last executing test programs:

26m33.636093421s ago: executing program 32 (id=33):
r0 = socket(0x2, 0x80805, 0x0)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r1, 0x0, 0x482, 0x0, 0x0)
lsm_get_self_attr(0x65, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
sendmsg$L2TP_CMD_SESSION_DELETE(0xffffffffffffffff, 0x0, 0x1)
mq_open(&(0x7f0000000380)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\x01\x00\x00\x00a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|\x00\x17\xc0\xa3\xd5\xf9\xaa\x98/\xa4v\xe4)I\xf3+[e\x95\x89\x99\xca\x8e\xc5\xd3\\T\xf0\x1a|5\xfff\xff\x99\xa4\xbb\x9e#oR\xa4\xf1\xba\x04c\xb3-\xf7R\xb85\xb5\xdb\xe9?\xfa/\xdf\xb4R\xbfx=\v_j\x8e\xb0\'\xf4\xe5\xff!\xe1\xbf\x82e\xb1\x9b\x8d\xf3L\t\xd21\x9cbwV\xc8\xcc\xe4\x96M_w\xbc\xdf9\b\r\xf6\x95\xae\xb5,\x92\x8c\xc0DQm\x80\xd1w\xa2\x1a\x12Z\xe5\xf4H\xf7D\n\x96J\x93\xfb\xf0$\x9f\xf7\xa2\xae$O\xa3\xb6\xf5\x98\xd3\v\x00\x86\xa5\x8b\x81\x04\xaf\x03s\xe5\x86>\x0e\xa6\xe6\x1aV\x17\x8b\xed\xa7\'\xd0\r_\xe8,XVR\x13\xe5%\xb9\x88\xb8W@D\'\x17A\xc8\x80\x02J\xd4V\x00wH(\xc5v\f\xc9\xb6\xdf..$\xe6P(_\xf1\'\xc1:\xa3\xcb\xd9\xd1\xc7\x13\x99Md\x1dc\xf1\'j\x03!\x13\xd1\xb8\xbf\xe6\xb2M\b/\rp\xa5\x00\x00\x00\x00', 0x40, 0x0, 0x0)
syz_clone(0x20022180, 0x0, 0xfe02, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x1, 0x2, 0x0, @void, @value}, 0x28)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$SNDRV_TIMER_IOCTL_GPARAMS(0xffffffffffffffff, 0x40485404, &(0x7f0000000300)={{0x1, 0x0, 0xfffffffe, 0x1, 0x81}, 0x5, 0x78})
setsockopt$IP_VS_SO_SET_ADDDEST(r0, 0x0, 0x487, &(0x7f0000000000)={{0x84, @private=0xa010101, 0x4e21, 0x3, 'lc\x00', 0x4, 0x8, 0x77}, {@rand_addr=0x64010102, 0x4e23, 0x2, 0xcd, 0x12d5f, 0x3}}, 0x44)
setsockopt$IP_VS_SO_SET_ADDDEST(0xffffffffffffffff, 0x0, 0x487, &(0x7f0000000580)={{0x84, @multicast2, 0x4e23, 0x3, 'lc\x00', 0x2, 0x4, 0x7e}, {@private=0xa010102, 0x4e20, 0x2, 0xc8, 0x80012d58, 0x12d5c}}, 0x44)
setsockopt$IP_VS_SO_SET_FLUSH(r1, 0x0, 0x485, 0x0, 0x0)

26m23.179171307s ago: executing program 33 (id=49):
timer_create(0x0, 0x0, &(0x7f0000000040))
timer_create(0x2, &(0x7f00000004c0)={0x0, 0x5, 0x0, @thr={&(0x7f00000003c0)="8c6300cb78d5f1f114c8f9cea51912d9bf66f7383f01586be502d1d2280dd7134e183cd4b3fe79728f5915adb4a60cfe2939eccdc569d977a77ed197b67736ddcb1e3d7589dd750632bc4bffd45da681ae746b1b90b84f27b7b718f6ce0185f365189155de5922afae4edd4a6508090ed059940524274f2554b1cabb760055a4e9e5d24665145180ea36c9ab967b67d708e55ad3eba6587b15e1a203e7d350371516d80e6b5c78525c97a62643668b2c6a1ab1de8ff550835421267d4713430123e68f475982799f051cc1241c427ae5e6b4a91d8098a0b66a04", &(0x7f00000002c0)="04468535132e2800f26e4ad5b765ed61533ee0161e9e97f3e05487f9be95725fd26179335a35ad63de9631350ac0bc3a600cbb6da510715371ac88d0000dfdce572fd77d871fc7f12cdbb236e776762c259f6ae1994b2dbe5017bf4bdc18b953f2cef1489bf59f95dd1e2ce500d3af0579"}}, &(0x7f0000000500)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = io_uring_setup(0x355b, &(0x7f0000000140)={0x0, 0xe24b, 0x10, 0x5, 0x4000020})
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x80000000005, 0x100000001000087}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x43, &(0x7f0000000040)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r3, 0x3b81, &(0x7f0000000040)={0xc, 0x0, <r4=>0x0})
ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000b00)={0x2, 0x0, &(0x7f00000008c0)=""/253, &(0x7f00000009c0)=""/29, &(0x7f0000000a00)=""/252, 0x8000000})
r5 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
bind$nfc_llcp(r5, &(0x7f0000000240)={0x27, 0x0, 0x0, 0x4, 0x0, 0x3, "e88509de7f1939e8abff005597c8ef039a5be42200", 0x13}, 0x60)
sendmsg$inet(r5, &(0x7f0000001600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f00c00e}, 0x4008000)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r3, 0x3ba0, &(0x7f0000000200)={0x48, 0x2, r4, 0x0, 0x0, 0x0, <r6=>0x0})
ioctl$IOMMU_HWPT_ALLOC$NONE(r3, 0x3b89, &(0x7f00000001c0)={0x28, 0x0, r6, r4, 0x0, 0x0, 0x0, 0x0, 0x0})
close_range(r1, 0xffffffffffffffff, 0x0)
openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
syz_io_uring_setup(0x110, &(0x7f00000000c0)={0x0, 0xf845, 0x0, 0x0, 0x2000}, &(0x7f0000000240)=<r7=>0x0, &(0x7f0000000340)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0xc, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x842a}})

26m11.422414125s ago: executing program 34 (id=65):
socket$inet6(0xa, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
creat(0x0, 0x0)
pipe2$9p(0x0, 0x0)
write$FUSE_DIRENTPLUS(0xffffffffffffffff, 0x0, 0xb0)
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
read$FUSE(r1, &(0x7f0000000140)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_DIRENT(r1, &(0x7f0000002580)={0x1e0, 0x0, r2, [{0x1400000000000007, 0x1000000, 0x1b7, 0x0, '\x7f\xb4\xe4\xa3\xe8$I\x88\x8c\n}\xac\xa9\x0e\x92\x04\xbc\xd4\xba\xdb\xc6\xf9K\x0eS\x00\xbdu\xb9;\xcd\xeb\x1aL\xec?\x7f\\N\xe1E\x89\xc9f\xd1\x8ax\xf3\x81\x04KJ\v\xe9\x19H+\xdf\xe3\xdb\xa42Lh\xb8\xe4nL\xfe1\xd5`\x86Cc\xdd\xf2n\x0e\xa7\xf5\x86\x03\xee\xec8\xad\x06\xa8\xd70\xba\xa9\xae(\xc0\x063\xd5\xb6i\xeb\xae\xe2>f\xa1\xc7\xe8_\xd9\xae,\x8d\xb0\x01\xf0<\xd6_e\xa4F\x10\xc0\xc6\x10=\x17\x16\x1a\xd9\x8b\xafq\x1e_\xee \xbb\x92\x9f\x89\n\x1b\xaf\xa2DDi\xe4\x9begcv\xa1\xe4E\x8fs\x8e\xc6[.\x98\x0f;\xc3H5\xfb\x0e\xe8\xb2<>\r\xeb\x9b\f\xf6\x15\xf2\xc0&L\xec;\xca\xc0\xa3\xb6\x84\xc7h\x9c\x9d\xfdUY-o3\xce\x00\x003\x90\xdc\x9f\x95,\xb2\xa5\r\xcc\x98\xf5\x00\x00\x00\x00\x00\x00\x00\x00J\xf4\xa9\xd02S\fZ\xfb\xfc !e\x0e/\xeb\xc5\xfa\xe3\xf5\x9e\x91\xadJ\xbd+-n\xb4\xb8a4\xbc\xdf\x1d\xd8\xc1D\xff|G$\xf6\r\xf3\xad5O~\xa9q\t\xb4\x83\n\x06f\xf0\xb3\xa6\x04\xa7\xec\xfdz\xf3\xdaX\xc1SA\xe4x\xa1\xd9j\xaa\xbdT\xbe\xc7\x94\xa8\xe5w\x97\x11\b\f\xfc\xe6\x9ax\x11\x03R\x81\xc9\x90\x1fQ\xf7\xae(h\xd2\x8fj\tp\xf8VdY0\xa8\xc6|M?2J\x03\xff\xfaI\x9av\xf6^\x01R\xce@\xb4\xe5\b\x00!To\xdb}\xdd\x9d&|L+U\xb2\x10\xaeo\xe6\xf5\xcf\xb2\xb1\x10\x84\xd0\"\x96\xa8FstV\xb5:\xd7\x8cE\x95\x0e\fgJ\xba\xee\x17\x8b\xc2\xc1<@c\xc1\a\x17\b\x94\xb2\x06\xfb\x8e4\x0f\xcaT\xe1M\x98\x06M|\xa9\xb7\x9a\x82\xf4'}]}, 0x1e0)

25m26.018763101s ago: executing program 35 (id=112):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
memfd_create(0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030041000b05d25a806c8c6394f90324fc60100000000a000200053582c137153e3704020180fc5409000c00", 0x33fe0}], 0x1}, 0x0)

25m14.878272495s ago: executing program 36 (id=129):
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000200)=ANY=[@ANYRES32=0x0, @ANYRES32, @ANYRES32, @ANYBLOB, @ANYRES64=0x0], 0x20)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0xc000)
ioctl$HIDIOCGUSAGES(0xffffffffffffffff, 0xd01c4813, &(0x7f0000000240)={{0x3, 0x100, 0x5, 0xb7a4, 0x1, 0xffff}, 0x341, [0xc, 0x40, 0xcd6, 0x4, 0x6, 0x0, 0x3, 0x7, 0x9, 0x7a18fde9, 0x9, 0xf12, 0x4, 0x3, 0x378, 0x350bae1a, 0x4, 0x0, 0x1, 0xffff06bd, 0x0, 0xd4f, 0x7, 0xf2, 0x10, 0x5, 0x8, 0x10001, 0x401, 0x80000000, 0x2401, 0x3ca5, 0x1, 0x0, 0xff, 0x4, 0x4, 0x3, 0x0, 0x0, 0x40000000, 0x80000000, 0x7fff, 0x7, 0x3, 0xa, 0x0, 0x10000, 0x401, 0x8, 0xffff, 0x91ba, 0x7, 0x9, 0x1, 0xb6, 0x24, 0xcb, 0x5, 0x7f, 0x5, 0x311, 0x66d1, 0xfffffffd, 0xa7d6, 0xb6eb, 0xc74, 0x77, 0x1, 0xff, 0x5cb5, 0xfffffffe, 0x401, 0xedf4, 0x4, 0x1000, 0x6, 0xfffffffe, 0x8001, 0xc1, 0x1, 0x8, 0x1, 0x32, 0x98, 0x7f, 0x0, 0x401, 0x2, 0x2, 0x4680, 0x7, 0xe665, 0x3c6e, 0x3, 0x40, 0x80, 0x4b, 0x8000, 0x2, 0xb, 0x6, 0x4fa4, 0x80000002, 0x1, 0xb, 0x0, 0xfffffffa, 0x3, 0x9, 0xfd, 0x101, 0x4, 0x40, 0xa, 0x1b, 0x1ff, 0x7ff, 0x2, 0x80000000, 0xffff, 0x9, 0x0, 0x6, 0x2, 0x1, 0x3, 0xa0, 0xf, 0x1ff, 0x9, 0x7, 0x6, 0x400, 0x8, 0xff2, 0x6, 0x0, 0x6, 0x0, 0x9, 0x1, 0xf1a, 0x664, 0x4, 0x9, 0x9, 0x2, 0x4, 0xfffffffd, 0x10, 0x0, 0x9, 0x10000, 0x1, 0x9, 0xf7a, 0xc6, 0x1, 0x4, 0x6, 0xffffffff, 0x6, 0x10001, 0x8, 0x68, 0x7, 0x1, 0x5, 0x3, 0x9a3f, 0x400000, 0x0, 0x80000067, 0xffffff7e, 0x7, 0x10000000, 0x10001, 0x7, 0x3, 0x10, 0x10a, 0x2, 0x40, 0x1c, 0x80, 0xb5f8, 0x8bc, 0x3, 0x101, 0x5, 0x63, 0x4, 0x8001, 0x10, 0x1000, 0x288c, 0x1ffe, 0x73ee, 0x1, 0x5, 0x9, 0x7fffffff, 0x73, 0x7, 0x8, 0x6, 0x400, 0x40, 0x0, 0x0, 0x0, 0x546c, 0x981, 0x5aa, 0x7fff, 0x7, 0x4, 0x8, 0x6688, 0x45e3, 0x5, 0x7, 0x1, 0x5, 0x3, 0x0, 0x1, 0x2, 0xffffffff, 0x4, 0xce, 0xf, 0x0, 0x1, 0x667, 0x3, 0x0, 0x9, 0x9, 0x37d, 0x10001, 0xc, 0x1, 0x1, 0x2, 0x6, 0x4, 0x6, 0x1, 0x9, 0x6, 0xfffffffa, 0x2, 0x0, 0x9, 0x5, 0x2, 0x7, 0x3, 0xffffff1b, 0x9, 0x2, 0xd, 0x34ea, 0x10000, 0x0, 0x80000001, 0x8, 0x8000, 0x3a, 0x10, 0x8, 0x9, 0x5, 0x1, 0x6, 0x10001, 0x0, 0x4, 0x10000, 0x4, 0xffff, 0xe, 0x89, 0x2, 0x7, 0x1, 0x73, 0x3, 0x9, 0x4, 0x1, 0x9, 0x0, 0x8, 0x0, 0x2, 0x80000004, 0x29, 0x9, 0x0, 0x4, 0x4, 0x0, 0x1, 0x4, 0x5, 0x4, 0x10001, 0xf, 0x9, 0x100, 0x4, 0x59b, 0x7, 0x8, 0x9, 0x3, 0x2, 0x4, 0xbf, 0x0, 0x8, 0x40, 0xd3, 0x7, 0x1, 0x89aa, 0x8, 0x7, 0xf0ce, 0x4, 0x1, 0x0, 0x2, 0xc6, 0x1000, 0x1, 0x937, 0xa, 0x6, 0x3, 0xffffffff, 0x5, 0x9, 0x5, 0xffffffff, 0xbe, 0x1, 0x7, 0x0, 0xffffffff, 0x0, 0x3d6, 0x0, 0xc, 0x6, 0x7, 0xfffffeff, 0x4, 0x2, 0x7fff, 0x101, 0x7, 0x6, 0x706, 0x2, 0x49, 0x10, 0xfffffff7, 0xfffff772, 0x8, 0x80000000, 0x6, 0x1, 0xa9c, 0x9, 0x9, 0x1, 0x2, 0x5, 0x1000, 0x5, 0x1ff, 0x9, 0x3, 0x3, 0x10001, 0xffff0000, 0xf, 0x1, 0xffffa5ba, 0xffffa9b4, 0x8, 0x4, 0x8000005, 0x3, 0x4b5f, 0x6, 0xa, 0xffffffff, 0x1, 0x80000000, 0xb, 0x0, 0xc8f, 0x1, 0x7, 0x8, 0x1, 0x10000, 0x57dc, 0x818a, 0x10, 0x8, 0x10, 0xfffffffc, 0xfffff001, 0xa, 0x5, 0x5, 0x4, 0xfff, 0x9, 0x10, 0xfffffffd, 0x4, 0xc2, 0x7f, 0x4, 0x2, 0x80000000, 0xd, 0x3, 0x1, 0x0, 0x5, 0xb6, 0x101, 0x401, 0x2, 0x7, 0xc, 0x6623258, 0xf2, 0x741, 0xae6, 0x9, 0xffffa0ae, 0x9, 0x6, 0x2, 0x8, 0x9, 0x1, 0x7f, 0x9a, 0x9, 0xb, 0x800, 0x4, 0x3ff, 0x5, 0x7, 0x7, 0x8, 0xfe, 0x7f, 0x9, 0x4, 0x2, 0x20000000, 0x2, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x7, 0x8000001, 0x0, 0xfff, 0x101, 0x4, 0x0, 0x96c6, 0xc, 0x5, 0xfff, 0x100, 0xffff, 0x1, 0x401, 0xf0, 0x0, 0xfffff53d, 0x9, 0x2, 0x6, 0x0, 0x6, 0x4b15, 0x10000, 0x1, 0x9, 0x1, 0xd, 0x9, 0x4, 0xfffffe01, 0x1, 0x6, 0x0, 0x3, 0x10001, 0x1, 0x7, 0x1, 0x5, 0x8, 0xffffc487, 0x200, 0x10001, 0x37c, 0x7, 0x6, 0x6, 0x8, 0xfffffe00, 0x1, 0x1, 0x0, 0xe, 0x0, 0x3, 0x4, 0x80000000, 0xb46d, 0x3, 0x1000, 0x1eb4bce6, 0x10, 0x8, 0x1, 0x5, 0x1, 0x5, 0x9, 0x1000, 0x7, 0x62f2f805, 0x9, 0x3, 0xffffffff, 0x9, 0x7f, 0x6, 0x8, 0x40, 0x5, 0x2, 0xa, 0x5, 0x6, 0x80000000, 0x28, 0x8, 0x7, 0x7, 0x1, 0x5, 0x9, 0x6709, 0x80000001, 0x0, 0x80, 0x8, 0x6, 0x0, 0xa95a, 0xff, 0x5, 0x2, 0x2, 0x4, 0x10000, 0x80000001, 0x5, 0x1c00, 0x9, 0x0, 0xb7, 0x3, 0xff, 0x9, 0xffff, 0x80, 0xfea5, 0x7fff, 0x7, 0x7, 0x7, 0x7485, 0x9, 0x8, 0x0, 0x5, 0xf, 0x5, 0xe, 0x8, 0x1000, 0x3, 0x7, 0x382d, 0x459, 0xcad, 0x9, 0x0, 0x2, 0x9, 0x6, 0x20000a4, 0xe0, 0xfffffffb, 0x5, 0xffffffff, 0x2, 0x7, 0xa05a, 0x0, 0x0, 0x0, 0x35, 0x8, 0x1, 0x1, 0x30, 0xffffff7e, 0x1, 0x2, 0x9, 0x3, 0x7, 0x8, 0x8, 0x4000, 0x1, 0x4, 0x15294b70, 0x3, 0x3, 0x2, 0x43, 0x3, 0x9, 0x5, 0x80000000, 0x9, 0x0, 0x5, 0x81, 0x1, 0x2, 0x3fd, 0x1df, 0x6, 0x6, 0xfffffffa, 0x1a, 0x9, 0x2, 0x9, 0x1, 0x9, 0x7, 0x2c1, 0x9e95, 0x2, 0xfffffedd, 0x30c8, 0x2, 0x38a0, 0x7b, 0x0, 0x8, 0x9, 0x6, 0x9, 0x9, 0x8, 0x5, 0x8, 0x1ff, 0x7fff, 0x3, 0x8000002, 0x8, 0x2b, 0x200006, 0x4, 0x7, 0x2, 0xfb4, 0xbf8, 0x7, 0x405, 0x6, 0x4, 0x8001, 0x9, 0x8, 0x3, 0x6ae574d2, 0x6, 0xfffffe00, 0x1000, 0x5, 0x92, 0x3, 0x7fffffff, 0xd7, 0x8001, 0x905, 0x3, 0x6, 0xfffffb31, 0xb, 0x4, 0x7, 0x8, 0x1, 0x6, 0x1, 0xff, 0x100, 0x8, 0x3, 0x6, 0x80000000, 0x0, 0x100a, 0x7fffffff, 0x7fff, 0x2, 0xfffffff8, 0x2, 0x9af, 0x10001, 0x8, 0x4, 0x8, 0x6, 0x7742348d, 0x5, 0x5, 0x1f, 0x40, 0x0, 0x6, 0x7fffffff, 0x7, 0x7, 0x8, 0x17f, 0x6, 0x2, 0x5, 0x6, 0x1, 0xb, 0xe, 0x5, 0x1, 0xfe7, 0xfffffffc, 0x8, 0x7ff, 0x3e9, 0x0, 0x3, 0x2000, 0xd, 0x3, 0x4, 0x3, 0x81, 0x8, 0x14, 0x8, 0x9, 0x6, 0xffff, 0xf28c, 0x7, 0x6, 0x4, 0x7fffffff, 0xffff, 0x7fffffff, 0xc9, 0x2, 0x0, 0x924, 0x6, 0x100, 0x1, 0x5, 0xffff351b, 0x8, 0xfffffffb, 0x7, 0x9, 0x2, 0x5, 0x4, 0x1, 0x4, 0xff, 0xee, 0x2, 0x4, 0x8, 0x9f, 0x7, 0x3, 0x9, 0xc9, 0x1, 0x1, 0x1, 0xfffffff7, 0x0, 0x5, 0x5, 0x6, 0x400, 0x51, 0x7, 0xefb, 0xb8, 0x8, 0x5, 0xfffffff7, 0x7, 0x7, 0x5, 0x6330, 0x0, 0x6, 0xea, 0x0, 0xfff, 0x809, 0x6, 0x0, 0x6, 0xffff, 0xfffffffa, 0x3, 0x0, 0x1, 0x6, 0xfffffc00, 0x5, 0x7, 0x2ec, 0x9, 0x6, 0x3ff, 0x6, 0xfff, 0x0, 0xa7b, 0x62cc, 0xfffffff7, 0x7, 0x40, 0xa, 0x8, 0x3, 0xe, 0x1, 0x1, 0xc, 0x40, 0x3, 0x4, 0x5, 0x5, 0x7ff, 0x5, 0x8, 0x5, 0x3, 0x9, 0x2, 0x80000001, 0x54, 0x400, 0x1, 0x8, 0xa, 0x9, 0xc0, 0x3, 0x72, 0x80, 0x1000, 0x7, 0x800, 0x6, 0xd19, 0x3, 0x93c, 0x6, 0x0, 0x0, 0xe, 0x5, 0x3, 0xfffffffa, 0xa01, 0xf3, 0xffffff00, 0x8, 0xe, 0x3, 0x3ff, 0x5, 0x2, 0x6, 0xfffffff8, 0xffff, 0xfffffff9, 0x9, 0x5, 0x62, 0x8, 0x1, 0xfffffffb, 0x1af88, 0x2, 0x9, 0x7, 0x0, 0x7, 0x8, 0x10000, 0x40, 0x8, 0x7, 0x2b, 0x6, 0x10, 0x5, 0x200, 0x7fff, 0x6, 0x3, 0x8, 0x10, 0x4, 0x6, 0x633, 0xf05, 0x0, 0x101, 0x200, 0x7, 0x7ff, 0x0, 0x1, 0x1, 0x10000, 0x9, 0x40, 0x9, 0x0, 0x7f, 0x8, 0x6, 0xe, 0x3, 0x80000001, 0x0, 0x8, 0x8, 0x7, 0xdd, 0x8, 0x89, 0x0, 0x100, 0x1, 0x9, 0xe75, 0x400, 0x1, 0x8, 0x200, 0xe9ab, 0xfffffff8, 0x8000, 0x7, 0x2, 0x2, 0x43, 0x3ff, 0x8, 0x7, 0x9, 0x1, 0x6, 0x7, 0xa, 0xf, 0xf39d, 0x71, 0xfff, 0x5, 0x8]})
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x2250)

24m26.075518983s ago: executing program 37 (id=203):
mount(0x0, &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='tmpfs\x00', 0x8, &(0x7f0000000300)='usrquota')
chdir(&(0x7f0000000280)='./file1\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000100)={0x4000000, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYRES16=r0, @ANYRES8], 0x10}}, 0x0)
openat$nullb(0xffffffffffffff9c, 0x0, 0x4000, 0x0)
request_key(0x0, 0x0, &(0x7f0000000080)='\xe1\xb4n::e\x00\x00\x00\x00\x00\x10\x00\x00H\x10\x00\x9d\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000000280), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c0000001500010000000000000000000500000008000100", @ANYRESHEX], 0x1c}, 0x1, 0x0, 0x0, 0x4084}, 0x0)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r3, 0x0, 0x0)
r4 = syz_io_uring_setup(0x239, &(0x7f0000000380)={0x0, 0x2a36, 0x10100, 0x2000004, 0x20000002}, &(0x7f0000000200)=<r5=>0x0, 0x0)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x401}, 0x1})
io_uring_enter(r4, 0x2def, 0x4000, 0x0, 0x0, 0x0)
write$char_usb(0xffffffffffffffff, &(0x7f0000000040)="e2", 0x2250)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
sendmsg$NFNL_MSG_CTHELPER_DEL(0xffffffffffffffff, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000980)={0x0, 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x80)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000c80)={'lo\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_FLOW_MAX_RATE={0x8, 0x12}]}}]}, 0x38}}, 0x0)

24m19.344212034s ago: executing program 38 (id=222):
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mkdirat(0xffffffffffffff9c, 0x0, 0x100)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0)
syz_open_dev$video4linux(0x0, 0x20, 0x400)
ioctl$VIDIOC_SUBDEV_S_CROP(0xffffffffffffffff, 0xc038563c, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
openat(0xffffffffffffff9c, 0x0, 0xc0042, 0x1fe)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
r1 = gettid()
process_vm_writev(r1, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x15)

23m30.123185767s ago: executing program 39 (id=324):
socket$igmp(0x2, 0x3, 0x2)
syz_open_procfs(0xffffffffffffffff, 0x0)
syz_init_net_socket$rose(0xb, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
fsopen(&(0x7f0000000000)='cifs\x00', 0x0)

23m21.130600591s ago: executing program 40 (id=343):
syz_open_dev$video(&(0x7f0000000040), 0x7, 0x80040)
getsockopt$XDP_MMAP_OFFSETS(0xffffffffffffffff, 0x11b, 0x1, &(0x7f0000000300), &(0x7f0000000380)=0x80)
r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$UI_SET_EVBIT(r1, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r1, 0x405c5503, &(0x7f0000000480)={{0x0, 0x3, 0x0, 0x3}, 'syz0\x00', 0x10})
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x10000)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r2, 0xc058534f, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
lsetxattr$security_ima(&(0x7f0000000480)='./file0\x00', &(0x7f0000000100), &(0x7f0000000180)=ANY=[@ANYRES16=r3], 0xb, 0x1)
sendmsg$IPSET_CMD_DEL(r3, 0x0, 0x80044)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x18)
r4 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r4, 0xc018aa3f, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x9}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x240080c4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x9, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x2, 0x1, 0x1b}], {0x95, 0x0, 0x700}}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xc, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x185)
write$cgroup_int(r6, &(0x7f00000000c0)=0x1c3, 0x12)
sendmsg$key(0xffffffffffffffff, 0x0, 0x8000)
ioctl$UI_SET_KEYBIT(r1, 0x40045565, 0xee)
ioctl$UI_DEV_CREATE(r1, 0x5501)
close_range(r0, 0xffffffffffffffff, 0x0)

21m18.235830803s ago: executing program 41 (id=696):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000480)={0x0}}, 0x40000)
socket$nl_route(0x10, 0x3, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r4, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10)
connect$inet(r4, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r4, 0x6, 0x16, &(0x7f0000000240)=[@mss={0x2, 0x8}, @window={0x3, 0x15f, 0xfffd}, @mss={0x2, 0x8}, @sack_perm, @window={0x3, 0x0, 0x7fe}, @window={0x3, 0x5, 0xfffc}, @timestamp, @timestamp], 0x8)
r5 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400448c0}, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r4, 0x6, 0x13, &(0x7f00000001c0), 0xc7)
sendto$inet(r4, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x11)
unshare(0x8000080)
recvfrom$inet(r4, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x700, 0x0, 0xfffffffffffffd25)

21m10.100737887s ago: executing program 42 (id=716):
r0 = socket$phonet_pipe(0x23, 0x5, 0x2)
bind$phonet(r0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x100000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002000)=""/102400, 0x19000)
r2 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$UI_SET_LEDBIT(r2, 0x40045569, 0x10)
r3 = userfaultfd(0x801)
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1600000000000000ff010000ffff000080c00200", @ANYRES16=r2, @ANYBLOB='\x00'/20, @ANYRES32, @ANYRES32=r2, @ANYRES8=r1], 0x50)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYRESDEC=r1, @ANYRES32=r4, @ANYRES16=r3, @ANYRES32, @ANYBLOB], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r5}, &(0x7f0000000080), &(0x7f00000002c0)=r4}, 0x20)
close(0x3)
bpf$BPF_GET_MAP_INFO(0x3, &(0x7f0000000140)={r5, 0x58, &(0x7f00000000c0)}, 0x10)
r6 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r6, 0x29, 0x11, 0x0, 0x0)
munmap(&(0x7f00003fe000/0xc00000)=nil, 0xc00000)
ioctl$EXT4_IOC_GROUP_ADD(0xffffffffffffffff, 0x8080583a, 0x0)
r7 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=@newtaction={0x50, 0x30, 0x1, 0x70bd2b, 0x0, {0x9}, [{0x3c, 0x1, [@m_sample={0x38, 0x1, 0x0, 0x0, {{0xb}, {0xc, 0x2, 0x0, 0x1, [@TCA_SAMPLE_TRUNC_SIZE={0x8, 0x4, 0x81}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x3}}}}]}]}, 0x50}}, 0x55)
r8 = socket$kcm(0xa, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r8, 0x890b, &(0x7f0000000000))
ioctl$sock_kcm_SIOCKCMCLONE(r8, 0x890b, &(0x7f0000000000))
getresgid(0x0, 0x0, 0x0)
sendmsg$nl_generic(r7, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x200000a0}, 0x48000)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)

21m8.632269446s ago: executing program 43 (id=718):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
signalfd4(r1, &(0x7f0000000500)={[0x6]}, 0x8, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000000a00)={0x2020}, 0x2020)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x42, 0x0)
creat(0x0, 0x0)
fanotify_init(0xf00, 0x101000)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000680)='blkio.bfq.idle_time\x00', 0x275a, 0x0)
fcntl$lock(r2, 0x7, 0x0)
fcntl$lock(r2, 0x24, &(0x7f0000000400)={0x2, 0x0, 0x80000, 0x401})

20m26.309645825s ago: executing program 44 (id=756):
setresgid(0xee01, 0xffffffffffffffff, 0x0)
setfsgid(0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x58000000, 0x0, 0x0, 0x40f00, 0x48, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000100), 0x181900, 0x0)
r1 = msgget(0x1, 0x2b0)
msgrcv(r1, 0x0, 0x0, 0x0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
msgsnd(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0100000000000000"], 0x4, 0x800)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0)
mkdirat(0xffffffffffffffff, 0x0, 0x20)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0xfffffdca, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$nl_xfrm(0x10, 0x3, 0x6)
r4 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'lo\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000440)=@newqdisc={0x44, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r6, {0x0, 0xa}, {0xffff, 0xffff}, {0xd, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0xa, 0x0, 0x6}}}}]}, 0x44}}, 0x44080)
sendmsg$nl_route_sched(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000001180)=@newqdisc={0x38, 0x24, 0xd0f, 0x70bd25, 0x0, {0x60, 0x0, 0x0, r6, {}, {0x0, 0xa}, {0x0, 0x10}}, [@qdisc_kind_options=@q_pfifo={{0xa}, {0x8, 0x2, 0xfffffc00}}]}, 0x38}, 0x1, 0x0, 0x0, 0x55}, 0x4000)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000140)=0xe)
ioctl$EVIOCGPROP(r0, 0x40047438, &(0x7f0000000180)=""/246)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0a000000050000000300000004"], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="01000000050000000200000007"], 0x50)

20m2.712421726s ago: executing program 45 (id=777):
prlimit64(0x0, 0xe, &(0x7f0000000440)={0x6, 0x8c}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019380)=""/102400, 0x19000)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x1c3902, 0x0)
sendfile(r1, r2, 0x0, 0x201f00)

19m33.809442041s ago: executing program 46 (id=812):
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x28, 0x0, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x24, &(0x7f0000000580)={@remote, @local}, &(0x7f00000005c0)=0xc)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x8, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="8500000008000000760000000000000027000000000000009500000000000000d9e029f8c1652bc575bc1dc3a9fa16094393337a693d6504978ceb558b41537525a394249a1506da9ac69561c187afa3ba7ebc3af563e1e94ceec996695d1d26bbfb2feebab62478775a18852a3359fb20d4d020daf585b85d18b24cf00e3ac10552a5c9acddcb10eae4445de245fe9c7bf90262293683e504b59ef6d4568f30efe6465b5e0aeb3c6f9f5c6ad0a0891670e48b75f800"/192], &(0x7f0000000040)='syzkaller\x00', 0x4, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffed8, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x3f)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000200)={r1, 0x4000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, &(0x7f0000000400)="cf2240e6919817e495", 0x0, 0x0, 0x8000}, 0x50)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000001b00)=""/102392, 0x18ff8)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001240)=@base={0xf, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x37)
close(r0)
r4 = socket$inet6(0xa, 0x3, 0x8010000000000084)
bind$inet6(r4, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @empty}, 0x1c)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1b00004000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r6=>r2, {0x8}}, './file0\x00'})
writev(r6, &(0x7f00000009c0)=[{&(0x7f0000000400)="da922ccf86275c8c6bf239d4160840072d311fd71e6ecbde41340e1829e587362cba03ee89eaf79ab8883d1c97a8a300d7793a3d91b3916e0badcf60bc917bf6d790e30f04cc4d8466d927457bba2ae7fcda746dfe83a304ceddb10b2d870983ecf34ae4a24aaf9ca51077e5fd38a0105656b194417cebbf2f4a204de6a7994d783999fe0f3adc3f914f93cf67e740b0880b6f5cea063203f8dec41c5f82115db70cd54d2db0b3ca2c", 0xa9}, {&(0x7f000001ab00)="cccdd05225356826f41e12155f34e566026600661646b357524e20de9021128b730526860e4b1d67a0732c068d8b7776aec9b6ee9a06254663be494215e3633fd3eab24d9d0e7d6b679cbd7873b3ac1b13d8c1a10d39022c7ed8e40e346d12c5b475d3e896b2b0969012a2e4969026aa5460073bdb987f1e028242991edf642bce23f6c722dff8eb58250912d8cc05ef8d07eafdcdf366bf43eb6e9603b4040a545753d8210a8a0acdea67340625b9dfd31782e38db5488abcfb57f9e40b140f5a596420d9b9ea7ff57dc78d0afae3204b3585c4f1386f8ed12beed9bb8d90794090ea6977f1b207272b418e92160a36bebee2fbe1afdd62f46339b2232a9fc34e94c2987f6ba04486f97af369896a0ca84125f657d58037ff2f0c5bfe70426f88de3d4287516961b78e8f68425b175599aa572786b6c412c8945de93d10999e7e5544e380467f6524012fdfe57663cf0672619753c27027910288c439e4b869a9bb8e6eafc25585eabd68f710213e145a6a42e2db8a79cbe59cdf2f0d9e68bc409414c3c035f6aa2c38c94ece7456f98ed717c9785b924534f7594ab2a7dc5dc41e29bc9c3721598e73da1f4a4e13a337db002e6b4dda10322a76d32640fad0e8141eb014ad8d66f888da992df2243df4e19090dadda8746aec17801548167ac9ee355c3e2b760042629afa878bee4c0abc87c1f95a00b7d375b0a768b95c86f0e8a5dfd6561ddbe59768078fd536cd4b5818ae8bca4f428f35961f04e16e684448517b4c0869c1b3eaee3ca51ebe2916222bb57c2150799b94cd20b7d52a7f3dd95adf32f612ae19fb9856c8012cf92090b2fbf05694ad15d8cc5c3e20fd309dd6c587ccbbe86546a318e8f91f4bbbcfa921a5b5631aa7d30b9cf91822adb11980f1512ef9f2193e11a36dba84141686f782afcae67c5a69757adf3232b42ae44124b4d7f6c6fae2f270cdfe5ec2f03585c037f69e649f3272820e8d5d14c8190bc496e01ce46a23d40e0d644cea4e30f04ff94894cc8fe93b21f878921ef260eba9b270d3c8019973fff04c1b38a382b4eb0350a5ebbaebb1f89dae8b9543a35e95a8cb8465cea13ba9b6cc21982f9d73cc33951ee0d9d73d914c13a4e49027b078f167764a44bf57c3a119e701ba9dca0d42b4bc973aeda2c4aac93698feba008ba2a72f2878a4dc235f37c20ce83d20d53c8f1058071252adbb8167c57b8ee2283266909a1aa790cc36e5a92da571c2cd1c5c4cf2e79452ff16583c8ed49a0ceca9f71ec4d2366373de552f78465b71a77707f30cbaad9cfbe07d5423936bcadb03f64a4ba05c99545f569602bb9d46d87877481e57fc6bb6aab1b6c76cabc4f470f94b234f5d9b699230cc716e335beea0215ae8c90703031cabcc092be245b4102f3f3ff8c7b38aef6dce8cadc977b4220d0319fdf8f3beb1972878fcc2ac71873a72fe792ec6d143ecc22ecd1fa48c01f5a59597f8180fd0f7c7f18043bb24e1e12285d961b2d6bf3e37e1d971b74153ce10eab431d7d7d8ea2f62cba8d2264b6e2bbcd99d879c4b35b882a3bb41c285fda7e6fced54838b199348fdd1e3ffab92aceb3e9f7a5a3d90b73510d3a691b4fcb6d229503dafd017541171eec33d1924c60ea5d2838ea5351765a5f6c5c269cb4797606604842bb47faeb520b650da6d19a225b545f2c3e2a94d44231ec6cb598af7617928f5938054c69f9262cda4335fad64fb1553b0c9fd729616cd6aa9d314f3f75bfa9582b4dd7d8bef24ac1d99137426dbaa70bea0c0e38f2264f57ef6ab99a86d4292bc2221f870eeee2c8c18d4fdfbef68c1bc0f5a18ae8282e367269f1231ebb0d45fa0008a48d9e33a6d1dd910b86b0726731de115227093b56d75adb26e1582aa4e515d2a42c41a6ab1279711842831c723f422d3e57f94d677f059e5a88b96254bd6cbfb260150e98e0962768838970b50acb1c3e5719e1795ca7385c37b30c76de275485cc14c97f92a46fb918113dfc9b8190eae3cfb06f1d6bb01fb48962d58dbcd151fa682686998f4c03c3c8964bbeec068ecd5f6f2e0eac621b4786301732aa725dc264b502d5cf4a59ef2465fdb3cadf938615f7e29f1254742b7fb2cacec57d10ca3027762c898e6295bcfd9eab12d23d8fc979cb310a6ce22c3d68bee12c4534e59fe68ecc9424cf641c2a1e95224dd95b6c766a3d4372cfa67a5127273d7c6c47276f3ddb34aee6fcc5542042b126fbea3c8845cc705a317bb6f23d13f260df86724a3e4acb4a57a219f72171dde0af4ba793d78b440940978e6e25e4c6c1f9592f01b10e9efd2136e5cda120e05981aca8e52de349ef96ea0486702179e3106a1957ff8b84f4de77552ef06a5c34eba1402a0660915fb2d6958ecc9f91be4b7816347741d92959e83e5e263105e70d160680866117ef1ad90c0147d4f36be3acfd5a2858cd604c02fd2a1922b60b8f982b8ff4de32e1ef5dca11776304d1fe8fb9f79a2f0ffcb1ac545a061c351fcc7d2666c42a960f84d2ee0fa8d6960e2448e4d720acdb2cc8368b5996e986008766d1fcac176c0a4c51f3755223d19c36ff7846c9a03819b280fba56db6fe66edc91dd20c6f2a742496a62d7f7e1a89d5fe350e51e703b2c7ec22c2dc49223b5305d5da3998f465c13bcb45b9439154ef9e3e605554cb13c837239a3f2b9651ba118755842affc21bdc443bb7b13994d72fe05fb6fb844576576c6bb84e42dc0a29a5602f5a66abe626a20a14163d00612d57eb3c7fd1a99245e307ce0eccc01634b57da37cd023a2035a830b82f0b84722249f711c887072a449c10c12f121c2fd8e66b6cf9129a7ff0f740830773bc79461ab12a94dfc09f08bb6ad08f3ffc5be402914f5ef1fa13b1f39d7c2fd971a24a3bcf04376a9d35d6929ce84ed24cb83a812d5dd0ee6744e66929c415bd3c2fc2be4c26b51c5f960c7e1391cf375225ce75ae5dbf4bc353233c66423341f311df083fe95fd8d19d18434c8825058199f77f03f5c43e5eef554e1a4088e6710e2ec5496cdbdb3c9ed65d9daeb916ab05c1498ad98c79aca32985ac17c97f298e170b530c8c9e6bed130748e68d8357f03a8262c3755c5c13d59a98fbabf12528c63d3bafa94ce4df02dc38be1f6ec4c08c12f667089224120b418fc84d0b6293546768c4279f16a97c0fba3ebdc8264f0074282bb0c2f6a772ac9f285f6019bdc457df23bc47f910d2e0fde647562dd07ce681ba3f900c29f7f48563ec73f67ebe2b76aee1f4907df89357aedba0aad10b52a1e18328172ef5eb10eb1f0c0c1c8edd06b934d5af961788fc5524ceb6bee7c20b3055d3113c3724f543dfef1f4ec447189e5c8b658998c49d2a943008c5774c4be9495725ff7e13d1b6e9074a10e6698ad1a790c2c6a5eebcb2a0905cdf2ef987c02d7fa15bd52b7fdac87d85a38a2de38d5a28a1bc5e7f611cfd375cbb6b38d245b3cee7d54feafe2a8f2ae23a401fa0d2ffa1db1e3f035e2b1e6022838569d7caf50660a1945e7171d46e67a7a7916743194416974bae33482e68ac7b09ada918c0485ddbec388aced80b3a2454fbe3e17008286d6e2e3184551f02b314c74d868e7aa96430732261b64d69034e2fae7fd5d9b46b5a73d57130edd741d6996344b11c15c526294b86ba5f13cc1b02646a688a535cca06ad3ffe3b3ce503f94900ccce55a08d580b04c8e148fcd998eca01015731af7a2f48482dc4b04505696778f579e167d3641cd0305d2520147508253e68cfc921afc1f8836c0859114c65bc00ed5a92fceb3d16fddbf1f9d7b1f3ddc8c16addae9bd4f111aa25419388aa3d91e7bc4f8c4c2945df0493cc4ab21311e856cff199c73232f11c4d9b9441465115d90306c5943e711906f5048cfd6b3a631a536fe310c2b887f7429f1316af4bcc6e73f1cf7c6fdc858f6c4875cba35b62c3670e2341f17512ffc74a7b7bf593ecc1bfd07072adc757b47c9f15076f6d3735aac41683141cf7b0ef5154597b611faebc0adea3c227d92812ca83e5e8ae3c8c692d4e168094ee0af1341442d142c5f32c609692e0ca017f9003de31d0647c6de27808b3e535af6b1c4e35a532b311d3f6a0f7d05e0f8785a092fc604786c1fd597a9d4e51c6eadd6dea5a228d4ab6b1482e7a3051b2c95524f6298cefa306fa5ec312c23d7a0269ba7e1a9ab7511edc84dd2cf2c9d3f3168679b32d6e72e3ea8148996ee56c466b6c18810956b894484ea13ea525c2b7a21aa434416bcf6d323361f280ce4786e709e4acf8f0333478d7b627e0cd5a80e23fe56d5bfc51d5e8246bf7d13c335251362fd59a26e049d02865be15eaf4233693d934889befa19eb5a016532493d97fecd33c81a6bfd3314ef0ab2da06b03723b5867d89b0fb2791366ee1336a8a290d8ada51561fd341a3b2ca5faf40158805040f24259e1d54cca0f43aee842ca3cb0ec78a6aab81f12a0f9aa2ecf5a0c3f900f492d92905e6889adee4ee36ced0ba30a3930bb69581e5fcc1f55b9f7b817af1e0090c915efec7df8895e20457687a5649ac989ac9850f33443d30ecb9e8237540cd4abb8a8408c0f0c653af798a35b9bd31aa663fcd55254bca64f25b97b8b708d993e852154017040f0adb92ecffb3bf0a9fd6cacb7c5304d2fa7cc1388d0d196a0c6c9049f5676420ce1ef04a623c36e17998e399237b0a811270b37e61d80d1e8bc1f3709d1b22ce058ec0060d2381a7ad9b1b8b4957b4444d43daace8479c097bc19da26a122017dd6286256014e6f0714677e367ae2e34defbc280ee94e794870c4b09b285e7ea77006f11fdacbbce7d636a3852d3a81e1763ff746cbc5e3d803d1edc9d6b77cce4bb70aeb80f468b48eb23f0a635841a066bc84ffd636e021eef7e5b13badd29ffa9802b95bb350e1d39f091c4d149b7a1831c5169b73966b2e060a7ac90be83908ae36aad06d093f97bd8caee173df6a74c27d4946580c2aa16861565fef930e6d2a031755d5931ad3e54679828ba0a2b3670e53c624c8d05d0456fb7ad7f28aa9ba35ddf6eb7c5df1d5a5896c73690bd0d4f59b2fd6e0dc9a7d78cadac11f9d7d7d66a3feae8a28a1405785ab006742b3109e1b151679763a36e3fc16880c129c5b14a4a32162c0cae082b1dcc912dec8671a924b6eaa5b68ea4f929262c41f81420d6e2ebee8a038baa4e8f0d674699b934d94e90f5458c787c55935339da6854fbfd429f8479a97e7133cba71e51d295f393633f8ccf3c4413b5271416b7859095d6dad7b5c521f130220dde198c6a1432862fa4e05bac3b8dbd32b90b373bce26e75f3142a31234d18ab74732aa78304edd6ba199a9bdfe616164cdfb2c2c751de20437f88b793f986b1126f455d062541a23556766c20c3d1c4620bd9d0e839feb3b850ee527ce5555a2fceab0146383c6d21f3c018169a26219868e8a3f37978512702f197309752cb1f97675ec336e8f2148c37b8bdc2a458f5fc0104fbd1d0894705b076e2e6eeb92c63b7b3deafe3f57649c23989cf7fe9281ec604bdcd1d3e65b98633e9a28c77534a83fb2ac9282aff00a794bf7fb4869b1db6cd459c041fcd038a2e0a803c6ad4898861e4201e444dea9003a4620db45ecbefcb458ba53a84a2ffe15b3277a645549f5b34811846bc16c3cd26cfae3a8f5c8918dda252f33ea735ebf1773df90dad8239b3b4292a4be6fc2e130106ef62e131766e8df07ecb12ce195e1ef0797e8e80298f4c51a457339167af79aab25ef50f3ff518de9d65964859fb39d02ed90d75f202ad409a275", 0x1000}, {&(0x7f0000000680)="887602e5617f7b3bf8ce30cda2b3367c59339079577d35d7670b2cea9232d92ffa1eda2bab295d488c65e4ed7b7a71bae043c26e4a69eb47c0a3596be1fd60d7b39e269812eee516e048ddad0e297b41f2f58ec6c912aa6d9b3683d15468610a1526d574862e80168916d26c9793948e506f56f87026069dde3a719263689c464fe7c52f2e09c14ccf8c4c175b0bb5ae43723ea8d719ab822501de0a92f0e68dbaad50a190974209d41ef46f594c70c87cba89f00f3b614bc1b373c0283000d73c6d0733ca", 0xc5}, {&(0x7f00000004c0)="97398432283718415263db161480e5ad597c434678816825a896171caea06d922ecb9ff2fa385a08aa1aa8893f7cba0731d7bc8eb7b511c02d70d0bcf9c8132d4612343ae419fdf596122d4a180bf7ac89d53ad2664c7035debb985e7584a9abf5490f64e31eab19c76530011f00fabf9da7883a54e13d", 0x77}, {0x0}, {&(0x7f0000000880)="738b1f5112ff4b4d877ee29ed981f11cfae91bba8b08a343f04e54ca3b8bada630eea2a2fefefb18cb74bdb0208c041974cf67928a2cbaec310bdb26da9dd6895b6d82f84745a6186907b396a1ceffb47b034a1fa5c836681552b0df4f428a69dcd28d7a50c027f427bcf2d930c196483407ced33fa5ffbed6ca3ca2040043a68af6a9b3cae6d3056fc365770d61e7d61abd9462d319eef57c9613ac94115f91a03249588d9da20ec593da6e91d8b4d1a1d681e1", 0xb4}, {&(0x7f0000000540)="1a3023091535", 0x6}], 0x7)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000012c0)={0xe, 0xf, &(0x7f00000016c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014100000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b7000000"], &(0x7f0000001440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@nfs_export_on}]})
chdir(&(0x7f00000000c0)='./bus\x00')
r8 = creat(&(0x7f0000000440)='./file0\x00', 0x4a)
open_by_handle_at(r8, &(0x7f0000000140)=ANY=[@ANYBLOB="16000000fb00030000000000fb150705e8371ff92f0201040000000000007093"], 0x30000)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000003c0)=ANY=[@ANYRES32=r3, @ANYRES32=r7, @ANYBLOB="05"], 0x10)

19m3.264723821s ago: executing program 47 (id=850):
ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x7, &(0x7f0000000040)=0x4, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000000c0)=0x3)
sched_setaffinity(0x0, 0xfffffdca, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000180)='yeah\x00', 0x5)
r1 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000840)="89000000120081ae08060cdc030000fe7f030000000000000001ffca1b1f0000000024c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec00150c00014003080c00bdad446b31007a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947e", 0x75}, {&(0x7f0000000140)="11d6cb557c8496a2fe7a81f38210bfa9b70ee09c", 0x14}], 0x2}, 0x0)

18m47.475089077s ago: executing program 48 (id=877):
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
r0 = syz_open_dev$video(0x0, 0x2c, 0x82040)
ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000001280)={0x8, @pix={0xe, 0x3, 0x3136564e, 0x7, 0x4ae9, 0x8008ffe, 0x6, 0x81d1, 0x0, 0x6, 0x1, 0x5}})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x43, &(0x7f0000000040)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_PROG_ATTACH(0x8, 0x0, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x7, 0x4, 0x18, 0x28e, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1a000000, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000001380)={0x2020, 0x0, <r3=>0x0}, 0x2020)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000200)={{{@in=@loopback, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}}, {{@in=@empty}, 0x0, @in6=@mcast1}}, &(0x7f0000000140)=0xe8)
getresgid(&(0x7f0000000300), &(0x7f0000000340), &(0x7f0000000380)=<r5=>0x0)
write$FUSE_ENTRY(r2, &(0x7f00000003c0)={0x90, 0x0, r3, {0x1, 0x0, 0x81, 0x8001, 0xfffffffa, 0x400, {0x6, 0x3700, 0x3, 0xfb5, 0x0, 0xfffffffffffffffc, 0xd048, 0x0, 0x5, 0x8000, 0x3, r4, r5, 0x31b3, 0x800}}}, 0x90)
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, 0x0)
r6 = syz_open_dev$video(&(0x7f00000004c0), 0x80000001, 0x1)
ioctl$VIDIOC_QBUF(r6, 0xc058560f, &(0x7f0000000500)=@fd={0xffff, 0x9, 0x4, 0x8, 0x101, {}, {0x3, 0x8, 0x8, 0xfd, 0x0, 0x5, "f500"}, 0x2, 0x4, {}, 0xd})
r7 = socket(0x15, 0x5, 0x0)
pipe2$watch_queue(&(0x7f0000000280)={<r8=>0xffffffffffffffff}, 0x80)
r9 = add_key(&(0x7f0000000040)='cifs.spnego\x00', &(0x7f0000000100)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$KEYCTL_WATCH_KEY(0x20, r9, r8, 0x0)
keyctl$revoke(0x3, r9)
syz_usb_connect(0x0, 0xf5, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000772aed408680070bb96c010203010902e30003dc2000000904003f000e01000505240600010524007f000d240f0104000000080000000006241a03000a052404"], 0x0)
getsockopt(r7, 0x200000000114, 0x2711, 0x0, &(0x7f0000000000))

17m59.782674614s ago: executing program 49 (id=946):
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
r3 = fcntl$getown(r2, 0x9)
sched_getscheduler(r3)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r5, 0x1, 0x1a, &(0x7f0000000000)={0x2, &(0x7f00000000c0)=[{0x28, 0x0, 0x40, 0xfffff02c}, {0x6}]}, 0x10)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x2d)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
unshare(0x40000000)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000016000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone3(&(0x7f00000003c0)={0x385200080, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x0, {r8}}, 0x58)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42031, 0xffffffffffffffff, 0x0)

17m42.761162369s ago: executing program 50 (id=975):
socket$alg(0x26, 0x5, 0x0)
bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0)
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xd5e, 0x240000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0xfffffdca, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
open(0x0, 0x0, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000480)={0x2, 0x4e21, @multicast2}, 0x10)
sendmmsg(0xffffffffffffffff, &(0x7f0000007fc0), 0x800001d, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000007, 0x38011, r0, 0x0)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
read(r2, &(0x7f0000000040)=""/148, 0xffffff96)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text16={0x10, 0x0}], 0x1, 0x64, 0x0, 0x0)

17m0.189283408s ago: executing program 51 (id=1053):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000001a00)='./file1\x00', 0xc0, 0x61)
r0 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0)
mount(&(0x7f0000000500)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000004a00)='./file1\x00', &(0x7f0000000040)='udf\x00', 0x8007, 0x0)
ioctl$NBD_CLEAR_SOCK(r0, 0xab04)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_int(r2, 0x29, 0x19, &(0x7f0000000400)=0xa4, 0x4)
syz_emit_ethernet(0x6b, &(0x7f0000000300)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x35, 0x3a, 0x0, @dev={0xfe, 0x80, '\x00', 0xf}, @mcast2, {[], @dest_unreach={0x1, 0x2, 0x0, 0x0, '\x00', {0x0, 0x6, "00b295", 0x2, 0x3a, 0x1, @dev={0xfe, 0x80, '\x00', 0x44}, @remote, [], "caa7c1b7f4"}}}}}}}, 0x0)
read$msr(r1, &(0x7f0000032680)=""/102392, 0x18ff8)
mount$9p_tcp(0x0, 0x0, &(0x7f0000000340), 0x800002, 0x0)
listen(0xffffffffffffffff, 0x0)
prlimit64(0x0, 0x7, 0x0, 0x0)
ioctl$MEDIA_IOC_REQUEST_ALLOC(0xffffffffffffffff, 0x80047c05, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)

16m57.040256334s ago: executing program 52 (id=1060):
gettid()
madvise(&(0x7f0000bde000/0x1000)=nil, 0x1000, 0xb)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
move_pages(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x74, 0x0, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='huge=always,huge=within_size,nr_blocks=5'])
syz_usb_connect(0x0, 0x36, &(0x7f0000000180)=ANY=[@ANYBLOB="120100006325a640402000498b4d000000010902240001000000000904000002214c6a0009050702000000da000905890e"], 0x0)
r5 = open(&(0x7f0000000240)='./file0\x00', 0x0, 0x0)
r6 = openat$cgroup_ro(r5, &(0x7f0000000280)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r6, &(0x7f00000000c0), 0x6db6e559)
clock_gettime(0x0, &(0x7f0000000000))
clock_gettime(0x0, &(0x7f0000000040))
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_buf(r7, 0x29, 0x6, &(0x7f0000000180)="100000000000000001000000010000", 0xf)
timer_settime(0x0, 0x0, &(0x7f00000000c0)={{0x77359400}}, &(0x7f0000000100))
r8 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r8, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
getsockopt$inet_sctp6_SCTP_HMAC_IDENT(r8, 0x84, 0x16, &(0x7f00000002c0)={0x1, [0x5]}, &(0x7f0000000300)=0x6)
setsockopt$packet_int(r1, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4)

16m47.615111802s ago: executing program 53 (id=1076):
timer_create(0x0, 0x0, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r0 = io_uring_setup(0x355b, &(0x7f0000000140)={0x0, 0xe24b, 0x10, 0x5, 0x4000020})
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x80000000005, 0x100000001000087}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x43, &(0x7f0000000040)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/sys/net/ipv4/vs/sync_threshold\x00', 0x2, 0x0)
r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r2, 0x3b81, &(0x7f0000000040)={0xc, 0x0, <r3=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r2, 0x3ba0, &(0x7f0000000200)={0x48, 0x2, r3, 0x0, 0x0, 0x0, <r4=>0x0})
ioctl$IOMMU_HWPT_ALLOC$NONE(r2, 0x3b89, &(0x7f00000001c0)={0x28, 0x0, r4, r3, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = memfd_create(&(0x7f0000000540)='\x01\xfd\xae.+\xa6\x8c\xb6?2\x199\x94S,|x?Ue[\xbd\xe1!\x033\xbc\'#\xff\x17\x9b%\xf3[d \x06\x00\x00\x00\x97A\xc2\xd8\xf0Uq!\xe4\xc4\xb1\xa2\x1c\xffC;\x94Q\r\xb6}\x9c\xecC\v\xcf\xeb\xe4\x9aR\xe5,\x82\x03\x00\x19\x8d\xe8\xc6\xb9\xe4\xb4\x99\x8a\x19P\xb8\x8cx\b\x99\x04R\x05\xaf\xa2\xea5\f\xcc\x1a\x9b\x00Uf\xa5\xf7\x80Tgiz\nX\b\x91\xfd0\x8e\xb6\xa3\v#\x16\xdf\xb4\xc0\xe6\xb4\xef\xa8i\xd8\xa2\xd2(\x98\x9bA\x8f\x13\xeb\xf4b/\xef!\x8f\xf6]-\xf1k\xb62\x89gEv\x13\xf4\xc7\xb2\xf5\\\x17\x90\xb5\xa6\xa8\xb8o\x0f\xe2 \xe7\x9c$\xd7\xf2@\xf7cdv[\t\x00\x8d\xf3\xcc1\r$\x1e\xff\xf0P\xb2\x97\xb8\xbc\xeb\x91\x87\x8bu\xbf\xd4\'\xff\x1f\f\x016\x9dQ\xeeT\xe8\bY\x00\xb2\x06\xa6\xbel\x9b.o\xbe\x80\x9dx\xd5O\xd6h\\I\xc9\x8d\a\x1d\xc9k\x83\xfc\xa4\xad4\x03\xa2X\x0f\x82\xdbs\xc7\x83L\x9e\xa2\xd1\xb3\xac\x8d\xd8\xb4\xb4\xea\x90Q\xd8\xc7\xeb%\x8bOp\x1ab\x96\xcf\xbb\x15\xcf\xfcN\xed\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00s\xaf\xa2\x14]p+\x96\x1ei|n\xda\xee\\\xae\x96*\x82*\xb8j\xda\xaa\x14\x1f\x1d\xf8\xf8\xae\xfcH\xc4\xb3j\xe8\xcfO\xef\x0e\xafe\xb5*\x89\x18\xb2w\x96\b\x1by\xeaT\xdd\xb3g6\xbc\x85\xb2Y\xccv\x06\x00\x00\x00\xc5e\x90\xc51\x9f\v_# \b\xa5\xbcP,|\xe9\xd6s\x1f\x1f\xbe\xd3\x80\xb1\xa8 \xce|df\x903\v\x02\xea.\x03X\xb5\xe4,8\xb7\xadEI\xdcA\xa7\xcc\xd7\xf9n\x1b\x95\xf8\x11Z\xe6:\x03\xce\xfe\x02\x8ctdy~_oC\x9e\xef\xf0\xa2K\xe9;\x8e:\x01\x03C\x92\xeb\x16\x1c\xbf\xbe\xef\xccUxhg\xdfY\xe6\x83\xa6z\xff\x01\x9d o_{!O\xaajU\x84 \xe9\xb59r\x9cw\x18Z\xd3\xcd\x0e\xba\\\xdb\xf0\xe1\x86\t\xaf\vi\xdc\xbf?\xf5\n\xbd^\x05\xc0\xceuC}\xa8\xc7\xad\x86\xd7\x15&\xb9]1\x05J\x96\xf0\x84\xc1\f\xa6p\x96?\x00\x00\x00\x00\x00\x00\x00\x12\x88\xc8\x9c\xc9Cn\xd4\xa47V\'+\xcc\xbf\r\xa9\x10\x1d\xcf\xebKlb\xe5:\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00G\xdf\xbb\xc0_\x99F\xf4n]\x14\xbc\xcd\xd3\x9f\x9fe\xc5\xe6\xe8Mb\xc6\x82\x82\xcb\xcaXe\xe1\xa2\xaa\x02\x86\xb8\x18\xe2C\xeb\xa9\x17&\x01&\'w\xa1t0\x80\xf0\x93\x80\x9f\x9b\xe0\x9f\xea\xb9\x9eD]#V\xda\x92\xca\xc6\xfa.\xd6\xe31\xfe\xe8\x02\xebX\xbd\nz\x01O\xd3r\xa2\xa9u\x93>m\xd7q\'\xdf\xfajo\xd8n\xa7\xecJi\xde\xdf\x7f\xe3\xc4*Z 4\xe8S$\xa1H=\xdf\x05\xf3\xe3T\xd1\xdd\xc6f\xa4\xb4\x96\\\xa0\xf9\x0f\x17\x11{\xb6\x9d\xd21\xc1\x90Vj\x13r\x00\x00\xde\x03\xab\xff\x8as0\xc6E\xca\"\xd9*\x9a\x15\xb95r\x8f\xaaj\x82\xd6\xd2%\xed\xa2WQ\xec2\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xccX\xfdRB\xffU\xe9\xfa\x1f\xf6\xce\b\xde@\x061\xc6z\xe4\xe0\xc9?\xa7\x94>\x9c\xd1\xa5o\x04\xaaim\xae\xfe\xc7f\xa3\x96\xd7\xb4c)r{\r#\xddI&\n\xf2\xec\xd4\xff\x9f\x136zZ-2\x80\xfbH+\x9b8\xf3\xed\xdf\xa2my\xb28c[\xc3\xfe\xb5M\x84\x97\xa5gs\xe9\xdc=)I\xabLt2\x9c\v\xd9S', 0x6)
fallocate(r5, 0x0, 0x9, 0x4)
close_range(r0, 0xffffffffffffffff, 0x0)
r6 = openat$qrtrtun(0xffffffffffffff9c, 0x0, 0x40000)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
readv(r6, &(0x7f0000000080)=[{&(0x7f00000000c0)=""/106, 0x6a}], 0x1)

15m25.517413365s ago: executing program 54 (id=1236):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[], 0xa8}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24040089}, 0x2400c000)
getegid()
socket$netlink(0x10, 0x3, 0x14)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
r0 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, &(0x7f0000000140)={0x3ff, 0x2, 0xb5})
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r0, 0xc00c642e, &(0x7f0000000180))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
setresuid(0x0, 0x0, 0x0)
ioctl$TCXONC(0xffffffffffffffff, 0x540a, 0x1)
mq_timedsend(0xffffffffffffffff, 0x0, 0xffffffc6, 0x7, 0x0)
syslog(0x4, &(0x7f00000000c0)=""/27, 0x1b)

15m15.338119843s ago: executing program 55 (id=1258):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f00000003c0)=""/102392, 0x18ff8)
socket$alg(0x26, 0x5, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_subtree(r1, &(0x7f0000003000), 0x201, 0x0)
ioctl$BTRFS_IOC_SCRUB(r2, 0xc400941b, 0x0)
ioctl$BINDER_GET_NODE_INFO_FOR_REF(0xffffffffffffffff, 0xc018620c, &(0x7f0000000000)={0x1})
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r3, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
write$nbd(0xffffffffffffffff, &(0x7f00000003c0)=ANY=[@ANYBLOB], 0x40)
shutdown(r3, 0x2)

13m58.101522455s ago: executing program 56 (id=1440):
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x12, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007b000000850000004000000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @cgroup_sock_addr=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r1 = fsopen(0x0, 0x0)
gettid()
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f0000000340), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000b00)=@mangle={'mangle\x00', 0x64, 0x6, 0x548, 0x0, 0x0, 0x2a8, 0x2a8, 0x1b8, 0x478, 0x478, 0x478, 0x478, 0x478, 0x6, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x3, {0x0, 0x5, 0x703}}}, {{@ipv6={@mcast1, @local, [], [], 'macvtap0\x00', 'ip6tnl0\x00'}, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@broadcast}}}, {{@ipv6={@mcast2, @loopback, [], [], 'veth0_to_team\x00', 'syzkaller0\x00'}, 0x0, 0xa8, 0xf0}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @ipv4=@private}}}, {{@uncond, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x7, 0x6, @ipv4=@local, 0x4e23}}}, {{@uncond, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@dev}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x5a8)
ioctl$VIDIOC_G_CROP(0xffffffffffffffff, 0xc014563b, 0x0)
r3 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r3, &(0x7f0000000200)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x38, 0x24, 0xf0b, 0x0, 0x1, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x4000)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0)
sendmsg$802154_dgram(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x24, @short={0x2, 0xffff, 0xffff}}, 0x14, &(0x7f0000000080)={0x0}}, 0x0)
recvmsg(r0, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x60)

12m55.619796487s ago: executing program 1 (id=1690):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000280)={0x4000, 0x2}, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000010c0)=ANY=[@ANYBLOB="180000001600010a00000000000000000a0000000c000080"], 0x20}, 0x1, 0x0, 0x0, 0x200c0801}, 0x0)

12m54.867778705s ago: executing program 1 (id=1691):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x6, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r1 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r1, 0xc0184800, &(0x7f0000000100)={0x4, <r2=>r0})
lseek(r2, 0x100000000, 0x4)
clock_adjtime(0x0, &(0x7f0000000000)={0x66b9, 0x0, 0x0, 0x0, 0x1, 0xe409, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x248a, 0x0, 0x0, 0x0, 0x81, 0x0, 0x1, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x4})
openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000000), 0x102, 0x0)
mount$tmpfs(0x0, 0x0, 0x0, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$VIDIOC_S_OUTPUT(0xffffffffffffffff, 0xc004562f, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
r4 = mq_open(&(0x7f0000002180)='!se\xf7ih,\x17i\xacP\xe6lNnuxselinux\x00j\x05\xf9\xa1k;L\xb3C\xeb\xf1\xa7\f\xfb\xa8U\t\xc4\x00t\xbb\x03\x01/\x8dQxk\f\xa7\xfd\xa2=\xb9\xfa\x8d\xa4>\x11\xed\a\xd8\xd4NEz[\xb5\xd4\xd05j\xf2}\xa1a\xd9\xdf0*K \xec\xbc\x86>,\x9dLJ\x13\x1a1\x8fI\x12\xc9\xc5\x11\xf9\xa0S\x95\x9dU\xadn\x89v\xe9\x82\xdd=\xf5e\xacq\x0e\x17\xd4\x19\x8dEp\xbd0\xe8\xb5U\x8fx\xa3\xd0\x92\xbb\xd8>\xda\xe1\x9d\x8c\x1b4\x9c\x17\xb2\xec;\xef\xcd\xa1){\x91\xd2\xc9#;9a,x\x93\xb1xN\x02\x91J\x9c\xed\xff\xea\x16^v\x17\xcc\xfe\xa2g\xa9\x9dk\xe4', 0x6e93ebbbcc0884f2, 0x0, &(0x7f0000000300)={0xfffffffffffffffd, 0x1, 0x7, 0x4})
mq_timedsend(r4, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$inet_tcp_int(r5, 0x6, 0xc, 0x0, &(0x7f0000000100))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = syz_open_dev$MSR(&(0x7f0000000000), 0x6ffffffffffffffe, 0x0)
read$msr(r6, &(0x7f000001b000)=""/102400, 0x19000)
rseq(0x0, 0x0, 0x0, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r7 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0xc2d41, 0x0)
ioctl$SNAPSHOT_PLATFORM_SUPPORT(r7, 0x330f, 0x206)

12m53.965167759s ago: executing program 1 (id=1693):
mmap(&(0x7f0000736000/0x1000)=nil, 0x1000, 0xb635773f07ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)

12m53.509533267s ago: executing program 1 (id=1695):
socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000300)={@in6={{0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}}, 0x0, 0x0, 0x43, 0x0, "0aaa8ff5a212a1bd3bbda613efd9c8b4965dca66db42f66a86e5781cf86717055a7c1d13e6507e5a774ef95f2fc1b947e03d5c8379123f2f1d34b0882e83d41b67cb9ff147c6d33a097d2269351b3ed3"}, 0xd8)
setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f00000012c0)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x34, 0x0, "0c9e089c1b4a04000bde79f04103c458187eb46c2d996aff287154e786455261c425a7519cc275d04e6205abd307a0c4fa3838bf399ad5bd35f21907c7988d1300"}, 0xd8)
setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x8000000004)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, 0x0, 0x0)
writev(r0, &(0x7f0000000140), 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7fff0001}]})
sendmsg$nl_route(r0, &(0x7f0000000500)={&(0x7f0000000400), 0xc, &(0x7f00000004c0)={&(0x7f0000000480)=@dellink={0x28, 0x11, 0x400, 0x70bd26, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x1080, 0x10000}, [@IFLA_WEIGHT={0x8, 0xf, 0x5f8}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000050}, 0x448d0)
r3 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r3, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
setsockopt$MRT_ADD_VIF(r3, 0x0, 0xca, &(0x7f0000003d80)={0x1, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @dev}, 0x10)
syz_emit_ethernet(0x66, &(0x7f0000000340)={@multicast, @link_local, @void, {@ipv4={0x800, @gre={{0x5, 0x4, 0x0, 0x0, 0x58, 0x0, 0x0, 0x0, 0x2f, 0x0, @private=0xe0, @multicast1=0xe000c800}, {{0x0, 0x0, 0x1, 0x0, 0xb, 0x0, 0x0, 0x4, 0x6558}, {0x0, 0x0, 0x0, 0x0, 0x11}, {}, {0x8, 0x88be, 0x0, {{}, 0xfffff788}}}}}}}, 0x0)
r4 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_FLUSH(r4, 0x0, 0xd4, &(0x7f0000000040)=0x9, 0x4)

12m52.835623736s ago: executing program 1 (id=1696):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(0x0, r0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r3=>0x0})
sendmsg$nl_route(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=@dellink={0x20, 0x11, 0x1, 0x70bd27, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, 0x1480, 0x2104}}, 0x20}, 0x1, 0x0, 0x0, 0x40}, 0x80)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r0, &(0x7f0000000c40)={0x0, 0x0, &(0x7f0000000c00)={&(0x7f0000000ac0)={0x2c, r1, 0x1, 0x70bd28, 0x25dfdbfd, {}, [@ETHTOOL_A_FEATURES_WANTED={0x4}, @ETHTOOL_A_FEATURES_HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}]}, 0x2c}}, 0x20004000)

12m51.864326343s ago: executing program 1 (id=1699):
r0 = signalfd(0xffffffffffffffff, &(0x7f00000001c0)={[0x5]}, 0x8)
close(r0)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
fcntl$setstatus(r0, 0x4, 0x2c00)
syz_io_uring_setup(0x5169, &(0x7f0000000200)={0x0, 0x0, 0x10100}, &(0x7f0000001340), &(0x7f0000000000))
syz_io_uring_setup(0xa94, &(0x7f0000000280)={0x0, 0x0, 0x1000, 0x5}, &(0x7f0000000040), &(0x7f00000012c0))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0xfe4b)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='smaps\x00')
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000680)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
lseek(r1, 0x289e0cb5, 0x0)
setns(0xffffffffffffffff, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0xffffffffa0018000, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYRES16, @ANYRESDEC, @ANYRES32=0x0, @ANYRES8, @ANYRES64], 0x60}}, 0x0)
socket$key(0xf, 0x3, 0x2)

12m35.277790632s ago: executing program 57 (id=1699):
r0 = signalfd(0xffffffffffffffff, &(0x7f00000001c0)={[0x5]}, 0x8)
close(r0)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
fcntl$setstatus(r0, 0x4, 0x2c00)
syz_io_uring_setup(0x5169, &(0x7f0000000200)={0x0, 0x0, 0x10100}, &(0x7f0000001340), &(0x7f0000000000))
syz_io_uring_setup(0xa94, &(0x7f0000000280)={0x0, 0x0, 0x1000, 0x5}, &(0x7f0000000040), &(0x7f00000012c0))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0xfe4b)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='smaps\x00')
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000680)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
lseek(r1, 0x289e0cb5, 0x0)
setns(0xffffffffffffffff, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0xffffffffa0018000, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYRES16, @ANYRESDEC, @ANYRES32=0x0, @ANYRES8, @ANYRES64], 0x60}}, 0x0)
socket$key(0xf, 0x3, 0x2)

11m1.517347344s ago: executing program 8 (id=2110):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="18090000002300810000000000000000850000007b00000095"], &(0x7f0000000000)='GPL\x00', 0x9, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8001, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='kfree\x00', r0}, 0x18)
r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
close_range(r1, 0xffffffffffffffff, 0x200000000000000)

11m1.077898369s ago: executing program 8 (id=2114):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x6, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r1 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r1, 0xc0184800, &(0x7f0000000100)={0x4, <r2=>r0})
lseek(r2, 0x100000000, 0x4)
clock_adjtime(0x0, &(0x7f0000000000)={0x66b9, 0x0, 0x0, 0x0, 0x1, 0xe409, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x248a, 0x0, 0x0, 0x0, 0x81, 0x0, 0x1, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x4})
openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000000), 0x102, 0x0)
mount$tmpfs(0x0, 0x0, 0x0, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$VIDIOC_S_OUTPUT(0xffffffffffffffff, 0xc004562f, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
r4 = mq_open(&(0x7f0000002180)='!se\xf7ih,\x17i\xacP\xe6lNnuxselinux\x00j\x05\xf9\xa1k;L\xb3C\xeb\xf1\xa7\f\xfb\xa8U\t\xc4\x00t\xbb\x03\x01/\x8dQxk\f\xa7\xfd\xa2=\xb9\xfa\x8d\xa4>\x11\xed\a\xd8\xd4NEz[\xb5\xd4\xd05j\xf2}\xa1a\xd9\xdf0*K \xec\xbc\x86>,\x9dLJ\x13\x1a1\x8fI\x12\xc9\xc5\x11\xf9\xa0S\x95\x9dU\xadn\x89v\xe9\x82\xdd=\xf5e\xacq\x0e\x17\xd4\x19\x8dEp\xbd0\xe8\xb5U\x8fx\xa3\xd0\x92\xbb\xd8>\xda\xe1\x9d\x8c\x1b4\x9c\x17\xb2\xec;\xef\xcd\xa1){\x91\xd2\xc9#;9a,x\x93\xb1xN\x02\x91J\x9c\xed\xff\xea\x16^v\x17\xcc\xfe\xa2g\xa9\x9dk\xe4', 0x6e93ebbbcc0884f2, 0x0, &(0x7f0000000300)={0xfffffffffffffffd, 0x1, 0x7, 0x4})
mq_timedsend(r4, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
socket$inet_smc(0x2b, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$MSR(&(0x7f0000000000), 0x6ffffffffffffffe, 0x0)
read$msr(r5, &(0x7f000001b000)=""/102400, 0x19000)
rseq(0x0, 0x0, 0x0, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000020c0), 0x30, 0x0, 0x0})
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0xc2d41, 0x0)
ioctl$SNAPSHOT_PLATFORM_SUPPORT(r6, 0x330f, 0x206)

11m0.513221643s ago: executing program 8 (id=2117):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000dc0)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f0000000f40)={0x17, 0xd, &(0x7f0000000240)=ANY=[@ANYRES16=0x0, @ANYRES32=0x0, @ANYRESDEC=0x0], &(0x7f0000000c00)='syzkaller\x00', 0x9, 0x0, 0x0, 0x40f00, 0x54, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x14, 0xc, &(0x7f0000000a00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYRESOCT=r1], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x41100, 0x10, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xa6)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000d40)={&(0x7f0000000d80)='sched_switch\x00', r2}, 0x18)
r3 = syz_open_dev$usbfs(&(0x7f0000000080), 0x70, 0x145001)
ioctl$USBDEVFS_IOCTL(r3, 0xc0105512, &(0x7f0000000200))
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000480)='./file0\x00', 0x18000, &(0x7f0000003f80)=ANY=[], 0x1, 0x2f4, &(0x7f0000000900)="$eJzs3M9PE1sUwPHTn7QlUBYv7+W95IUb3ehmAtW10hhIjE0kSI0/EpMBptp0bEmnwdQY0ZVb4x/hgrBkR6L8A2zc6caNOzYmLmRhrOn8oKVMKYVKEb6fhMxhzj3tvZ2SnNt02Lrz+nEhZ2k5vSLBmJKAiMi2yIgExRNwj0E7jkqzF3Jx8NvH/2/dvXcjnclMzig1lZ69lFJKDY++e/Is7g5bH5DNkQdbX1NfNv/e/Hfr5+yjvKXyliqWKkpXc6XPFX3ONNRC3ipoSk2bhm4ZKl+0jLKTLzn5nFlaXKwqvbgwlFgsG5al9GJVFYyqqpRUpVxVoYd6vqg0TVNDCUEn2ZWZGT19yOL5Hk8Gv0m5nNZDIhLfk8mu9GVCAACgr1r7/6CoXvb/q+c2KoO314bd/n896tf/X/7kPNau/j8mIr79v/f8vv2/3l3/v7cjOluO1P/jZBiN7jkVaIT1ZDmtJ9y/X9vL+6tjdkD/DwAAAAAAAAAAAAAAAAAAAADAn2C7VkvWarWkd/R+6rmYiDT/3iIkIlePf8bopXbXf6Dz9ccp0LhxLzwsYr5ayi5lnaM7YENETDFkTJLyw34/uOqxd+eRqhuR9+ayW7+8lA3ZmXRO8nb9uCQj0lpfq01dz0yOK8fu+ogkmutTkpS//OtTvvVRuXC+qV6TpHyYl5KYsmDPo1H/fFypazczLfVxexwAAAAAAKeBpnb47t81rV3eqd/ZX7d+PhBq7K/HfPfnYfkv3N+1AwAAAABwVljVpwXdNI3yPkFcOo9xgsgBxrQG4W4GdxF4Kzxolfddhh5P42CB9+S7UjH3ZM9flkAXL0ubICiHqRqtr0YddRXex0btxsj0xPFfQTv4583b7717wCtrsQ4rPXwQ2v8NEHG//gUAAADgFGk0/d6Zif5OCAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAM+g4/jtav9cIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnBS/AgAA//9p2gTn")
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r4, 0x0)
fdatasync(r4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x18)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)

10m59.827243357s ago: executing program 8 (id=2122):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000140)=@gcm_256={{0x303, 0x3a}, "c4d65ab71f5ef2fe", "9e8ecc7bb5352776725e104757e7dc25c6519a85ef828f711330ff2bb17b5508", "dc5db43f", "80031f0000000200"}, 0x38)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x7, 0x4, 0x8, 0xd9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r1}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r2}, 0x18)

10m58.986561995s ago: executing program 8 (id=2124):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="18090000002300810000000000000000850000007b00000095"], &(0x7f0000000000)='GPL\x00', 0x9, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8001, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='kfree\x00', r0}, 0x18)
r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
close_range(r1, 0xffffffffffffffff, 0x200000000000000)

10m58.802610062s ago: executing program 8 (id=2125):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x6, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r1 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r1, 0xc0184800, &(0x7f0000000100)={0x4, r0})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000020c0), 0x30, 0x0, 0x0})
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0xc2d41, 0x0)
ioctl$SNAPSHOT_PLATFORM_SUPPORT(r2, 0x330f, 0x206)

10m42.340020416s ago: executing program 58 (id=2125):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x6, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r1 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r1, 0xc0184800, &(0x7f0000000100)={0x4, r0})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000020c0), 0x30, 0x0, 0x0})
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0xc2d41, 0x0)
ioctl$SNAPSHOT_PLATFORM_SUPPORT(r2, 0x330f, 0x206)

10m37.222789803s ago: executing program 2 (id=2214):
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='new default user:syz 00000000000000004093 '], 0x2a, 0x0)
add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000100), 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
arch_prctl$ARCH_SHSTK_ENABLE(0x5001, 0x1)
arch_prctl$ARCH_SHSTK_UNLOCK(0x5004, 0x1)
r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
arch_prctl$ARCH_SHSTK_ENABLE(0x5001, 0x2)
arch_prctl$ARCH_SHSTK_ENABLE(0x5001, 0x2)
ptrace(0x10, r1)
ptrace$ARCH_SHSTK_DISABLE(0x1e, r1, 0x1, 0x5002)
ptrace$ARCH_SHSTK_ENABLE(0x1e, r1, 0x1, 0x5001)
ptrace$ARCH_SHSTK_UNLOCK(0x1e, r1, 0x1, 0x5004)
ptrace$getregset(0x4204, r1, 0x204, &(0x7f0000000040)={&(0x7f0000000080)=""/28, 0x8})
ptrace$setregset(0x4205, r1, 0x204, &(0x7f00000000c0)={&(0x7f0000000100)='LLLLLLLLLLLLLLLLLLLLLLLLLLLL', 0x8})
ptrace(0x11, r1)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x3, 0x32, 0x0, 0x0)
map_shadow_stack(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x1)
arch_prctl$ARCH_SHSTK_DISABLE(0x5002, 0x1)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000240)={{0x1, 0x1, 0x18, <r2=>r0, {0x2, 0x1}}, './file0\x00'})
read$FUSE(r2, &(0x7f0000002240)={0x2020}, 0xffffffffffffff59)
socket$inet(0x2, 0x2, 0x0)
ioctl(0xffffffffffffffff, 0x1, 0x0)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_inet_SIOCSIFFLAGS(r3, 0x8914, &(0x7f0000000100)={'nr0\x00', 0x2})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001640)={0x18, 0x12, &(0x7f0000000540)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x6, 0xff9, &(0x7f0000000640)=""/4089, 0x41100, 0x48, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000040)={0x4, 0xd, 0xfc, 0x8}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000280)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r2], &(0x7f0000000240), 0x10, 0x2, @void, @value}, 0x94)

10m35.876426078s ago: executing program 2 (id=2219):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
ftruncate(r1, 0x2000009)
sendfile(r0, r1, 0x0, 0x7ffff004)
recvmsg(r0, &(0x7f0000000580)={0x0, 0x2, &(0x7f0000000500)=[{&(0x7f0000000740)=""/4096, 0xa15b0}], 0x1}, 0x700)

10m35.514235262s ago: executing program 2 (id=2221):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x3, 0xff)
setsockopt$inet6_int(r0, 0x29, 0x16, &(0x7f00000001c0)=0x7e, 0x4)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000004c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00'}, 0x10)
close(r0)

10m35.006760166s ago: executing program 2 (id=2224):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100"/13], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
r1 = accept4$alg(0xffffffffffffffff, 0x0, 0x0, 0x800)
getsockopt$bt_hci(r1, 0x0, 0x2, &(0x7f0000000180)=""/82, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x2a, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, 0x0, &(0x7f0000000100))
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r3, 0x84, 0x85, &(0x7f0000000240)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x3}, 0x90)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000840)={0x0, @in6={{0xa, 0x4e20, 0x3ae, @empty, 0x129}}, 0x2, 0x2, 0x614, 0x1, 0xd, 0x7, 0x4}, 0x9c)

10m34.445271845s ago: executing program 2 (id=2225):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x6, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r1 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r1, 0xc0184800, &(0x7f0000000100)={0x4, <r2=>r0})
lseek(r2, 0x100000000, 0x4)
clock_adjtime(0x0, &(0x7f0000000000)={0x66b9, 0x0, 0x0, 0x0, 0x1, 0xe409, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x248a, 0x0, 0x0, 0x0, 0x81, 0x0, 0x1, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x4})
openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000000), 0x102, 0x0)
mount$tmpfs(0x0, 0x0, 0x0, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$VIDIOC_S_OUTPUT(0xffffffffffffffff, 0xc004562f, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
r4 = mq_open(&(0x7f0000002180)='!se\xf7ih,\x17i\xacP\xe6lNnuxselinux\x00j\x05\xf9\xa1k;L\xb3C\xeb\xf1\xa7\f\xfb\xa8U\t\xc4\x00t\xbb\x03\x01/\x8dQxk\f\xa7\xfd\xa2=\xb9\xfa\x8d\xa4>\x11\xed\a\xd8\xd4NEz[\xb5\xd4\xd05j\xf2}\xa1a\xd9\xdf0*K \xec\xbc\x86>,\x9dLJ\x13\x1a1\x8fI\x12\xc9\xc5\x11\xf9\xa0S\x95\x9dU\xadn\x89v\xe9\x82\xdd=\xf5e\xacq\x0e\x17\xd4\x19\x8dEp\xbd0\xe8\xb5U\x8fx\xa3\xd0\x92\xbb\xd8>\xda\xe1\x9d\x8c\x1b4\x9c\x17\xb2\xec;\xef\xcd\xa1){\x91\xd2\xc9#;9a,x\x93\xb1xN\x02\x91J\x9c\xed\xff\xea\x16^v\x17\xcc\xfe\xa2g\xa9\x9dk\xe4', 0x6e93ebbbcc0884f2, 0x0, &(0x7f0000000300)={0xfffffffffffffffd, 0x1, 0x7, 0x4})
mq_timedsend(r4, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$inet_tcp_int(r5, 0x6, 0xc, 0x0, &(0x7f0000000100))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = syz_open_dev$MSR(&(0x7f0000000000), 0x6ffffffffffffffe, 0x0)
read$msr(r6, &(0x7f000001b000)=""/102400, 0x19000)
rseq(0x0, 0x0, 0x0, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000020c0), 0x30, 0x0, 0x0})
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r7 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0xc2d41, 0x0)
ioctl$SNAPSHOT_PLATFORM_SUPPORT(r7, 0x330f, 0x206)

10m33.765284485s ago: executing program 2 (id=2228):
openat(0xffffffffffffff9c, 0x0, 0x141042, 0x0)
unshare(0x6a040000)
r0 = syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301)
r1 = socket(0x15, 0x5, 0x0)
getsockopt(r1, 0x200000000114, 0x271c, &(0x7f0000c35fff)=""/1, &(0x7f0000000000)=0xf002)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f0000000000)={0x4, 0x6, 0x6, 0x9, 0x44, 0x4, &(0x7f0000000080)="86c552f4564851d4a86bb018f9f4de9f95603f8af416385f0cfb8fcc1746423c46b836c781038d99d8bff141db45cb983609c5b76f18d607667689cb109ae5c61e361c34"})
bpf$OBJ_GET_MAP(0x7, 0x0, 0x0)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000040)={0x84, @dev={0xac, 0x14, 0x14, 0x2d}, 0x4e20, 0x3, 'wrr\x00', 0x1, 0x2, 0x6e}, 0x2c)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
r4 = socket(0x10, 0x3, 0x0)
connect$netlink(r4, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x25dfdbfb}, 0xc)
sendmsg$nl_route(r4, &(0x7f0000000380)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000340)={&(0x7f0000000240)=@bridge_getlink={0x4c, 0x12, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, 0x0, 0x22100}, [@IFLA_PHYS_PORT_ID={0x21, 0x22, "c61667a6544a9d8f423924ff2e6ff3341398e7c5037965d15c779f8f65"}, @IFLA_GSO_MAX_SEGS={0x8, 0x28, 0x64bf}]}, 0x4c}}, 0x0)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/consoles\x00', 0x0, 0x0)
lseek(r5, 0x2b, 0x1)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
setsockopt$IP_VS_SO_SET_ADDDEST(r3, 0x0, 0x487, &(0x7f0000000580)={{0x84, @multicast2, 0x4e23, 0x3, 'lc\x00', 0x2, 0x4, 0x7e}, {@private=0xa010102, 0x4e20, 0x2, 0x0, 0x80012d58, 0x12d59}}, 0x44)

10m17.12214377s ago: executing program 59 (id=2228):
openat(0xffffffffffffff9c, 0x0, 0x141042, 0x0)
unshare(0x6a040000)
r0 = syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301)
r1 = socket(0x15, 0x5, 0x0)
getsockopt(r1, 0x200000000114, 0x271c, &(0x7f0000c35fff)=""/1, &(0x7f0000000000)=0xf002)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f0000000000)={0x4, 0x6, 0x6, 0x9, 0x44, 0x4, &(0x7f0000000080)="86c552f4564851d4a86bb018f9f4de9f95603f8af416385f0cfb8fcc1746423c46b836c781038d99d8bff141db45cb983609c5b76f18d607667689cb109ae5c61e361c34"})
bpf$OBJ_GET_MAP(0x7, 0x0, 0x0)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000040)={0x84, @dev={0xac, 0x14, 0x14, 0x2d}, 0x4e20, 0x3, 'wrr\x00', 0x1, 0x2, 0x6e}, 0x2c)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
r4 = socket(0x10, 0x3, 0x0)
connect$netlink(r4, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x25dfdbfb}, 0xc)
sendmsg$nl_route(r4, &(0x7f0000000380)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000340)={&(0x7f0000000240)=@bridge_getlink={0x4c, 0x12, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, 0x0, 0x22100}, [@IFLA_PHYS_PORT_ID={0x21, 0x22, "c61667a6544a9d8f423924ff2e6ff3341398e7c5037965d15c779f8f65"}, @IFLA_GSO_MAX_SEGS={0x8, 0x28, 0x64bf}]}, 0x4c}}, 0x0)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/consoles\x00', 0x0, 0x0)
lseek(r5, 0x2b, 0x1)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
setsockopt$IP_VS_SO_SET_ADDDEST(r3, 0x0, 0x487, &(0x7f0000000580)={{0x84, @multicast2, 0x4e23, 0x3, 'lc\x00', 0x2, 0x4, 0x7e}, {@private=0xa010102, 0x4e20, 0x2, 0x0, 0x80012d58, 0x12d59}}, 0x44)

8m22.145162483s ago: executing program 6 (id=2744):
r0 = syz_usb_connect(0x0, 0x3c, &(0x7f0000000380)=ANY=[@ANYBLOB="120101000814c910be0632a2f333010203010902120001000000000904"], 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
r1 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402)
ioctl$I2C_RDWR(r1, 0x707, &(0x7f00000001c0)={&(0x7f0000000100)})

8m19.848085059s ago: executing program 6 (id=2752):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c00038008000140000000000800024000000000180003801400010076657468305f746f5f687372000000005c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c0003801400010076657468305f746f5f687372"], 0xfc}}, 0x20000004)

8m19.507541841s ago: executing program 6 (id=2755):
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x807, 0x4, 0x6, 0xfffa}, 0x1d, [0x6, 0xc959, 0xfffffff3, 0x9, 0x7f, 0x5, 0x1, 0x7f, 0x6, 0xfffffff9, 0xfffffff2, 0x5f, 0xde5, 0x3, 0xdfff2d37, 0x1dd2, 0x6, 0x7, 0x0, 0x80000001, 0x4, 0x7, 0x3, 0x3c5b, 0x1, 0x24, 0xffffffff, 0xfffffffe, 0x1f461e2c, 0x10000, 0x100e65f, 0x4, 0x9, 0x3, 0x7fff, 0x4c74, 0x8f00, 0xfffffffb, 0x4, 0xa, 0x0, 0x71, 0x20007, 0x7, 0x103, 0x0, 0x5, 0x3c, 0x91, 0x6, 0xfffffffd, 0x3, 0x40000003, 0x4, 0x8, 0x0, 0x80, 0x0, 0x5, 0x6, 0x8, 0x4, 0x1, 0x40], [0x10000007, 0x8, 0x4012f, 0x8000, 0x10, 0x3d2, 0x129432e3, 0xcb, 0xf9, 0x200d, 0x2bf, 0x6c9, 0x9, 0xfffffffe, 0x3, 0x0, 0x7, 0x5, 0x0, 0xe, 0x312, 0x78, 0xea4, 0xa, 0x4, 0x4000, 0x8000, 0x9, 0x400, 0x1, 0x6, 0xfffffffd, 0xff, 0x1005, 0x7ff, 0x5f31, 0x4, 0x0, 0x6, 0x7, 0x9, 0x0, 0x3ff, 0x8, 0x9, 0x6, 0x5, 0x0, 0x1, 0x8200, 0xffff, 0x5, 0x7f, 0x9, 0x5, 0x10003, 0x4, 0x1, 0x401, 0xb, 0x9, 0x6, 0x3, 0xff], [0x7, 0x1, 0x0, 0x64e, 0xfffffdfe, 0x7fffffff, 0x8d2, 0x9, 0x1, 0x7fff, 0x0, 0x5, 0xb, 0x6, 0x5, 0x5, 0x0, 0x1eb, 0x5, 0x8, 0x86, 0x3, 0x10000009, 0x3e7, 0xb, 0x2, 0x2, 0x2, 0xe, 0x8, 0x4, 0x6d04, 0x4, 0x33, 0x3, 0x6, 0x80, 0x3, 0x4, 0x2, 0x0, 0x1000a2, 0x7, 0x53cf697b, 0x5, 0x6, 0x54fe12d2, 0xbf, 0x200, 0x3, 0x400002, 0xfffffff9, 0x0, 0x6, 0x5, 0x0, 0x6, 0xfffffffb, 0x120000, 0x3, 0x1000006, 0xb, 0x4, 0x3], [0x9, 0xbb2f, 0x3, 0x7, 0x5, 0x938, 0x6, 0x6, 0x0, 0x8, 0xce7, 0x1ff, 0x6, 0x40000005, 0x5, 0x2, 0x101, 0x10000, 0x6, 0x2, 0x8ffff, 0xa620, 0x4, 0x5, 0x1, 0x2, 0x6, 0x60a7, 0x6, 0x5, 0xffffffff, 0x7fffffff, 0x5, 0x8, 0xca, 0x8, 0x4, 0xffff, 0x3, 0x9, 0x100, 0x9602, 0xa, 0x2, 0x4, 0x6, 0x1, 0x10000, 0x5, 0x7, 0x2b91, 0xa1f, 0x8, 0x9, 0x1, 0x6c1b, 0x0, 0x1000004, 0x5, 0xb1c, 0x1, 0x200, 0xdfff3440, 0x1]}, 0x45c)
openat$mice(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_sctp(0xa, 0x1, 0x84)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
pipe2$9p(&(0x7f00000001c0), 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x9, 0x9, 0xfdfffffffffffffd}, 0x0, 0x0, 0x0, 0x0)
r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x3, 0x822b01)
write$char_usb(r0, &(0x7f0000000040)="e2", 0x918)

8m17.838111469s ago: executing program 6 (id=2761):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000780)={[{@data_err_ignore}, {@nouid32}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@delalloc}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}, {@quota}]}, 0x41, 0x553, &(0x7f0000000a40)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.numa_stat\x00', 0x275a, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0x8004587d, &(0x7f0000000080))
mount$tmpfs(0x0, &(0x7f0000002040)='./file0\x00', &(0x7f0000002200), 0x1000000, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)

8m16.850739093s ago: executing program 6 (id=2763):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0x1, 0xb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000006020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b70300000000ecff850000000400000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
socket$netlink(0x10, 0x3, 0x8000000004)
syz_genetlink_get_family_id$gtp(&(0x7f0000000280), 0xffffffffffffffff)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000180)={'vxcan1\x00', <r4=>0x0})
socket(0x10, 0x3, 0x0)
bind$can_raw(r3, &(0x7f0000000200)={0x1d, r4}, 0x10)
sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=@getchain={0x24, 0x11, 0x839, 0x70bd25, 0x0, {0x0, 0x0, 0x0, r4, {0x1}, {0xffff, 0xa}, {0x1}}}, 0x24}}, 0x0)

8m15.837592508s ago: executing program 6 (id=2767):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r1 = socket$kcm(0x2, 0x3, 0x84)
sendmsg$inet(r1, &(0x7f0000001000)={&(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x36}}, 0x10, &(0x7f0000000080)=[{&(0x7f0000000600)="3001fb90647586f4601659c5", 0xffeb}], 0x1}, 0x200048c0)

8m13.412736551s ago: executing program 60 (id=2767):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r1 = socket$kcm(0x2, 0x3, 0x84)
sendmsg$inet(r1, &(0x7f0000001000)={&(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x36}}, 0x10, &(0x7f0000000080)=[{&(0x7f0000000600)="3001fb90647586f4601659c5", 0xffeb}], 0x1}, 0x200048c0)

4m1.208883995s ago: executing program 0 (id=3753):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x6, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r1 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r1, 0xc0184800, &(0x7f0000000100)={0x4, <r2=>r0})
lseek(r2, 0x100000000, 0x4)
clock_adjtime(0x0, &(0x7f0000000000)={0x66b9, 0x0, 0x0, 0x0, 0x1, 0xe409, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x248a, 0x0, 0x0, 0x0, 0x81, 0x0, 0x1, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x4})
openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000000), 0x102, 0x0)
mount$tmpfs(0x0, 0x0, 0x0, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$VIDIOC_S_OUTPUT(0xffffffffffffffff, 0xc004562f, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
r4 = mq_open(&(0x7f0000002180)='!se\xf7ih,\x17i\xacP\xe6lNnuxselinux\x00j\x05\xf9\xa1k;L\xb3C\xeb\xf1\xa7\f\xfb\xa8U\t\xc4\x00t\xbb\x03\x01/\x8dQxk\f\xa7\xfd\xa2=\xb9\xfa\x8d\xa4>\x11\xed\a\xd8\xd4NEz[\xb5\xd4\xd05j\xf2}\xa1a\xd9\xdf0*K \xec\xbc\x86>,\x9dLJ\x13\x1a1\x8fI\x12\xc9\xc5\x11\xf9\xa0S\x95\x9dU\xadn\x89v\xe9\x82\xdd=\xf5e\xacq\x0e\x17\xd4\x19\x8dEp\xbd0\xe8\xb5U\x8fx\xa3\xd0\x92\xbb\xd8>\xda\xe1\x9d\x8c\x1b4\x9c\x17\xb2\xec;\xef\xcd\xa1){\x91\xd2\xc9#;9a,x\x93\xb1xN\x02\x91J\x9c\xed\xff\xea\x16^v\x17\xcc\xfe\xa2g\xa9\x9dk\xe4', 0x6e93ebbbcc0884f2, 0x0, &(0x7f0000000300)={0xfffffffffffffffd, 0x1, 0x7, 0x4})
mq_timedsend(r4, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$inet_tcp_int(r5, 0x6, 0xc, 0x0, &(0x7f0000000100))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = syz_open_dev$MSR(&(0x7f0000000000), 0x6ffffffffffffffe, 0x0)
read$msr(r6, 0x0, 0x0)
rseq(0x0, 0x0, 0x0, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000020c0), 0x30, 0x0, 0x0})
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r7 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0xc2d41, 0x0)
ioctl$SNAPSHOT_PLATFORM_SUPPORT(r7, 0x330f, 0x206)

3m58.239741343s ago: executing program 0 (id=3758):
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
geteuid()
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000b00)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r1)
sendmsg$NLBL_MGMT_C_ADDDEF(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01000000000000000000040000e207000700e00000020800020005000000080008"], 0x34}}, 0x0)

3m57.509897781s ago: executing program 0 (id=3764):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x20000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x94)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x1, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000200)={0x0, r1}, 0x8)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e000000850000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{0x0}], 0x1}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800019f000000000000000002000000000000000800010001000000040004"], 0x24}, 0x1, 0x0, 0x0, 0x4005}, 0x0)
sendmmsg(r4, &(0x7f0000000000), 0x4000000000001f2, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@newlink={0x44, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x88a8ffad}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r2}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x44}}, 0x8000)
getsockname$packet(r1, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)

3m56.498926934s ago: executing program 0 (id=3767):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="16000000000000000400000005"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0xa, 0x2)

3m52.361342373s ago: executing program 0 (id=3775):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), r2)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x3c}, 0x1, 0x0, 0x0, 0x4008040}, 0x0)

3m51.854107029s ago: executing program 0 (id=3779):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000580)='sched_switch\x00', r0}, 0x10)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_RX_RING(r1, 0x11b, 0x2, &(0x7f00000004c0)=0x1000000, 0x4)
getsockopt$XDP_STATISTICS(r1, 0x11b, 0x7, &(0x7f00000002c0), &(0x7f0000000480)=0x30)

3m34.888320924s ago: executing program 61 (id=3779):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000580)='sched_switch\x00', r0}, 0x10)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_RX_RING(r1, 0x11b, 0x2, &(0x7f00000004c0)=0x1000000, 0x4)
getsockopt$XDP_STATISTICS(r1, 0x11b, 0x7, &(0x7f00000002c0), &(0x7f0000000480)=0x30)

6.977274316s ago: executing program 5 (id=4781):
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000510700140000000000000001b7080000000000007b8af8ff00000000b7080000fcffffff7b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, 0x0, 0x0)
socket$kcm(0x10, 0x2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r3, &(0x7f00000000c0)={0x10, 0x0, 0x25dfdbfc, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f0000000000), 0x4)
r4 = socket$kcm(0x10, 0x2, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000380)="2e00000010008188e6b62aa73772cc9f1ba1f848110000005e140602000000000e000a001000000002900000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r4, &(0x7f0000000600)={0x0, 0xef, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000010008188040f80ec59acbc0413a1f848110000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)

6.23552361s ago: executing program 5 (id=4786):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x200000000006, 0x0, 0x2, 0x7ffc0002}]})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x5, &(0x7f0000000480)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='kfree\x00', r0}, 0x18)
get_mempolicy(0x0, 0x0, 0xe3c3, &(0x7f0000ffd000/0x1000)=nil, 0x3)

5.649678865s ago: executing program 5 (id=4789):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4)
r1 = getpid()
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r0, &(0x7f0000000400)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000340)={0x58, 0x1411, 0x20, 0x70bd2d, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_STAT_RES={0x8, 0x4b, 0x28}, @RDMA_NLDEV_ATTR_STAT_COUNTER_ID={0x8, 0x4f, 0x2}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x4}, @RDMA_NLDEV_ATTR_STAT_MODE={0x8, 0x4a, 0x1}, @RDMA_NLDEV_ATTR_RES_MRN={0x8, 0x3e, 0x2}, @RDMA_NLDEV_ATTR_STAT_COUNTER_ID={0x8, 0x4f, 0x4}, @RDMA_NLDEV_ATTR_STAT_RES={0x8}, @RDMA_NLDEV_ATTR_STAT_MODE={0x8}, @RDMA_NLDEV_ATTR_STAT_MODE={0x8, 0x4a, 0x2}]}, 0x58}, 0x1, 0x0, 0x0, 0x20000001}, 0x4000000)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), r0)
sendmsg$DEVLINK_CMD_RELOAD(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r3, 0x1, 0x70bd26, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r1}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r4)
sendmsg$NL80211_CMD_GET_WIPHY(r4, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000800)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="0103000000000000000001000d000800060000000000070003007e94342bfcb04a2209527daa6811477264c426400bdf063f249351960e9652fd6c021d9577f365000eba003c862df4babd393ec9fca3d5a0ba2a87b54669cf62c7c8ba473844", @ANYRES32=0x0], 0x30}}, 0x40)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="180000001811000000000000", @ANYRESOCT=r5, @ANYRESHEX=r5], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffff7, @void, @value}, 0x94)
sendmsg$NL80211_CMD_CHANGE_NAN_CONFIG(r2, 0x0, 0x4010)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000580)={{r6, <r7=>0xffffffffffffffff}, &(0x7f00000004c0), 0x0}, 0x20)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r7}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r9=>r8, {0x7}}, './file0\x00'})
setsockopt$IPT_SO_SET_REPLACE(r9, 0x0, 0x40, &(0x7f0000000a40)=@filter={'filter\x00', 0xe, 0x4, 0x340, 0xffffffff, 0xc0, 0x0, 0xc0, 0xffffffff, 0xffffffff, 0x2a8, 0x2a8, 0x2a8, 0xffffffff, 0x4, &(0x7f00000001c0), {[{{@ip={@broadcast, @dev={0xac, 0x14, 0x14, 0x3a}, 0xff, 0xff000000, 'ipvlan0\x00', 'bridge_slave_1\x00', {0xff}, {0xff}, 0x89, 0x3, 0x14}, 0x0, 0x98, 0xc0, 0x0, {}, [@common=@icmp={{0x28}, {0x11, "f0c3"}}]}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x1}}}, {{@uncond, 0x0, 0xc8, 0xf0, 0x0, {}, [@common=@ttl={{0x28}, {0x1, 0x6}}, @common=@ah={{0x30}, {[0x1, 0x7]}}]}, @REJECT={0x28}}, {{@uncond, 0x0, 0x98, 0xf8, 0x0, {}, [@common=@ttl={{0x28}, {0x1, 0xf0}}]}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xf}, 0x40, 0x2, [0x5, 0x11, 0x5, 0x13, 0x38, 0xe, 0x39, 0x8, 0x26, 0x6, 0x32, 0x13, 0x26, 0x11, 0x14, 0xf], 0x2, 0x6}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x3a0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
r10 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r10, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000480)=ANY=[@ANYBLOB], 0x0)
write$binfmt_script(r10, &(0x7f0000000200), 0xfffffd9d)

4.75740085s ago: executing program 9 (id=4794):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000280), &(0x7f00000002c0)=0xc)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f00000004c0)=0x27)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000080)={r2, 0x3}, &(0x7f00000001c0)=0x8)

4.616071035s ago: executing program 7 (id=4795):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x20000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x94)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x1, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x8000)

4.304684256s ago: executing program 9 (id=4796):
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000510700140000000000000001b7080000000000007b8af8ff00000000b7080000fcffffff7b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, 0x0, 0x0)
socket$kcm(0x10, 0x2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r3, &(0x7f00000000c0)={0x10, 0x0, 0x25dfdbfc, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f0000000000), 0x4)
r4 = socket$kcm(0x10, 0x2, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000380)="2e00000010008188e6b62aa73772cc9f1ba1f848110000005e140602000000000e000a001000000002900000121f", 0x2e}], 0x1}, 0x0)
sendmsg$kcm(r4, &(0x7f0000000600)={0x0, 0xef, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000010008188040f80ec59acbc0413a1f848110000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)

4.197662275s ago: executing program 7 (id=4797):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000faff0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[], 0xff2e)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba0700000000ff0000f77fff00"})
syz_open_pts(r0, 0x0)

3.422147162s ago: executing program 9 (id=4800):
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000740)=@framed, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x18)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff53000000800395032303030"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000300)=ANY=[], 0x15)
r3 = dup(r2)
write$P9_RLERRORu(r3, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r3, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
creat(&(0x7f0000000000)='./file0\x00', 0x0)

3.070396746s ago: executing program 3 (id=4801):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a34000000000a4f1c000000000000000002000000"], 0x5c}}, 0x0)
sendmsg$NFT_MSG_GETSET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="200000000a0a01010000000000000074cf"], 0x20}}, 0x0)

2.857655311s ago: executing program 9 (id=4803):
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYRES16=r1, @ANYRES32=r1, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r3, 0x26, &(0x7f0000000380)={0x1})
finit_module(r3, &(0x7f0000000140)='GPL\x00', 0x3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10)
r4 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000000)=ANY=[@ANYBLOB="380000000314010000000000000000000900020073797a2f000000000800410072786500140033007465616d5f736c6176655f"], 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x8844)
getpeername$l2tp(0xffffffffffffffff, &(0x7f0000000680)={0x2, 0x0, @remote}, &(0x7f00000006c0)=0x10)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="200000000201010100000000000000000a000000000304001980"], 0x20}, 0x1, 0x0, 0x0, 0x10}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
add_key(&(0x7f0000000180)='asymmetric\x00', 0x0, &(0x7f0000000800)="3080", 0x2, 0xffffffffffffffff)
r5 = syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301)
ioctl$USBDEVFS_IOCTL(r5, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r5, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect)

2.823921065s ago: executing program 7 (id=4804):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r0}, &(0x7f0000000000), &(0x7f0000000080)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)
ioctl$PPPIOCNEWUNIT(r3, 0xc004743e, &(0x7f00000000c0))
pwritev(r3, &(0x7f0000000140)=[{&(0x7f0000000040)='\x00!', 0x2}], 0x1, 0x7, 0x0)

2.65792451s ago: executing program 3 (id=4805):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080000000000000010000009400000007ad4160850000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='netlink_extack\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[], 0x28}}, 0x0)

2.538084145s ago: executing program 4 (id=4806):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000280), &(0x7f00000002c0)=0xc)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f00000004c0)=0x27)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000080)={r2, 0x3}, &(0x7f00000001c0)=0x8)

2.245294666s ago: executing program 4 (id=4807):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000400)='kfree\x00', r1}, 0x18)
sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000ff0000000000000a58000000060a0b040000000000000000020000002c0004802800018007000100637400001c000280050003001b000000080002400000001108000440000000040900010073797a30000000000900020073797a32"], 0x80}}, 0x0)

2.208189748s ago: executing program 3 (id=4808):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000400180100002020692500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000040)={0x0, 0x18, &(0x7f00000009c0)=[{&(0x7f0000000140)="d800000018007b29e00212ba0d8105040a601800fe0f040b067c55a1bc000900b80006990600000015000500fe800000000000000300014002000c0901ac04000bd67f6f94007100a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4b11602b2a10c11ce1b14d6d930dfe1d9d322fe04fb95cae8c9010000730d7a5025ccca262f3d40fad95667e04adcdf634c1f215ce3bb9ad8ffd5e1cace81ccd40dd601edef3d93452a92307ff0ff0e97031e9f05e9f16e9cb500"/216, 0xd8}], 0x1, 0x0, 0x0, 0x2663}, 0x0)

2.184858809s ago: executing program 7 (id=4809):
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$netlink(0x10, 0x3, 0x0)
syz_mount_image$ext4(&(0x7f0000000700)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x8042, &(0x7f0000000380)={[{@grpjquota}, {@init_itable_val={'init_itable', 0x3d, 0x7}}, {@dioread_nolock}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x7fffffff}}]}, 0x3, 0x4f3, &(0x7f00000012c0)="$eJzs3F1oXFUeAPD/nXz2a5vd7Xa33e5uut1lwxaTNq02D4JUFHxQECuojyFJS23aSJOCLVWmIPVRCr6Lj7764Kv6UsQnwdf6KEihSF/aCuLInbl3vjKTNJNkxpjfD27mnHtn7jnnnnvunHtO5gawbY2mf5JK+E5E7I2IQvMbRisvD+9fn3l0//pMFEulMz8m5Y89SOOZbDexK4uMFSIK7yW1DXUWr167MD0/P3c5i08sXXxrYvHqtSfOD2drpqaS/g4L1SK9tFwPDr67cOjAC2/cemmmuuc8tfpybJTRGG2VlbL/bnRiPbanLtxxvdF16fmfVtdAuf3vjb5YqfKKXcwZsNlKpVJpqP3mYqnZjWVrgC0rhnudA6A38i/69P43X1p1BAY3p/vRc/dOV26A0nI/zJaIf5VX5uMgA033txtpNCJeL/70UbrEJo1DAADU++J03hNs6v+NVGZGfr5y+5n09Q/ZHMpIRPwxIv4UEX+OiH0R8ZeI2B8Rf42IvzXtvy8iSiukP9oUr6ZfnYQq3N2goraU9v+ezua20qU291UNjfRlsT0ReYd57lh2TMZiYOjs+fm54yuk8eVz337Qblt9/y9d0jzkfcEsH3f7mwboZqeXpjsr7XL3bkQc7K+Vv9L/TfojkupMQBIRByLi4Br2O1IXPv//Tw5VIwON71u9/GWllvNoGzDPVPo44n+V+i9GtfzRMImYNMxPXpw+N3du7tLk1NTJE8dPPTX55MRwzM8dm0jPgmMt0/j6m5svt0t/1fJ/9n3zR54/9fmZrGWtX1r/O+vO/8jnb2vlH0kikup87eLa07j53ftt72k6Pf8Hk1fL4fy+9O3ppaXLxyMGkxeXr5+sfTaPp69RrJR/7Ejz+V9Ot3yNy4/E3yMiPYn/ERH/jModYpr3wxHx74g4skL5v3r2P292Xv7NlZZ/NhrLX6n5hvqvzde3CyTZ3GDDpsFIA30XDt951Obi8Xj1f7IcGsvWtL7+JQ2XiHY5zb/t0jW/rPvoAQAAwNZQiIjddWNJu6NQGB+vjAHti52F+YXFpaNnF65cmk23RYzEQCEf6aqMBw8k+fjnSF18sil+Ihs3/rBvRzk+PrMwP9vTkgO7ym0+KYxHvNZX1/5TP2zMEDPwW+b3WrB9rdT+0078/ltdzAzQVY///X/7nU3NCNB1de2/3S/8ix383xewBbj/B2pWf9CPawZsfSVtGba1NbX/ox4CCL8n/fFKNVzoaU6AbtP/h21p1d/1rytQGmq9aTiWvzmGV95hX3SWjR0t0upJIO1Z9ST1HZ18Kn+aQtv3RGFtOxyKxjWDHdbp2XUejeLlxXP7ayd//myRdR7nUva/8htdg592pZ22CnT9UgQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALApfg0AAP//XhrXwA==")
r0 = openat(0xffffffffffffff9c, 0x0, 0x101000, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
getdents64(r0, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10)
ioctl$USBDEVFS_SUBMITURB(0xffffffffffffffff, 0x8038550a, 0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$inet6(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
pipe2(&(0x7f0000000000)={0x0, <r6=>0x0}, 0x0)
pipe2(&(0x7f0000000000)={<r7=>0x0, 0x0}, 0x0)
tee(r7, r6, 0x7fff, 0x0)
statx(r7, &(0x7f00000001c0)='./file0\x00', 0x4000, 0x4, &(0x7f0000000680))
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb7"], 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendto$inet6(r5, &(0x7f00000000c0)="900000001c001f4d154a817393278bff0a80a578020000000104740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0)
r9 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), 0xffffffffffffffff)
r10 = gettid()
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r4, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x500, 0x0, 0x2000040}, 0xc, &(0x7f0000000240)={&(0x7f0000000800)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="010028bd7000ffdbdf2514000000080001000100000008000300", @ANYRES32=0x0, @ANYBLOB="08001c00", @ANYRES32=r10], 0x2c}, 0x1, 0x0, 0x0, 0x20000040}, 0x4000000)

1.93277712s ago: executing program 5 (id=4810):
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1018e58, &(0x7f0000000380)={[{@quota}, {@noblock_validity}, {@grpjquota}, {@init_itable_val={'init_itable', 0x3d, 0x806}}, {@user_xattr}, {@debug}]}, 0x1, 0x604, &(0x7f0000000c00)="$eJzs3c9rHFUcAPDvzCYxaWPTiogtigEPLUjTpBarXmzrwR4KFuxBxENDk9TQ7Q+aFGwtmIIHBQURryK9+A94l969iaDePAtVpKKg0pXZnW02yW4a0+xOmvl8YLPvvZnd9747eZk3M3k7AZTWaPYjjdgdcfd0EjHSsmw4GgtH8/Xu/H79TPZIolZ747ckBvKy5vpJ/rw9zwxGxHfHIh6rrKx37uq1c5PVWsP7EQfmz186MHf12v7Z85Nnp89OX5g4+OKhw+MvTRya2JA4t+fPx0+8/tQnH7zzwsz31f1JHIlT/e9NxbI4NspojMbdPMTW8r6IOJwl2nwuD5v7hLCjV+1gfSr572N/RDwRI1Gp5xpGYvbjQhsHdFWtElEDSirR/6GkmuOA5rH92o6DT3V5VNI7t482DoBWxt/XODcSg/Vjo213kpYjo8a5jZ0bUH9Wx7/X93yRPWLJeYi/7m2dvg2op5OFGxHxZLv4k3rbdtYjzeJPl7QjiYjxiPo5oKz81QdoQ9KS7sZ5mNWsN/40Io7kz1n5sXXWP7os3+v4ASinW0fzHflCllvc/2Vjj+b4J9qMf4bb7LvWo+j9X+fxX3N/P1g/R54ujsMGm6892f4t+5cX/PzR8c861d86/sseWf3NsWAv3L4RsWdZ/B9mwebjnyzcpM32z1Y5fWRtdbz2w6/HOy0rOv7azYi9bY9/FkelWWqV65MHZmar0+ONn23r+Obbt7/qVH/R8Wfbf1uH+Fu2f7r8ddlncmmNdXx98ub5TsuGV8SfJBGt8ae/DCSN482BvOTdyfn5yxMRA8mJfJWW8oOrt6W5TvM9svj3Pdu+/y/5/b+x9H2Gmn8y1+DSm+fudFq2nu3fcjH5bm2Nbegki3/q/tt/Rf/Pyj5dYx1/vnXl6U7LVot/6EECAwAAAAAAgBJK69dgk3TsXjpNx8Ya82Ufj21p9eLc/HMzF69cmIrYV/9/yP60eaV7pJFPsvxE/v+wzfzBZfnnI2JXRHxeGarnx85crE4VHTwAAAAAAAAAAAAAAAAAAABsEtvz+f/N+1T/UWnM/wdKops3mAM2N/0fyqve/1fc4gkoA/t/KC/9H8pL/4fy0v+hvPR/KC/9H8pL/4fy0v8BAAAAYEva9cytn5KIWHh5qP7IDOTLzAiCra2/6AYAhakU3QCgMPcu/RvsQ+msafz/d/7lgN1vDlCApF1hfXBQW73z32r7SgAAAAAAAAAAAACgC/bu7jz/39xg2NpM+4PyeoD5/746AB5yvvofyssxPnC/WfyDnRaY/w8AAAAAAAAAAAAAPTNcfyTpWD4XeDjSdGws4tGI2Bn9ycxsdXo8InZExI+V/key/ETRjQYAAAAAAAAAAAAAAAAAAIAtZu7qtXOT1er05dbEPytKtnaieRfUHtT1SvzPV0XS+49lKCIK3yhdS/S1lCQRC9mW3xQNuzwXm6MZ9UTBf5gAAAAAAAAAAAAAAAAAAKCEWuYet7fnyx63CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB6b/H+/91LFB0jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBw+i8AAP//B/w98Q==")

1.876206025s ago: executing program 4 (id=4811):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000037c0)={0x0, 0x0, 0x0}, 0x0)

1.759705638s ago: executing program 3 (id=4812):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x200000000006, 0x0, 0x2, 0x7ffc0002}]})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='kfree\x00', r0}, 0x18)
get_mempolicy(0x0, 0x0, 0xe3c3, &(0x7f0000ffd000/0x1000)=nil, 0x3)

1.373274561s ago: executing program 4 (id=4813):
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000740)=@framed, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x18)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff53000000800395032303030"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000300)=ANY=[], 0x15)
r3 = dup(r2)
write$P9_RLERRORu(r3, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r3, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
creat(&(0x7f0000000000)='./file0\x00', 0x0)

1.334927797s ago: executing program 3 (id=4814):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000faff0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[], 0xff2e)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba0700000000ff0000f77fff00"})

1.035898306s ago: executing program 5 (id=4815):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a34000000000a4f1c0000000000000000020000000900010073797a30000000000800024000000002"], 0x5c}}, 0x0)
sendmsg$NFT_MSG_GETSET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="200000000a0a01010000000000000074cf"], 0x20}}, 0x0)

781.883891ms ago: executing program 7 (id=4816):
bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="190000000400000008"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000840)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd)
add_key(&(0x7f00000000c0)='ceph\x00', 0x0, &(0x7f0000000380)="0100000200373a4541062101a59ea940d2cb0b36b8f5020000a00000050000000000eb000000a5e5be21c44e328e68f3922af831e4e51bfb30f7788fd57e51bc464355bd646d037ccc16ddb08a7b3a697aedb66ddd793acf37119e61f502d8bbb016f701890700000068d945af468c1c9090c76906b94e0f27761c75e58c82da54d010078660684a4106855beaf5e813ed18aa4acabb5bee7f082d24a16b01fc91471eba59152e716af8776ab90ac48bcbee6570df22513808ecab7a9680aa613a56aa11bfa73af4c4e94b5cfc855f0e910186d7e68ac24f8b125140ac5f7f4819168ce1c25550c6773b41011999d8d9827757d96c5e8aa4617cc54c5e67060a92661f84e698d1fe3cee10a85882cbecb29f2a22535ac50e64d95ecbab66f54373b94475e05b79a0a61bc2ae1e", 0x12d, r1)

720.293748ms ago: executing program 9 (id=4817):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x9}]}, 0x0)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f00000004c0)=0x27)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000080)={r2, 0x3}, &(0x7f00000001c0)=0x8)

707.029729ms ago: executing program 4 (id=4818):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000080000000000000010000009400000007ad4160850000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='netlink_extack\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[], 0x28}}, 0x0)

221.284593ms ago: executing program 9 (id=4819):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000200)='kmem_cache_free\x00', r1}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0)
set_mempolicy_home_node(&(0x7f0000349000/0xa000)=nil, 0xa000, 0x0, 0x0)

130.516134ms ago: executing program 5 (id=4820):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x30000c6, &(0x7f00000000c0), 0x2, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000008c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000e868495fb58d00b6ad1f50ad32d6ad25dfd73a015e0ca6a0f68a7d007dc6751dfb265a0e3ccae669e173a64bc1cfd514600650a58f145ff1205fc9ddaa275e687d452d64e7cc957d77578f4c25235138d5521f9453559c35da860e8efbc64e57cbb7aee976f2b54421eed73d5661cfeecf9c66c54c3b3ffe1b4ce25d7c983cd44c05bd0a48dfe3e26e7a23129d6606ed28a69989d552af6d9a9df2c3af36e0360070011bbecc2f4a3799af2551ce935b0f327cb3f011a7d06602e2fd5234712596b696418f163d1a1a83109753f54b21cd027edd68149ee99eebc6f7d6dd4aed4af7588c8e1b44ccb19e810879b81a7000000e7ffffff00000000d7900a820b63278f4e9a217b98ef7042ad2a928903000000cbe43a1ed25268816b00000000000009d27d753a30a147b24a48435bd8a568669596e9e0867958e1dd7a0defb6670c06054002238260000000000040587c1ed797aa21a38e1e389f640a0b8b0000000000a835ad0f61ba739cd0c31b05c00fba8a4aee676d7caa2e53b91a68ff2e60da7b01a2e5785a238afa4aba70c08b0d71b6f72d6a8d87fb08533d97ad96d3943c4cc8306dac433a5cdf78b04963d679d5a5d07e618a1ef9057fec00f9e93021f5a8d30e716de8cde9c6000000000c3b64d10f0939b42b33ab2a8717096c58bb3bb1d457d8bb96870f5a7e2ba31fd69bb80235d957eaa9a40b764e5381ffa604aaafb76a980e72b408f686b185736693089213b4e140f8f38e5589663115093889deb646122a5dc5a9e5ba4d37749a36b880110e2bf524b79bc91105f1d3f7d0de694a9417d68694f17ba5e27ea1cec518b93fadcfe0de010ae9be3273ff73c34b5695080a35bfa5c69e3b533e1b939c81b3beda037b7191cb0000000000000000000010e5d683b8938db5c305cf7e6e62a6890ba9e1f4ee64f8202b59de5036569febfaa95f4633db108b2f786333ec7bacc927f4a1785165b5d2444b4c022bb5cff472e6a0c8ee9d6d8df83b704669147b732ac508c9b9f0ca0a1ce45319d43d4643eb285835daf2065b57bebd61ad6671296c27253a5f9688d57c91ccd40ffe2dbc5dd1613a2e6f5b363cc8d205ce6ef3c3c6ded7dd3dfdb39008d8997213f68cdc971c1d6fdacb7729a5560880a77525e9cfb94ef1735dfe74e6b948697f7e3580436b532a82e315d56b17a5dba98436cc24babaae409f0aab0b40af116001bc85492455956e853ead08b5793d4ecf72378a3dfd9cc837b1c66212d9a2be8fd6341c2f837c7fe09924a51ec42912856cce3d3b2d092c80813aad03e1e63a655f4138730f302df339f30a4fbd453c9a0fba381d071ad7cb80a52bec572e29b0b9b55c235806b97e166609f8083ce776075c"], &(0x7f0000000080)='GPL\x00', 0x5, 0x2b3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a310000000054000000030a01020000000000000000010000000900030073797a320000000028000480080002400000000008000140000000051400030076657468315f6d6163767461700000000900010073"], 0xe8}, 0x1, 0x0, 0x0, 0x40040000}, 0x0)
mprotect(&(0x7f0000000000/0x2000)=nil, 0x2000, 0xc)
r1 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
sendfile(r1, r1, 0x0, 0x800000009)

94.124309ms ago: executing program 4 (id=4821):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffffff0000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000780)='mm_page_free\x00', r0}, 0x18)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x6, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="18020000fdffffff0000000000000000850000002c00000095"], &(0x7f0000000040)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r3=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r2, r3}, 0x10)
syz_emit_ethernet(0xfdef, &(0x7f0000000280)=ANY=[], 0x0)

52.676933ms ago: executing program 7 (id=4822):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001140)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000009c0)=ANY=[@ANYBLOB="4400000003010101000000000000000002000000140019"], 0x44}}, 0x0)

0s ago: executing program 3 (id=4823):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000037c0)={0x0, 0x0, 0x0}, 0x0)

kernel console output (not intermixed with test programs):

3842][ T9569] usb 10-1: Product: syz
[ 1693.758440][ T9569] usb 10-1: Manufacturer: syz
[ 1693.764571][ T9569] usb 10-1: SerialNumber: syz
[ 1694.172317][T17466] loop3: detected capacity change from 0 to 512
[ 1694.337042][ T9569] usb 10-1: USB disconnect, device number 16
[ 1694.363247][T17466] EXT4-fs (loop3): 1 orphan inode deleted
[ 1694.371276][T17466] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1694.390838][   T12] __quota_error: 4 callbacks suppressed
[ 1694.390914][   T12] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14
[ 1694.410021][   T12] EXT4-fs error (device loop3): ext4_release_dquot:6969: comm kworker/u8:0: Failed to release dquot type 1
[ 1694.458885][T17466] ext4 filesystem being mounted at /13/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1694.686429][T17474] program syz.4.3973 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1694.699515][T17475] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3974'.
[ 1694.749885][T17086] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1695.099135][T17477] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3975'.
[ 1695.216909][T17481] loop7: detected capacity change from 0 to 512
[ 1695.354947][T17481] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1695.368191][T17481] ext4 filesystem being mounted at /366/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1695.466764][T17486] netlink: 44 bytes leftover after parsing attributes in process `syz.5.3978'.
[ 1695.695903][T12734] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1695.892469][T17493] netlink: 'syz.3.3980': attribute type 1 has an invalid length.
[ 1696.822296][T17506] program syz.3.3986 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1697.365237][T17512] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3990'.
[ 1698.358871][T17528] rdma_rxe: rxe_newlink: failed to add team_slave_0
[ 1698.378101][T17528] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3997'.
[ 1698.450082][T17528] hub 6-0:1.0: USB hub found
[ 1698.486534][T17528] hub 6-0:1.0: 1 port detected
[ 1699.110326][ T1284] ieee802154 phy0 wpan0: encryption failed: -22
[ 1699.119032][ T1284] ieee802154 phy1 wpan1: encryption failed: -22
[ 1699.242804][T17540] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4002'.
[ 1699.297698][T17543] loop4: detected capacity change from 0 to 128
[ 1700.702896][T17562] syz!: rxe_newlink: already configured on team_slave_0
[ 1700.726546][T17562] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4010'.
[ 1700.796520][T17562] hub 6-0:1.0: USB hub found
[ 1700.818763][T17562] hub 6-0:1.0: 1 port detected
[ 1700.850679][   T30] audit: type=1326 audit(1750593928.964:1479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17564 comm="syz.7.4012" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e539 code=0x7ffc0000
[ 1700.944941][   T30] audit: type=1326 audit(1750593928.992:1480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17564 comm="syz.7.4012" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf711e539 code=0x7ffc0000
[ 1700.967770][   T30] audit: type=1326 audit(1750593928.992:1481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17564 comm="syz.7.4012" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e539 code=0x7ffc0000
[ 1700.991282][   T30] audit: type=1326 audit(1750593928.992:1482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17564 comm="syz.7.4012" exe="/root/syz-executor" sig=0 arch=40000003 syscall=398 compat=1 ip=0xf711e539 code=0x7ffc0000
[ 1701.014094][   T30] audit: type=1326 audit(1750593928.992:1483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17564 comm="syz.7.4012" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e539 code=0x7ffc0000
[ 1701.677872][T17576] loop5: detected capacity change from 0 to 512
[ 1701.891735][T17576] EXT4-fs (loop5): 1 orphan inode deleted
[ 1701.900379][T17576] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1701.940570][T16938] Quota error (device loop5): do_check_range: Getting dqdh_entries 15 out of range 0-14
[ 1701.951297][T16938] EXT4-fs error (device loop5): ext4_release_dquot:6969: comm kworker/u8:5: Failed to release dquot type 1
[ 1702.010003][T17576] ext4 filesystem being mounted at /525/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1702.134245][T17582] loop4: detected capacity change from 0 to 1024
[ 1702.192752][T17582] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1702.241399][T17582] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[ 1702.330108][T17582] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c840e01c, mo2=0000]
[ 1702.343522][T10174] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1702.426411][T17582] EXT4-fs error (device loop4): ext4_map_blocks:780: inode #3: block 2: comm syz.4.4020: lblock 2 mapped to illegal pblock 2 (length 1)
[ 1702.496816][T17582] Quota error (device loop4): qtree_write_dquot: dquota write failed
[ 1702.508738][T17582] EXT4-fs error (device loop4): ext4_map_blocks:780: inode #3: block 48: comm syz.4.4020: lblock 0 mapped to illegal pblock 48 (length 1)
[ 1702.611737][T17582] Quota error (device loop4): v2_write_file_info: Can't write info structure
[ 1702.624874][T17582] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.4020: Failed to acquire dquot type 0
[ 1702.690790][T17582] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6255: Corrupt filesystem
[ 1702.722502][T17582] EXT4-fs error (device loop4): ext4_evict_inode:254: inode #11: comm syz.4.4020: mark_inode_dirty error
[ 1702.788365][T17582] EXT4-fs warning (device loop4): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[ 1702.799423][T17582] EXT4-fs (loop4): 1 orphan inode deleted
[ 1702.807704][T17582] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1702.821132][ T3588] EXT4-fs error (device loop4): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:8: lblock 1 mapped to illegal pblock 1 (length 1)
[ 1702.885924][ T3588] Quota error (device loop4): remove_tree: Can't read quota data block 1
[ 1702.894867][ T3588] EXT4-fs error (device loop4): ext4_release_dquot:6969: comm kworker/u8:8: Failed to release dquot type 0
[ 1702.988338][T17582] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1703.023772][T17582] EXT4-fs error (device loop4): __ext4_get_inode_loc:4792: comm syz.4.4020: Invalid inode table block 1 in block_group 0
[ 1703.056426][T17582] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6255: Corrupt filesystem
[ 1703.094035][T17582] EXT4-fs error (device loop4): ext4_quota_off:7217: inode #3: comm syz.4.4020: mark_inode_dirty error
[ 1703.432796][T17604] loop9: detected capacity change from 0 to 512
[ 1703.474256][T17604] EXT4-fs: Ignoring removed bh option
[ 1703.673177][T17604] EXT4-fs (loop9): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[ 1703.762616][T17604] EXT4-fs (loop9): revision level too high, forcing read-only mode
[ 1703.771650][T17604] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=884ec128, mo2=0022]
[ 1703.886978][T17604] EXT4-fs (loop9): orphan cleanup on readonly fs
[ 1703.893848][T17604] EXT4-fs error (device loop9): ext4_quota_enable:7120: comm syz.9.4027: Bad quota inum: 4294967291, type: 0
[ 1703.934800][T17604] EXT4-fs (loop9): Remounting filesystem read-only
[ 1703.941896][T17604] EXT4-fs warning (device loop9): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=4294967291). Please run e2fsck to fix.
[ 1703.959712][T17604] EXT4-fs (loop9): Cannot turn on quotas: error -117
[ 1703.969073][T17604] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1704.456870][T16352] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1704.932741][   T30] audit: type=1326 audit(1750593932.753:1484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17624 comm="syz.5.4037" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56539 code=0x7ffc0000
[ 1705.756766][T17631] loop5: detected capacity change from 0 to 1024
[ 1705.801311][T17631] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1705.833510][T17631] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[ 1705.894984][T17631] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c840e01c, mo2=0000]
[ 1706.051780][T17631] EXT4-fs error (device loop5): ext4_map_blocks:780: inode #3: block 2: comm syz.5.4040: lblock 2 mapped to illegal pblock 2 (length 1)
[ 1706.097184][T17631] EXT4-fs error (device loop5): ext4_map_blocks:780: inode #3: block 48: comm syz.5.4040: lblock 0 mapped to illegal pblock 48 (length 1)
[ 1706.181290][T17631] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.4040: Failed to acquire dquot type 0
[ 1706.220731][T17631] EXT4-fs error (device loop5) in ext4_reserve_inode_write:6255: Corrupt filesystem
[ 1706.281696][T17631] EXT4-fs error (device loop5): ext4_evict_inode:254: inode #11: comm syz.5.4040: mark_inode_dirty error
[ 1706.325170][T17631] EXT4-fs warning (device loop5): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[ 1706.335943][T17631] EXT4-fs (loop5): 1 orphan inode deleted
[ 1706.345264][T17631] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1706.392102][T16938] EXT4-fs error (device loop5): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:5: lblock 1 mapped to illegal pblock 1 (length 1)
[ 1706.437937][T16938] __quota_error: 19 callbacks suppressed
[ 1706.438021][T16938] Quota error (device loop5): remove_tree: Can't read quota data block 1
[ 1706.456320][T16938] EXT4-fs error (device loop5): ext4_release_dquot:6969: comm kworker/u8:5: Failed to release dquot type 0
[ 1706.552870][T17631] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1706.649618][T17631] EXT4-fs error (device loop5): __ext4_get_inode_loc:4792: comm syz.5.4040: Invalid inode table block 1 in block_group 0
[ 1706.707818][T17631] EXT4-fs error (device loop5) in ext4_reserve_inode_write:6255: Corrupt filesystem
[ 1706.745437][T17631] EXT4-fs error (device loop5): ext4_quota_off:7217: inode #3: comm syz.5.4040: mark_inode_dirty error
[ 1706.785457][T16353] Bluetooth: hci2: command 0x0406 tx timeout
[ 1707.000153][T17651] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4045'.
[ 1707.010547][T17651] netlink: 72 bytes leftover after parsing attributes in process `syz.4.4045'.
[ 1707.941721][   T30] audit: type=1326 audit(1750593935.606:1502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17662 comm="syz.5.4051" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56539 code=0x7ffc0000
[ 1708.045148][   T30] audit: type=1326 audit(1750593935.634:1503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17662 comm="syz.5.4051" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56539 code=0x7ffc0000
[ 1708.068451][   T30] audit: type=1326 audit(1750593935.634:1504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17662 comm="syz.5.4051" exe="/root/syz-executor" sig=0 arch=40000003 syscall=299 compat=1 ip=0xf7f56539 code=0x7ffc0000
[ 1708.093205][   T30] audit: type=1326 audit(1750593935.634:1505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17662 comm="syz.5.4051" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56539 code=0x7ffc0000
[ 1708.117412][   T30] audit: type=1326 audit(1750593935.634:1506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17662 comm="syz.5.4051" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56539 code=0x7ffc0000
[ 1708.236788][T17667] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(7)
[ 1708.243614][T17667] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[ 1708.252350][T17667] vhci_hcd vhci_hcd.0: Device attached
[ 1708.304549][T17668] vhci_hcd vhci_hcd.0: pdev(4) rhport(1) sockfd(9)
[ 1708.311376][T17668] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1708.321593][T17668] vhci_hcd vhci_hcd.0: Device attached
[ 1708.382575][T17667] vhci_hcd vhci_hcd.0: pdev(4) rhport(2) sockfd(12)
[ 1708.389490][T17667] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[ 1708.397879][T17667] vhci_hcd vhci_hcd.0: Device attached
[ 1708.428029][T17668] vhci_hcd vhci_hcd.0: pdev(4) rhport(3) sockfd(11)
[ 1708.434947][T17668] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[ 1708.444037][T17668] vhci_hcd vhci_hcd.0: Device attached
[ 1708.457416][ T9569] vhci_hcd: vhci_device speed not set
[ 1708.532064][ T9569] usb 41-1: new full-speed USB device number 4 using vhci_hcd
[ 1708.562154][T17681] vhci_hcd vhci_hcd.0: pdev(4) rhport(4) sockfd(17)
[ 1708.569078][T17681] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[ 1708.577507][T17681] vhci_hcd vhci_hcd.0: Device attached
[ 1708.625867][T17667] vhci_hcd vhci_hcd.0: pdev(4) rhport(5) sockfd(14)
[ 1708.632892][T17667] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1708.643318][T17667] vhci_hcd vhci_hcd.0: Device attached
[ 1708.684015][T17668] vhci_hcd vhci_hcd.0: pdev(4) rhport(6) sockfd(21)
[ 1708.691015][T17668] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[ 1708.699605][T17668] vhci_hcd vhci_hcd.0: Device attached
[ 1708.731661][T17687] vhci_hcd: connection closed
[ 1708.733079][T17682] vhci_hcd: connection closed
[ 1708.754137][T17684] vhci_hcd: connection closed
[ 1708.760223][T17678] vhci_hcd: connection closed
[ 1708.768287][T17675] vhci_hcd: connection closed
[ 1708.776605][T17670] vhci_hcd: connection reset by peer
[ 1708.781061][   T12] vhci_hcd: stop threads
[ 1708.791463][   T12] vhci_hcd: release socket
[ 1708.796238][   T12] vhci_hcd: disconnect device
[ 1708.800845][T17673] vhci_hcd: connection closed
[ 1708.838076][   T12] vhci_hcd: stop threads
[ 1708.847837][   T12] vhci_hcd: release socket
[ 1708.852531][   T12] vhci_hcd: disconnect device
[ 1708.893674][   T12] vhci_hcd: stop threads
[ 1708.898170][   T12] vhci_hcd: release socket
[ 1708.903141][   T12] vhci_hcd: disconnect device
[ 1708.922704][   T12] vhci_hcd: stop threads
[ 1708.927193][   T12] vhci_hcd: release socket
[ 1708.931899][   T12] vhci_hcd: disconnect device
[ 1708.955158][   T12] vhci_hcd: stop threads
[ 1708.967929][   T12] vhci_hcd: release socket
[ 1708.972602][   T12] vhci_hcd: disconnect device
[ 1709.006082][   T12] vhci_hcd: stop threads
[ 1709.010721][   T12] vhci_hcd: release socket
[ 1709.015440][   T12] vhci_hcd: disconnect device
[ 1709.040804][   T12] vhci_hcd: stop threads
[ 1709.045324][   T12] vhci_hcd: release socket
[ 1709.050324][   T12] vhci_hcd: disconnect device
[ 1709.180344][ T8388] usb 10-1: new high-speed USB device number 17 using dummy_hcd
[ 1709.243666][   T30] audit: type=1326 audit(1750593936.812:1507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17695 comm="syz.7.4059" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e539 code=0x7ffc0000
[ 1709.266969][   T30] audit: type=1326 audit(1750593936.822:1508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17695 comm="syz.7.4059" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e539 code=0x7ffc0000
[ 1709.289654][   T30] audit: type=1326 audit(1750593936.822:1509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17695 comm="syz.7.4059" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf711e539 code=0x7ffc0000
[ 1709.314828][   T30] audit: type=1326 audit(1750593936.822:1510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17695 comm="syz.7.4059" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e539 code=0x7ffc0000
[ 1709.379415][ T8388] usb 10-1: config 0 has no interfaces?
[ 1709.385965][ T8388] usb 10-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[ 1709.395692][ T8388] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1709.478154][ T8388] usb 10-1: config 0 descriptor??
[ 1709.735110][T17690] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1709.744527][T17690] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1709.826378][ T8388] usb 10-1: USB disconnect, device number 17
[ 1710.312571][ T8388] usb 10-1: new high-speed USB device number 18 using dummy_hcd
[ 1710.515901][ T8388] usb 10-1: Using ep0 maxpacket: 16
[ 1710.561957][ T8388] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1710.572862][ T8388] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1710.629397][ T8388] usb 10-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 1.40
[ 1710.643102][ T8388] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1710.653305][ T8388] usb 10-1: Product: syz
[ 1710.658142][ T8388] usb 10-1: Manufacturer: syz
[ 1710.663192][ T8388] usb 10-1: SerialNumber: syz
[ 1711.229205][ T8388] usb 10-1: 0:2 : does not exist
[ 1711.489375][ T8388] usb 10-1: 5:0: cannot get min/max values for control 8 (id 5)
[ 1711.497758][ T8388] usb 10-1: Warning! Unlikely big volume range (=53046), cval->res is probably wrong.
[ 1711.515645][ T8388] usb 10-1: [5] FU [Delay Control] ch = 1, val = 0/53046/1
[ 1711.634383][ T8388] usb 10-1: USB disconnect, device number 18
[ 1713.170454][T17745] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4082'.
[ 1714.043949][ T9569] vhci_hcd: vhci_device speed not set
[ 1714.375717][ T8388] usb 10-1: new high-speed USB device number 19 using dummy_hcd
[ 1714.590121][ T8388] usb 10-1: config 0 has no interfaces?
[ 1714.596470][ T8388] usb 10-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[ 1714.610277][ T8388] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1714.649164][ T8388] usb 10-1: config 0 descriptor??
[ 1714.896145][T17757] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1714.910792][T17757] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1714.958926][ T8388] usb 10-1: USB disconnect, device number 19
[ 1715.444228][ T8388] usb 10-1: new high-speed USB device number 20 using dummy_hcd
[ 1715.625888][ T8388] usb 10-1: Using ep0 maxpacket: 16
[ 1715.638572][ T8388] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1715.651233][ T8388] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1715.687049][ T8388] usb 10-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 1.40
[ 1715.696879][ T8388] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1715.706856][ T8388] usb 10-1: Product: syz
[ 1715.711734][ T8388] usb 10-1: Manufacturer: syz
[ 1715.716847][ T8388] usb 10-1: SerialNumber: syz
[ 1716.292143][ T8388] usb 10-1: 0:2 : does not exist
[ 1716.577613][ T8388] usb 10-1: 5:0: cannot get min/max values for control 8 (id 5)
[ 1716.585912][ T8388] usb 10-1: Warning! Unlikely big volume range (=53046), cval->res is probably wrong.
[ 1716.595982][ T8388] usb 10-1: [5] FU [Delay Control] ch = 1, val = 0/53046/1
[ 1716.706790][ T8388] usb 10-1: USB disconnect, device number 20
[ 1718.695420][T17806] loop9: detected capacity change from 0 to 1764
[ 1719.018275][T17810] loop3: detected capacity change from 0 to 2048
[ 1719.088329][T17810]  loop3: p2 < > p4
[ 1719.114898][T17810] loop3: p4 size 8192 extends beyond EOD, truncated
[ 1719.910156][T17810] lo speed is unknown, defaulting to 1000
[ 1720.112343][T17822] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4119'.
[ 1720.165085][T17826] bridge0: entered promiscuous mode
[ 1720.171001][T17826] macsec0: entered allmulticast mode
[ 1720.176958][T17826] bridge0: entered allmulticast mode
[ 1720.191477][T17826] bridge0: port 3(macsec0) entered blocking state
[ 1720.198830][T17826] bridge0: port 3(macsec0) entered disabled state
[ 1720.219047][T17826] bridge0: left allmulticast mode
[ 1720.225502][T17826] bridge0: left promiscuous mode
[ 1720.881423][T17830] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4121'.
[ 1721.001486][T17836] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4123'.
[ 1722.280190][T17850] loop4: detected capacity change from 0 to 512
[ 1722.371399][T17850] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[ 1722.511873][T17850] EXT4-fs (loop4): 1 truncate cleaned up
[ 1722.519868][T17850] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1722.654283][T17850] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1723.346599][T17862] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4132'.
[ 1724.806035][   T30] kauditd_printk_skb: 35 callbacks suppressed
[ 1724.806116][   T30] audit: type=1326 audit(1750593951.367:1546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17888 comm="syz.7.4142" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e539 code=0x7ffc0000
[ 1724.912669][   T30] audit: type=1326 audit(1750593951.442:1547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17888 comm="syz.7.4142" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e539 code=0x7ffc0000
[ 1724.938043][   T30] audit: type=1326 audit(1750593951.442:1548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17888 comm="syz.7.4142" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf711e539 code=0x7ffc0000
[ 1724.962979][   T30] audit: type=1326 audit(1750593951.451:1549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17888 comm="syz.7.4142" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e539 code=0x7ffc0000
[ 1724.993270][   T30] audit: type=1326 audit(1750593951.451:1550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17888 comm="syz.7.4142" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e539 code=0x7ffc0000
[ 1725.021260][   T30] audit: type=1326 audit(1750593951.461:1551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17888 comm="syz.7.4142" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf711e539 code=0x7ffc0000
[ 1725.044688][   T30] audit: type=1326 audit(1750593951.461:1552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17888 comm="syz.7.4142" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e539 code=0x7ffc0000
[ 1725.068502][   T30] audit: type=1326 audit(1750593951.461:1553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17888 comm="syz.7.4142" exe="/root/syz-executor" sig=0 arch=40000003 syscall=440 compat=1 ip=0xf711e539 code=0x7ffc0000
[ 1725.096620][   T30] audit: type=1326 audit(1750593951.461:1554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17888 comm="syz.7.4142" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e539 code=0x7ffc0000
[ 1725.413655][T17894] 9pnet_fd: Insufficient options for proto=fd
[ 1725.596423][T17900] netlink: 12 bytes leftover after parsing attributes in process `syz.9.4147'.
[ 1727.107943][T17921] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4157'.
[ 1727.238379][T17924] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4158'.
[ 1727.932994][T17932] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4161'.
[ 1728.522249][T17945] 9pnet_virtio: no channels available for device syz
[ 1728.916275][T17951] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4171'.
[ 1729.256402][T17961] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4184'.
[ 1729.589045][T17965] syz_tun: entered promiscuous mode
[ 1729.594660][T17965] macsec0: entered promiscuous mode
[ 1729.601359][T17965] macsec0: entered allmulticast mode
[ 1729.606898][T17965] syz_tun: entered allmulticast mode
[ 1729.649775][T17965] syz_tun: left allmulticast mode
[ 1729.658236][T17965] syz_tun: left promiscuous mode
[ 1729.857914][T17971] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4177'.
[ 1730.026954][T17973] gtp0: entered promiscuous mode
[ 1730.762263][   T30] audit: type=1326 audit(1750593956.942:1555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17984 comm="syz.3.4186" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae539 code=0x7ffc0000
[ 1730.787751][T17986] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4187'.
[ 1730.862602][   T30] audit: type=1326 audit(1750593956.989:1556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17984 comm="syz.3.4186" exe="/root/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70ae539 code=0x7ffc0000
[ 1730.887139][   T30] audit: type=1326 audit(1750593956.989:1557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17984 comm="syz.3.4186" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae539 code=0x7ffc0000
[ 1730.911255][   T30] audit: type=1326 audit(1750593956.998:1558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17984 comm="syz.3.4186" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae539 code=0x7ffc0000
[ 1730.935157][   T30] audit: type=1326 audit(1750593957.017:1559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17984 comm="syz.3.4186" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf70ae539 code=0x7ffc0000
[ 1731.164385][   T30] audit: type=1326 audit(1750593957.139:1560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17984 comm="syz.3.4186" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae539 code=0x7ffc0000
[ 1731.190404][   T30] audit: type=1326 audit(1750593957.167:1561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17984 comm="syz.3.4186" exe="/root/syz-executor" sig=0 arch=40000003 syscall=355 compat=1 ip=0xf70ae539 code=0x7ffc0000
[ 1731.213904][   T30] audit: type=1326 audit(1750593957.185:1562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17984 comm="syz.3.4186" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae539 code=0x7ffc0000
[ 1731.237304][   T30] audit: type=1326 audit(1750593957.213:1563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17984 comm="syz.3.4186" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae539 code=0x7ffc0000
[ 1731.334717][T17991] netlink: 'syz.5.4188': attribute type 5 has an invalid length.
[ 1731.715340][T18000] loop4: detected capacity change from 0 to 2048
[ 1732.030057][T18000] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[ 1732.452209][T18011] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[ 1732.538584][T18014] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4192'.
[ 1732.697326][T18011] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 64 with error 28
[ 1732.711481][T18011] EXT4-fs (loop4): This should not happen!! Data will be lost
[ 1732.711481][T18011] 
[ 1732.724281][T18011] EXT4-fs (loop4): Total free blocks count 0
[ 1732.731521][T18011] EXT4-fs (loop4): Free/Dirty block details
[ 1732.737865][T18011] EXT4-fs (loop4): free_blocks=2415919104
[ 1732.744344][T18011] EXT4-fs (loop4): dirty_blocks=128
[ 1732.750705][T18011] EXT4-fs (loop4): Block reservation details
[ 1732.757518][T18011] EXT4-fs (loop4): i_reserved_data_blocks=8
[ 1733.323966][T18020] gtp0: entered promiscuous mode
[ 1733.774425][ T3588] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[ 1735.274685][T18035] loop7: detected capacity change from 0 to 2048
[ 1735.475034][T18046] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[ 1736.308171][T18055] gtp0: entered promiscuous mode
[ 1737.209374][T18070] netlink: 20 bytes leftover after parsing attributes in process `syz.5.4214'.
[ 1739.571460][T18095] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4224'.
[ 1739.636372][T18088] loop7: detected capacity change from 0 to 1024
[ 1739.669242][T18095] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4224'.
[ 1739.761778][T18088] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1739.782766][T18088] EXT4-fs (loop7): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[ 1739.913396][T18088] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c840e01c, mo2=0000]
[ 1740.065492][T18088] EXT4-fs error (device loop7): ext4_map_blocks:780: inode #3: block 2: comm syz.7.4223: lblock 2 mapped to illegal pblock 2 (length 1)
[ 1740.144668][T18088] Quota error (device loop7): qtree_write_dquot: dquota write failed
[ 1740.154078][T18088] EXT4-fs error (device loop7): ext4_map_blocks:780: inode #3: block 48: comm syz.7.4223: lblock 0 mapped to illegal pblock 48 (length 1)
[ 1740.210585][T18088] Quota error (device loop7): v2_write_file_info: Can't write info structure
[ 1740.220028][T18088] EXT4-fs error (device loop7): ext4_acquire_dquot:6933: comm syz.7.4223: Failed to acquire dquot type 0
[ 1740.300275][T18088] EXT4-fs error (device loop7) in ext4_reserve_inode_write:6255: Corrupt filesystem
[ 1740.329403][T18088] EXT4-fs error (device loop7): ext4_evict_inode:254: inode #11: comm syz.7.4223: mark_inode_dirty error
[ 1740.396360][T18088] EXT4-fs warning (device loop7): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[ 1740.397515][T18109] bridge0: entered promiscuous mode
[ 1740.407602][T18088] EXT4-fs (loop7): 1 orphan inode deleted
[ 1740.419006][T18109] macsec1: entered allmulticast mode
[ 1740.419109][T18109] bridge0: entered allmulticast mode
[ 1740.425898][T18109] bridge0: port 3(macsec1) entered blocking state
[ 1740.433207][T18088] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1740.437769][T18109] bridge0: port 3(macsec1) entered disabled state
[ 1740.486685][T18109] bridge0: left allmulticast mode
[ 1740.493769][T18109] bridge0: left promiscuous mode
[ 1740.495897][T16938] EXT4-fs error (device loop7): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:5: lblock 1 mapped to illegal pblock 1 (length 1)
[ 1740.574977][T18110] gtp0: entered promiscuous mode
[ 1740.588238][T16938] Quota error (device loop7): remove_tree: Can't read quota data block 1
[ 1740.597204][T16938] EXT4-fs error (device loop7): ext4_release_dquot:6969: comm kworker/u8:5: Failed to release dquot type 0
[ 1740.685271][T18088] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1740.758079][T18088] EXT4-fs error (device loop7): __ext4_get_inode_loc:4792: comm syz.7.4223: Invalid inode table block 1 in block_group 0
[ 1740.807662][T18088] EXT4-fs error (device loop7) in ext4_reserve_inode_write:6255: Corrupt filesystem
[ 1740.866281][T18088] EXT4-fs error (device loop7): ext4_quota_off:7217: inode #3: comm syz.7.4223: mark_inode_dirty error
[ 1741.279165][T18121] loop3: detected capacity change from 0 to 512
[ 1741.509663][T18121] EXT4-fs (loop3): 1 orphan inode deleted
[ 1741.523223][T18121] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1741.549016][ T3894] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14
[ 1741.553659][T18121] ext4 filesystem being mounted at /54/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1741.560270][ T3894] EXT4-fs error (device loop3): ext4_release_dquot:6969: comm kworker/u8:12: Failed to release dquot type 1
[ 1742.321904][T17086] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1742.421277][T18136] netlink: 20 bytes leftover after parsing attributes in process `syz.7.4238'.
[ 1742.872345][T18138] syzkaller1: entered promiscuous mode
[ 1742.878708][T18138] syzkaller1: entered allmulticast mode
[ 1743.923050][T18145] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4244'.
[ 1744.098669][T18145] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4244'.
[ 1745.387607][T18163] loop7: detected capacity change from 0 to 512
[ 1745.473873][T18166] 9pnet_fd: Insufficient options for proto=fd
[ 1745.520973][T18163] EXT4-fs (loop7): 1 orphan inode deleted
[ 1745.529236][T18163] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1745.551300][T18163] ext4 filesystem being mounted at /416/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1745.561312][T18169] syzkaller1: entered promiscuous mode
[ 1745.568189][T18169] syzkaller1: entered allmulticast mode
[ 1745.613991][ T4615] Quota error (device loop7): do_check_range: Getting dqdh_entries 15 out of range 0-14
[ 1745.624778][ T4615] EXT4-fs error (device loop7): ext4_release_dquot:6969: comm kworker/u8:25: Failed to release dquot type 1
[ 1745.814256][T12734] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1746.965623][T18192] netlink: 20 bytes leftover after parsing attributes in process `syz.7.4259'.
[ 1748.815611][T18205] 9pnet_fd: Insufficient options for proto=fd
[ 1749.278768][T18210] loop5: detected capacity change from 0 to 512
[ 1749.481860][T18210] EXT4-fs (loop5): 1 orphan inode deleted
[ 1749.490325][T18210] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1749.537001][ T3894] Quota error (device loop5): do_check_range: Getting dqdh_entries 15 out of range 0-14
[ 1749.547654][ T3894] EXT4-fs error (device loop5): ext4_release_dquot:6969: comm kworker/u8:12: Failed to release dquot type 1
[ 1749.610843][T18210] ext4 filesystem being mounted at /585/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1749.724206][T18218] loop4: detected capacity change from 0 to 1024
[ 1749.776441][T18218] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1749.817380][T18218] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[ 1749.898519][T10174] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1749.902885][T18218] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c840e01c, mo2=0000]
[ 1749.980081][T18218] EXT4-fs error (device loop4): ext4_map_blocks:780: inode #3: block 2: comm syz.4.4273: lblock 2 mapped to illegal pblock 2 (length 1)
[ 1750.054324][T18218] Quota error (device loop4): qtree_write_dquot: dquota write failed
[ 1750.063562][T18218] EXT4-fs error (device loop4): ext4_map_blocks:780: inode #3: block 48: comm syz.4.4273: lblock 0 mapped to illegal pblock 48 (length 1)
[ 1750.094148][T18218] Quota error (device loop4): v2_write_file_info: Can't write info structure
[ 1750.103406][T18218] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.4273: Failed to acquire dquot type 0
[ 1750.154994][T18218] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6255: Corrupt filesystem
[ 1750.177481][T18218] EXT4-fs error (device loop4): ext4_evict_inode:254: inode #11: comm syz.4.4273: mark_inode_dirty error
[ 1750.220920][T18218] EXT4-fs warning (device loop4): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[ 1750.233436][T18218] EXT4-fs (loop4): 1 orphan inode deleted
[ 1750.245248][T18218] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1750.270377][   T12] EXT4-fs error (device loop4): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:0: lblock 1 mapped to illegal pblock 1 (length 1)
[ 1750.329758][   T12] Quota error (device loop4): remove_tree: Can't read quota data block 1
[ 1750.339076][   T12] EXT4-fs error (device loop4): ext4_release_dquot:6969: comm kworker/u8:0: Failed to release dquot type 0
[ 1750.390393][T18218] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1750.436716][T18218] EXT4-fs error (device loop4): __ext4_get_inode_loc:4792: comm syz.4.4273: Invalid inode table block 1 in block_group 0
[ 1750.473090][T18218] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6255: Corrupt filesystem
[ 1750.492304][T18218] EXT4-fs error (device loop4): ext4_quota_off:7217: inode #3: comm syz.4.4273: mark_inode_dirty error
[ 1750.969372][T18244] 9pnet_fd: Insufficient options for proto=fd
[ 1751.455545][T18248] netlink: 20 bytes leftover after parsing attributes in process `syz.9.4282'.
[ 1752.236424][T18252] rdma_rxe: rxe_newlink: failed to add team_slave_0
[ 1752.297699][T18252] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4286'.
[ 1752.414583][T18253] hub 6-0:1.0: USB hub found
[ 1752.443436][T18253] hub 6-0:1.0: 1 port detected
[ 1754.100906][T18279] 9pnet_fd: Insufficient options for proto=fd
[ 1754.446358][T18281] 9pnet_fd: Insufficient options for proto=fd
[ 1754.618901][T18287] rdma_rxe: rxe_newlink: failed to add team_slave_0
[ 1754.648556][T18287] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4300'.
[ 1754.688807][T18287] hub 6-0:1.0: USB hub found
[ 1754.695476][T18287] hub 6-0:1.0: 1 port detected
[ 1755.254817][T18294] loop4: detected capacity change from 0 to 1024
[ 1755.297711][T18294] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1755.332501][T18294] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[ 1755.411269][T18294] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c840e01c, mo2=0000]
[ 1755.533379][T18294] EXT4-fs error (device loop4): ext4_map_blocks:780: inode #3: block 2: comm syz.4.4302: lblock 2 mapped to illegal pblock 2 (length 1)
[ 1755.605615][T18294] Quota error (device loop4): qtree_write_dquot: dquota write failed
[ 1755.614678][T18294] EXT4-fs error (device loop4): ext4_map_blocks:780: inode #3: block 48: comm syz.4.4302: lblock 0 mapped to illegal pblock 48 (length 1)
[ 1755.692582][T18294] Quota error (device loop4): v2_write_file_info: Can't write info structure
[ 1755.701992][T18294] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.4302: Failed to acquire dquot type 0
[ 1755.733008][T18294] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6255: Corrupt filesystem
[ 1755.763867][T18294] EXT4-fs error (device loop4): ext4_evict_inode:254: inode #11: comm syz.4.4302: mark_inode_dirty error
[ 1755.779571][T18294] EXT4-fs warning (device loop4): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[ 1755.790606][T18294] EXT4-fs (loop4): 1 orphan inode deleted
[ 1755.798726][T18294] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1755.822313][T16966] EXT4-fs error (device loop4): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:18: lblock 1 mapped to illegal pblock 1 (length 1)
[ 1755.862641][T16966] Quota error (device loop4): remove_tree: Can't read quota data block 1
[ 1755.872005][T16966] EXT4-fs error (device loop4): ext4_release_dquot:6969: comm kworker/u8:18: Failed to release dquot type 0
[ 1755.914723][T18294] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1755.971182][T18294] EXT4-fs error (device loop4): __ext4_get_inode_loc:4792: comm syz.4.4302: Invalid inode table block 1 in block_group 0
[ 1755.994023][T18294] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6255: Corrupt filesystem
[ 1756.017663][T18294] EXT4-fs error (device loop4): ext4_quota_off:7217: inode #3: comm syz.4.4302: mark_inode_dirty error
[ 1756.743811][T18318] 9pnet_fd: Insufficient options for proto=fd
[ 1756.963698][T18321] rdma_rxe: rxe_newlink: failed to add team_slave_0
[ 1757.012311][T18321] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4314'.
[ 1757.060462][T18321] hub 6-0:1.0: USB hub found
[ 1757.073511][T18321] hub 6-0:1.0: 1 port detected
[ 1757.585261][T18327] loop5: detected capacity change from 0 to 2048
[ 1757.792295][T18327]  loop5: p2 < > p4
[ 1757.845071][T18327] loop5: p4 size 8192 extends beyond EOD, truncated
[ 1758.322525][T18336] lo speed is unknown, defaulting to 1000
[ 1758.638595][   T30] audit: type=1326 audit(1750593983.012:1564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18344 comm="syz.3.4323" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae539 code=0x7ffc0000
[ 1758.771618][T18341] loop9: detected capacity change from 0 to 1024
[ 1758.811678][   T30] audit: type=1326 audit(1750593983.077:1565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18344 comm="syz.3.4323" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae539 code=0x7ffc0000
[ 1758.834538][   T30] audit: type=1326 audit(1750593983.087:1566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18344 comm="syz.3.4323" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf70ae539 code=0x7ffc0000
[ 1758.857168][   T30] audit: type=1326 audit(1750593983.161:1567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18344 comm="syz.3.4323" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae539 code=0x7ffc0000
[ 1758.880926][   T30] audit: type=1326 audit(1750593983.161:1568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18344 comm="syz.3.4323" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae539 code=0x7ffc0000
[ 1758.936863][T18341] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1758.979050][T18341] EXT4-fs (loop9): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[ 1759.048157][T18341] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c840e01c, mo2=0000]
[ 1759.191703][T18341] EXT4-fs error (device loop9): ext4_map_blocks:780: inode #3: block 2: comm syz.9.4322: lblock 2 mapped to illegal pblock 2 (length 1)
[ 1759.279993][T18341] Quota error (device loop9): qtree_write_dquot: dquota write failed
[ 1759.291206][T18341] EXT4-fs error (device loop9): ext4_map_blocks:780: inode #3: block 48: comm syz.9.4322: lblock 0 mapped to illegal pblock 48 (length 1)
[ 1759.393998][T18341] Quota error (device loop9): v2_write_file_info: Can't write info structure
[ 1759.406973][T18341] EXT4-fs error (device loop9): ext4_acquire_dquot:6933: comm syz.9.4322: Failed to acquire dquot type 0
[ 1759.603949][T18341] EXT4-fs error (device loop9) in ext4_reserve_inode_write:6255: Corrupt filesystem
[ 1759.629602][T18341] EXT4-fs error (device loop9): ext4_evict_inode:254: inode #11: comm syz.9.4322: mark_inode_dirty error
[ 1759.655837][T18341] EXT4-fs warning (device loop9): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[ 1759.667148][T18341] EXT4-fs (loop9): 1 orphan inode deleted
[ 1759.676611][T18341] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1759.713100][T16938] EXT4-fs error (device loop9): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:5: lblock 1 mapped to illegal pblock 1 (length 1)
[ 1759.781540][T16938] EXT4-fs error (device loop9): ext4_release_dquot:6969: comm kworker/u8:5: Failed to release dquot type 0
[ 1759.846578][T18358] 9pnet_fd: Insufficient options for proto=fd
[ 1759.896624][T18341] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1760.007241][T18341] EXT4-fs error (device loop9): __ext4_get_inode_loc:4792: comm syz.9.4322: Invalid inode table block 1 in block_group 0
[ 1760.043233][T18341] EXT4-fs error (device loop9) in ext4_reserve_inode_write:6255: Corrupt filesystem
[ 1760.094716][T18341] EXT4-fs error (device loop9): ext4_quota_off:7217: inode #3: comm syz.9.4322: mark_inode_dirty error
[ 1761.693481][T18376] lo speed is unknown, defaulting to 1000
[ 1764.086424][T18414] loop3: detected capacity change from 0 to 256
[ 1764.799257][ T1284] ieee802154 phy0 wpan0: encryption failed: -22
[ 1764.806117][ T1284] ieee802154 phy1 wpan1: encryption failed: -22
[ 1767.149294][T18459] netlink: 12 bytes leftover after parsing attributes in process `syz.9.4369'.
[ 1768.938333][   T30] kauditd_printk_skb: 1 callbacks suppressed
[ 1768.938408][   T30] audit: type=1326 audit(1750593992.656:1569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18485 comm="syz.5.4381" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56539 code=0x7ffc0000
[ 1768.969810][   T30] audit: type=1326 audit(1750593992.656:1570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18485 comm="syz.5.4381" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56539 code=0x7ffc0000
[ 1768.994128][   T30] audit: type=1326 audit(1750593992.665:1571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18485 comm="syz.5.4381" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f56539 code=0x7ffc0000
[ 1769.186522][   T30] audit: type=1326 audit(1750593992.787:1572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18485 comm="syz.5.4381" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56539 code=0x7ffc0000
[ 1769.210964][   T30] audit: type=1326 audit(1750593992.852:1573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18485 comm="syz.5.4381" exe="/root/syz-executor" sig=0 arch=40000003 syscall=436 compat=1 ip=0xf7f56539 code=0x7ffc0000
[ 1769.234073][   T30] audit: type=1326 audit(1750593992.861:1574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18485 comm="syz.5.4381" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f56539 code=0x7ffc0000
[ 1770.265474][   T30] audit: type=1326 audit(1750593993.890:1575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18510 comm="syz.3.4391" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae539 code=0x7ffc0000
[ 1770.290448][   T30] audit: type=1326 audit(1750593993.900:1576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18510 comm="syz.3.4391" exe="/root/syz-executor" sig=0 arch=40000003 syscall=236 compat=1 ip=0xf70ae539 code=0x7ffc0000
[ 1770.313800][   T30] audit: type=1326 audit(1750593993.900:1577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18510 comm="syz.3.4391" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae539 code=0x7ffc0000
[ 1770.337326][   T30] audit: type=1326 audit(1750593993.918:1578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18510 comm="syz.3.4391" exe="/root/syz-executor" sig=0 arch=40000003 syscall=428 compat=1 ip=0xf70ae539 code=0x7ffc0000
[ 1770.638816][T18514] 9pnet: Could not find request transport: fd0x0000000000000004
[ 1772.145769][T18547] loop7: detected capacity change from 0 to 256
[ 1772.721527][T16353] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1772.741087][T16353] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1772.751533][T16353] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1772.765501][T16353] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1772.777664][T16353] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1773.138294][T18559] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4409'.
[ 1773.228611][T18552] 9pnet: Could not find request transport: fd0x0000000000000004
[ 1773.237787][T18559] hub 6-0:1.0: USB hub found
[ 1773.265244][T18555] lo speed is unknown, defaulting to 1000
[ 1773.280909][T18559] hub 6-0:1.0: 1 port detected
[ 1774.145212][T18574] loop4: detected capacity change from 0 to 512
[ 1774.252116][T18555] chnl_net:caif_netlink_parms(): no params data found
[ 1774.309361][T18574] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1774.323810][T18574] ext4 filesystem being mounted at /558/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1774.806075][T11479] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1774.948773][T16353] Bluetooth: hci1: command tx timeout
[ 1775.189228][T18588] loop9: detected capacity change from 0 to 256
[ 1775.491075][T18595] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4420'.
[ 1775.607337][T18595] hub 6-0:1.0: USB hub found
[ 1775.624624][ T3588] netdevsim netdevsim5 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1775.638527][ T3588] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1775.652961][T18595] hub 6-0:1.0: 1 port detected
[ 1775.671754][T18555] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1775.680643][T18555] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1775.688671][T18555] bridge_slave_0: entered allmulticast mode
[ 1775.698460][T18555] bridge_slave_0: entered promiscuous mode
[ 1775.765076][ T3588] netdevsim netdevsim5 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1775.778254][ T3588] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1775.831075][T18555] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1775.839723][T18555] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1775.847621][T18555] bridge_slave_1: entered allmulticast mode
[ 1775.858340][T18555] bridge_slave_1: entered promiscuous mode
[ 1775.939779][ T3588] netdevsim netdevsim5 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1775.950788][ T3588] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1776.148625][ T3588] netdevsim netdevsim5 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1776.159416][ T3588] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1776.373227][T18555] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1776.470821][T18555] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1776.665434][ T3588] bridge_slave_1: left allmulticast mode
[ 1776.673965][ T3588] bridge_slave_1: left promiscuous mode
[ 1776.681085][ T3588] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1776.733965][ T3588] bridge_slave_0: left allmulticast mode
[ 1776.739885][ T3588] bridge_slave_0: left promiscuous mode
[ 1776.746728][ T3588] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1777.214765][T16353] Bluetooth: hci1: command tx timeout
[ 1777.331450][ T3588] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1777.346546][ T3588] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1777.372624][ T3588] bond0 (unregistering): Released all slaves
[ 1777.614283][T18555] team0: Port device team_slave_0 added
[ 1777.783420][T18555] team0: Port device team_slave_1 added
[ 1777.947775][T18624] loop9: detected capacity change from 0 to 256
[ 1778.172971][T18555] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1778.185496][T18555] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1778.214068][T18555] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1778.279602][T18555] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1778.293705][T18555] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1778.335346][T18555] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1778.510800][ T3588] hsr_slave_0: left promiscuous mode
[ 1778.551383][ T3588] hsr_slave_1: left promiscuous mode
[ 1778.784355][ T3588] veth1_vlan: left promiscuous mode
[ 1778.790241][ T3588] veth0_vlan: left promiscuous mode
[ 1778.865878][T18629] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4432'.
[ 1778.948809][T18629] hub 6-0:1.0: USB hub found
[ 1778.977412][T18629] hub 6-0:1.0: 1 port detected
[ 1779.351443][ T3588] team0 (unregistering): Port device team_slave_1 removed
[ 1779.397328][T16353] Bluetooth: hci1: command tx timeout
[ 1779.408042][ T3588] team0 (unregistering): Port device team_slave_0 removed
[ 1779.536277][T16974] smc: removing ib device syz!
[ 1780.394101][T18555] hsr_slave_0: entered promiscuous mode
[ 1780.404266][T18555] hsr_slave_1: entered promiscuous mode
[ 1780.953879][T18645] loop7: detected capacity change from 0 to 512
[ 1781.398637][T18645] EXT4-fs (loop7): 1 orphan inode deleted
[ 1781.434311][T18645] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1781.465493][   T12] __quota_error: 6 callbacks suppressed
[ 1781.465571][   T12] Quota error (device loop7): do_check_range: Getting dqdh_entries 15 out of range 0-14
[ 1781.483019][   T12] EXT4-fs error (device loop7): ext4_release_dquot:6969: comm kworker/u8:0: Failed to release dquot type 1
[ 1781.619916][T12735] Bluetooth: hci1: command tx timeout
[ 1781.742755][T18645] ext4 filesystem being mounted at /455/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1782.782832][T18659] netlink: 12 bytes leftover after parsing attributes in process `syz.9.4444'.
[ 1782.811528][T18659] hub 6-0:1.0: USB hub found
[ 1782.822223][T18659] hub 6-0:1.0: 1 port detected
[ 1782.959866][T12734] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1783.405152][T18666] syz_tun: entered promiscuous mode
[ 1783.412103][T18666] macsec1: entered promiscuous mode
[ 1783.420651][T18666] macsec1: entered allmulticast mode
[ 1783.427312][T18666] syz_tun: entered allmulticast mode
[ 1783.453099][T18666] syz_tun: left allmulticast mode
[ 1783.459833][T18666] syz_tun: left promiscuous mode
[ 1783.511174][T16353] Bluetooth: hci5: command 0x0406 tx timeout
[ 1783.916188][T18555] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1784.010709][T18555] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1784.081487][T18555] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1784.176262][T18555] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1785.089264][T18555] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1785.176890][T18687] loop7: detected capacity change from 0 to 164
[ 1785.247466][T18555] 8021q: adding VLAN 0 to HW filter on device team0
[ 1785.280688][T18687] Unable to read rock-ridge attributes
[ 1785.311561][T18689] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4455'.
[ 1785.339571][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1785.347106][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1785.396938][T18689] hub 6-0:1.0: USB hub found
[ 1785.435373][T18689] hub 6-0:1.0: 1 port detected
[ 1785.465276][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1785.472952][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1786.216004][T18698] loop4: detected capacity change from 0 to 512
[ 1786.284357][T18698] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1786.401139][T18698] EXT4-fs error (device loop4): ext4_get_branch:178: inode #11: block 4294967295: comm syz.4.4459: invalid block
[ 1786.449797][T18704] syz_tun: entered promiscuous mode
[ 1786.458467][T18704] macsec1: entered promiscuous mode
[ 1786.464969][T18704] macsec1: entered allmulticast mode
[ 1786.470532][T18704] syz_tun: entered allmulticast mode
[ 1786.485269][T18704] syz_tun: left allmulticast mode
[ 1786.491530][T18704] syz_tun: left promiscuous mode
[ 1786.526748][T18698] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.4459: invalid indirect mapped block 4294967295 (level 1)
[ 1786.558375][T18698] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.4459: invalid indirect mapped block 4294967295 (level 1)
[ 1786.610323][T18698] EXT4-fs (loop4): 2 truncates cleaned up
[ 1786.618602][T18698] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1786.962169][T18709] netlink: 96 bytes leftover after parsing attributes in process `syz.4.4459'.
[ 1787.385075][T18555] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1787.631118][T11479] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1789.010516][T18730] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4467'.
[ 1789.067489][T18730] hub 6-0:1.0: USB hub found
[ 1789.104041][T18730] hub 6-0:1.0: 1 port detected
[ 1789.280474][T18555] veth0_vlan: entered promiscuous mode
[ 1789.389420][T18555] veth1_vlan: entered promiscuous mode
[ 1789.705392][T18555] veth0_macvtap: entered promiscuous mode
[ 1789.773900][T18555] veth1_macvtap: entered promiscuous mode
[ 1789.945758][T18739] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4471'.
[ 1789.983092][T18555] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1790.064410][T18555] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1790.157794][T18555] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1790.168238][T18555] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1790.177554][T18555] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1790.186766][T18555] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1790.398122][   T30] audit: type=1326 audit(1750594012.720:1585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18742 comm="syz.3.4473" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae539 code=0x7ffc0000
[ 1790.530904][   T30] audit: type=1326 audit(1750594012.767:1586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18742 comm="syz.3.4473" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae539 code=0x7ffc0000
[ 1790.555690][   T30] audit: type=1326 audit(1750594012.795:1587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18742 comm="syz.3.4473" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf70ae539 code=0x7ffc0000
[ 1790.583354][   T30] audit: type=1326 audit(1750594012.795:1588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18742 comm="syz.3.4473" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae539 code=0x7ffc0000
[ 1790.607953][   T30] audit: type=1326 audit(1750594012.795:1589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18742 comm="syz.3.4473" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae539 code=0x7ffc0000
[ 1790.634112][   T30] audit: type=1326 audit(1750594012.795:1590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18742 comm="syz.3.4473" exe="/root/syz-executor" sig=0 arch=40000003 syscall=356 compat=1 ip=0xf70ae539 code=0x7ffc0000
[ 1790.660137][   T30] audit: type=1326 audit(1750594012.795:1591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18742 comm="syz.3.4473" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae539 code=0x7ffc0000
[ 1790.685070][   T30] audit: type=1326 audit(1750594012.823:1592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18742 comm="syz.3.4473" exe="/root/syz-executor" sig=0 arch=40000003 syscall=93 compat=1 ip=0xf70ae539 code=0x7ffc0000
[ 1790.709706][   T30] audit: type=1326 audit(1750594012.823:1593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18742 comm="syz.3.4473" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae539 code=0x7ffc0000
[ 1790.734258][   T30] audit: type=1326 audit(1750594012.823:1594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18742 comm="syz.3.4473" exe="/root/syz-executor" sig=0 arch=40000003 syscall=42 compat=1 ip=0xf70ae539 code=0x7ffc0000
[ 1791.746852][T18763] netlink: 12 bytes leftover after parsing attributes in process `syz.9.4479'.
[ 1791.868474][T18763] hub 6-0:1.0: USB hub found
[ 1791.882719][T18763] hub 6-0:1.0: 1 port detected
[ 1792.513742][T18778] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4483'.
[ 1793.136586][T18788] loop3: detected capacity change from 0 to 256
[ 1793.857116][T18801] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4491'.
[ 1793.943967][T18801] hub 6-0:1.0: USB hub found
[ 1793.959405][T18801] hub 6-0:1.0: 1 port detected
[ 1794.525076][T18815] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4495'.
[ 1794.899077][T16974] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1794.907929][T16974] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1795.079108][ T3588] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1795.087365][ T3588] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1795.271025][T18828] loop9: detected capacity change from 0 to 256
[ 1795.718589][T18832] loop7: detected capacity change from 0 to 512
[ 1795.969172][T18832] EXT4-fs (loop7): 1 orphan inode deleted
[ 1795.977490][T18832] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1795.999003][   T12] __quota_error: 11 callbacks suppressed
[ 1795.999082][   T12] Quota error (device loop7): do_check_range: Getting dqdh_entries 15 out of range 0-14
[ 1796.017255][   T12] EXT4-fs error (device loop7): ext4_release_dquot:6969: comm kworker/u8:0: Failed to release dquot type 1
[ 1796.069969][T18832] ext4 filesystem being mounted at /473/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1796.111739][T18844] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4504'.
[ 1796.186933][T18844] hub 6-0:1.0: USB hub found
[ 1796.201651][T18844] hub 6-0:1.0: 1 port detected
[ 1796.297300][T12734] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1796.434464][T18848] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4506'.
[ 1797.218455][   T30] audit: type=1326 audit(1750594019.109:1606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18863 comm="syz.4.4513" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf712e539 code=0x7ffc0000
[ 1797.315752][   T30] audit: type=1326 audit(1750594019.127:1607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18863 comm="syz.4.4513" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf712e539 code=0x7ffc0000
[ 1797.342556][   T30] audit: type=1326 audit(1750594019.137:1608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18863 comm="syz.4.4513" exe="/root/syz-executor" sig=0 arch=40000003 syscall=356 compat=1 ip=0xf712e539 code=0x7ffc0000
[ 1797.366640][   T30] audit: type=1326 audit(1750594019.137:1609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18863 comm="syz.4.4513" exe="/root/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf712e539 code=0x7ffc0000
[ 1797.389525][   T30] audit: type=1326 audit(1750594019.165:1610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18863 comm="syz.4.4513" exe="/root/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf712e539 code=0x7ffc0000
[ 1797.425622][T18864] loop4: detected capacity change from 0 to 1024
[ 1797.437458][T18864] EXT4-fs: Ignoring removed bh option
[ 1797.448393][T18864] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1797.457008][T18864] EXT4-fs: Ignoring removed oldalloc option
[ 1797.464174][T18864] ext4: Bad value for 'mb_optimize_scan'
[ 1797.534033][   T30] audit: type=1326 audit(1750594019.305:1611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18863 comm="syz.4.4513" exe="/root/syz-executor" sig=0 arch=40000003 syscall=91 compat=1 ip=0xf712e539 code=0x7ffc0000
[ 1797.561832][   T30] audit: type=1326 audit(1750594019.305:1612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18863 comm="syz.4.4513" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf712e539 code=0x7ffc0000
[ 1797.585854][   T30] audit: type=1326 audit(1750594019.305:1613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18863 comm="syz.4.4513" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf712e539 code=0x7ffc0000
[ 1797.608822][   T30] audit: type=1326 audit(1750594019.315:1614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18863 comm="syz.4.4513" exe="/root/syz-executor" sig=0 arch=40000003 syscall=6 compat=1 ip=0xf712e539 code=0x7ffc0000
[ 1798.365270][T18879] netlink: 12 bytes leftover after parsing attributes in process `syz.9.4519'.
[ 1798.472203][T18879] hub 6-0:1.0: USB hub found
[ 1798.488680][T18879] hub 6-0:1.0: 1 port detected
[ 1798.849738][T18888] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4521'.
[ 1799.035826][T18892] netlink: 26 bytes leftover after parsing attributes in process `syz.9.4524'.
[ 1799.826307][T18907] netlink: 'syz.4.4531': attribute type 10 has an invalid length.
[ 1799.864124][T18907] bond0: (slave dummy0): Enslaving as an active interface with an up link
[ 1800.335088][T18914] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4534'.
[ 1800.386450][T18914] hub 6-0:1.0: USB hub found
[ 1800.410493][T18914] hub 6-0:1.0: 1 port detected
[ 1800.703867][T18920] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4536'.
[ 1800.975913][T18925] loop7: detected capacity change from 0 to 512
[ 1801.134142][T18925] EXT4-fs (loop7): 1 orphan inode deleted
[ 1801.144382][T18925] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1801.159759][T18925] ext4 filesystem being mounted at /478/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1801.160020][ T3588] EXT4-fs error (device loop7): ext4_release_dquot:6969: comm kworker/u8:8: Failed to release dquot type 1
[ 1801.280235][T12734] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1801.814821][T18944] netlink: 'syz.9.4545': attribute type 10 has an invalid length.
[ 1801.851364][T18944] bond0: (slave dummy0): Enslaving as an active interface with an up link
[ 1802.396436][T18951] netlink: 28 bytes leftover after parsing attributes in process `syz.9.4548'.
[ 1802.465679][T18951] netlink: 12 bytes leftover after parsing attributes in process `syz.9.4548'.
[ 1802.535291][T18951] hub 6-0:1.0: USB hub found
[ 1802.551633][T18951] hub 6-0:1.0: 1 port detected
[ 1803.083892][T18961] netlink: 12 bytes leftover after parsing attributes in process `syz.9.4551'.
[ 1804.376644][   T30] kauditd_printk_skb: 57 callbacks suppressed
[ 1804.376735][   T30] audit: type=1326 audit(1750594025.788:1671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18974 comm="syz.9.4557" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24539 code=0x7ffc0000
[ 1804.406071][   T30] audit: type=1326 audit(1750594025.788:1672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18974 comm="syz.9.4557" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24539 code=0x7ffc0000
[ 1804.521670][   T30] audit: type=1326 audit(1750594025.881:1673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18974 comm="syz.9.4557" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f24539 code=0x7ffc0000
[ 1804.547066][   T30] audit: type=1326 audit(1750594025.881:1674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18974 comm="syz.9.4557" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24539 code=0x7ffc0000
[ 1804.571108][   T30] audit: type=1326 audit(1750594025.890:1675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18974 comm="syz.9.4557" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f24539 code=0x7ffc0000
[ 1804.594535][   T30] audit: type=1326 audit(1750594025.890:1676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18974 comm="syz.9.4557" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24539 code=0x7ffc0000
[ 1804.617277][   T30] audit: type=1326 audit(1750594025.890:1677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18974 comm="syz.9.4557" exe="/root/syz-executor" sig=0 arch=40000003 syscall=101 compat=1 ip=0xf7f24539 code=0x7ffc0000
[ 1804.639934][   T30] audit: type=1326 audit(1750594025.890:1678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18974 comm="syz.9.4557" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24539 code=0x7ffc0000
[ 1804.981034][T18982] netlink: 28 bytes leftover after parsing attributes in process `syz.9.4561'.
[ 1805.014764][T18982] netlink: 12 bytes leftover after parsing attributes in process `syz.9.4561'.
[ 1805.062976][T18982] hub 6-0:1.0: USB hub found
[ 1805.073699][T18982] hub 6-0:1.0: 1 port detected
[ 1805.283813][T18991] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4563'.
[ 1806.158849][T19000] netlink: 12 bytes leftover after parsing attributes in process `syz.9.4567'.
[ 1806.342446][T19005] netlink: 'syz.3.4568': attribute type 4 has an invalid length.
[ 1806.439412][T19005] netlink: 'syz.3.4568': attribute type 4 has an invalid length.
[ 1806.772158][T19010] netlink: 'syz.9.4571': attribute type 10 has an invalid length.
[ 1806.789498][T19010] bond0: (slave dummy0): Releasing backup interface
[ 1806.828169][T19013] netlink: 'syz.4.4572': attribute type 13 has an invalid length.
[ 1806.903687][T19010] team0: Failed to send options change via netlink (err -105)
[ 1806.911698][T19010] team0: Port device dummy0 added
[ 1806.933950][T19014] netlink: 'syz.9.4571': attribute type 10 has an invalid length.
[ 1807.111352][T19017] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4574'.
[ 1807.132459][T19017] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4574'.
[ 1807.230597][T19017] hub 6-0:1.0: USB hub found
[ 1807.241479][T19013] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1807.250034][T19013] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1807.252981][T19017] hub 6-0:1.0: 1 port detected
[ 1807.748033][T19013] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1807.757637][T19013] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1807.766919][T19013] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1807.777262][T19013] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1807.970786][T19013] netdevsim netdevsim4 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1807.986073][T19013] netdevsim netdevsim4 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1807.995355][T19013] netdevsim netdevsim4 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1808.004638][T19013] netdevsim netdevsim4 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1808.042066][ T5851] lo speed is unknown, defaulting to 1000
[ 1808.048336][ T5851] syz2: Port: 1 Link DOWN
[ 1808.154139][T19014] team0: Port device dummy0 removed
[ 1808.183815][T19014] bond0: (slave dummy0): Enslaving as an active interface with an up link
[ 1808.597370][T19024] bond0: (slave dummy0): Releasing backup interface
[ 1808.679190][T19025] smc: net device bond0 applied user defined pnetid SYZ2
[ 1808.700851][T19025] smc: net device bond0 erased user defined pnetid SYZ2
[ 1810.593748][T19039] loop3: detected capacity change from 0 to 1024
[ 1810.635595][T19039] EXT4-fs: Ignoring removed bh option
[ 1810.641295][T19039] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1810.648481][T19039] EXT4-fs: Ignoring removed oldalloc option
[ 1810.655772][T19039] ext4: Bad value for 'mb_optimize_scan'
[ 1810.986455][T19044] loop9: detected capacity change from 0 to 164
[ 1811.022421][T19044] iso9660: Bad value for 'check'
[ 1811.207200][T19044] lo speed is unknown, defaulting to 1000
[ 1811.298750][T19046] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4585'.
[ 1811.388719][T19046] hub 6-0:1.0: USB hub found
[ 1811.510290][T19046] hub 6-0:1.0: 1 port detected
[ 1812.038632][T19049] loop5: detected capacity change from 0 to 2048
[ 1812.369093][T19049]  loop5: p2 < > p4
[ 1812.427662][T19049] loop5: p4 size 8192 extends beyond EOD, truncated
[ 1812.552463][T19056] netlink: 'syz.7.4588': attribute type 10 has an invalid length.
[ 1812.589811][T19056] netlink: 'syz.7.4588': attribute type 10 has an invalid length.
[ 1812.922186][T19060] loop4: detected capacity change from 0 to 512
[ 1813.008176][T19060] EXT4-fs (loop4): orphan cleanup on readonly fs
[ 1813.044389][T19060] EXT4-fs error (device loop4): ext4_orphan_get:1419: comm syz.4.4589: bad orphan inode 13
[ 1813.096935][T19060] ext4_test_bit(bit=12, block=18) = 1
[ 1813.105505][T19060] is_bad_inode(inode)=0
[ 1813.110032][T19060] NEXT_ORPHAN(inode)=2130706432
[ 1813.115230][T19060] max_ino=32
[ 1813.118608][T19060] i_nlink=1
[ 1813.124388][T19060] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1813.532806][T11479] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1813.855877][T16938] netdevsim netdevsim7 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1813.873358][T16938] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1814.041326][T16938] netdevsim netdevsim7 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1814.052315][T16938] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1814.287905][T16938] netdevsim netdevsim7 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1814.299307][T16938] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1814.537177][T16938] netdevsim netdevsim7 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1814.548171][T16938] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1815.043279][T16938] bridge_slave_1: left allmulticast mode
[ 1815.049528][T16938] bridge_slave_1: left promiscuous mode
[ 1815.056074][T16938] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1815.124212][T16938] bridge_slave_0: left allmulticast mode
[ 1815.130120][T16938] bridge_slave_0: left promiscuous mode
[ 1815.136866][T16938] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1815.508962][T12735] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1815.572949][T12735] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1815.582243][T12735] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1815.649779][T12735] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1815.661123][T12735] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1816.082688][T16938] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1816.140765][T16938] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1816.198651][T16938] bond0 (unregistering): Released all slaves
[ 1816.370438][T19071] lo speed is unknown, defaulting to 1000
[ 1816.846137][T19075] loop3: detected capacity change from 0 to 2048
[ 1817.101390][T16938] hsr_slave_0: left promiscuous mode
[ 1817.133064][T16938] hsr_slave_1: left promiscuous mode
[ 1817.140917][T16938] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1817.151584][T16938] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1817.233235][T16938] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1817.244455][T16938] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1817.325978][T16938] veth1_macvtap: left promiscuous mode
[ 1817.331789][T16938] veth0_macvtap: left promiscuous mode
[ 1817.338488][T16938] veth1_vlan: left promiscuous mode
[ 1817.344054][T16938] veth0_vlan: left promiscuous mode
[ 1817.427894][T16353] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1817.530801][T16353] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1817.540281][T16353] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1817.553712][T16353] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1817.564981][T16353] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1817.881861][T16353] Bluetooth: hci0: command tx timeout
[ 1818.472296][T16938] team0 (unregistering): Port device team_slave_1 removed
[ 1818.535291][T16938] team0 (unregistering): Port device team_slave_0 removed
[ 1818.671446][T19087] loop5: detected capacity change from 0 to 512
[ 1818.717764][T19087] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1818.871960][T19087] EXT4-fs error (device loop5): ext4_get_branch:178: inode #11: block 4294967295: comm syz.5.4600: invalid block
[ 1819.036049][T19087] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.4600: invalid indirect mapped block 4294967295 (level 1)
[ 1819.052082][T19087] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.4600: invalid indirect mapped block 4294967295 (level 1)
[ 1819.068424][T19087] EXT4-fs (loop5): 2 truncates cleaned up
[ 1819.076331][T19087] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1819.283475][T19077] lo speed is unknown, defaulting to 1000
[ 1819.376373][T19091] netlink: 96 bytes leftover after parsing attributes in process `syz.5.4600'.
[ 1819.731270][T18555] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1819.743976][T19071] chnl_net:caif_netlink_parms(): no params data found
[ 1819.951165][T16353] Bluetooth: hci4: command tx timeout
[ 1820.137427][T16353] Bluetooth: hci0: command tx timeout
[ 1820.469366][T19111] loop5: detected capacity change from 0 to 512
[ 1820.562167][T16938] bridge_slave_1: left allmulticast mode
[ 1820.567117][T19111] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[ 1820.568165][T16938] bridge_slave_1: left promiscuous mode
[ 1820.585310][T16938] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1820.716048][T16938] bridge_slave_0: left allmulticast mode
[ 1820.722206][T16938] bridge_slave_0: left promiscuous mode
[ 1820.728968][T16938] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1820.754212][T19111] EXT4-fs (loop5): 1 truncate cleaned up
[ 1820.764610][T19111] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1821.161905][T16938] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1821.187865][T18555] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1821.214228][T16938] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1821.230381][T16938] bond0 (unregistering): Released all slaves
[ 1821.345937][T19077] chnl_net:caif_netlink_parms(): no params data found
[ 1821.824732][T19071] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1821.833852][T19071] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1821.841730][T19071] bridge_slave_0: entered allmulticast mode
[ 1821.851133][T19071] bridge_slave_0: entered promiscuous mode
[ 1821.945669][T19071] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1821.953337][T19071] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1821.961558][T19071] bridge_slave_1: entered allmulticast mode
[ 1821.974153][T19071] bridge_slave_1: entered promiscuous mode
[ 1822.160380][T16353] Bluetooth: hci4: command tx timeout
[ 1822.310743][T16938] hsr_slave_0: left promiscuous mode
[ 1822.329004][T16353] Bluetooth: hci0: command tx timeout
[ 1822.339721][T16938] hsr_slave_1: left promiscuous mode
[ 1822.627244][T16938] team0 (unregistering): Port device team_slave_1 removed
[ 1822.725500][T16938] team0 (unregistering): Port device team_slave_0 removed
[ 1823.189878][T19071] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1823.289860][T19071] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1823.888762][T19071] team0: Port device team_slave_0 added
[ 1823.905330][T19077] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1823.913082][T19077] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1823.920907][T19077] bridge_slave_0: entered allmulticast mode
[ 1823.930419][T19077] bridge_slave_0: entered promiscuous mode
[ 1823.952371][T19071] team0: Port device team_slave_1 added
[ 1824.194184][T19077] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1824.202030][T19077] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1824.209829][T19077] bridge_slave_1: entered allmulticast mode
[ 1824.219440][T19077] bridge_slave_1: entered promiscuous mode
[ 1824.230443][T19071] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1824.237928][T19071] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1824.266445][T19071] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1824.302233][T19151] loop5: detected capacity change from 0 to 512
[ 1824.322565][T19151] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1824.368162][T19151] EXT4-fs error (device loop5): ext4_get_branch:178: inode #11: block 4294967295: comm syz.5.4613: invalid block
[ 1824.385184][T16353] Bluetooth: hci4: command tx timeout
[ 1824.403581][T19151] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.4613: invalid indirect mapped block 4294967295 (level 1)
[ 1824.442161][T19151] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #11: comm syz.5.4613: invalid indirect mapped block 4294967295 (level 1)
[ 1824.463960][T19151] EXT4-fs (loop5): 2 truncates cleaned up
[ 1824.472094][T19151] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1824.499647][T19071] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1824.506848][T19071] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1824.534001][T19071] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1824.559812][T16353] Bluetooth: hci0: command tx timeout
[ 1824.576237][T19077] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1824.597178][   T30] audit: type=1326 audit(1750594044.720:1679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19153 comm="syz.9.4614" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24539 code=0x7ffc0000
[ 1824.621637][   T30] audit: type=1326 audit(1750594044.720:1680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19153 comm="syz.9.4614" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24539 code=0x7ffc0000
[ 1824.647828][   T30] audit: type=1326 audit(1750594044.767:1681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19153 comm="syz.9.4614" exe="/root/syz-executor" sig=0 arch=40000003 syscall=329 compat=1 ip=0xf7f24539 code=0x7ffc0000
[ 1824.671321][   T30] audit: type=1326 audit(1750594044.767:1682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19153 comm="syz.9.4614" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24539 code=0x7ffc0000
[ 1824.687136][T19077] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1824.693926][   T30] audit: type=1326 audit(1750594044.767:1683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19153 comm="syz.9.4614" exe="/root/syz-executor" sig=0 arch=40000003 syscall=441 compat=1 ip=0xf7f24539 code=0x7ffc0000
[ 1824.784450][   T30] audit: type=1326 audit(1750594044.851:1684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19153 comm="syz.9.4614" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24539 code=0x7ffc0000
[ 1824.807708][   T30] audit: type=1326 audit(1750594044.851:1685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19153 comm="syz.9.4614" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24539 code=0x7ffc0000
[ 1824.897780][T19117] EXT4-fs error (device loop5): ext4_validate_block_bitmap:432: comm ext4lazyinit: bg 0: block 5: invalid block bitmap
[ 1825.034644][T19156] netlink: 96 bytes leftover after parsing attributes in process `syz.5.4613'.
[ 1825.205041][T19077] team0: Port device team_slave_0 added
[ 1825.230768][T19071] hsr_slave_0: entered promiscuous mode
[ 1825.240929][T19071] hsr_slave_1: entered promiscuous mode
[ 1825.252669][T19071] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1825.260772][T19071] Cannot create hsr debugfs directory
[ 1825.293515][T19077] team0: Port device team_slave_1 added
[ 1825.370581][T19161] loop3: detected capacity change from 0 to 2048
[ 1825.497303][T19161]  loop3: p2 < > p4
[ 1825.522932][T19077] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1825.531652][T19077] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1825.536330][T19161] loop3: p4 size 8192 extends beyond EOD, truncated
[ 1825.558274][T19077] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1825.650360][T18555] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1825.662568][T19077] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1825.669889][T19077] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1825.700256][T19077] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1826.173873][T19077] hsr_slave_0: entered promiscuous mode
[ 1826.184170][T19077] hsr_slave_1: entered promiscuous mode
[ 1826.192934][T19077] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1826.200795][T19077] Cannot create hsr debugfs directory
[ 1826.605425][T16353] Bluetooth: hci4: command tx timeout
[ 1827.504874][T19177] netlink: 12 bytes leftover after parsing attributes in process `syz.9.4622'.
[ 1827.515958][T19071] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1827.614824][T19071] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1827.701495][T19071] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1827.800604][T19071] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1828.111832][T19077] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1828.142224][T19077] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1828.184552][T19077] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1828.272777][T19077] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1828.843084][T19071] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1829.053598][T19182] loop5: detected capacity change from 0 to 8192
[ 1829.113767][T19182]  loop5: p1 < > p2 < p5 > p3 p4
[ 1829.134204][T19071] 8021q: adding VLAN 0 to HW filter on device team0
[ 1829.152351][T19182] loop5: p3 start 83890176 is beyond EOD, truncated
[ 1829.159349][T19182] loop5: p4 size 16776960 extends beyond EOD, truncated
[ 1829.204108][T19182] loop5: p5 size 16776960 extends beyond EOD, truncated
[ 1829.230753][T16938] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1829.238408][T16938] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1829.321846][T16938] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1829.329471][T16938] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1829.400646][T19077] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1829.401430][T19188] loop9: detected capacity change from 0 to 512
[ 1829.476718][T19188] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1829.592741][T19188] EXT4-fs error (device loop9): ext4_get_branch:178: inode #11: block 4294967295: comm syz.9.4626: invalid block
[ 1829.626115][T19071] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1829.644503][T19071] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1829.695787][T19188] EXT4-fs error (device loop9): ext4_free_branches:1023: inode #11: comm syz.9.4626: invalid indirect mapped block 4294967295 (level 1)
[ 1829.703487][T19077] 8021q: adding VLAN 0 to HW filter on device team0
[ 1829.721537][T19188] EXT4-fs error (device loop9): ext4_free_branches:1023: inode #11: comm syz.9.4626: invalid indirect mapped block 4294967295 (level 1)
[ 1829.791966][T19188] EXT4-fs (loop9): 2 truncates cleaned up
[ 1829.799925][T19188] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1829.832827][T16964] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1829.840486][T16964] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1829.859108][T16964] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1829.866771][T16964] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1830.254870][T19193] netlink: 96 bytes leftover after parsing attributes in process `syz.9.4626'.
[ 1830.478090][ T1284] ieee802154 phy0 wpan0: encryption failed: -22
[ 1830.766523][T16352] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1831.193781][T19071] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1831.656043][T19077] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1832.486857][T19219] netlink: 12 bytes leftover after parsing attributes in process `syz.9.4632'.
[ 1832.575347][T19223] netlink: 'syz.5.4633': attribute type 1 has an invalid length.
[ 1832.587270][T19223] netlink: 'syz.5.4633': attribute type 2 has an invalid length.
[ 1832.598012][T19223] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4633'.
[ 1833.130473][T19071] veth0_vlan: entered promiscuous mode
[ 1833.231746][T19071] veth1_vlan: entered promiscuous mode
[ 1833.516927][T19071] veth0_macvtap: entered promiscuous mode
[ 1833.547094][   T30] audit: type=1326 audit(1750594053.082:1686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19231 comm="syz.3.4636" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae539 code=0x7ffc0000
[ 1833.571500][   T30] audit: type=1326 audit(1750594053.082:1687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19231 comm="syz.3.4636" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae539 code=0x7ffc0000
[ 1833.643441][   T30] audit: type=1326 audit(1750594053.139:1688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19231 comm="syz.3.4636" exe="/root/syz-executor" sig=0 arch=40000003 syscall=322 compat=1 ip=0xf70ae539 code=0x7ffc0000
[ 1833.666763][   T30] audit: type=1326 audit(1750594053.148:1689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19231 comm="syz.3.4636" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae539 code=0x7ffc0000
[ 1833.670306][T19071] veth1_macvtap: entered promiscuous mode
[ 1833.691073][   T30] audit: type=1326 audit(1750594053.148:1690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19231 comm="syz.3.4636" exe="/root/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf70ae539 code=0x7ffc0000
[ 1833.718878][   T30] audit: type=1326 audit(1750594053.148:1691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19231 comm="syz.3.4636" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae539 code=0x7ffc0000
[ 1833.741540][   T30] audit: type=1326 audit(1750594053.148:1692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19231 comm="syz.3.4636" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf70ae539 code=0x7ffc0000
[ 1833.764309][   T30] audit: type=1326 audit(1750594053.148:1693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19231 comm="syz.3.4636" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae539 code=0x7ffc0000
[ 1833.786925][   T30] audit: type=1326 audit(1750594053.148:1694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19231 comm="syz.3.4636" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf70ae539 code=0x7ffc0000
[ 1833.798171][T19077] veth0_vlan: entered promiscuous mode
[ 1833.810989][   T30] audit: type=1326 audit(1750594053.148:1695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19231 comm="syz.3.4636" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae539 code=0x7ffc0000
[ 1834.044052][T19071] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1834.075892][T19077] veth1_vlan: entered promiscuous mode
[ 1834.155581][T19071] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1834.307089][T19071] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1834.317191][T19071] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1834.326512][T19071] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1834.339868][T19071] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1834.609576][T19077] veth0_macvtap: entered promiscuous mode
[ 1834.760566][T19077] veth1_macvtap: entered promiscuous mode
[ 1834.863655][T19077] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1834.945894][T19077] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1835.042242][T19077] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1835.051465][T19077] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1835.060485][T19077] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1835.069634][T19077] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1835.614553][T19256] loop3: detected capacity change from 0 to 2048
[ 1836.355766][T19267] netlink: 12 bytes leftover after parsing attributes in process `syz.9.4643'.
[ 1837.153230][T19277] loop9: detected capacity change from 0 to 2048
[ 1837.227768][T19277]  loop9: p2 < > p4
[ 1837.253486][T19277] loop9: p4 size 8192 extends beyond EOD, truncated
[ 1837.773385][T19286] loop5: detected capacity change from 0 to 1024
[ 1837.885740][T19286] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1838.357135][T18555] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1838.783468][T19304] loop9: detected capacity change from 0 to 2048
[ 1839.307524][T19318] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4654'.
[ 1839.569333][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1839.577584][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1839.768331][T16958] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1839.776621][T16958] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1839.916110][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1839.925801][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1840.020831][T16964] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1840.033958][T16964] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1840.580342][T19331] loop4: detected capacity change from 0 to 512
[ 1840.669188][T19331] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[ 1840.716179][T19331] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.4597: invalid indirect mapped block 2683928664 (level 1)
[ 1840.766020][T19331] EXT4-fs (loop4): Remounting filesystem read-only
[ 1840.781622][T19331] EXT4-fs (loop4): 1 truncate cleaned up
[ 1840.789739][T19331] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1840.835548][T19338] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4596'.
[ 1840.857677][T19338] hub 6-0:1.0: USB hub found
[ 1840.883634][T19338] hub 6-0:1.0: 1 port detected
[ 1841.193460][T19331] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1841.756796][T19353] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4665'.
[ 1842.206030][   T30] kauditd_printk_skb: 29 callbacks suppressed
[ 1842.206112][   T30] audit: type=1326 audit(1750594061.183:1725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19360 comm="syz.9.4668" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24539 code=0x7ffc0000
[ 1842.240770][   T30] audit: type=1326 audit(1750594061.183:1726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19360 comm="syz.9.4668" exe="/root/syz-executor" sig=0 arch=40000003 syscall=101 compat=1 ip=0xf7f24539 code=0x7ffc0000
[ 1842.265070][   T30] audit: type=1326 audit(1750594061.183:1727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19360 comm="syz.9.4668" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24539 code=0x7ffc0000
[ 1842.288031][   T30] audit: type=1326 audit(1750594061.192:1728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19360 comm="syz.9.4668" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f24539 code=0x7ffc0000
[ 1842.310774][   T30] audit: type=1326 audit(1750594061.192:1729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19360 comm="syz.9.4668" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24539 code=0x7ffc0000
[ 1842.379208][T10622] hid-generic 0000:0000:0000.0036: unknown main item tag 0x0
[ 1842.427896][T10622] hid-generic 0000:0000:0000.0036: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1842.491187][   T30] audit: type=1326 audit(1750594061.314:1730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19360 comm="syz.9.4668" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f24539 code=0x7ffc0000
[ 1842.514064][   T30] audit: type=1326 audit(1750594061.323:1731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19360 comm="syz.9.4668" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24539 code=0x7ffc0000
[ 1842.536704][   T30] audit: type=1326 audit(1750594061.323:1732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19360 comm="syz.9.4668" exe="/root/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f24539 code=0x7ffc0000
[ 1842.560903][   T30] audit: type=1326 audit(1750594061.323:1733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19360 comm="syz.9.4668" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24539 code=0x7ffc0000
[ 1842.590652][   T30] audit: type=1326 audit(1750594061.323:1734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19360 comm="syz.9.4668" exe="/root/syz-executor" sig=0 arch=40000003 syscall=365 compat=1 ip=0xf7f24539 code=0x7ffc0000
[ 1842.618592][T19361] loop9: detected capacity change from 0 to 1024
[ 1842.639300][T19361] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1842.694410][T19361] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[ 1842.793226][T19361] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1842.822996][T19361] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1843.259913][T19375] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4672'.
[ 1843.338317][T19375] hub 6-0:1.0: USB hub found
[ 1843.359793][T19375] hub 6-0:1.0: 1 port detected
[ 1844.314104][T19386] loop5: detected capacity change from 0 to 2048
[ 1845.286598][T19408] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4688'.
[ 1845.358299][T19408] hub 6-0:1.0: USB hub found
[ 1845.388798][T19408] hub 6-0:1.0: 1 port detected
[ 1845.419052][T19406] loop7: detected capacity change from 0 to 1024
[ 1845.493544][T19406] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1845.552810][T19406] EXT4-fs (loop7): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[ 1845.632073][T19406] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c840e01c, mo2=0000]
[ 1845.778482][T19406] EXT4-fs error (device loop7): ext4_map_blocks:780: inode #3: block 2: comm syz.7.4687: lblock 2 mapped to illegal pblock 2 (length 1)
[ 1845.794178][T19406] EXT4-fs error (device loop7): ext4_map_blocks:780: inode #3: block 48: comm syz.7.4687: lblock 0 mapped to illegal pblock 48 (length 1)
[ 1845.826081][T19406] EXT4-fs error (device loop7): ext4_acquire_dquot:6933: comm syz.7.4687: Failed to acquire dquot type 0
[ 1845.878077][T19406] EXT4-fs error (device loop7) in ext4_reserve_inode_write:6255: Corrupt filesystem
[ 1845.903025][T19406] EXT4-fs error (device loop7): ext4_evict_inode:254: inode #11: comm syz.7.4687: mark_inode_dirty error
[ 1845.921019][T19406] EXT4-fs warning (device loop7): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[ 1845.932007][T19406] EXT4-fs (loop7): 1 orphan inode deleted
[ 1845.948186][T19406] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1845.976613][T16966] EXT4-fs error (device loop7): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:18: lblock 1 mapped to illegal pblock 1 (length 1)
[ 1846.040730][T16966] EXT4-fs error (device loop7): ext4_release_dquot:6969: comm kworker/u8:18: Failed to release dquot type 0
[ 1846.100298][T19406] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1846.153236][T19406] EXT4-fs error (device loop7): __ext4_get_inode_loc:4792: comm syz.7.4687: Invalid inode table block 1 in block_group 0
[ 1846.207122][T19406] EXT4-fs error (device loop7) in ext4_reserve_inode_write:6255: Corrupt filesystem
[ 1846.249486][T19406] EXT4-fs error (device loop7): ext4_quota_off:7217: inode #3: comm syz.7.4687: mark_inode_dirty error
[ 1846.660709][T19425] loop9: detected capacity change from 0 to 2048
[ 1847.340589][T19440] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4702'.
[ 1847.379217][T19440] hub 6-0:1.0: USB hub found
[ 1847.393576][T19440] hub 6-0:1.0: 1 port detected
[ 1848.027643][   T30] kauditd_printk_skb: 66 callbacks suppressed
[ 1848.027720][   T30] audit: type=1326 audit(1750594066.627:1798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19450 comm="syz.5.4707" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f34539 code=0x7ffc0000
[ 1848.056716][   T30] audit: type=1326 audit(1750594066.627:1799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19450 comm="syz.5.4707" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f34539 code=0x7ffc0000
[ 1848.116537][   T30] audit: type=1326 audit(1750594066.693:1800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19450 comm="syz.5.4707" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f34539 code=0x7ffc0000
[ 1848.144256][   T30] audit: type=1326 audit(1750594066.693:1801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19450 comm="syz.5.4707" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f34539 code=0x7ffc0000
[ 1848.168659][   T30] audit: type=1326 audit(1750594066.693:1802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19450 comm="syz.5.4707" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f34539 code=0x7ffc0000
[ 1848.194313][   T30] audit: type=1326 audit(1750594066.693:1803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19450 comm="syz.5.4707" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f34539 code=0x7ffc0000
[ 1848.217051][   T30] audit: type=1326 audit(1750594066.693:1804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19450 comm="syz.5.4707" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f34539 code=0x7ffc0000
[ 1848.239808][   T30] audit: type=1326 audit(1750594066.693:1805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19450 comm="syz.5.4707" exe="/root/syz-executor" sig=0 arch=40000003 syscall=275 compat=1 ip=0xf7f34539 code=0x7ffc0000
[ 1848.270003][   T30] audit: type=1326 audit(1750594066.693:1806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19450 comm="syz.5.4707" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f34539 code=0x7ffc0000
[ 1848.873687][T19457] loop7: detected capacity change from 0 to 2048
[ 1849.257035][T19467] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4715'.
[ 1849.309953][T19467] hub 6-0:1.0: USB hub found
[ 1849.330870][T19467] hub 6-0:1.0: 1 port detected
[ 1849.456810][T19470] loop5: detected capacity change from 0 to 512
[ 1849.502024][T19470] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[ 1849.573744][T19470] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=884ee02c, mo2=0102]
[ 1849.601858][T19470] EXT4-fs (loop5): orphan cleanup on readonly fs
[ 1849.630205][T19472] loop9: detected capacity change from 0 to 164
[ 1849.694618][T19470] EXT4-fs error (device loop5): ext4_get_branch:178: inode #11: block 33619980: comm syz.5.4716: invalid block
[ 1849.746802][T19472] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[ 1849.767664][T19470] EXT4-fs (loop5): Remounting filesystem read-only
[ 1849.823662][T19472] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[ 1849.836561][T19470] EXT4-fs (loop5): 1 truncate cleaned up
[ 1849.844994][T19470] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: writeback.
[ 1849.868073][T19472] Symlink component flag not implemented
[ 1849.874036][T19472] Symlink component flag not implemented
[ 1849.883028][T19472] Symlink component flag not implemented (7)
[ 1849.890217][T19472] Symlink component flag not implemented (116)
[ 1850.164373][T18555] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[ 1850.282939][T19482] loop7: detected capacity change from 0 to 2048
[ 1850.373209][T19482] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1850.476651][T19482] EXT4-fs: journaled quota format not specified
[ 1850.509166][   T30] audit: type=1326 audit(1750594068.938:1807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19491 comm="syz.4.4722" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e539 code=0x7ffc0000
[ 1850.587111][T19492] loop9: detected capacity change from 0 to 164
[ 1850.630718][T19492] iso9660: Unknown parameter 'âеºKó_soa&~ŒðÓð¸rs×®…	O»…©?Ð?†‘'
[ 1850.744287][T19077] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[ 1850.886984][T19077] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1851.325781][T19503] netlink: 12 bytes leftover after parsing attributes in process `syz.9.4730'.
[ 1851.418677][T19503] hub 6-0:1.0: USB hub found
[ 1851.446529][T19503] hub 6-0:1.0: 1 port detected
[ 1851.625000][T19508] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4731'.
[ 1851.728197][T19508] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4731'.
[ 1851.879868][T19514] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4733'.
[ 1851.921031][T19516] netlink: 244 bytes leftover after parsing attributes in process `syz.7.4734'.
[ 1851.930459][T19516] ksmbd: Unknown IPC event: 3, ignore.
[ 1852.485196][T19520] loop3: detected capacity change from 0 to 512
[ 1852.679953][T19520] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2
[ 1852.754832][T19520] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.4737: invalid indirect mapped block 2683928664 (level 1)
[ 1852.792958][T19520] EXT4-fs (loop3): Remounting filesystem read-only
[ 1852.803120][T19520] EXT4-fs (loop3): 1 truncate cleaned up
[ 1852.811570][T19520] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1852.849253][T19526] smc: net device bond0 applied user defined pnetid SYZ2
[ 1852.902882][T19526] smc: net device bond0 erased user defined pnetid SYZ2
[ 1852.913501][T19520] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1853.441352][T19539] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4745'.
[ 1853.514202][T19539] hub 6-0:1.0: USB hub found
[ 1853.535023][T19539] hub 6-0:1.0: 1 port detected
[ 1853.786040][T19547] netlink: 12 bytes leftover after parsing attributes in process `syz.9.4748'.
[ 1854.249643][   T30] kauditd_printk_skb: 16 callbacks suppressed
[ 1854.249720][   T30] audit: type=1326 audit(1750594072.455:1824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19554 comm="syz.9.4752" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24539 code=0x7ffc0000
[ 1854.380478][   T30] audit: type=1326 audit(1750594072.520:1825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19554 comm="syz.9.4752" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f24539 code=0x7ffc0000
[ 1854.384710][T19557] loop5: detected capacity change from 0 to 512
[ 1854.407134][   T30] audit: type=1326 audit(1750594072.529:1826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19554 comm="syz.9.4752" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24539 code=0x7ffc0000
[ 1854.436091][   T30] audit: type=1326 audit(1750594072.529:1827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19554 comm="syz.9.4752" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24539 code=0x7ffc0000
[ 1854.458646][   T30] audit: type=1326 audit(1750594072.529:1828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19554 comm="syz.9.4752" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7f24539 code=0x7ffc0000
[ 1854.486996][   T30] audit: type=1326 audit(1750594072.529:1829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19554 comm="syz.9.4752" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24539 code=0x7ffc0000
[ 1854.512177][   T30] audit: type=1326 audit(1750594072.529:1830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19554 comm="syz.9.4752" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24539 code=0x7ffc0000
[ 1854.535515][   T30] audit: type=1326 audit(1750594072.529:1831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19554 comm="syz.9.4752" exe="/root/syz-executor" sig=0 arch=40000003 syscall=275 compat=1 ip=0xf7f24539 code=0x7ffc0000
[ 1854.558152][   T30] audit: type=1326 audit(1750594072.529:1832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19554 comm="syz.9.4752" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f24539 code=0x7ffc0000
[ 1854.648337][T19557] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -2
[ 1854.687078][T19557] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.4753: invalid indirect mapped block 2683928664 (level 1)
[ 1854.734970][T19557] EXT4-fs (loop5): Remounting filesystem read-only
[ 1854.744065][T19557] EXT4-fs (loop5): 1 truncate cleaned up
[ 1854.752065][T19557] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1855.023625][T18555] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1855.384367][T19566] loop9: detected capacity change from 0 to 1024
[ 1855.420684][T19566] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1855.455931][T19566] EXT4-fs (loop9): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[ 1855.530007][T19566] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c840e01c, mo2=0000]
[ 1855.558000][T19566] EXT4-fs error (device loop9): ext4_map_blocks:780: inode #3: block 2: comm syz.9.4757: lblock 2 mapped to illegal pblock 2 (length 1)
[ 1855.615452][T19566] Quota error (device loop9): qtree_write_dquot: dquota write failed
[ 1855.624069][T19566] EXT4-fs error (device loop9): ext4_map_blocks:780: inode #3: block 48: comm syz.9.4757: lblock 0 mapped to illegal pblock 48 (length 1)
[ 1855.703743][T19581] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4760'.
[ 1855.716497][T19566] EXT4-fs error (device loop9): ext4_acquire_dquot:6933: comm syz.9.4757: Failed to acquire dquot type 0
[ 1855.730706][T19580] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4762'.
[ 1855.748911][T19566] EXT4-fs error (device loop9) in ext4_reserve_inode_write:6255: Corrupt filesystem
[ 1855.784759][T19581] hub 6-0:1.0: USB hub found
[ 1855.795141][T19581] hub 6-0:1.0: 1 port detected
[ 1855.802227][T19566] EXT4-fs error (device loop9): ext4_evict_inode:254: inode #11: comm syz.9.4757: mark_inode_dirty error
[ 1855.833491][T19566] EXT4-fs warning (device loop9): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[ 1855.844243][T19566] EXT4-fs (loop9): 1 orphan inode deleted
[ 1855.852339][T19566] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1855.888939][ T3588] EXT4-fs error (device loop9): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:8: lblock 1 mapped to illegal pblock 1 (length 1)
[ 1855.948772][ T3588] EXT4-fs error (device loop9): ext4_release_dquot:6969: comm kworker/u8:8: Failed to release dquot type 0
[ 1856.026920][T19566] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1856.091720][T19566] EXT4-fs error (device loop9): __ext4_get_inode_loc:4792: comm syz.9.4757: Invalid inode table block 1 in block_group 0
[ 1856.151266][T19566] EXT4-fs error (device loop9) in ext4_reserve_inode_write:6255: Corrupt filesystem
[ 1856.189309][T19566] EXT4-fs error (device loop9): ext4_quota_off:7217: inode #3: comm syz.9.4757: mark_inode_dirty error
[ 1856.561673][T19591] loop3: detected capacity change from 0 to 128
[ 1857.513118][T19607] netlink: 32 bytes leftover after parsing attributes in process `syz.3.4774'.
[ 1857.538070][T19607] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4774'.
[ 1857.752669][T19610] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4775'.
[ 1857.784372][T19608] loop5: detected capacity change from 0 to 2048
[ 1857.821069][T19610] hub 6-0:1.0: USB hub found
[ 1857.890051][T19610] hub 6-0:1.0: 1 port detected
[ 1858.653185][T19621] loop9: detected capacity change from 0 to 1024
[ 1858.703651][T19621] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1858.750816][T19621] EXT4-fs (loop9): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[ 1858.775040][T19625] netlink: 'syz.5.4781': attribute type 10 has an invalid length.
[ 1858.788446][T19625] netlink: 'syz.5.4781': attribute type 10 has an invalid length.
[ 1858.847318][T19621] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c840e01c, mo2=0000]
[ 1859.096751][T19621] EXT4-fs error (device loop9): ext4_map_blocks:780: inode #3: block 2: comm syz.9.4779: lblock 2 mapped to illegal pblock 2 (length 1)
[ 1859.158449][T19621] EXT4-fs error (device loop9): ext4_map_blocks:780: inode #3: block 48: comm syz.9.4779: lblock 0 mapped to illegal pblock 48 (length 1)
[ 1859.220255][T19621] EXT4-fs error (device loop9): ext4_acquire_dquot:6933: comm syz.9.4779: Failed to acquire dquot type 0
[ 1859.340706][T19621] EXT4-fs error (device loop9) in ext4_reserve_inode_write:6255: Corrupt filesystem
[ 1859.354439][T19637] netlink: 32 bytes leftover after parsing attributes in process `syz.4.4787'.
[ 1859.389296][T19621] EXT4-fs error (device loop9): ext4_evict_inode:254: inode #11: comm syz.9.4779: mark_inode_dirty error
[ 1859.402121][T19637] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4787'.
[ 1859.453923][T19621] EXT4-fs warning (device loop9): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[ 1859.464673][T19621] EXT4-fs (loop9): 1 orphan inode deleted
[ 1859.473168][T19621] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1859.499239][ T3588] EXT4-fs error (device loop9): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:8: lblock 1 mapped to illegal pblock 1 (length 1)
[ 1859.570069][ T3588] EXT4-fs error (device loop9): ext4_release_dquot:6969: comm kworker/u8:8: Failed to release dquot type 0
[ 1859.650555][T19621] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1859.697224][T19621] EXT4-fs error (device loop9): __ext4_get_inode_loc:4792: comm syz.9.4779: Invalid inode table block 1 in block_group 0
[ 1859.768369][T19621] EXT4-fs error (device loop9) in ext4_reserve_inode_write:6255: Corrupt filesystem
[ 1859.821378][T19621] EXT4-fs error (device loop9): ext4_quota_off:7217: inode #3: comm syz.9.4779: mark_inode_dirty error
[ 1859.899077][T19642] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4790'.
[ 1859.959152][T19642] hub 6-0:1.0: USB hub found
[ 1859.996101][T19642] hub 6-0:1.0: 1 port detected
[ 1860.040151][T19643] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1860.198923][T19645] loop4: detected capacity change from 0 to 512
[ 1860.238373][T19645] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1860.310080][T19643] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1860.363036][T19645] EXT4-fs error (device loop4): ext4_get_branch:178: inode #11: block 4294967295: comm syz.4.4791: invalid block
[ 1860.462423][T19645] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.4791: invalid indirect mapped block 4294967295 (level 1)
[ 1860.491827][T19643] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1860.519944][T19645] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.4791: invalid indirect mapped block 4294967295 (level 1)
[ 1860.568128][T19645] EXT4-fs (loop4): 2 truncates cleaned up
[ 1860.580780][T19645] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1860.615983][T10622] usb 6-1: new high-speed USB device number 101 using dummy_hcd
[ 1860.752754][T19643] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1860.789709][T10622] usb 6-1: device descriptor read/64, error -71
[ 1860.880616][T19658] netlink: 96 bytes leftover after parsing attributes in process `syz.4.4791'.
[ 1861.066722][T10622] usb 6-1: new high-speed USB device number 102 using dummy_hcd
[ 1861.171686][T19660] netlink: 'syz.9.4796': attribute type 10 has an invalid length.
[ 1861.240635][T19662] netlink: 'syz.9.4796': attribute type 10 has an invalid length.
[ 1861.258870][T10622] usb 6-1: device descriptor read/64, error -71
[ 1861.276896][T19660] bond0: (slave dummy0): Releasing backup interface
[ 1861.334711][T19071] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1861.355177][T19660] team0: Port device dummy0 added
[ 1861.383259][T10622] usb usb6-port1: attempt power cycle
[ 1861.464878][T19662] team0: Port device dummy0 removed
[ 1861.497719][T19662] bond0: (slave dummy0): Enslaving as an active interface with an up link
[ 1861.550298][T19643] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1861.582117][T19643] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1861.624440][T19643] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1861.656198][T19643] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1861.829869][   T30] kauditd_printk_skb: 19 callbacks suppressed
[ 1861.829948][   T30] audit: type=1326 audit(1750594079.489:1847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19667 comm="syz.4.4799" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e539 code=0x7ffc0000
[ 1861.860607][   T30] audit: type=1326 audit(1750594079.545:1848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19667 comm="syz.4.4799" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf704e539 code=0x7ffc0000
[ 1861.883915][   T30] audit: type=1326 audit(1750594079.582:1849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19667 comm="syz.4.4799" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e539 code=0x7ffc0000
[ 1861.906614][   T30] audit: type=1326 audit(1750594079.582:1850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19667 comm="syz.4.4799" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e539 code=0x7ffc0000
[ 1861.933125][   T30] audit: type=1326 audit(1750594079.582:1851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19667 comm="syz.4.4799" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf704e539 code=0x7ffc0000
[ 1861.956983][   T30] audit: type=1326 audit(1750594079.582:1852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19667 comm="syz.4.4799" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e539 code=0x7ffc0000
[ 1861.979588][   T30] audit: type=1326 audit(1750594079.582:1853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19667 comm="syz.4.4799" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e539 code=0x7ffc0000
[ 1861.980530][T10622] usb 6-1: new high-speed USB device number 103 using dummy_hcd
[ 1862.002116][   T30] audit: type=1326 audit(1750594079.582:1854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19667 comm="syz.4.4799" exe="/root/syz-executor" sig=0 arch=40000003 syscall=275 compat=1 ip=0xf704e539 code=0x7ffc0000
[ 1862.002334][   T30] audit: type=1326 audit(1750594079.582:1855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19667 comm="syz.4.4799" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e539 code=0x7ffc0000
[ 1862.092755][T10622] usb 6-1: device descriptor read/8, error -71
[ 1862.286274][T19672] netlink: 32 bytes leftover after parsing attributes in process `syz.3.4801'.
[ 1862.314307][T19672] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4801'.
[ 1862.372893][T10622] usb 6-1: new high-speed USB device number 104 using dummy_hcd
[ 1862.400606][T10622] usb 6-1: device descriptor read/8, error -71
[ 1862.522921][T10622] usb usb6-port1: unable to enumerate USB device
[ 1862.646746][T19677] netlink: 12 bytes leftover after parsing attributes in process `syz.9.4803'.
[ 1862.678544][T19677] hub 6-0:1.0: USB hub found
[ 1862.685004][T19677] hub 6-0:1.0: 1 port detected
[ 1862.889581][T10622] usb 6-1: new high-speed USB device number 105 using dummy_hcd
[ 1863.051062][T10622] usb 6-1: device descriptor read/64, error -71
[ 1863.196905][T19686] IPv6: Can't replace route, no match found
[ 1863.426429][T19688] loop7: detected capacity change from 0 to 512
[ 1863.472031][T19690] loop5: detected capacity change from 0 to 1024
[ 1863.491915][T19690] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1863.494253][T19688] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1863.521403][T19690] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[ 1863.561649][T19688] EXT4-fs error (device loop7): ext4_get_branch:178: inode #11: block 4294967295: comm syz.7.4809: invalid block
[ 1863.563092][T19690] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000]
[ 1863.611437][T19688] EXT4-fs error (device loop7): ext4_free_branches:1023: inode #11: comm syz.7.4809: invalid indirect mapped block 4294967295 (level 1)
[ 1863.615878][   T30] audit: type=1326 audit(1750594081.201:1856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19695 comm="syz.3.4812" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae539 code=0x7ffc0000
[ 1863.627399][T19688] EXT4-fs error (device loop7): ext4_free_branches:1023: inode #11: comm syz.7.4809: invalid indirect mapped block 4294967295 (level 1)
[ 1863.665005][T19688] EXT4-fs (loop7): 2 truncates cleaned up
[ 1863.677279][T19688] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1863.718691][T19690] EXT4-fs error (device loop5): ext4_map_blocks:780: inode #3: block 2: comm syz.5.4810: lblock 2 mapped to illegal pblock 2 (length 1)
[ 1863.758336][T19690] EXT4-fs error (device loop5): ext4_map_blocks:780: inode #3: block 48: comm syz.5.4810: lblock 0 mapped to illegal pblock 48 (length 1)
[ 1863.809437][T19690] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.4810: Failed to acquire dquot type 0
[ 1863.838030][T19690] EXT4-fs error (device loop5) in ext4_reserve_inode_write:6255: Corrupt filesystem
[ 1863.849507][T19697] netlink: 96 bytes leftover after parsing attributes in process `syz.7.4809'.
[ 1863.871214][T19690] EXT4-fs error (device loop5): ext4_evict_inode:254: inode #11: comm syz.5.4810: mark_inode_dirty error
[ 1863.912641][T19690] EXT4-fs warning (device loop5): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[ 1863.923684][T19690] EXT4-fs (loop5): 1 orphan inode deleted
[ 1863.932171][T19690] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1863.945890][ T3894] EXT4-fs error (device loop5): ext4_map_blocks:780: inode #3: block 1: comm kworker/u8:12: lblock 1 mapped to illegal pblock 1 (length 1)
[ 1863.997032][ T3894] EXT4-fs error (device loop5): ext4_release_dquot:6969: comm kworker/u8:12: Failed to release dquot type 0
[ 1864.150850][T18555] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1864.203967][T18555] EXT4-fs error (device loop5): __ext4_get_inode_loc:4792: comm syz-executor: Invalid inode table block 1 in block_group 0
[ 1864.283132][T18555] EXT4-fs error (device loop5) in ext4_reserve_inode_write:6255: Corrupt filesystem
[ 1864.301374][T18555] EXT4-fs error (device loop5): ext4_quota_off:7217: inode #3: comm syz-executor: mark_inode_dirty error
[ 1864.432955][T19077] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1864.814687][T19708] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4815'.
[ 1864.845495][T19708] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4815'.
[ 1865.365479][T19714] loop5: detected capacity change from 0 to 1024
[ 1865.410304][T19718] netlink: 28 bytes leftover after parsing attributes in process `syz.7.4822'.
[ 1865.450901][T19720] =====================================================
[ 1865.458368][T19720] BUG: KMSAN: uninit-value in eth_type_trans+0x7af/0x9a0
[ 1865.465773][T19720]  eth_type_trans+0x7af/0x9a0
[ 1865.470659][T19720]  bpf_prog_run_generic_xdp+0x12a0/0x1ff0
[ 1865.476680][T19720]  do_xdp_generic+0xd52/0x1690
[ 1865.481671][T19720]  tun_get_user+0x447a/0x6b40
[ 1865.486663][T19720]  tun_chr_write_iter+0x3e9/0x5c0
[ 1865.491878][T19720]  vfs_write+0xb48/0x1580
[ 1865.496425][T19720]  __ia32_sys_write+0x1f9/0x4d0
[ 1865.501637][T19720]  ia32_sys_call+0x30f2/0x42c0
[ 1865.506678][T19720]  __do_fast_syscall_32+0xb0/0x150
[ 1865.512114][T19720]  do_fast_syscall_32+0x38/0x80
[ 1865.517161][T19720]  do_SYSENTER_32+0x1f/0x30
[ 1865.521976][T19720]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1865.528539][T19720] 
[ 1865.531076][T19720] Uninit was stored to memory at:
[ 1865.536407][T19720]  pskb_expand_head+0x310/0x1610
[ 1865.541650][T19720]  do_xdp_generic+0xa79/0x1690
[ 1865.546686][T19720]  tun_get_user+0x447a/0x6b40
[ 1865.551668][T19720]  tun_chr_write_iter+0x3e9/0x5c0
[ 1865.556885][T19720]  vfs_write+0xb48/0x1580
[ 1865.561527][T19720]  __ia32_sys_write+0x1f9/0x4d0
[ 1865.566598][T19720]  ia32_sys_call+0x30f2/0x42c0
[ 1865.571551][T19720]  __do_fast_syscall_32+0xb0/0x150
[ 1865.576963][T19720]  do_fast_syscall_32+0x38/0x80
[ 1865.582013][T19720]  do_SYSENTER_32+0x1f/0x30
[ 1865.586819][T19720]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1865.593513][T19720] 
[ 1865.595958][T19720] Uninit was created at:
[ 1865.600456][T19720]  __kmalloc_node_track_caller_noprof+0x96d/0x12f0
[ 1865.607263][T19720]  kmalloc_reserve+0x22f/0x4b0
[ 1865.612272][T19720]  __alloc_skb+0x347/0x7d0
[ 1865.617012][T19720]  alloc_skb_with_frags+0xc5/0xa60
[ 1865.622315][T19720]  sock_alloc_send_pskb+0xad8/0xc70
[ 1865.627824][T19720]  tun_get_user+0x1019/0x6b40
[ 1865.632716][T19720]  tun_chr_write_iter+0x3e9/0x5c0
[ 1865.638046][T19720]  vfs_write+0xb48/0x1580
[ 1865.642595][T19720]  __ia32_sys_write+0x1f9/0x4d0
[ 1865.647788][T19720]  ia32_sys_call+0x30f2/0x42c0
[ 1865.652726][T19720]  __do_fast_syscall_32+0xb0/0x150
[ 1865.658142][T19720]  do_fast_syscall_32+0x38/0x80
[ 1865.663191][T19720]  do_SYSENTER_32+0x1f/0x30
[ 1865.667904][T19720]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1865.674568][T19720] 
[ 1865.677008][T19720] CPU: 1 UID: 0 PID: 19720 Comm: syz.4.4821 Not tainted 6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(undef) 
[ 1865.689481][T19720] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1865.699809][T19720] =====================================================
[ 1865.707011][T19720] Disabling lock debugging due to kernel taint
[ 1865.713408][T19720] Kernel panic - not syncing: kmsan.panic set ...
[ 1865.720000][T19720] CPU: 1 UID: 0 PID: 19720 Comm: syz.4.4821 Tainted: G    B               6.16.0-rc2-syzkaller-00318-g739a6c93cc75 #0 PREEMPT(undef) 
[ 1865.733944][T19720] Tainted: [B]=BAD_PAGE
[ 1865.738253][T19720] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1865.748440][T19720] Call Trace:
[ 1865.751826][T19720]  <TASK>
[ 1865.754871][T19720]  __dump_stack+0x26/0x30
[ 1865.759429][T19720]  dump_stack_lvl+0x53/0x270
[ 1865.764213][T19720]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1865.770254][T19720]  dump_stack+0x1e/0x25
[ 1865.774609][T19720]  panic+0x4bd/0xd50
[ 1865.778737][T19720]  kmsan_report+0x31c/0x320
[ 1865.783449][T19720]  ? __do_fast_syscall_32+0xb0/0x150
[ 1865.788913][T19720]  ? __msan_warning+0x1b/0x30
[ 1865.793771][T19720]  ? eth_type_trans+0x7af/0x9a0
[ 1865.798808][T19720]  ? bpf_prog_run_generic_xdp+0x12a0/0x1ff0
[ 1865.804885][T19720]  ? do_xdp_generic+0xd52/0x1690
[ 1865.809990][T19720]  ? tun_get_user+0x447a/0x6b40
[ 1865.815016][T19720]  ? tun_chr_write_iter+0x3e9/0x5c0
[ 1865.820384][T19720]  ? vfs_write+0xb48/0x1580
[ 1865.825081][T19720]  ? __ia32_sys_write+0x1f9/0x4d0
[ 1865.830304][T19720]  ? ia32_sys_call+0x30f2/0x42c0
[ 1865.835401][T19720]  ? __do_fast_syscall_32+0xb0/0x150
[ 1865.840858][T19720]  ? do_fast_syscall_32+0x38/0x80
[ 1865.846055][T19720]  ? do_SYSENTER_32+0x1f/0x30
[ 1865.850901][T19720]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1865.857612][T19720]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1865.863640][T19720]  ? kmsan_get_metadata+0xfb/0x160
[ 1865.868979][T19720]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[ 1865.875523][T19720]  ? kmsan_internal_unpoison_memory+0x14/0x20
[ 1865.881805][T19720]  ? _raw_spin_unlock_irqrestore+0x3f/0x60
[ 1865.887837][T19720]  ? stack_depot_save_flags+0x60f/0x7b0
[ 1865.893575][T19720]  ? kmsan_get_metadata+0xfb/0x160
[ 1865.898899][T19720]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[ 1865.905440][T19720]  ? kmsan_get_metadata+0xfb/0x160
[ 1865.910770][T19720]  __msan_warning+0x1b/0x30
[ 1865.915465][T19720]  eth_type_trans+0x7af/0x9a0
[ 1865.920357][T19720]  bpf_prog_run_generic_xdp+0x12a0/0x1ff0
[ 1865.926318][T19720]  do_xdp_generic+0xd52/0x1690
[ 1865.931252][T19720]  ? tun_get_user+0x3fa1/0x6b40
[ 1865.936276][T19720]  ? filter_irq_stacks+0x49/0x190
[ 1865.941508][T19720]  ? tun_get_user+0x43f5/0x6b40
[ 1865.946534][T19720]  tun_get_user+0x447a/0x6b40
[ 1865.951390][T19720]  ? stack_depot_save_flags+0x35/0x7b0
[ 1865.957036][T19720]  ? __rcu_read_unlock+0x6d/0xd0
[ 1865.962150][T19720]  ? kmsan_get_metadata+0xfb/0x160
[ 1865.967478][T19720]  ? kmsan_get_metadata+0xfb/0x160
[ 1865.972811][T19720]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[ 1865.979370][T19720]  ? kmsan_internal_unpoison_memory+0x14/0x20
[ 1865.985790][T19720]  tun_chr_write_iter+0x3e9/0x5c0
[ 1865.991022][T19720]  vfs_write+0xb48/0x1580
[ 1865.995574][T19720]  ? __pfx_tun_chr_write_iter+0x10/0x10
[ 1866.001309][T19720]  __ia32_sys_write+0x1f9/0x4d0
[ 1866.006388][T19720]  ia32_sys_call+0x30f2/0x42c0
[ 1866.011312][T19720]  __do_fast_syscall_32+0xb0/0x150
[ 1866.016611][T19720]  do_fast_syscall_32+0x38/0x80
[ 1866.021638][T19720]  do_SYSENTER_32+0x1f/0x30
[ 1866.026311][T19720]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1866.032843][T19720] RIP: 0023:0xf704e539
[ 1866.037057][T19720] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1866.056857][T19720] RSP: 002b:00000000f503e520 EFLAGS: 00000206 ORIG_RAX: 0000000000000004
[ 1866.065976][T19720] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000080000280
[ 1866.074089][T19720] RDX: 000000000000fdef RSI: 00000000f73b2ff4 RDI: 0000000000000000
[ 1866.082200][T19720] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1866.090329][T19720] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1866.098433][T19720] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1866.106658][T19720]  </TASK>
[ 1866.110060][T19720] Kernel Offset: disabled
[ 1866.114451][T19720] Rebooting in 86400 seconds..