441.930727][ T7462] loop4: detected capacity change from 0 to 1024
[  442.004465][ T7462] EXT4-fs (loop4): Test dummy encryption mode enabled
[  442.042312][ T7467] syz.7.435 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  442.079407][ T7462] EXT4-fs (loop4): stripe (9) is not aligned with cluster size (16), stripe is disabled
[  442.246467][ T7462] EXT4-fs error (device loop4): ext4_quota_enable:7128: inode #3: comm syz.4.433: iget: bad extra_isize 2 (inode size 1024)
[  442.399023][ T7462] EXT4-fs error (device loop4): ext4_quota_enable:7131: comm syz.4.433: Bad quota inode: 3, type: 0
[  442.479792][ T7462] EXT4-fs warning (device loop4): ext4_enable_quotas:7172: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  442.643286][ T7462] EXT4-fs (loop4): mount failed
[  444.027784][ T7478] loop4: detected capacity change from 0 to 256
[  444.036469][ T7478] vfat: Unknown parameter '00000000000000000003ÿÿDkÊ
øË·9Ð8‰R‹MzÝá'
[  448.015281][ T7488] loop3: detected capacity change from 0 to 512
[  448.071433][ T7488] ext4: Unknown parameter 'smackfstransmute'
[  449.437429][   T42] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  449.626541][ T7496] loop3: detected capacity change from 0 to 512
[  449.680733][   T42] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  449.691036][   T42] usb 5-1: New USB device found, idVendor=056e, idProduct=010d, bcdDevice= 0.00
[  449.700424][   T42] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  449.785631][ T7496] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  449.798964][ T7496] ext4 filesystem being mounted at /118/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  449.827350][   T42] usb 5-1: config 0 descriptor??
[  449.874270][ T7504] loop7: detected capacity change from 0 to 256
[  449.941948][ T7504] FAT-fs (loop7): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  453.037608][   T42] usbhid 5-1:0.0: can't add hid device: -71
[  453.044317][   T42] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  453.123673][ T5819] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  453.138579][   T42] usb 5-1: USB disconnect, device number 5
[  461.783417][ T5824] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  461.794816][ T5824] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  461.809892][ T5824] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  461.834138][ T5824] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  461.912658][ T5824] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  462.614976][ T7566] loop3: detected capacity change from 0 to 128
[  462.698772][ T7566] EXT4-fs: Ignoring removed nobh option
[  462.802581][ T7566] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  462.828225][ T7566] ext4 filesystem being mounted at /125/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  463.613120][ T7559] chnl_net:caif_netlink_parms(): no params data found
[  463.681743][ T5819] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  464.007133][ T5824] Bluetooth: hci5: command tx timeout
[  466.608394][ T5105] Bluetooth: hci5: command tx timeout
[  467.599938][ T5105] Bluetooth: hci0: command 0x0406 tx timeout
[  467.606294][ T5105] Bluetooth: hci4: command 0x0406 tx timeout
[  468.854923][   T49] Bluetooth: hci5: command tx timeout
[  469.139520][ T7559] bridge0: port 1(bridge_slave_0) entered blocking state
[  469.147478][ T7559] bridge0: port 1(bridge_slave_0) entered disabled state
[  469.155289][ T7559] bridge_slave_0: entered allmulticast mode
[  469.164648][ T7559] bridge_slave_0: entered promiscuous mode
[  469.606745][ T7559] bridge0: port 2(bridge_slave_1) entered blocking state
[  469.614298][ T7559] bridge0: port 2(bridge_slave_1) entered disabled state
[  469.624358][ T7559] bridge_slave_1: entered allmulticast mode
[  469.637607][ T7559] bridge_slave_1: entered promiscuous mode
[  469.740143][   T35] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  470.125796][ T7588] binder: 7587:7588 ioctl 4018620d 0 returned -22
[  470.235331][   T35] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  470.298384][ T7559] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  470.850501][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[  470.857383][ T1287] ieee802154 phy1 wpan1: encryption failed: -22
[  470.937597][ T7559] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  470.943227][ T5824] Bluetooth: hci5: command tx timeout
[  471.017072][ T5824] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  471.061690][ T5824] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  471.071364][ T5824] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  471.093324][ T5824] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  471.143972][ T7594] binder: 7587:7594 ioctl c0306201 0 returned -14
[  471.154350][ T5824] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  471.181611][   T35] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  471.242590][ T7559] team0: Port device team_slave_0 added
[  471.399573][   T35] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  471.546747][ T7559] team0: Port device team_slave_1 added
[  471.938260][ T7559] batman_adv: batadv0: Adding interface: batadv_slave_0
[  471.945384][ T7559] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  471.978191][ T7559] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  472.132784][   T35] bridge_slave_1: left allmulticast mode
[  472.139042][   T35] bridge_slave_1: left promiscuous mode
[  472.145688][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[  472.309912][ T7602] loop3: detected capacity change from 0 to 512
[  472.334977][ T7602] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  472.393881][ T7602] EXT4-fs (loop3): orphan cleanup on readonly fs
[  472.410372][ T7602] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.473: bg 0: block 248: padding at end of block bitmap is not set
[  472.429673][ T7602] Quota error (device loop3): write_blk: dquota write failed
[  472.438012][ T7602] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  472.448550][ T7602] EXT4-fs error (device loop3): ext4_acquire_dquot:6937: comm syz.3.473: Failed to acquire dquot type 1
[  472.508121][ T7602] EXT4-fs (loop3): 1 truncate cleaned up
[  472.521875][ T7602] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  472.767129][   T35] bridge_slave_0: left allmulticast mode
[  472.780514][   T35] bridge_slave_0: left promiscuous mode
[  472.787150][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[  473.367556][ T5824] Bluetooth: hci4: command tx timeout
[  474.453750][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  474.547649][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  474.593802][   T35] bond0 (unregistering): Released all slaves
[  474.738261][ T7559] batman_adv: batadv0: Adding interface: batadv_slave_1
[  474.745490][ T7559] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  474.772876][ T7559] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  475.456927][ T5824] Bluetooth: hci4: command tx timeout
[  476.138867][ T7559] hsr_slave_0: entered promiscuous mode
[  476.156893][ T7559] hsr_slave_1: entered promiscuous mode
[  476.165357][ T7559] debugfs: 'hsr0' already exists in 'hsr'
[  476.171528][ T7559] Cannot create hsr debugfs directory
[  477.188685][   T35] hsr_slave_0: left promiscuous mode
[  477.257515][   T35] hsr_slave_1: left promiscuous mode
[  477.265331][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  477.273093][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[  477.464617][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  477.472441][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[  477.537498][ T5824] Bluetooth: hci4: command tx timeout
[  477.668834][ T5821] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  477.679651][ T5821] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  477.700783][ T5821] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  477.713531][ T5821] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  477.725955][ T5821] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  477.824275][   T35] veth1_macvtap: left promiscuous mode
[  477.830142][   T35] veth0_macvtap: left promiscuous mode
[  477.836645][   T35] veth1_vlan: left promiscuous mode
[  477.842211][   T35] veth0_vlan: left promiscuous mode
[  479.245322][ T5819] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  479.537626][ T7617] process 'syz.1.479' launched '/dev/fd/3' with NULL argv: empty string added
[  479.599965][ T5821] Bluetooth: hci4: command tx timeout
[  479.874198][ T5821] Bluetooth: hci0: command tx timeout
[  479.958072][   T35] team0 (unregistering): Port device team_slave_1 removed
[  480.061136][   T35] team0 (unregistering): Port device team_slave_0 removed
[  481.433269][ T7589] chnl_net:caif_netlink_parms(): no params data found
[  481.943717][ T5821] Bluetooth: hci0: command tx timeout
[  482.093091][   T35] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  482.506543][   T35] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  482.630479][   T35] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  482.688449][ T7634] input: syz0 as /devices/virtual/input/input10
[  482.934250][   T35] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  483.070832][ T7559] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  483.187306][ T7559] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  483.458348][ T7559] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  483.605100][ T7559] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  483.720169][   T35] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  483.995493][ T5821] Bluetooth: hci0: command tx timeout
[  484.013259][   T35] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  484.060456][ T7589] bridge0: port 1(bridge_slave_0) entered blocking state
[  484.068088][ T7589] bridge0: port 1(bridge_slave_0) entered disabled state
[  484.076677][ T7589] bridge_slave_0: entered allmulticast mode
[  484.086034][ T7589] bridge_slave_0: entered promiscuous mode
[  484.128691][ T7612] chnl_net:caif_netlink_parms(): no params data found
[  484.210349][   T35] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  484.253178][ T7589] bridge0: port 2(bridge_slave_1) entered blocking state
[  484.260911][ T7589] bridge0: port 2(bridge_slave_1) entered disabled state
[  484.268790][ T7589] bridge_slave_1: entered allmulticast mode
[  484.278197][ T7589] bridge_slave_1: entered promiscuous mode
[  484.410232][   T35] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  484.558097][ T7589] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  484.675877][ T7589] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  485.074778][   T35] bridge_slave_1: left allmulticast mode
[  485.080808][   T35] bridge_slave_1: left promiscuous mode
[  485.087381][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[  485.146858][   T35] bridge_slave_0: left allmulticast mode
[  485.152683][   T35] bridge_slave_0: left promiscuous mode
[  485.162405][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[  485.248206][   T35] bridge_slave_1: left allmulticast mode
[  485.254034][   T35] bridge_slave_1: left promiscuous mode
[  485.263505][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[  485.323200][   T35] bridge_slave_0: left allmulticast mode
[  485.330727][   T35] bridge_slave_0: left promiscuous mode
[  485.337401][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[  486.110843][ T5821] Bluetooth: hci0: command tx timeout
[  486.266510][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  486.317211][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  486.361026][   T35] bond0 (unregistering): Released all slaves
[  486.650624][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  486.693317][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  486.730227][   T35] bond0 (unregistering): Released all slaves
[  487.507637][ T7589] team0: Port device team_slave_0 added
[  487.551681][ T7589] team0: Port device team_slave_1 added
[  488.240917][ T7589] batman_adv: batadv0: Adding interface: batadv_slave_0
[  488.248263][ T7589] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  488.274830][ T7589] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  488.301514][ T7612] bridge0: port 1(bridge_slave_0) entered blocking state
[  488.309496][ T7612] bridge0: port 1(bridge_slave_0) entered disabled state
[  488.317409][ T7612] bridge_slave_0: entered allmulticast mode
[  488.326573][ T7612] bridge_slave_0: entered promiscuous mode
[  488.473307][ T7612] bridge0: port 2(bridge_slave_1) entered blocking state
[  488.483697][ T7612] bridge0: port 2(bridge_slave_1) entered disabled state
[  488.492624][ T7612] bridge_slave_1: entered allmulticast mode
[  488.502878][ T7612] bridge_slave_1: entered promiscuous mode
[  488.518398][ T7589] batman_adv: batadv0: Adding interface: batadv_slave_1
[  488.526248][ T7589] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  488.555471][ T7589] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  489.511776][ T7559] 8021q: adding VLAN 0 to HW filter on device bond0
[  492.512713][ T7559] 8021q: adding VLAN 0 to HW filter on device team0
[  492.547977][   T35] hsr_slave_0: left promiscuous mode
[  493.546310][   T35] hsr_slave_1: left promiscuous mode
[  493.555959][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  493.563520][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[  494.119206][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  494.127199][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[  494.203056][   T35] hsr_slave_0: left promiscuous mode
[  494.216632][   T35] hsr_slave_1: left promiscuous mode
[  494.229033][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  494.236796][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[  494.259013][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  494.267248][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[  494.333022][   T35] veth1_macvtap: left promiscuous mode
[  494.339354][   T35] veth0_macvtap: left promiscuous mode
[  494.345577][   T35] veth1_vlan: left promiscuous mode
[  494.352424][   T35] veth1_macvtap: left promiscuous mode
[  494.358421][   T35] veth0_macvtap: left promiscuous mode
[  494.364767][   T35] veth1_vlan: left promiscuous mode
[  494.370256][   T35] veth0_vlan: left promiscuous mode
[  495.104688][ T5897] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  495.191980][   T35] team0 (unregistering): Port device team_slave_1 removed
[  495.268674][   T35] team0 (unregistering): Port device team_slave_0 removed
[  495.272215][ T5897] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  495.287340][ T5897] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  495.298924][ T5897] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  495.308786][ T5897] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  495.333105][ T5897] usb 2-1: config 0 descriptor??
[  495.784219][   T35] team0 (unregistering): Port device team_slave_1 removed
[  495.831458][   T35] team0 (unregistering): Port device team_slave_0 removed
[  496.051960][ T5897] usb 2-1: language id specifier not provided by device, defaulting to English
[  496.426359][ T4252] bridge0: port 1(bridge_slave_0) entered blocking state
[  496.433935][ T4252] bridge0: port 1(bridge_slave_0) entered forwarding state
[  496.484317][ T7612] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  496.540955][ T5897] uclogic 0003:256C:006D.0005: failed retrieving string descriptor #200: -71
[  496.550795][ T5897] uclogic 0003:256C:006D.0005: failed retrieving pen parameters: -71
[  496.559394][ T5897] uclogic 0003:256C:006D.0005: failed probing pen v2 parameters: -71
[  496.567934][ T5897] uclogic 0003:256C:006D.0005: failed probing parameters: -71
[  496.576051][ T5897] uclogic 0003:256C:006D.0005: probe with driver uclogic failed with error -71
[  496.589748][ T5897] usb 2-1: USB disconnect, device number 13
[  496.685048][ T7612] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  496.724068][ T7589] hsr_slave_0: entered promiscuous mode
[  496.736425][ T7589] hsr_slave_1: entered promiscuous mode
[  496.840586][ T3949] bridge0: port 2(bridge_slave_1) entered blocking state
[  496.848188][ T3949] bridge0: port 2(bridge_slave_1) entered forwarding state
[  496.891545][ T7612] team0: Port device team_slave_0 added
[  496.916777][ T7612] team0: Port device team_slave_1 added
[  497.145619][ T7612] batman_adv: batadv0: Adding interface: batadv_slave_0
[  497.153872][ T7612] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  497.180301][ T7612] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  497.328451][ T7612] batman_adv: batadv0: Adding interface: batadv_slave_1
[  497.336684][ T7612] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  497.365703][ T7612] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  497.588280][ T7666] loop3: detected capacity change from 0 to 4096
[  497.670864][ T7666] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  497.733033][ T7612] hsr_slave_0: entered promiscuous mode
[  497.742651][ T7612] hsr_slave_1: entered promiscuous mode
[  497.751069][ T7612] debugfs: 'hsr0' already exists in 'hsr'
[  497.758946][ T7612] Cannot create hsr debugfs directory
[  498.081979][ T5819] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  499.623017][ T7589] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  499.788357][ T7559] 8021q: adding VLAN 0 to HW filter on device batadv0
[  499.804963][ T7589] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  499.897530][ T7589] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  500.115617][ T7589] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  500.439311][ T7612] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  500.575319][ T7612] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  500.743860][ T7612] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  500.882712][ T7612] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  501.964660][ T7589] 8021q: adding VLAN 0 to HW filter on device bond0
[  502.255195][ T7589] 8021q: adding VLAN 0 to HW filter on device team0
[  502.431689][ T4252] bridge0: port 1(bridge_slave_0) entered blocking state
[  502.439351][ T4252] bridge0: port 1(bridge_slave_0) entered forwarding state
[  502.651352][ T4252] bridge0: port 2(bridge_slave_1) entered blocking state
[  502.659084][ T4252] bridge0: port 2(bridge_slave_1) entered forwarding state
[  503.023094][ T7612] 8021q: adding VLAN 0 to HW filter on device bond0
[  503.385629][ T7612] 8021q: adding VLAN 0 to HW filter on device team0
[  503.495278][   T30] audit: type=1326 audit(1755846909.500:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7691 comm="syz.1.494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdecb8ebe9 code=0x7ffc0000
[  503.518926][   T30] audit: type=1326 audit(1755846909.500:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7691 comm="syz.1.494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=226 compat=0 ip=0x7fcdecb8ebe9 code=0x7ffc0000
[  503.541689][   T30] audit: type=1326 audit(1755846909.500:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7691 comm="syz.1.494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdecb8ebe9 code=0x7ffc0000
[  503.576325][ T4204] bridge0: port 1(bridge_slave_0) entered blocking state
[  503.583783][ T4204] bridge0: port 1(bridge_slave_0) entered forwarding state
[  503.844583][ T4204] bridge0: port 2(bridge_slave_1) entered blocking state
[  503.852034][ T4204] bridge0: port 2(bridge_slave_1) entered forwarding state
[  504.220656][ T7612] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  504.233529][ T7612] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  504.307500][   T30] audit: type=1326 audit(1755846909.650:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7691 comm="syz.1.494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fcdecb8ebe9 code=0x7ffc0000
[  504.330402][   T30] audit: type=1326 audit(1755846909.650:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7691 comm="syz.1.494" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdecb8ebe9 code=0x7ffc0000
[  504.778303][ T7559] veth0_vlan: entered promiscuous mode
[  504.853750][   T30] audit: type=1326 audit(1755846910.870:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7695 comm="syz.1.495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdecb8ebe9 code=0x7ffc0000
[  504.878004][   T30] audit: type=1326 audit(1755846910.890:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7695 comm="syz.1.495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=63 compat=0 ip=0x7fcdecb8ebe9 code=0x7ffc0000
[  504.900899][   T30] audit: type=1326 audit(1755846910.890:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7695 comm="syz.1.495" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdecb8ebe9 code=0x7ffc0000
[  504.941562][ T7559] veth1_vlan: entered promiscuous mode
[  505.215164][ T7559] veth0_macvtap: entered promiscuous mode
[  505.313413][ T7559] veth1_macvtap: entered promiscuous mode
[  505.453493][ T7559] batman_adv: batadv0: Interface activated: batadv_slave_0
[  505.539755][ T7559] batman_adv: batadv0: Interface activated: batadv_slave_1
[  505.639449][ T1895] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  505.661805][   T30] audit: type=1326 audit(1755846911.700:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7707 comm="syz.3.498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ca1d8ebe9 code=0x7ffc0000
[  505.687984][ T1895] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  505.762346][ T1895] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  505.786855][   T30] audit: type=1326 audit(1755846911.760:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7707 comm="syz.3.498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ca1d8ebe9 code=0x7ffc0000
[  505.823426][   T35] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  505.950101][ T7589] 8021q: adding VLAN 0 to HW filter on device batadv0
[  506.455618][ T7589] veth0_vlan: entered promiscuous mode
[  506.531073][ T7612] 8021q: adding VLAN 0 to HW filter on device batadv0
[  506.551897][ T7589] veth1_vlan: entered promiscuous mode
[  506.865174][ T7589] veth0_macvtap: entered promiscuous mode
[  507.020065][ T7589] veth1_macvtap: entered promiscuous mode
[  507.105024][ T7612] veth0_vlan: entered promiscuous mode
[  507.241406][ T7612] veth1_vlan: entered promiscuous mode
[  507.259671][ T7589] batman_adv: batadv0: Interface activated: batadv_slave_0
[  507.350295][ T7589] batman_adv: batadv0: Interface activated: batadv_slave_1
[  507.427792][ T3949] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  507.486248][ T3949] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  507.538840][ T3949] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  507.615494][ T3949] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  507.643396][ T7612] veth0_macvtap: entered promiscuous mode
[  507.700225][ T7612] veth1_macvtap: entered promiscuous mode
[  507.811513][ T7612] batman_adv: batadv0: Interface activated: batadv_slave_0
[  507.872501][ T7612] batman_adv: batadv0: Interface activated: batadv_slave_1
[  507.967099][ T3949] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  508.014803][ T3949] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  508.046443][ T3949] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  508.106328][ T3949] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  509.268681][ T7754] loop3: detected capacity change from 0 to 512
[  509.278114][ T7754] EXT4-fs: Ignoring removed orlov option
[  509.306936][ T7754] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  509.315879][ T7754] EXT4-fs (loop3): blocks per group (95) and clusters per group (32768) inconsistent
[  511.091437][ T7760] netlink: 'syz.1.507': attribute type 6 has an invalid length.
[  513.635953][ T3918] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  513.644805][ T3918] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  513.974366][ T3949] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  513.982534][ T3949] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  520.310122][ T7807] loop3: detected capacity change from 0 to 1024
[  520.387945][ T7807] EXT4-fs: inline encryption not supported
[  520.394194][ T7807] EXT4-fs: Ignoring removed i_version option
[  522.562418][ T7807] EXT4-fs: error -4 creating inode table initialization thread
[  523.202753][ T7807] EXT4-fs (loop3): mount failed
[  526.173516][   T30] kauditd_printk_skb: 13 callbacks suppressed
[  526.173592][   T30] audit: type=1326 audit(1755846932.202:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7830 comm="syz.3.520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ca1d8ebe9 code=0x7ffc0000
[  526.404891][   T30] audit: type=1326 audit(1755846932.312:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7830 comm="syz.3.520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1ca1d8ebe9 code=0x7ffc0000
[  526.429705][   T30] audit: type=1326 audit(1755846932.312:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7830 comm="syz.3.520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ca1d8ebe9 code=0x7ffc0000
[  526.453086][   T30] audit: type=1326 audit(1755846932.312:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7830 comm="syz.3.520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ca1d8ebe9 code=0x7ffc0000
[  526.475998][   T30] audit: type=1326 audit(1755846932.322:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7830 comm="syz.3.520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1ca1d8ebe9 code=0x7ffc0000
[  526.498715][   T30] audit: type=1326 audit(1755846932.322:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7830 comm="syz.3.520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ca1d8ebe9 code=0x7ffc0000
[  526.521324][   T30] audit: type=1326 audit(1755846932.322:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7830 comm="syz.3.520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1ca1d8ebe9 code=0x7ffc0000
[  526.545218][   T30] audit: type=1326 audit(1755846932.352:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7830 comm="syz.3.520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ca1d8ebe9 code=0x7ffc0000
[  526.568901][   T30] audit: type=1326 audit(1755846932.352:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7830 comm="syz.3.520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ca1d8ebe9 code=0x7ffc0000
[  526.591823][   T30] audit: type=1326 audit(1755846932.392:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7830 comm="syz.3.520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1ca1d8ebe9 code=0x7ffc0000
[  526.968418][ T4252] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  526.976576][ T4252] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  527.266945][ T1895] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  527.275175][ T1895] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  527.439278][ T5824] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  527.461385][ T5824] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  527.470766][ T5824] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  527.500408][ T5824] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  527.511428][ T5824] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  528.699063][ T7854] loop3: detected capacity change from 0 to 256
[  528.826109][ T7854] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  529.562032][   T35] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  529.611002][ T5821] Bluetooth: hci1: command tx timeout
[  529.687576][   T35] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  529.867116][   T35] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  530.648508][   T35] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  530.884010][ T7841] chnl_net:caif_netlink_parms(): no params data found
[  531.612213][   T35] bridge_slave_1: left allmulticast mode
[  531.618429][   T35] bridge_slave_1: left promiscuous mode
[  531.625002][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[  531.781656][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[  531.788911][ T1287] ieee802154 phy1 wpan1: encryption failed: -22
[  531.807912][ T5821] Bluetooth: hci1: command tx timeout
[  531.877195][   T35] bridge_slave_0: left allmulticast mode
[  531.883274][   T35] bridge_slave_0: left promiscuous mode
[  531.889854][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[  532.580801][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  532.611869][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  532.656444][   T35] bond0 (unregistering): Released all slaves
[  533.023220][   T35] hsr_slave_0: left promiscuous mode
[  533.062839][   T35] hsr_slave_1: left promiscuous mode
[  533.070605][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  533.081879][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[  533.225083][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  533.232981][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[  533.425010][   T35] veth1_macvtap: left promiscuous mode
[  533.430717][   T35] veth0_macvtap: left promiscuous mode
[  533.436971][   T35] veth1_vlan: left promiscuous mode
[  533.442573][   T35] veth0_vlan: left promiscuous mode
[  533.833241][ T5821] Bluetooth: hci1: command tx timeout
[  535.923170][ T5821] Bluetooth: hci1: command tx timeout
[  536.306963][   T35] team0 (unregistering): Port device team_slave_1 removed
[  536.384482][   T35] team0 (unregistering): Port device team_slave_0 removed
[  537.308135][ T7841] bridge0: port 1(bridge_slave_0) entered blocking state
[  537.316084][ T7841] bridge0: port 1(bridge_slave_0) entered disabled state
[  537.323795][ T7841] bridge_slave_0: entered allmulticast mode
[  537.333177][ T7841] bridge_slave_0: entered promiscuous mode
[  537.430887][ T7841] bridge0: port 2(bridge_slave_1) entered blocking state
[  537.438877][ T7841] bridge0: port 2(bridge_slave_1) entered disabled state
[  537.446663][ T7841] bridge_slave_1: entered allmulticast mode
[  537.455894][ T7841] bridge_slave_1: entered promiscuous mode
[  537.735553][ T7841] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  537.800645][ T7841] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  538.135514][ T7841] team0: Port device team_slave_0 added
[  538.190328][ T7841] team0: Port device team_slave_1 added
[  538.481184][ T7841] batman_adv: batadv0: Adding interface: batadv_slave_0
[  538.488664][ T7841] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  538.518043][ T7841] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  538.733454][ T7841] batman_adv: batadv0: Adding interface: batadv_slave_1
[  538.740773][ T7841] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  538.767398][ T7841] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  539.789796][ T7841] hsr_slave_0: entered promiscuous mode
[  539.799778][ T7841] hsr_slave_1: entered promiscuous mode
[  541.363562][ T7913] vlan2: entered allmulticast mode
[  541.828466][ T7841] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  541.850129][ T7841] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  541.877764][ T7841] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  542.013524][ T7841] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  544.368400][   T30] kauditd_printk_skb: 3 callbacks suppressed
[  544.368473][   T30] audit: type=1326 audit(1755846950.333:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7940 comm="syz.3.555" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ca1d8ebe9 code=0x7ffc0000
[  544.398438][   T30] audit: type=1326 audit(1755846950.343:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7940 comm="syz.3.555" exe="/root/syz-executor" sig=0 arch=c000003e syscall=326 compat=0 ip=0x7f1ca1d8ebe9 code=0x7ffc0000
[  544.421154][   T30] audit: type=1326 audit(1755846950.343:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7940 comm="syz.3.555" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1ca1d8ebe9 code=0x7ffc0000
[  544.997814][ T7841] 8021q: adding VLAN 0 to HW filter on device bond0
[  545.268495][ T7841] 8021q: adding VLAN 0 to HW filter on device team0
[  545.406768][ T4252] bridge0: port 1(bridge_slave_0) entered blocking state
[  545.414351][ T4252] bridge0: port 1(bridge_slave_0) entered forwarding state
[  545.435409][ T5897] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  545.601630][ T4252] bridge0: port 2(bridge_slave_1) entered blocking state
[  545.609255][ T4252] bridge0: port 2(bridge_slave_1) entered forwarding state
[  545.712216][ T5897] usb 10-1: Using ep0 maxpacket: 8
[  545.759132][ T5897] usb 10-1: config 135 has an invalid interface number: 230 but max is 0
[  545.768942][ T5897] usb 10-1: config 135 has an invalid descriptor of length 183, skipping remainder of the config
[  545.782280][ T5897] usb 10-1: config 135 has no interface number 0
[  545.788857][ T5897] usb 10-1: too many endpoints for config 135 interface 230 altsetting 126: 53, using maximum allowed: 30
[  545.801299][ T5897] usb 10-1: config 135 interface 230 altsetting 126 has 0 endpoint descriptors, different from the interface descriptor's value: 53
[  545.815357][ T5897] usb 10-1: config 135 interface 230 has no altsetting 0
[  546.239079][ T5897] usb 10-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a
[  546.248708][ T5897] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  546.257195][ T5897] usb 10-1: Product: syz
[  546.261723][ T5897] usb 10-1: Manufacturer: syz
[  546.266558][ T5897] usb 10-1: SerialNumber: syz
[  546.614412][ T5897] usb 10-1: Found UVC 0.00 device syz (18ec:3288)
[  546.621196][ T5897] usb 10-1: No valid video chain found.
[  546.673826][ T5897] usb 10-1: USB disconnect, device number 2
[  547.704802][ T7841] 8021q: adding VLAN 0 to HW filter on device batadv0
[  548.889159][ T7841] veth0_vlan: entered promiscuous mode
[  549.013660][ T7841] veth1_vlan: entered promiscuous mode
[  550.557950][ T7841] veth0_macvtap: entered promiscuous mode
[  550.599199][ T7841] veth1_macvtap: entered promiscuous mode
[  550.745940][ T7841] batman_adv: batadv0: Interface activated: batadv_slave_0
[  550.834452][ T7841] batman_adv: batadv0: Interface activated: batadv_slave_1
[  550.914326][   T35] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  550.945296][   T35] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  551.001304][   T35] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  551.040060][   T35] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  551.373902][ T5530] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[  551.562960][ T5530] usb 10-1: Using ep0 maxpacket: 16
[  551.634648][ T5530] usb 10-1: config 0 has an invalid interface number: 41 but max is 0
[  551.643610][ T5530] usb 10-1: config 0 has no interface number 0
[  551.650242][ T5530] usb 10-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  551.660644][ T5530] usb 10-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  551.671135][ T5530] usb 10-1: config 0 interface 41 has no altsetting 0
[  552.798355][ T5530] usb 10-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[  552.808692][ T5530] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  552.817102][ T5530] usb 10-1: Product: syz
[  552.821750][ T5530] usb 10-1: Manufacturer: syz
[  552.826601][ T5530] usb 10-1: SerialNumber: syz
[  553.323903][ T8018] bridge: RTM_NEWNEIGH with invalid ether address
[  553.764711][ T5530] usb 10-1: config 0 descriptor??
[  553.782911][ T8001] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22
[  553.790572][ T8001] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22
[  555.295541][ T5530] usb 10-1: can't set config #0, error -71
[  555.448875][ T5530] usb 10-1: USB disconnect, device number 3
[  556.737106][ T5530] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  556.913176][ T5530] usb 2-1: Using ep0 maxpacket: 16
[  556.941281][ T5530] usb 2-1: config 0 has an invalid interface number: 41 but max is 0
[  556.950038][ T5530] usb 2-1: config 0 has no interface number 0
[  556.956740][ T5530] usb 2-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  556.967640][ T5530] usb 2-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  556.978181][ T5530] usb 2-1: config 0 interface 41 has no altsetting 0
[  557.062061][ T5530] usb 2-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[  557.073986][ T5530] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  557.084282][ T5530] usb 2-1: Product: syz
[  557.088615][ T5530] usb 2-1: Manufacturer: syz
[  557.095734][ T5530] usb 2-1: SerialNumber: syz
[  557.190293][ T5530] usb 2-1: config 0 descriptor??
[  557.198601][ T8091] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  557.220084][ T8091] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  557.536620][ T8091] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  557.584146][ T8091] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  558.832296][ T7648] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  559.011898][ T7648] usb 1-1: Using ep0 maxpacket: 16
[  559.041557][ T7648] usb 1-1: config index 0 descriptor too short (expected 4495, got 71)
[  559.050446][ T7648] usb 1-1: config 0 has an invalid interface number: 105 but max is 0
[  559.059897][ T7648] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  559.070866][ T7648] usb 1-1: config 0 has no interface number 0
[  559.219004][ T7648] usb 1-1: New USB device found, idVendor=046c, idProduct=14e0, bcdDevice= 0.01
[  559.228825][ T7648] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  559.237543][ T7648] usb 1-1: Product: syz
[  559.241968][ T7648] usb 1-1: Manufacturer: syz
[  559.246734][ T7648] usb 1-1: SerialNumber: syz
[  559.377615][ T7648] usb 1-1: config 0 descriptor??
[  559.662456][ T7648] usb 1-1: Found UVC 0.00 device syz (046c:14e0)
[  559.669274][ T7648] usb 1-1: No valid video chain found.
[  559.706975][ T5530] CoreChips 2-1:0.41 (unnamed net_device) (uninitialized): sr_get_phy_addr : Error reading PHYID register:ffffffb9
[  559.742165][ T5530] CoreChips 2-1:0.41: probe with driver CoreChips failed with error -71
[  559.764776][ T5530] usb 2-1: USB disconnect, device number 14
[  559.891999][ T5895] usb 1-1: USB disconnect, device number 4
[  560.025870][ T8119] 9pnet_fd: p9_fd_create_tcp (8119): problem connecting socket to 127.0.0.1
[  560.194533][ T8116] loop9: detected capacity change from 0 to 8192
[  560.668795][   T30] audit: type=1800 audit(1755846966.694:161): pid=8116 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.589" name="bus" dev="loop9" ino=1048625 res=0 errno=0
[  562.961178][ T4171] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  562.969268][ T4171] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  563.072276][ T3949] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  563.084430][ T3949] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  564.930500][ T8152] netlink: 16 bytes leftover after parsing attributes in process `syz.0.600'.
[  565.192321][ T8154] loop3: detected capacity change from 0 to 128
[  565.899120][ T8156] binder: 8155:8156 ioctl c0306201 200000000080 returned -14
[  566.360220][ T8160] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  566.571460][   T30] audit: type=1326 audit(1755846972.604:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8165 comm="syz.2.607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f357798ebe9 code=0x7ffc0000
[  566.594561][   T30] audit: type=1326 audit(1755846972.614:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8165 comm="syz.2.607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f357798ebe9 code=0x7ffc0000
[  566.617149][   T30] audit: type=1326 audit(1755846972.624:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8165 comm="syz.2.607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f357798ebe9 code=0x7ffc0000
[  566.820700][   T30] audit: type=1326 audit(1755846972.704:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8165 comm="syz.2.607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f357798ebe9 code=0x7ffc0000
[  566.843955][   T30] audit: type=1326 audit(1755846972.724:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8165 comm="syz.2.607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f357798ebe9 code=0x7ffc0000
[  566.866698][   T30] audit: type=1326 audit(1755846972.744:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8165 comm="syz.2.607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f357798ebe9 code=0x7ffc0000
[  566.894029][   T30] audit: type=1326 audit(1755846972.744:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8165 comm="syz.2.607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f357798ebe9 code=0x7ffc0000
[  566.918581][   T30] audit: type=1326 audit(1755846972.744:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8165 comm="syz.2.607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=287 compat=0 ip=0x7f357798ebe9 code=0x7ffc0000
[  566.941689][   T30] audit: type=1326 audit(1755846972.744:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8165 comm="syz.2.607" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f357798ebe9 code=0x7ffc0000
[  567.765899][   T30] audit: type=1326 audit(1755846973.814:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8181 comm="syz.0.612" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f56fe78ebe9 code=0x0
[  570.954450][ T8199] loop3: detected capacity change from 0 to 16
[  571.711049][ T8199] erofs (device loop3): mounted with root inode @ nid 36.
[  572.763612][ T5867] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  572.970979][ T5867] usb 2-1: Using ep0 maxpacket: 16
[  573.039076][ T5867] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 8
[  573.141184][ T5867] usb 2-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[  573.150788][ T5867] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  573.159214][ T5867] usb 2-1: Product: syz
[  573.163917][ T5867] usb 2-1: Manufacturer: syz
[  573.168670][ T5867] usb 2-1: SerialNumber: syz
[  573.393201][ T5867] usb 2-1: config 0 descriptor??
[  573.465938][ T5867] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected
[  573.475300][ T5867] usb 2-1: Detected FT232R
[  576.586418][ T5867] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[  578.707640][ T8215] loop3: detected capacity change from 0 to 256
[  578.924662][   T30] audit: type=1326 audit(1755846984.955:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8216 comm="syz.2.620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f357798ebe9 code=0x7ffc0000
[  578.947731][   T30] audit: type=1326 audit(1755846984.965:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8216 comm="syz.2.620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f357798ebe9 code=0x7ffc0000
[  579.207111][ T8215] FAT-fs (loop3): Directory bread(block 64) failed
[  579.214169][ T8215] FAT-fs (loop3): Directory bread(block 65) failed
[  579.221318][ T8215] FAT-fs (loop3): Directory bread(block 66) failed
[  579.228050][ T8215] FAT-fs (loop3): Directory bread(block 67) failed
[  579.235034][ T8215] FAT-fs (loop3): Directory bread(block 68) failed
[  579.242228][ T8215] FAT-fs (loop3): Directory bread(block 69) failed
[  579.249142][ T8215] FAT-fs (loop3): Directory bread(block 70) failed
[  579.256028][ T8215] FAT-fs (loop3): Directory bread(block 71) failed
[  579.265427][ T8215] FAT-fs (loop3): Directory bread(block 72) failed
[  579.273173][ T8215] FAT-fs (loop3): Directory bread(block 73) failed
[  579.350763][   T30] audit: type=1326 audit(1755846985.045:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8216 comm="syz.2.620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f357798ebe9 code=0x7ffc0000
[  579.376098][   T30] audit: type=1326 audit(1755846985.045:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8216 comm="syz.2.620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f357798ebe9 code=0x7ffc0000
[  579.399857][   T30] audit: type=1326 audit(1755846985.045:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8216 comm="syz.2.620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f357798ebe9 code=0x7ffc0000
[  579.422715][   T30] audit: type=1326 audit(1755846985.065:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8216 comm="syz.2.620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f357798ebe9 code=0x7ffc0000
[  579.445929][   T30] audit: type=1326 audit(1755846985.085:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8216 comm="syz.2.620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f357798ebe9 code=0x7ffc0000
[  579.470503][   T30] audit: type=1326 audit(1755846985.095:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8216 comm="syz.2.620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f357798ebe9 code=0x7ffc0000
[  579.493997][   T30] audit: type=1326 audit(1755846985.095:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8216 comm="syz.2.620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f357798ebe9 code=0x7ffc0000
[  579.516668][   T30] audit: type=1326 audit(1755846985.115:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8216 comm="syz.2.620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=141 compat=0 ip=0x7f357798ebe9 code=0x7ffc0000
[  583.650721][ T5867] ftdi_sio 2-1:0.0: GPIO initialisation failed: -110
[  583.682628][ T5867] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  585.761632][ T5821] Bluetooth: hci5: command 0x0406 tx timeout
[  585.804640][ T5895] usb 2-1: USB disconnect, device number 15
[  586.021692][ T5895] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  586.032500][ T5895] ftdi_sio 2-1:0.0: device disconnected
[  590.110396][ T5821] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  590.125672][ T5821] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  590.134717][ T5821] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  590.147451][ T5821] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  590.159349][ T5821] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  593.620364][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[  593.626973][ T1287] ieee802154 phy1 wpan1: encryption failed: -22
[  594.229915][ T5824] Bluetooth: hci4: command tx timeout
[  594.476813][ T8257] overlayfs: failed lookup in lower (newroot/28, name='bus', err=-40): overlapping layers
[  594.717023][ T8257] overlayfs: failed lookup in lower (newroot/28, name='file1', err=-40): overlapping layers
[  595.453726][ T8252] chnl_net:caif_netlink_parms(): no params data found
[  596.389463][ T5824] Bluetooth: hci4: command tx timeout
[  596.803686][ T8267] tipc: Started in network mode
[  596.808914][ T8267] tipc: Node identity ac1414aa, cluster identity 4711
[  596.816397][ T8267] tipc: New replicast peer: 100.1.1.1
[  596.822975][ T8267] tipc: Enabled bearer <udp:syz2>, priority 10
[  597.943752][ T5867] tipc: Node number set to 2886997162
[  598.480184][ T5824] Bluetooth: hci4: command tx timeout
[  598.971660][ T8252] bridge0: port 1(bridge_slave_0) entered blocking state
[  598.979632][ T8252] bridge0: port 1(bridge_slave_0) entered disabled state
[  598.987362][ T8252] bridge_slave_0: entered allmulticast mode
[  598.997407][ T8252] bridge_slave_0: entered promiscuous mode
[  599.028837][ T8252] bridge0: port 2(bridge_slave_1) entered blocking state
[  599.037817][ T8252] bridge0: port 2(bridge_slave_1) entered disabled state
[  599.045907][ T8252] bridge_slave_1: entered allmulticast mode
[  599.055052][ T8252] bridge_slave_1: entered promiscuous mode
[  599.185186][ T8252] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  599.215673][ T8252] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  599.341153][ T8252] team0: Port device team_slave_0 added
[  599.372302][ T8252] team0: Port device team_slave_1 added
[  599.497195][ T8252] batman_adv: batadv0: Adding interface: batadv_slave_0
[  599.504754][ T8252] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  599.532383][ T8252] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  599.612952][ T8252] batman_adv: batadv0: Adding interface: batadv_slave_1
[  599.620317][ T8252] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  599.652438][ T8252] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  600.009510][   T30] kauditd_printk_skb: 1 callbacks suppressed
[  600.009584][   T30] audit: type=1326 audit(1755847006.046:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8278 comm="syz.2.642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f357798ebe9 code=0x7ffc0000
[  600.038494][   T30] audit: type=1326 audit(1755847006.046:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8278 comm="syz.2.642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=282 compat=0 ip=0x7f357798ebe9 code=0x7ffc0000
[  600.065953][   T30] audit: type=1326 audit(1755847006.046:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8278 comm="syz.2.642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f357798ebe9 code=0x7ffc0000
[  600.166547][ T8252] hsr_slave_0: entered promiscuous mode
[  600.176310][ T8252] hsr_slave_1: entered promiscuous mode
[  600.184842][ T8252] debugfs: 'hsr0' already exists in 'hsr'
[  600.190911][ T8252] Cannot create hsr debugfs directory
[  600.304842][ T8283] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  600.563053][ T5824] Bluetooth: hci4: command tx timeout
[  600.817683][ T5821] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  600.849478][ T5821] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  600.859844][ T5821] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  600.909785][ T5821] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  600.934460][ T5821] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  602.384244][ T8252] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  602.424301][ T8252] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  602.446732][ T8252] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  602.527128][ T8252] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  602.698904][ T7648] usb 4-1: new low-speed USB device number 6 using dummy_hcd
[  603.029153][ T5824] Bluetooth: hci0: command tx timeout
[  603.197342][ T8288] chnl_net:caif_netlink_parms(): no params data found
[  603.459878][ T7648] usb 4-1: config 179 has an invalid interface number: 65 but max is 0
[  603.468627][ T7648] usb 4-1: config 179 has no interface number 0
[  603.475629][ T7648] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 10
[  603.487125][ T7648] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 8
[  603.498379][ T7648] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 10
[  603.511004][ T7648] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 45824, setting to 8
[  603.522919][ T7648] usb 4-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  603.541575][ T7648] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  603.553105][ T7648] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  603.579623][ T8302] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  603.588045][ T8302] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  604.596964][ T7648] usb 4-1: USB disconnect, device number 6
[  604.604286][    C1] xpad 4-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  604.604501][    C1] xpad 4-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  605.293257][ T8252] 8021q: adding VLAN 0 to HW filter on device bond0
[  605.708532][ T5824] Bluetooth: hci0: command tx timeout
[  606.518680][ T8252] 8021q: adding VLAN 0 to HW filter on device team0
[  606.544113][   T35] bridge0: port 1(bridge_slave_0) entered blocking state
[  606.551911][   T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[  606.588077][   T35] bridge0: port 2(bridge_slave_1) entered blocking state
[  606.595649][   T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[  607.500932][ T8288] bridge0: port 1(bridge_slave_0) entered blocking state
[  607.508512][ T8288] bridge0: port 1(bridge_slave_0) entered disabled state
[  607.516353][ T8288] bridge_slave_0: entered allmulticast mode
[  607.533483][ T8288] bridge_slave_0: entered promiscuous mode
[  607.758853][ T5824] Bluetooth: hci0: command tx timeout
[  608.156936][ T8288] bridge0: port 2(bridge_slave_1) entered blocking state
[  608.164638][ T8288] bridge0: port 2(bridge_slave_1) entered disabled state
[  608.172809][ T8288] bridge_slave_1: entered allmulticast mode
[  608.182470][ T8288] bridge_slave_1: entered promiscuous mode
[  609.130378][ T8288] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  609.280409][ T8288] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  609.887383][ T5824] Bluetooth: hci0: command tx timeout
[  609.994104][ T8288] team0: Port device team_slave_0 added
[  610.143629][ T8288] team0: Port device team_slave_1 added
[  610.215072][ T8252] 8021q: adding VLAN 0 to HW filter on device batadv0
[  610.653126][ T8288] batman_adv: batadv0: Adding interface: batadv_slave_0
[  610.660361][ T8288] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  610.686818][ T8288] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  610.852872][ T8288] batman_adv: batadv0: Adding interface: batadv_slave_1
[  610.861321][ T8288] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  610.888598][ T8288] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  612.139836][ T8288] hsr_slave_0: entered promiscuous mode
[  612.149763][ T8288] hsr_slave_1: entered promiscuous mode
[  612.158444][ T8288] debugfs: 'hsr0' already exists in 'hsr'
[  612.164498][ T8288] Cannot create hsr debugfs directory
[  613.423455][ T8369] loop2: detected capacity change from 0 to 256
[  613.622721][ T8369] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  616.239682][ T8252] veth0_vlan: entered promiscuous mode
[  616.393664][ T8252] veth1_vlan: entered promiscuous mode
[  616.777349][ T8252] veth0_macvtap: entered promiscuous mode
[  616.885571][ T8252] veth1_macvtap: entered promiscuous mode
[  617.212066][ T8252] batman_adv: batadv0: Interface activated: batadv_slave_0
[  617.448657][ T8252] batman_adv: batadv0: Interface activated: batadv_slave_1
[  617.537279][ T8073] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  617.618463][ T8067] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  617.712618][ T8067] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  617.791755][ T8067] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  618.453444][ T8288] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  618.948877][ T8288] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  619.004386][ T8288] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  619.106757][ T8288] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  619.765278][   T30] audit: type=1326 audit(1755847025.817:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8401 comm="syz.1.676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdecb8ebe9 code=0x7ffc0000
[  619.788119][   T30] audit: type=1326 audit(1755847025.817:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8401 comm="syz.1.676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdecb8ebe9 code=0x7ffc0000
[  620.496430][   T30] audit: type=1326 audit(1755847025.917:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8401 comm="syz.1.676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcdecb8ebe9 code=0x7ffc0000
[  620.519365][   T30] audit: type=1326 audit(1755847025.917:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8401 comm="syz.1.676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdecb8ebe9 code=0x7ffc0000
[  620.546522][   T30] audit: type=1326 audit(1755847025.917:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8401 comm="syz.1.676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdecb8ebe9 code=0x7ffc0000
[  620.570884][   T30] audit: type=1326 audit(1755847025.917:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8401 comm="syz.1.676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcdecb8ebe9 code=0x7ffc0000
[  620.593525][   T30] audit: type=1326 audit(1755847025.917:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8401 comm="syz.1.676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdecb8ebe9 code=0x7ffc0000
[  620.616329][   T30] audit: type=1326 audit(1755847025.917:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8401 comm="syz.1.676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdecb8ebe9 code=0x7ffc0000
[  620.643439][   T30] audit: type=1326 audit(1755847025.917:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8401 comm="syz.1.676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcdecb8ebe9 code=0x7ffc0000
[  620.667630][   T30] audit: type=1326 audit(1755847025.917:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8401 comm="syz.1.676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdecb8ebe9 code=0x7ffc0000
[  622.652500][ T8288] 8021q: adding VLAN 0 to HW filter on device bond0
[  622.824652][ T8288] 8021q: adding VLAN 0 to HW filter on device team0
[  622.935101][ T4239] bridge0: port 1(bridge_slave_0) entered blocking state
[  622.942663][ T4239] bridge0: port 1(bridge_slave_0) entered forwarding state
[  623.561601][ T4239] bridge0: port 2(bridge_slave_1) entered blocking state
[  623.569286][ T4239] bridge0: port 2(bridge_slave_1) entered forwarding state
[  624.009832][ T8288] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  624.020917][ T8288] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  626.341321][ T8424] netlink: 388 bytes leftover after parsing attributes in process `syz.2.680'.
[  628.730124][ T8288] 8021q: adding VLAN 0 to HW filter on device batadv0
[  629.310193][ T8446] loop2: detected capacity change from 0 to 512
[  629.465427][ T8446] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  629.699083][ T8446] EXT4-fs (loop2): orphan cleanup on readonly fs
[  629.772047][ T8446] EXT4-fs error (device loop2): __ext4_iget:5464: inode #11: block 8: comm syz.2.683: invalid block
[  629.874655][ T8446] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.683: couldn't read orphan inode 11 (err -117)
[  630.016387][ T8446] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  631.573132][ T7841] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  633.403117][ T8067] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  633.415442][ T8067] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  634.114533][ T3918] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  634.122830][ T3918] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  635.390886][ T8288] veth0_vlan: entered promiscuous mode
[  635.543332][ T8288] veth1_vlan: entered promiscuous mode
[  636.685882][ T8288] veth0_macvtap: entered promiscuous mode
[  636.872264][ T8288] veth1_macvtap: entered promiscuous mode
[  637.208772][ T8288] batman_adv: batadv0: Interface activated: batadv_slave_0
[  637.534154][ T8288] batman_adv: batadv0: Interface activated: batadv_slave_1
[  637.748501][   T35] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  637.860172][   T35] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  637.958180][   T35] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  638.062251][   T35] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  641.577601][ T8516] FAT-fs (loop7): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  644.502403][ T8073] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  645.151928][ T8529] loop3: detected capacity change from 0 to 512
[  646.702416][ T8073] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  647.208920][ T8537] loop5: detected capacity change from 0 to 512
[  647.383700][ T8537] EXT4-fs (loop5): bad geometry: first data block is 0 with a 1k block and cluster size
[  647.813777][ T8537] loop5: detected capacity change from 0 to 256
[  647.958140][ T8073] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  648.187010][ T8537] FAT-fs (loop5): Directory bread(block 64) failed
[  648.189925][ T8073] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  648.193975][ T8537] FAT-fs (loop5): Directory bread(block 65) failed
[  648.211373][ T8537] FAT-fs (loop5): Directory bread(block 66) failed
[  648.218272][ T8537] FAT-fs (loop5): Directory bread(block 67) failed
[  648.225114][ T8537] FAT-fs (loop5): Directory bread(block 68) failed
[  648.236654][ T8537] FAT-fs (loop5): Directory bread(block 69) failed
[  648.243497][ T8537] FAT-fs (loop5): Directory bread(block 70) failed
[  648.253506][ T8537] FAT-fs (loop5): Directory bread(block 71) failed
[  648.260605][ T8537] FAT-fs (loop5): Directory bread(block 72) failed
[  648.267415][ T8537] FAT-fs (loop5): Directory bread(block 73) failed
[  648.370630][ T5897] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  648.607974][ T5897] usb 4-1: Using ep0 maxpacket: 32
[  648.674065][ T5897] usb 4-1: config 0 has an invalid interface number: 184 but max is 0
[  648.687061][ T5897] usb 4-1: config 0 has no interface number 0
[  648.693598][ T5897] usb 4-1: config 0 interface 184 has no altsetting 0
[  648.705489][ T5895] usb 6-1: new full-speed USB device number 2 using dummy_hcd
[  648.926320][ T8073] bridge_slave_1: left allmulticast mode
[  648.932164][ T8073] bridge_slave_1: left promiscuous mode
[  648.939821][ T8073] bridge0: port 2(bridge_slave_1) entered disabled state
[  648.960979][ T5897] usb 4-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  648.971329][ T5897] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  648.980302][ T5897] usb 4-1: Product: syz
[  648.984642][ T5897] usb 4-1: Manufacturer: syz
[  648.994158][ T5897] usb 4-1: SerialNumber: syz
[  649.004021][ T5895] usb 6-1: device descriptor read/64, error -71
[  649.012775][ T8073] bridge_slave_0: left promiscuous mode
[  649.022865][ T8073] bridge0: port 1(bridge_slave_0) entered disabled state
[  649.956419][ T5897] usb 4-1: config 0 descriptor??
[  650.302949][ T7648] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  650.374764][ T8073] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  650.461084][ T8073] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  650.496897][ T7648] usb 2-1: Using ep0 maxpacket: 16
[  650.547563][ T7648] usb 2-1: config 0 has an invalid interface number: 105 but max is 0
[  650.556792][ T7648] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  650.567567][ T7648] usb 2-1: config 0 has no interface number 0
[  650.615470][ T8073] bond0 (unregistering): Released all slaves
[  650.706377][ T7648] usb 2-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28
[  650.715993][ T7648] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  650.724170][ T7648] usb 2-1: Product: syz
[  650.728625][ T7648] usb 2-1: Manufacturer: syz
[  650.738630][ T7648] usb 2-1: SerialNumber: syz
[  650.989546][ T7648] usb 2-1: config 0 descriptor??
[  651.093791][ T5897] smsc75xx v1.0.0
[  651.116486][ T5897] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -61
[  651.123500][ T7648] usb 2-1: Found UVC 0.00 device syz (046d:08f3)
[  651.127991][ T5897] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -61
[  651.128120][ T5897] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_bind
[  651.128987][ T5897] smsc75xx 4-1:0.184: probe with driver smsc75xx failed with error -61
[  651.177685][ T7648] usb 2-1: No valid video chain found.
[  651.926693][ T5897] usb 2-1: USB disconnect, device number 16
[  651.986902][ T5824] Bluetooth: hci1: command 0x0406 tx timeout
[  652.086326][ T7648] usb 4-1: USB disconnect, device number 7
[  652.458215][ T8073] hsr_slave_0: left promiscuous mode
[  652.566888][ T8073] hsr_slave_1: left promiscuous mode
[  652.580934][ T8073] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  652.588666][ T8073] batman_adv: batadv0: Removing interface: batadv_slave_0
[  652.800482][ T8073] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  652.808382][ T8073] batman_adv: batadv0: Removing interface: batadv_slave_1
[  653.030076][ T8073] veth1_macvtap: left promiscuous mode
[  653.036053][ T8073] veth0_macvtap: left promiscuous mode
[  653.041976][ T8073] veth1_vlan: left promiscuous mode
[  653.047650][ T8073] veth0_vlan: left promiscuous mode
[  654.243140][ T8073] team0 (unregistering): Port device team_slave_1 removed
[  654.276316][ T8073] team0 (unregistering): Port device team_slave_0 removed
[  654.956817][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[  654.963625][ T1287] ieee802154 phy1 wpan1: encryption failed: -22
[  659.460834][ T8073] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  659.808481][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  659.816627][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  661.959854][ T4252] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  661.968293][ T4252] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  662.220379][ T8073] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  662.455851][ T8073] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  662.654976][ T8073] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  663.253552][ T8073] bridge_slave_1: left allmulticast mode
[  663.259723][ T8073] bridge_slave_1: left promiscuous mode
[  663.266322][ T8073] bridge0: port 2(bridge_slave_1) entered disabled state
[  663.390565][ T8073] bridge_slave_0: left allmulticast mode
[  663.397836][ T8073] bridge_slave_0: left promiscuous mode
[  663.405116][ T8073] bridge0: port 1(bridge_slave_0) entered disabled state
[  664.837663][ T8073] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  665.658157][ T8073] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  665.742688][ T8073] bond0 (unregistering): Released all slaves
[  665.910471][ T5897] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  666.105207][ T5897] usb 4-1: Using ep0 maxpacket: 16
[  666.163117][ T5897] usb 4-1: config 0 has an invalid interface number: 105 but max is 0
[  666.171827][ T5897] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  666.182591][ T5897] usb 4-1: config 0 has no interface number 0
[  666.441610][ T5897] usb 4-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28
[  666.454420][ T5897] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  666.462853][ T5897] usb 4-1: Product: syz
[  666.467550][ T5897] usb 4-1: Manufacturer: syz
[  666.472318][ T5897] usb 4-1: SerialNumber: syz
[  666.755127][ T5897] usb 4-1: config 0 descriptor??
[  666.809318][ T5897] usb 4-1: Found UVC 0.00 device syz (046d:08f3)
[  666.817254][ T5897] usb 4-1: No valid video chain found.
[  666.962532][ T5821] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  666.983867][ T5821] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  667.029154][ T5821] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  667.056765][ T5821] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  667.082538][ T5821] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  667.270046][ T5897] usb 4-1: USB disconnect, device number 8
[  668.335112][ T8073] hsr_slave_0: left promiscuous mode
[  668.376250][ T8073] hsr_slave_1: left promiscuous mode
[  668.384092][ T8073] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  668.397117][ T8073] batman_adv: batadv0: Removing interface: batadv_slave_0
[  668.462096][ T8073] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  668.470036][ T8073] batman_adv: batadv0: Removing interface: batadv_slave_1
[  668.724659][ T8073] veth1_macvtap: left promiscuous mode
[  668.730680][ T8073] veth0_macvtap: left promiscuous mode
[  668.736883][ T8073] veth1_vlan: left promiscuous mode
[  668.742383][ T8073] veth0_vlan: left promiscuous mode
[  669.438265][ T5821] Bluetooth: hci5: command tx timeout
[  671.672944][ T5824] Bluetooth: hci5: command tx timeout
[  673.654699][ T5895] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  673.753586][ T5821] Bluetooth: hci5: command tx timeout
[  673.883633][ T5895] usb 6-1: config 0 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  673.895203][ T5895] usb 6-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  673.908343][ T5895] usb 6-1: config 0 interface 0 has no altsetting 0
[  673.915375][ T5895] usb 6-1: New USB device found, idVendor=06cb, idProduct=73f6, bcdDevice= 0.00
[  673.924825][ T5895] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  673.978173][ T8640] binder: BINDER_SET_CONTEXT_MGR already set
[  673.984308][ T8640] binder: 8639:8640 ioctl 4018620d 200000000180 returned -16
[  674.156048][ T5895] usb 6-1: config 0 descriptor??
[  675.172965][ T8073] team0 (unregistering): Port device team_slave_1 removed
[  676.454820][ T5895] itetech 0003:06CB:73F6.0006: item fetching failed at offset 0/3
[  676.463104][ T5821] Bluetooth: hci5: command tx timeout
[  676.473736][ T5895] itetech 0003:06CB:73F6.0006: probe with driver itetech failed with error -22
[  677.201511][ T8073] team0 (unregistering): Port device team_slave_0 removed
[  679.784019][ T8073] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  680.109883][ T8073] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  681.819810][ T8073] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  684.015632][ T8614] chnl_net:caif_netlink_parms(): no params data found
[  684.179953][ T8073] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  684.997295][ T5867] usb 6-1: USB disconnect, device number 4
[  685.027193][ T8073] bridge_slave_1: left allmulticast mode
[  685.039765][ T8073] bridge_slave_1: left promiscuous mode
[  685.048914][ T8073] bridge0: port 2(bridge_slave_1) entered disabled state
[  685.072011][ T8073] bridge_slave_0: left allmulticast mode
[  685.079591][ T8073] bridge_slave_0: left promiscuous mode
[  685.088550][ T8073] bridge0: port 1(bridge_slave_0) entered disabled state
[  685.772460][ T8073] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  685.813607][ T8694] loop5: detected capacity change from 0 to 512
[  685.823468][ T8073] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  685.846302][ T8073] bond0 (unregistering): Released all slaves
[  685.875308][ T8694] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  685.884790][ T8694] EXT4-fs (loop5): blocks per group (3008) and clusters per group (32768) inconsistent
[  687.201419][ T8614] bridge0: port 1(bridge_slave_0) entered blocking state
[  687.209131][ T8614] bridge0: port 1(bridge_slave_0) entered disabled state
[  687.216997][ T8614] bridge_slave_0: entered allmulticast mode
[  687.226130][ T8614] bridge_slave_0: entered promiscuous mode
[  687.333562][ T8073] hsr_slave_0: left promiscuous mode
[  687.354983][ T8073] hsr_slave_1: left promiscuous mode
[  687.363190][ T8073] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  687.371284][ T8073] batman_adv: batadv0: Removing interface: batadv_slave_0
[  687.425704][ T8073] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  687.433490][ T8073] batman_adv: batadv0: Removing interface: batadv_slave_1
[  687.527360][ T8073] veth1_macvtap: left promiscuous mode
[  687.533386][ T8073] veth0_macvtap: left promiscuous mode
[  687.539337][ T8073] veth1_vlan: left promiscuous mode
[  687.544948][ T8073] veth0_vlan: left promiscuous mode
[  689.293729][ T8073] team0 (unregistering): Port device team_slave_1 removed
[  689.317870][ T8073] team0 (unregistering): Port device team_slave_0 removed
[  689.592856][ T8614] bridge0: port 2(bridge_slave_1) entered blocking state
[  689.600578][ T8614] bridge0: port 2(bridge_slave_1) entered disabled state
[  689.610152][ T8614] bridge_slave_1: entered allmulticast mode
[  689.621929][ T8614] bridge_slave_1: entered promiscuous mode
[  689.794790][ T8717] loop2: detected capacity change from 0 to 256
[  689.969834][ T8614] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  690.030143][ T8614] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  690.223849][ T5897] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  690.295949][ T8614] team0: Port device team_slave_0 added
[  690.345648][ T8614] team0: Port device team_slave_1 added
[  690.454066][ T5897] usb 4-1: Using ep0 maxpacket: 32
[  690.497255][ T5897] usb 4-1: config 0 has an invalid interface number: 184 but max is 0
[  690.507378][ T5897] usb 4-1: config 0 has no interface number 0
[  690.513885][ T5897] usb 4-1: config 0 interface 184 has no altsetting 0
[  690.582772][ T5897] usb 4-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  690.592414][ T5897] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  690.600993][ T5897] usb 4-1: Product: syz
[  690.605532][ T5897] usb 4-1: Manufacturer: syz
[  690.610278][ T5897] usb 4-1: SerialNumber: syz
[  690.640923][ T8614] batman_adv: batadv0: Adding interface: batadv_slave_0
[  690.649138][ T8614] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  690.676227][ T8614] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  690.699172][ T5897] usb 4-1: config 0 descriptor??
[  690.717053][ T5897] smsc75xx v1.0.0
[  690.770027][ T8614] batman_adv: batadv0: Adding interface: batadv_slave_1
[  690.778449][ T8614] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  690.805422][ T8614] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  691.121913][ T8614] hsr_slave_0: entered promiscuous mode
[  691.131630][ T8614] hsr_slave_1: entered promiscuous mode
[  691.140264][ T8614] debugfs: 'hsr0' already exists in 'hsr'
[  691.146442][ T8614] Cannot create hsr debugfs directory
[  693.205394][ T5897] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000040: -71
[  693.216728][ T5897] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Error writing E2P_CMD
[  693.232163][ T5897] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  693.243908][ T5897] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[  693.253952][ T5897] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[  693.264588][ T5897] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  693.275365][ T5897] smsc75xx 4-1:0.184: probe with driver smsc75xx failed with error -71
[  694.235995][ T5897] usb 4-1: USB disconnect, device number 9
[  694.310192][ T8614] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  694.366333][ T8614] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  694.401030][ T8614] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  694.464736][ T8614] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  696.640928][ T8767] =====================================================
[  696.648173][ T8767] BUG: KMSAN: uninit-value in eth_type_trans+0x7af/0x9a0
[  696.655671][ T8767]  eth_type_trans+0x7af/0x9a0
[  696.660502][ T8767]  bpf_prog_run_generic_xdp+0x12a0/0x1ff0
[  696.666622][ T8767]  do_xdp_generic+0xd52/0x1690
[  696.671536][ T8767]  tun_get_user+0x45be/0x6ca0
[  696.676487][ T8767]  tun_chr_write_iter+0x3e9/0x5c0
[  696.681654][ T8767]  vfs_write+0xbe2/0x15d0
[  696.686215][ T8767]  __x64_sys_write+0x1fb/0x4d0
[  696.691211][ T8767]  x64_sys_call+0x3014/0x3e20
[  696.696161][ T8767]  do_syscall_64+0xd9/0x210
[  696.700822][ T8767]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  696.706937][ T8767] 
[  696.709323][ T8767] Uninit was stored to memory at:
[  696.714632][ T8767]  pskb_expand_head+0x310/0x1610
[  696.719798][ T8767]  do_xdp_generic+0xa79/0x1690
[  696.724854][ T8767]  tun_get_user+0x45be/0x6ca0
[  696.729658][ T8767]  tun_chr_write_iter+0x3e9/0x5c0
[  696.734881][ T8767]  vfs_write+0xbe2/0x15d0
[  696.739624][ T8767]  __x64_sys_write+0x1fb/0x4d0
[  696.744692][ T8767]  x64_sys_call+0x3014/0x3e20
[  696.749528][ T8767]  do_syscall_64+0xd9/0x210
[  696.754242][ T8767]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  696.760270][ T8767] 
[  696.762644][ T8767] Uninit was created at:
[  696.767176][ T8767]  __kmalloc_node_track_caller_noprof+0x96d/0x12f0
[  696.773919][ T8767]  kmalloc_reserve+0x22f/0x4b0
[  696.778806][ T8767]  __alloc_skb+0x347/0x7d0
[  696.783402][ T8767]  alloc_skb_with_frags+0xc5/0xa60
[  696.788645][ T8767]  sock_alloc_send_pskb+0xad8/0xc70
[  696.794074][ T8767]  tun_get_user+0x113f/0x6ca0
[  696.798870][ T8767]  tun_chr_write_iter+0x3e9/0x5c0
[  696.804082][ T8767]  vfs_write+0xbe2/0x15d0
[  696.808638][ T8767]  __x64_sys_write+0x1fb/0x4d0
[  696.813625][ T8767]  x64_sys_call+0x3014/0x3e20
[  696.818461][ T8767]  do_syscall_64+0xd9/0x210
[  696.823197][ T8767]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  696.829226][ T8767] 
[  696.831654][ T8767] CPU: 1 UID: 0 PID: 8767 Comm: syz.5.771 Not tainted syzkaller #0 PREEMPT(none) 
[  696.841075][ T8767] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  696.851339][ T8767] =====================================================
[  696.858589][ T8767] Disabling lock debugging due to kernel taint
[  696.864899][ T8767] Kernel panic - not syncing: kmsan.panic set ...
[  696.871418][ T8767] CPU: 1 UID: 0 PID: 8767 Comm: syz.5.771 Tainted: G    B               syzkaller #0 PREEMPT(none) 
[  696.882351][ T8767] Tainted: [B]=BAD_PAGE
[  696.886667][ T8767] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  696.896836][ T8767] Call Trace:
[  696.900216][ T8767]  <TASK>
[  696.903215][ T8767]  __dump_stack+0x26/0x30
[  696.907701][ T8767]  dump_stack_lvl+0x53/0x270
[  696.912532][ T8767]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  696.918515][ T8767]  dump_stack+0x1e/0x25
[  696.922856][ T8767]  vpanic+0x361/0xc50
[  696.927085][ T8767]  panic+0x15d/0x160
[  696.931270][ T8767]  kmsan_report+0x31c/0x320
[  696.936089][ T8767]  ? do_syscall_64+0xd9/0x210
[  696.940926][ T8767]  ? __msan_warning+0x1b/0x30
[  696.945728][ T8767]  ? eth_type_trans+0x7af/0x9a0
[  696.950721][ T8767]  ? bpf_prog_run_generic_xdp+0x12a0/0x1ff0
[  696.956867][ T8767]  ? do_xdp_generic+0xd52/0x1690
[  696.961945][ T8767]  ? tun_get_user+0x45be/0x6ca0
[  696.966925][ T8767]  ? tun_chr_write_iter+0x3e9/0x5c0
[  696.972247][ T8767]  ? vfs_write+0xbe2/0x15d0
[  696.976983][ T8767]  ? __x64_sys_write+0x1fb/0x4d0
[  696.982064][ T8767]  ? x64_sys_call+0x3014/0x3e20
[  696.987083][ T8767]  ? do_syscall_64+0xd9/0x210
[  696.991949][ T8767]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  696.998172][ T8767]  ? kmsan_get_metadata+0xfb/0x160
[  697.003433][ T8767]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  697.009394][ T8767]  ? kmsan_get_metadata+0xfb/0x160
[  697.014650][ T8767]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[  697.021128][ T8767]  ? kmsan_internal_unpoison_memory+0x14/0x20
[  697.027392][ T8767]  ? _raw_spin_unlock_irqrestore+0x3f/0x60
[  697.033355][ T8767]  ? stack_depot_save_flags+0x615/0x7b0
[  697.039101][ T8767]  ? kmsan_get_metadata+0xfb/0x160
[  697.044369][ T8767]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[  697.050843][ T8767]  ? kmsan_get_metadata+0xfb/0x160
[  697.056104][ T8767]  __msan_warning+0x1b/0x30
[  697.060819][ T8767]  eth_type_trans+0x7af/0x9a0
[  697.065673][ T8767]  bpf_prog_run_generic_xdp+0x12a0/0x1ff0
[  697.071697][ T8767]  do_xdp_generic+0xd52/0x1690
[  697.076789][ T8767]  ? tun_get_user+0x4051/0x6ca0
[  697.081764][ T8767]  ? filter_irq_stacks+0x49/0x190
[  697.086987][ T8767]  ? kmsan_get_metadata+0xfb/0x160
[  697.092361][ T8767]  ? tun_get_user+0x453a/0x6ca0
[  697.097392][ T8767]  tun_get_user+0x45be/0x6ca0
[  697.102384][ T8767]  ? stack_depot_save_flags+0x35/0x7b0
[  697.108026][ T8767]  ? kmsan_get_metadata+0xfb/0x160
[  697.113375][ T8767]  ? kmsan_get_metadata+0xfb/0x160
[  697.118652][ T8767]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[  697.125219][ T8767]  ? kmsan_internal_unpoison_memory+0x14/0x20
[  697.131543][ T8767]  tun_chr_write_iter+0x3e9/0x5c0
[  697.136723][ T8767]  vfs_write+0xbe2/0x15d0
[  697.141397][ T8767]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  697.147278][ T8767]  __x64_sys_write+0x1fb/0x4d0
[  697.152246][ T8767]  x64_sys_call+0x3014/0x3e20
[  697.157110][ T8767]  do_syscall_64+0xd9/0x210
[  697.161981][ T8767]  ? irqentry_exit+0x16/0x60
[  697.166918][ T8767]  ? clear_bhb_loop+0x40/0x90
[  697.171783][ T8767]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  697.177918][ T8767] RIP: 0033:0x7fa35a98d69f
[  697.182447][ T8767] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  697.202211][ T8767] RSP: 002b:00007fa35b7c0000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  697.210782][ T8767] RAX: ffffffffffffffda RBX: 00007fa35abb5fa0 RCX: 00007fa35a98d69f
[  697.218874][ T8767] RDX: 000000000000fdef RSI: 0000200000000300 RDI: 00000000000000c8
[  697.226961][ T8767] RBP: 00007fa35aa11e19 R08: 0000000000000000 R09: 0000000000000000
[  697.235072][ T8767] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[  697.243147][ T8767] R13: 00007fa35abb6038 R14: 00007fa35abb5fa0 R15: 00007ffed61eddd8
[  697.251265][ T8767]  </TASK>
[  697.254734][ T8767] Kernel Offset: disabled
[  697.259152][ T8767] Rebooting in 86400 seconds..