last executing test programs:

6m22.835866689s ago: executing program 2 (id=631):
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TCFLSH(0xffffffffffffffff, 0x540b, 0x2)
prlimit64(0x0, 0xe, 0x0, 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
memfd_create(0x0, 0x3)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x1, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x4, 0x4, 0x1000, 0x1, r2, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000008c0)={{r3}, &(0x7f0000000840), &(0x7f0000000880)=r2}, 0x20)

6m21.663746906s ago: executing program 2 (id=634):
mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x2172, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x4000, 0x3, &(0x7f0000ff9000/0x4000)=nil)
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000005e002200850000006d00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000400)='kmem_cache_free\x00', r0}, 0x10)
open(0x0, 0x80ff, 0x0)
munlockall()

6m21.18264164s ago: executing program 2 (id=637):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
chdir(&(0x7f0000000000)='./cgroup\x00')
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000001f80)=""/4089, 0xff9)

6m20.310418956s ago: executing program 2 (id=642):
r0 = signalfd(0xffffffffffffffff, &(0x7f00000002c0)={[0x7fffffff]}, 0x8)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[], 0x70}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet_udp(0x2, 0x2, 0x0)
sendmsg$nl_route(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001080)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x10532}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @vlan={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}]}}}, @IFLA_LINK={0x8}]}, 0x44}}, 0x0)
r3 = gettid()
timer_create(0x0, &(0x7f0000000180)={0x0, 0x11, 0x4, @tid=r3}, &(0x7f0000000080))
read$FUSE(r0, &(0x7f00000008c0)={0x2020}, 0xfffffef0)
openat$vga_arbiter(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = syz_open_procfs(0x0, 0x0)
r5 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r4, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1}, {0x0, 0xe4c}}, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000001600)=ANY=[@ANYBLOB="1500000065ffff097b00"], 0x15)
r6 = dup(0xffffffffffffffff)
write$FUSE_BMAP(r6, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r6, &(0x7f0000000440)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_NOTIFY_RETRIEVE(r6, 0x0, 0x0)
creat(&(0x7f0000000200)='./file0/file0\x00', 0x0)

6m19.453736251s ago: executing program 2 (id=646):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
ioprio_get$pid(0x0, r0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = socket(0x10, 0x2, 0x0)
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r5, 0x10e, 0x8, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0x26, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x9c}, [@initr0]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
socket$netlink(0x10, 0x3, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x17, 0x4, &(0x7f0000000480)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x2, 0x1}]}, &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)

6m15.189349889s ago: executing program 2 (id=659):
r0 = socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0xd, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x9, 0x1, 0x4c}]}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
fcntl$lock(0xffffffffffffffff, 0x7, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_PEER_REMOVE(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000a00)={0x14, 0x0, 0x1, 0x70bd28, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0xc000}, 0x40000)
r5 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000000), r5)
getsockname$packet(r5, &(0x7f0000000180)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000000c0)=ANY=[@ANYBLOB="380000001000390400000000000000", @ANYRES32=0x0, @ANYBLOB, @ANYBLOB], 0x38}}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r5, 0x89f2, &(0x7f0000000040)={'sit0\x00', &(0x7f0000000400)={'sit0\x00', r6, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @empty, @empty}}}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)

6m5.836969419s ago: executing program 4 (id=676):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
unshare(0x300)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x7, 0x8b}, 0x0)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
socket$inet_tcp(0x2, 0x1, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x2d)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f00000004c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKINFO_GET(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)={0x20, r7, 0x1, 0x0, 0x0, {0x1a}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}]}, 0x20}}, 0x0)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
clock_gettime(0x0, &(0x7f00000000c0))
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x50, r8, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x33, 0xe, {{{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ibss_ssid}, @void, @val={0x3, 0x1, 0x8c}, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}]]}, 0x50}}, 0x0)

6m4.402259519s ago: executing program 4 (id=679):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendto$inet6(0xffffffffffffffff, &(0x7f00000000c0)="900000001c001f4d154a817393278bff0a80a578020000000104740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b", 0x72, 0x0, 0x0, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000080)={r1, 0x2, 0x1, 0x1})
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_tcp(0x2, 0x1, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
socket$inet6(0xa, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000240)=ANY=[@ANYRESDEC], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000400)='locks_get_lock_context\x00'}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = dup(r2)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000040)=@x86={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x40})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

6m4.067728221s ago: executing program 4 (id=682):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r0 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x141341)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000200))
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0x4, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x5, 0x4, 0x7fe2, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000006c0)={r1, &(0x7f0000000500), &(0x7f0000000600)=""/155}, 0x20)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r1, &(0x7f0000000040), &(0x7f0000000480)=""/146}, 0x1d)

5m59.57926834s ago: executing program 32 (id=659):
r0 = socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0xd, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x9, 0x1, 0x4c}]}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
fcntl$lock(0xffffffffffffffff, 0x7, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_PEER_REMOVE(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000a00)={0x14, 0x0, 0x1, 0x70bd28, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0xc000}, 0x40000)
r5 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000000), r5)
getsockname$packet(r5, &(0x7f0000000180)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000000c0)=ANY=[@ANYBLOB="380000001000390400000000000000", @ANYRES32=0x0, @ANYBLOB, @ANYBLOB], 0x38}}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r5, 0x89f2, &(0x7f0000000040)={'sit0\x00', &(0x7f0000000400)={'sit0\x00', r6, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @empty, @empty}}}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)

5m59.46642257s ago: executing program 4 (id=692):
syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000280)='./file0\x00', 0x414, &(0x7f0000000000)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000"], 0x1, 0x2a1, &(0x7f0000000f40)="$eJzs3MFqE18Ux/Hzb/pv0pQ2EURQUA+60c3QxgfQIC2IAaU2RV0IUzvRkDEpM0MlIjYbcetzFJfuBPUFuhE37t0VQXDThTjiTKZN2rSmbdLE9PuBck9y7o+5bdNyUuis3339pFRwjYLpyVBCZUikJhsi6T9V3X/1dSioR6RRTS6P/fhy9s69+zezudz0rOpMdu5KRlUnzr9/+vzNhY/e2PzbiXdxWUs/WP+e+bp2au30+q+5x0VXi66WK56aulCpeOaCbeli0S0Zqrdty3QtLZZdy2nqF+zK0lJVzfLieHLJsVxXzXJVS1ZVvYp6TlXNR2axrIZh6HhSjrfhNvbkV2dnzeyubT/W0ROh60ZbPek42VrrZn71CM4EAAD6zN7zfzjr7z7/5+bDtcPzvwjzf5fUmh79Zf7HQHCcrJms//w2Y/4HAAAAAAAAAAAAAAAAAAAAAOBfsOH7Kd/3U9EafcRFJCEi0eNenxPdccDv/9UeHRcd1vCPewkR+9VyfjkfrmE/W5Ci2GLJpKTkZ/B6qAvrmRu56UkNpOWDvVLPryznYxKP8pF0q/y5E1NhXpvz/0uy8foZScnJ1tfPtMyPyKWLDXlDUvLpoVTElsXgdb2VfzGlev1Wblt+NNgHAAAAAMAgMHTTjvfvQT/YkJCd/TC/j78PbHt/PSxn2rlFJQAAAAAAODS3+qxk2rblHKCIi8gh4oNaxKQvjrGtuCYifXCMoyoSIhI+oweJf9uMt5Xy29gzLCI9/7Lso+j1byYAAAAAnbY19O8j9PllF08EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDx0+79wKL9O1pRY494w+ViR/4JAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH3kdwAAAP//R8IgDA==")
r0 = syz_open_procfs(0x0, &(0x7f0000000240)='mountinfo\x00')
r1 = syz_open_procfs(0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000580)='./file0\x00', 0x0, 0x0, 0x8, 0x0, 0x0)
syz_open_dev$usbmon(&(0x7f0000000000), 0x7fffffff, 0x0)
io_setup(0x6, &(0x7f0000001380))
syz_open_dev$usbfs(&(0x7f0000000040), 0x20000007d, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
read$FUSE(r1, &(0x7f0000002680)={0x2020, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}, 0x2020)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), 0xffffffffffffffff)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wpan4\x00', <r8=>0x0})
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r6, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x1c, r7, 0x200, 0x70bd2c, 0x25dfdbfb, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x880)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wpan4\x00', <r11=>0x0})
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r9, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x1c, r10, 0x200, 0x70bd2c, 0x25dfdbfb, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r11}]}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x880)
sendmsg$IEEE802154_LLSEC_ADD_SECLEVEL(r4, &(0x7f0000000340)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000200)={&(0x7f00000002c0)={0x14, r5, 0x10, 0x70bd2d, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x41}, 0xc0)
r12 = syz_clone(0x0, 0x0, 0x9, 0x0, 0x0, 0x0)
getpriority(0x1, r12)
r13 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r13, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r13, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_mreqsrc(r13, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local, @local}, 0xc)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000380))
statx(r0, &(0x7f0000000640)='./file0\x00', 0x800, 0x800, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x0, <r14=>0x0})
setsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000780)={r3, 0x0, r14}, 0xc)

5m58.581303146s ago: executing program 4 (id=694):
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)=ANY=[], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xffd, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000280), &(0x7f0000000080)=r1}, 0x20)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = syz_open_dev$vcsu(0x0, 0x6, 0x0)
mmap$KVM_VCPU(&(0x7f00005d1000/0x2000)=nil, 0x0, 0x2000000, 0x2010, r3, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r6, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000b80)=ANY=[@ANYBLOB="61128c000000000061134c0000000000bf2000000000000007000000080000003d0301000000000095000000000000006926000000000000bf670000000000002606080001044d004507000002000000240600000ee60000bf050000000000000f630000000000006507000002000000070700004c0000001f75000000000000bf54000000000000070400000400f9ff2d350100000000009500000000000000050000000000000095000000000000001f1bd182bd43cb58074e0816289328452c0880fe4b3af9c97925711095cc7d3ebcd8418ffdc4a1da470a14e4391c3fb6915cbff2a4911fe82664d775cdb9dfc83fa32db39b636c1866b526185f4ab35172a74e9afe751664f575306ebb2c2890a4fa79303101a652776cc2fb4f01e79cd10215d917a116350d60f27fdc244bdab56ee3ad8f5fdf82027a1215bc54045d6b9f30bdebcf053aa120397695ffd0f6e5fe24ce4b9143a3d8419fb51331ca5fef"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f0000000180)=0x80000004, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x33, &(0x7f0000000000)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x1, 0x4}]}, 0x10)
bind$inet6(0xffffffffffffffff, &(0x7f0000000200)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @broadcast}, 0x80ad}, 0x1c)

5m57.754476192s ago: executing program 4 (id=698):
ioctl$PPPIOCCONNECT(0xffffffffffffffff, 0x4004743a, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$inet6(0xa, 0x3, 0x3c)
setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$USBDEVFS_CONTROL(0xffffffffffffffff, 0xc0185500, &(0x7f00000000c0)={0x83, 0x6, 0x203, 0xa, 0x0, 0x400, 0x0})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r3}, 0x10)
timerfd_create(0x0, 0x0)

5m56.715147119s ago: executing program 33 (id=698):
ioctl$PPPIOCCONNECT(0xffffffffffffffff, 0x4004743a, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$inet6(0xa, 0x3, 0x3c)
setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$USBDEVFS_CONTROL(0xffffffffffffffff, 0xc0185500, &(0x7f00000000c0)={0x83, 0x6, 0x203, 0xa, 0x0, 0x400, 0x0})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r3}, 0x10)
timerfd_create(0x0, 0x0)

3m16.873754498s ago: executing program 6 (id=1089):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mount$9p_unix(0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r3}, 0x0, &(0x7f00000002c0)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000d40)='./file0\x00', 0x0)
mount$bpf(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f00000005c0), 0x4408, 0x0)

3m15.220701629s ago: executing program 6 (id=1101):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[], 0x50)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = dup(r2)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0xe501, 0x3, 0x490, 0x320, 0x6affffff, 0x3403000b, 0x320, 0x7, 0x3f8, 0x230, 0x230, 0x3f8, 0x223, 0x3, 0x0, {[{{@ip={@remote, @local, 0x0, 0x0, 'veth1_macvtap\x00', 'veth1_to_team\x00'}, 0x0, 0x2d8, 0x320, 0x0, {0x1000000}, [@common=@unspec=@bpf0={{0x230}, {0x1, [{0x6}]}}, @common=@unspec=@time={{0x38}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'pptp\x00'}}}, {{@uncond, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'syz0\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x4f0)

3m14.788856871s ago: executing program 6 (id=1104):
r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
syz_mount_image$nilfs2(&(0x7f0000000ec0), &(0x7f0000000080)='./file0\x00', 0x40, &(0x7f0000000000)=ANY=[], 0x4, 0xf9c, &(0x7f0000001980)="$eJzs3U+MG9X9APA3Xnv/ZJesF/jBAj9CfvCrCBR2QxKp6S0I1EslxKV3UEhoxEJRQysRAdn0gKiEKBLiVHEAcaFUSpGKBKpUoZ7anlq1p/aCeqFSlUpBPbRIyVbZfeO133pir9c7ttefj/T12zdvPN/vrJ3szNh+DsDYqqzfHju2mIXw9qdvPfryU9nH15bd1Vjj4PptFnv1EEKtqZ8l2/s8Lrhy+aWT7dosHFm/zfvhsUuN+86GEFbDwfBZqIcPl1e+/OCdRw599Or0LW+ce+aVXdr9hnQ/AABgL7r4+5W/3Pf33z2w8NXFAyfCVGN5fnxej/3ZeNx/OB4o58fLldDaz5qi2WSy3kSMSrLeRLJeNclTLchXS7ZTK1hvskO+iaZl7fYTAAAARlF+XlsPWWWppV+pLC1tnPdf8/n8ZLb03JmV02cHVCgAAADQs3+dX3/T7QjH9BDUINKYyZ9g27vfh9/e/n12FJWS81VLzjc20dvzTQghhBCif+F4RIxArM2XeLEBAAAAoM18YVus9nemrsbW6t3lv/Rwpf39oQ+S59/WaSf6/Py/fv7prSuUmr+N3c9fG3D+6+7/+xf8jwMAQO/26tFkvl/5cXQ+j0E6j+BEy71mJ7Z7/lFJtlPdZp1F8wqOynyDRXVOlFxHr4rq3+7jOChF9afzYQ6rovrTeTqHVVH9UyXX0aui+ttc+QnD+M+6qP6ZkuvoVVH9+0quo1dF9c+WXEeviuqfK7mOXhXVf0PJdfSqqP79JdfRq6L6R+VttUX110uuo1dF9S9sNEN/GFFU/40l19GrovpvKrmOXhXVf3PJdQzKnbHNfw8HCtabbXPwN3QHgwAAAEBb/xn5+f/GNKpDUMOYx/pr7ENQhxBiJ3Fh449h6/LpNsvEjqIyBDXsVsy0ew4JIYQQQxnnB3fpAQAAABgS+ecC8k+9r0X5+MSW8b++d+02H682j09vbiAfr3XY/mSH8akO4wAAAEAIv3rt9G1vZpvz3aWf6d/ufHj5vFEz4eOroYd5jNL5CLebf6fznu00f/sJR0ZlNjYAAAD2quxbn129/9F3X1j46uKBE01nv1fj+W4+D2g1Xhv4JPbz9wXMJf0sP4c+0ZqnUrBeen3ghqLtPb7DHQUAAIAxlp+/10NWWWo6766HSmVpafN8fDHUstNnVk4djv38+1l+O1+burb8oZLrBgAAALq3eb7f/vw//x7fxTCZLT13ZuX02Y3+XGN5rdJ8XWB+c3nWfF2gniw/UrD8aOzH7+8M352fWV++dPJ7K0/1e+cBAABgTJx98dwzT66snPr++PxQDSHsaDthGPbCD37Y1R8G/T8TAADQb1988VbtB0fnfr3x+f/N+e+uxh8Oxn49zu33h7g8f59A/jmALZ/Xf6I1z3zRes+3rldP1puIMZXUPd20nbA+32Dr/RaK8tVbtzNZkG82yTeX5EvnKagm62dt5hIMbWYCzNebT5an8zBWkxxZkv/uNrkAAAAgt/zCs88vn33x3INnnn3y6VNPn3ru6JHj3zx+/PBD33hoef19/cvN7+4HAAAARtHmm34HXQkAAAAAAAAAAAAAAAAAAACMrzK+TmzQ+wgAAADj7p/nQwirQhRE/gWDg65j1CMbghp2L9amBl/D3o7g36EQok38+Y3B1yCEGJ0Y7HnftGOZ4Yi1tfSb5gEAAAB215XLL51sbrdYzfqar7G1+kZzNebN27kH/7RwLfLVLj3cer1kX1+rYdyV/fyXf1jzT7Udf/9Cf/OvX4ivb/Y7//9Xad3AifXbauzNdJv33uWfLTbyhxBur3aZv2X/L4TweLcZWx1K8t8busu/9m7y+3+ipVfpNv99Sf59Xea/lD7+zxdlmL5u/vtj/sXYP3RPt/lbd3EqydbtE+Dryf4/FbrNn+x/vcuEiQdifgAYR42/5mvnB1tIn+VHCfnx9Gzs5/ubH7Cm737Y7vF/JdlOdceVt243Pw66NfYbR3WrrXlz260//73MxfaGHutMjcq7Sorq79fjuNuK6q+VXEeviuqfLLmOXhXV3/7sffgU1X/9s8fhUVR/1xciBqyo/lG5rlxU/2zJdfSqqP65kuvoVVH92/07PihF9e8vuY5eFdU/X3IdvSqqv8fLaqUrqn+h5Dp6VVT/jSXX0aui+m8quY5eFdV/c8l1DModsS06H87PP+fjWN6vJ/2pNr/Lrl8MAQAAAHbVP4Zy/r+mKwcDr0UIIYQQoxATQ1CDEKMc/17bMOg6RB9ibX7wNYihjLW1QV59YNCyEXqvOAD9s7uzWTDsPP7jzeM/3jz+XE/+SnyW9HMTHcarHcZrHcYnk/EsueNU0Xh0U7Ldtfy6ZnRzh/H/iXtQNL4/uf8Pk/FbO2x/scP4bR3Gb+8wfkeHcQAAAMbDLbF1fggAAAB718s//+T1X977xOWFry4eOBEmt8w7fzj2p+Jr66/Ffjrvfa4WX/P/Uey/F9vfxPZvyfrefwIAAAC7L/+eGK//AwAAwN6Vf0+p838AAADYuxZi6/wfAAAA9q4bY+v8HwAAAPawbLr94tjm1wXujm238/oBAMPvf2N7Z2wPxPau2P5fbPPjgHti+/8l1QcA9M9Pv/Pj429mm/P9H03Gr8TlebvF6saVgqzSOpP/TGz3xfZrXdaTfh9At/lz+7vMs1v553eYHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYOyrrt8eOLWYhvP3pW4/+ZPL1P15bdldjjYPrt1ns1UMItcb98tHN/i/iilcuv3Syub0a2ywcCVnIGsvDY5camWZDCKvhYPgs1MOHyytffvDOI4c+enX6ljfOPfPKLv4KWvYPAAAA9qL/BgAA///j5xeU")
r1 = open(&(0x7f00000001c0)='./file2\x00', 0x86442, 0x0)
dup3(r1, r0, 0x0)
io_setup(0x2, &(0x7f0000000400)=<r2=>0x0)
io_submit(r2, 0x3f0a, &(0x7f0000000540)=[&(0x7f00000000c0)={0xf04aef, 0x3d8, 0x4, 0x0, 0x0, r0, &(0x7f0000000000), 0x200a00}])

3m13.45054828s ago: executing program 6 (id=1110):
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x1000004, &(0x7f0000000d80)=ANY=[@ANYBLOB='shortname=lower,iocharset=iso8859-1,fmask=00000000000000000000066,uni_xlate=1,uni_xlate=0,fmask=00000000000000000000003,uid=', @ANYRESHEX=0x0, @ANYBLOB=',uni_xlate=0,utf8=1,check=strict,nonumtail=0,rodir,errors=continue,shortname=lower,umaQk=00000000000000000000007,rodir,sys_immutable,\x00', @ANYBLOB="1a961083c216e398b3852441fbacd14539194e81e2ec74ea00af4757fd632db5866c80f5b55492be6ad393d28d63023cd2e764a6bb41fa00d6c103356045fc3ade2c93339a56afb89b72a46f475c860a952e02dbf9c947a7cb75e89843f6d981fe7eed0ef37d5ab46550aa22", @ANYRES64], 0x6, 0x2bb, &(0x7f0000001240)="$eJzs3U9rI2UcB/DfpMkkKpgcPInggB48Ldu9ekmRXRB7cslBPWhxtyBNEFoo+AdjT169ePDgKxAEX4gX34HgVfBmhcLITGaapI1pIk3rls/n0l+feb4zv5k+tNNDn370yujgSRb7J1/+Fp1OEo1+9OM0iV40ovZ1zOl/GwDAs+w0z+PPfGKdXBIRnc21BQBs0Io//188r36+kbYAgA16/N777+zs7j58N8s68Wj0zfGg+M2++Dg5vrMfn8Qwnsb96MZZRPmi0IrybaEoH+V5Pm5mhV68PhofD4rk6MNfqvPv/BFR5rejG71y6Pxto8y/vftwO5uYyY+LPp6vrt8v8g+iGy+dh+fyDxbkY5DGG6/N9H8vuvHrx/FpDONJ2cQ0/9V2lr2Vf/fXFx8U7RX5ZHw8aJfzpvKtG/7SAAAAAAAAAAAAAAAAAAAAAABwh92r9s5pR7l/TzFU7b+zdVZ80oqs1pvfn2eST+oTze4PlOf5OI8f6v117mdZllcTp/lmvNyM5u3cNQAAAAAAAAAAAAAAAAAAAPy/HH32+cHecPj08FqKejeAZkT8/Tjiv56nPzPyaiyf3K6uuTccNqpyfk5zdiS26jlJxNI2ipu4psdyVfHcpZ6r4sef1j1h5+o5rcXXus6iXl0He8niZ9iOeqRTLZLv04jpnDRWvFb6b4fyWGf5pQsPdde+9/SFshgvmRPJssbe/H3y5KqR5OJdpOVTXRhvVcVM/MLaWGk9R2cSv/y9IrFbBwAAAAAAAAAAAAAAAAAAbNT0r38XHDxZGm3k7Y21BQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3avr//9coxlV4hclpHB41bvkeAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuPv+CQAA///WoVye")
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file0/../file0\x00', 0x0, 0x101091, 0x0)

3m13.146393332s ago: executing program 6 (id=1115):
r0 = signalfd(0xffffffffffffffff, &(0x7f00000002c0)={[0x7fffffff]}, 0x8)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000000)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r0, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000280)='netlink_extack\x00', r2}, 0x18)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="7000000001022d1a33810000"], 0x70}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet_udp(0x2, 0x2, 0x0)
sendmsg$nl_route(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001080)=@newlink={0x28, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x10532}, [@IFLA_LINK={0x8}]}, 0x28}}, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f0000000180)={0x0, 0x11, 0x4, @tid=r4}, &(0x7f0000000080))
read$FUSE(r0, &(0x7f00000008c0)={0x2020}, 0xfffffef0)
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
r6 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r5, &(0x7f0000000040))
epoll_ctl$EPOLL_CTL_MOD(r6, 0x3, r5, &(0x7f0000000c40)={0x2000000b})
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1}, {0x0, 0xe4c}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r7, &(0x7f0000001600)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15)
r8 = dup(r7)
write$FUSE_BMAP(r8, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r8, &(0x7f0000000440)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_NOTIFY_RETRIEVE(r8, &(0x7f00000000c0)={0x14c}, 0x137)
creat(&(0x7f0000000200)='./file0/file0\x00', 0x0)

3m10.627879419s ago: executing program 6 (id=1123):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000040)={[{@grpquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@minixdf}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
r0 = open(&(0x7f0000000040)='./file1\x00', 0x64941, 0x20)
pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x1}], 0x1, 0x0, 0x0, 0xb)

3m10.269707761s ago: executing program 34 (id=1123):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000040)={[{@grpquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@minixdf}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
r0 = open(&(0x7f0000000040)='./file1\x00', 0x64941, 0x20)
pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x1}], 0x1, 0x0, 0x0, 0xb)

21.631305079s ago: executing program 5 (id=1693):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="480000001000010400"/19, @ANYRES32=0x0, @ANYBLOB="7b1300000000000028001280"], 0x48}}, 0x40080)
openat$vsock(0xffffff9c, &(0x7f00000001c0), 0x40101, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
sendmsg$can_raw(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[], 0x1c}}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc)
getgroups(0x2, &(0x7f0000000080)=[0x0, 0x0])
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x0, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0xfffffffffffffffe]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x400000000000002, 0x5, 0xfffffffffffffffe, 0x4, 0x2, 0x0, 0xefffffffffffffff, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x6], 0x0, 0x41901})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17.895479984s ago: executing program 5 (id=1700):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mount$9p_unix(0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r3}, 0x0, &(0x7f00000002c0)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000d40)='./file0\x00', 0x0)
mount$bpf(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f00000005c0), 0x4408, 0x0)

14.630209915s ago: executing program 5 (id=1708):
r0 = signalfd(0xffffffffffffffff, &(0x7f00000002c0)={[0x7fffffff]}, 0x8)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000000)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r0, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000280)='netlink_extack\x00', r2}, 0x18)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="7000000001022d1a33810000"], 0x70}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet_udp(0x2, 0x2, 0x0)
sendmsg$nl_route(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001080)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x10532}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x10, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8}]}, 0x48}}, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f0000000180)={0x0, 0x11, 0x4, @tid=r4}, &(0x7f0000000080))
read$FUSE(r0, &(0x7f00000008c0)={0x2020}, 0xfffffef0)
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
r6 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r5, &(0x7f0000000040))
epoll_ctl$EPOLL_CTL_MOD(r6, 0x3, r5, &(0x7f0000000c40)={0x2000000b})
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1}, {0x0, 0xe4c}}, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r7, &(0x7f0000001600)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15)
r8 = dup(r7)
write$FUSE_BMAP(r8, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r8, &(0x7f0000000440)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_NOTIFY_RETRIEVE(r8, &(0x7f00000000c0)={0x14c}, 0x137)
creat(&(0x7f0000000200)='./file0/file0\x00', 0x0)

11.184156107s ago: executing program 1 (id=1713):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES8=r0, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa205000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x40000000, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, 0x0, &(0x7f00000002c0)}, 0x20)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000fcffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r4 = accept4$packet(0xffffffffffffffff, &(0x7f0000000380)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14, 0x80800)
setsockopt$packet_int(r4, 0x107, 0x11, &(0x7f0000000400)=0x50291afd, 0x4)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
connect$unix(0xffffffffffffffff, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
io_setup(0x23, &(0x7f0000000280)=<r5=>0x0)
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs/binder1\x00', 0x0, 0x0)
io_submit(r5, 0x1, &(0x7f0000000700)=[&(0x7f00000002c0)={0x0, 0x0, 0x0, 0x5, 0x0, r6, 0x0}])
ioctl$BINDER_WRITE_READ(r6, 0x40046208, 0x0)

11.050447198s ago: executing program 5 (id=1716):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x693, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x1, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000040), 0x2, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000005700)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000005680), &(0x7f00000056c0)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=[@rthdrdstopts={{0x18}}, @dstopts_2292={{0x18, 0x29, 0xb}}], 0x30}, 0x0)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r6, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
io_setup(0x8, &(0x7f00000002c0)=<r7=>0x0)
io_submit(r7, 0x1, &(0x7f0000001240)=[&(0x7f0000000100)={0x2000000000, 0x4, 0x0, 0x1, 0x0, r6, &(0x7f0000000040)="0300ffff0000", 0x6}])
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

10.70654441s ago: executing program 1 (id=1719):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mount$9p_unix(0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r3}, 0x0, &(0x7f00000002c0)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000d40)='./file0\x00', 0x0)
mount$bpf(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f00000005c0), 0x4408, 0x0)

7.73039269s ago: executing program 7 (id=1727):
r0 = signalfd(0xffffffffffffffff, &(0x7f00000002c0)={[0x7fffffff]}, 0x8)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000000)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r0, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000280)='netlink_extack\x00', r2}, 0x18)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="7000000001022d1a33810000"], 0x70}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet_udp(0x2, 0x2, 0x0)
sendmsg$nl_route(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001080)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x10532}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x10, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8}]}, 0x48}}, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f0000000180)={0x0, 0x11, 0x4, @tid=r4}, &(0x7f0000000080))
read$FUSE(r0, &(0x7f00000008c0)={0x2020}, 0xfffffef0)
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
r6 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r5, &(0x7f0000000040))
epoll_ctl$EPOLL_CTL_MOD(r6, 0x3, r5, &(0x7f0000000c40)={0x2000000b})
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1}, {0x0, 0xe4c}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
syz_mount_image$fuse(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r7, &(0x7f0000001600)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15)
r8 = dup(r7)
write$FUSE_BMAP(r8, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r8, &(0x7f0000000440)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_NOTIFY_RETRIEVE(r8, &(0x7f00000000c0)={0x14c}, 0x137)
creat(&(0x7f0000000200)='./file0/file0\x00', 0x0)

6.797701156s ago: executing program 3 (id=1729):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="480000001000010400"/19, @ANYRES32=0x0, @ANYBLOB="7b1300000000000028001280"], 0x48}}, 0x40080)
openat$vsock(0xffffff9c, &(0x7f00000001c0), 0x40101, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
sendmsg$can_raw(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[], 0x1c}}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc)
getgroups(0x2, &(0x7f0000000080)=[0x0, 0x0])
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x0, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0xfffffffffffffffe]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x400000000000002, 0x5, 0xfffffffffffffffe, 0x4, 0x2, 0x0, 0xefffffffffffffff, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x6], 0x0, 0x41901})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

6.654345816s ago: executing program 0 (id=1730):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES8=r0, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa205000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x40000000, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, 0x0, &(0x7f00000002c0)}, 0x20)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000fcffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r4 = accept4$packet(0xffffffffffffffff, &(0x7f0000000380)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14, 0x80800)
setsockopt$packet_int(r4, 0x107, 0x11, &(0x7f0000000400)=0x50291afd, 0x4)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
io_setup(0x23, &(0x7f0000000280)=<r7=>0x0)
r8 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs/binder1\x00', 0x0, 0x0)
io_submit(r7, 0x1, &(0x7f0000000700)=[&(0x7f00000002c0)={0x0, 0x0, 0x0, 0x5, 0x0, r8, 0x0}])
ioctl$BINDER_WRITE_READ(r8, 0x40046208, 0x0)

6.653795237s ago: executing program 3 (id=1731):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x10)
ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0xc004743e, 0x110c230000)

6.582115727s ago: executing program 1 (id=1732):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getsockopt$IPT_SO_GET_REVISION_MATCH(r0, 0x0, 0x42, &(0x7f0000000080)={'IDLETIMER\x00'}, &(0x7f00000002c0)=0x1e)

6.521630827s ago: executing program 3 (id=1733):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB], 0x2c}}, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000300)='./file0\x00', 0x400003, &(0x7f0000000200)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x5}}, {@noblock_validity}, {@usrquota}, {@resgid}, {@nogrpid}, {@errors_remount}, {@noinit_itable}, {@dioread_lock}, {@journal_dev={'journal_dev', 0x3d, 0x4}, 0x32}]}, 0x1b, 0x4f5, &(0x7f0000000340)="$eJzs3V1rHGsdAPD/TLJtk6YmRS9qwVpsJSna3aSxbfCiVhG9Kqj12hqTTQjZZEN20zahaIofQBBRQRC88kbwAwjSjyBCQe9FRRFtPRe9OKd72Le+JLvJ9nSz25P8fjCZ55mX/P/PLjszz8wwE8CRdT4iLkTE80qlcikiRhvT08Zws1rZri/39MmDueqQRKVy+79JRFKfVl1k4pX/ebK+SpyIiO98M+IHye64pc2t5dlCIb/eqOfKK2u50ubW5aWV2cX8Yn51enrq2sz1maszk11p50hE3Pj6P3/+k99+48Yfv3jvb3f+PfHDpDE94mU7uq3e9Ezts2gajIj1gwjWBzcb7cn0OxEAADrSPM7/XERcitEYqB3NAQAAAIdJ5Ssj8X4SUQEAAAAOrbR2D2ySZhv3AYxEmmaz9Xt4PxXDaaFYKn9hobixOl+/V3YsMunCUiE/2bhXeCwySbU+VSu/rF/ZUZ+OiNMR8bPRoVo9O1cszPf75AcAAAAcESd39P/fG633/wEAAIBDZqzfCQAAAAAHTv8fAAAADj/9fwAAADjUvnXrVnWoNN9/PX93c2O5ePfyfL60nF3ZmMvOFdfXsovF4mLtmX0r+/2/QrG49qVY3bifK+dL5Vxpc+vOSnFjtXxn6bVXYAMAAAA9dPqzj/6aRMT2l4dqQ9WxficF9MTgmyz8j4PLA+i9gX4nAPTNrv3/Gx0QAB9nmX4nAPRdEhG/3mN+25t3/nQw+QAAAN03/unW1/+Tfc8NbKc9ShE4IM7/wdH1Ea//D3c7D6D3XO6HoysTA9F5R37oQHMB+iPZZ/7bX/+vVN4oIQAAoOtGakOSZiNq5wFGIk2z2YhTtdcCZJKFpUJ+MiI+ERF/Gc0cr9anamsm+/YZAAAAAAAAAAAAAAAAAAAAAAAAAIC6SiWJCgAAAHCoRaT/Shrv/xofvTiy8/zAseTZaG0cEfd+dfsX92fL5fWp6vT/vZhe/mVj+pV+nMEAAAAAdmr205v9eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADopqdPHsw1h17G/c9XI2KsVfzBOFEbn4hMRAz/P4nBV9ZLImKgC/G3H0bE177XIn5STSvGGlm0ij/UrfhnWrV/7/hpRJzsQnw4yh5Vtz83W/3+0jhfG+/8/R1/se5gF+K33/6lL7Z/A222P6c6jHH28e9zbeM/jDg72Hr704yftIl/ocP43//u1la7eZXfRIy33P8kr8XKlVfWcqXNrctLK7OL+cX86vT01LWZ6zNXZyZzC0uFfONvyxg//cwfnu/V/uE28cf2af/FDtv/weP7Tz5ZL2ZaxZ+40Pr7P9MmftrY932+Ua7OH2+Wt+vlV5373Z/P7dX++Tbt3+/7n+iw/Ze+/eO/d7goANADpc2t5dlCIb9+pAtv9WlUD4s6WzhthHkXmqyQXy/96N1I450sNH8Tz/qyXQIAALpvdx8YAAAAAAAAAAAAAAAAAAAA6LXuPDOs+UzsvZ+u17RdH+16FjIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQD99GAAA//+GWc+t")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=@newlink={0x50, 0x10, 0x401, 0x0, 0x2, {0x0, 0x0, 0x0, 0x0, 0x1493cf2c54a75087, 0xac}, [@IFLA_LINKINFO={0x30, 0x12, 0x0, 0x1, @vti={{0x8}, {0x24, 0x2, 0x0, 0x1, [@IFLA_VTI_REMOTE={0x8, 0x5, @broadcast}, @vti_common_policy=[@IFLA_VTI_IKEY={0x8, 0x2, 0x800}], @vti_common_policy=[@IFLA_VTI_FWMARK={0x8, 0x6, 0x7}], @vti_common_policy=[@IFLA_VTI_LINK={0x8}]]}}}]}, 0x50}, 0x1, 0x0, 0x0, 0x40001}, 0x20004090)
mount(&(0x7f00000001c0)=@filename='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000001200)='vfat\x00', 0x0, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/cpuinfo\x00', 0x41, 0x0)
r6 = syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x2000c10, &(0x7f0000000140)={[{@init_itable_val={'init_itable', 0x3d, 0x2}}, {@debug}]}, 0xff, 0x253, &(0x7f0000000840)="$eJzs3T9oJFUcB/DvzO4ac7fIqY0g/gER0UA4O8HmbBQO5DhEBBVORK5R7oTzgl1iZWOhtUoqmyB2Rm1E0gQbRbCKmiI2ggYLg4UWK7OTSExWjNlk58h8PjA7M7vvzW+Gne972wwboLXOJDmXpJNkJkkvSbG7wb31cmZ7d3F69VIyGDz1azFsV+/XdvqdTrKQ5JEkK2WRl7vJ3PJzG7+vPfHAW9d793+w/Oz0RC+y8nmyubH+5Nb7F978+PzDc19/+/OFIufS/8d1Hb1ixHvdIrntOIrdIIpu02fAQVx8/aPvqtzfnuS+Yf57KVN/eW9fu2mll4fe+7e+7/zyzZ2TPFfg6A0GvWoOXBgArVMm6acoZ5PU22U5O1v/hv++c6p85eq112YuX71+5aXtAaPT8IAFjK2frD/+6dQnp/fk/6dOnX/g5Kry//TFpR+q7S1zOrTDXfWqyv/MC/MPRv6hdeQf2kv+ob3kH9pL/qG95B/aS/6hvQ6V/6njPSdgMsz/cAJ9dvlAzeQf2mt3/gGAdhlMNf0EMtCUpscfAAAAAAAAAAAAAAAAAABgv8Xp1Us7y6RqfvlusvlYku6o+p3h/xEnNw9fT/1WVM3+VtTdxvL8PWMeYEwfNvz09S0/Nlv/q7ubrT9/JVl4I8nZbnf//Vds33+Hd+t/fN57ccwC/1OxZ//RZyZbf68/l47gIL3Ddz2/lnxRjT9nR40/Ze4YrkePP/3xSg+9+seYBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGBi/goAAP//az5vMw==")
fcntl$F_SET_RW_HINT(r6, 0x40c, &(0x7f0000000040)=0x1)
syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x18808, 0x0, 0xf7, 0x0, 0x0)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_int(r7, 0x6, 0x0, 0x0, 0xfffffffffffffffd)
syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x4800, 0x0, 0x0, 0x0, &(0x7f0000000000))
renameat2(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x4)

6.513970008s ago: executing program 7 (id=1734):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000013c0)=ANY=[@ANYBLOB="0100000001000000e27f0000"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3, &(0x7f0000000440)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = socket$inet6(0xa, 0x3, 0x3c)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @dev, 0x5}, 0x1c)
writev(r4, &(0x7f00000000c0)=[{&(0x7f0000000100)="88", 0xfdef}], 0x1)

6.430335218s ago: executing program 0 (id=1735):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
ioprio_get$pid(0x0, r0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(0xffffffffffffffff, 0x10e, 0x8, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0x26, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x9c}, [@initr0]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
socket$netlink(0x10, 0x3, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x17, 0x4, &(0x7f0000000480)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x2, 0x1}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

2.986815121s ago: executing program 0 (id=1736):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000900)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1a, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r2}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @broadcast})

2.95760157s ago: executing program 1 (id=1737):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x1, 0xc, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000000)=ANY=[@ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
socketpair(0x5, 0x5, 0x0, &(0x7f0000000540))
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000980)={0xffffffffffffffff, 0x20, &(0x7f0000000940)={&(0x7f00000006c0)=""/13, 0xd, 0x0, &(0x7f0000000880)=""/159, 0x9f}}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
close(0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r2, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8005, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x3f)

2.946884371s ago: executing program 7 (id=1738):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000200)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, 0x0, 0x0)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x1000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, 0x0, 0x0, 0x2, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@nfs_export_on}]})
chdir(&(0x7f00000001c0)='./bus\x00')
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x1c, 0x1a, &(0x7f0000000480)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffff9}, @map_fd={0x18, 0x7, 0x1, 0x0, r2}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffff94e}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}}, @initr0={0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x1}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}], &(0x7f0000000000)='syzkaller\x00', 0x7, 0x0, 0x0, 0x1e00, 0x21, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0x1, 0x3}, 0x8, 0x10, 0x0, 0x0, 0xffffffffffffffff, r0, 0x6, &(0x7f0000000280)=[r3, r2, r2, r2, r2, r2], &(0x7f0000000300)=[{0x5, 0x1, 0xb, 0x7}, {0x2, 0x4, 0xa, 0x4}, {0x3, 0x2, 0x10, 0x7}, {0x2, 0x4, 0xd, 0xa}, {0x3, 0x6, 0xe, 0x8}, {0x4, 0x5, 0x10, 0xb}], 0x10, 0x4884634f, @void, @value}, 0x94)
rmdir(&(0x7f0000000380)='./file0/../file0\x00')

2.830315081s ago: executing program 3 (id=1739):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_deliver\x00', r1}, 0x10)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)

2.620030093s ago: executing program 5 (id=1740):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0100000004000000080000000800"], 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f00000005c0)}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendfile(r4, r2, 0x0, 0xed)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r6 = socket(0x10, 0x803, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000100))
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_generic(r6, &(0x7f0000000380)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, 0x37, 0x304, 0x70bd2b, 0x25dfdbfc, {0x18}, [@typed={0x8, 0x7e, 0x0, 0x0, @pid=r0}]}, 0x1c}, 0x1, 0x0, 0x0, 0xc0c0}, 0x20040800)
sendmsg$nl_route(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@ipv6_newaddr={0x20, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x40, 0x0, 0x0, r8}, [@IFA_FLAGS={0x8, 0x8, 0x5c2}]}, 0x20}}, 0x0)

2.608040613s ago: executing program 3 (id=1741):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000fb"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000e00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='workqueue_queue_work\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='workqueue_queue_work\x00', r2}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r3, 0x1, 0x1d, &(0x7f00000001c0), 0x4)

2.418252744s ago: executing program 3 (id=1742):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mount$9p_unix(0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r3}, 0x0, &(0x7f00000002c0)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000d40)='./file0\x00', 0x0)
mount$bpf(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f00000005c0), 0x4408, 0x0)

2.341576195s ago: executing program 0 (id=1743):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="480000001000010400"/19, @ANYRES32=0x0, @ANYBLOB="7b1300000000000028001280"], 0x48}}, 0x40080)
openat$vsock(0xffffff9c, &(0x7f00000001c0), 0x40101, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
sendmsg$can_raw(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[], 0x1c}}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc)
getgroups(0x2, &(0x7f0000000080)=[0x0, 0x0])
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x0, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0xfffffffffffffffe]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x400000000000002, 0x5, 0xfffffffffffffffe, 0x4, 0x2, 0x0, 0xefffffffffffffff, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x6], 0x0, 0x41901})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1.51879274s ago: executing program 1 (id=1744):
r0 = signalfd(0xffffffffffffffff, &(0x7f00000002c0)={[0x7fffffff]}, 0x8)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000000)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r0, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000280)='netlink_extack\x00', r2}, 0x18)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="7000000001022d1a33810000"], 0x70}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet_udp(0x2, 0x2, 0x0)
sendmsg$nl_route(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001080)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x10532}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x10, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8}]}, 0x48}}, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f0000000180)={0x0, 0x11, 0x4, @tid=r4}, &(0x7f0000000080))
read$FUSE(r0, &(0x7f00000008c0)={0x2020}, 0xfffffef0)
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
r6 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r5, &(0x7f0000000040))
epoll_ctl$EPOLL_CTL_MOD(r6, 0x3, r5, &(0x7f0000000c40)={0x2000000b})
timer_settime(0x0, 0x0, &(0x7f0000000300)={{0x0, 0x1}, {0x0, 0xe4c}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
syz_mount_image$fuse(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r7, &(0x7f0000001600)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15)
r8 = dup(r7)
write$FUSE_BMAP(r8, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r8, &(0x7f0000000440)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_NOTIFY_RETRIEVE(r8, &(0x7f00000000c0)={0x14c}, 0x137)
creat(&(0x7f0000000200)='./file0/file0\x00', 0x0)

1.51782588s ago: executing program 7 (id=1745):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES8=r0, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa205000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x40000000, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, 0x0, &(0x7f00000002c0)}, 0x20)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000fcffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r4 = accept4$packet(0xffffffffffffffff, &(0x7f0000000380)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14, 0x80800)
setsockopt$packet_int(r4, 0x107, 0x11, &(0x7f0000000400)=0x50291afd, 0x4)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
io_setup(0x23, &(0x7f0000000280)=<r7=>0x0)
r8 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs/binder1\x00', 0x0, 0x0)
io_submit(r7, 0x1, &(0x7f0000000700)=[&(0x7f00000002c0)={0x0, 0x0, 0x0, 0x5, 0x0, r8, 0x0}])
ioctl$BINDER_WRITE_READ(r8, 0x40046208, 0x0)

1.49981798s ago: executing program 5 (id=1746):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB='\x00'/14], 0x48)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f00000001c0), 0x4, 0x2)
ioctl$EVIOCGUNIQ(r1, 0x80404508, &(0x7f0000000300)=""/43)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$packet(0x11, 0x2, 0x300)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r4, &(0x7f0000000100))
epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, r4, &(0x7f00000000c0)={0x60002011})
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x18, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000001000000bfa30000000000000703000030feffff720af0fff8ffffff61a4f0ff000000002d040000000000003d400300000000006504000001ed000079130000000000006c440000000000007a0ab0fe000000007b13000000000000b5000000000000009500000000000000023bc065b7a379d17cf9333379fc9e94af05000000f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a715bc5181554a090f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128c4e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e655400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d0800af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d390dd65be2467b373eafd9aa58f2077184b6a89adaf17b0a6041bdef728d236619074d6ebdf098bc908f523d228a40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c5da18ec0ae564162a27afea62d84f3a10746443d64364f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b93d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d710b651f898ba749e40bc6980fe78683ac5c0c31030699ddd71063be9261b2e1aab1675b34a220488c126aeef5f510a8f1aded94a129e4aec6ffc3a15d96c2ea3e2e04cfe0e669e51731b2875353193f82ade69d0540059fe6c7fe7cd86975023cb08cc7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed82641687f3b3a70bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c5538a294270a1ad10c80fef7c24c87afce829ba0f85da6d888f18ea40ab959f6074ab2a4009b9e5f07ab513cdc6c0e57fb1c1ca571380d7b4ead35a655e0b4a26b702396df7e0cbe02b6e4114f244a9bf93f05beb72f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba5823a34a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a9b702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b728fe26e37037f27f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d0a874c74b777df005c55fc30511d00000000c85265b2bd83d64a532869d708000000000000007baa5b6a682b50f0937f778af083e055f6138a757ebd0ed91114a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a9037d2283c42efc54fa84323a56edbd287eba77f35c35d91f3c62a0ca74836a640224de85f2b4a5fee500bbc584328a6a7a4628c4378c9b71dff64075b74a6520adb187b40d2cccbcb08c0634ee74658d3e23bf511c8b0bf1b69d2b3782b3f481c314e7bd4615dbbf24c06ac95bd639e68d0e6aa7f0d07bf69a93365f803f0144af37236ea133c2255b0613bf8ba1d538e06c2411e8d70053b712084fd0e313de9bb19266e49a3a2190cb039c6f89610acd896319b9c8d1b8aac2eaa5a4f8be7419a09e3fb5be3be2fcdadd2299839cc40e684e6e2b4e1385fde7a0babcb0be672110268a34dad364fddee69e564119cebb6940c6356ff83ca527c573d700000000000000c6299263e6d9097f225de969485bce3d7dc471c0669bb6a467cf0de54dfcc1857048fe22a19dbb1b3cb9babaa839f1f6e817a62d95a5b971ff96a5c66c338c6f2a2da4644519f40761402e9c81013d76c7152c95ba5efa24ce1930f23a2277f057ffb6b0144f3b434a2adc456ef4d2fbdf7c6238c2bb00ffcf2d23d68cb9b027f3b225ec4e09b089f7956b66c5692b46ea03abb6a404c8ccceaa4ba4161409fcb54b86eaca26b2a0c4b81f7b71cbfcef"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

1.346390511s ago: executing program 0 (id=1747):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getsockopt$IPT_SO_GET_REVISION_MATCH(r0, 0x0, 0x42, &(0x7f0000000080)={'IDLETIMER\x00'}, &(0x7f00000002c0)=0x1e)

1.048917633s ago: executing program 7 (id=1748):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg1\x00', 0xe511})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r2}, 0x10)
close(r0)

237.112208ms ago: executing program 0 (id=1749):
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)=ANY=[], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xffd, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000280), &(0x7f0000000080)=r1}, 0x20)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
syz_open_dev$vcsu(0x0, 0x6, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$key(0xf, 0x3, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000b80)=ANY=[@ANYBLOB="61128c000000000061134c0000000000bf2000000000000007000000080000003d0301000000000095000000000000006926000000000000bf670000000000002606080001044d004507000002000000240600000ee60000bf050000000000000f630000000000006507000002000000070700004c0000001f75000000000000bf54000000000000070400000400f9ff2d350100000000009500000000000000050000000000000095000000000000001f1bd182bd43cb58074e0816289328452c0880fe4b3af9c97925711095cc7d3ebcd8418ffdc4a1da470a14e4391c3fb6915cbff2a4911fe82664d775cdb9dfc83fa32db39b636c1866b526185f4ab35172a74e9afe751664f575306ebb2c2890a4fa79303101a652776cc2fb4f01e79cd10215d917a116350d60f27fdc244bdab56ee3ad8f5fdf82027a1215bc54045d6b9f30bdebcf053aa120397695ffd0f6e5fe24ce4b9143a3d8419fb51331ca5fef"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r5 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_int(r5, 0x1, 0xf, &(0x7f0000000180)=0x80000004, 0x4)
setsockopt$SO_ATTACH_FILTER(r5, 0x1, 0x33, &(0x7f0000000000)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x1, 0x4}]}, 0x10)

6.11257ms ago: executing program 7 (id=1750):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x693, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x1, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000040), 0x2, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000005700)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000005680), &(0x7f00000056c0)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=[@rthdrdstopts={{0x18}}, @dstopts_2292={{0x18, 0x29, 0xb}}], 0x30}, 0x0)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r6, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
io_setup(0x8, &(0x7f00000002c0)=<r7=>0x0)
io_submit(r7, 0x1, &(0x7f0000001240)=[&(0x7f0000000100)={0x2000000000, 0x4, 0x0, 0x1, 0x0, r6, &(0x7f0000000040)="0300ffff0000", 0x6}])
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

0s ago: executing program 1 (id=1751):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180100001100000000000000000000001812"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r1}, 0x10)

kernel console output (not intermixed with test programs):

uid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5178 comm="syz.3.240" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f8cbfb8d169 code=0x0
[  171.500278][ T4352] microsoft 0003:045E:07DA.0002: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.4-1/input0
[  171.903115][ T4352] microsoft 0003:045E:07DA.0002: no inputs found
[  171.923134][ T4352] microsoft 0003:045E:07DA.0002: could not initialize ff, continuing anyway
[  171.993445][ T4352] usb 5-1: USB disconnect, device number 3
[  172.055988][ T5177] loop0: detected capacity change from 0 to 40427
[  172.141696][ T5177] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  172.161892][ T5177] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  172.186859][ T5177] F2FS-fs (loop0): invalid crc value
[  172.307811][ T5177] F2FS-fs (loop0): Found nat_bits in checkpoint
[  173.100481][ T5177] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  173.123084][ T5177] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  173.289593][ T5195] loop4: detected capacity change from 0 to 1024
[  173.297940][ T5194] loop3: detected capacity change from 0 to 512
[  173.306842][ T5194] EXT4-fs: Ignoring removed bh option
[  173.332434][ T5194] EXT4-fs (loop3): Cannot use DAX on a filesystem that may contain inline data
[  173.448303][ T5195] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  174.576472][ T5200] overlayfs: failed to resolve './file0': -2
[  176.107329][ T5210] loop2: detected capacity change from 0 to 512
[  176.477298][ T4253] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  176.513715][ T5064] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  176.538012][ T5064] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  176.685349][ T4251] EXT4-fs (loop4): unmounting filesystem.
[  176.966981][ T5223] loop4: detected capacity change from 0 to 512
[  177.025918][ T5223] EXT4-fs: Ignoring removed i_version option
[  177.031954][ T5223] EXT4-fs: Ignoring removed mblk_io_submit option
[  177.073308][ T5223] ext4: Unknown parameter 'seclabel'
[  178.304032][   T27] audit: type=1326 audit(1741333941.742:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5221 comm="syz.4.251" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7effd058d169 code=0x0
[  185.943156][ T3585] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  186.143140][ T3585] usb 2-1: Using ep0 maxpacket: 16
[  186.976037][ T3585] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  186.990143][ T3585] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  187.000493][ T3585] usb 2-1: New USB device found, idVendor=1770, idProduct=ff00, bcdDevice= 0.00
[  187.010475][ T3585] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  187.020398][ T3585] usb 2-1: config 0 descriptor??
[  187.470745][ T3585] gt683r_led 0003:1770:FF00.0003: item fetching failed at offset 2/5
[  187.491243][ T3585] gt683r_led 0003:1770:FF00.0003: hid parsing failed
[  187.517163][ T3585] gt683r_led: probe of 0003:1770:FF00.0003 failed with error -22
[  187.863567][  T126] usb 2-1: USB disconnect, device number 4
[  187.992286][ T5327] hub 9-0:1.0: USB hub found
[  187.999651][ T5327] hub 9-0:1.0: 1 port detected
[  188.802342][ T5329] netlink: 24 bytes leftover after parsing attributes in process `syz.4.281'.
[  188.852569][ T5331] netlink: 36 bytes leftover after parsing attributes in process `syz.0.280'.
[  190.343644][ T5342] loop4: detected capacity change from 0 to 1024
[  190.413555][ T5342] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  190.695196][ T5352] cgroup: No subsys list or none specified
[  191.207387][ T4251] EXT4-fs (loop4): unmounting filesystem.
[  192.083257][ T5380] loop3: detected capacity change from 0 to 1024
[  192.131779][ T5380] EXT4-fs: Ignoring removed orlov option
[  192.190257][ T5380] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  192.225933][ T5380] EXT4-fs (loop3): Test dummy encryption mode enabled
[  192.251947][ T5380] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  192.362689][ T5380] EXT4-fs: Ignoring removed orlov option
[  192.372059][ T5380] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  192.413942][ T5380] EXT4-fs (loop3): can't enable nombcache during remount
[  192.491939][ T5383] loop1: detected capacity change from 0 to 512
[  192.544892][ T4261] EXT4-fs (loop3): unmounting filesystem.
[  192.653383][ T5383] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  192.674182][ T5383] ext4 filesystem being mounted at /52/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  192.937376][ T5391] loop3: detected capacity change from 0 to 512
[  193.104122][ T5394] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 3: comm syz.1.295: path /52/file0: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=113, rec_len=0, size=2048 fake=0
[  194.210159][ T1275] ieee802154 phy0 wpan0: encryption failed: -22
[  194.319406][ T1275] ieee802154 phy1 wpan1: encryption failed: -22
[  194.923332][ T5394] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 12: comm syz.1.295: path /52/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0
[  195.040816][ T5391] EXT4-fs error (device loop3): ext4_orphan_get:1400: inode #15: comm syz.3.296: iget: bad extended attribute block 1
[  195.060994][ T5391] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.296: couldn't read orphan inode 15 (err -117)
[  195.086865][ T5391] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  195.103940][ T5391] EXT4-fs (loop3): unmounting filesystem.
[  196.143703][ T4268] Bluetooth: hci2: command 0x0406 tx timeout
[  196.193157][ T4268] Bluetooth: hci0: command 0x0406 tx timeout
[  196.199193][ T4268] Bluetooth: hci3: command 0x0406 tx timeout
[  196.205551][ T4259] Bluetooth: hci4: command 0x0406 tx timeout
[  196.211563][ T4259] Bluetooth: hci1: command 0x0406 tx timeout
[  196.267641][ T4264] EXT4-fs (loop1): unmounting filesystem.
[  196.742242][ T5402] loop0: detected capacity change from 0 to 1024
[  196.772110][ T5402] EXT4-fs: Ignoring removed mblk_io_submit option
[  196.778730][ T5402] EXT4-fs: Ignoring removed nomblk_io_submit option
[  196.899791][ T5402] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  197.146442][ T4262] EXT4-fs (loop0): unmounting filesystem.
[  198.510760][ T5408] loop3: detected capacity change from 0 to 40427
[  198.553266][ T5408] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  198.594719][ T5408] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  198.641455][ T5408] F2FS-fs (loop3): Found nat_bits in checkpoint
[  198.990005][ T5431] 9pnet_fd: Insufficient options for proto=fd
[  199.705045][ T5408] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  199.728675][ T5408] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  201.813553][   T14] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  202.013317][   T14] usb 5-1: Using ep0 maxpacket: 16
[  202.020483][   T14] usb 5-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  202.081883][   T14] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  202.122056][   T14] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  202.136671][   T14] usb 5-1: SerialNumber: syz
[  204.038523][   T14] cdc_ether 5-1:1.0 eth1: register 'cdc_ether' at usb-dummy_hcd.4-1, CDC Ethernet Device, 42:42:42:42:42:42
[  206.085084][ T4331] usb 5-1: USB disconnect, device number 4
[  206.091907][ T4331] cdc_ether 5-1:1.0 eth1: unregister 'cdc_ether' usb-dummy_hcd.4-1, CDC Ethernet Device
[  206.399516][ T5499] loop2: detected capacity change from 0 to 2048
[  206.444730][ T5499] EXT4-fs: inline encryption not supported
[  206.450649][ T5499] EXT4-fs: Ignoring removed mblk_io_submit option
[  206.577444][ T5499] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  207.104183][ T5515] overlayfs: './file1' not a directory
[  207.112444][   T14] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  207.565833][ T4256] EXT4-fs (loop2): unmounting filesystem.
[  207.583241][   T14] usb 4-1: Using ep0 maxpacket: 32
[  207.603249][   T14] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  207.623200][   T14] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  207.644241][   T14] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  207.692323][   T14] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  207.721851][   T14] usb 4-1: config 0 descriptor??
[  207.777398][   T14] hub 4-1:0.0: USB hub found
[  208.215401][ T5527] loop2: detected capacity change from 0 to 512
[  209.016378][   T14] hub 4-1:0.0: 1 port detected
[  209.018156][ T5527] EXT4-fs (loop2): orphan cleanup on readonly fs
[  209.032295][ T5527] EXT4-fs error (device loop2): ext4_expand_extra_isize_ea:2759: inode #11: comm syz.2.331: corrupted xattr block 95
[  209.046042][ T5527] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2809: Unable to expand inode 11. Delete some EAs or run e2fsck.
[  209.060404][ T5527] EXT4-fs error (device loop2): ext4_validate_block_bitmap:429: comm syz.2.331: bg 0: block 7: invalid block bitmap
[  209.212062][ T5527] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6170: Corrupt filesystem
[  209.227038][ T5527] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2925: inode #11: comm syz.2.331: corrupted xattr block 95
[  209.244995][ T5527] EXT4-fs warning (device loop2): ext4_evict_inode:299: xattr delete (err -117)
[  209.254514][ T5527] EXT4-fs (loop2): 1 orphan inode deleted
[  209.260356][ T5527] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  211.023513][   T14] hub 4-1:0.0: hub_hub_status failed (err = -71)
[  211.030344][   T14] hub 4-1:0.0: config failed, can't get hub status (err -71)
[  211.114499][   T14] usbhid 4-1:0.0: can't add hid device: -71
[  211.120528][   T14] usbhid: probe of 4-1:0.0 failed with error -71
[  211.183992][   T14] usb 4-1: USB disconnect, device number 5
[  211.247021][ T4256] EXT4-fs (loop2): unmounting filesystem.
[  211.650834][ T5541] loop2: detected capacity change from 0 to 512
[  212.806019][ T5541] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  212.965262][ T5541] EXT4-fs (loop2): orphan cleanup on readonly fs
[  212.982479][ T5541] Quota error (device loop2): do_check_range: Getting block 196613 out of range 1-5
[  212.992676][ T5541] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 0
[  213.003342][ T5541] EXT4-fs error (device loop2): ext4_acquire_dquot:6795: comm syz.2.333: Failed to acquire dquot type 1
[  213.030562][ T5541] EXT4-fs (loop2): 1 truncate cleaned up
[  213.084930][ T5541] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  213.644554][ T5550] 9pnet_fd: Insufficient options for proto=fd
[  216.022068][ T4256] EXT4-fs (loop2): unmounting filesystem.
[  217.539971][ T5588] loop3: detected capacity change from 0 to 256
[  217.586444][ T5588] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  222.782561][   T27] audit: type=1326 audit(1741333986.862:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5630 comm="syz.4.354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effd058d169 code=0x7ffc0000
[  222.886975][   T27] audit: type=1326 audit(1741333986.872:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5630 comm="syz.4.354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7effd058d169 code=0x7ffc0000
[  222.959405][   T27] audit: type=1326 audit(1741333986.882:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5630 comm="syz.4.354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effd058d169 code=0x7ffc0000
[  223.002411][   T27] audit: type=1326 audit(1741333986.882:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5630 comm="syz.4.354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effd058d169 code=0x7ffc0000
[  223.099351][   T27] audit: type=1326 audit(1741333986.882:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5630 comm="syz.4.354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7effd058d169 code=0x7ffc0000
[  223.173664][   T27] audit: type=1326 audit(1741333986.882:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5630 comm="syz.4.354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effd058d169 code=0x7ffc0000
[  223.243192][   T27] audit: type=1326 audit(1741333986.882:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5630 comm="syz.4.354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effd058d169 code=0x7ffc0000
[  223.271960][ T5642] loop2: detected capacity change from 0 to 1024
[  223.354404][   T27] audit: type=1326 audit(1741333986.882:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5630 comm="syz.4.354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7effd058d169 code=0x7ffc0000
[  223.394113][ T5642] EXT4-fs: Ignoring removed orlov option
[  223.618469][   T27] audit: type=1326 audit(1741333986.922:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5630 comm="syz.4.354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7effd058d169 code=0x7ffc0000
[  224.009915][   T27] audit: type=1326 audit(1741333986.922:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5630 comm="syz.4.354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=32 compat=0 ip=0x7effd058d169 code=0x7ffc0000
[  224.126020][ T5642] EXT4-fs: Ignoring removed mblk_io_submit option
[  224.227626][ T5642] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  224.243146][ T5642] EXT4-fs (loop2): Test dummy encryption mode enabled
[  224.299945][ T5642] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  224.315145][ T5652] loop0: detected capacity change from 0 to 256
[  225.555530][ T4256] EXT4-fs (loop2): unmounting filesystem.
[  228.679947][ T5691] loop2: detected capacity change from 0 to 512
[  228.813808][ T5691] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  228.925906][ T5691] ext4 filesystem being mounted at /79/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  230.308610][ T5707] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 3: comm syz.2.374: path /79/file0: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=113, rec_len=0, size=2048 fake=0
[  230.876372][ T4256] EXT4-fs (loop2): unmounting filesystem.
[  233.389431][ T5726] loop4: detected capacity change from 0 to 8192
[  234.951647][ T3625]  loop4: p3 p4 < >
[  234.962784][ T3625] loop4: p3 size 16744448 extends beyond EOD, truncated
[  237.185564][   T27] kauditd_printk_skb: 62 callbacks suppressed
[  237.185580][   T27] audit: type=1326 audit(1741334001.272:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5767 comm="syz.0.393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e56f8d169 code=0x7ffc0000
[  238.487980][   T27] audit: type=1326 audit(1741334001.272:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5767 comm="syz.0.393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8e56f8d169 code=0x7ffc0000
[  238.645469][   T27] audit: type=1326 audit(1741334001.272:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5767 comm="syz.0.393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e56f8d169 code=0x7ffc0000
[  238.669045][   T27] audit: type=1326 audit(1741334001.272:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5767 comm="syz.0.393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f8e56f8d169 code=0x7ffc0000
[  238.691702][   T27] audit: type=1326 audit(1741334001.272:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5767 comm="syz.0.393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e56f8d169 code=0x7ffc0000
[  238.715846][   T27] audit: type=1326 audit(1741334001.272:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5767 comm="syz.0.393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f8e56f8d169 code=0x7ffc0000
[  238.738260][   T27] audit: type=1326 audit(1741334001.272:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5767 comm="syz.0.393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e56f8d169 code=0x7ffc0000
[  238.760785][   T27] audit: type=1326 audit(1741334001.272:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5767 comm="syz.0.393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8e56f8d169 code=0x7ffc0000
[  238.783403][   T27] audit: type=1326 audit(1741334001.272:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5767 comm="syz.0.393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e56f8d169 code=0x7ffc0000
[  238.856255][   T27] audit: type=1326 audit(1741334001.272:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5767 comm="syz.0.393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f8e56f8d169 code=0x7ffc0000
[  239.113410][ T5778] loop1: detected capacity change from 0 to 256
[  239.122943][ T5778] exfat: Deprecated parameter 'utf8'
[  239.128560][ T5778] exfat: Deprecated parameter 'namecase'
[  239.134338][ T5778] exfat: Deprecated parameter 'utf8'
[  239.140020][ T5778] exfat: Bad value for 'uid'
[  243.043961][ T5794] loop3: detected capacity change from 0 to 512
[  243.118848][ T5794] __quota_error: 20 callbacks suppressed
[  243.118864][ T5794] Quota error (device loop3): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[  243.135335][ T5794] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0
[  243.144775][ T5794] EXT4-fs error (device loop3): ext4_acquire_dquot:6795: comm syz.3.399: Failed to acquire dquot type 0
[  243.162545][ T5794] EXT4-fs (loop3): Remounting filesystem read-only
[  243.169207][ T5794] Quota error (device loop3): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[  243.179820][ T5794] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0
[  243.189327][ T5794] EXT4-fs error (device loop3): ext4_acquire_dquot:6795: comm syz.3.399: Failed to acquire dquot type 0
[  243.212141][ T5794] EXT4-fs (loop3): Remounting filesystem read-only
[  243.223357][ T5794] Quota error (device loop3): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[  243.234171][ T5794] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0
[  243.243618][ T5794] EXT4-fs error (device loop3): ext4_acquire_dquot:6795: comm syz.3.399: Failed to acquire dquot type 0
[  243.256163][ T5794] EXT4-fs (loop3): Remounting filesystem read-only
[  243.262783][ T5794] EXT4-fs (loop3): 1 orphan inode deleted
[  243.268764][ T5794] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  243.277900][ T5794] ext4 filesystem being mounted at /72/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  243.775355][ T4261] EXT4-fs (loop3): unmounting filesystem.
[  244.129494][ T5809] loop3: detected capacity change from 0 to 512
[  244.182707][ T5809] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  244.203183][ T5809] ext4 filesystem being mounted at /73/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  244.647104][ T5816] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 3: comm syz.3.403: path /73/file0: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=113, rec_len=0, size=2048 fake=0
[  244.772308][ T5816] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 12: comm syz.3.403: path /73/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0
[  244.810396][ T5816] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 13: comm syz.3.403: path /73/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0
[  244.836239][ T5816] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 14: comm syz.3.403: path /73/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=1, rec_len=0, size=2048 fake=0
[  244.869257][ T5816] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 15: comm syz.3.403: path /73/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[  244.894175][ T5816] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 16: comm syz.3.403: path /73/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0
[  244.918585][ T5816] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 17: comm syz.3.403: path /73/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  244.942225][ T5816] EXT4-fs error (device loop3): ext4_map_blocks:634: inode #2: block 18: comm syz.3.403: lblock 23 mapped to illegal pblock 18 (length 1)
[  245.460160][ T4261] EXT4-fs (loop3): unmounting filesystem.
[  245.748135][ T5824] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  245.757930][ T5824] FAT-fs (loop1): unable to read boot sector
[  250.323170][   T14] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  250.514911][   T14] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  250.546299][   T14] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  250.577304][   T14] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  250.607650][   T14] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  250.649874][   T14] usb 3-1: config 0 descriptor??
[  250.867415][ T1119] Bluetooth: hci5: Frame reassembly failed (-84)
[  251.274881][ T5869] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  251.284301][ T5869] FAT-fs (loop1): unable to read boot sector
[  252.201714][   T14] usb 3-1: language id specifier not provided by device, defaulting to English
[  252.401192][ T5882] tipc: Started in network mode
[  252.417707][ T5882] tipc: Node identity 7, cluster identity 1
[  252.430597][ T5882] tipc: Node number set to 7
[  252.449250][   T14] uclogic 0003:256C:006D.0004: failed retrieving Huion firmware version: -71
[  252.478788][   T14] uclogic 0003:256C:006D.0004: failed probing parameters: -71
[  252.506816][   T14] uclogic: probe of 0003:256C:006D.0004 failed with error -71
[  252.566579][   T14] usb 3-1: USB disconnect, device number 2
[  252.914056][ T4268] Bluetooth: hci5: command 0x1003 tx timeout
[  252.920572][ T4259] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  254.907506][ T5916] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  254.916803][ T5916] FAT-fs (loop7): unable to read boot sector
[  255.649542][ T1275] ieee802154 phy0 wpan0: encryption failed: -22
[  255.655941][ T1275] ieee802154 phy1 wpan1: encryption failed: -22
[  256.322635][   T27] audit: type=1326 audit(1741334020.402:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5921 comm="syz.3.438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8cbfb8d169 code=0x7ffc0000
[  256.433127][   T27] audit: type=1326 audit(1741334020.452:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5921 comm="syz.3.438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8cbfb8d169 code=0x7ffc0000
[  256.547482][   T27] audit: type=1326 audit(1741334020.452:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5921 comm="syz.3.438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8cbfb8d169 code=0x7ffc0000
[  256.665422][   T27] audit: type=1326 audit(1741334020.472:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5921 comm="syz.3.438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f8cbfb8bad0 code=0x7ffc0000
[  256.862166][   T27] audit: type=1326 audit(1741334020.472:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5921 comm="syz.3.438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8cbfb8d169 code=0x7ffc0000
[  256.993663][   T27] audit: type=1326 audit(1741334020.472:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5921 comm="syz.3.438" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8cbfb8d169 code=0x7ffc0000
[  259.332495][ T5948] fuse: Bad value for 'fd'
[  259.742505][   T27] audit: type=1326 audit(1741334023.822:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5954 comm="syz.3.450" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8cbfb8d169 code=0x0
[  260.399359][ T5959] syz.2.451[5959] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  260.399469][ T5959] syz.2.451[5959] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  260.572598][ T5965] loop4: detected capacity change from 0 to 512
[  260.847092][ T5965] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  260.857876][ T5965] ext4 filesystem being mounted at /94/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  261.254413][ T5978] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 3: comm syz.4.453: path /94/file0: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=113, rec_len=0, size=2048 fake=0
[  261.340418][ T5978] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 12: comm syz.4.453: path /94/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0
[  261.975970][ T4251] EXT4-fs (loop4): unmounting filesystem.
[  263.622185][ T5991] loop2: detected capacity change from 0 to 256
[  263.702692][ T5991] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x905a013b, utbl_chksum : 0xe619d30d)
[  264.740477][ T5995] overlayfs: missing 'workdir'
[  265.256469][ T6002] overlayfs: failed to clone upperpath
[  265.379460][ T6004] xt_bpf: check failed: parse error
[  266.434793][ T6015] loop4: detected capacity change from 0 to 512
[  266.512684][ T6015] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  266.528084][ T6015] ext4 filesystem being mounted at /96/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  266.843750][ T6026] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 3: comm syz.4.468: path /96/file0: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=113, rec_len=0, size=2048 fake=0
[  266.870538][ T6026] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 12: comm syz.4.468: path /96/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0
[  266.899545][ T6026] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 13: comm syz.4.468: path /96/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0
[  266.924611][ T6026] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 14: comm syz.4.468: path /96/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=1, rec_len=0, size=2048 fake=0
[  266.945283][ T6026] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 15: comm syz.4.468: path /96/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[  266.980486][ T6026] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 16: comm syz.4.468: path /96/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0
[  267.008099][ T6026] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 17: comm syz.4.468: path /96/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  267.032552][ T6030] netlink: 96 bytes leftover after parsing attributes in process `syz.1.469'.
[  267.050302][ T6026] EXT4-fs error (device loop4): ext4_map_blocks:634: inode #2: block 18: comm syz.4.468: lblock 23 mapped to illegal pblock 18 (length 1)
[  267.539467][ T4251] EXT4-fs (loop4): unmounting filesystem.
[  268.692552][ T6034] syz.4.473 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  268.814880][ T6036] loop4: detected capacity change from 0 to 512
[  268.849500][ T6036] EXT4-fs (loop4): orphan cleanup on readonly fs
[  268.862554][ T6036] Quota error (device loop4): dq_insert_tree: Quota tree root isn't allocated!
[  268.872981][ T6036] Quota error (device loop4): qtree_write_dquot: Error -5 occurred while creating quota
[  268.889627][ T6036] EXT4-fs error (device loop4): ext4_acquire_dquot:6795: comm syz.4.474: Failed to acquire dquot type 0
[  268.911680][ T6036] Quota error (device loop4): dq_insert_tree: Quota tree root isn't allocated!
[  268.923055][ T6036] Quota error (device loop4): qtree_write_dquot: Error -5 occurred while creating quota
[  268.932813][ T6036] EXT4-fs error (device loop4): ext4_acquire_dquot:6795: comm syz.4.474: Failed to acquire dquot type 0
[  268.950803][ T6036] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.474: bg 0: block 64: padding at end of block bitmap is not set
[  268.971162][ T6036] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6170: Corrupt filesystem
[  268.980724][ T6036] Quota error (device loop4): dq_insert_tree: Quota tree root isn't allocated!
[  268.996678][ T6036] Quota error (device loop4): qtree_write_dquot: Error -5 occurred while creating quota
[  269.010503][ T6036] EXT4-fs error (device loop4): ext4_acquire_dquot:6795: comm syz.4.474: Failed to acquire dquot type 0
[  269.027381][ T6036] EXT4-fs (loop4): 1 orphan inode deleted
[  269.033549][ T6036] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  269.320157][ T4251] EXT4-fs (loop4): unmounting filesystem.
[  270.194033][   T27] audit: type=1326 audit(1741334034.242:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6042 comm="syz.3.477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8cbfb8d169 code=0x7ffc0000
[  270.509912][   T27] audit: type=1326 audit(1741334034.252:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6042 comm="syz.3.477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8cbfb8d169 code=0x7ffc0000
[  270.550862][   T27] audit: type=1326 audit(1741334034.252:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6042 comm="syz.3.477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=78 compat=0 ip=0x7f8cbfb8d169 code=0x7ffc0000
[  270.581408][   T27] audit: type=1326 audit(1741334034.252:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6042 comm="syz.3.477" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8cbfb8d169 code=0x7ffc0000
[  271.800891][ T6062] syz.1.479[6062] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  271.800991][ T6062] syz.1.479[6062] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  272.735375][ T6073] device syzkaller0 entered promiscuous mode
[  273.195246][ T6078] loop2: detected capacity change from 0 to 256
[  273.254330][ T6078] exfat: Deprecated parameter 'namecase'
[  273.260029][ T6078] exfat: Deprecated parameter 'utf8'
[  273.288784][ T6078] exfat: Deprecated parameter 'namecase'
[  273.337683][ T6078] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011f41, chksum : 0xe1a8932d, utbl_chksum : 0xe619d30d)
[  273.868607][ T6082] loop2: detected capacity change from 0 to 512
[  274.018975][ T6082] EXT4-fs: Ignoring removed i_version option
[  274.048412][ T6082] EXT4-fs: Ignoring removed mblk_io_submit option
[  274.062761][ T6082] ext4: Unknown parameter 'seclabel'
[  274.130505][   T27] kauditd_printk_skb: 4 callbacks suppressed
[  274.130520][   T27] audit: type=1326 audit(1741334038.212:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6081 comm="syz.2.488" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f7fbe38d169 code=0x0
[  274.406219][ T6089] 9pnet_fd: Insufficient options for proto=fd
[  274.729632][ T6098] loop2: detected capacity change from 0 to 512
[  274.747347][ T6098] EXT4-fs: quotafile must be on filesystem root
[  275.076530][ T6102] xt_time: unknown flags 0xc
[  276.981069][   T27] audit: type=1326 audit(1741334041.062:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6125 comm="syz.1.504" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f6fa218d169 code=0x0
[  282.949685][   T27] audit: type=1326 audit(1741334047.032:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6165 comm="syz.0.516" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f8e56f8d169 code=0x0
[  283.286817][ T6180] overlayfs: failed to clone upperpath
[  283.681534][ T6181] loop4: detected capacity change from 0 to 512
[  283.881168][ T6181] EXT4-fs (loop4): Test dummy encryption mode enabled
[  284.100896][ T6181] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  284.860077][ T6185] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 248: padding at end of block bitmap is not set
[  285.037565][ T4251] EXT4-fs (loop4): unmounting filesystem.
[  287.474168][ T6223] overlayfs: failed to clone upperpath
[  290.994883][ T6246] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  291.004107][ T6246] FAT-fs (loop3): unable to read boot sector
[  295.232295][ T6292] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  295.241532][ T6292] FAT-fs (loop1): unable to read boot sector
[  299.530623][ T6333] loop4: detected capacity change from 0 to 512
[  299.623221][ T6333] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  299.710713][ T6333] EXT4-fs (loop4): orphan cleanup on readonly fs
[  299.727519][ T6333] EXT4-fs error (device loop4): ext4_quota_enable:6982: comm syz.4.570: Bad quota inum: 64, type: 0
[  300.032720][ T6339] overlayfs: failed to clone upperpath
[  300.457443][ T6333] EXT4-fs (loop4): Remounting filesystem read-only
[  300.803052][ T6333] EXT4-fs warning (device loop4): ext4_enable_quotas:7030: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  300.891364][ T6333] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  300.900895][ T6333] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  302.588595][ T4251] EXT4-fs (loop4): unmounting filesystem.
[  304.945241][ T6390] loop2: detected capacity change from 0 to 512
[  305.154866][ T6390] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  305.195498][ T6390] EXT4-fs (loop2): orphan cleanup on readonly fs
[  305.221651][ T6390] EXT4-fs error (device loop2): ext4_quota_enable:6982: comm syz.2.587: Bad quota inum: 64, type: 0
[  305.305984][ T6390] EXT4-fs (loop2): Remounting filesystem read-only
[  305.341642][ T6390] EXT4-fs warning (device loop2): ext4_enable_quotas:7030: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  305.393260][ T6390] EXT4-fs (loop2): Cannot turn on quotas: error -117
[  305.410906][ T6390] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  305.855113][ T6406] overlayfs: failed to clone upperpath
[  306.829926][ T4256] EXT4-fs (loop2): unmounting filesystem.
[  307.555647][   T27] audit: type=1326 audit(1741334071.602:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6419 comm="syz.1.598" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fa218d169 code=0x7ffc0000
[  307.578497][   T27] audit: type=1326 audit(1741334071.652:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6419 comm="syz.1.598" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fa218d169 code=0x7ffc0000
[  307.629688][   T27] audit: type=1326 audit(1741334071.712:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6419 comm="syz.1.598" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fa218d169 code=0x7ffc0000
[  308.895914][   T27] audit: type=1326 audit(1741334071.712:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6419 comm="syz.1.598" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6fa218d169 code=0x7ffc0000
[  308.959071][   T27] audit: type=1326 audit(1741334071.712:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6419 comm="syz.1.598" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fa218d169 code=0x7ffc0000
[  309.066475][   T27] audit: type=1326 audit(1741334071.712:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6419 comm="syz.1.598" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f6fa218d169 code=0x7ffc0000
[  309.116838][   T27] audit: type=1326 audit(1741334071.712:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6419 comm="syz.1.598" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f6fa218d1a3 code=0x7ffc0000
[  309.198430][   T27] audit: type=1326 audit(1741334072.762:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6419 comm="syz.1.598" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f6fa218bc1f code=0x7ffc0000
[  309.293091][   T27] audit: type=1326 audit(1741334072.812:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6419 comm="syz.1.598" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f6fa218d1f7 code=0x7ffc0000
[  309.353093][   T27] audit: type=1326 audit(1741334072.812:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6419 comm="syz.1.598" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f6fa218bad0 code=0x7ffc0000
[  309.386518][ T6446] device syzkaller0 entered promiscuous mode
[  310.514708][ T6466] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  310.663268][ T6466] FAT-fs (loop3): unable to read boot sector
[  316.917669][ T1275] ieee802154 phy0 wpan0: encryption failed: -22
[  316.931059][ T1275] ieee802154 phy1 wpan1: encryption failed: -22
[  318.700049][ T6518] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  318.748825][ T6518] FAT-fs (loop3): unable to read boot sector
[  318.829259][ T6541] xt_time: unknown flags 0xc
[  320.150446][ T6549] syz.3.633[6549] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  320.150548][ T6549] syz.3.633[6549] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  322.473328][ T6587] syz.1.643[6587] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  322.484894][ T6587] syz.1.643[6587] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  324.920540][ T6601] xt_time: unknown flags 0xc
[  325.122765][ T6612] loop4: detected capacity change from 0 to 128
[  325.296265][ T6612] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  325.323470][ T6612] ext4 filesystem being mounted at /130/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  325.409467][ T6616] bridge0: port 3(gretap0) entered blocking state
[  325.416600][ T6616] bridge0: port 3(gretap0) entered disabled state
[  325.433136][ T6616] device gretap0 entered promiscuous mode
[  325.442142][ T6616] bridge0: port 3(gretap0) entered blocking state
[  325.448976][ T6616] bridge0: port 3(gretap0) entered forwarding state
[  326.162357][ T4251] EXT4-fs (loop4): unmounting filesystem.
[  326.221236][ T6620] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  326.417730][ T6620] FAT-fs (loop1): unable to read boot sector
[  329.602326][ T6653] netlink: 24 bytes leftover after parsing attributes in process `syz.2.659'.
[  331.948218][ T6673] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  333.966518][ T6693] loop4: detected capacity change from 0 to 2048
[  334.049043][ T6693] EXT4-fs: Ignoring removed mblk_io_submit option
[  334.174062][ T6693] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  336.144511][ T4251] EXT4-fs (loop4): unmounting filesystem.
[  342.431896][ T6755] loop4: detected capacity change from 0 to 128
[  342.510525][ T6755] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  342.593970][ T6755] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  343.256910][ T4251] FAT-fs (loop4): error, corrupted directory (invalid entries)
[  343.334062][ T4251] FAT-fs (loop4): Filesystem has been set read-only
[  343.352235][ T4259] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  343.361258][ T4259] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  343.374270][ T4260] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  343.382263][ T4259] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  343.396537][ T4260] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  343.404133][ T4259] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  343.464126][ T4251] FAT-fs (loop4): error, corrupted directory (invalid entries)
[  344.034490][ T4251] syz-executor (4251) used greatest stack depth: 20144 bytes left
[  344.816866][ T4681] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  344.921928][ T6764] chnl_net:caif_netlink_parms(): no params data found
[  344.995549][ T4681] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  345.122049][ T4681] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  345.500179][ T4268] Bluetooth: hci5: command 0x0409 tx timeout
[  346.227609][ T4681] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  346.254947][ T6764] bridge0: port 1(bridge_slave_0) entered blocking state
[  346.262325][ T6764] bridge0: port 1(bridge_slave_0) entered disabled state
[  347.006223][ T6764] device bridge_slave_0 entered promiscuous mode
[  347.043927][ T6764] bridge0: port 2(bridge_slave_1) entered blocking state
[  347.051072][ T6764] bridge0: port 2(bridge_slave_1) entered disabled state
[  347.118327][ T6764] device bridge_slave_1 entered promiscuous mode
[  347.142492][   T27] kauditd_printk_skb: 1 callbacks suppressed
[  347.142505][   T27] audit: type=1326 audit(1741334111.222:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6792 comm="syz.0.703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e56f8d169 code=0x7ffc0000
[  347.277320][   T27] audit: type=1326 audit(1741334111.222:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6792 comm="syz.0.703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e56f8d169 code=0x7ffc0000
[  347.313984][ T6764] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  347.417544][ T6764] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  347.442428][   T27] audit: type=1326 audit(1741334111.222:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6792 comm="syz.0.703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=270 compat=0 ip=0x7f8e56f8d169 code=0x7ffc0000
[  347.511914][   T27] audit: type=1326 audit(1741334111.292:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6792 comm="syz.0.703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e56f8d169 code=0x7ffc0000
[  347.553126][ T4268] Bluetooth: hci5: command 0x041b tx timeout
[  347.557995][ T6764] team0: Port device team_slave_0 added
[  347.616220][ T6764] team0: Port device team_slave_1 added
[  347.648779][   T27] audit: type=1326 audit(1741334111.292:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6792 comm="syz.0.703" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e56f8d169 code=0x7ffc0000
[  347.776899][ T6764] batman_adv: batadv0: Adding interface: batadv_slave_0
[  347.817433][ T6764] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  347.917947][ T6764] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  348.044598][ T4259] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  348.054509][ T4259] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  348.064659][ T4259] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  348.073318][ T4259] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  348.086495][ T4259] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  348.093826][ T4259] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  348.170620][ T6764] batman_adv: batadv0: Adding interface: batadv_slave_1
[  348.196167][ T6764] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  348.351192][ T6764] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  348.562136][ T6764] device hsr_slave_0 entered promiscuous mode
[  348.581966][ T6764] device hsr_slave_1 entered promiscuous mode
[  348.600299][ T6764] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  348.633158][ T6764] Cannot create hsr debugfs directory
[  349.336192][ T6803] chnl_net:caif_netlink_parms(): no params data found
[  349.663233][ T4259] Bluetooth: hci5: command 0x040f tx timeout
[  349.702486][ T6764] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  350.184324][ T4268] Bluetooth: hci0: command 0x0409 tx timeout
[  350.753442][ T6764] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  350.834237][ T6803] bridge0: port 1(bridge_slave_0) entered blocking state
[  350.841456][ T6803] bridge0: port 1(bridge_slave_0) entered disabled state
[  350.849992][ T6803] device bridge_slave_0 entered promiscuous mode
[  350.859091][ T6803] bridge0: port 2(bridge_slave_1) entered blocking state
[  350.866424][ T6803] bridge0: port 2(bridge_slave_1) entered disabled state
[  350.874638][ T6803] device bridge_slave_1 entered promiscuous mode
[  350.903101][ T6803] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  350.915207][ T6803] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  350.948316][ T6803] team0: Port device team_slave_0 added
[  350.957863][ T6803] team0: Port device team_slave_1 added
[  351.005658][   T27] audit: type=1326 audit(1741334115.092:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6841 comm="syz.0.710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e56f8d169 code=0x7ffc0000
[  351.143012][   T27] audit: type=1326 audit(1741334115.092:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6841 comm="syz.0.710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8e56f8d169 code=0x7ffc0000
[  351.706541][   T27] audit: type=1326 audit(1741334115.092:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6841 comm="syz.0.710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e56f8d169 code=0x7ffc0000
[  351.728896][ T4259] Bluetooth: hci5: command 0x0419 tx timeout
[  351.738071][   T27] audit: type=1326 audit(1741334115.092:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6841 comm="syz.0.710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7f8e56f8d169 code=0x7ffc0000
[  351.753422][ T6764] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  351.787167][   T27] audit: type=1326 audit(1741334115.092:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6841 comm="syz.0.710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e56f8d169 code=0x7ffc0000
[  351.820117][ T6764] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  351.887062][ T6803] batman_adv: batadv0: Adding interface: batadv_slave_0
[  351.901950][ T6803] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  351.940353][ T6803] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  352.121656][ T6803] batman_adv: batadv0: Adding interface: batadv_slave_1
[  352.143527][   T27] kauditd_printk_skb: 38 callbacks suppressed
[  352.143542][   T27] audit: type=1326 audit(1741334116.232:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6852 comm="syz.1.713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f6fa218bc1f code=0x7ffc0000
[  352.176107][ T6803] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  352.805944][ T4268] Bluetooth: hci0: command 0x041b tx timeout
[  352.907624][   T27] audit: type=1326 audit(1741334116.922:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6852 comm="syz.1.713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f6fa218d1f7 code=0x7ffc0000
[  352.943090][ T6803] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  352.980484][   T27] audit: type=1326 audit(1741334116.932:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6852 comm="syz.1.713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f6fa218bad0 code=0x7ffc0000
[  353.011207][   T27] audit: type=1326 audit(1741334116.932:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6852 comm="syz.1.713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f6fa218bdca code=0x7ffc0000
[  353.061379][   T27] audit: type=1326 audit(1741334116.932:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6852 comm="syz.1.713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fa218d169 code=0x7ffc0000
[  353.141792][   T27] audit: type=1326 audit(1741334117.042:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6852 comm="syz.1.713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fa218d169 code=0x7ffc0000
[  353.204672][   T27] audit: type=1326 audit(1741334117.122:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6852 comm="syz.1.713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7f6fa218d169 code=0x7ffc0000
[  353.236744][   T27] audit: type=1326 audit(1741334117.122:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6852 comm="syz.1.713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fa218d169 code=0x7ffc0000
[  353.267319][   T27] audit: type=1326 audit(1741334117.122:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6852 comm="syz.1.713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fa218d169 code=0x7ffc0000
[  353.345764][   T27] audit: type=1326 audit(1741334117.132:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6852 comm="syz.1.713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=448 compat=0 ip=0x7f6fa218d169 code=0x7ffc0000
[  353.625539][ T4681] device hsr_slave_0 left promiscuous mode
[  353.688342][ T4681] device hsr_slave_1 left promiscuous mode
[  353.761061][ T4681] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  353.820077][ T4681] batman_adv: batadv0: Removing interface: batadv_slave_0
[  353.970414][ T4681] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  354.120143][ T4681] batman_adv: batadv0: Removing interface: batadv_slave_1
[  354.143882][ T4681] device bridge_slave_1 left promiscuous mode
[  354.174802][ T4681] bridge0: port 2(bridge_slave_1) entered disabled state
[  354.218287][ T4681] device bridge_slave_0 left promiscuous mode
[  354.224691][ T4681] bridge0: port 1(bridge_slave_0) entered disabled state
[  354.300133][ T4681] device veth1_macvtap left promiscuous mode
[  354.313684][ T4681] device veth0_macvtap left promiscuous mode
[  354.351898][ T4681] device veth1_vlan left promiscuous mode
[  354.359973][ T4681] device veth0_vlan left promiscuous mode
[  354.843256][ T4268] Bluetooth: hci0: command 0x040f tx timeout
[  356.416220][ T4681] team0 (unregistering): Port device team_slave_1 removed
[  356.923269][ T4268] Bluetooth: hci0: command 0x0419 tx timeout
[  357.400867][ T4681] team0 (unregistering): Port device team_slave_0 removed
[  357.498167][ T4681] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  357.572569][ T4681] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  358.321755][ T4681] bond0 (unregistering): Released all slaves
[  358.415922][ T6803] device hsr_slave_0 entered promiscuous mode
[  358.424936][ T6803] device hsr_slave_1 entered promiscuous mode
[  359.219762][ T6764] 8021q: adding VLAN 0 to HW filter on device bond0
[  359.523872][ T6764] 8021q: adding VLAN 0 to HW filter on device team0
[  359.584641][ T4432] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  359.592521][ T4432] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  359.648800][ T4432] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  359.661377][ T4432] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  359.669974][ T4432] bridge0: port 1(bridge_slave_0) entered blocking state
[  359.677112][ T4432] bridge0: port 1(bridge_slave_0) entered forwarding state
[  359.685795][ T4432] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  359.783472][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  359.804148][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  359.831562][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  359.838814][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  359.858055][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  359.872587][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  359.882302][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  359.897252][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  359.941136][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  359.967002][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  360.026526][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  360.057450][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  360.066654][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  360.085525][ T6764] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  360.180721][   T27] kauditd_printk_skb: 2 callbacks suppressed
[  360.180926][   T27] audit: type=1326 audit(1741334124.252:280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6907 comm="syz.0.722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e56f8d169 code=0x7ffc0000
[  360.485877][ T6764] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  360.756586][ T4441] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  360.786569][ T4441] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  360.795006][   T27] audit: type=1326 audit(1741334124.262:281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6907 comm="syz.0.722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e56f8d169 code=0x7ffc0000
[  360.890565][ T6803] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  360.900968][   T27] audit: type=1326 audit(1741334124.262:282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6907 comm="syz.0.722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=38 compat=0 ip=0x7f8e56f8d169 code=0x7ffc0000
[  360.958861][   T27] audit: type=1326 audit(1741334124.262:283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6907 comm="syz.0.722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e56f8d169 code=0x7ffc0000
[  361.003946][ T6803] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  361.033168][   T27] audit: type=1326 audit(1741334124.262:284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6907 comm="syz.0.722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e56f8d169 code=0x7ffc0000
[  361.106033][   T27] audit: type=1326 audit(1741334124.262:285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6907 comm="syz.0.722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f8e56f8d169 code=0x7ffc0000
[  361.260855][ T6803] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  361.277059][ T6803] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  361.303842][   T27] audit: type=1326 audit(1741334124.262:286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6907 comm="syz.0.722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e56f8d169 code=0x7ffc0000
[  362.031117][   T27] audit: type=1326 audit(1741334124.262:287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6907 comm="syz.0.722" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e56f8d169 code=0x7ffc0000
[  363.173723][ T6764] 8021q: adding VLAN 0 to HW filter on device batadv0
[  363.181053][ T4441] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  363.225549][ T4441] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  363.312400][ T6803] 8021q: adding VLAN 0 to HW filter on device bond0
[  363.463418][ T5064] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  363.473701][ T5064] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  363.648950][ T4681] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  363.748959][ T6803] 8021q: adding VLAN 0 to HW filter on device team0
[  363.857801][ T4681] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  364.079882][ T4432] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  364.100249][ T4432] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  364.372751][ T4432] bridge0: port 1(bridge_slave_0) entered blocking state
[  364.379965][ T4432] bridge0: port 1(bridge_slave_0) entered forwarding state
[  364.528923][ T4432] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  364.623936][ T4432] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  364.793529][ T4432] bridge0: port 2(bridge_slave_1) entered blocking state
[  364.800695][ T4432] bridge0: port 2(bridge_slave_1) entered forwarding state
[  364.849976][ T4432] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  364.891837][ T4432] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  364.931787][ T4432] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  364.944207][ T4432] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  365.011413][ T4681] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  365.172263][ T4432] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  365.376085][ T4432] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  365.566426][ T4432] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  365.865160][ T4432] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  365.914154][ T4432] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  365.972684][ T4432] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  366.023458][ T4432] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  366.043302][ T4432] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  366.080200][ T4681] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  366.099049][ T6803] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  366.268994][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  366.281222][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  366.406127][ T4441] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  366.424090][ T4441] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  366.462727][ T6764] device veth0_vlan entered promiscuous mode
[  366.479940][ T4441] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  366.492932][ T4441] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  366.529027][ T6764] device veth1_vlan entered promiscuous mode
[  366.634677][ T4441] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  366.659614][ T4441] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  366.686335][ T4441] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  366.717802][ T4441] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  366.749805][ T6764] device veth0_macvtap entered promiscuous mode
[  366.852601][ T6764] device veth1_macvtap entered promiscuous mode
[  366.879470][ T6803] 8021q: adding VLAN 0 to HW filter on device batadv0
[  366.948253][ T4441] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  366.963644][ T4441] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  366.982794][ T4441] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  367.018502][ T4441] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  367.051899][ T6764] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  367.090878][ T6764] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  367.152519][ T6764] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  367.193645][ T6764] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  367.242859][ T6764] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  367.263007][ T6764] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  367.272881][ T6764] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  367.338436][ T6764] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  367.380375][ T6764] batman_adv: batadv0: Interface activated: batadv_slave_0
[  370.338474][ T4441] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  370.354879][ T4441] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  370.799291][ T6764] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  370.843155][ T6764] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  370.903059][ T6764] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  370.973238][ T6764] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  371.023229][ T6764] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  371.057447][ T6764] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  371.086014][ T6764] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  371.127288][ T6764] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  371.169735][ T6764] batman_adv: batadv0: Interface activated: batadv_slave_1
[  372.854213][ T4441] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  372.887361][ T4441] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  373.719954][ T6764] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  373.771012][ T6764] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  373.803357][ T6764] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  373.826692][ T6764] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  375.454861][ T7054] netlink: 44 bytes leftover after parsing attributes in process `syz.0.746'.
[  375.464687][ T4441] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  375.507016][ T4441] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  375.558186][ T4441] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  375.617978][ T4441] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  375.645919][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  375.673942][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  375.790340][ T6803] device veth0_vlan entered promiscuous mode
[  377.396159][ T4432] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  377.426717][ T4432] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  377.597968][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  378.506126][ T1275] ieee802154 phy0 wpan0: encryption failed: -22
[  378.512484][ T1275] ieee802154 phy1 wpan1: encryption failed: -22
[  379.234251][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  379.246816][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  379.307927][ T6803] device veth1_vlan entered promiscuous mode
[  379.503440][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  380.573374][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  380.627130][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  380.649906][ T6803] device veth0_macvtap entered promiscuous mode
[  381.504944][ T7103] netlink: 'syz.1.755': attribute type 12 has an invalid length.
[  381.636763][ T4681] device hsr_slave_0 left promiscuous mode
[  381.669263][ T4681] device hsr_slave_1 left promiscuous mode
[  381.723627][ T4681] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  381.760213][ T4681] batman_adv: batadv0: Removing interface: batadv_slave_0
[  381.784111][ T4681] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  381.791564][ T4681] batman_adv: batadv0: Removing interface: batadv_slave_1
[  381.800324][ T4681] device bridge_slave_1 left promiscuous mode
[  381.809565][ T4681] bridge0: port 2(bridge_slave_1) entered disabled state
[  381.826548][ T4681] device bridge_slave_0 left promiscuous mode
[  381.857100][ T4681] bridge0: port 1(bridge_slave_0) entered disabled state
[  381.893490][ T7109] syz.5.690[7109] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  381.893994][ T7109] syz.5.690[7109] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  382.281241][ T4681] device veth1_macvtap left promiscuous mode
[  382.524731][ T4681] device veth0_macvtap left promiscuous mode
[  382.557923][ T4681] device veth1_vlan left promiscuous mode
[  382.593226][ T4681] device veth0_vlan left promiscuous mode
[  384.014011][ T4681] team0 (unregistering): Port device team_slave_1 removed
[  384.067864][ T4681] team0 (unregistering): Port device team_slave_0 removed
[  384.148063][ T4681] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  384.230922][ T4681] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  384.909981][ T4681] bond0 (unregistering): Released all slaves
[  385.037378][ T6803] device veth1_macvtap entered promiscuous mode
[  385.054129][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  385.262241][ T6803] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  385.273215][ T6803] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  385.284888][ T6803] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  385.295841][ T6803] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  385.318897][ T6803] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  385.363142][ T6803] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  385.492064][ T6803] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  385.543887][ T6803] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  385.579387][ T6803] batman_adv: batadv0: Interface activated: batadv_slave_0
[  385.594198][ T6803] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  385.606413][ T6803] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  385.617019][ T6803] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  385.627626][ T6803] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  385.637619][ T6803] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  385.688294][ T6803] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  385.845286][ T6803] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  386.089174][ T6803] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  386.309721][ T6803] batman_adv: batadv0: Interface activated: batadv_slave_1
[  386.361636][ T4430] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  386.378849][ T4430] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  386.429154][ T4430] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  386.464832][ T4430] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  386.481535][ T6803] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  386.532361][ T6803] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  386.562505][ T6803] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  386.697302][ T6803] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  387.753174][   T33] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  387.761488][   T33] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  387.772098][ T7151] fuse: Bad value for 'fd'
[  387.819210][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  387.902490][ T4866] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  387.925134][ T4866] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  389.294445][ T7163] syz.0.769[7163] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  389.294558][ T7163] syz.0.769[7163] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  389.408145][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  389.629987][ T7167] loop5: detected capacity change from 0 to 512
[  389.705208][ T7167] EXT4-fs: Ignoring removed bh option
[  389.809473][ T7167] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[  389.941859][ T7167] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c119, mo2=0002]
[  390.007641][ T7167] System zones: 1-12
[  390.070836][ T7167] EXT4-fs (loop5): 1 truncate cleaned up
[  390.140008][ T7167] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  391.340443][ T6764] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 4294901760 (level 0)
[  391.412307][ T6764] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 4294967295 (level 1)
[  391.469190][ T6764] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 65535 (level 2)
[  391.731606][ T6764] EXT4-fs (loop5): unmounting filesystem.
[  394.967838][ T7212] netlink: 40 bytes leftover after parsing attributes in process `syz.6.781'.
[  396.719488][ T7246] netlink: 68 bytes leftover after parsing attributes in process `syz.0.792'.
[  397.325706][ T7251] loop6: detected capacity change from 0 to 512
[  397.391583][ T7251] EXT4-fs: Ignoring removed i_version option
[  397.453149][ T7251] EXT4-fs: Ignoring removed mblk_io_submit option
[  397.500397][ T7251] ext4: Unknown parameter 'seclabel'
[  399.852898][ T7284] netlink: 92 bytes leftover after parsing attributes in process `syz.0.800'.
[  399.895786][   T27] audit: type=1326 audit(1741334163.982:288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7250 comm="syz.6.793" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc7ec58d169 code=0x0
[  401.861672][ T7304] loop5: detected capacity change from 0 to 1024
[  401.893919][ T7304] EXT4-fs: Ignoring removed orlov option
[  401.945666][ T7304] EXT4-fs (loop5): Test dummy encryption mode enabled
[  401.999646][ T7304] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  402.262437][ T7304] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[  402.873283][   T27] audit: type=1326 audit(1741334166.832:289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7303 comm="syz.5.805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0466f8d169 code=0x7ffc0000
[  403.376548][ T7317] overlayfs: failed to resolve './file1': -2
[  403.426488][   T27] audit: type=1326 audit(1741334166.832:290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7303 comm="syz.5.805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0466f8d169 code=0x7ffc0000
[  403.471823][ T6764] EXT4-fs (loop5): unmounting filesystem.
[  403.608719][   T27] audit: type=1326 audit(1741334166.842:291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7303 comm="syz.5.805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0466f8d169 code=0x7ffc0000
[  403.794919][ T7327] loop5: detected capacity change from 0 to 512
[  403.824117][ T7327] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  404.026721][ T7327] EXT4-fs (loop5): orphan cleanup on readonly fs
[  404.040241][ T7327] Quota error (device loop5): do_check_range: Getting block 196613 out of range 1-5
[  404.050153][ T7327] Quota error (device loop5): qtree_read_dquot: Can't read quota structure for id 0
[  404.059861][ T7327] EXT4-fs error (device loop5): ext4_acquire_dquot:6795: comm syz.5.806: Failed to acquire dquot type 1
[  404.107209][ T7327] EXT4-fs (loop5): 1 truncate cleaned up
[  404.113637][ T7327] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  404.268750][   T27] audit: type=1326 audit(1741334166.842:292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7303 comm="syz.5.805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0466f8d169 code=0x7ffc0000
[  404.968966][   T27] audit: type=1326 audit(1741334166.842:293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7303 comm="syz.5.805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0466f8d169 code=0x7ffc0000
[  405.159067][   T27] audit: type=1326 audit(1741334166.852:294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7303 comm="syz.5.805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0466f8d169 code=0x7ffc0000
[  405.324045][   T27] audit: type=1326 audit(1741334166.852:295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7303 comm="syz.5.805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0466f8d169 code=0x7ffc0000
[  405.442265][   T27] audit: type=1326 audit(1741334166.852:296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7303 comm="syz.5.805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0466f8d169 code=0x7ffc0000
[  405.510182][   T27] audit: type=1326 audit(1741334166.852:297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7303 comm="syz.5.805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0466f8d169 code=0x7ffc0000
[  405.869150][   T27] audit: type=1326 audit(1741334166.852:298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7303 comm="syz.5.805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0466f8d169 code=0x7ffc0000
[  406.161023][ T6764] EXT4-fs (loop5): unmounting filesystem.
[  406.166992][   T27] audit: type=1326 audit(1741334166.852:299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7303 comm="syz.5.805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0466f8d169 code=0x7ffc0000
[  406.167037][   T27] audit: type=1326 audit(1741334166.862:300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7303 comm="syz.5.805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0466f8d169 code=0x7ffc0000
[  406.167074][   T27] audit: type=1326 audit(1741334166.862:301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7303 comm="syz.5.805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0466f8d169 code=0x7ffc0000
[  406.167110][   T27] audit: type=1326 audit(1741334166.862:302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7303 comm="syz.5.805" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0466f8d169 code=0x7ffc0000
[  407.052053][ T7348] loop6: detected capacity change from 0 to 512
[  407.085711][ T7348] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  407.234733][ T7348] EXT4-fs error (device loop6): ext4_xattr_inode_iget:404: comm syz.6.810: inode #255: comm syz.6.810: iget: illegal inode #
[  407.251820][ T7348] EXT4-fs error (device loop6): ext4_xattr_inode_iget:409: comm syz.6.810: error while reading EA inode 255 err=-117
[  407.265167][ T7348] EXT4-fs (loop6): 1 orphan inode deleted
[  407.271081][ T7348] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  407.627399][ T6803] EXT4-fs (loop6): unmounting filesystem.
[  408.507737][ T7365] netlink: 92 bytes leftover after parsing attributes in process `syz.6.814'.
[  411.100866][ T7387] loop6: detected capacity change from 0 to 512
[  411.139346][ T7387] EXT4-fs: Ignoring removed i_version option
[  411.162871][ T7387] EXT4-fs: Ignoring removed mblk_io_submit option
[  411.218579][ T7387] ext4: Unknown parameter 'seclabel'
[  412.318130][   T27] kauditd_printk_skb: 10 callbacks suppressed
[  412.318148][   T27] audit: type=1326 audit(1741334176.402:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7386 comm="syz.6.820" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc7ec58d169 code=0x0
[  418.025740][ T7496] xt_time: unknown flags 0xc
[  419.670293][   T27] audit: type=1326 audit(1741334183.752:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7505 comm="syz.0.840" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f8e56f8d169 code=0x0
[  420.393720][ T7512] overlayfs: failed to clone upperpath
[  422.100452][   T27] audit: type=1326 audit(1741334186.182:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7529 comm="syz.0.846" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e56f8d169 code=0x7ffc0000
[  422.221196][   T27] audit: type=1326 audit(1741334186.222:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7529 comm="syz.0.846" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e56f8d169 code=0x7ffc0000
[  422.288218][   T27] audit: type=1326 audit(1741334186.222:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7529 comm="syz.0.846" exe="/root/syz-executor" sig=0 arch=c000003e syscall=438 compat=0 ip=0x7f8e56f8d169 code=0x7ffc0000
[  422.319895][ T7533] loop6: detected capacity change from 0 to 2048
[  422.383499][   T27] audit: type=1326 audit(1741334186.222:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7529 comm="syz.0.846" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e56f8d169 code=0x7ffc0000
[  422.432804][ T7533] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  422.548624][   T27] audit: type=1326 audit(1741334186.222:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7529 comm="syz.0.846" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e56f8d169 code=0x7ffc0000
[  422.978902][ T6803] EXT4-fs (loop6): unmounting filesystem.
[  423.152523][   T27] audit: type=1326 audit(1741334187.152:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7543 comm="syz.1.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fa218d169 code=0x7ffc0000
[  423.247985][   T27] audit: type=1326 audit(1741334187.152:321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7543 comm="syz.1.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fa218d169 code=0x7ffc0000
[  423.301429][   T27] audit: type=1326 audit(1741334187.152:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7543 comm="syz.1.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6fa218d169 code=0x7ffc0000
[  423.453420][   T27] audit: type=1326 audit(1741334187.162:323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7543 comm="syz.1.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fa218d169 code=0x7ffc0000
[  424.690252][   T27] kauditd_printk_skb: 21 callbacks suppressed
[  424.690271][   T27] audit: type=1326 audit(1741334187.962:345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7556 comm="syz.6.852" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc7ec58d169 code=0x0
[  427.867110][ T7579] loop5: detected capacity change from 0 to 40427
[  427.921138][ T7579] F2FS-fs (loop5): Unrecognized mount option "background_gc<on" or missing value
[  428.857204][ T7609] xt_time: unknown flags 0xc
[  436.463920][ T7685] xt_time: unknown flags 0xc
[  439.883465][ T1275] ieee802154 phy0 wpan0: encryption failed: -22
[  439.889831][ T1275] ieee802154 phy1 wpan1: encryption failed: -22
[  440.550917][ T7764] netlink: 92 bytes leftover after parsing attributes in process `syz.1.895'.
[  441.987951][ T7782] loop6: detected capacity change from 0 to 128
[  442.014889][ T7782] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[  442.430462][ T7797] loop6: detected capacity change from 0 to 1024
[  442.672841][ T7797] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  443.093563][ T7806] overlayfs: failed to clone upperpath
[  443.555429][ T7809] netlink: 4 bytes leftover after parsing attributes in process `syz.3.906'.
[  443.565859][ T7809] netlink: 12 bytes leftover after parsing attributes in process `syz.3.906'.
[  444.121725][ T7805] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  444.723627][ T7813] syz.6.904[7813] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  444.723734][ T7813] syz.6.904[7813] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  446.633718][ T7813] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  446.657575][ T7813] EXT4-fs (loop6): This should not happen!! Data will be lost
[  446.657575][ T7813] 
[  446.667403][ T7813] EXT4-fs (loop6): Total free blocks count 0
[  446.674454][ T7813] EXT4-fs (loop6): Free/Dirty block details
[  446.680518][ T7813] EXT4-fs (loop6): free_blocks=68451041280
[  446.686730][ T7813] EXT4-fs (loop6): dirty_blocks=16
[  446.691931][ T7813] EXT4-fs (loop6): Block reservation details
[  446.698029][ T7813] EXT4-fs (loop6): i_reserved_data_blocks=1
[  448.608843][ T6803] EXT4-fs (loop6): unmounting filesystem.
[  448.782224][ T7834] netlink: 92 bytes leftover after parsing attributes in process `syz.6.911'.
[  448.794807][ T7835] loop5: detected capacity change from 0 to 16
[  448.841854][ T7835] erofs: (device loop5): mounted with root inode @ nid 36.
[  449.239540][   T27] audit: type=1326 audit(1741334213.322:346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7843 comm="syz.0.914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e56f8d169 code=0x7ffc0000
[  449.307924][   T27] audit: type=1326 audit(1741334213.342:347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7843 comm="syz.0.914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8e56f8d169 code=0x7ffc0000
[  449.412958][   T27] audit: type=1326 audit(1741334213.342:348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7843 comm="syz.0.914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e56f8d169 code=0x7ffc0000
[  449.516283][   T27] audit: type=1326 audit(1741334213.342:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7843 comm="syz.0.914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e56f8d169 code=0x7ffc0000
[  449.620200][   T27] audit: type=1326 audit(1741334213.342:350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7843 comm="syz.0.914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8e56f8d169 code=0x7ffc0000
[  449.703188][   T27] audit: type=1326 audit(1741334213.382:351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7843 comm="syz.0.914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e56f8d169 code=0x7ffc0000
[  449.774034][   T27] audit: type=1326 audit(1741334213.382:352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7843 comm="syz.0.914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=119 compat=0 ip=0x7f8e56f8d169 code=0x7ffc0000
[  449.856115][ T7835] erofs: (device loop5): z_erofs_pcluster_readmore: readmore error at page 0 @ nid 36
[  449.899859][ T7835] erofs: (device loop5): z_erofs_read_folio: failed to read, err [-117]
[  450.005315][   T27] audit: type=1326 audit(1741334213.382:353): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7843 comm="syz.0.914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e56f8d169 code=0x7ffc0000
[  450.168020][ T7863] overlayfs: failed to clone upperpath
[  454.637077][ T7916] netlink: 92 bytes leftover after parsing attributes in process `syz.5.928'.
[  454.992344][ T7925] overlayfs: failed to clone upperpath
[  455.642034][ T7933] overlayfs: failed to clone upperpath
[  459.961205][ T7974] overlayfs: failed to clone upperpath
[  460.455472][ T7992] netem: change failed
[  460.581832][ T7995] loop5: detected capacity change from 0 to 256
[  460.675436][ T7998] netlink: 92 bytes leftover after parsing attributes in process `syz.6.946'.
[  463.240490][ T8047] syz.6.956[8047] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  463.240601][ T8047] syz.6.956[8047] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  464.320606][ T8053] loop5: detected capacity change from 0 to 256
[  464.539284][ T8053] FAT-fs (loop5): Directory bread(block 64) failed
[  464.580463][ T8053] FAT-fs (loop5): Directory bread(block 65) failed
[  464.607912][ T8053] FAT-fs (loop5): Directory bread(block 66) failed
[  464.651455][ T8053] FAT-fs (loop5): Directory bread(block 67) failed
[  464.713642][ T8053] FAT-fs (loop5): Directory bread(block 68) failed
[  464.740682][ T8053] FAT-fs (loop5): Directory bread(block 69) failed
[  464.959647][ T8053] FAT-fs (loop5): Directory bread(block 70) failed
[  464.968683][ T8053] FAT-fs (loop5): Directory bread(block 71) failed
[  464.975922][ T8053] FAT-fs (loop5): Directory bread(block 72) failed
[  464.982642][ T8053] FAT-fs (loop5): Directory bread(block 73) failed
[  465.598141][ T8073] netlink: 92 bytes leftover after parsing attributes in process `syz.6.966'.
[  465.889504][ T4452] kworker/u4:12: attempt to access beyond end of device
[  465.889504][ T4452] loop5: rw=1048577, sector=1224, nr_sectors = 64 limit=256
[  465.974684][ T4452] kworker/u4:12: attempt to access beyond end of device
[  465.974684][ T4452] loop5: rw=1048577, sector=1320, nr_sectors = 64 limit=256
[  467.623275][ T4259] Bluetooth: hci5: command 0x0406 tx timeout
[  470.624983][ T8131] xt_time: unknown flags 0xc
[  472.613142][ T4268] Bluetooth: hci0: command 0x0406 tx timeout
[  473.024442][ T8150] netlink: 92 bytes leftover after parsing attributes in process `syz.3.981'.
[  475.335565][ T8191] xt_time: unknown flags 0xc
[  476.413697][ T8203] netlink: 92 bytes leftover after parsing attributes in process `syz.3.992'.
[  477.781064][ T8217] loop5: detected capacity change from 0 to 4096
[  478.370364][ T8236] loop5: detected capacity change from 0 to 512
[  478.453339][ T8238] xt_time: unknown flags 0xc
[  478.524998][ T8236] EXT4-fs: Ignoring removed i_version option
[  478.639394][ T8236] EXT4-fs: Ignoring removed mblk_io_submit option
[  478.793261][ T8236] ext4: Unknown parameter 'seclabel'
[  479.208696][ T8198] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  480.668439][ T8262] netlink: 92 bytes leftover after parsing attributes in process `syz.6.1005'.
[  481.991009][ T8285] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1012'.
[  482.762707][ T8288] tipc: Started in network mode
[  482.823093][ T8288] tipc: Node identity 024407e28234, cluster identity 4711
[  482.830448][ T8288] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  482.936603][ T8295] loop5: detected capacity change from 0 to 512
[  482.976140][ T8295] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  483.021535][ T8297] device syzkaller0 entered promiscuous mode
[  483.043960][ T8297] tipc: Resetting bearer <eth:syzkaller0>
[  483.072263][ T8286] tipc: Resetting bearer <eth:syzkaller0>
[  483.195998][ T8295] EXT4-fs (loop5): orphan cleanup on readonly fs
[  483.224705][ T8295] EXT4-fs error (device loop5): ext4_quota_enable:6982: comm syz.5.1019: Bad quota inum: 64, type: 0
[  483.274291][ T8295] EXT4-fs (loop5): Remounting filesystem read-only
[  483.280908][ T8295] EXT4-fs warning (device loop5): ext4_enable_quotas:7030: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  483.479921][ T8295] EXT4-fs (loop5): Cannot turn on quotas: error -117
[  483.673700][ T8295] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  484.025667][    T7] tipc: Node number set to 2154825698
[  485.731075][ T8332] netlink: 92 bytes leftover after parsing attributes in process `syz.1.1025'.
[  486.420806][ T8343] overlayfs: failed to clone upperpath
[  489.780641][ T8286] tipc: Disabling bearer <eth:syzkaller0>
[  489.869986][ T8360] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1033'.
[  489.899946][ T6764] EXT4-fs (loop5): unmounting filesystem.
[  493.196850][ T8421] netlink: 92 bytes leftover after parsing attributes in process `syz.5.1048'.
[  493.404863][ T8428] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  493.414257][ T8428] FAT-fs (loop7): unable to read boot sector
[  494.367075][ T8442] loop5: detected capacity change from 0 to 1024
[  496.823505][ T8469] overlayfs: failed to clone upperpath
[  497.402276][ T8485] loop6: detected capacity change from 0 to 512
[  497.451205][ T8485] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  497.502642][ T8486] netlink: 92 bytes leftover after parsing attributes in process `syz.5.1065'.
[  497.580161][ T8485] EXT4-fs (loop6): orphan cleanup on readonly fs
[  497.603020][ T8485] EXT4-fs error (device loop6): ext4_quota_enable:6982: comm syz.6.1063: Bad quota inum: 64, type: 0
[  497.871595][ T8485] EXT4-fs (loop6): Remounting filesystem read-only
[  498.063428][ T8485] EXT4-fs warning (device loop6): ext4_enable_quotas:7030: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  498.369408][ T8485] EXT4-fs (loop6): Cannot turn on quotas: error -117
[  498.406546][ T8485] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  499.346301][ T6803] EXT4-fs (loop6): unmounting filesystem.
[  499.923250][  T126] usb 7-1: new full-speed USB device number 2 using dummy_hcd
[  500.202557][  T126] usb 7-1: config 1 interface 0 has no altsetting 0
[  500.262171][  T126] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  500.422174][  T126] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  500.621691][  T126] usb 7-1: Product: syz
[  500.635203][  T126] usb 7-1: Manufacturer: syz
[  500.644383][  T126] usb 7-1: SerialNumber: syz
[  501.185401][  T126] usblp 7-1:1.0: usblp0: USB Unidirectional printer dev 2 if 0 alt 253 proto 1 vid 0x0525 pid 0xA4A8
[  501.321519][ T1275] ieee802154 phy0 wpan0: encryption failed: -22
[  501.327972][ T1275] ieee802154 phy1 wpan1: encryption failed: -22
[  501.456005][  T126] usb 7-1: USB disconnect, device number 2
[  501.494339][ T8526] loop5: detected capacity change from 0 to 256
[  501.518272][  T126] usblp0: removed
[  501.524018][ T8526] exfat: Deprecated parameter 'utf8'
[  501.529382][ T8526] exfat: Unknown parameter 'fsmagic'
[  501.865633][ T8535] capability: warning: `syz.6.1073' uses deprecated v2 capabilities in a way that may be insecure
[  501.955180][ T8535] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1073'.
[  503.447575][ T8559] netlink: 92 bytes leftover after parsing attributes in process `syz.3.1078'.
[  504.273293][ T8584] loop6: detected capacity change from 0 to 4096
[  504.499140][ T8591] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  504.854312][ T8595] xt_time: unknown flags 0xc
[  506.003968][ T8638] netlink: 92 bytes leftover after parsing attributes in process `syz.3.1097'.
[  506.896126][ T8653] xt_time: unknown flags 0xc
[  507.288753][ T8659] loop6: detected capacity change from 0 to 4096
[  507.653797][ T8668] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  508.043069][   T27] audit: type=1800 audit(1741334272.122:354): pid=8659 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1104" name="file2" dev="loop6" ino=16 res=0 errno=0
[  508.145231][ T8673] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1107'.
[  508.516835][ T8688] loop6: detected capacity change from 0 to 256
[  508.635137][ T6803] FAT-fs (loop6): error, corrupted directory (invalid entries)
[  508.652799][ T6803] FAT-fs (loop6): error, corrupted directory (invalid entries)
[  509.043401][ T8696] xt_time: unknown flags 0xc
[  509.732645][ T8704] overlayfs: failed to clone upperpath
[  511.270819][ T7083] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  511.450236][ T7083] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  511.610755][ T7083] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  511.964002][ T7083] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  512.070229][ T8728] xt_time: unknown flags 0xc
[  512.819189][ T7083] tipc: Left network mode
[  512.946997][ T8746] netlink: 92 bytes leftover after parsing attributes in process `syz.5.1134'.
[  513.132183][ T4268] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  513.173298][ T4260] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  513.183392][ T4260] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  513.191734][ T4260] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  513.200352][ T4260] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  513.223536][ T4260] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  514.696741][ T8771] overlayfs: failed to clone upperpath
[  515.179991][ T8788] xt_time: unknown flags 0xc
[  515.313292][ T4259] Bluetooth: hci0: command 0x0409 tx timeout
[  515.553541][ T8748] chnl_net:caif_netlink_parms(): no params data found
[  516.940601][ T8819] syz.3.1149[8819] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  516.940707][ T8819] syz.3.1149[8819] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  517.857370][ T4259] Bluetooth: hci0: command 0x041b tx timeout
[  518.154597][ T8825] netlink: 92 bytes leftover after parsing attributes in process `syz.5.1151'.
[  518.520802][ T8829] overlayfs: failed to clone upperpath
[  519.351866][ T8748] bridge0: port 1(bridge_slave_0) entered blocking state
[  519.465331][ T8748] bridge0: port 1(bridge_slave_0) entered disabled state
[  519.515908][ T8748] device bridge_slave_0 entered promiscuous mode
[  519.770195][ T8748] bridge0: port 2(bridge_slave_1) entered blocking state
[  519.784168][ T8748] bridge0: port 2(bridge_slave_1) entered disabled state
[  519.820597][ T8748] device bridge_slave_1 entered promiscuous mode
[  519.952994][ T4259] Bluetooth: hci0: command 0x040f tx timeout
[  519.959348][ T7083] device hsr_slave_0 left promiscuous mode
[  520.154118][ T7083] device hsr_slave_1 left promiscuous mode
[  520.163677][ T7083] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  520.176474][ T7083] batman_adv: batadv0: Removing interface: batadv_slave_0
[  520.193490][ T7083] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  521.213267][ T7083] batman_adv: batadv0: Removing interface: batadv_slave_1
[  521.261738][ T7083] device bridge_slave_1 left promiscuous mode
[  521.313273][ T7083] bridge0: port 2(bridge_slave_1) entered disabled state
[  521.354545][ T7083] device bridge_slave_0 left promiscuous mode
[  521.363376][ T7083] bridge0: port 1(bridge_slave_0) entered disabled state
[  521.593438][ T7083] device veth1_macvtap left promiscuous mode
[  521.606569][ T7083] device veth0_macvtap left promiscuous mode
[  521.638803][ T7083] device veth1_vlan left promiscuous mode
[  521.644872][ T7083] device veth0_vlan left promiscuous mode
[  522.034930][ T4259] Bluetooth: hci0: command 0x0419 tx timeout
[  522.306130][ T8876] netlink: 92 bytes leftover after parsing attributes in process `syz.3.1162'.
[  523.639230][ T8887] syz.0.1163[8887] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  523.639336][ T8887] syz.0.1163[8887] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  524.561372][ T7083] team0 (unregistering): Port device team_slave_1 removed
[  524.639472][ T7083] team0 (unregistering): Port device team_slave_0 removed
[  524.710493][ T7083] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  524.776970][ T7083] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  525.509181][ T7083] bond0 (unregistering): Released all slaves
[  525.718051][ T8748] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  525.970062][ T8748] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  526.813520][ T8748] team0: Port device team_slave_0 added
[  526.876320][ T8748] team0: Port device team_slave_1 added
[  527.151614][ T8748] batman_adv: batadv0: Adding interface: batadv_slave_0
[  527.184154][ T8748] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  527.218441][ T8748] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  527.246775][ T8748] batman_adv: batadv0: Adding interface: batadv_slave_1
[  527.256983][ T8748] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  527.325755][ T8748] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  527.992591][ T8748] device hsr_slave_0 entered promiscuous mode
[  528.009058][ T8748] device hsr_slave_1 entered promiscuous mode
[  528.251172][ T8939] overlayfs: failed to clone upperpath
[  530.269994][ T8748] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  530.323427][ T8748] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  530.469912][ T8935] syz.3.1176[8935] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  530.470399][ T8935] syz.3.1176[8935] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  530.878022][ T8748] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  531.186516][ T8748] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  532.476243][ T8748] 8021q: adding VLAN 0 to HW filter on device bond0
[  532.561736][ T4432] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  532.570189][ T4432] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  532.614505][ T8748] 8021q: adding VLAN 0 to HW filter on device team0
[  532.661045][ T1119] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  532.675745][ T1119] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  532.718633][ T1119] bridge0: port 1(bridge_slave_0) entered blocking state
[  532.725970][ T1119] bridge0: port 1(bridge_slave_0) entered forwarding state
[  532.834321][ T1119] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  532.865259][ T1119] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  532.885475][ T1119] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  532.903571][ T1119] bridge0: port 2(bridge_slave_1) entered blocking state
[  532.910694][ T1119] bridge0: port 2(bridge_slave_1) entered forwarding state
[  532.924161][ T1119] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  532.937977][ T1119] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  533.000882][ T1119] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  533.022567][ T1119] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  533.042516][ T1119] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  533.067490][ T1119] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  533.094976][ T1119] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  533.150995][ T1119] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  533.163435][ T1119] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  533.193794][ T1119] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  533.237950][ T1119] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  533.267416][ T8748] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  534.733371][ T8748] 8021q: adding VLAN 0 to HW filter on device batadv0
[  534.851040][ T7165] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  535.052430][ T9032] syz.3.1194[9032] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  535.052549][ T9032] syz.3.1194[9032] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  535.505467][ T7165] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  536.696530][ T9053] overlayfs: failed to clone upperpath
[  538.439074][ T4441] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  538.451788][ T4441] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  538.661568][ T4866] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  538.669592][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  538.677931][    T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!!
[  538.686228][    T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!!
[  538.694518][    T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!!
[  538.702906][    T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!!
[  538.711156][    T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!!
[  538.719433][    T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!!
[  538.727677][    T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!!
[  538.740793][    T0] NOHZ tick-stop error: local softirq work is pending, handler #382!!!
[  538.749181][    T0] NOHZ tick-stop error: local softirq work is pending, handler #382!!!
[  539.527875][ T4866] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  539.570725][ T8748] device veth0_vlan entered promiscuous mode
[  539.613799][ T8748] device veth1_vlan entered promiscuous mode
[  539.716316][ T4866] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  539.753625][ T4866] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  539.968862][ T4866] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  540.007599][ T4866] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  540.076761][ T8748] device veth0_macvtap entered promiscuous mode
[  540.110730][ T8748] device veth1_macvtap entered promiscuous mode
[  540.139424][ T4866] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  540.143595][ T9093] loop5: detected capacity change from 0 to 1024
[  540.186744][ T4866] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  540.197356][ T4866] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  540.206867][ T4866] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  540.227981][ T8748] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  540.241056][ T8748] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  540.252782][ T8748] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  540.263619][ T8748] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  540.274697][ T8748] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  540.285263][ T8748] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  540.295134][ T8748] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  540.317365][ T8748] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  540.329330][ T8748] batman_adv: batadv0: Interface activated: batadv_slave_0
[  540.450494][ T8748] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  540.461221][ T8748] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  540.471968][ T8748] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  540.482773][ T8748] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  540.493077][ T8748] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  540.504144][ T8748] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  540.515374][ T8748] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  540.563076][ T8748] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  540.603575][ T8748] batman_adv: batadv0: Interface activated: batadv_slave_1
[  540.629731][ T9101] syz.0.1210[9101] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  540.629825][ T9101] syz.0.1210[9101] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  541.347934][ T9116] overlayfs: unrecognized mount option "hash" or missing value
[  542.492394][ T4866] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  542.567845][ T4866] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  542.587158][ T4866] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  542.619803][ T4866] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  542.791889][ T8748] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  542.873266][ T8748] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  542.902622][ T8748] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  543.026023][ T8748] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  544.034108][ T4441] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  544.064927][ T4441] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  544.103637][ T4441] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  544.132635][ T4441] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  544.180160][ T4441] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  544.245051][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  544.322803][ T9156] netlink: 'syz.0.1224': attribute type 4 has an invalid length.
[  544.557413][ T9161] loop7: detected capacity change from 0 to 1024
[  544.626501][ T9161] EXT4-fs: Ignoring removed orlov option
[  544.691585][ T9161] EXT4-fs (loop7): Test dummy encryption mode enabled
[  544.840268][ T9161] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  544.939050][ T9161] EXT4-fs: Ignoring removed orlov option
[  544.973977][ T9161] EXT4-fs (loop7): re-mounted. Quota mode: writeback.
[  546.114461][ T8748] EXT4-fs (loop7): unmounting filesystem.
[  546.563247][   T14] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  546.639539][ T9215] syz.5.1227[9215] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  546.639643][ T9215] syz.5.1227[9215] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  546.773917][   T14] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  546.827338][   T14] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  546.847954][   T14] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  546.904467][   T14] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  546.936407][   T14] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  546.981977][   T14] usb 8-1: config 0 descriptor??
[  547.317731][ T9228] syz.1.1243 sent an empty control message without MSG_MORE.
[  547.460402][    C0] raw-gadget.0 gadget.7: ignoring, device is not running
[  547.468896][    C0] raw-gadget.0 gadget.7: ignoring, device is not running
[  547.477968][   T14] usbhid 8-1:0.0: can't add hid device: -32
[  547.484218][   T14] usbhid: probe of 8-1:0.0 failed with error -32
[  547.519539][   T14] usb 8-1: USB disconnect, device number 2
[  547.543652][ T9233] IPv6: NLM_F_CREATE should be specified when creating new route
[  547.964819][   T27] audit: type=1326 audit(1741334568.049:355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9238 comm="syz.0.1246" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f8e56f8d169 code=0x0
[  549.508400][ T9267] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(3)
[  549.515415][ T9267] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  549.553877][ T9267] vhci_hcd vhci_hcd.0: Device attached
[  549.823095][   T14] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  549.843380][  T126] usb 47-1: new high-speed USB device number 2 using vhci_hcd
[  550.017473][   T14] usb 8-1: Using ep0 maxpacket: 8
[  550.026899][   T14] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  550.062929][   T14] usb 8-1: config 0 has no interfaces?
[  550.089511][   T14] usb 8-1: New USB device found, idVendor=2040, idProduct=2950, bcdDevice=85.f1
[  550.120485][   T14] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  550.138952][   T14] usb 8-1: Product: syz
[  550.159195][   T14] usb 8-1: Manufacturer: syz
[  550.179421][   T14] usb 8-1: SerialNumber: syz
[  550.222817][   T14] usb 8-1: config 0 descriptor??
[  550.489903][ T9269] usbip_core: unknown command
[  550.490462][   T14] usb 8-1: USB disconnect, device number 3
[  550.494647][ T9269] vhci_hcd: unknown pdu 302055424
[  550.494675][ T9269] usbip_core: unknown command
[  550.513851][ T6146] vhci_hcd: stop threads
[  550.525572][ T6146] vhci_hcd: release socket
[  550.541371][ T6146] vhci_hcd: disconnect device
[  552.293420][   T27] audit: type=1326 audit(1741334572.369:356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9303 comm="syz.0.1262" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f8e56f8d169 code=0x0
[  555.381772][  T126] vhci_hcd: vhci_device speed not set
[  556.010205][ T9361] syz.3.1280[9361] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  556.010301][ T9361] syz.3.1280[9361] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  557.065112][   T14] usb 6-1: new full-speed USB device number 2 using dummy_hcd
[  557.274923][   T14] usb 6-1: config 0 has an invalid interface number: 166 but max is 0
[  557.287578][   T14] usb 6-1: config 0 has no interface number 0
[  557.307589][   T14] usb 6-1: config 0 interface 166 has no altsetting 0
[  557.336155][   T14] usb 6-1: New USB device found, idVendor=0675, idProduct=1688, bcdDevice=59.4c
[  557.358510][   T14] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  557.366395][ T9394] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1288'.
[  557.387677][   T14] usb 6-1: Product: syz
[  557.391882][   T14] usb 6-1: Manufacturer: syz
[  557.408265][   T14] usb 6-1: SerialNumber: syz
[  557.437840][   T14] usb 6-1: config 0 descriptor??
[  557.459304][   T14] HFC-S_USB: probe of 6-1:0.166 failed with error -5
[  557.657378][   T14] usb 6-1: USB disconnect, device number 2
[  559.658420][ T9424] loop7: detected capacity change from 0 to 1024
[  559.698568][ T9424] hfsplus: unable to parse mount options
[  560.098933][ T6343] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  560.313269][ T6343] usb 6-1: Using ep0 maxpacket: 32
[  560.385987][ T6343] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  560.605029][ T6343] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  560.853158][ T6343] usb 6-1: New USB device found, idVendor=172f, idProduct=0502, bcdDevice= 0.00
[  560.893011][ T6343] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  560.985415][ T6343] usb 6-1: config 0 descriptor??
[  561.434171][ T6343] waltop 0003:172F:0502.0005: unknown main item tag 0x0
[  561.450738][ T6343] waltop 0003:172F:0502.0005: hidraw0: USB HID v0.00 Device [HID 172f:0502] on usb-dummy_hcd.5-1/input0
[  561.472776][ T9451] loop7: detected capacity change from 0 to 4096
[  561.905722][ T6343] usb 6-1: USB disconnect, device number 3
[  562.849176][ T1275] ieee802154 phy0 wpan0: encryption failed: -22
[  562.858957][ T1275] ieee802154 phy1 wpan1: encryption failed: -22
[  562.904929][   T27] audit: type=1326 audit(1741334582.989:357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9467 comm="syz.3.1311" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f8cbfb8d169 code=0x0
[  563.585487][ T9486] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1316'.
[  563.959461][ T9498] netlink: 92 bytes leftover after parsing attributes in process `syz.7.1320'.
[  564.975174][ T9520] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1325'.
[  565.026841][ T9520] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1325'.
[  565.055479][ T9520] device bond0 entered promiscuous mode
[  565.067953][ T9520] device bond_slave_0 entered promiscuous mode
[  565.086284][ T9520] device bond_slave_1 entered promiscuous mode
[  565.326724][ T9520] device gretap0 entered promiscuous mode
[  565.407677][ T7083] IPv6: ADDRCONF(NETDEV_CHANGE): hsr1: link becomes ready
[  565.662487][ T9545] syz.1.1331[9545] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  565.662597][ T9545] syz.1.1331[9545] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  568.244562][ T9560] overlayfs: failed to clone upperpath
[  568.539485][ T9565] netlink: 92 bytes leftover after parsing attributes in process `syz.0.1338'.
[  571.648359][ T9599] loop7: detected capacity change from 0 to 128
[  571.703101][ T9599] UDF-fs: error (device loop7): udf_read_tagged: read failed, block=256, location=256
[  571.923375][ T9599] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  572.842332][ T9613] overlayfs: failed to clone upperpath
[  576.012028][ T9666] loop5: detected capacity change from 0 to 256
[  576.653876][ T9688] syz.3.1373[9688] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  576.653975][ T9688] syz.3.1373[9688] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  579.159463][ T9709] loop5: detected capacity change from 0 to 256
[  579.249554][ T9711] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  579.258950][ T9711] FAT-fs (loop7): unable to read boot sector
[  582.244236][ T9764] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  582.254381][ T9764] FAT-fs (loop7): unable to read boot sector
[  585.087117][   T27] audit: type=1326 audit(1741334605.079:358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9789 comm="syz.3.1402" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f8cbfb8d169 code=0x0
[  587.383988][ T9837] Illegal XDP return value 3238856491 on prog  (id 821) dev N/A, expect packet loss!
[  592.584445][ T9879] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  592.593797][ T9879] FAT-fs (loop1): unable to read boot sector
[  593.233546][ T9878] xt_time: unknown flags 0xc
[  595.149370][ T9905] netlink: 92 bytes leftover after parsing attributes in process `syz.0.1438'.
[  595.782448][ T9920] xt_time: unknown flags 0xc
[  600.472294][ T9968] xt_time: unknown flags 0xc
[  601.703607][ T9988] loop7: detected capacity change from 0 to 512
[  601.756108][ T9988] EXT4-fs (loop7): feature flags set on rev 0 fs, running e2fsck is recommended
[  601.871175][ T9988] EXT4-fs (loop7): orphan cleanup on readonly fs
[  601.883108][ T9988] EXT4-fs error (device loop7): ext4_quota_enable:6982: comm syz.7.1464: Bad quota inum: 64, type: 0
[  601.931125][ T9988] EXT4-fs (loop7): Remounting filesystem read-only
[  601.960001][ T9988] EXT4-fs warning (device loop7): ext4_enable_quotas:7030: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  601.998338][ T9988] EXT4-fs (loop7): Cannot turn on quotas: error -117
[  602.124495][ T9988] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  603.434834][ T8748] EXT4-fs (loop7): unmounting filesystem.
[  610.859305][T10073] bridge0: port 3(gretap0) entered disabled state
[  610.866453][T10073] bridge0: port 2(bridge_slave_1) entered disabled state
[  610.873717][T10073] bridge0: port 1(bridge_slave_0) entered disabled state
[  611.346443][T10073] device gretap0 left promiscuous mode
[  611.394046][T10073] bridge0: port 3(gretap0) entered disabled state
[  611.436991][T10073] device bridge_slave_1 left promiscuous mode
[  611.479604][T10073] bridge0: port 2(bridge_slave_1) entered disabled state
[  611.534666][T10073] device bridge_slave_0 left promiscuous mode
[  611.570633][T10073] bridge0: port 1(bridge_slave_0) entered disabled state
[  614.811649][T10111] overlayfs: failed to clone upperpath
[  618.259612][T10137] netlink: 92 bytes leftover after parsing attributes in process `syz.5.1507'.
[  618.872131][T10149] device pim6reg1 entered promiscuous mode
[  619.056861][   T27] audit: type=1326 audit(1741334639.139:359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10146 comm="syz.1.1512" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f6fa218d169 code=0x0
[  620.221762][T10166] overlayfs: failed to clone upperpath
[  624.116304][ T1275] ieee802154 phy0 wpan0: encryption failed: -22
[  624.122680][ T1275] ieee802154 phy1 wpan1: encryption failed: -22
[  626.641631][   T27] audit: type=1326 audit(1741334646.579:360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10188 comm="syz.3.1523" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f8cbfb8d169 code=0x0
[  626.881867][T10200] netlink: 92 bytes leftover after parsing attributes in process `syz.1.1526'.
[  627.243647][T10208] syz.5.1524[10208] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  627.243759][T10208] syz.5.1524[10208] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  628.287751][T10222] overlayfs: failed to clone upperpath
[  632.265417][T10255] netlink: 92 bytes leftover after parsing attributes in process `syz.1.1542'.
[  633.057509][T10266] overlayfs: failed to clone upperpath
[  635.694148][T10299] netlink: 92 bytes leftover after parsing attributes in process `syz.1.1557'.
[  636.433005][ T4268] Bluetooth: hci0: command 0x0406 tx timeout
[  639.457027][T10340] device pim6reg1 entered promiscuous mode
[  639.719393][T10347] netlink: 92 bytes leftover after parsing attributes in process `syz.5.1573'.
[  641.228130][T10361] device pim6reg1 entered promiscuous mode
[  643.353552][T10380] syz.3.1579[10380] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  643.353659][T10380] syz.3.1579[10380] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  643.525194][T10388] netlink: 92 bytes leftover after parsing attributes in process `syz.0.1586'.
[  643.637978][T10389] overlayfs: missing 'lowerdir'
[  647.870908][T10426] device syzkaller0 entered promiscuous mode
[  648.114742][T10429] netlink: 92 bytes leftover after parsing attributes in process `syz.1.1599'.
[  648.811899][T10440] overlayfs: missing 'lowerdir'
[  649.163888][T10443] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  649.173240][T10443] FAT-fs (loop1): unable to read boot sector
[  654.725053][T10480] overlayfs: missing 'lowerdir'
[  656.110249][T10494] overlayfs: failed to clone upperpath
[  656.281717][T10496] syz.3.1616[10496] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  656.281822][T10496] syz.3.1616[10496] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  660.261670][T10519] overlayfs: missing 'lowerdir'
[  660.460062][T10526] netlink: 92 bytes leftover after parsing attributes in process `syz.3.1628'.
[  666.374667][T10573] netlink: 92 bytes leftover after parsing attributes in process `syz.1.1645'.
[  669.744938][T10604] overlayfs: failed to clone upperpath
[  671.761139][T10626] netlink: 92 bytes leftover after parsing attributes in process `syz.7.1660'.
[  673.163875][T10650] overlayfs: failed to clone upperpath
[  675.946937][T10682] netlink: 92 bytes leftover after parsing attributes in process `syz.1.1679'.
[  676.055093][T10685] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  676.064530][T10685] FAT-fs (loop7): unable to read boot sector
[  678.782950][T10710] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  678.792070][T10710] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off.
[  678.804249][T10710] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  682.093957][T10737] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  682.105574][T10737] FAT-fs (loop3): unable to read boot sector
[  682.682192][T10746] netlink: 92 bytes leftover after parsing attributes in process `syz.7.1695'.
[  683.103035][T10752] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  683.111832][T10752] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off.
[  683.123908][T10752] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  686.480900][ T1275] ieee802154 phy0 wpan0: encryption failed: -22
[  686.487454][ T1275] ieee802154 phy1 wpan1: encryption failed: -22
[  687.501369][T10787] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  687.510620][T10787] FAT-fs (loop7): unable to read boot sector
[  689.540900][T10791] netlink: 92 bytes leftover after parsing attributes in process `syz.5.1708'.
[  689.797048][T10799] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  689.806011][T10799] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off.
[  689.817693][T10799] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  693.063776][T10826] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  693.073573][T10826] FAT-fs (loop7): unable to read boot sector
[  693.714975][T10833] device sit0 entered promiscuous mode
[  693.739979][T10831] device pim6reg1 entered promiscuous mode
[  693.991976][T10837] overlayfs: missing 'lowerdir'
[  694.452277][T10843] netlink: 92 bytes leftover after parsing attributes in process `syz.7.1727'.
[  699.201745][T10882] overlayfs: missing 'lowerdir'
[  700.355138][T10898] netlink: 92 bytes leftover after parsing attributes in process `syz.1.1744'.
[  806.952770][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  806.959844][    C0] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P128/1:b..l
[  806.968234][    C0] 	(detected by 0, t=10502 jiffies, g=46581, q=13 ncpus=2)
[  806.975496][    C0] task:kworker/0:2     state:R  running task     stack:24160 pid:128   ppid:2      flags:0x00004000
[  806.987197][    C0] Workqueue: events_power_efficient gc_worker
[  806.993309][    C0] Call Trace:
[  806.996598][    C0]  <TASK>
[  806.999546][    C0]  __schedule+0x143f/0x4570
[  807.004077][    C0]  ? reacquire_held_locks+0x660/0x660
[  807.009486][    C0]  ? validate_chain+0x112/0x5950
[  807.014441][    C0]  ? reacquire_held_locks+0x660/0x660
[  807.019837][    C0]  ? release_firmware_map_entry+0x18b/0x18b
[  807.025747][    C0]  ? print_irqtrace_events+0x210/0x210
[  807.031257][    C0]  ? preempt_schedule_irq+0xec/0x1c0
[  807.036577][    C0]  preempt_schedule_irq+0xf7/0x1c0
[  807.041717][    C0]  ? preempt_schedule_notrace+0x140/0x140
[  807.047497][    C0]  irqentry_exit+0x53/0x80
[  807.051935][    C0]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[  807.057940][    C0] RIP: 0010:seqcount_lockdep_reader_access+0x1dc/0x220
[  807.064818][    C0] Code: f8 4d 85 ed 75 16 e8 c3 cc a1 f8 eb 15 e8 bc cc a1 f8 e8 a7 17 c8 01 4d 85 ed 74 ea e8 ad cc a1 f8 fb 48 c7 04 24 0e 36 e0 45 <4b> c7 04 3c 00 00 00 00 66 43 c7 44 3c 09 00 00 43 c6 44 3c 0b 00
[  807.084444][    C0] RSP: 0018:ffffc90002de7a40 EFLAGS: 00000293
[  807.090525][    C0] RAX: ffffffff88e8ca23 RBX: 0000000000000000 RCX: ffff88801db1d940
[  807.098525][    C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  807.106523][    C0] RBP: ffffc90002de7af0 R08: ffffffff88e8c9f9 R09: fffffbfff2256c5e
[  807.114501][    C0] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[  807.122481][    C0] R13: 0000000000000200 R14: 0000000000000046 R15: 1ffff920005bcf48
[  807.130472][    C0]  ? seqcount_lockdep_reader_access+0x1a9/0x220
[  807.136727][    C0]  ? seqcount_lockdep_reader_access+0x1d3/0x220
[  807.142997][    C0]  ? nf_conntrack_hash_check_insert+0x9b0/0x9b0
[  807.149261][    C0]  ? check_preemption_disabled+0x4b/0x110
[  807.155118][    C0]  gc_worker+0x325/0x1540
[  807.159481][    C0]  ? gc_worker+0x27a/0x1540
[  807.164010][    C0]  ? init_conntrack+0xf90/0xf90
[  807.168898][    C0]  ? do_raw_spin_unlock+0x137/0x8a0
[  807.174129][    C0]  ? process_one_work+0x806/0x1260
[  807.179263][    C0]  process_one_work+0x917/0x1260
[  807.184246][    C0]  ? worker_detach_from_pool+0x260/0x260
[  807.189913][    C0]  ? _raw_spin_lock_irqsave+0x120/0x120
[  807.195473][    C0]  ? kthread_data+0x4e/0xc0
[  807.200002][    C0]  ? wq_worker_running+0x97/0x190
[  807.205040][    C0]  worker_thread+0xa47/0x1200
[  807.209754][    C0]  kthread+0x28d/0x320
[  807.213837][    C0]  ? worker_clr_flags+0x190/0x190
[  807.218871][    C0]  ? kthread_blkcg+0xd0/0xd0
[  807.223472][    C0]  ret_from_fork+0x1f/0x30
[  807.227922][    C0]  </TASK>
[  807.230952][    C0] rcu: rcu_preempt kthread starved for 10482 jiffies! g46581 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
[  807.242152][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  807.252139][    C0] rcu: RCU grace-period kthread stack dump:
[  807.258037][    C0] task:rcu_preempt     state:R  running task     stack:26200 pid:16    ppid:2      flags:0x00004000
[  807.268851][    C0] Call Trace:
[  807.272165][    C0]  <TASK>
[  807.275116][    C0]  __schedule+0x143f/0x4570
[  807.279637][    C0]  ? _raw_spin_unlock+0x40/0x40
[  807.284507][    C0]  ? __mod_timer+0x956/0xee0
[  807.289118][    C0]  ? release_firmware_map_entry+0x18b/0x18b
[  807.295047][    C0]  ? lockdep_softirqs_off+0x420/0x420
[  807.300435][    C0]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[  807.306360][    C0]  ? _raw_spin_unlock+0x40/0x40
[  807.311226][    C0]  schedule+0xbf/0x180
[  807.315319][    C0]  schedule_timeout+0x1b9/0x300
[  807.320187][    C0]  ? console_conditional_schedule+0x40/0x40
[  807.326107][    C0]  ? update_process_times+0x1b0/0x1b0
[  807.331501][    C0]  ? prepare_to_swait_event+0x329/0x350
[  807.337080][    C0]  rcu_gp_fqs_loop+0x2d2/0x1150
[  807.341980][    C0]  ? dyntick_save_progress_counter+0x2b0/0x2b0
[  807.348178][    C0]  ? rcu_gp_init+0x15f0/0x15f0
[  807.352984][    C0]  rcu_gp_kthread+0xa3/0x3b0
[  807.357605][    C0]  ? rcu_report_qs_rsp+0x1a0/0x1a0
[  807.362739][    C0]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[  807.368661][    C0]  ? __kthread_parkme+0x168/0x1c0
[  807.373748][    C0]  kthread+0x28d/0x320
[  807.377842][    C0]  ? rcu_report_qs_rsp+0x1a0/0x1a0
[  807.382976][    C0]  ? kthread_blkcg+0xd0/0xd0
[  807.387590][    C0]  ret_from_fork+0x1f/0x30
[  807.392059][    C0]  </TASK>
[  807.395111][    C0] rcu: Stack dump where RCU GP kthread last ran:
[  807.401453][    C0] Sending NMI from CPU 0 to CPUs 1:
[  807.406696][    C1] NMI backtrace for cpu 1
[  807.406712][    C1] CPU: 1 PID: 10917 Comm: syz.0.1749 Not tainted 6.1.129-syzkaller #0
[  807.406730][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  807.406740][    C1] RIP: 0010:kasan_check_range+0x7b/0x290
[  807.406764][    C1] Code: 00 00 00 00 fc ff df 4f 8d 34 1a 4c 89 f5 4c 29 cd 48 83 fd 10 7f 26 48 85 ed 0f 84 3a 01 00 00 49 f7 d2 49 01 da 41 80 39 00 <0f> 85 c4 01 00 00 49 ff c1 49 ff c2 75 ee e9 1d 01 00 00 45 89 cf
[  807.406779][    C1] RSP: 0018:ffffc900001e0d08 EFLAGS: 00000046
[  807.406794][    C1] RAX: ffffffff81565d01 RBX: 1ffff11010cd7aac RCX: ffffffff81565dfe
[  807.406807][    C1] RDX: 0000000000000001 RSI: 0000000000000024 RDI: ffff8880866bd564
[  807.406818][    C1] RBP: 0000000000000005 R08: dffffc0000000000 R09: ffffed1010cd7ab0
[  807.406830][    C1] R10: ffffffffffffffff R11: dffffc0000000001 R12: ffff8880866bd540
[  807.406842][    C1] R13: 0000000000000001 R14: ffffed1010cd7ab1 R15: 0000000000000011
[  807.406853][    C1] FS:  00007f8e57eb16c0(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[  807.406868][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  807.406880][    C1] CR2: 000000110c420ca2 CR3: 00000000295cd000 CR4: 00000000003506e0
[  807.406895][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  807.406905][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  807.406916][    C1] Call Trace:
[  807.406921][    C1]  <NMI>
[  807.406926][    C1]  ? nmi_cpu_backtrace+0x3de/0x560
[  807.406954][    C1]  ? read_lock_is_recursive+0x10/0x10
[  807.406981][    C1]  ? nmi_trigger_cpumask_backtrace+0x430/0x430
[  807.407008][    C1]  ? nmi_handle+0x25/0x440
[  807.407042][    C1]  ? nmi_cpu_backtrace_handler+0x8/0x10
[  807.407058][    C1]  ? nmi_handle+0x12e/0x440
[  807.407083][    C1]  ? nmi_handle+0x25/0x440
[  807.407109][    C1]  ? kasan_check_range+0x7b/0x290
[  807.407127][    C1]  ? default_do_nmi+0x62/0x150
[  807.407145][    C1]  ? exc_nmi+0xa8/0x100
[  807.407161][    C1]  ? end_repeat_nmi+0x16/0x31
[  807.407185][    C1]  ? __send_signal_locked+0x4b1/0xe00
[  807.407208][    C1]  ? __send_signal_locked+0x5ae/0xe00
[  807.407232][    C1]  ? kasan_check_range+0x7b/0x290
[  807.407252][    C1]  ? kasan_check_range+0x7b/0x290
[  807.407272][    C1]  ? kasan_check_range+0x7b/0x290
[  807.407291][    C1]  </NMI>
[  807.407295][    C1]  <IRQ>
[  807.407301][    C1]  memset+0x1f/0x40
[  807.407322][    C1]  __send_signal_locked+0x5ae/0xe00
[  807.407348][    C1]  ? __lock_task_sighand+0x25/0x2d0
[  807.407374][    C1]  group_send_sig_info+0x28a/0x300
[  807.407399][    C1]  ? lockdep_assert_task_sighand_held+0x2b0/0x2b0
[  807.407443][    C1]  ? kvm_sched_clock_read+0x14/0x40
[  807.407459][    C1]  ? sched_clock_cpu+0x71/0x2b0
[  807.407482][    C1]  ? ktime_get+0x242/0x270
[  807.407520][    C1]  do_bpf_send_signal+0x81/0x150
[  807.407543][    C1]  irq_work_single+0xd5/0x230
[  807.407562][    C1]  irq_work_run+0x187/0x350
[  807.407582][    C1]  ? irq_work_single+0x230/0x230
[  807.407599][    C1]  ? __irq_exit_rcu+0x163/0x240
[  807.407614][    C1]  ? irq_exit_rcu+0x20/0x20
[  807.407635][    C1]  __sysvec_irq_work+0xbb/0x360
[  807.407654][    C1]  sysvec_irq_work+0x98/0xc0
[  807.407670][    C1]  </IRQ>
[  807.407675][    C1]  <TASK>
[  807.407680][    C1]  asm_sysvec_irq_work+0x16/0x20
[  807.407700][    C1] RIP: 0010:native_apic_msr_write+0x35/0x50
[  807.407721][    C1] Code: 74 2a 83 ff 30 74 25 eb 10 81 ff d0 00 00 00 74 1b 81 ff e0 00 00 00 74 13 c1 ef 04 81 c7 00 08 00 00 89 f9 89 f0 31 d2 0f 30 <66> 90 c3 89 f6 31 d2 e9 cf b8 33 03 66 2e 0f 1f 84 00 00 00 00 00
[  807.407736][    C1] RSP: 0018:ffffc90004dafca8 EFLAGS: 00000246
[  807.407750][    C1] RAX: 00000000000000f6 RBX: ffffffff8cdf4b78 RCX: 000000000000083f
[  807.407762][    C1] RDX: 0000000000000000 RSI: 00000000000000f6 RDI: 000000000000083f
[  807.407773][    C1] RBP: 0000000000000000 R08: ffffffff8442a724 R09: fffff520009b5f85
[  807.407786][    C1] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff8880b8f33d90
[  807.407798][    C1] R13: 1ffff920009b5f00 R14: dffffc0000000000 R15: 0000000000000020
[  807.407815][    C1]  ? llist_add_batch+0x134/0x1d0
[  807.407838][    C1]  arch_irq_work_raise+0x82/0xd0
[  807.407856][    C1]  irq_work_queue+0xa3/0x150
[  807.407876][    C1]  bpf_send_signal_common+0x2e6/0x450
[  807.407898][    C1]  ? trace_bpf_trace_printk+0x250/0x250
[  807.407920][    C1]  ? __cant_sleep+0x270/0x270
[  807.407939][    C1]  ? get_sigframe_size+0x10/0x10
[  807.407961][    C1]  bpf_send_signal+0x15/0x20
[  807.407978][    C1]  bpf_prog_7ba5217f62dcd359+0x38/0x3c
[  807.408002][    C1]  bpf_trace_run2+0x1fd/0x410
[  807.408022][    C1]  ? bpf_trace_run2+0x110/0x410
[  807.408040][    C1]  ? bpf_trace_run1+0x3d0/0x3d0
[  807.408065][    C1]  __bpf_trace_sys_enter+0x60/0x70
[  807.408084][    C1]  syscall_enter_from_user_mode+0x206/0x230
[  807.408107][    C1]  do_syscall_64+0x1e/0xb0
[  807.408132][    C1]  ? clear_bhb_loop+0x45/0xa0
[  807.408153][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  807.408172][    C1] RIP: 0033:0x7f8e56f29359
[  807.408185][    C1] Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25
[  807.408199][    C1] RSP: 002b:00007f8e57eb0b40 EFLAGS: 00000246 ORIG_RAX: 000000000000000f
[  807.408216][    C1] RAX: ffffffffffffffda RBX: 00007f8e571a5fa8 RCX: 00007f8e56f29359
[  807.408229][    C1] RDX: 00007f8e57eb0b40 RSI: 00007f8e57eb0c70 RDI: 0000000000000011
[  807.408241][    C1] RBP: 00007f8e571a5fa0 R08: 0000000000000000 R09: 0000000000000000
[  807.408254][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f8e571a5fac
[  807.408265][    C1] R13: 0000000000000000 R14: 00007ffd6e9784d0 R15: 00007ffd6e9785b8
[  807.408285][    C1]  </TASK>