last executing test programs:

7m51.29876616s ago: executing program 2 (id=62):
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
r4 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
sendfile(r4, r3, 0x0, 0x3a)

7m49.925717052s ago: executing program 2 (id=65):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
getsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, 0x0, 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_procs(r1, &(0x7f0000000840)='tasks\x00', 0x2, 0x0)
r3 = getpid()
write$cgroup_pid(r2, &(0x7f00000000c0)=r3, 0x12)
r4 = socket$inet(0x2, 0x1, 0x0)
shutdown(r4, 0x0)
recvmmsg(r4, &(0x7f00000066c0), 0xa0d, 0x0, 0x0)
r5 = openat$cgroup_ro(r0, &(0x7f0000000380)='memory.stat\x00', 0x0, 0x0)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendfile(r6, r5, 0x0, 0x9c)

7m49.659576717s ago: executing program 2 (id=66):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000007000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000fdffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$inet6(0xa, 0x40000080806, 0x0)
connect$inet6(r3, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r4}, 0x10)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)={0xc0, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x74, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8}, {0x8, 0x2, @multicast2}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_PROTO={0x43, 0x2, 0x0, 0x1, {0x5, 0x1, 0x6}}, @CTA_TUPLE_PROTO={0xc, 0x3, 0x0, 0x1, {0x5}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, {0x14, 0x4, @local}}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x8, 0x2, @multicast2}}}]}, @CTA_TIMEOUT={0x8}, @CTA_HELP={0xc, 0x5, 0x0, 0x1, {0x8, 0x1, 'RAS\x00'}}]}, 0xc0}}, 0x0)

7m49.381953454s ago: executing program 2 (id=69):
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
sched_setscheduler(0x0, 0x2, &(0x7f0000001700)=0x4)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000380)={[{@delalloc}, {@bsdgroups}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@errors_remount}, {@inode_readahead_blks}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='mounts\x00')
r1 = open(&(0x7f0000000080)='./file1\x00', 0x10b942, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0)
mount$bind(&(0x7f0000000040)='./file0/../file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x1a158c0, 0x0)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
sendfile(r1, r0, 0x0, 0x80000000)

7m47.327053226s ago: executing program 2 (id=75):
mknod(0x0, 0x1000, 0x0)
syz_read_part_table(0x1061, &(0x7f0000000000)="$eJzsz7FNw0AYBeBnW7ZBUDGBKwpGYA3EEGzhhiloqDNBUmWXSGmyxEW2ZXmDJMX3Ff/pnu7p9Ie76pIMdVLyeqjm5PN8+kn+Pl6mS1uNXfJWbYVxOZ6mUefSD791klLKfklW/Ty/npt2Lf9P75oc37efv3c3WRIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHtw1AAD//2COD5g=")
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, 0x0})
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r1}, 0x18)
mkdir(0x0, 0x8b)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
bpf$OBJ_PIN_PROG(0x6, &(0x7f00000001c0)=@generic={&(0x7f0000000180)='./file0\x00', r2}, 0x18)
personality(0x1000009)
quotactl$Q_QUOTAON(0xffffffff80000102, &(0x7f0000000140)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)

7m46.735737401s ago: executing program 2 (id=76):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
ioctl$VIDIOC_S_HW_FREQ_SEEK(0xffffffffffffffff, 0x40305652, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x9, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0xffffffdd, 0xa}, [@ldst={0x3, 0x0, 0x3, 0x1c10a1}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x9, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x19, &(0x7f0000000000), 0xb5, 0x10, &(0x7f0000000000), 0x7, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000080)='./bus\x00', 0xc, &(0x7f0000000380)={[{@acl}, {@cache_strategy_readaround}, {@dax}, {@cache_strategy_disabled}, {@nouser_xattr}, {@dax}]}, 0x3, 0x1b1, &(0x7f00000000c0)="$eJzsmM1LG0EYxp+Z3WxIT+21FFpooOmhm91NWwql0Jxy6KXQD/EiBrOG6MZIsgcTEOLRk3+Df4J4Fw9evQleVRC8ePS8MrOjOxrzISRB8P0d3jwz82Y+3t08AwFBEM+Ws9Ork/XN81cc6GaQRVr1XxhJDtfymzu/cm8OS+7e3MH3493S0f353gGIotHXF3PvFw2Eqh1Fd7+dVZ9/wZFFRup/4Pio+mfAYCs9D47/SvtgmFV6SdMNkW/bi7XAtxcaQUUIRwRXBE+Egr6+CeByg6Gi7Y9p4612Z7kcBH6zV1j9hx4nBtVP7q/I8QOI1COL9Od1UxtH1i/GBYerdAEMf5T+hrSqDe85/2szOb8x2vnHKVLi1RuUszW51U1M4YAkhgh0Y5FGMsSn9fpNRojfzxPYxoRE4h/RNsMHzT9NzT/yYX31Z6vd+VSrl6t+1V/xvMJX57PjfPHy0pvjOMD/MtKfXmjzp/rkWszCWjkMm24cb9teHB9yXEv6H0fufdxmqk9H3gcvmbj6kDNUmyAIgiAIgiAIgiAIgiAIYuy8BZP/gg7B+y2zrwMAAP//Ub9tHw==")

7m45.925478779s ago: executing program 32 (id=76):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
ioctl$VIDIOC_S_HW_FREQ_SEEK(0xffffffffffffffff, 0x40305652, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x9, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0xffffffdd, 0xa}, [@ldst={0x3, 0x0, 0x3, 0x1c10a1}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x9, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x19, &(0x7f0000000000), 0xb5, 0x10, &(0x7f0000000000), 0x7, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$erofs(&(0x7f0000000000), &(0x7f0000000080)='./bus\x00', 0xc, &(0x7f0000000380)={[{@acl}, {@cache_strategy_readaround}, {@dax}, {@cache_strategy_disabled}, {@nouser_xattr}, {@dax}]}, 0x3, 0x1b1, &(0x7f00000000c0)="$eJzsmM1LG0EYxp+Z3WxIT+21FFpooOmhm91NWwql0Jxy6KXQD/EiBrOG6MZIsgcTEOLRk3+Df4J4Fw9evQleVRC8ePS8MrOjOxrzISRB8P0d3jwz82Y+3t08AwFBEM+Ws9Ork/XN81cc6GaQRVr1XxhJDtfymzu/cm8OS+7e3MH3493S0f353gGIotHXF3PvFw2Eqh1Fd7+dVZ9/wZFFRup/4Pio+mfAYCs9D47/SvtgmFV6SdMNkW/bi7XAtxcaQUUIRwRXBE+Egr6+CeByg6Gi7Y9p4612Z7kcBH6zV1j9hx4nBtVP7q/I8QOI1COL9Od1UxtH1i/GBYerdAEMf5T+hrSqDe85/2szOb8x2vnHKVLi1RuUszW51U1M4YAkhgh0Y5FGMsSn9fpNRojfzxPYxoRE4h/RNsMHzT9NzT/yYX31Z6vd+VSrl6t+1V/xvMJX57PjfPHy0pvjOMD/MtKfXmjzp/rkWszCWjkMm24cb9teHB9yXEv6H0fufdxmqk9H3gcvmbj6kDNUmyAIgiAIgiAIgiAIgiAIYuy8BZP/gg7B+y2zrwMAAP//Ub9tHw==")

6m38.796261325s ago: executing program 4 (id=268):
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f00000000c0))
socket$nl_route(0x10, 0x3, 0x0)
socket$key(0xf, 0x3, 0x2)
syz_open_dev$tty20(0xc, 0x4, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r1=>0x0], 0x40000012})
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
syz_io_uring_setup(0x110, &(0x7f0000000140)={0x0, 0xfad6}, 0x0, 0x0)
socket$nl_sock_diag(0x10, 0x3, 0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000180)={0x0, 0x1, &(0x7f0000000340)=[r1], &(0x7f0000000280)=[0x18], &(0x7f0000000200), &(0x7f0000000240), 0x0, 0x7f})

6m34.671402321s ago: executing program 4 (id=270):
r0 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xe, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet6(0xa, 0x3, 0xff)
write$binfmt_aout(r4, 0x0, 0x28)
bind$bt_rfcomm(r0, &(0x7f0000000080)={0x1f, @none, 0xff}, 0xa)
connect$bt_rfcomm(r0, &(0x7f00000000c0)={0x1f, @none, 0x6}, 0xa)

6m32.32938833s ago: executing program 4 (id=278):
r0 = signalfd(0xffffffffffffffff, &(0x7f0000000140), 0x8)
ppoll(&(0x7f0000000000)=[{r0}], 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xb, &(0x7f0000000140), 0x0)
r1 = gettid()
rt_sigqueueinfo(r1, 0x21, &(0x7f0000001500))
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x400c84, &(0x7f0000000340), 0x1, 0x786, &(0x7f0000001900)="$eJzs3c9rHGUfAPDvbJKmTfu+yQsvaL0YEDRQmpgaWwWFigcRLBT0bLtstqFmky3ZTWlCQIsIXgQVD4JeevLgj3rz6o+r/hcexFI1LVY8SGQ2s+2m2U03abIbzecDk32emdl8n+/Or2d3hpkA9qzh9E8u4nBEvJtEDGbjk4joq5V6I06uzndreamQDkmsrLz8a1Kb5+byUiEa3pM6mFUejIhv34o4klsft7KwOJ0vlYpzWX2sOnNhrLKwePT8TH6qOFWcPT4+MXHsxJMnjm9frr//sHjo2nsvPPbFyT/ffODqO98lcTIOZdMa89iyZ9dWh2M4+0z60o9wjefvO9juknS7AWxJumn2rG7lcTgGo6dWAgD+zV6PiBUAYI9JHP8BYI+p/w5wc3mpUB+6+4tEZ11/LiL2r+ZfP7+5OqU3O2e3v3YedOBmsubMSBIRQ9sQfzgiPv7q1c/SIbbrPCRAG964HBFnh4bX7/+TddcsbNbjG0zbl70O3zU+je8MNHTG12n/56lm/b/c7f5PNOn/9DfZdrei2fa/ZsSBbQiygeufRDzTcG3brYb8M0M9We0/tT5fX3LufKmY7tv+GxEj0def1sc3iDFy468braY19v9+e/+1T9P46eudOXI/9/avfc9kvpq/n5wbXb8c8VBvs/yT28s/adH/Pd1mjBeffvujVtPS/NN868P6/CO7OmlnrFyJeLTp8r9zRVuy4fWJY7XVYay+UjTx5Y8fDrSK37j80yGNX/8u0Anp8h/YOP+hpPF6zcrmY3x/ZfCbVtPunX/z9X9f8kqtXO9HXMpXq3PjEfuSl9aPP3bnvZfyD2el1fnT/Eceab79b7T+p98Jz7aZf++1Xz7fev47K81/clPLf/OFq7eme1rFb2/5T9RKI9mYdvZ/7Tbwfj47AAAAAAAAAAAAAAAAAAAAAAAAAGhXLiIORZIbvV3O5UZHV5/h/f8YyJXKleqRc+X52cmoPSt7KPpy9VtdDjbcD3U8ux9+vX7srvoTEfG/iPig/0BSv4/iZJdzBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC6gy2e/5/6qb/brQMAdsz+bjcAAOg4x38A2Hsc/wFg72nv+N+z4+0AADrH938A2Hsc/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANhhp0+dSoeVP5aXCml98uLC/HT54tHJYmV6dGa+MFooz10YnSqXp0rF0UJ55l7/r1QuX5iI2flLY9VipTpWWVg8M1Oen62eOT+TnyqeKfZ1JCsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2JzKwuJ0vlQqzilsobCyO5rR/UJPtjrtlvZ0tJDsjmZsc6HLOyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAf4i/AwAA//+3ACFj")
r2 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
writev(r2, &(0x7f0000000080)=[{&(0x7f0000000040)='o', 0x1}], 0x1)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27fffff, 0x4002011, r2, 0x0)
r3 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x108)
pwritev2(r3, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x7a00, 0x0, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r4 = open(&(0x7f0000000080)='./bus\x00', 0x147842, 0x1)
preadv2(r4, &(0x7f0000000040)=[{&(0x7f0000001200)=""/4096, 0xfffffdef}], 0x1, 0x0, 0x0, 0x0)

6m30.48342001s ago: executing program 4 (id=282):
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1)
r1 = dup(r0)
ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0x5)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r2 = syz_io_uring_setup(0x239, &(0x7f0000000080)={0x0, 0xfffffffd, 0x200, 0x0, 0x0, 0x0, r1}, &(0x7f0000000000)=<r3=>0x0, &(0x7f0000000140)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000380)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000002140)={0x26, 'aead\x00', 0x0, 0x0, 'authencesn(michael_mic-generic,xchacha20-generic)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000000340), 0x0)
io_uring_enter(r2, 0x2def, 0x0, 0x0, 0x0, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000200)={'geneve0\x00', <r7=>0x0})
pipe2(&(0x7f0000000100), 0x84800)
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="4400000010000100"/20, @ANYRES32=r7, @ANYBLOB="00000000000000001c0012800b00010067656e65766500000c00028008000200ac1414bb080004"], 0x44}, 0x1, 0x2}, 0x0)

6m28.647105568s ago: executing program 4 (id=287):
syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff"], 0x15)
r2 = dup(r1)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}})
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="a8"], 0xa8)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000580)={0xa8, 0x0, 0x0, [{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee00, 0x0, 0x0, 0xffff7fff}}}]}, 0xa8)
write$FUSE_BMAP(r2, &(0x7f00000000c0)={0x18}, 0x18)
write$FUSE_INIT(r2, &(0x7f0000000440)={0x50}, 0x50)
write$FUSE_INIT(r2, &(0x7f00000001c0)={0x50}, 0x50)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}})
r3 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
mkdirat(r3, &(0x7f0000000800)='./file0\x00', 0x8c)

6m26.199858964s ago: executing program 4 (id=293):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x2000040, &(0x7f00000007c0)={[{@errors_remount}, {@nodiscard}, {@noquota}, {@init_itable}, {@data_err_ignore}, {@resgid}, {@sysvgroups}, {@delalloc}, {@usrquota}]}, 0x10, 0x4e6, &(0x7f0000000e00)="$eJzs3dFrHFsZAPBvJtk2bXNNrvpwveC9F28lLdrdpLFt8KFWEPtUsFbwscZkE0I22ZDdtE0okuK7gogKPvnki+AfIEhffROxoO9SRRFtFfRBXdnZ2drG3SaS7U5Nfj84nXNmdvf7TsvOzJk53Qng2HovIq5FxEhEnI+IiXx9mpfr7e03O697+uT+Qrsk0Wrd+lMSSb6u+1lJvjwTEbsRMRYRX7we8dXkv+M2tndW52u16mberjTXNiqN7Z0LK2vzy9Xl6vrs7MzluStzl+amu2/522H6ORkRVz/3u+9884efv/rTT979ze0/nPtaO63xfPvz/RikTtdL2d9F12hEbL6KYAUYyZelPtu/MTLEZAAA2Ff7HP+DEfGx7Px/Ikays1MAAADgKGl9Zjz+kUS0AAAAgCMrzebAJmk5nwswHmlaLnfm8H44Tqe1eqP5iaX61vpiZ67sZJTSpZVadTqfKzwZpaTdnsnn2HbbF/e0ZyPizYj49sSprF1eqNcWi774AQAAAMfEmT3j/79OZOP/k0XnBQAAAAzYZNEJAAAAAK+c8T8AAAAcfcb/AAAAcKR94caNdml1n3+9eGd7a7V+58JitbFaXttaKC/UNzfKy/X6cvabfWv7fV6tXt/4VKxv3as0q41mpbG9c3utvrXevL3ywiOwAQAAgCF6892Hv04iYvfTp7LSdqLopIChSPbZnj0k5HHe+O0QEgKGZqToBIDCjBadAFCYUtEJAAX65c++fHX/V/WdvPPzAacDAAC8MlMf6X//37UBONrSohMAAIbO/X84vkovzgC8VFwmQFE+sM/2w9//b7X+p4QAAICBG89Kkpbze4HjkablcsQb2WMBSsnSSq06nY8PfjVROtluz2TvTPb9v8MAAAAAAAAAAAAAAAAAAAAAAAAAQEerlUQLAAAAONIi0t8n2a/5R0xNnB3fe33gRPL3iWwZEXe/f+u79+abzc2Z9vo/P1vf/F6+/mIRVzAAAACAvbrj9O44HgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG6emT+wvdMsy4f/xsREz2jP/uWLYYi1JEnP5LEqPPvS+JiJEBxN99EBFv9YqftNOKyehk0Sv+qQLjpxFxZgDx4Th72N7/XOv1/UvjvWzZ+/s3mpfD6r//S6O7/xvps/9544Ax3n7040rf+A8i3h7tvf/pxk/6xH//gPG/8qWdnX7bWj+ImOp5/EleiFVprm1UGts7F1bW5pery9X12dmZy3NX5i7NTVeWVmrV/M+eMb710Z/862X9P90n/uQ+/T97wP7/89G9Jx/qVEu94p97v/fx9608/ok98dP82PfxvN7OZapb3+3Un/fOj37xzsv6v9in/8/+/XscaNsxzx2w/+dvfv3xAV8KAAxBY3tndb5Wq27+P1bSeC3SUBlI5eTrkcZRqYzF4T6n6D0TAAAwaP856S86EwAAAAAAAAAAAAAAAAAAADi+hvFrZHtj7hbTVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAl/p3AAAA//+0hNvX")
r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
r1 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
read$FUSE(r1, 0x0, 0x0)
write$FUSE_IOCTL(r1, &(0x7f0000000000)={0x20, 0x0, 0x0, {0x5, 0x0, 0x9, 0x5}}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r2 = open(&(0x7f0000000100)='./bus\x00', 0x14113e, 0x0)
write$binfmt_script(r2, &(0x7f0000000080), 0x208e24b)
fallocate(r0, 0x3, 0x0, 0x1a00)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

6m10.490410017s ago: executing program 33 (id=293):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x2000040, &(0x7f00000007c0)={[{@errors_remount}, {@nodiscard}, {@noquota}, {@init_itable}, {@data_err_ignore}, {@resgid}, {@sysvgroups}, {@delalloc}, {@usrquota}]}, 0x10, 0x4e6, &(0x7f0000000e00)="$eJzs3dFrHFsZAPBvJtk2bXNNrvpwveC9F28lLdrdpLFt8KFWEPtUsFbwscZkE0I22ZDdtE0okuK7gogKPvnki+AfIEhffROxoO9SRRFtFfRBXdnZ2drG3SaS7U5Nfj84nXNmdvf7TsvOzJk53Qng2HovIq5FxEhEnI+IiXx9mpfr7e03O697+uT+Qrsk0Wrd+lMSSb6u+1lJvjwTEbsRMRYRX7we8dXkv+M2tndW52u16mberjTXNiqN7Z0LK2vzy9Xl6vrs7MzluStzl+amu2/522H6ORkRVz/3u+9884efv/rTT979ze0/nPtaO63xfPvz/RikTtdL2d9F12hEbL6KYAUYyZelPtu/MTLEZAAA2Ff7HP+DEfGx7Px/Ikays1MAAADgKGl9Zjz+kUS0AAAAgCMrzebAJmk5nwswHmlaLnfm8H44Tqe1eqP5iaX61vpiZ67sZJTSpZVadTqfKzwZpaTdnsnn2HbbF/e0ZyPizYj49sSprF1eqNcWi774AQAAAMfEmT3j/79OZOP/k0XnBQAAAAzYZNEJAAAAAK+c8T8AAAAcfcb/AAAAcKR94caNdml1n3+9eGd7a7V+58JitbFaXttaKC/UNzfKy/X6cvabfWv7fV6tXt/4VKxv3as0q41mpbG9c3utvrXevL3ywiOwAQAAgCF6892Hv04iYvfTp7LSdqLopIChSPbZnj0k5HHe+O0QEgKGZqToBIDCjBadAFCYUtEJAAX65c++fHX/V/WdvPPzAacDAAC8MlMf6X//37UBONrSohMAAIbO/X84vkovzgC8VFwmQFE+sM/2w9//b7X+p4QAAICBG89Kkpbze4HjkablcsQb2WMBSsnSSq06nY8PfjVROtluz2TvTPb9v8MAAAAAAAAAAAAAAAAAAAAAAAAAQEerlUQLAAAAONIi0t8n2a/5R0xNnB3fe33gRPL3iWwZEXe/f+u79+abzc2Z9vo/P1vf/F6+/mIRVzAAAACAvbrj9O44HgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG6emT+wvdMsy4f/xsREz2jP/uWLYYi1JEnP5LEqPPvS+JiJEBxN99EBFv9YqftNOKyehk0Sv+qQLjpxFxZgDx4Th72N7/XOv1/UvjvWzZ+/s3mpfD6r//S6O7/xvps/9544Ax3n7040rf+A8i3h7tvf/pxk/6xH//gPG/8qWdnX7bWj+ImOp5/EleiFVprm1UGts7F1bW5pery9X12dmZy3NX5i7NTVeWVmrV/M+eMb710Z/862X9P90n/uQ+/T97wP7/89G9Jx/qVEu94p97v/fx9608/ok98dP82PfxvN7OZapb3+3Un/fOj37xzsv6v9in/8/+/XscaNsxzx2w/+dvfv3xAV8KAAxBY3tndb5Wq27+P1bSeC3SUBlI5eTrkcZRqYzF4T6n6D0TAAAwaP856S86EwAAAAAAAAAAAAAAAAAAADi+hvFrZHtj7hbTVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAl/p3AAAA//+0hNvX")
r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
r1 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
read$FUSE(r1, 0x0, 0x0)
write$FUSE_IOCTL(r1, &(0x7f0000000000)={0x20, 0x0, 0x0, {0x5, 0x0, 0x9, 0x5}}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r2 = open(&(0x7f0000000100)='./bus\x00', 0x14113e, 0x0)
write$binfmt_script(r2, &(0x7f0000000080), 0x208e24b)
fallocate(r0, 0x3, 0x0, 0x1a00)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

35.84842621s ago: executing program 3 (id=1270):
openat$dsp1(0xffffffffffffff9c, &(0x7f0000000200), 0x20401, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$igmp6(0xa, 0x3, 0x2)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040))
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {}, {0x0, 0x4}]})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x20000000, 0x440, 0x821, 0x0, 0x0, 0x2004cb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000], 0x0, 0x200306})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

35.145939631s ago: executing program 3 (id=1273):
r0 = syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x2012c31, &(0x7f0000000280)={[{@nombcache}, {}, {@jqfmt_vfsv0}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x7fffffff}}, {@norecovery}]}, 0x9, 0x610, &(0x7f0000001180)="$eJzs3c1vVFUbAPDnTqcftO/7tpA3KppIE2MgUVpawBBjIsQtIfixc1VpIUihhNZokcSS4EZj3LgwceVC/C+U6NaFWxduXBkSYgwLMShj7vROnc50+jF05paZ3y9ceu69ufc8AzycM2fOuRNA1xpNfytE7I2Iy0nEcNW5YmQnR9Nf17Oj184kUSq9/lsS1z5IlqrvlWQ/h7KL/x6O5MdCxJ6e+nrnF69emJqdnbmS7Y8vXLw8Pr949eD5i1PnZs7NXJp8YfLY0SNHj00cqrny5ndbeX3FqvLJG2+/O/zRqTe/+uJ+MvH1z6eSOB4Pstju/n7tTO21/VupaA2jMRqlZfdqYzr2kPfeKf4YXv1nnEpqD7Bjnc3+PfZGxOMxHD1Vf5vD8eGruQYHtFQpiUobBXSdpKn8H9j+QIA2q/QD0ve/lW3jXkOhxb0SoB3unFgeAFjO/d7y+N7ymeLy2GAMlMcGBu8mq8Z5koioHZlrRlrHD9+fupFu0WAcDmiNpeuVUe7a9j8p5+ZIDJT3Bu8WVuV/oWpLj7/WZP2jNfvyH9pn6aneiCey9r8vms7/t5qsX/4DAAAAAADA9rl1IiKeX2v+X2Fl/k/fGvN/hiLi+DbUv/Hnf4XbWSHZhuqAKndORLxUN//3r+rZwSM92ef8/y3PB+gtnD0/O3MoIv4XEQeitz/dn6i5b/UM4YOf7Pm8Uf3V8//SLa2/Mhcwu9PtYs1C3OmphantefXQ3e5cj3iyPP93X3Zk9fyftP1P6tr/j19J8/vyJuvY8+zN043ObZz/QKuUvozYv+b6n3+728n6z+cYL/cHxiu9gnpPv//pN43ql/+Qn7T9H1w///uT6uf1zG/t/n0RcXixWGp0vtn+f1/yRk/l/qn3phYWrkxE9CUn649Pbi1m6FSVfKjkS5r/B55Zf/xvpf9flYe7ImJpk3U+9mDol0bntP+QnzT/p9dv/0dWt/9bL0zeHPk2e8RYndObav+PlNv0A9kR439Qrf55HJtN0FzCBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBHXCEi/hNJYWylXCiMjUUMRcT/Y7AwOze/8NzZuXcuTafnVn////DyflL5/v+Rqv3Jmv3DEbE7Ij7r2VXeHzszNzud94sHAAAAAAAAAAAAAAAAAACAHWKovOa/1F+7/j/1a0/e0QEtV8x+ynfoPsWmryz1P9TlQO4kMHSvTeT//PKP3pbHArRX4/y/d79U1tZwgDZqtv9f2OY4gPZrMv99XAAdwPgfdKtNjukNtDoOIA/afwAAAAAA6Ci79936KYmIpRd3lbdUX3bOZH/obKbwQvcyhxe6V3Eu7wiAvHiPDyQrpT/XXOzfePZ/0pqAAAAAAAAAAAAAAIA6+/da/w/dav31/+b2QydbZ/3/WsnvcQHQQRp/9Ye2Hzpd9Xv84znGAeRno9be+n8AAAAAAAAAAAAA2AEGrl6Ymp2duTK/+OgVXt4ZYWytsDS1I8LY1sKD1ty5NyJ2xgtsd6HyCI4cw8j5/yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDFPwEAAP//F3Utwg==")
bpf$MAP_CREATE(0x0, 0x0, 0x0)
ioctl$PTP_SYS_OFFSET_PRECISE(0xffffffffffffffff, 0xc0403d08, &(0x7f0000000100))
mknodat$null(r0, &(0x7f0000000000)='./bus\x00', 0x40, 0x103)
sched_setaffinity(0x0, 0x0, 0x0)
socket$inet6(0xa, 0x2, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@loopback, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x3c}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2c2, 0x29e8}}, {{@in6=@private0, 0x0, 0x2b}, 0x2, @in=@initdev={0xac, 0x1e, 0x1, 0x0}, 0x0, 0x4}}, 0xe8)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0)
r2 = socket$key(0xf, 0x3, 0x2)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f00000001c0), 0x4)
sendmsg$key(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="0203100802"], 0x10}}, 0x0)
sendmsg$key(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[], 0x10}}, 0x0)
recvmmsg(r2, &(0x7f0000000f00), 0x274, 0x10000, &(0x7f0000001000)={0x77359400})

33.408316373s ago: executing program 5 (id=1282):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB], 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000400)='rss_stat\x00', r4}, 0x10)
syz_clone(0xf4ff, 0x0, 0x0, 0x0, 0x0, 0x0)

32.226491683s ago: executing program 3 (id=1285):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)={0x64, r1, 0x5, 0x0, 0xfffffffe, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x30, 0xe, {{{}, {}, @device_b}, 0x0, @random=0x6, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @val={0x76, 0x6, {0x0, 0xfe, 0x7, 0x401}}}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}]}, 0x64}}, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000680)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={0x44, r4, 0x1, 0x70bd28, 0x25dfdbfd, {{}, {@void, @val={0x8, 0x3, r5}, @val={0xc, 0x99, {0x7ff, 0x70}}}}, [@NL80211_ATTR_IFNAME={0x14, 0x4, 'syzkaller0\x00'}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x4}]}, 0x44}, 0x1, 0x0, 0x0, 0x81}, 0x24044884)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r6)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)={0x38, r8, 0x1, 0x0, 0x0, {{}, {}, {0x1c, 0x17, {0x21, 0x0, @l2={'eth', 0x3a, 'syzkaller0\x00'}}}}}, 0x38}}, 0x0)

31.229761992s ago: executing program 5 (id=1287):
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x29, 0x24, &(0x7f00000000c0), 0x4)
socket$kcm(0x2, 0x200000000000001, 0x0)
syz_emit_ethernet(0x7a, &(0x7f0000000300)=ANY=[@ANYBLOB="856b934629faaaaaaaaaaaaa86dd60381f3400142f00fc000000000000000000000000000000ff020000000000000000000000000001042065580002892f00000000000086dd88a888be00000000100000000100000000000000080022eb00000000200000000200000000000000000000000800655800000000813e76bd5220e4"], 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setpriority(0x5, 0x0, 0x8)
r3 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r3, &(0x7f0000000080)={0x18, 0x0, {0x1, @empty, 'hsr0\x00'}}, 0x1e)
sendmmsg$sock(r3, &(0x7f0000001dc0), 0x213, 0x0)

31.213241732s ago: executing program 0 (id=1288):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
r3 = syz_open_dev$vim2m(&(0x7f0000000240), 0x200000000000000, 0x2)
ioctl$vim2m_VIDIOC_PREPARE_BUF(r3, 0xc058560f, 0x0)
r4 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x8001}, 0x4)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_MTU={0x8, 0x4, 0x44}, @IFLA_GROUP={0x8}]}, 0x30}}, 0x0)

31.050804612s ago: executing program 6 (id=1289):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
sendmsg$IPCTNL_MSG_CT_GET_UNCONFIRMED(r3, 0x0, 0x8000)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
r5 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r5, &(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, r4, {0x2, 0x0, @rand_addr=0x64010100}, 0xb}}, 0x26)
sendmmsg$inet(r5, &(0x7f0000005f80)=[{{0x0, 0x0, &(0x7f0000005dc0)=[{&(0x7f00000010c0)="7d5107673289eeae3f806c5c62db497a0299399ab6101c3b", 0x1}], 0x1}}], 0x4000000000001ce, 0x8040)

30.967851457s ago: executing program 1 (id=1290):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000190c0)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x4000, 0x44)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)={0x4c, 0x2, 0x6, 0x801, 0xe4340000, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_TYPENAME={0x12, 0x3, 'hash:net,port\x00'}]}, 0x4c}}, 0x2)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_SAVE(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x1c, 0x8, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}}, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)

29.781575577s ago: executing program 6 (id=1291):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000d00), 0x8)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0x3, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x17, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, 0x0, 0x0)
syz_open_procfs(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x3938700}, {0x0, 0x3938700}}, 0x0)
timer_create(0x0, &(0x7f0000000180)={0x0, 0x13, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000240)=<r1=>0x0)
timer_settime(r1, 0x0, &(0x7f0000000340)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
pause()

29.129044125s ago: executing program 0 (id=1292):
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, 0x0, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd600a847500140600fe8000"/34, @ANYRES32=0x41424344], 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004000}, 0x14)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

28.668628652s ago: executing program 5 (id=1293):
sendmsg$IPVS_CMD_GET_SERVICE(0xffffffffffffffff, 0x0, 0x40010)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_io_uring_setup(0x95, &(0x7f0000000140), &(0x7f0000000240)=<r5=>0x0, &(0x7f0000000100)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f00000004c0)={0x24102}, &(0x7f0000000500)='./file0\x00', 0x18})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000500), 0x101, 0x0)
io_uring_enter(r4, 0x47f6, 0xbacc, 0x0, 0x0, 0x0)

28.668277142s ago: executing program 6 (id=1294):
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_RX_RING(r0, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000180)={'batadv_slave_0\x00', <r2=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000140)=0x1, 0x4)
bind$xdp(r0, &(0x7f0000000100)={0x2c, 0x0, r2}, 0x10)
r3 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r3, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
setsockopt$XDP_UMEM_COMPLETION_RING(r3, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_RX_RING(r3, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000580)={'batadv_slave_0\x00', <r5=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r3, 0x11b, 0x5, &(0x7f0000000140)=0x1, 0x4)
bind$xdp(r3, &(0x7f0000000100)={0x2c, 0x0, r5}, 0x10)

28.656677793s ago: executing program 1 (id=1295):
socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xe, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$USBDEVFS_CONTROL(0xffffffffffffffff, 0xc0105500, &(0x7f0000000000)={0x80, 0x6, 0x301, 0x0, 0x2, 0x0, 0x0})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)={0x20, r4, 0x6a98047402e98331, 0x0, 0x0, {}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}]}, 0x20}}, 0x0)

28.387409779s ago: executing program 0 (id=1296):
r0 = syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x2012c31, &(0x7f0000000280)={[{@nombcache}, {}, {@jqfmt_vfsv0}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x7fffffff}}, {@norecovery}]}, 0x9, 0x610, &(0x7f0000001180)="$eJzs3c1vVFUbAPDnTqcftO/7tpA3KppIE2MgUVpawBBjIsQtIfixc1VpIUihhNZokcSS4EZj3LgwceVC/C+U6NaFWxduXBkSYgwLMShj7vROnc50+jF05paZ3y9ceu69ufc8AzycM2fOuRNA1xpNfytE7I2Iy0nEcNW5YmQnR9Nf17Oj184kUSq9/lsS1z5IlqrvlWQ/h7KL/x6O5MdCxJ6e+nrnF69emJqdnbmS7Y8vXLw8Pr949eD5i1PnZs7NXJp8YfLY0SNHj00cqrny5ndbeX3FqvLJG2+/O/zRqTe/+uJ+MvH1z6eSOB4Pstju/n7tTO21/VupaA2jMRqlZfdqYzr2kPfeKf4YXv1nnEpqD7Bjnc3+PfZGxOMxHD1Vf5vD8eGruQYHtFQpiUobBXSdpKn8H9j+QIA2q/QD0ve/lW3jXkOhxb0SoB3unFgeAFjO/d7y+N7ymeLy2GAMlMcGBu8mq8Z5koioHZlrRlrHD9+fupFu0WAcDmiNpeuVUe7a9j8p5+ZIDJT3Bu8WVuV/oWpLj7/WZP2jNfvyH9pn6aneiCey9r8vms7/t5qsX/4DAAAAAADA9rl1IiKeX2v+X2Fl/k/fGvN/hiLi+DbUv/Hnf4XbWSHZhuqAKndORLxUN//3r+rZwSM92ef8/y3PB+gtnD0/O3MoIv4XEQeitz/dn6i5b/UM4YOf7Pm8Uf3V8//SLa2/Mhcwu9PtYs1C3OmphantefXQ3e5cj3iyPP93X3Zk9fyftP1P6tr/j19J8/vyJuvY8+zN043ObZz/QKuUvozYv+b6n3+728n6z+cYL/cHxiu9gnpPv//pN43ql/+Qn7T9H1w///uT6uf1zG/t/n0RcXixWGp0vtn+f1/yRk/l/qn3phYWrkxE9CUn649Pbi1m6FSVfKjkS5r/B55Zf/xvpf9flYe7ImJpk3U+9mDol0bntP+QnzT/p9dv/0dWt/9bL0zeHPk2e8RYndObav+PlNv0A9kR439Qrf55HJtN0FzCBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBHXCEi/hNJYWylXCiMjUUMRcT/Y7AwOze/8NzZuXcuTafnVn////DyflL5/v+Rqv3Jmv3DEbE7Ij7r2VXeHzszNzud94sHAAAAAAAAAAAAAAAAAACAHWKovOa/1F+7/j/1a0/e0QEtV8x+ynfoPsWmryz1P9TlQO4kMHSvTeT//PKP3pbHArRX4/y/d79U1tZwgDZqtv9f2OY4gPZrMv99XAAdwPgfdKtNjukNtDoOIA/afwAAAAAA6Ci79936KYmIpRd3lbdUX3bOZH/obKbwQvcyhxe6V3Eu7wiAvHiPDyQrpT/XXOzfePZ/0pqAAAAAAAAAAAAAAIA6+/da/w/dav31/+b2QydbZ/3/WsnvcQHQQRp/9Ye2Hzpd9Xv84znGAeRno9be+n8AAAAAAAAAAAAA2AEGrl6Ymp2duTK/+OgVXt4ZYWytsDS1I8LY1sKD1ty5NyJ2xgtsd6HyCI4cw8j5/yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDFPwEAAP//F3Utwg==")
bpf$MAP_CREATE(0x0, 0x0, 0x0)
ioctl$PTP_SYS_OFFSET_PRECISE(0xffffffffffffffff, 0xc0403d08, &(0x7f0000000100))
mknodat$null(r0, &(0x7f0000000000)='./bus\x00', 0x40, 0x103)
sched_setaffinity(0x0, 0x0, 0x0)
socket$inet6(0xa, 0x2, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@loopback, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x3c}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2c2, 0x29e8}}, {{@in6=@private0, 0x0, 0x2b}, 0x2, @in=@initdev={0xac, 0x1e, 0x1, 0x0}, 0x0, 0x4}}, 0xe8)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0)
r2 = socket$key(0xf, 0x3, 0x2)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f00000001c0), 0x4)
sendmsg$key(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="0203100802"], 0x10}}, 0x0)
sendmsg$key(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[], 0x10}}, 0x0)
recvmmsg(r2, &(0x7f0000000f00), 0x274, 0x10000, &(0x7f0000001000)={0x77359400})

26.920857985s ago: executing program 5 (id=1297):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xc304b000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_TDLS_OPER(r5, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x1c}}, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x2ba)
sendmsg$FOU_CMD_ADD(r3, &(0x7f0000000140)={0x0, 0x601, &(0x7f0000000340)={&(0x7f0000000400)={0x38, r4, 0x209, 0x0, 0x0, {}, [@FOU_ATTR_AF={0x5, 0x2, 0xa}, @FOU_ATTR_LOCAL_V6={0x14, 0x7, @loopback={0xff00000000000000}}, @FOU_ATTR_IFINDEX={0x8, 0xb, r6}]}, 0x38}}, 0x0)

26.641790532s ago: executing program 0 (id=1298):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000e80)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0xfffffff5, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x4, 0x2, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000400)=@bpf_lsm={0x1d, 0x7, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x1}, [@map_idx={0x18, 0x1, 0x5, 0x0, 0x10}, @map_idx_val={0x18, 0x2, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x4401}]}, &(0x7f0000000180)='syzkaller\x00', 0x50351f13, 0x9, &(0x7f00000002c0)=""/9, 0x40f00, 0x4, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, &(0x7f0000000300)={0x6, 0x1}, 0x8, 0x10, &(0x7f0000000340)={0x3, 0x1, 0x1000ffff}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000000380)=[r0, 0x1, 0x1], &(0x7f00000003c0)=[{0x5, 0x5, 0xf, 0x2}, {0x4, 0x2, 0x6, 0xc}], 0x10, 0x4, @void, @value}, 0x94)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000280)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
lseek(r2, 0xfffffffffffffffc, 0x2)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r3}, 0x18)
unshare(0x2040400)
r4 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
unshare(0x2000400)
fsmount(r4, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0x21, 0x2, 0x3ff, 0x8, 0xa475f1e1dd18508, 0xffffffffffffffff, 0x8, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x3, 0x0, @value, @void, @value}, 0x50)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000004c0)=ANY=[@ANYRES32=r5, @ANYRES32, @ANYBLOB='7\x00\b\x00\"\x00\x00\x00', @ANYRES32=r1, @ANYBLOB, @ANYRES32, @ANYRES64=0x0], 0x20)
r6 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000900), 0x40, 0x0)
preadv(r6, &(0x7f0000000f80)=[{&(0x7f0000000d80)=""/76, 0x4c}, {&(0x7f0000000e00)=""/6, 0x6}], 0x2, 0x0, 0x1)

26.49251582s ago: executing program 1 (id=1299):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_io_uring_setup(0x5bf, 0x0, &(0x7f0000000240), &(0x7f0000000200))
r3 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_udp_int(r3, 0x11, 0x67, &(0x7f0000000040)=0x91, 0x4)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x4e2a, 0xffffffff, @mcast2, 0x9}, 0x1c)
sendmmsg$inet6(r3, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)

26.317654851s ago: executing program 6 (id=1300):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x8, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000ac0)=ANY=[], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000d00)='sched_switch\x00', r3}, 0x10)
syz_mount_image$fuse(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="020d0000100000000000000000000000080012000200020000000000000000001000320003000000000000000000000010006c00ffff00000000000000000000fc020000000000000000000000000000030005000000000002000000ac1414aa0000000000000000030006000000000002"], 0x80}}, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'syz_tun\x00'})

25.855345918s ago: executing program 3 (id=1301):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$alg(0x26, 0x5, 0x0)
r3 = add_key(&(0x7f0000000000)='big_key\x00', 0x0, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_PKEY_SIGN(0x1b, &(0x7f0000001180)={r3}, 0x0, 0x0, 0x0)
ioctl$VIDIOC_S_SELECTION(0xffffffffffffffff, 0xc040565f, 0x0)
r4 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)={0x14, 0x42, 0xa01}, 0x14}}, 0x0)

25.678571188s ago: executing program 5 (id=1302):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1d, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x6)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x1000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
getsockopt$nfc_llcp(0xffffffffffffffff, 0x6, 0x21, 0x0, 0x2000e863)
r3 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r3, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000200040010000800054004000000", 0x58}], 0x1)

25.64096047s ago: executing program 0 (id=1303):
r0 = socket$xdp(0x2c, 0x3, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
setsockopt$XDP_UMEM_COMPLETION_RING(r1, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_RX_RING(r1, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
setsockopt$XDP_UMEM_FILL_RING(r1, 0x11b, 0x5, &(0x7f0000000340)=0x8000, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000200)={'batadv_slave_1\x00', <r5=>0x0})
setsockopt$XDP_TX_RING(r1, 0x11b, 0x3, &(0x7f0000000180)=0x2, 0x4)
bind$xdp(r1, &(0x7f0000000100)={0x2c, 0x0, r5}, 0x10)
bind$xdp(r0, 0x0, 0x0)

23.940644291s ago: executing program 3 (id=1304):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
socket$packet(0x11, 0x2, 0x300)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmmsg$unix(r4, &(0x7f0000004cc0)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000380)="a1", 0x1}], 0x1, &(0x7f0000000a40)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r3, @ANYBLOB="000000001400000000000000010000", @ANYRES32=r4], 0x30, 0x40400d1}}], 0x1, 0x10)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
splice(r3, 0x0, r5, 0x0, 0x400000, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)

23.640210898s ago: executing program 1 (id=1305):
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000480)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$inet6_sctp(0xa, 0x801, 0x84)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='netlink_extack\x00'}, 0x10)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000400)=@newtaction={0x9c, 0x30, 0x48b, 0x0, 0x0, {}, [{0x88, 0x1, [@m_ctinfo={0x30, 0x2, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc}, {0xc}}}, @m_nat={0x54, 0x1, 0x0, 0x0, {{0x8}, {0x2c, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{}, @multicast2, @remote}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x9c}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)

20.807871505s ago: executing program 5 (id=1306):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x9}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xffd, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/14, @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
write$uinput_user_dev(0xffffffffffffffff, 0x0, 0x0)
clock_settime(0x0, &(0x7f00000002c0)={0x77359400})
exit(0x0)

20.766260388s ago: executing program 1 (id=1307):
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000040)={<r0=>0x0, <r1=>0x0})
close(r0)
setsockopt$sock_attach_bpf(r1, 0x10f, 0x87, &(0x7f0000000180), 0x4bd)
socketpair(0x1e, 0x80005, 0x0, &(0x7f0000000000)={<r2=>0x0, <r3=>0x0})
close(r2)
setsockopt$sock_attach_bpf(r3, 0x10f, 0x87, &(0x7f0000000180), 0x127)
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000040)={<r4=>0x0, <r5=>0x0})
close(r4)
setsockopt$sock_attach_bpf(r5, 0x10f, 0x87, &(0x7f0000000180), 0x4bd)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x0, 0x4, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
socketpair(0x1e, 0x80005, 0x0, &(0x7f0000000000)={<r6=>0x0, <r7=>0x0})
close(r6)
setsockopt$sock_attach_bpf(r7, 0x10f, 0x87, &(0x7f0000000180), 0x127)
r8 = socket$kcm(0x1e, 0x4, 0x0)
setsockopt$sock_attach_bpf(r8, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
sendmsg$kcm(r8, &(0x7f0000000100)={&(0x7f0000001540)=@tipc=@name={0x1e, 0x2, 0x0, {{0x0, 0x4}}}, 0x80, 0x0}, 0x0)

20.765739158s ago: executing program 0 (id=1308):
openat$nullb(0xffffffffffffff9c, 0x0, 0x40, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mkdir(&(0x7f0000000200)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))

20.725271541s ago: executing program 1 (id=1309):
r0 = syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x2012c31, &(0x7f0000000280)={[{@nombcache}, {}, {@jqfmt_vfsv0}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x7fffffff}}, {@norecovery}]}, 0x9, 0x610, &(0x7f0000001180)="$eJzs3c1vVFUbAPDnTqcftO/7tpA3KppIE2MgUVpawBBjIsQtIfixc1VpIUihhNZokcSS4EZj3LgwceVC/C+U6NaFWxduXBkSYgwLMShj7vROnc50+jF05paZ3y9ceu69ufc8AzycM2fOuRNA1xpNfytE7I2Iy0nEcNW5YmQnR9Nf17Oj184kUSq9/lsS1z5IlqrvlWQ/h7KL/x6O5MdCxJ6e+nrnF69emJqdnbmS7Y8vXLw8Pr949eD5i1PnZs7NXJp8YfLY0SNHj00cqrny5ndbeX3FqvLJG2+/O/zRqTe/+uJ+MvH1z6eSOB4Pstju/n7tTO21/VupaA2jMRqlZfdqYzr2kPfeKf4YXv1nnEpqD7Bjnc3+PfZGxOMxHD1Vf5vD8eGruQYHtFQpiUobBXSdpKn8H9j+QIA2q/QD0ve/lW3jXkOhxb0SoB3unFgeAFjO/d7y+N7ymeLy2GAMlMcGBu8mq8Z5koioHZlrRlrHD9+fupFu0WAcDmiNpeuVUe7a9j8p5+ZIDJT3Bu8WVuV/oWpLj7/WZP2jNfvyH9pn6aneiCey9r8vms7/t5qsX/4DAAAAAADA9rl1IiKeX2v+X2Fl/k/fGvN/hiLi+DbUv/Hnf4XbWSHZhuqAKndORLxUN//3r+rZwSM92ef8/y3PB+gtnD0/O3MoIv4XEQeitz/dn6i5b/UM4YOf7Pm8Uf3V8//SLa2/Mhcwu9PtYs1C3OmphantefXQ3e5cj3iyPP93X3Zk9fyftP1P6tr/j19J8/vyJuvY8+zN043ObZz/QKuUvozYv+b6n3+728n6z+cYL/cHxiu9gnpPv//pN43ql/+Qn7T9H1w///uT6uf1zG/t/n0RcXixWGp0vtn+f1/yRk/l/qn3phYWrkxE9CUn649Pbi1m6FSVfKjkS5r/B55Zf/xvpf9flYe7ImJpk3U+9mDol0bntP+QnzT/p9dv/0dWt/9bL0zeHPk2e8RYndObav+PlNv0A9kR439Qrf55HJtN0FzCBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBHXCEi/hNJYWylXCiMjUUMRcT/Y7AwOze/8NzZuXcuTafnVn////DyflL5/v+Rqv3Jmv3DEbE7Ij7r2VXeHzszNzud94sHAAAAAAAAAAAAAAAAAACAHWKovOa/1F+7/j/1a0/e0QEtV8x+ynfoPsWmryz1P9TlQO4kMHSvTeT//PKP3pbHArRX4/y/d79U1tZwgDZqtv9f2OY4gPZrMv99XAAdwPgfdKtNjukNtDoOIA/afwAAAAAA6Ci79936KYmIpRd3lbdUX3bOZH/obKbwQvcyhxe6V3Eu7wiAvHiPDyQrpT/XXOzfePZ/0pqAAAAAAAAAAAAAAIA6+/da/w/dav31/+b2QydbZ/3/WsnvcQHQQRp/9Ye2Hzpd9Xv84znGAeRno9be+n8AAAAAAAAAAAAA2AEGrl6Ymp2duTK/+OgVXt4ZYWytsDS1I8LY1sKD1ty5NyJ2xgtsd6HyCI4cw8j5/yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDFPwEAAP//F3Utwg==")
bpf$MAP_CREATE(0x0, 0x0, 0x0)
ioctl$PTP_SYS_OFFSET_PRECISE(0xffffffffffffffff, 0xc0403d08, &(0x7f0000000100))
mknodat$null(r0, &(0x7f0000000000)='./bus\x00', 0x40, 0x103)
sched_setaffinity(0x0, 0x0, 0x0)
socket$inet6(0xa, 0x2, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@loopback, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x3c}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2c2, 0x29e8}}, {{@in6=@private0, 0x0, 0x2b}, 0x2, @in=@initdev={0xac, 0x1e, 0x1, 0x0}, 0x0, 0x4}}, 0xe8)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0)
r2 = socket$key(0xf, 0x3, 0x2)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f00000001c0), 0x4)
sendmsg$key(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="0203100802"], 0x10}}, 0x0)
sendmsg$key(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[], 0x10}}, 0x0)
recvmmsg(r2, &(0x7f0000000f00), 0x274, 0x10000, &(0x7f0000001000)={0x77359400})

20.596140278s ago: executing program 3 (id=1310):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000740)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
r4 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_EVENTS(r4, 0x84, 0xb, 0x0, &(0x7f00000000c0))
syz_usb_connect(0x3, 0x96d, &(0x7f00000002c0)=ANY=[@ANYBLOB="12010102e21b5140b1134200e8a90102030109025b09040d9720090904320409f073ea090905030020"], &(0x7f0000000e00)={0x0, 0x0, 0x0, 0x0})

18.560083368s ago: executing program 6 (id=1311):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000480)={0x1, <r2=>0x0}, 0x8)
r3 = syz_io_uring_setup(0x10d, &(0x7f00000003c0), &(0x7f00000000c0)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000240)=@IORING_OP_STATX={0x15, 0x19, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r3, 0x3f70, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x16, 0x16, &(0x7f00000001c0)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000150400003d0301000000000095000f00000000006926000000000000bf67000000000000450700000fff07003506000002000000170600000ee50014bf250000000000005d670000000000006507000006000000070700004c0001000f75000000000000bf54000000000000070400000400f9ff2d440100000000009500000000000000050000000000000095000700000000000172dbabb733a0e757c7c45402000000a2d23da04d1ffc187f9955911aa1a2ba7ba030c7267c2de00435fd253cc0f0d9b2c3127c46b0f4f95345de3188f0d808398d09ee4dc258d726eae098804de25df627a64ab8efde50fd7f1d58d67e684c45e506598bae66ea1a7cd29032de94983dfab0e5043daf1b46bef5135c65377bdbe65d525743d88ef4b2ee62652b07e8a4b6e6355cecc13a5ddf4157f2bfab7201112a30274101fceee66eca91bd5fecb254ab358488c400330171128be291297947d474c570a385a44dd9ff4ae730ae9d0ae42d8814a8c96f101df7da839bcdd7b7c33c8cfe6fd599543ac604d8dd42fc66cdb79cd09ceeedce1e69f11967919f82b0276c90420d08897ee8514b43533f07132589a0a37110fd8571b1e69251bba35cd06c8bd430aafbecfd33757b7dc4803123e9107e5cceaec2a391f9b9b577295ac3864f6c1e30e6190a055953e18bedd1859acdd15af7209d15950f9195b401e74f8b5210e28d46dde2658b4695d9ac9ce7cbefc164a5454fc4da6104db281e18a8992b9f8c82b895da647e6ea4cb622314c5c48abfd620adf7757c23a31a619edcfb45a402c5fced05e5274e08a313d6c5fdd0a8d36b1a268056e6f7e9a6daa5632cda5ad2a9ebfac980c7db63137c226f712e522aad0f13b0e5b43d837d040f813d011538"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x8, &(0x7f0000000040)={0xa, 0x5}, 0x8, 0x10, &(0x7f0000000000)={0x5, 0x0, 0x1}, 0x10, r2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r6 = socket$kcm(0xa, 0x5, 0x0)
sendmsg$inet(r6, &(0x7f0000000380)={&(0x7f0000000040)={0xa, 0x0, @local}, 0x1c, &(0x7f0000000180)=[{&(0x7f0000000080)="a2", 0x34000}], 0x1, 0x0, 0x0, 0x2000}, 0x60)

16.147760229s ago: executing program 6 (id=1312):
r0 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000180)={0xa, 0x4e20}, 0x1c)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmsg$NL80211_CMD_REGISTER_BEACONS(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r2, 0x29, 0x36, &(0x7f0000000400)=ANY=[], 0x8)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000240)='bridge0\x00', 0x10)
write(r2, &(0x7f00000000c0)="8f2a0a65bd8c002b0304000e0580a7b6070d63e286a5cefe", 0x5ac)
r3 = socket(0x1d, 0x2, 0x6)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r3, 0x89f1, &(0x7f0000000240)={'gre0\x00', &(0x7f0000000000)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x2f, 0x0, @remote}}}})
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000040)={'syztnl1\x00', &(0x7f0000001ac0)={'gre0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @private, @private}}}})
listen(r0, 0x80080400)
r4 = socket$inet_dccp(0x2, 0x6, 0x0)
getsockopt$inet_int(r4, 0x10d, 0xd2, &(0x7f0000000000), &(0x7f0000000080)=0x4)
ioctl$sock_SIOCGIFVLAN_GET_VLAN_VID_CMD(r0, 0x8982, &(0x7f00000000c0))

4.500338625s ago: executing program 34 (id=1308):
openat$nullb(0xffffffffffffff9c, 0x0, 0x40, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mkdir(&(0x7f0000000200)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))

4.397526091s ago: executing program 35 (id=1309):
r0 = syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x2012c31, &(0x7f0000000280)={[{@nombcache}, {}, {@jqfmt_vfsv0}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x7fffffff}}, {@norecovery}]}, 0x9, 0x610, &(0x7f0000001180)="$eJzs3c1vVFUbAPDnTqcftO/7tpA3KppIE2MgUVpawBBjIsQtIfixc1VpIUihhNZokcSS4EZj3LgwceVC/C+U6NaFWxduXBkSYgwLMShj7vROnc50+jF05paZ3y9ceu69ufc8AzycM2fOuRNA1xpNfytE7I2Iy0nEcNW5YmQnR9Nf17Oj184kUSq9/lsS1z5IlqrvlWQ/h7KL/x6O5MdCxJ6e+nrnF69emJqdnbmS7Y8vXLw8Pr949eD5i1PnZs7NXJp8YfLY0SNHj00cqrny5ndbeX3FqvLJG2+/O/zRqTe/+uJ+MvH1z6eSOB4Pstju/n7tTO21/VupaA2jMRqlZfdqYzr2kPfeKf4YXv1nnEpqD7Bjnc3+PfZGxOMxHD1Vf5vD8eGruQYHtFQpiUobBXSdpKn8H9j+QIA2q/QD0ve/lW3jXkOhxb0SoB3unFgeAFjO/d7y+N7ymeLy2GAMlMcGBu8mq8Z5koioHZlrRlrHD9+fupFu0WAcDmiNpeuVUe7a9j8p5+ZIDJT3Bu8WVuV/oWpLj7/WZP2jNfvyH9pn6aneiCey9r8vms7/t5qsX/4DAAAAAADA9rl1IiKeX2v+X2Fl/k/fGvN/hiLi+DbUv/Hnf4XbWSHZhuqAKndORLxUN//3r+rZwSM92ef8/y3PB+gtnD0/O3MoIv4XEQeitz/dn6i5b/UM4YOf7Pm8Uf3V8//SLa2/Mhcwu9PtYs1C3OmphantefXQ3e5cj3iyPP93X3Zk9fyftP1P6tr/j19J8/vyJuvY8+zN043ObZz/QKuUvozYv+b6n3+728n6z+cYL/cHxiu9gnpPv//pN43ql/+Qn7T9H1w///uT6uf1zG/t/n0RcXixWGp0vtn+f1/yRk/l/qn3phYWrkxE9CUn649Pbi1m6FSVfKjkS5r/B55Zf/xvpf9flYe7ImJpk3U+9mDol0bntP+QnzT/p9dv/0dWt/9bL0zeHPk2e8RYndObav+PlNv0A9kR439Qrf55HJtN0FzCBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBHXCEi/hNJYWylXCiMjUUMRcT/Y7AwOze/8NzZuXcuTafnVn////DyflL5/v+Rqv3Jmv3DEbE7Ij7r2VXeHzszNzud94sHAAAAAAAAAAAAAAAAAACAHWKovOa/1F+7/j/1a0/e0QEtV8x+ynfoPsWmryz1P9TlQO4kMHSvTeT//PKP3pbHArRX4/y/d79U1tZwgDZqtv9f2OY4gPZrMv99XAAdwPgfdKtNjukNtDoOIA/afwAAAAAA6Ci79936KYmIpRd3lbdUX3bOZH/obKbwQvcyhxe6V3Eu7wiAvHiPDyQrpT/XXOzfePZ/0pqAAAAAAAAAAAAAAIA6+/da/w/dav31/+b2QydbZ/3/WsnvcQHQQRp/9Ye2Hzpd9Xv84znGAeRno9be+n8AAAAAAAAAAAAA2AEGrl6Ymp2duTK/+OgVXt4ZYWytsDS1I8LY1sKD1ty5NyJ2xgtsd6HyCI4cw8j5/yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDFPwEAAP//F3Utwg==")
bpf$MAP_CREATE(0x0, 0x0, 0x0)
ioctl$PTP_SYS_OFFSET_PRECISE(0xffffffffffffffff, 0xc0403d08, &(0x7f0000000100))
mknodat$null(r0, &(0x7f0000000000)='./bus\x00', 0x40, 0x103)
sched_setaffinity(0x0, 0x0, 0x0)
socket$inet6(0xa, 0x2, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@loopback, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x3c}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2c2, 0x29e8}}, {{@in6=@private0, 0x0, 0x2b}, 0x2, @in=@initdev={0xac, 0x1e, 0x1, 0x0}, 0x0, 0x4}}, 0xe8)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0)
r2 = socket$key(0xf, 0x3, 0x2)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f00000001c0), 0x4)
sendmsg$key(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="0203100802"], 0x10}}, 0x0)
sendmsg$key(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[], 0x10}}, 0x0)
recvmmsg(r2, &(0x7f0000000f00), 0x274, 0x10000, &(0x7f0000001000)={0x77359400})

4.183707344s ago: executing program 36 (id=1306):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x9}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xffd, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/14, @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
write$uinput_user_dev(0xffffffffffffffff, 0x0, 0x0)
clock_settime(0x0, &(0x7f00000002c0)={0x77359400})
exit(0x0)

3.997131265s ago: executing program 37 (id=1310):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000740)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
r4 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_EVENTS(r4, 0x84, 0xb, 0x0, &(0x7f00000000c0))
syz_usb_connect(0x3, 0x96d, &(0x7f00000002c0)=ANY=[@ANYBLOB="12010102e21b5140b1134200e8a90102030109025b09040d9720090904320409f073ea090905030020"], &(0x7f0000000e00)={0x0, 0x0, 0x0, 0x0})

0s ago: executing program 38 (id=1312):
r0 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000180)={0xa, 0x4e20}, 0x1c)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmsg$NL80211_CMD_REGISTER_BEACONS(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r2, 0x29, 0x36, &(0x7f0000000400)=ANY=[], 0x8)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000240)='bridge0\x00', 0x10)
write(r2, &(0x7f00000000c0)="8f2a0a65bd8c002b0304000e0580a7b6070d63e286a5cefe", 0x5ac)
r3 = socket(0x1d, 0x2, 0x6)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r3, 0x89f1, &(0x7f0000000240)={'gre0\x00', &(0x7f0000000000)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x2f, 0x0, @remote}}}})
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000040)={'syztnl1\x00', &(0x7f0000001ac0)={'gre0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @private, @private}}}})
listen(r0, 0x80080400)
r4 = socket$inet_dccp(0x2, 0x6, 0x0)
getsockopt$inet_int(r4, 0x10d, 0xd2, &(0x7f0000000000), &(0x7f0000000080)=0x4)
ioctl$sock_SIOCGIFVLAN_GET_VLAN_VID_CMD(r0, 0x8982, &(0x7f00000000c0))

kernel console output (not intermixed with test programs):

lave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   72.232264][ T4177] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   72.242603][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   72.251343][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   72.259671][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   72.270079][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   72.278898][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   72.287466][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   72.295750][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   72.303314][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   72.313415][ T4167] device veth1_vlan entered promiscuous mode
[   72.345343][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   72.358477][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   72.367451][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   72.377809][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   72.391607][ T4172] 8021q: adding VLAN 0 to HW filter on device batadv0
[   72.458054][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   72.472509][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   72.497043][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   72.536640][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   72.545027][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   72.557281][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   72.568885][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   72.578074][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   72.586448][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   72.596772][ T4167] device veth0_macvtap entered promiscuous mode
[   72.624406][ T4171] device veth0_vlan entered promiscuous mode
[   72.635277][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   72.644075][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   72.653680][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   72.666584][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   72.674649][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   72.686557][ T4167] device veth1_macvtap entered promiscuous mode
[   72.696883][ T4172] device veth0_vlan entered promiscuous mode
[   72.719906][ T4171] device veth1_vlan entered promiscuous mode
[   72.734722][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   72.743361][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   72.754803][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   72.762717][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   72.774030][  T305] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   72.781671][  T305] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   72.798426][ T4167] batman_adv: batadv0: Interface activated: batadv_slave_0
[   72.808654][ T4172] device veth1_vlan entered promiscuous mode
[   72.820416][ T4177] 8021q: adding VLAN 0 to HW filter on device batadv0
[   72.836546][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   72.845052][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   72.853519][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   72.863272][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   72.878875][ T4167] batman_adv: batadv0: Interface activated: batadv_slave_1
[   72.894832][ T4167] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   72.904082][ T4167] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   72.914606][ T4167] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   72.924005][ T4167] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   72.934638][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   72.943258][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   72.952815][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   72.986082][ T4179] 8021q: adding VLAN 0 to HW filter on device batadv0
[   73.011523][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   73.029984][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   73.043100][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   73.054957][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   73.070293][ T4171] device veth0_macvtap entered promiscuous mode
[   73.081873][ T4172] device veth0_macvtap entered promiscuous mode
[   73.105325][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   73.113956][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   73.138486][ T4171] device veth1_macvtap entered promiscuous mode
[   73.152854][ T4172] device veth1_macvtap entered promiscuous mode
[   73.189404][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   73.200484][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   73.246686][ T4172] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   73.259634][ T4172] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   73.270922][ T4172] batman_adv: batadv0: Interface activated: batadv_slave_0
[   73.282980][ T4171] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   73.294661][ T4171] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   73.304912][ T4171] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   73.315579][ T4171] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   73.327315][ T4171] batman_adv: batadv0: Interface activated: batadv_slave_0
[   73.342741][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   73.352520][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   73.361403][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   73.370887][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   73.379550][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   73.395334][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   73.404474][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   73.414069][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   73.428391][ T4172] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   73.440381][ T4172] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   73.452159][ T4172] batman_adv: batadv0: Interface activated: batadv_slave_1
[   73.461916][ T4177] device veth0_vlan entered promiscuous mode
[   73.473510][ T4171] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   73.484426][ T4171] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   73.495934][ T4171] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   73.507073][ T4171] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   73.518931][ T4171] batman_adv: batadv0: Interface activated: batadv_slave_1
[   73.547492][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   73.556739][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   73.565511][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   73.574954][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   73.584727][ T4172] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   73.595407][ T4172] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   73.604399][ T4172] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   73.613631][ T4172] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   73.630941][ T4177] device veth1_vlan entered promiscuous mode
[   73.650014][  T305] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   73.659499][  T305] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   73.669025][  T305] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   73.685690][ T4171] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   73.694866][ T4171] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   73.704320][ T4171] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   73.714390][ T4171] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   73.737048][    T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   73.747192][    T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   73.783636][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   73.791933][ T2286] Bluetooth: hci0: command 0x040f tx timeout
[   73.792525][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   73.831898][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   73.850379][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   73.863008][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   73.871729][ T2286] Bluetooth: hci2: command 0x040f tx timeout
[   73.878029][ T2286] Bluetooth: hci3: command 0x040f tx timeout
[   73.879816][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   73.884134][ T2286] Bluetooth: hci4: command 0x040f tx timeout
[   73.898991][ T2286] Bluetooth: hci1: command 0x040f tx timeout
[   73.899447][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   73.913400][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   73.928166][ T4177] device veth0_macvtap entered promiscuous mode
[   73.946874][ T4179] device veth0_vlan entered promiscuous mode
[   73.977975][ T4177] device veth1_macvtap entered promiscuous mode
[   73.983645][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   73.992889][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   74.011045][ T4179] device veth1_vlan entered promiscuous mode
[   74.032240][  T305] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   74.042393][  T305] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   74.052376][  T305] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   74.060996][  T305] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   74.104480][ T4177] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   74.106644][  T305] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   74.117625][ T4177] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   74.135082][ T4177] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   74.141877][  T305] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   74.149272][ T4177] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   74.162994][ T4177] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   74.173667][ T4177] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   74.185355][ T4177] batman_adv: batadv0: Interface activated: batadv_slave_0
[   74.203917][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   74.213168][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   74.222283][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   74.233965][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   74.254887][ T4179] device veth0_macvtap entered promiscuous mode
[   74.278710][ T4177] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   74.290121][ T4177] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   74.300469][ T4177] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   74.312018][ T4177] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   74.322543][ T4177] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   74.333456][ T4177] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   74.345482][ T4177] batman_adv: batadv0: Interface activated: batadv_slave_1
[   74.355577][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   74.364557][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   74.373926][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   74.383566][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   74.392773][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   74.418849][ T4177] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   74.452732][ T4177] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   74.468380][ T4177] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   74.484108][ T4177] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   74.498209][  T305] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   74.538977][  T305] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   74.556320][ T4179] device veth1_macvtap entered promiscuous mode
[   74.579911][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   74.597923][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   74.688405][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   74.691376][ T4179] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   74.708914][ T4179] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   74.711315][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   74.719380][ T4179] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   74.952182][ T4179] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   75.024331][ T4179] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   75.106539][ T4179] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   75.169455][ T4179] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   75.230837][ T4179] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   75.500960][ T4179] batman_adv: batadv0: Interface activated: batadv_slave_0
[   75.617492][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   75.646756][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   75.655624][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   75.680542][ T4179] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   75.692620][ T1505] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   75.701216][ T4179] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   75.706081][ T1505] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   75.721315][ T4179] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   75.732031][ T4179] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   75.742194][ T4179] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   75.752778][ T4179] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   75.763013][ T4179] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   75.788401][ T4179] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   75.804911][ T4179] batman_adv: batadv0: Interface activated: batadv_slave_1
[   75.989095][  T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   76.077135][  T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   77.415788][    C0] sched: RT throttling activated
[   77.417547][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   77.420474][ T4240] Bluetooth: hci0: command 0x0419 tx timeout
[   77.425105][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   77.445175][ T4207] Bluetooth: hci1: command 0x0419 tx timeout
[   77.451588][ T4207] Bluetooth: hci4: command 0x0419 tx timeout
[   77.457712][ T4207] Bluetooth: hci3: command 0x0419 tx timeout
[   77.463773][ T4207] Bluetooth: hci2: command 0x0419 tx timeout
[   77.516472][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   77.559123][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   77.607686][ T4179] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   77.637261][ T4179] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   77.687403][ T4179] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   77.704571][ T4179] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   77.713085][ T4262] loop0: detected capacity change from 0 to 16
[   77.828613][ T4262] erofs: (device loop0): mounted with root inode @ nid 36.
[   77.846646][  T154] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   77.854672][  T154] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   77.931884][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   78.018305][ T4228] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   78.076652][ T4228] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   78.189780][ T4245] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   78.201201][ T4167] erofs: (device loop0): erofs_readdir: invalid de[0].nameoff 0 @ nid 89
[   78.223292][ T4167] erofs: (device loop0): erofs_readdir: invalid de[0].nameoff 0 @ nid 89
[   78.235478][  T144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   78.247285][   T26] audit: type=1326 audit(1740035414.943:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4268 comm="syz.2.3" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd593c18de9 code=0x0
[   78.277232][  T144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   78.440969][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   78.554840][ T4276] device ip6gre1 entered promiscuous mode
[   80.257131][ T4300] netlink: 4 bytes leftover after parsing attributes in process `syz.4.17'.
[   82.301710][   T21] cfg80211: failed to load regulatory.db
[   82.691159][ T4315] raw_sendmsg: syz.2.21 forgot to set AF_INET. Fix it!
[   83.922051][ T4309] loop3: detected capacity change from 0 to 32768
[   85.172740][ T4355] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[   88.065854][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #142!!!
[   88.066096][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #40!!!
[   88.075430][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #40!!!
[   88.085836][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #80!!!
[   88.112713][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #02!!!
[   88.112842][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #82!!!
[   88.121682][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #02!!!
[   88.130550][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #82!!!
[   88.139708][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #82!!!
[   88.149540][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #82!!!
[   88.157396][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #82!!!
[   89.226452][ T4391] loop1: detected capacity change from 0 to 1024
[   89.330006][ T4399] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   89.450586][ T4391] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   89.755539][ T4414] loop2: detected capacity change from 0 to 164
[   90.277037][ T4418] loop1: detected capacity change from 0 to 64
[   90.368360][ T4418] =======================================================
[   90.368360][ T4418] WARNING: The mand mount option has been deprecated and
[   90.368360][ T4418]          and is ignored by this kernel. Remove the mand
[   90.368360][ T4418]          option from the mount to silence this warning.
[   90.368360][ T4418] =======================================================
[   90.970174][ T4418] Trying to free block not in datazone
[   91.787662][ T4442] netlink: 60 bytes leftover after parsing attributes in process `syz.0.56'.
[   91.812612][ T4442] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[   91.831127][    C0] vkms_vblank_simulate: vblank timer overrun
[   91.929422][ T4439] device syzkaller0 entered promiscuous mode
[   92.865975][ T4208] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   93.779429][ T4208] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   93.816831][ T4208] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 5
[   94.031660][ T4208] usb 1-1: New USB device found, idVendor=05ac, idProduct=0232, bcdDevice= 0.00
[   94.041299][ T4208] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   94.054872][ T4208] usb 1-1: config 0 descriptor??
[   94.115033][ T4208] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input5
[   94.357745][ T4442] netlink: 16 bytes leftover after parsing attributes in process `syz.0.56'.
[   95.088722][ T3531] bcm5974 1-1:0.0: could not read from device
[   95.105991][ T4208] usb 1-1: USB disconnect, device number 2
[   95.226780][ T4473] x_tables: unsorted underflow at hook 2
[   95.460958][ T4477] netlink: 12 bytes leftover after parsing attributes in process `syz.2.66'.
[   95.478848][ T4477] netlink: 31 bytes leftover after parsing attributes in process `syz.2.66'.
[   95.506269][ T4477] netlink: 'syz.2.66': attribute type 3 has an invalid length.
[   95.524936][ T4477] netlink: 'syz.2.66': attribute type 2 has an invalid length.
[   95.543802][ T4477] netlink: 31 bytes leftover after parsing attributes in process `syz.2.66'.
[   96.031221][ T4484] xt_CT: No such helper "pptp"
[   96.146160][ T4487] loop2: detected capacity change from 0 to 1024
[   96.231896][ T4487] EXT4-fs (loop2): Ignoring removed nobh option
[   97.186976][ T4487] EXT4-fs (loop2): mounted filesystem without journal. Opts: delalloc,bsdgroups,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,errors=remount-ro,inode_readahead_blks=0x0000000000000000,. Quota mode: writeback.
[   97.287519][ T4481] device veth1_to_team entered promiscuous mode
[   97.299169][ T4478] device veth1_to_team left promiscuous mode
[   97.553138][ T4501] loop0: detected capacity change from 0 to 32768
[   97.662839][ T4501] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz.0.72 (4501)
[   97.747521][ T4501] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[   97.756557][ T4501] BTRFS info (device loop0): enabling auto defrag
[   97.763115][ T4501] BTRFS info (device loop0): doing ref verification
[   97.769808][ T4501] BTRFS info (device loop0): use no compression
[   97.776210][ T4501] BTRFS info (device loop0): force clearing of disk cache
[   97.783396][ T4501] BTRFS info (device loop0): max_inline at 4096
[   97.789739][ T4501] BTRFS info (device loop0): disabling free space tree
[   97.796659][ T4501] BTRFS info (device loop0): has skinny extents
[   98.009047][ T4501] BTRFS info (device loop0): enabling ssd optimizations
[   98.023207][ T4501] BTRFS info (device loop0): clearing free space tree
[   98.031621][ T4501] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   98.041731][ T4501] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[   98.293922][  T305] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.832031][  T305] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.700959][ T4538] loop4: detected capacity change from 0 to 1024
[  101.633354][  T305] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  101.813745][  T305] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  102.606504][ T4550] chnl_net:caif_netlink_parms(): no params data found
[  103.716307][ T4550] bridge0: port 1(bridge_slave_0) entered blocking state
[  103.728067][ T4550] bridge0: port 1(bridge_slave_0) entered disabled state
[  103.807687][ T4550] device bridge_slave_0 entered promiscuous mode
[  103.866072][ T4211] Bluetooth: hci3: command 0x0409 tx timeout
[  103.908919][   T26] audit: type=1326 audit(1740035440.603:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4601 comm="syz.4.93" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f731a259de9 code=0x7ffc0000
[  103.937587][ T4550] bridge0: port 2(bridge_slave_1) entered blocking state
[  103.964568][ T4550] bridge0: port 2(bridge_slave_1) entered disabled state
[  103.992102][ T4550] device bridge_slave_1 entered promiscuous mode
[  104.020314][   T26] audit: type=1326 audit(1740035440.633:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4601 comm="syz.4.93" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f731a259de9 code=0x7ffc0000
[  104.044597][ T4602] process 'syz.4.93' launched './file0' with NULL argv: empty string added
[  104.146867][   T26] audit: type=1326 audit(1740035440.633:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4601 comm="syz.4.93" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f731a259de9 code=0x7ffc0000
[  104.169007][   T26] audit: type=1326 audit(1740035440.633:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4601 comm="syz.4.93" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f731a259de9 code=0x7ffc0000
[  104.191348][   T26] audit: type=1326 audit(1740035440.633:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4601 comm="syz.4.93" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f731a259de9 code=0x7ffc0000
[  104.214369][   T26] audit: type=1326 audit(1740035440.643:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4601 comm="syz.4.93" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f731a259de9 code=0x7ffc0000
[  104.856227][ T4610] loop4: detected capacity change from 0 to 1024
[  104.926522][ T4610] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  104.966064][ T4610] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (38281!=20869)
[  104.981565][   T26] audit: type=1326 audit(1740035440.653:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4601 comm="syz.4.93" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f731a259de9 code=0x7ffc0000
[  105.016249][ T4610] EXT4-fs error (device loop4): ext4_get_journal_inode:5160: comm syz.4.93: inode #1: comm syz.4.93: iget: illegal inode #
[  105.071278][ T4550] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  105.091039][ T4610] EXT4-fs (loop4): no journal found
[  105.115979][ T4610] EXT4-fs (loop4): can't get journal size
[  105.123104][   T26] audit: type=1326 audit(1740035440.653:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4601 comm="syz.4.93" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f731a259de9 code=0x7ffc0000
[  105.129355][ T4550] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  105.193335][ T4610] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a80ce11c, mo2=0002]
[  105.262025][ T4610] EXT4-fs (loop4): failed to initialize system zone (-22)
[  105.338698][   T26] audit: type=1326 audit(1740035440.743:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4601 comm="syz.4.93" exe="/root/syz-executor" sig=0 arch=c000003e syscall=59 compat=0 ip=0x7f731a259de9 code=0x7ffc0000
[  105.366288][ T4610] EXT4-fs (loop4): mount failed
[  105.496192][   T26] audit: type=1326 audit(1740035441.413:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4601 comm="syz.4.93" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f731a259de9 code=0x7ffc0000
[  105.670733][ T4550] team0: Port device team_slave_0 added
[  105.675217][ T4621] netlink: 8 bytes leftover after parsing attributes in process `syz.3.98'.
[  105.911147][ T4550] team0: Port device team_slave_1 added
[  105.932399][ T4621] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  105.945967][    T7] Bluetooth: hci3: command 0x041b tx timeout
[  105.952243][ T4621] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  106.366508][ T4625] bridge0: port 1(bridge_slave_0) entered disabled state
[  106.417132][ T4625] bridge0: port 2(bridge_slave_1) entered disabled state
[  109.242965][    T7] Bluetooth: hci3: command 0x040f tx timeout
[  109.306070][ T4550] batman_adv: batadv0: Adding interface: batadv_slave_0
[  109.313072][ T4550] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  109.387180][ T4651] overlayfs: failed to clone upperpath
[  109.423467][ T4550] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  109.454927][ T4646] usb usb1: usbfs: process 4646 (syz.4.104) did not claim interface 0 before use
[  109.488357][ T4550] batman_adv: batadv0: Adding interface: batadv_slave_1
[  109.495339][ T4550] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  109.574481][ T4550] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  109.725044][ T4648] netlink: 4 bytes leftover after parsing attributes in process `syz.0.107'.
[  109.886090][ T1108] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  110.013772][ T4550] device hsr_slave_0 entered promiscuous mode
[  110.024928][ T4550] device hsr_slave_1 entered promiscuous mode
[  110.050728][ T4550] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  110.073502][ T4550] Cannot create hsr debugfs directory
[  110.135884][ T1108] usb 5-1: Using ep0 maxpacket: 16
[  110.240286][  T305] device hsr_slave_0 left promiscuous mode
[  110.262287][  T305] device hsr_slave_1 left promiscuous mode
[  110.276570][ T1108] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  110.298690][  T305] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  110.301193][ T1108] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  110.327373][ T1108] usb 5-1: New USB device found, idVendor=07c0, idProduct=1525, bcdDevice= 0.00
[  110.333378][  T305] batman_adv: batadv0: Removing interface: batadv_slave_0
[  110.345858][ T1108] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  110.368259][  T305] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  110.385628][ T1108] usb 5-1: config 0 descriptor??
[  110.403656][  T305] batman_adv: batadv0: Removing interface: batadv_slave_1
[  110.423857][  T305] device bridge_slave_1 left promiscuous mode
[  110.444107][  T305] bridge0: port 2(bridge_slave_1) entered disabled state
[  110.517702][  T305] device bridge_slave_0 left promiscuous mode
[  110.524041][  T305] bridge0: port 1(bridge_slave_0) entered disabled state
[  110.543541][ T4665] loop1: detected capacity change from 0 to 32768
[  110.612529][  T305] device veth1_macvtap left promiscuous mode
[  110.625418][  T305] device veth0_macvtap left promiscuous mode
[  110.650607][  T305] device veth1_vlan left promiscuous mode
[  110.667018][  T305] device veth0_vlan left promiscuous mode
[  110.671393][ T4546] usb 5-1: USB disconnect, device number 2
[  110.691637][ T4665] XFS (loop1): Mounting V5 Filesystem
[  110.942370][ T4665] XFS (loop1): Ending clean mount
[  110.968337][ T4665] XFS (loop1): Quotacheck needed: Please wait.
[  111.703016][ T2286] Bluetooth: hci3: command 0x0419 tx timeout
[  111.732338][ T4665] XFS (loop1): Quotacheck: Done.
[  111.810031][   T26] kauditd_printk_skb: 4 callbacks suppressed
[  111.810048][   T26] audit: type=1800 audit(1740035448.503:17): pid=4665 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.109" name="file1" dev="loop1" ino=9286 res=0 errno=0
[  112.084612][  T305] team0 (unregistering): Port device team_slave_1 removed
[  112.111876][  T305] team0 (unregistering): Port device team_slave_0 removed
[  112.113960][ T4693] kvm: emulating exchange as write
[  112.148342][  T305] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  112.167959][  T305] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  112.325130][  T305] bond0 (unregistering): Released all slaves
[  112.353696][ T4172] XFS (loop1): Unmounting Filesystem
[  113.687761][ T4550] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  113.740784][ T4550] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  113.785682][ T4550] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  113.829905][ T4550] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  114.248726][ T4550] 8021q: adding VLAN 0 to HW filter on device bond0
[  114.267313][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  114.530834][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  114.781731][ T4717] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  115.107491][ T4550] 8021q: adding VLAN 0 to HW filter on device team0
[  115.201764][ T4735] netlink: 12 bytes leftover after parsing attributes in process `syz.0.121'.
[  115.216747][ T4736] netlink: 4 bytes leftover after parsing attributes in process `syz.0.121'.
[  115.226836][ T4736] device bridge_slave_1 left promiscuous mode
[  115.306391][ T4736] bridge0: port 2(bridge_slave_1) entered disabled state
[  115.379773][ T4736] device bridge_slave_0 left promiscuous mode
[  115.449430][ T4736] bridge0: port 1(bridge_slave_0) entered disabled state
[  115.870275][ T4740] netlink: 'syz.3.122': attribute type 12 has an invalid length.
[  115.879264][ T4740] netlink: 'syz.3.122': attribute type 29 has an invalid length.
[  115.887085][ T4740] netlink: 148 bytes leftover after parsing attributes in process `syz.3.122'.
[  115.896187][ T4740] netlink: 'syz.3.122': attribute type 1 has an invalid length.
[  115.903854][ T4740] netlink: 'syz.3.122': attribute type 2 has an invalid length.
[  115.911568][ T4740] netlink: 39 bytes leftover after parsing attributes in process `syz.3.122'.
[  115.948737][ T4304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  115.976778][ T4304] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  116.020146][ T4304] bridge0: port 1(bridge_slave_0) entered blocking state
[  116.027436][ T4304] bridge0: port 1(bridge_slave_0) entered forwarding state
[  116.107379][ T4304] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  116.372018][ T4535] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  116.419746][ T4535] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  116.584044][ T4535] bridge0: port 2(bridge_slave_1) entered blocking state
[  116.591289][ T4535] bridge0: port 2(bridge_slave_1) entered forwarding state
[  117.369960][ T4535] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  117.403110][ T4535] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  118.689310][ T4535] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  118.699339][ T4535] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  118.713699][ T4535] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  119.589770][ T4304] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  119.681597][ T4304] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  120.192183][ T4775] netlink: 4 bytes leftover after parsing attributes in process `syz.1.128'.
[  120.281507][ T4777] overlayfs: failed to clone upperpath
[  120.797443][ T4784] loop0: detected capacity change from 0 to 164
[  120.936672][ T4784] Unable to read rock-ridge attributes
[  120.966106][ T4550] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  120.995457][ T4550] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  121.029830][ T4304] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  121.046703][ T4304] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  121.068137][ T4304] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  121.098774][ T4304] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  121.380740][ T4304] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  123.045978][ T4535] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  123.053530][ T4535] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  123.158139][ T4550] 8021q: adding VLAN 0 to HW filter on device batadv0
[  123.320530][ T4801] loop4: detected capacity change from 0 to 8192
[  124.463543][ T4840] IPVS: sync thread started: state = MASTER, mcast_ifn = veth1_macvtap, syncid = 0, id = 0
[  125.343428][ T4853] loop1: detected capacity change from 0 to 512
[  125.454551][ T4245] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  125.507610][ T4245] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  125.672765][ T4853] EXT4-fs error (device loop1): ext4_orphan_get:1401: inode #15: comm syz.1.147: casefold flag without casefold feature
[  125.718413][ T4868] netlink: 4 bytes leftover after parsing attributes in process `syz.3.149'.
[  125.731002][ T4853] EXT4-fs error (device loop1): ext4_orphan_get:1406: comm syz.1.147: couldn't read orphan inode 15 (err -117)
[  125.795367][ T4535] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  125.824540][ T4535] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  125.932791][ T4853] EXT4-fs (loop1): mounted filesystem without journal. Opts: nobarrier,,errors=continue. Quota mode: writeback.
[  125.962633][ T4535] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  126.053116][ T4535] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  126.509346][ T4550] device veth0_vlan entered promiscuous mode
[  126.588671][ T4550] device veth1_vlan entered promiscuous mode
[  126.711169][  T305] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  126.842715][  T305] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  126.908595][ T4550] device veth0_macvtap entered promiscuous mode
[  126.980755][ T4550] device veth1_macvtap entered promiscuous mode
[  127.908367][  T305] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  127.981084][  T305] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  128.057239][ T4550] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  128.107767][ T4550] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  128.118183][ T4550] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  128.212138][ T4550] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  128.271362][ T4550] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  128.282351][ T4550] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  128.292246][ T4550] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  128.302915][ T4550] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  128.318378][ T4550] batman_adv: batadv0: Interface activated: batadv_slave_0
[  128.326812][ T4909] netlink: 4 bytes leftover after parsing attributes in process `syz.3.157'.
[  129.686477][ T4539] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  129.790996][ T4539] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  130.234017][ T4550] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  130.256298][ T4550] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  130.284857][ T4550] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  130.299280][ T4550] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  130.333271][ T4550] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  130.360937][ T4550] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  130.375438][ T4550] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  130.393720][ T4550] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  130.412106][ T4550] batman_adv: batadv0: Interface activated: batadv_slave_1
[  130.423874][ T4539] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  130.446725][ T4539] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  130.482117][ T4550] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  130.509636][ T4550] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  130.538303][ T4550] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  130.573648][ T4550] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  130.818832][ T4940] netlink: 24 bytes leftover after parsing attributes in process `syz.3.163'.
[  130.888209][  T305] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  130.919611][  T305] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  130.962113][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  132.203597][  T154] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  132.252977][  T154] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  132.330692][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  133.309103][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[  133.318833][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[  133.711845][ T4991] loop1: detected capacity change from 0 to 2048
[  134.761841][ T4991] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=2362, location=2362
[  134.881028][ T4991] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  135.001410][ T4991] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4
[  135.094881][ T4991] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  135.404957][   T26] audit: type=1800 audit(1740035472.093:18): pid=4991 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.172" name="file1" dev="loop1" ino=1346 res=0 errno=0
[  136.958996][ T4549] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  138.618351][ T5045] netlink: 28 bytes leftover after parsing attributes in process `syz.3.189'.
[  138.682584][ T5045] netlink: 'syz.3.189': attribute type 7 has an invalid length.
[  138.690345][ T5045] netlink: 4 bytes leftover after parsing attributes in process `syz.3.189'.
[  138.957876][ T5052] loop1: detected capacity change from 0 to 512
[  139.156365][ T5052] EXT4-fs (loop1): Unrecognized mount option "seclabel" or missing value
[  139.599920][ T5062] loop5: detected capacity change from 0 to 512
[  139.720237][ T5069] Cannot find del_set index 4 as target
[  140.687687][ T5063] mmap: syz.3.192 (5063) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst.
[  140.696964][ T5066] netlink: 'syz.0.195': attribute type 1 has an invalid length.
[  140.791216][ T5062] EXT4-fs (loop5): Ignoring removed bh option
[  140.856405][ T5062] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=1800c018, mo2=0002]
[  140.945286][ T5052] kvm: pic: non byte write
[  140.951307][ T5052] kvm: pic: single mode not supported
[  140.951623][ T5052] kvm: pic: non byte write
[  140.966009][ T5052] kvm: pic: single mode not supported
[  140.966157][ T5052] kvm: pic: single mode not supported
[  140.971975][ T5052] kvm: pic: single mode not supported
[  140.977635][ T5052] kvm: pic: single mode not supported
[  140.983272][ T5052] kvm: pic: level sensitive irq not supported
[  140.990142][ T5052] kvm: pic: single mode not supported
[  140.996281][ T5052] kvm: pic: level sensitive irq not supported
[  141.001877][ T5052] kvm: pic: single mode not supported
[  141.008510][ T5052] kvm: pic: single mode not supported
[  141.014054][ T5052] kvm: pic: single mode not supported
[  141.020586][ T5052] kvm: pic: single mode not supported
[  141.026069][ T5052] kvm: pic: level sensitive irq not supported
[  141.031966][ T5052] kvm: pic: non byte write
[  141.042769][ T5052] kvm: pic: level sensitive irq not supported
[  141.042852][ T5052] kvm: pic: level sensitive irq not supported
[  141.049070][ T5052] kvm: pic: level sensitive irq not supported
[  141.055229][ T5052] kvm: pic: level sensitive irq not supported
[  141.061428][ T5052] kvm: pic: level sensitive irq not supported
[  141.068357][ T5052] kvm: pic: level sensitive irq not supported
[  141.074556][ T5052] kvm: pic: level sensitive irq not supported
[  141.385109][ T5062] EXT4-fs warning (device loop5): ext4_expand_extra_isize_ea:2816: Unable to expand inode 17. Delete some EAs or run e2fsck.
[  142.115261][ T5062] EXT4-fs (loop5): 1 truncate cleaned up
[  142.121914][ T5062] EXT4-fs (loop5): mounted filesystem without journal. Opts: data_err=abort,bh,noquota,auto_da_alloc=0x0000000000000002,noinit_itable,noblock_validity,jqfmt=vfsv1,debug,,errors=continue. Quota mode: none.
[  142.170283][ T5084] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  144.417783][ T5103] overlayfs: failed to clone upperpath
[  147.520054][ T5135] loop5: detected capacity change from 0 to 256
[  147.685635][ T5135] exFAT-fs (loop5): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x99a53fd9, utbl_chksum : 0xe619d30d)
[  148.934404][ T5151] loop4: detected capacity change from 0 to 256
[  149.145428][ T5156] netlink: 8 bytes leftover after parsing attributes in process `syz.3.214'.
[  149.164547][ T5151] FAT-fs (loop4): Directory bread(block 64) failed
[  149.192025][ T5151] FAT-fs (loop4): Directory bread(block 65) failed
[  149.230809][ T5151] FAT-fs (loop4): Directory bread(block 66) failed
[  149.255863][ T5151] FAT-fs (loop4): Directory bread(block 67) failed
[  149.283114][ T5151] FAT-fs (loop4): Directory bread(block 68) failed
[  149.300128][ T5151] FAT-fs (loop4): Directory bread(block 69) failed
[  149.338028][ T5151] FAT-fs (loop4): Directory bread(block 70) failed
[  149.346118][ T5151] FAT-fs (loop4): Directory bread(block 71) failed
[  149.381836][ T5151] FAT-fs (loop4): Directory bread(block 72) failed
[  149.425919][ T5151] FAT-fs (loop4): Directory bread(block 73) failed
[  149.556567][ T5162] loop1: detected capacity change from 0 to 16
[  149.746557][ T5162] erofs: Unknown parameter '����t�5�;�
�}	�7_c��������N�����"L������a�m)p�������'6~�'
[  150.790962][ T5174] loop5: detected capacity change from 0 to 1024
[  150.949913][ T5174] EXT4-fs (loop5): Ignoring removed orlov option
[  150.978339][ T5174] EXT4-fs (loop5): Ignoring removed nomblk_io_submit option
[  150.994954][ T5174] EXT4-fs (loop5): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  151.111806][ T5174] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=8843c118, mo2=0002]
[  151.265232][ T5174] EXT4-fs (loop5): mounted filesystem without journal. Opts: noblock_validity,max_dir_size_kb=0x0000000000000009,sysvgroups,norecovery,dioread_nolock,orlov,debug,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none.
[  152.098401][ T5200] overlayfs: failed to clone upperpath
[  152.780135][   T26] audit: type=1804 audit(1740035489.453:19): pid=5206 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.217" name="/newroot/10/file1/file1" dev="loop5" ino=15 res=1 errno=0
[  153.168606][ T5214] loop4: detected capacity change from 0 to 512
[  154.152754][ T5228] netlink: 12 bytes leftover after parsing attributes in process `syz.3.228'.
[  154.175667][ T5228] netlink: 4 bytes leftover after parsing attributes in process `syz.3.228'.
[  154.184574][ T5228] device bridge_slave_1 left promiscuous mode
[  154.213259][ T5214] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  154.213991][ T5228] bridge0: port 2(bridge_slave_1) entered disabled state
[  154.233609][ T5214] ext4 filesystem being mounted at /41/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  154.295512][ T5228] device bridge_slave_0 left promiscuous mode
[  154.302618][ T5230] netlink: 'syz.1.229': attribute type 1 has an invalid length.
[  154.304959][ T5228] bridge0: port 1(bridge_slave_0) entered disabled state
[  154.573724][ T5233] loop5: detected capacity change from 0 to 32768
[  154.819900][   T26] audit: type=1326 audit(1740035491.513:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5242 comm="syz.4.231" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f731a259de9 code=0x0
[  155.762756][ T5255] lo speed is unknown, defaulting to 1000
[  155.773561][ T5255] lo speed is unknown, defaulting to 1000
[  155.781699][ T5255] lo speed is unknown, defaulting to 1000
[  155.876999][ T5255] infiniband s
z1: set active
[  155.882076][ T5255] infiniband s
z1: added lo
[  155.936240][ T4547] lo speed is unknown, defaulting to 1000
[  156.003450][ T5255] RDS/IB: s
z1: added
[  156.009810][ T5255] smc: adding ib device s
z1 with port count 1
[  156.016546][ T5255] smc:    ib device s
z1 port 1 has pnetid 
[  156.027664][ T5255] lo speed is unknown, defaulting to 1000
[  156.091748][ T5258] loop1: detected capacity change from 0 to 40427
[  156.133769][ T5255] lo speed is unknown, defaulting to 1000
[  156.170879][ T5258] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  156.179240][ T5258] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  156.200204][ T4305] lo speed is unknown, defaulting to 1000
[  156.206656][ T5258] F2FS-fs (loop1): invalid crc value
[  156.269152][ T5264] loop4: detected capacity change from 0 to 2048
[  156.291188][ T5255] lo speed is unknown, defaulting to 1000
[  156.296371][ T5258] F2FS-fs (loop1): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 39874397669)
[  156.336049][ T5258] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  156.412701][ T5255] lo speed is unknown, defaulting to 1000
[  156.421301][ T5258] F2FS-fs (loop1): recover fsync data on readonly fs
[  156.432682][ T5258] F2FS-fs (loop1): Try to recover 1th superblock, ret: -30
[  156.440444][ T5258] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  156.518319][ T5255] lo speed is unknown, defaulting to 1000
[  156.687044][ T5255] lo speed is unknown, defaulting to 1000
[  156.759649][   T26] audit: type=1326 audit(1740035493.453:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5256 comm="syz.4.235" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f731a259de9 code=0x7fc00000
[  156.767852][ T5269] overlayfs: failed to clone upperpath
[  157.717495][ T5273] loop5: detected capacity change from 0 to 8
[  159.114043][ T5285] loop4: detected capacity change from 0 to 2048
[  159.495477][ T5306] loop5: detected capacity change from 0 to 128
[  159.602565][ T5285] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  161.822180][ T5333] ODEBUG: Out of memory. ODEBUG disabled
[  164.139016][ T5355] xt_nat: multiple ranges no longer supported
[  166.425640][ T5384] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  166.550864][ T5382] loop5: detected capacity change from 0 to 2048
[  166.649134][ T5389] infiniband s
z1: set active
[  166.669539][ T5389] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  166.689354][ T5389] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  166.690425][ T5389] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  166.707919][ T5389] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  166.921902][ T4305] lo speed is unknown, defaulting to 1000
[  167.644777][ T5387] loop4: detected capacity change from 0 to 1024
[  167.769313][ T5382] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  167.795950][ T5387] EXT4-fs (loop4): Ignoring removed orlov option
[  167.795993][ T5387] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option
[  168.716587][ T5404] loop1: detected capacity change from 0 to 2048
[  168.740480][ T5387] EXT4-fs (loop4): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none.
[  169.493285][ T5404] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  170.247417][ T5421] cgroup2: Unknown parameter 'pids_localevents'
[  170.338565][ T5421] netlink: 4 bytes leftover after parsing attributes in process `syz.5.266'.
[  171.330303][   T26] audit: type=1326 audit(1740035508.023:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5430 comm="syz.1.269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96ddf92de9 code=0x7fc00000
[  171.447594][   T26] audit: type=1326 audit(1740035508.023:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5430 comm="syz.1.269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f96ddf92de9 code=0x7fc00000
[  172.055240][   T26] audit: type=1326 audit(1740035508.743:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5430 comm="syz.1.269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96ddf92de9 code=0x7fc00000
[  172.520572][   T26] audit: type=1326 audit(1740035508.773:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5430 comm="syz.1.269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7f96ddf92de9 code=0x7fc00000
[  172.565873][   T26] audit: type=1326 audit(1740035508.773:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5430 comm="syz.1.269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96ddf92de9 code=0x7fc00000
[  172.588004][    C1] vkms_vblank_simulate: vblank timer overrun
[  172.665876][   T26] audit: type=1326 audit(1740035508.773:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5430 comm="syz.1.269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96ddf92de9 code=0x7fc00000
[  172.718752][   T26] audit: type=1326 audit(1740035508.773:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5430 comm="syz.1.269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96ddf92de9 code=0x7fc00000
[  172.832920][ T5462] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  172.888517][ T5461] loop4: detected capacity change from 0 to 2048
[  172.915348][   T26] audit: type=1326 audit(1740035508.773:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5430 comm="syz.1.269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96ddf92de9 code=0x7fc00000
[  172.937604][    C1] vkms_vblank_simulate: vblank timer overrun
[  172.960989][ T5455] loop5: detected capacity change from 0 to 8192
[  173.004175][ T5462]  loop5: p1 p2 p3 p4
[  173.013875][ T5462] loop5: p1 size 108922248 extends beyond EOD, truncated
[  173.111472][ T5466] Cannot find del_set index 4 as target
[  173.160186][ T5462] loop5: p2 start 861536256 is beyond EOD, truncated
[  173.281841][ T5462] loop5: p3 start 851968 is beyond EOD, truncated
[  173.444508][ T5461] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  173.500866][ T5462] loop5: p4 size 65536 extends beyond EOD, truncated
[  174.075898][   T26] audit: type=1326 audit(1740035508.773:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5430 comm="syz.1.269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96ddf92de9 code=0x7fc00000
[  174.256024][ T5455]  loop5: p1 p2 p3 p4
[  174.260259][ T5455] loop5: p1 size 108922248 extends beyond EOD, truncated
[  174.306954][   T26] audit: type=1326 audit(1740035508.773:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5430 comm="syz.1.269" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96ddf92de9 code=0x7fc00000
[  174.372547][ T5455] loop5: p2 start 861536256 is beyond EOD, truncated
[  174.428406][ T5455] loop5: p3 start 851968 is beyond EOD, truncated
[  174.499977][ T5455] loop5: p4 size 65536 extends beyond EOD, truncated
[  176.033388][ T5492] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  176.140270][ T5489] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  176.317482][ T4159] udevd[4159]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory
[  176.331276][ T4175] udevd[4175]: inotify_add_watch(7, /dev/loop5p4, 10) failed: No such file or directory
[  176.977012][ T4159] udevd[4159]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory
[  177.008290][ T4175] udevd[4175]: inotify_add_watch(7, /dev/loop5p4, 10) failed: No such file or directory
[  177.412828][ T4175] udevd[4175]: inotify_add_watch(7, /dev/loop5p4, 10) failed: No such file or directory
[  178.668509][ T4159] udevd[4159]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory
[  178.850282][ T5528] loop1: detected capacity change from 0 to 2048
[  179.870107][ T5528] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  181.126278][ T5558] Zero length message leads to an empty skb
[  187.107011][ T5639] netlink: 'syz.1.311': attribute type 62 has an invalid length.
[  189.607449][   T26] kauditd_printk_skb: 1 callbacks suppressed
[  189.607464][   T26] audit: type=1326 audit(1740035526.303:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5654 comm="syz.0.315" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc54277dde9 code=0x0
[  191.356734][    T7] Bluetooth: hci4: command 0x0406 tx timeout
[  191.596265][    T7] Bluetooth: hci0: command 0x0406 tx timeout
[  191.641299][    T7] Bluetooth: hci2: command 0x0406 tx timeout
[  191.775953][    T7] Bluetooth: hci1: command 0x0406 tx timeout
[  193.442590][ T5704] uffd: Set unprivileged_userfaultfd sysctl knob to 1 if kernel faults must be handled without obtaining CAP_SYS_PTRACE capability
[  194.415114][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[  194.421759][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[  196.716478][ T5732] lo speed is unknown, defaulting to 1000
[  198.384840][ T4209] Bluetooth: hci5: command 0x0409 tx timeout
[  199.215541][ T5762] loop5: detected capacity change from 0 to 256
[  199.336531][ T5732] chnl_net:caif_netlink_parms(): no params data found
[  199.387055][ T5762] FAT-fs (loop5): Directory bread(block 64) failed
[  199.393663][ T5762] FAT-fs (loop5): Directory bread(block 65) failed
[  199.442780][ T5762] FAT-fs (loop5): Directory bread(block 66) failed
[  199.472876][ T5762] FAT-fs (loop5): Directory bread(block 67) failed
[  199.505535][ T5762] FAT-fs (loop5): Directory bread(block 68) failed
[  199.512843][ T5762] FAT-fs (loop5): Directory bread(block 69) failed
[  199.529279][ T5762] FAT-fs (loop5): Directory bread(block 70) failed
[  199.538997][ T5762] FAT-fs (loop5): Directory bread(block 71) failed
[  199.593343][ T5774] sctp: [Deprecated]: syz.1.344 (pid 5774) Use of int in max_burst socket option.
[  199.593343][ T5774] Use struct sctp_assoc_value instead
[  199.660032][ T5762] FAT-fs (loop5): Directory bread(block 72) failed
[  199.727320][ T5762] FAT-fs (loop5): Directory bread(block 73) failed
[  200.408427][ T5732] bridge0: port 1(bridge_slave_0) entered blocking state
[  200.415541][ T5732] bridge0: port 1(bridge_slave_0) entered disabled state
[  200.428087][ T4209] Bluetooth: hci5: command 0x041b tx timeout
[  200.557290][ T5732] device bridge_slave_0 entered promiscuous mode
[  200.597176][ T5732] bridge0: port 2(bridge_slave_1) entered blocking state
[  200.604318][ T5732] bridge0: port 2(bridge_slave_1) entered disabled state
[  200.633510][ T5732] device bridge_slave_1 entered promiscuous mode
[  200.660070][ T5732] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  200.672807][ T5732] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  201.200637][ T5732] team0: Port device team_slave_0 added
[  201.232874][ T5732] team0: Port device team_slave_1 added
[  201.586391][ T5732] batman_adv: batadv0: Adding interface: batadv_slave_0
[  201.601449][ T5732] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  201.713182][ T5732] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  203.770717][ T4208] Bluetooth: hci5: command 0x040f tx timeout
[  203.781427][ T5732] batman_adv: batadv0: Adding interface: batadv_slave_1
[  203.789043][ T5732] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  203.815447][ T5732] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  203.951504][ T5732] device hsr_slave_0 entered promiscuous mode
[  204.007207][ T5732] device hsr_slave_1 entered promiscuous mode
[  204.123877][ T5732] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  204.133254][ T5732] Cannot create hsr debugfs directory
[  205.847963][ T4547] Bluetooth: hci5: command 0x0419 tx timeout
[  206.605515][ T5809] loop5: detected capacity change from 0 to 16
[  206.742259][ T5732] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  206.844205][ T5732] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  206.931490][ T5732] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  206.956456][ T5809] erofs: (device loop5): mounted with root inode @ nid 36.
[  207.025544][ T5809] erofs: (device loop5): erofs_map_blocks_flatmode: inline data cross block boundary @ nid 36
[  207.062105][ T5809] attempt to access beyond end of device
[  207.062105][ T5809] loop5: rw=524288, want=34359740336, limit=16
[  207.238875][ T5732] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  208.625166][ T5732] 8021q: adding VLAN 0 to HW filter on device bond0
[  208.657754][ T4539] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  208.724086][ T4539] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  208.754701][ T5732] 8021q: adding VLAN 0 to HW filter on device team0
[  208.772549][ T4303] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  208.783832][ T4303] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  208.793362][ T4303] bridge0: port 1(bridge_slave_0) entered blocking state
[  208.800450][ T4303] bridge0: port 1(bridge_slave_0) entered forwarding state
[  209.776150][ T4303] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  209.866322][ T4303] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  209.884473][ T4303] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  209.893005][   T26] audit: type=1326 audit(1740035546.949:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5858 comm="syz.1.370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96ddf92de9 code=0x7ffc0000
[  209.902755][ T5861] syz.5.369 uses obsolete (PF_INET,SOCK_PACKET)
[  209.936155][ T4303] bridge0: port 2(bridge_slave_1) entered blocking state
[  209.943350][ T4303] bridge0: port 2(bridge_slave_1) entered forwarding state
[  209.959907][ T4303] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  210.006504][   T26] audit: type=1326 audit(1740035546.980:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5858 comm="syz.1.370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96ddf92de9 code=0x7ffc0000
[  210.050717][ T4303] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  210.065726][    C1] Unknown status report in ack skb
[  210.080593][ T4303] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  210.097829][   T26] audit: type=1326 audit(1740035546.980:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5858 comm="syz.1.370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f96ddf92de9 code=0x7ffc0000
[  210.108010][ T4303] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  210.151226][ T4303] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  210.173244][ T4303] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  210.180124][   T26] audit: type=1326 audit(1740035546.980:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5858 comm="syz.1.370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96ddf92de9 code=0x7ffc0000
[  210.325474][ T4303] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  210.341805][   T26] audit: type=1326 audit(1740035546.980:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5858 comm="syz.1.370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96ddf92de9 code=0x7ffc0000
[  210.390904][ T5732] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  210.405304][ T5732] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  210.422360][   T26] audit: type=1326 audit(1740035547.000:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5858 comm="syz.1.370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f96ddf92de9 code=0x7ffc0000
[  210.466507][ T4303] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  211.240623][ T4303] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  211.286263][ T4303] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  211.315480][   T26] audit: type=1326 audit(1740035547.000:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5858 comm="syz.1.370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96ddf92de9 code=0x7ffc0000
[  211.345033][   T26] audit: type=1326 audit(1740035547.000:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5858 comm="syz.1.370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96ddf92de9 code=0x7ffc0000
[  211.367365][   T26] audit: type=1326 audit(1740035547.000:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5858 comm="syz.1.370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f96ddf92de9 code=0x7ffc0000
[  211.387469][ T4303] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  211.405407][   T26] audit: type=1326 audit(1740035547.000:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5858 comm="syz.1.370" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96ddf92de9 code=0x7ffc0000
[  211.454829][ T4303] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  211.665569][ T5887] loop1: detected capacity change from 0 to 47
[  211.862540][ T5732] 8021q: adding VLAN 0 to HW filter on device batadv0
[  211.891686][ T1505] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  211.911804][ T1505] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  212.053319][ T4546] Bluetooth: hci5: command 0x0405 tx timeout
[  212.889106][ T1505] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  212.944516][ T1505] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  213.052058][ T1505] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  213.066883][ T1505] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  213.092252][ T5732] device veth0_vlan entered promiscuous mode
[  213.116458][ T1505] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  213.317426][ T1505] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  213.358971][ T5732] device veth1_vlan entered promiscuous mode
[  214.000888][ T4245] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  214.080136][ T4245] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  214.355100][ T4245] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  214.411635][ T4245] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  214.469152][ T5732] device veth0_macvtap entered promiscuous mode
[  214.484084][ T5732] device veth1_macvtap entered promiscuous mode
[  214.519612][ T5732] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  215.022585][ T5732] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  215.152198][ T5732] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  215.163375][ T5732] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  215.191400][ T5732] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  215.222026][ T5732] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  215.260224][ T5732] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  215.283784][ T5732] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  215.311001][ T5732] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  215.343412][ T5732] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  215.461635][ T5732] batman_adv: batadv0: Interface activated: batadv_slave_0
[  215.828633][ T4539] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  216.354706][ T4539] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  216.377343][ T4539] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  216.387730][ T4539] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  216.407389][ T5732] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  216.451514][ T5732] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  216.513337][ T5732] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  216.669862][ T5732] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  216.703567][ T5732] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  216.745556][ T5732] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  216.803364][ T5732] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  216.878298][ T5732] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  216.955864][ T5732] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  217.015740][ T5732] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  217.078545][ T5732] batman_adv: batadv0: Interface activated: batadv_slave_1
[  217.120322][ T5950] netlink: 4 bytes leftover after parsing attributes in process `syz.1.391'.
[  217.196185][ T5950] device bridge_slave_1 left promiscuous mode
[  217.235489][ T5950] bridge0: port 2(bridge_slave_1) entered disabled state
[  217.269336][ T5950] device bridge_slave_0 left promiscuous mode
[  217.284113][ T5950] bridge0: port 1(bridge_slave_0) entered disabled state
[  217.436319][ T1505] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  217.461611][ T1505] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  217.501009][ T5732] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  217.573228][ T5732] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  217.610555][ T5732] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  217.637667][ T5732] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  217.991325][ T4303] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  218.024625][ T4303] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  218.145494][ T1505] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  218.213235][ T1505] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  218.236912][ T1505] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  218.254856][ T1505] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  220.787412][ T5971] overlayfs: failed to clone upperpath
[  220.840069][   T26] kauditd_printk_skb: 22 callbacks suppressed
[  220.840084][   T26] audit: type=1326 audit(1740035557.959:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5982 comm="syz.6.401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f039a089de9 code=0x7ffc0000
[  221.042877][   T26] audit: type=1326 audit(1740035557.999:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5982 comm="syz.6.401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f039a089de9 code=0x7ffc0000
[  221.189277][ T5986] lo speed is unknown, defaulting to 1000
[  221.196841][   T26] audit: type=1326 audit(1740035557.999:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5982 comm="syz.6.401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f039a089de9 code=0x7ffc0000
[  221.295474][   T26] audit: type=1326 audit(1740035557.999:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5982 comm="syz.6.401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f039a089de9 code=0x7ffc0000
[  221.328173][ T5993] netlink: 'syz.1.402': attribute type 1 has an invalid length.
[  221.328674][ T5989] netlink: 120 bytes leftover after parsing attributes in process `syz.6.405'.
[  221.346195][   T26] audit: type=1326 audit(1740035557.999:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5982 comm="syz.6.401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f039a089de9 code=0x7ffc0000
[  221.444749][ T5993] 8021q: adding VLAN 0 to HW filter on device bond2
[  221.474113][ T5989] Invalid option length (1047411) for dns_resolver key
[  221.510077][   T26] audit: type=1326 audit(1740035557.999:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5982 comm="syz.6.401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f039a089de9 code=0x7ffc0000
[  221.638055][   T26] audit: type=1326 audit(1740035557.999:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5982 comm="syz.6.401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f039a089de9 code=0x7ffc0000
[  221.714522][ T5995] bond2: (slave gretap1): making interface the new active one
[  221.740699][ T5995] bond2: (slave gretap1): Enslaving as an active interface with an up link
[  221.741022][   T26] audit: type=1326 audit(1740035557.999:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5982 comm="syz.6.401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f039a089de9 code=0x7ffc0000
[  221.787444][ T5482] IPv6: ADDRCONF(NETDEV_CHANGE): bond2: link becomes ready
[  221.862317][ T5995] syz.1.402 (5995) used greatest stack depth: 16888 bytes left
[  221.956647][   T26] audit: type=1326 audit(1740035557.999:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5982 comm="syz.6.401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f039a089de9 code=0x7ffc0000
[  222.013845][   T26] audit: type=1326 audit(1740035558.019:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5982 comm="syz.6.401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f039a089de9 code=0x7ffc0000
[  222.109813][ T6007] netlink: 4 bytes leftover after parsing attributes in process `syz.1.407'.
[  222.134169][ T6007] device ipvlan0 entered promiscuous mode
[  222.188722][ T6007] 8021q: adding VLAN 0 to HW filter on device ipvlan0
[  222.230261][ T6007] team0: Device ipvlan0 is already an upper device of the team interface
[  226.498716][ T6051] netlink: 4 bytes leftover after parsing attributes in process `syz.6.422'.
[  226.636398][ T6051] device ipvlan2 entered promiscuous mode
[  226.644778][ T6051] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  226.652970][ T6051] team0: Device ipvlan2 is already an upper device of the team interface
[  228.813130][    T7] Bluetooth: hci3: command 0x0406 tx timeout
[  229.592514][    C1] Illegal XDP return value 16128, expect packet loss!
[  229.878174][ T6101] netlink: 12 bytes leftover after parsing attributes in process `syz.0.437'.
[  231.319729][ T6116] PKCS7: Unknown OID: [4] 0.38.11253.6554(bad)
[  231.326019][ T6116] PKCS7: Only support pkcs7_signedData type
[  232.019743][ T6119] netlink: 4 bytes leftover after parsing attributes in process `syz.0.442'.
[  232.123536][ T6123] netlink: 4 bytes leftover after parsing attributes in process `syz.5.443'.
[  232.203845][ T6110] overlayfs: failed to clone upperpath
[  232.210332][ T6123] device ipvlan2 entered promiscuous mode
[  232.237754][ T6123] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  232.287853][ T6123] team0: Device ipvlan2 is already an upper device of the team interface
[  239.660848][ T6185] loop5: detected capacity change from 0 to 8192
[  242.406610][ T6192] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  242.591082][ T6191] loop6: detected capacity change from 0 to 1024
[  242.864905][ T6191] EXT4-fs (loop6): mounted filesystem without journal. Opts: jqfmt=vfsold,,errors=continue. Quota mode: none.
[  243.346573][ T6223] loop1: detected capacity change from 0 to 512
[  243.485782][ T6223] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  243.576538][ T6223] EXT4-fs warning (device loop1): ext4_update_dynamic_rev:1062: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  243.616195][ T6223] EXT4-fs (loop1): 1 truncate cleaned up
[  243.689280][ T6223] EXT4-fs (loop1): mounted filesystem without journal. Opts: noinit_itable,block_validity,quota,,errors=continue. Quota mode: writeback.
[  246.050521][   T26] kauditd_printk_skb: 52 callbacks suppressed
[  246.050541][   T26] audit: type=1107 audit(1740035583.223:128): pid=6218 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  246.342126][ T6250] loop5: detected capacity change from 0 to 512
[  246.455037][ T6249] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  246.810136][ T6263] netlink: 4 bytes leftover after parsing attributes in process `syz.3.481'.
[  248.393988][ T6250] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  248.435203][ T6250] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  249.055356][ T6274] infiniband syz0: set active
[  249.060181][ T6274] infiniband syz0: added bond0
[  249.397610][ T6274] infiniband syz0: Couldn't open port 1
[  249.481163][ T6274] RDS/IB: syz0: added
[  249.485278][ T6274] smc: adding ib device syz0 with port count 1
[  249.491533][ T6274] smc:    ib device syz0 port 1 has pnetid 
[  249.757377][ T6250] EXT4-fs: failed to create workqueue
[  249.793840][ T6250] EXT4-fs (loop5): mount failed
[  251.262807][ T6289] netlink: 'syz.6.489': attribute type 4 has an invalid length.
[  251.368337][ T6291] netlink: 'syz.6.489': attribute type 4 has an invalid length.
[  252.250606][ T6297] capability: warning: `syz.1.491' uses deprecated v2 capabilities in a way that may be insecure
[  254.278072][ T6321] xt_NFQUEUE: number of queues (1280) out of range (got 65792)
[  255.511351][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[  255.517709][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[  257.880696][ T6358] loop6: detected capacity change from 0 to 2048
[  258.366620][ T6358] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  259.626547][ T6378] loop1: detected capacity change from 0 to 2048
[  259.758391][ T6376] block nbd5: shutting down sockets
[  260.683858][ T6395] netlink: 16 bytes leftover after parsing attributes in process `syz.3.523'.
[  260.797910][ T6401] IPVS: sync thread started: state = BACKUP, mcast_ifn = batadv0, syncid = 0, id = 0
[  260.869674][ T6378] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  262.303813][ T6409] netlink: 4 bytes leftover after parsing attributes in process `syz.6.518'.
[  262.364077][ T6408] nfs: Unknown parameter 'ntext'
[  265.343407][ T6454] Invalid ELF header magic: != ELF
[  266.131625][ T6460] batman_adv: batadv0: Adding interface: dummy0
[  266.236186][ T6460] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  266.263050][ T6460] batman_adv: batadv0: Interface activated: dummy0
[  268.860102][ T6487] loop6: detected capacity change from 0 to 128
[  269.138664][ T6487] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  270.701263][ T6510] netlink: 20 bytes leftover after parsing attributes in process `syz.1.553'.
[  270.724661][ T6510] netlink: 16 bytes leftover after parsing attributes in process `syz.1.553'.
[  272.420741][ T6529] overlayfs: missing 'lowerdir'
[  272.461019][ T6532] loop1: detected capacity change from 0 to 128
[  272.832792][ T6532] FAT-fs (loop1): Unrecognized mount option "0x0000000000000000����������" or missing value
[  273.588391][ T6545] netlink: 24 bytes leftover after parsing attributes in process `syz.3.564'.
[  273.681353][ T6532] loop1: detected capacity change from 0 to 256
[  274.512289][ T6532] loop1: detected capacity change from 0 to 512
[  276.295674][ T4209] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  276.685836][ T4209] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  276.720189][ T4209] usb 7-1: New USB device found, idVendor=1532, idProduct=010e, bcdDevice= 0.00
[  276.749851][ T4209] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  276.790819][ T4209] usb 7-1: config 0 descriptor??
[  280.765186][ T4209] usbhid 7-1:0.0: can't add hid device: -71
[  280.771221][ T4209] usbhid: probe of 7-1:0.0 failed with error -71
[  280.787589][ T4209] usb 7-1: USB disconnect, device number 2
[  282.791732][ T6654] Invalid ELF header magic: != ELF
[  283.648600][ T6661] netlink: 16 bytes leftover after parsing attributes in process `syz.0.599'.
[  285.491346][ T6686] loop1: detected capacity change from 0 to 512
[  285.688950][ T6687] netlink: 'syz.5.602': attribute type 10 has an invalid length.
[  285.697364][ T6687] batman_adv: batadv0: Adding interface: wlan0
[  285.703591][ T6687] batman_adv: batadv0: The MTU of interface wlan0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  285.729249][ T6687] batman_adv: batadv0: Interface activated: wlan0
[  287.337097][ T6686] EXT4-fs (loop1): Ignoring removed mblk_io_submit option
[  288.133079][ T6686] EXT4-fs (loop1): Unrecognized mount option "seclabel" or missing value
[  288.327990][ T6699] netlink: 'syz.6.612': attribute type 3 has an invalid length.
[  288.344400][ T6699] device vlan2 entered promiscuous mode
[  288.351685][ T6699] device bond0 entered promiscuous mode
[  288.360086][ T6699] device bond_slave_0 entered promiscuous mode
[  288.367544][ T6699] device bond_slave_1 entered promiscuous mode
[  288.375523][ T6699] device bond0 left promiscuous mode
[  290.021326][ T6699] device bond_slave_0 left promiscuous mode
[  290.046547][ T6699] device bond_slave_1 left promiscuous mode
[  290.079399][ T6701] MPTCP: addr_signal error, rm_addr=1
[  290.357295][ T6712] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  290.404837][ T6712] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  290.467640][ T6715] netlink: 4 bytes leftover after parsing attributes in process `syz.1.614'.
[  292.892823][ T6760] loop6: detected capacity change from 0 to 256
[  293.677159][ T6760] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  294.050858][ T6769] netlink: 4 bytes leftover after parsing attributes in process `syz.5.629'.
[  300.445895][ T6833] netlink: 'syz.1.649': attribute type 10 has an invalid length.
[  301.614368][ T6838] netlink: 4 bytes leftover after parsing attributes in process `syz.3.650'.
[  301.680016][ T6838] device team1 entered promiscuous mode
[  301.690345][ T6838] 8021q: adding VLAN 0 to HW filter on device team1
[  303.856088][ T6862] IPv6: ADDRCONF(NETDEV_CHANGE): bpq0: link becomes ready
[  304.045315][ T6867] loop5: detected capacity change from 0 to 8
[  306.728420][ T6888] overlayfs: failed to clone upperpath
[  306.741835][ T6867] SQUASHFS error: Failed to read block 0x62b: -5
[  306.754776][ T6867] SQUASHFS error: Unable to read metadata cache entry [629]
[  306.803215][ T6867] SQUASHFS error: Unable to read inode 0x11f
[  309.290612][ T6925] device wg1 entered promiscuous mode
[  313.645482][ T6942] loop1: detected capacity change from 0 to 128
[  313.966842][ T6942] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1)
[  314.111999][ T6951] lo speed is unknown, defaulting to 1000
[  314.297351][ T6942] FAT-fs (loop1): FAT read failed (blocknr 128)
[  314.584067][    T9] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1)
[  316.739902][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[  316.748091][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[  317.769914][ T6992] tipc: Started in network mode
[  317.798292][ T6992] tipc: Node identity fe800000000000000000000000000013, cluster identity 4711
[  317.905843][ T6992] tipc: Enabled bearer <udp:syz0>, priority 10
[  318.217050][ T7004] netlink: 72 bytes leftover after parsing attributes in process `syz.3.700'.
[  318.258075][ T7006] netlink: 'syz.6.701': attribute type 10 has an invalid length.
[  318.278468][ T7006] bridge0: port 2(bridge_slave_1) entered disabled state
[  318.286039][ T7006] bridge0: port 1(bridge_slave_0) entered disabled state
[  318.352941][ T7006] bridge0: port 2(bridge_slave_1) entered blocking state
[  318.360418][ T7006] bridge0: port 2(bridge_slave_1) entered forwarding state
[  318.367945][ T7006] bridge0: port 1(bridge_slave_0) entered blocking state
[  318.375097][ T7006] bridge0: port 1(bridge_slave_0) entered forwarding state
[  318.510650][ T7006] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  319.441103][ T7014] bridge0: port 2(bridge_slave_1) entered disabled state
[  319.447534][ T4209] tipc: Node number set to 4269801491
[  319.803370][ T7016] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  321.320825][ T7032] loop5: detected capacity change from 0 to 256
[  323.488692][ T4210] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  323.809419][ T4210] usb 7-1: Using ep0 maxpacket: 8
[  323.883799][ T7072] netlink: 16 bytes leftover after parsing attributes in process `syz.5.720'.
[  324.232233][ T4210] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  324.327117][ T4210] usb 7-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  324.626216][ T4210] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  324.653717][ T4210] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  324.724423][ T4210] usb 7-1: config 0 descriptor??
[  324.933974][ T4210] iowarrior 7-1:0.0: no interrupt-in endpoint found
[  327.287837][   T13] usb 7-1: USB disconnect, device number 3
[  328.565360][ T7120] loop6: detected capacity change from 0 to 16
[  328.658217][ T4168] Bluetooth: hci5: link tx timeout
[  328.664988][ T4168] Bluetooth: hci5: killing stalled connection 11:aa:aa:aa:aa:aa
[  329.362168][ T7120] erofs: (device loop6): erofs_load_compr_cfgs: try to load compressed fs with unsupported algorithms fffe
[  330.734184][ T4546] Bluetooth: hci5: command 0x0406 tx timeout
[  331.511133][ T7141] tipc: Started in network mode
[  331.526977][ T7141] tipc: Node identity ac14140f, cluster identity 4711
[  331.578277][ T7141] tipc: New replicast peer: 255.255.255.255
[  331.588313][ T7141] tipc: Enabled bearer <udp:syz2>, priority 10
[  332.701577][ T4211] tipc: Node number set to 2886997007
[  335.382013][   T26] audit: type=1326 audit(1740035672.567:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7186 comm="syz.1.751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96ddf92de9 code=0x7ffc0000
[  335.500478][   T26] audit: type=1326 audit(1740035672.627:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7186 comm="syz.1.751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96ddf92de9 code=0x7ffc0000
[  335.592686][   T26] audit: type=1326 audit(1740035672.627:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7186 comm="syz.1.751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f96ddf92de9 code=0x7ffc0000
[  335.676570][ T7190] loop5: detected capacity change from 0 to 2048
[  335.699809][   T26] audit: type=1326 audit(1740035672.627:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7186 comm="syz.1.751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96ddf92de9 code=0x7ffc0000
[  336.399404][   T26] audit: type=1326 audit(1740035672.627:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7186 comm="syz.1.751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96ddf92de9 code=0x7ffc0000
[  336.581258][   T26] audit: type=1326 audit(1740035672.627:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7186 comm="syz.1.751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f96ddf92de9 code=0x7ffc0000
[  336.723795][ T7209] netlink: 'syz.0.759': attribute type 12 has an invalid length.
[  337.045096][   T26] audit: type=1326 audit(1740035672.627:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7186 comm="syz.1.751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96ddf92de9 code=0x7ffc0000
[  337.208073][   T26] audit: type=1326 audit(1740035672.627:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7186 comm="syz.1.751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96ddf92de9 code=0x7ffc0000
[  338.299960][   T26] audit: type=1326 audit(1740035672.627:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7186 comm="syz.1.751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7f96ddf92de9 code=0x7ffc0000
[  339.737065][   T26] audit: type=1326 audit(1740035672.627:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7186 comm="syz.1.751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=96 compat=0 ip=0xffffffffff600000 code=0x7ffc0000
[  341.475140][   T26] audit: type=1326 audit(1740035672.627:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7186 comm="syz.1.751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96ddf92de9 code=0x7ffc0000
[  341.548129][ T7240] loop1: detected capacity change from 0 to 164
[  341.603864][   T26] audit: type=1326 audit(1740035672.627:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7186 comm="syz.1.751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96ddf92de9 code=0x7ffc0000
[  343.665961][   T26] audit: type=1326 audit(1740035680.857:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7252 comm="syz.6.772" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f039a089de9 code=0x0
[  344.281632][ T7240] ISOFS: primary root directory is empty. Disabling Rock Ridge and switching to Joliet.
[  344.820281][ T7272] loop1: detected capacity change from 0 to 128
[  347.437398][ T7300] netlink: 68 bytes leftover after parsing attributes in process `syz.6.783'.
[  350.847197][ T7370] netlink: 'syz.0.790': attribute type 1 has an invalid length.
[  351.157281][ T7374] bond1: (slave ip6gretap1): Enslaving as a backup interface with an up link
[  351.239725][ T7375] 8021q: adding VLAN 0 to HW filter on device bond1
[  351.247040][  T154] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  351.324953][ T7357] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[  351.387252][ T7386] loop5: detected capacity change from 0 to 512
[  351.409651][ T7357] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  353.499010][ T7413] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  353.524984][ T7411] netlink: 76 bytes leftover after parsing attributes in process `syz.3.802'.
[  354.858161][ T7429] Invalid option length (1081) for dns_resolver key
[  357.787032][ T7459] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  358.735257][ T7472] QAT: Invalid ioctl 1075883590
[  358.741302][ T7472] QAT: Invalid ioctl 1075883590
[  358.746724][ T7472] QAT: Invalid ioctl 1075883590
[  358.752073][ T7472] QAT: Invalid ioctl 1075883590
[  358.757442][ T7472] QAT: Invalid ioctl 1075883590
[  358.762871][ T7472] QAT: Invalid ioctl 1075883590
[  358.768332][ T7472] QAT: Invalid ioctl 1075883590
[  358.773670][ T7472] QAT: Invalid ioctl 1075883590
[  358.778987][ T7472] QAT: Invalid ioctl 1075883590
[  358.784403][ T7472] QAT: Invalid ioctl 1075883590
[  359.947725][ T7486] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  360.745246][ T7494] kvm: pic: non byte read
[  360.750156][ T7494] pic_ioport_write: 26 callbacks suppressed
[  360.750177][ T7494] kvm: pic: level sensitive irq not supported
[  360.895488][ T7494] kvm: pic: non byte read
[  361.187878][ T7505] netlink: 4 bytes leftover after parsing attributes in process `syz.5.826'.
[  361.246077][ T7507] loop6: detected capacity change from 0 to 128
[  361.425877][ T7511] FAT-fs (loop6): error, corrupted directory (invalid entries)
[  361.485061][ T7511] FAT-fs (loop6): Filesystem has been set read-only
[  361.902927][ T7512] netlink: 'syz.1.829': attribute type 4 has an invalid length.
[  361.910946][ T7512] rdma_rxe: ignoring netdev event = 23 for lo
[  361.919720][ T7512] rdma_rxe: lo changed mtu to 4
[  361.924751][ T7512] rdma_rxe: ignoring netdev event = 10 for lo
[  361.967530][ T7512] infiniband s
z1: set down
[  361.994312][ T4209] lo speed is unknown, defaulting to 1000
[  362.027114][ T4209] lo speed is unknown, defaulting to 1000
[  362.034894][ T7516] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  362.877033][   T26] audit: type=1326 audit(1740035700.067:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7528 comm="syz.1.838" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f96ddf92de9 code=0x0
[  367.450683][ T7580] netlink: 8 bytes leftover after parsing attributes in process `syz.0.850'.
[  367.476218][ T7560] delete_channel: no stack
[  367.519807][ T7580] rdma_rxe: ignoring netdev event = 26 for bond0
[  367.554607][ T7580] rdma_rxe: ignoring netdev event = 21 for bond0
[  367.566721][ T7580] device vlan2 entered promiscuous mode
[  368.894693][ T7595] autofs4:pid:7595:autofs_fill_super: called with bogus options
[  369.263036][ T7597] loop1: detected capacity change from 0 to 512
[  370.476753][ T7597] EXT4-fs (loop1): Ignoring removed orlov option
[  370.967944][ T7597] EXT4-fs (loop1): 1 orphan inode deleted
[  371.012375][ T7597] EXT4-fs (loop1): mounted filesystem without journal. Opts: errors=remount-ro,sb=0x0000000000000076,auto_da_alloc,init_itable,stripe=0x000000000000007b,orlov,sysvgroups,delalloc,usrquota,. Quota mode: writeback.
[  371.254747][ T7615] loop5: detected capacity change from 0 to 1024
[  371.275614][ T7597] ext4 filesystem being mounted at /152/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  371.501551][ T7615] hfsplus: unable to parse mount options
[  374.774217][ T7650] device syzkaller0 entered promiscuous mode
[  374.935127][ T7663] loop1: detected capacity change from 0 to 1024
[  374.950856][   T26] audit: type=1326 audit(1740035712.137:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7657 comm="syz.5.871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f02ebfaade9 code=0x7ffc0000
[  375.009093][   T26] audit: type=1326 audit(1740035712.167:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7657 comm="syz.5.871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f02ebfaade9 code=0x7ffc0000
[  375.041381][   T26] audit: type=1326 audit(1740035712.167:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7657 comm="syz.5.871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f02ebfaade9 code=0x7ffc0000
[  375.271289][   T26] audit: type=1326 audit(1740035712.167:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7657 comm="syz.5.871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f02ebfaade9 code=0x7ffc0000
[  375.397080][   T26] audit: type=1326 audit(1740035712.167:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7657 comm="syz.5.871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=277 compat=0 ip=0x7f02ebfaade9 code=0x7ffc0000
[  376.123871][   T26] audit: type=1326 audit(1740035712.167:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7657 comm="syz.5.871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f02ebfaade9 code=0x7ffc0000
[  376.174973][   T26] audit: type=1326 audit(1740035712.167:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7657 comm="syz.5.871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=6 compat=0 ip=0x7f02ebfaade9 code=0x7ffc0000
[  376.207697][   T26] audit: type=1326 audit(1740035712.167:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7657 comm="syz.5.871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f02ebfaade9 code=0x7ffc0000
[  376.242781][   T26] audit: type=1326 audit(1740035712.167:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7657 comm="syz.5.871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=332 compat=0 ip=0x7f02ebfaade9 code=0x7ffc0000
[  376.273820][   T26] audit: type=1326 audit(1740035712.167:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7657 comm="syz.5.871" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f02ebfaade9 code=0x7ffc0000
[  376.598218][ T7676] loop5: detected capacity change from 0 to 1024
[  378.697669][ T7695] netlink: 48 bytes leftover after parsing attributes in process `syz.6.876'.
[  378.716348][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[  378.923674][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[  380.961997][ T7730] netlink: 104 bytes leftover after parsing attributes in process `syz.0.887'.
[  381.784313][ T7733] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  381.810306][ T7718] DRBG: could not allocate digest TFM handle: hmac(sha512)
[  383.232050][ T7744] program syz.6.891 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  383.247449][ T7744] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  383.333948][ T4546] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  383.559437][ T7752] netlink: 8 bytes leftover after parsing attributes in process `syz.1.892'.
[  383.604032][ T4546] usb 6-1: Using ep0 maxpacket: 32
[  383.824361][ T4546] usb 6-1: config 0 has an invalid interface number: 67 but max is 0
[  383.887454][ T4546] usb 6-1: config 0 has no interface number 0
[  384.973847][ T4546] usb 6-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  384.983141][ T4546] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  384.996774][ T4546] usb 6-1: Product: syz
[  385.001045][ T4546] usb 6-1: Manufacturer: syz
[  385.020873][ T4546] usb 6-1: config 0 descriptor??
[  385.063933][ T4546] usb 6-1: can't set config #0, error -71
[  385.087169][ T4546] usb 6-1: USB disconnect, device number 2
[  385.175232][ T7771] netlink: 4 bytes leftover after parsing attributes in process `syz.0.897'.
[  385.264043][ T7788] loop1: detected capacity change from 0 to 256
[  385.373092][   T26] audit: type=1326 audit(1740035722.557:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7791 comm="syz.0.903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc54277dde9 code=0x7ffc0000
[  385.515653][   T26] audit: type=1326 audit(1740035722.607:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7791 comm="syz.0.903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7fc54277dde9 code=0x7ffc0000
[  385.549928][   T26] audit: type=1326 audit(1740035722.737:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7791 comm="syz.0.903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc54277dde9 code=0x7ffc0000
[  386.244339][   T26] audit: type=1326 audit(1740035723.197:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7791 comm="syz.0.903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=5 compat=0 ip=0x7fc54277dde9 code=0x7ffc0000
[  386.322948][ T7802] loop6: detected capacity change from 0 to 4096
[  386.331374][   T26] audit: type=1326 audit(1740035723.207:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7791 comm="syz.0.903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc54277dde9 code=0x7ffc0000
[  386.423168][   T26] audit: type=1326 audit(1740035723.207:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7791 comm="syz.0.903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc54277dde9 code=0x7ffc0000
[  386.467431][   T26] audit: type=1326 audit(1740035723.227:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7791 comm="syz.0.903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc54277c750 code=0x7ffc0000
[  386.491547][   T26] audit: type=1326 audit(1740035723.227:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7791 comm="syz.0.903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc54277dde9 code=0x7ffc0000
[  386.554399][   T26] audit: type=1326 audit(1740035723.227:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7791 comm="syz.0.903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc54277dde9 code=0x7ffc0000
[  387.332664][ T7802] ntfs3: loop6: Different NTFS' sector size (2048) and media sector size (512)
[  387.459046][   T26] audit: type=1326 audit(1740035723.227:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7791 comm="syz.0.903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc54277dde9 code=0x7ffc0000
[  389.699121][ T7830] delete_channel: no stack
[  390.998220][ T7844] lo speed is unknown, defaulting to 1000
[  392.375134][ T7860] netlink: 4 bytes leftover after parsing attributes in process `syz.5.919'.
[  392.571778][ T7864] netdevsim netdevsim6 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  392.581520][ T7864] netdevsim netdevsim6 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  392.590362][ T7864] netdevsim netdevsim6 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  392.599125][ T7864] netdevsim netdevsim6 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  392.671168][ T7864] bond0: (slave vxlan0): Enslaving as an active interface with an up link
[  392.950909][ T7872] netlink: 'syz.5.922': attribute type 4 has an invalid length.
[  393.061107][ T7873] netlink: 'syz.5.922': attribute type 4 has an invalid length.
[  393.722589][ T7882] netlink: 16 bytes leftover after parsing attributes in process `syz.5.926'.
[  393.974981][ T7888] IPVS: sync thread started: state = BACKUP, mcast_ifn = batadv0, syncid = 0, id = 0
[  394.308602][ T7890] loop6: detected capacity change from 0 to 4096
[  395.205602][ T7901] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  395.427876][   T26] kauditd_printk_skb: 15 callbacks suppressed
[  395.427895][   T26] audit: type=1800 audit(1740035732.607:178): pid=7890 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.927" name="bus" dev="loop6" ino=18 res=0 errno=0
[  398.880234][ T7932] Invalid ELF header magic: != ELF
[  399.576245][ T4211] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  400.243829][ T7940] netlink: 4 bytes leftover after parsing attributes in process `syz.1.940'.
[  400.824059][    C1] vcan0: j1939_tp_rxtimer: 0xffff888060176400: rx timeout, send abort
[  401.677539][    C1] vcan0: j1939_tp_rxtimer: 0xffff888060176400: abort rx timeout. Force session deactivation
[  402.474334][ T7966] overlayfs: missing 'lowerdir'
[  403.022607][ T7976] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  407.811926][ T8018] netlink: 'syz.3.963': attribute type 5 has an invalid length.
[  411.748103][ T8044] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  414.728404][ T8077] device wg1 entered promiscuous mode
[  415.454965][ T8090] loop1: detected capacity change from 0 to 512
[  415.691744][ T8090] EXT4-fs (loop1): Ignoring removed orlov option
[  416.601925][ T8090] EXT4-fs (loop1): 1 orphan inode deleted
[  416.613816][ T8090] EXT4-fs (loop1): mounted filesystem without journal. Opts: errors=remount-ro,sb=0x0000000000000076,auto_da_alloc,init_itable,stripe=0x000000000000007b,orlov,sysvgroups,delalloc,usrquota,. Quota mode: writeback.
[  416.699992][ T8090] ext4 filesystem being mounted at /175/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  419.245934][ T8121] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  420.478281][ T8141] loop6: detected capacity change from 0 to 128
[  420.690192][ T8146] loop1: detected capacity change from 0 to 1024
[  420.720838][ T8148] attempt to access beyond end of device
[  420.720838][ T8148] loop6: rw=2049, want=321, limit=128
[  425.818386][ T8194] Invalid ELF header magic: != ELF
[  426.212711][ T8201] loop5: detected capacity change from 0 to 1024
[  427.731782][ T8221] autofs4:pid:8221:autofs_fill_super: called with bogus options
[  427.754861][   T26] audit: type=1326 audit(1740035764.697:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8216 comm="syz.6.1020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f039a089de9 code=0x7ffc0000
[  428.680577][   T26] audit: type=1326 audit(1740035764.697:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8216 comm="syz.6.1020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f039a089de9 code=0x7ffc0000
[  428.706515][   T26] audit: type=1326 audit(1740035764.697:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8216 comm="syz.6.1020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f039a089de9 code=0x7ffc0000
[  428.753629][   T26] audit: type=1326 audit(1740035764.697:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8216 comm="syz.6.1020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f039a089de9 code=0x7ffc0000
[  428.886324][   T26] audit: type=1326 audit(1740035764.697:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8216 comm="syz.6.1020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f039a089de9 code=0x7ffc0000
[  428.909173][   T26] audit: type=1326 audit(1740035764.697:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8216 comm="syz.6.1020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7f039a089de9 code=0x7ffc0000
[  429.123032][   T26] audit: type=1326 audit(1740035764.697:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8216 comm="syz.6.1020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=96 compat=0 ip=0xffffffffff600000 code=0x7ffc0000
[  429.147149][   T26] audit: type=1326 audit(1740035764.697:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8216 comm="syz.6.1020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f039a089de9 code=0x7ffc0000
[  430.400580][ T8239] loop1: detected capacity change from 0 to 1024
[  430.416146][ T4210] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  430.488971][ T4210] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  430.740818][ T8249] netlink: 'syz.5.1038': attribute type 1 has an invalid length.
[  430.982769][ T8253] Invalid ELF header magic: != ELF
[  432.069962][ T8239] EXT4-fs (loop1): Mount option "nodioread_nolock" incompatible with ext2
[  432.535554][ T8268] loop5: detected capacity change from 0 to 164
[  432.826665][ T8268] ISOFS: primary root directory is empty. Disabling Rock Ridge and switching to Joliet.
[  434.176755][ T8284] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  436.327849][ T8279] dccp_close: ABORT with 32 bytes unread
[  436.446442][ T8304] loop6: detected capacity change from 0 to 128
[  436.505592][ T8307] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1042'.
[  436.827643][ T8322] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  438.886390][ T8370] loop1: detected capacity change from 0 to 16
[  439.060896][ T8370] erofs: (device loop1): erofs_load_compr_cfgs: try to load compressed fs with unsupported algorithms fffe
[  439.726590][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[  439.733172][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[  442.055839][ T8390] loop6: detected capacity change from 0 to 1024
[  442.279764][ T8397] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  443.530542][ T8416] lo speed is unknown, defaulting to 1000
[  443.755383][ T8427] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1079'.
[  445.458538][ T8444] netlink: 'syz.5.1073': attribute type 10 has an invalid length.
[  446.976996][ T8460] netlink: 'syz.3.1077': attribute type 12 has an invalid length.
[  452.138694][ T8497] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  453.022406][ T8507] delete_channel: no stack
[  453.084488][ T8505] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1091'.
[  453.112615][ T8505] device vlan0 entered promiscuous mode
[  453.303701][ T8510] Invalid ELF header magic: != ELF
[  454.501291][ T4168] Bluetooth: hci5: link tx timeout
[  454.507741][ T4168] Bluetooth: hci5: killing stalled connection 10:aa:aa:aa:aa:aa
[  454.516301][ T4168] Bluetooth: hci5: link tx timeout
[  454.521541][ T4168] Bluetooth: hci5: killing stalled connection 11:aa:aa:aa:aa:aa
[  456.735426][ T4546] Bluetooth: hci5: command 0x0406 tx timeout
[  457.931509][ T8544] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  459.489713][ T8560] Invalid ELF header magic: != ELF
[  461.852482][ T8579] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1110'.
[  462.039395][ T8583] overlayfs: failed to clone upperpath
[  465.039835][ T8607] loop1: detected capacity change from 0 to 1024
[  465.248510][ T8606] loop6: detected capacity change from 0 to 2048
[  465.597806][ T8606] UDF-fs: error (device loop6): udf_process_sequence: Primary Volume Descriptor not found!
[  465.821521][ T8606] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  466.467262][ T8624] netlink: 68 bytes leftover after parsing attributes in process `syz.0.1125'.
[  466.499068][ T4211] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  466.824320][ T4211] usb 2-1: Using ep0 maxpacket: 32
[  467.273899][ T4211] usb 2-1: config 0 has an invalid interface number: 67 but max is 0
[  467.287189][ T4211] usb 2-1: config 0 has no interface number 0
[  467.420663][ T8625] delete_channel: no stack
[  467.463945][ T4211] usb 2-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  467.473045][ T4211] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  467.533376][ T4211] usb 2-1: Product: syz
[  467.538855][ T4211] usb 2-1: Manufacturer: syz
[  467.548412][ T4211] usb 2-1: SerialNumber: syz
[  467.559788][ T8628] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1127'.
[  467.572084][ T4211] usb 2-1: config 0 descriptor??
[  467.625231][ T4211] smsc95xx v2.0.0
[  467.685688][   T26] audit: type=1326 audit(1740035804.877:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8629 comm="syz.5.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f02ebfaade9 code=0x7ffc0000
[  467.748991][   T26] audit: type=1326 audit(1740035804.907:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8629 comm="syz.5.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f02ebfaade9 code=0x7ffc0000
[  467.831689][   T26] audit: type=1326 audit(1740035804.907:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8629 comm="syz.5.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f02ebfaade9 code=0x7ffc0000
[  467.883769][   T26] audit: type=1326 audit(1740035804.907:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8629 comm="syz.5.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=5 compat=0 ip=0x7f02ebfaade9 code=0x7ffc0000
[  467.910493][ T8637] loop5: detected capacity change from 0 to 512
[  467.963677][   T26] audit: type=1326 audit(1740035804.907:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8629 comm="syz.5.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f02ebfaade9 code=0x7ffc0000
[  468.034739][   T26] audit: type=1326 audit(1740035804.907:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8629 comm="syz.5.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f02ebfaade9 code=0x7ffc0000
[  468.074076][ T8637] EXT4-fs (loop5): Ignoring removed nomblk_io_submit option
[  468.301999][ T8637] EXT4-fs error (device loop5): ext4_orphan_get:1401: inode #15: comm syz.5.1129: casefold flag without casefold feature
[  468.628015][   T26] audit: type=1326 audit(1740035804.907:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8629 comm="syz.5.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f02ebfaade9 code=0x7ffc0000
[  468.746440][ T8637] EXT4-fs error (device loop5): ext4_orphan_get:1406: comm syz.5.1129: couldn't read orphan inode 15 (err -117)
[  468.793890][ T4211] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): EEPROM read operation timeout
[  468.804251][ T8637] EXT4-fs (loop5): mounted filesystem without journal. Opts: dioread_lock,delalloc,nomblk_io_submit,,errors=continue. Quota mode: writeback.
[  468.858721][   T26] audit: type=1326 audit(1740035804.907:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8629 comm="syz.5.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f02ebfa9750 code=0x7ffc0000
[  468.881639][   T26] audit: type=1326 audit(1740035804.907:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8629 comm="syz.5.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f02ebfaade9 code=0x7ffc0000
[  468.949576][   T26] audit: type=1326 audit(1740035804.907:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8629 comm="syz.5.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f02ebfaade9 code=0x7ffc0000
[  469.034611][ T4211] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[  469.077865][ T4211] smsc95xx: probe of 2-1:0.67 failed with error -71
[  469.164808][ T8646] bridge0: port 1(bridge_slave_0) entered disabled state
[  469.204388][ T4211] usb 2-1: USB disconnect, device number 3
[  469.547729][ T8651] fuse: Bad value for 'fd'
[  471.826344][ T8665] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  471.845123][ T8663] loop1: detected capacity change from 0 to 1024
[  472.735052][ T8674] loop5: detected capacity change from 0 to 16
[  473.143987][ T8669] loop6: detected capacity change from 0 to 256
[  473.234179][ T8675] xt_TPROXY: Can be used only with -p tcp or -p udp
[  473.249490][ T8674] erofs: (device loop5): erofs_load_compr_cfgs: try to load compressed fs with unsupported algorithms fffe
[  477.827848][ T8727] loop5: detected capacity change from 0 to 128
[  477.965871][ T8727] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  479.678166][ T8737] loop1: detected capacity change from 0 to 1024
[  480.083238][ T8751] overlayfs: failed to clone upperpath
[  480.259849][ T8755] loop1: detected capacity change from 0 to 512
[  480.406170][ T8755] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  480.476940][ T8755] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  480.533146][ T8755] EXT4-fs (loop1): warning: checktime reached, running e2fsck is recommended
[  480.603443][ T8755] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  480.765258][ T8755] System zones: 0-2, 18-18, 34-34
[  480.807183][ T8755] EXT4-fs warning (device loop1): ext4_update_dynamic_rev:1062: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  482.884130][ T8755] EXT4-fs (loop1): 1 truncate cleaned up
[  482.889860][ T8755] EXT4-fs (loop1): mounted filesystem without journal. Opts: usrjquota=,stripe=0x0000000000000004,,errors=continue. Quota mode: none.
[  486.721616][ T8788] loop5: detected capacity change from 0 to 1024
[  494.009494][ T8847] netlink: 'syz.0.1187': attribute type 10 has an invalid length.
[  494.028209][ T8847] batman_adv: batadv0: Adding interface: wlan0
[  494.034561][ T8847] batman_adv: batadv0: The MTU of interface wlan0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  494.059913][ T8847] batman_adv: batadv0: Interface activated: wlan0
[  497.199445][ T8865] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1193'.
[  499.927229][ T8896] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  501.853152][ T8899] ptrace attach of "./syz-executor exec"[4171] was attempted by "./syz-executor exec"[8899]
[  501.971404][ T1421] ieee802154 phy0 wpan0: encryption failed: -22
[  502.001416][ T1421] ieee802154 phy1 wpan1: encryption failed: -22
[  502.675835][ T8905] loop1: detected capacity change from 0 to 512
[  502.747604][ T8905] EXT4-fs (loop1): Invalid journal IO priority (must be 0-7)
[  502.787219][ T8910] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1207'.
[  504.353814][ T8922] loop5: detected capacity change from 0 to 128
[  505.227822][ T8922] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256
[  505.765536][ T8922] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  505.786326][ T8922] UDF-fs: error (device loop5): udf_read_inode: (ino 95) failed !bh
[  505.802443][ T8922] UDF-fs: error (device loop5): udf_fill_super: Error in udf_iget, block=2, partition=0
[  505.918679][ T8940] xt_TPROXY: Can be used only with -p tcp or -p udp
[  514.749949][ T9007] ptrace attach of "./syz-executor exec"[4167] was attempted by "./syz-executor exec"[9007]
[  519.005952][ T9039] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:24) already exists on: dummy0
[  519.169717][ T9039] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  519.226029][ T9039] device vlan1 entered promiscuous mode
[  519.232764][ T9039] device dummy0 entered promiscuous mode
[  520.715012][ T9039] device dummy0 left promiscuous mode
[  520.969554][ T9056] syz.0.1246 sent an empty control message without MSG_MORE.
[  523.140546][ T9057] device wg2 entered promiscuous mode
[  525.592910][ T9085] kAFS: unable to lookup cell '.yz1'
[  526.167641][ T9087] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1257'.
[  526.232730][ T9087] device bridge_slave_1 left promiscuous mode
[  526.409339][ T9087] bridge0: port 2(bridge_slave_1) entered disabled state
[  526.599485][ T9087] bridge1: port 1(bridge_slave_1) entered blocking state
[  526.624711][ T9087] bridge1: port 1(bridge_slave_1) entered disabled state
[  526.633306][ T9087] device bridge_slave_1 entered promiscuous mode
[  526.643211][ T9091] kvm [9089]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0xc2 data 0x4000
[  526.668589][ T9091] kvm [9089]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0xc2 data 0x4000
[  526.683327][ T9091] kvm [9089]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0xc2 data 0x4000
[  526.710277][ T9091] kvm [9089]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0xc2 data 0x4000
[  527.966649][ T9108] delete_channel: no stack
[  528.526175][ T9119] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1265'.
[  528.840661][ T9120] loop5: detected capacity change from 0 to 256
[  528.990655][ T9121] 9pnet: Insufficient options for proto=fd
[  529.335314][ T9129] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  529.342655][ T9129] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  529.349473][ T9129] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  529.356187][ T9129] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  529.363169][ T9129] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  529.369570][ T9129] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  529.376241][ T9129] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  529.383542][ T9129] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  529.390195][ T9129] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  529.396606][ T9129] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  536.560567][ T9202] batman_adv: The newly added mac address (08:02:11:00:00:00) already exists on: wlan0
[  536.573510][ T9202] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  538.050006][ T9202] batman_adv: The newly added mac address (08:02:11:00:00:00) already exists on: wlan0
[  538.082183][ T9202] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  538.205143][ T9184] tipc: Started in network mode
[  538.210070][ T9184] tipc: Node identity 080211, cluster identity 4711
[  538.223343][ T9184] tipc: Enabled bearer <eth:syzkaller0>, priority 10
[  541.019376][ T4209] tipc: Node number set to 134353152
[  544.311455][ T9263] loop1: detected capacity change from 0 to 1024
[  563.913984][ T4546] Bluetooth: hci7: command 0x0409 tx timeout
[  563.999487][ T4546] Bluetooth: hci6: command 0x0409 tx timeout
[  564.006955][ T4546] Bluetooth: hci8: command 0x0409 tx timeout
[  564.021064][ T4546] Bluetooth: hci9: command 0x0409 tx timeout
[  658.654002][    C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  658.661042][    C1] rcu: 	0-...!: (53 ticks this GP) idle=145/1/0x4000000000000000 softirq=21600/21604 fqs=767 
[  658.673214][    C1] 	(detected by 1, t=10502 jiffies, g=26157, q=733)
[  658.679826][    C1] Sending NMI from CPU 1 to CPUs 0:
[  658.685092][    C0] NMI backtrace for cpu 0
[  658.685103][    C0] CPU: 0 PID: 9264 Comm: syz.5.1306 Not tainted 5.15.178-syzkaller #0
[  658.685121][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  658.685133][    C0] RIP: 0010:do_raw_spin_unlock+0x5f/0x8b0
[  658.685180][    C0] Code: 0f 85 2e 04 00 00 81 3a ad 4e ad de 0f 85 01 01 00 00 4c 89 ff be 04 00 00 00 e8 8c 27 66 00 4c 89 f8 48 c1 e8 03 0f b6 04 18 <84> c0 0f 85 24 04 00 00 41 83 3f 00 0f 84 9a 01 00 00 4d 8d 6f 10
[  658.685198][    C0] RSP: 0018:ffffc90000007c50 EFLAGS: 00000802
[  658.685213][    C0] RAX: 0000000000000000 RBX: dffffc0000000000 RCX: ffffffff816447f4
[  658.685232][    C0] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffff888079c77ae8
[  658.685243][    C0] RBP: ffff888079c77ae8 R08: dffffc0000000000 R09: ffffed100f38ef5e
[  658.685257][    C0] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff888079c77800
[  658.685269][    C0] R13: ffff888079c77b40 R14: dffffc0000000000 R15: ffff888079c77ae8
[  658.685283][    C0] FS:  00007f02e9e146c0(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[  658.685299][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  658.685311][    C0] CR2: 0000001b30716ff8 CR3: 0000000053601000 CR4: 00000000003506f0
[  658.685326][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  658.685336][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  658.685347][    C0] Call Trace:
[  658.685354][    C0]  <NMI>
[  658.685365][    C0]  ? nmi_cpu_backtrace+0x39f/0x4a0
[  658.685384][    C0]  ? read_lock_is_recursive+0x10/0x10
[  658.685404][    C0]  ? nmi_trigger_cpumask_backtrace+0x2a0/0x2a0
[  658.685422][    C0]  ? unknown_nmi_error+0xd0/0xd0
[  658.685448][    C0]  ? nmi_cpu_backtrace_handler+0x8/0x10
[  658.685466][    C0]  ? nmi_handle+0xf7/0x370
[  658.685486][    C0]  ? do_raw_spin_unlock+0x5f/0x8b0
[  658.685503][    C0]  ? default_do_nmi+0x62/0x150
[  658.685524][    C0]  ? exc_nmi+0xa8/0x100
[  658.685540][    C0]  ? end_repeat_nmi+0x16/0x31
[  658.685561][    C0]  ? do_raw_spin_unlock+0x54/0x8b0
[  658.685581][    C0]  ? do_raw_spin_unlock+0x5f/0x8b0
[  658.685599][    C0]  ? do_raw_spin_unlock+0x5f/0x8b0
[  658.685618][    C0]  ? do_raw_spin_unlock+0x5f/0x8b0
[  658.685636][    C0]  </NMI>
[  658.685641][    C0]  <IRQ>
[  658.685650][    C0]  _raw_spin_unlock+0x1a/0x40
[  658.685670][    C0]  advance_sched+0x68b/0x940
[  658.685694][    C0]  ? taprio_free_sched_cb+0x1a0/0x1a0
[  658.685712][    C0]  __hrtimer_run_queues+0x598/0xcf0
[  658.685741][    C0]  ? hrtimer_interrupt+0x980/0x980
[  658.685757][    C0]  ? ktime_get_update_offsets_now+0x407/0x420
[  658.685780][    C0]  hrtimer_interrupt+0x392/0x980
[  658.685810][    C0]  __sysvec_apic_timer_interrupt+0x13b/0x4b0
[  658.685835][    C0]  sysvec_apic_timer_interrupt+0x9b/0xc0
[  658.685855][    C0]  </IRQ>
[  658.685860][    C0]  <TASK>
[  658.685865][    C0]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[  658.685883][    C0] RIP: 0010:finish_lock_switch+0x91/0x100
[  658.685903][    C0] Code: 45 31 c9 68 c7 ba 59 81 e8 3c 12 09 00 48 83 c4 08 4c 89 ff e8 90 db fe ff 66 90 4c 89 ff e8 b6 31 ef 08 e8 f1 48 2d 00 fb 5b <41> 5c 41 5d 41 5e 41 5f c3 44 89 f1 80 e1 07 80 c1 03 38 c1 7c 87
[  658.685917][    C0] RSP: 0018:ffffc9000309f298 EFLAGS: 00000286
[  658.685932][    C0] RAX: 6cd27dea0888e200 RBX: ffff88802a255974 RCX: ffffffff96a92f03
[  658.685945][    C0] RDX: dffffc0000000000 RSI: ffffffff8aab2b80 RDI: ffffffff8af9f2c0
[  658.685958][    C0] RBP: ffffc9000309f310 R08: ffffffff81870420 R09: ffffed10171c7461
[  658.685972][    C0] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[  658.685984][    C0] R13: 1ffff110171c760b R14: ffff8880b8e3b058 R15: ffff8880b8e3a300
[  658.686001][    C0]  ? trace_hardirqs_on+0x30/0x80
[  658.686027][    C0]  finish_task_switch+0x134/0x630
[  658.686049][    C0]  ? __switch_to_asm+0x34/0x60
[  658.686069][    C0]  __schedule+0x12cc/0x45b0
[  658.686102][    C0]  ? release_firmware_map_entry+0x190/0x190
[  658.686119][    C0]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  658.686145][    C0]  schedule+0x11b/0x1f0
[  658.686162][    C0]  schedule_timeout+0xac/0x300
[  658.686180][    C0]  ? console_conditional_schedule+0x40/0x40
[  658.686205][    C0]  ? do_raw_spin_unlock+0x137/0x8b0
[  658.686227][    C0]  ? prepare_to_wait_exclusive+0xc5/0x220
[  658.686253][    C0]  unix_wait_for_peer+0x24b/0x330
[  658.686272][    C0]  ? unix_find_other+0x860/0x860
[  658.686293][    C0]  ? init_wait_entry+0xd0/0xd0
[  658.686313][    C0]  ? __rwlock_init+0x140/0x140
[  658.686333][    C0]  ? bpf_lsm_unix_may_send+0x5/0x10
[  658.686352][    C0]  unix_dgram_sendmsg+0x1441/0x2090
[  658.686382][    C0]  ? unix_dgram_poll+0x650/0x650
[  658.686400][    C0]  ? __might_sleep+0xc0/0xc0
[  658.686416][    C0]  ? aa_sock_msg_perm+0x91/0x150
[  658.686436][    C0]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[  658.686452][    C0]  ? security_socket_sendmsg+0x7d/0xa0
[  658.686473][    C0]  ? unix_dgram_poll+0x650/0x650
[  658.686491][    C0]  ____sys_sendmsg+0x59e/0x8f0
[  658.686510][    C0]  ? iovec_from_user+0x5d/0x390
[  658.686532][    C0]  ? __sys_sendmsg_sock+0x30/0x30
[  658.686559][    C0]  ___sys_sendmsg+0x252/0x2e0
[  658.686581][    C0]  ? __sys_sendmsg+0x260/0x260
[  658.686623][    C0]  ? __might_fault+0xb4/0x110
[  658.686643][    C0]  __sys_sendmmsg+0x2bf/0x560
[  658.686666][    C0]  ? __ia32_sys_sendmsg+0x80/0x80
[  658.686689][    C0]  ? __lock_acquire+0x1ff0/0x1ff0
[  658.686705][    C0]  ? __sys_connect+0x18a/0x410
[  658.686728][    C0]  ? print_irqtrace_events+0x210/0x210
[  658.686746][    C0]  ? vtime_user_exit+0x2d1/0x400
[  658.686767][    C0]  ? syscall_enter_from_user_mode+0x2e/0x240
[  658.686789][    C0]  __x64_sys_sendmmsg+0x9c/0xb0
[  658.686809][    C0]  do_syscall_64+0x3b/0xb0
[  658.686825][    C0]  ? clear_bhb_loop+0x15/0x70
[  658.686841][    C0]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  658.686861][    C0] RIP: 0033:0x7f02ebfaade9
[  658.686879][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  658.686894][    C0] RSP: 002b:00007f02e9e14038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  658.686910][    C0] RAX: ffffffffffffffda RBX: 00007f02ec1c3fa0 RCX: 00007f02ebfaade9
[  658.686922][    C0] RDX: 0000000000000651 RSI: 0000400000000000 RDI: 0000000000000004
[  658.686933][    C0] RBP: 00007f02ec02c2a0 R08: 0000000000000000 R09: 0000000000000000
[  658.686944][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  658.686954][    C0] R13: 0000000000000000 R14: 00007f02ec1c3fa0 R15: 00007ffe4d148c68
[  658.686975][    C0]  </TASK>
[  658.687084][    C1] rcu: rcu_preempt kthread starved for 8752 jiffies! g26157 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
[  659.321430][    C1] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  659.331413][    C1] rcu: RCU grace-period kthread stack dump:
[  659.337303][    C1] task:rcu_preempt     state:R  running task     stack:27256 pid:   15 ppid:     2 flags:0x00004000
[  659.348103][    C1] Call Trace:
[  659.351390][    C1]  <TASK>
[  659.354332][    C1]  __schedule+0x12c4/0x45b0
[  659.358856][    C1]  ? _raw_spin_unlock_irqrestore+0x8b/0x130
[  659.364769][    C1]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[  659.370690][    C1]  ? __mod_timer+0xa8e/0xeb0
[  659.375301][    C1]  ? release_firmware_map_entry+0x190/0x190
[  659.381212][    C1]  ? mod_timer_pending+0x20/0x20
[  659.386165][    C1]  ? lockdep_softirqs_off+0x420/0x420
[  659.391572][    C1]  schedule+0x11b/0x1f0
[  659.395751][    C1]  schedule_timeout+0x1b9/0x300
[  659.400614][    C1]  ? console_conditional_schedule+0x40/0x40
[  659.406608][    C1]  ? update_process_times+0x200/0x200
[  659.412009][    C1]  ? prepare_to_swait_event+0x321/0x340
[  659.417575][    C1]  rcu_gp_fqs_loop+0x2bf/0x1080
[  659.422452][    C1]  ? dyntick_save_progress_counter+0x230/0x230
[  659.428625][    C1]  ? rcu_gp_init+0x1140/0x1140
[  659.433410][    C1]  ? finish_swait+0xc5/0x1d0
[  659.438064][    C1]  rcu_gp_kthread+0xa4/0x360
[  659.442664][    C1]  ? _raw_spin_unlock+0x40/0x40
[  659.447533][    C1]  ? rcu_report_qs_rsp+0x1a0/0x1a0
[  659.452654][    C1]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[  659.458566][    C1]  ? __kthread_parkme+0x15c/0x1c0
[  659.463609][    C1]  kthread+0x3f6/0x4f0
[  659.467693][    C1]  ? rcu_report_qs_rsp+0x1a0/0x1a0
[  659.472915][    C1]  ? kthread_blkcg+0xd0/0xd0
[  659.477520][    C1]  ret_from_fork+0x1f/0x30
[  659.481974][    C1]  </TASK>
[  659.485002][    C1] rcu: Stack dump where RCU GP kthread last ran:
[  659.491326][    C1] NMI backtrace for cpu 1
[  659.495653][    C1] CPU: 1 PID: 4304 Comm: kworker/u4:10 Not tainted 5.15.178-syzkaller #0
[  659.504084][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  659.514158][    C1] Workqueue: writeback wb_workfn (flush-8:0)
[  659.520197][    C1] Call Trace:
[  659.523493][    C1]  <IRQ>
[  659.526346][    C1]  dump_stack_lvl+0x1e3/0x2d0
[  659.531044][    C1]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  659.536687][    C1]  ? panic+0x860/0x860
[  659.540784][    C1]  nmi_cpu_backtrace+0x46a/0x4a0
[  659.545736][    C1]  ? __wake_up_klogd+0xd5/0x100
[  659.550612][    C1]  ? nmi_trigger_cpumask_backtrace+0x2a0/0x2a0
[  659.556783][    C1]  ? _printk+0xd1/0x120
[  659.560959][    C1]  ? cpu_online+0x1f/0x40
[  659.565300][    C1]  ? panic+0x860/0x860
[  659.569386][    C1]  ? arch_trigger_cpumask_backtrace+0x10/0x10
[  659.575472][    C1]  nmi_trigger_cpumask_backtrace+0x181/0x2a0
[  659.581471][    C1]  rcu_check_gp_kthread_starvation+0x1d2/0x240
[  659.587647][    C1]  print_other_cpu_stall+0x137a/0x14d0
[  659.593141][    C1]  ? print_cpu_stall+0x600/0x600
[  659.598098][    C1]  ? __lock_acquire+0x1ff0/0x1ff0
[  659.603140][    C1]  ? do_raw_spin_unlock+0x137/0x8b0
[  659.608367][    C1]  rcu_sched_clock_irq+0xa38/0x1150
[  659.613583][    C1]  ? rcutree_dead_cpu+0x20/0x20
[  659.618449][    C1]  ? hrtimer_run_queues+0x163/0x450
[  659.623658][    C1]  ? account_process_tick+0x232/0x3a0
[  659.629051][    C1]  update_process_times+0x196/0x200
[  659.634880][    C1]  tick_sched_timer+0x386/0x550
[  659.639757][    C1]  ? tick_setup_sched_timer+0x2d0/0x2d0
[  659.645317][    C1]  __hrtimer_run_queues+0x55b/0xcf0
[  659.650636][    C1]  ? hrtimer_interrupt+0x980/0x980
[  659.655763][    C1]  ? ktime_get_update_offsets_now+0x407/0x420
[  659.661853][    C1]  hrtimer_interrupt+0x392/0x980
[  659.666826][    C1]  __sysvec_apic_timer_interrupt+0x13b/0x4b0
[  659.672825][    C1]  sysvec_apic_timer_interrupt+0x9b/0xc0
[  659.678477][    C1]  </IRQ>
[  659.681416][    C1]  <TASK>
[  659.684352][    C1]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[  659.690342][    C1] RIP: 0010:smp_call_function_many_cond+0xaa1/0xd90
[  659.696944][    C1] Code: 44 89 fe 83 e6 01 31 ff e8 3c d6 0b 00 41 83 e7 01 75 07 e8 d1 d2 0b 00 eb 41 f3 90 48 b8 00 00 00 00 00 fc ff df 0f b6 04 03 <84> c0 75 11 41 f7 45 00 01 00 00 00 74 1e e8 ac d2 0b 00 eb db 44
[  659.716561][    C1] RSP: 0018:ffffc9000318e500 EFLAGS: 00000293
[  659.722643][    C1] RAX: 0000000000000000 RBX: 1ffff110171c8541 RCX: ffff8880247f8000
[  659.730623][    C1] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  659.738605][    C1] RBP: ffffc9000318e640 R08: ffffffff8174b2b4 R09: ffffed10171c7679
[  659.746590][    C1] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000000
[  659.754583][    C1] R13: ffff8880b8e42a08 R14: ffff8880b8f3b380 R15: 0000000000000001
[  659.762588][    C1]  ? smp_call_function_many_cond+0xa84/0xd90
[  659.768606][    C1]  ? native_flush_tlb_multi+0xd0/0xd0
[  659.773991][    C1]  ? flush_tlb_func+0x590/0x590
[  659.778859][    C1]  ? smp_call_function_many+0x30/0x30
[  659.784243][    C1]  ? __rwlock_init+0x140/0x140
[  659.789024][    C1]  ? rcu_is_watching+0x11/0xa0
[  659.793803][    C1]  ? native_flush_tlb_multi+0xd0/0xd0
[  659.799184][    C1]  ? flush_tlb_func+0x590/0x590
[  659.804052][    C1]  on_each_cpu_cond_mask+0x3b/0x80
[  659.809189][    C1]  flush_tlb_mm_range+0x2a5/0x4a0
[  659.814241][    C1]  ? flush_tlb_multi+0x50/0x50
[  659.819022][    C1]  ? __ia32_sys_msync+0x80/0x80
[  659.823892][    C1]  ptep_clear_flush+0x112/0x150
[  659.828760][    C1]  page_mkclean_one+0x428/0x7b0
[  659.833641][    C1]  ? page_mkclean+0x490/0x490
[  659.838344][    C1]  ? __might_sleep+0xc0/0xc0
[  659.842957][    C1]  ? vma_address+0x23d/0x440
[  659.847565][    C1]  ? page_mkclean+0x490/0x490
[  659.852252][    C1]  rmap_walk_file+0x3f8/0x600
[  659.856952][    C1]  page_mkclean+0x330/0x490
[  659.861470][    C1]  ? rmap_walk+0x170/0x170
[  659.865903][    C1]  ? page_mkclean+0x490/0x490
[  659.870597][    C1]  ? page_mkclean_one+0x7b0/0x7b0
[  659.875639][    C1]  ? rcu_lock_release+0x5/0x20
[  659.880420][    C1]  ? page_mapping+0x312/0x440
[  659.885120][    C1]  clear_page_dirty_for_io+0x3ce/0xa60
[  659.890598][    C1]  ? wait_on_page_writeback+0x1a0/0x1a0
[  659.896175][    C1]  mpage_submit_page+0x90/0x230
[  659.901046][    C1]  mpage_process_page_bufs+0x6c8/0x8b0
[  659.906536][    C1]  mpage_prepare_extent_to_map+0xc9d/0x1150
[  659.912461][    C1]  ? trace_ext4_writepages+0x1e0/0x1e0
[  659.917949][    C1]  ? rcu_is_watching+0x11/0xa0
[  659.922726][    C1]  ? ext4_init_io_end+0x25/0x120
[  659.927691][    C1]  ext4_writepages+0xcd0/0x3d10
[  659.932590][    C1]  ? validate_chain+0x112/0x5930
[  659.937580][    C1]  ? tag_pages_for_writeback+0x6a0/0x6a0
[  659.943227][    C1]  ? ext4_readpage+0x300/0x300
[  659.948012][    C1]  ? mark_lock+0x98/0x340
[  659.952356][    C1]  ? __lock_acquire+0x1295/0x1ff0
[  659.957432][    C1]  ? ext4_readpage+0x300/0x300
[  659.962208][    C1]  do_writepages+0x481/0x730
[  659.966820][    C1]  ? __writepage+0x120/0x120
[  659.971437][    C1]  ? read_lock_is_recursive+0x10/0x10
[  659.976825][    C1]  ? writeback_sb_inodes+0x732/0x1a40
[  659.982215][    C1]  ? __lock_acquire+0x1ff0/0x1ff0
[  659.987247][    C1]  ? do_raw_spin_lock+0x14a/0x370
[  659.992304][    C1]  __writeback_single_inode+0x15b/0xe30
[  659.997870][    C1]  writeback_sb_inodes+0xbce/0x1a40
[  660.003108][    C1]  ? print_unlock_imbalance_bug+0x2b0/0x2b0
[  660.009030][    C1]  ? queue_io+0x560/0x560
[  660.013400][    C1]  ? up_read+0x20/0x20
[  660.017498][    C1]  ? __lock_acquire+0x1295/0x1ff0
[  660.022547][    C1]  __writeback_inodes_wb+0x114/0x400
[  660.027868][    C1]  wb_writeback+0x465/0xc50
[  660.032415][    C1]  ? rcu_lock_release+0x20/0x20
[  660.037283][    C1]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  660.043494][    C1]  ? do_raw_spin_unlock+0x137/0x8b0
[  660.048709][    C1]  ? cpumask_next+0xc3/0xf0
[  660.053234][    C1]  wb_workfn+0xc55/0x1130
[  660.057584][    C1]  ? mark_lock+0x98/0x340
[  660.061944][    C1]  ? inode_wait_for_writeback+0x280/0x280
[  660.067687][    C1]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  660.073684][    C1]  ? print_irqtrace_events+0x210/0x210
[  660.079160][    C1]  ? do_raw_spin_unlock+0x137/0x8b0
[  660.084379][    C1]  process_one_work+0x8a1/0x10c0
[  660.089358][    C1]  ? worker_detach_from_pool+0x260/0x260
[  660.095021][    C1]  ? _raw_spin_lock_irqsave+0x120/0x120
[  660.100583][    C1]  ? kthread_data+0x4e/0xc0
[  660.105101][    C1]  ? wq_worker_running+0x97/0x170
[  660.110148][    C1]  worker_thread+0xaca/0x1280
[  660.114866][    C1]  kthread+0x3f6/0x4f0
[  660.118945][    C1]  ? rcu_lock_release+0x20/0x20
[  660.123806][    C1]  ? kthread_blkcg+0xd0/0xd0
[  660.128413][    C1]  ret_from_fork+0x1f/0x30
[  660.132857][    C1]  </TASK>