last executing test programs:

12m59.919757619s ago: executing program 2 (id=1212):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000026c0)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0xe}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x28, 0x2, {{0x100, 0x7, 0x6361, 0x5, 0xfffffffd, 0x6}, [@TCA_NETEM_LATENCY64={0xc, 0xa, 0x6}]}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@newqdisc={0x30, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x80000, {0x0, 0x0, 0x0, r7, {0x0, 0xfff3}, {0x2, 0xb}, {0xd, 0xffe0}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x4}}]}, 0x30}}, 0x4008000)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

12m58.751576003s ago: executing program 2 (id=1217):
socket$kcm(0x29, 0x7, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000800)='tasks\x00', 0x2, 0x0)
write$cgroup_pid(r1, &(0x7f00000001c0), 0x12)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
syz_clone(0x43001000, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = openat$cgroup_procs(r2, &(0x7f0000000840)='cgroup.procs\x00', 0x2, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000"], 0x48)
write$cgroup_pid(r3, &(0x7f0000000380), 0x12)

12m50.882465488s ago: executing program 2 (id=1229):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0x0, 0x0, &(0x7f0000000080)='GPL\x00', 0x6, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x75, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net\x00')
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f00000005c0)='cgroup\x00')
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r5, 0x0, 0x2}, 0x18)
lseek(r4, 0x10001, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sched_switch\x00', r0, 0x0, 0xffffffffffffffff}, 0x18)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b000100627269646765000018000280"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0x4, 0xffff}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40010}, 0x840)
socket$netlink(0x10, 0x3, 0x0)
rseq(&(0x7f0000000600)={0x0, 0x0, 0x0, 0x3}, 0x20, 0x0, 0x0)
syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000640)='./file0\x00', 0x2200c17, &(0x7f00000003c0)=ANY=[], 0x1, 0xa29, &(0x7f0000001800)="$eJzs3U1sXeWZB/D/ubYTY5gkQIZhEJCbMAkGPI7tDMlELJjEvknM+GNkOxLRLAhDnFEat7SklQBVIkhVV0Wt1KqLdoe6ajdIbMqmYtfu2lUXlSpW3aOu0k1dnXuvHX9c+9qJP5Lw+1nX93w8532fc95z75t7c3zecH+Z379sbn6+/rjD+Yu/3IGMuYedHfni408+Kh8f3syedOTl4tdJd5Jq0pnkyaRreGRqcrxNQdeTy0k+T4oke9N43pDLKX6YR27Pf57i52W9a9qz0ZJpZ56vtN0+/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4F5UDI8MDAwWezI6cfH1akNSXWV4ZGqyyPz86jUL2zR8ViR/bzuucGWx+nR3Lwz1/eTB2wFPJKkeydONuafrA5KnO+8//MSBVx7vrNQHFy+KFnlugb0bL/bGe+9ff3NubvadtUPmP2jsw9bkdo85X5sYnZ4cHT9zvlYdnZ6snj55cuD4hXPT1XOjY7XpS9MztfHq8FTtzMzkVLV3+IXq4OnTJ6q1/kuTFyfOj/SP1RYWnvr3oYGBk9XX+v+ndmZqenLi+Gv908MXRsfGRifO12PK1WXMqfJE/O/RmepM7cx4tXr12tzsiRU5daw82GXQYLs9KYOG2gUNDQwNDQ4ODQ1+2Bw9e3HByZdPv3xqYKBzYIWsitimk5Z7y0NrN/OWvn/D3ag0+v98bSyjmcjFvJ5qy5/hjGQqkxlfY31T2f8nxWdHj9fWrbfRfzf6/2Yv37lk9VPlryN5tjnbvUb/vzSDesWtc9u+nxt5L+/net7MXOYym3d2PION/RxrHsitLvd8apnIaKYzmdGM50x9SbW5pJrTOZmTGcgbuZBDmU415zKasdQynUuZzkxq9TNqOFOp5UxmMpmpVNOb4byQagZzOqdzItXU0p9LmczFTOR8RnKmXsrVXKsf9xPr5LgYNLiRoKF1glZ25uUpt7n+v/ag/kuQDdvS92+4G/PN/n9P+9De4Z1ICAAAANhy//q77Dv42G//nBR5pv69/LnRsdqru50WAAAAsIXqV809XT51lVPPdNc//w/sdloAAADAFirqf2NXJOnJocbUwl9C+RIAAAAAHhDlJ/9/Suqf/ZsLfP4HAACAB0z7e+y3jSj6Fm7/W73SeL7SjGjMFT3nRsdq/cOTY68M5lj9LgNJnlldWkdSdNX//ODFHG5EHe5pPPfcLrGss7uMGux/ZTAv5khzR3qfK5+e620ROdSIfL4R+fzSyI4sizxRRgLAg+7IOv3xRvv/F9PXiOh7qt7ldz7Vog8e0LMCwL1icYydvzWHNGvR/zcjnl2r//+PdT7/lxGP5eqhxiUF/Xkrb2cuV9K3cMXBoValLoxG0LgMoa/NtwE9zUsW/nCqkr5V3wd0L+7r0tjZDKWv5TcCS8otFnI40Yjr2J42AICddmTdfnhj/X9fm8//PS4pBIB7yuII9puY+GAzwbPv3NjtfQQAltNLAwAAAAAAAAAAAAAAAAAAAAAAAAAAwNbb0A38f38smZubTTZ02/+92eyAAi0nujeT4foTlWxBPvfFREeSuypnXzbYyqsnXt18u5dtfBe7/KuHmpv/ZfeP/AM3sctvTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOyIIulotbyS7E0ykOT4zme1fW7udgJbpbrnjjYrbuVW3s2+Lc8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOArrnn//0oazw83FqWzkhxNcjnJ/+52jlvp1m4nsD2K9iFfbwTevv9/JenKfJHORrOn6BoemZocL4sq9pbrv/j4k4/KR/uyV4+qUBZQ1rBscIlmDUuWdC3f6tH6Vj0jszeuf/vtb1ZHztZPzLMz58ZGxs9P/dftwCeKT5NqGo8FC/l+9+hvfrRkcXOghOLTck9bW1nvuXq9I6vr/ZdWW69R7wZcm5sdKmuaqb0+851vXHt3yarHcjh5rjfpXV7T/5ePNWo6vPJ4Lld8WXy/2Jef5nK9/cujUcwXZRPtr+//Q1evzc32v/X23JXFnD5YltOBHEpyJeneeE6H1j4362ddpausdaAeVP462Ka8dS0pcbBSb/pVx/XR+inTs6l9qLZ5fbU57s2MTrRs6R9/6/Ec23RLH2tTY0vFl8Wfigv5Y763ZPyPStn+R9Py1dmiiHrkkjNl6bplL69KI7K+50NLV7yxssw1X5Vsgx/k//Kfi+1fWfL+32yrnXk/WlJj69dFsvnXxS/2r+pRbqv3SAdX9EjNd5+1tmnmebARtUae/5yXGmVu4h3lpXY99ja9/n9W9OavuWn8HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4N5XJB2tlleSo0kOJNlfzleT+ZUxN++gvkpPcSdpbpk7yfn+U6y5o8Wt3Mq72bfTGQEAAAAAAACwPc6OfPHxJx+Vj/r/x3fk3yrNNdWkM8mB4iddwyNTk+NtCupKLi/8l3735nK4XP565Pb85+Xck2022t3LBwDgvvaPAAAA///F9G4J")
getdents(0xffffffffffffffff, &(0x7f000001fc00)=""/179, 0xb3)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000710419000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)

12m49.048522476s ago: executing program 2 (id=1236):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = socket(0x10, 0x803, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x8b}, 0x0)
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
syz_open_pts(0xffffffffffffffff, 0x141601)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000000c00850000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r3, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000a40)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a80)=@newtfilter={0x70, 0x2c, 0xd27, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0xc, 0x4}, {}, {0xb, 0x9}}, [@filter_kind_options=@f_u32={{0x8}, {0x44, 0x2, [@TCA_U32_SEL={0x24, 0x5, {0x3, 0xa, 0x1, 0xed8, 0x7, 0x8c, 0x40, 0x925e, [{0x101, 0x6, 0x200, 0x3}]}}, @TCA_U32_INDEV={0x14, 0x8, 'nr0\x00'}, @TCA_U32_CLASSID={0x8, 0x1, {0xfff1, 0xd}}]}}]}, 0x70}}, 0x20040054)

12m47.684769896s ago: executing program 2 (id=1239):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000800)='tasks\x00', 0x2, 0x0)
write$cgroup_pid(r1, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = openat$cgroup_procs(r2, &(0x7f0000000840)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r3, &(0x7f0000000380), 0x12)

12m47.494297071s ago: executing program 2 (id=1243):
r0 = socket(0x1d, 0x1, 0x10a0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0xd, 0xc, &(0x7f0000000240)=ANY=[], 0x0, 0x18, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r4}, 0x10)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000300000005"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70800004e9d00047b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000380)='sched_switch\x00', r6}, 0x18)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000c80)={'lo\x00'})
sendmsg$nl_route_sched(r7, &(0x7f0000001200)={0x0, 0x0, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, &(0x7f0000000180)={[{@grpid}, {@mblk_io_submit}, {@nodioread_nolock}, {@test_dummy_encryption}, {@inode_readahead_blks}, {@nodelalloc}, {@minixdf}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x40}}]}, 0x4, 0xbaf, &(0x7f00000017c0)="$eJzs3M1rXFUbAPDn3ny2zftO+vIi1k0jIi2o07SSYotgKxU3LgTdCg3ppIRMP0giNWkWE/0HRF0LbgS1KF3YdTcKbt1o3VpcCEVioyCikTsfSWxmkrSd5Ibk94Mz95w5d+Z5nrlM7j0wNwHsWgPZQxpxICLOJhGF+vNpRHRXe70Rldp+C/OzI7/Pz44ksbj42i9JJBFxd352pPFeSX27rz7ojYhvX0zif++sjjs5PTM+XC6XJurjI1MXLh+ZnJ55ZuzC8PnS+dLFo8efGzo2dHzwxFDbav3jx1M3fnv85Z8qf37617Vf3/84iVPRV59bWUe7DMTA0meyUmdEDLc7WE466vWsrDPpXOdF6SYnBQBAS+mKa7hHohAdsXzxVoivvss1OQAAAKAtFjsiFgEAAIAdLrH+BwAAgB2u8TuAu/OzI42W7y8Sttad0xHRX6t/od5qM51RqW57oysi9t5NYuVtrUntZQ9tICJu/3Dii6zFJt2HvJbKXEQ82uz4J9X6+6t3ca+uP42IwTbEH7hnvN3qf7q7df2n2hA/7/oB2J1unq6dyFaf/9Kl659ocv7rbHLuehB5n/8a138Lq67/luvvaHH99+oGY1z95MMrreay+p+/8dLnjZbFz7YPVdR9uDMX8Vhns/qTpfqTFvWf3WCMwt9XSq3m8q5/8aOIQ9G8/oZk7f9PdGR0rFwarD02jTH3zdBnreLnXX92/Pe2qH+94395gzHeOHPmequ59etPf+5OXq/2uuvPvDU8NTVxNKI7eWX188fqN7S30Nin8R5Z/YefWPv736z+LESl/jlka4G5+jYbv31PzBeuXf1yrfqztV+ex//cAx7/dzcY48mv3zvcam7l+jdrWfzbSW0tDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANaUT0RZIWl/ppWixG7IuI/8fetHxpcuqp0UtvXjyXzUX0R1c6OlYuDUZEoTZOsvHRan95fOye8bMRsT8iPijsqY6LI5fK5/IuHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgCX7IqIvkrQYEWlELBTStFjMOysAAACg7frzTgAAAADYdNb/AAAAsPNZ/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALDJ9h+8eSuJiMrJPdWW6a7PdeWaGbDZ0rwTAHLTkXcCQG46804AyM19rvFdLsAOlKwz39typqftuQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwfR06cPNWEhGVk3uqLdNdn+tq+oqDW5gdsJnSvBMActOx1mTn1uUBbD1fcdi9mq/xgd0kWWe+d3mfyr9nejYtJwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC2n75qS9JiRKTVfpoWixH/iYj+6EpGx8qlwYj4b0R8X+jqycY9eScNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA201Oz4wPl8ulCR0dnXw7yfZIo9bJ+y8TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB5mJyeGR8ul0sTk3lnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAORtcnpmfLhcLk1soHP9fnZe0cm7RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8vNPAAAA///5ZQ4Q")
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000540)={<r9=>0xffffffffffffffff})
accept(r9, 0x0, &(0x7f0000000580))
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)

12m31.680281097s ago: executing program 32 (id=1243):
r0 = socket(0x1d, 0x1, 0x10a0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0xd, 0xc, &(0x7f0000000240)=ANY=[], 0x0, 0x18, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r4}, 0x10)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000300000005"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70800004e9d00047b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000380)='sched_switch\x00', r6}, 0x18)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000c80)={'lo\x00'})
sendmsg$nl_route_sched(r7, &(0x7f0000001200)={0x0, 0x0, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, &(0x7f0000000180)={[{@grpid}, {@mblk_io_submit}, {@nodioread_nolock}, {@test_dummy_encryption}, {@inode_readahead_blks}, {@nodelalloc}, {@minixdf}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x40}}]}, 0x4, 0xbaf, &(0x7f00000017c0)="$eJzs3M1rXFUbAPDn3ny2zftO+vIi1k0jIi2o07SSYotgKxU3LgTdCg3ppIRMP0giNWkWE/0HRF0LbgS1KF3YdTcKbt1o3VpcCEVioyCikTsfSWxmkrSd5Ibk94Mz95w5d+Z5nrlM7j0wNwHsWgPZQxpxICLOJhGF+vNpRHRXe70Rldp+C/OzI7/Pz44ksbj42i9JJBFxd352pPFeSX27rz7ojYhvX0zif++sjjs5PTM+XC6XJurjI1MXLh+ZnJ55ZuzC8PnS+dLFo8efGzo2dHzwxFDbav3jx1M3fnv85Z8qf37617Vf3/84iVPRV59bWUe7DMTA0meyUmdEDLc7WE466vWsrDPpXOdF6SYnBQBAS+mKa7hHohAdsXzxVoivvss1OQAAAKAtFjsiFgEAAIAdLrH+BwAAgB2u8TuAu/OzI42W7y8Sttad0xHRX6t/od5qM51RqW57oysi9t5NYuVtrUntZQ9tICJu/3Dii6zFJt2HvJbKXEQ82uz4J9X6+6t3ca+uP42IwTbEH7hnvN3qf7q7df2n2hA/7/oB2J1unq6dyFaf/9Kl659ocv7rbHLuehB5n/8a138Lq67/luvvaHH99+oGY1z95MMrreay+p+/8dLnjZbFz7YPVdR9uDMX8Vhns/qTpfqTFvWf3WCMwt9XSq3m8q5/8aOIQ9G8/oZk7f9PdGR0rFwarD02jTH3zdBnreLnXX92/Pe2qH+94395gzHeOHPmequ59etPf+5OXq/2uuvPvDU8NTVxNKI7eWX188fqN7S30Nin8R5Z/YefWPv736z+LESl/jlka4G5+jYbv31PzBeuXf1yrfqztV+ex//cAx7/dzcY48mv3zvcam7l+jdrWfzbSW0tDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANaUT0RZIWl/ppWixG7IuI/8fetHxpcuqp0UtvXjyXzUX0R1c6OlYuDUZEoTZOsvHRan95fOye8bMRsT8iPijsqY6LI5fK5/IuHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgCX7IqIvkrQYEWlELBTStFjMOysAAACg7frzTgAAAADYdNb/AAAAsPNZ/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALDJ9h+8eSuJiMrJPdWW6a7PdeWaGbDZ0rwTAHLTkXcCQG46804AyM19rvFdLsAOlKwz39typqftuQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwfR06cPNWEhGVk3uqLdNdn+tq+oqDW5gdsJnSvBMActOx1mTn1uUBbD1fcdi9mq/xgd0kWWe+d3mfyr9nejYtJwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC2n75qS9JiRKTVfpoWixH/iYj+6EpGx8qlwYj4b0R8X+jqycY9eScNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA201Oz4wPl8ulCR0dnXw7yfZIo9bJ+y8TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB5mJyeGR8ul0sTk3lnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAORtcnpmfLhcLk1soHP9fnZe0cm7RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8vNPAAAA///5ZQ4Q")
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000540)={<r9=>0xffffffffffffffff})
accept(r9, 0x0, &(0x7f0000000580))
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)

12m13.978210496s ago: executing program 4 (id=1324):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x4, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f0000000840)=@abs={0x0, 0x0, 0x4e20}, 0x9)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r2}, 0x10)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x9, 0x4, 0x6, 0xfffa}, 0x1d, [0x1, 0xc95a, 0xfffffff3, 0x9, 0x7d, 0x2, 0x3, 0x7f, 0x6, 0x4d, 0x39cc191c, 0x5c, 0x9, 0x3, 0x2, 0x0, 0x8, 0x8b, 0x0, 0x2ab, 0x4, 0x4, 0x4, 0x0, 0x1, 0x1ff, 0x7, 0x1, 0x1f461e2c, 0x7, 0xe671, 0x80000000, 0xb, 0x3, 0x7fff, 0x4c74, 0x80000000, 0x1, 0xffffffff, 0xa, 0x0, 0x71, 0x2, 0xffffffff, 0x3, 0x2, 0x5, 0x3e, 0x8f, 0x6, 0x1, 0x3, 0x80092a3, 0x79, 0x1, 0x20000000, 0x82, 0x0, 0x4, 0x17, 0x8, 0x4, 0x1, 0x40], [0x10000007, 0xffff, 0x12f, 0x6, 0x10, 0xfffffff3, 0x129432e6, 0xcb, 0xf9, 0x6, 0x2bf, 0x5, 0x1000, 0xfffffffc, 0x0, 0x0, 0x7, 0x6, 0x2f, 0xe, 0x312, 0x1, 0x0, 0xfffffffe, 0x8, 0x4, 0x8000, 0x9, 0x3fe, 0x401, 0xfff, 0x4, 0xfb, 0x3, 0x8000, 0x5f31, 0x4, 0x1, 0x2, 0x2, 0x20009, 0x4, 0x9, 0xffff4241, 0x9, 0x6, 0xa, 0xa, 0x1, 0x40009, 0x2, 0x2, 0x7f, 0x9, 0x1, 0x3, 0x9, 0xffffffff, 0x7, 0x400003, 0x9, 0x100, 0x42, 0x6], [0x6, 0x6, 0x81000001, 0x2, 0xff, 0x40000100, 0x8d2, 0x9, 0x5, 0x7fff, 0x0, 0x1, 0xb, 0x4, 0x5, 0x1005, 0x0, 0x1f0, 0xd96, 0x2, 0x86, 0x1, 0x9, 0x3e7, 0x9, 0x1ff, 0x2, 0x2, 0x800, 0x1000008, 0x5, 0x8, 0x7, 0x38, 0x800203, 0x1fe, 0x80, 0x2, 0x8c52, 0x950bfaf, 0x1000, 0xa2, 0x7, 0x53cf697b, 0xfffffff9, 0x6, 0xac8, 0xbf, 0x10002, 0x403, 0x800, 0x3, 0x0, 0x1, 0xffff, 0x0, 0x6, 0x1c, 0x120002, 0x3, 0x6, 0xaaed, 0x4, 0xff], [0x10, 0xbb32, 0x3, 0xb, 0x5, 0x1, 0x7, 0x5, 0x0, 0x3, 0x80ce7, 0x1ff, 0x3, 0x7, 0x0, 0x1001, 0x101, 0x10000, 0x6, 0x7fff, 0xffff, 0xe620, 0x2, 0x2, 0x1, 0x2, 0x14c, 0x60a7, 0x6, 0x4, 0xffffffff, 0x80000000, 0x7, 0x8, 0x600, 0xee1, 0x0, 0xffff, 0x8000, 0x80, 0x100, 0x9602, 0x4, 0x2, 0xffff, 0x6, 0x1, 0x10080, 0x6, 0xfffffffe, 0x30b1d693, 0x5a31, 0xc, 0x7, 0x1, 0x10, 0x0, 0x4, 0x5, 0xb19, 0x1, 0x200, 0xffff3441, 0xfff]}, 0x45c)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_VAPIC_ADDR(r5, 0x4008ae93, &(0x7f0000000040)=0x4)
ioctl$KVM_SET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000140)=@arm64={0x24, 0x2, 0x8c, '\x00', 0x80000001})

12m12.514364074s ago: executing program 4 (id=1330):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', <r3=>0x0})
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[], 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000480)={{r4}, &(0x7f00000001c0), &(0x7f0000000180)='%pK    \x00'}, 0x20)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f00000005c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
ioctl$BINDER_FREEZE(0xffffffffffffffff, 0x400c620e, &(0x7f0000000280)={0x0, 0x1, 0x10000})
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000d8d60b007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4b, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r9}, 0x10)
r10 = creat(&(0x7f0000000080)='./bus\x00', 0x0)
fsetxattr$system_posix_acl(r10, 0x0, 0x0, 0xfe44, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="280000001400090a0000000000000000021f4800", @ANYRES32=r3, @ANYBLOB="08000200e4d4c21e080008004c06"], 0x28}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x1000000, 0x0, {0x0, 0x0, 0x74, r3}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x3000000, &(0x7f0000000080), 0x1, 0x533, &(0x7f0000000b00)="$eJzs3e9rI2kdAPDvTJped7dncyqyHnh3uCe7h26yvXp3VeRuBdFXB+r5fi1tWkrTpjTpuS2H9vCFLwURFfwDfCP4Bwhyf4IIB/peVBTRPX2pO5Jkgv2RNKFNN73084Fpnmcm83y/z9BMZiYPMwFcWS9ExP2IKETESxExl89P8ykOOlPrfR88eme5NSWRZW/9I4kkn9dtq1Wfiogb+WozEfHNr0XcSk/GbeztbyzVatWdvF5pbm5XGnv7d9c3l9aqa9WthYX5VxdfW3xl8V6WO1c/SxHx+lf+8pMf/uKrr//mc9/544O/3fluK98vfaKTd0QsnytAH522i+1t0dXaRjsXEWxMWv0pFsadBQAAw2gdmn80Ij7dPv6fi0L7aA4AAACYJNkbs/GfJCIDAAAAJlYaEbORpOV8LMBspGm53BnD+/G4ntbqjeZnV+u7WyutZRGlKKar67XqvXyscCmKSas+n4+x7dZfPlZfiIhnIuLHc9fa9fJyvbYy7osfAAAAcEXceP7o+f+/59J2GQAAAJgwpb4VAAAAYFI45QcAAIDJ5/wfAAAAJtrX33yzNWXd53ivvL23u1F/++5KtbFR3txdLi/Xd7bLa/X6WvuefZuD2qvV69ufj63dh5VmtdGsNPb2H2zWd7eaD9aPPAIbAAAAeIKeef69PyQRcfDFa+0p8vsADjJ94ZkBl8qfx50AMEqFcScAjM3UuBMAxqY48B32EDDpkgHLTw7e6VwrjN9eTD4AAMDo3f7kyd//u7/tD742AHyYDTPWBwCYLH7dg6ureNYRgDdHnQkwLh/pvDzVb3nfm3cM8ft/5xpDlp0pMQAAYGRm21OSlvPj9NlI03I54un2YwGKyep6rXovPz/4/VzxqVZ9vr1mMnDMMAAAAAAAAAAAAAAAAAAAAAAAAADQkWVJZAAAAMBEi0j/mrTv5h9xe+7F2aNXB4499evnb/304VKzuTMfMZ38c641azoimj/L57+ceSQAAAAAXAKd8/T8dX7c2QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwaT549M5yd3qScf/+5Ygo9Yo/FTPt15koRsT1fyUxdWi9JCIKI4h/8G5E3OwVP4nHWZaV8ix6xb92wfFL7U0zkyX5ew/HTyPixgjiw1X2Xmv/c7/X5y+NF9qvvT//U8c+j2fV3f9N5/XD8bv7v0Kf/c/Th+tp/xjPvv+rSt/470Y8O9WJez+O7n+68ZNO/CSOxb81ZB+//a39/Z4LDjXZa/93OFalubldaezt313fXFqrrlW3FhbmX118bfGVxXuV1fVaNf/bM8yPPvXrx6f1/3qf+KWj/T+x/V8cqvdZ/Pf9h48+1qkUe8W/c6v39+/NPvHT/LvvM3m5tfx2t3zQKR/23C9/99xp/V/p0/+ZAf2/M1T/4wsvfeP7f+q55MTWAACehMbe/sZSrVbdOaUwM8R7hi4URtLOGyPL57IU4nKkMa5C9r3O/+P52jnn6icKWfUHZ199KkaQxvSJz2khztpgEnHQamvIf0gAAGDC/P+gPxl3KgAAAAAAAAAAAAAAAAAAAHBlnfG2ZDMR0ZlTHHw7seMxD8bTVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAU/0vAAD//xluyPE=")
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

12m6.848026432s ago: executing program 4 (id=1338):
socket$packet(0x11, 0x2, 0x300)
socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x1, 0x0)
socket$kcm(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
socket$packet(0x11, 0x2, 0x300)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00', <r1=>0x0})
r2 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="440000001100a7cc4a372eaf541d002007000000", @ANYRES32=r1, @ANYRES16=r2, @ANYRES32=r2], 0x44}}, 0x0)

12m5.906372998s ago: executing program 4 (id=1343):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socket$nl_route(0x10, 0x3, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="1800"/14, @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)

12m4.13905199s ago: executing program 4 (id=1345):
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x87)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write$binfmt_script(r4, &(0x7f0000000440), 0x1000a)
sendfile(r3, r4, &(0x7f0000000000)=0x5, 0x20001)

12m0.218506047s ago: executing program 4 (id=1350):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x4, &(0x7f00000001c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='syzkaller\x00', 0x4, 0x0, 0x0, 0x41100, 0x6, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='kfree\x00', r0, 0x0, 0x3}, 0x18)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000000), 0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000040)={0x50, 0x2, 0x6, 0x3, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x3}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x50}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r5=>r2, {0x4}}, './file0\x00'})
r6 = socket$nl_audit(0x10, 0x3, 0x9)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r6, &(0x7f0000000140)={0xa0002028})
sendmsg$IPSET_CMD_ADD(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000ec0)=ANY=[@ANYBLOB="440000000906010200120000000c0000000000000900020073797a310000000005000100070000001c0007800c00018008000140fffffffe0c000280080001407f000001"], 0x44}, 0x1, 0x0, 0x0, 0x10008086}, 0x4000050)

11m44.305917591s ago: executing program 33 (id=1350):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x4, &(0x7f00000001c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='syzkaller\x00', 0x4, 0x0, 0x0, 0x41100, 0x6, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='kfree\x00', r0, 0x0, 0x3}, 0x18)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000000), 0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000040)={0x50, 0x2, 0x6, 0x3, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x3}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x50}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r5=>r2, {0x4}}, './file0\x00'})
r6 = socket$nl_audit(0x10, 0x3, 0x9)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r6, &(0x7f0000000140)={0xa0002028})
sendmsg$IPSET_CMD_ADD(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000ec0)=ANY=[@ANYBLOB="440000000906010200120000000c0000000000000900020073797a310000000005000100070000001c0007800c00018008000140fffffffe0c000280080001407f000001"], 0x44}, 0x1, 0x0, 0x0, 0x10008086}, 0x4000050)

20.673159002s ago: executing program 0 (id=2788):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x6)
ioctl$BTRFS_IOC_SUBVOL_GETFLAGS(r0, 0x80089419, 0x0)
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x3000046, &(0x7f00000004c0)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@usrquota}, {@data_err_ignore}, {@resuid}, {@oldalloc}, {@prjquota}, {@grpjquota}, {@grpquota}, {@bh}, {@noinit_itable}]}, 0x1, 0x55a, &(0x7f0000000cc0)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++FK56U2XrUmTddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG+3er9q7PZksTa2qd/JY3tsnrztZrP259XXoqI376KOF7Y3G5teWWhVC6ni3l9sl65NFlbXjlxoVKaT+fTi9MzM6fenpl+7913+hbrG2f/+f6T2x+e+vro6ne/3D10M4nTcSBf1xrHE7jWWpmIifw9GYvTj2w41YfGdpJk0DvAtozkeT4WWR9wMEbyrO9s7RntGfC0fZllNDCkEvkPQ6o5Dmhe2/fpOvi5ce+D9QugzfGPrn82Ensa10b7VpOHroyy693xPrSftfHrn7duZkv073MIgK6uXY+Ik6Ojm/u/JO//tu9kD9s82ob+D56d29n4581245/Cxvgn2ox/9rfJ3e3onv+Fu31opqNs/Pd+2/HvxqTV+Ehee6Ex5htLzl8op1nf9mJEHIux3Vl9q/mcU6t3On5o3jr+y5as/eZYMN+Pu6O7H37OXKleepKYW927HvFK2/FvsnH8kzbHP3s/zvbYxpH01mud1nWP/+la+yni9bbH/8GMVrL1/ORk43yYbJ4Vm/1948jvndofdPzZ8d+3dfzjSet8be3x2/hxz79pp3UPxR+9n/+7ks8a5V35Y1dK9friVMSu5OPNj08/eG6z3tw+i//Y0a37v3bn/96I+LzH+G8c/vnVnuIf0PGfe6zj//iFOx998UOn9nvr/95qlI7lj/TS//W6g0/y3gEAAAAAAMBOU4iIA5EUihvlQqFYXL+/43DsK5Srtfrx89Wli3PR+K7seIwVmjPdB1vuh5jK74dt1qcfqc9ExKGI+HZkb6NenK2W5wYdPAAAAAAAAAAAAAAAAAAAAOwQ+zt8/z/zx8ig9w546rr95Dfw/9U1//vxS0/AjuT/Pwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/7D8JL/AAAAAAAAAAAAAAAAAAAAAAAAAAAA0Fdnz5zJlrXV+1dns/rc5eWlherlE3NpbaFYWZotzlYXLxXnq9X5clqcrVa6vV65Wr00NR1LVybraa0+WVteOVepLl2sn7tQKc2n59KxZxIVAAAAAAAAAAAAAAAAAAAAPF9qyysLpXI5XVRQ2FZhdGfshkKfC4PumQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADggf8CAAD//zVXOLA=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000300)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00"/11], 0x48)
socket$inet_tcp(0x2, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000017850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'vxcan1\x00'})
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000c80)={'lo\x00', <r7=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000020c0)={@remote, 0x80, r7})
ioctl$sock_inet6_SIOCDIFADDR(r6, 0x8936, &(0x7f0000000140)={@loopback, 0x80, r7})

19.310482392s ago: executing program 0 (id=2795):
mount$bpf(0x200000000000, &(0x7f0000000440)='./file0/../file0\x00', 0x0, 0x989046, 0x0)
mount$bpf(0x200000000000, &(0x7f0000000440)='./file0/../file0\x00', 0x0, 0x989046, 0x0)
mount$bpf(0x200000000000, &(0x7f0000000440)='./file0/../file0\x00', 0x0, 0x989046, 0x0)
mount$bpf(0x0, &(0x7f0000000440)='./file0/../file0\x00', 0x0, 0x200020, 0x0)

19.08130547s ago: executing program 0 (id=2797):
pipe2$9p(0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x16, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f00000001c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee3, 0x8031, 0xffffffffffffffff, 0xffffd000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, 0x0, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000480), r4)
sendmsg$IEEE802154_LLSEC_LIST_SECLEVEL(r4, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000001c0)={0x14, r5, 0x72b}, 0x14}, 0x1, 0x0, 0x0, 0x1}, 0x0)

18.073078812s ago: executing program 0 (id=2799):
mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b)
mount$bpf(0x200000000000, &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x989046, 0x0)
mount$bpf(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x3a84821, 0x0)
mount$bpf(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x1032025, 0x0)

17.759638717s ago: executing program 0 (id=2800):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f00000002c0)={[{@noauto_da_alloc}, {@jqfmt_vfsold}, {@noquota}, {@norecovery}, {}]}, 0x1, 0x4be, &(0x7f0000000540)="$eJzs3ctrW1caAPBPUvyMZ/KYYUgyMAlkIPMglh8MsWdmM6uZWQSGCXTTQuraiutatowlp7EJ1Gl3WXRRWlooXXRZ6D/QbppVQ6F03e5LFiWlTV1oCwUVXUmO/JArGjsC398PbnTuOTf6zrH4jq+OrnUDSK1ztX8yEUMR8UlEHKvvbj3gXP1h48HN6dqWiWr1yleZ5LjafvPQ5v87GhHrEdEfEf//d8QzmZ1xy6tr81PFYmG5sZ+vLCzly6trF+cWpmYLs4XF0YlLk5MTI+Njk/s21tsvP3f78vv/7X33u5fu333lww9q3RpqtLWOYz/Vh94TJ1rqjkTEPw8iWBfkGuMZ6HZH+EVqr99vIuJ8kv/HIpe8mkAaVKvV6o/VvnbN61Xg0Mom58CZ7HBE1MvZ7PBw/Rz+tzGYLZbKlb9eK60sztTPlY9HT/baXLEw0nivcDx6MrX90aT8cH9s2/54RHIO/GpuINkfni4VZx7vVAdsc3Rb/n+bq+c/kBLe8kN6yX9IL/kP6SX/Ib3kP6SX/If0kv+QXvIf0kv+Q3rJf0gv+Q+p9L/Ll2tbtfn37zPXV1fmS9cvzhTK88MLK9PD06XlGJ4t9b3X2fMVS6Wl0b/Fyo18pVCu5Mura1cXSiuLlatzC1OzvVHoOeDxAJ07cfbOZ5mIWP/7QLLV9Dba5CocbtUX6t8BAKRPrtsTENA1lv4gvbzHB3b5it4t+ts1LD1S1J8LCxygbLc7AHTNhdM+/4O0sv4P6WX9H9Jr6zm+swFIo+6s/wPdZP0f0muo5f4/mZb7f/2q5d5dIxHx64j4NNfT17zXF3AYZL/INHL/wrE/Dm1v7c18nywK9EbE829eef3GVKWyPFqr/3qzvvJGvb63G90HOpbk71jj0S9yAEi1jQc3p5vbZuXxg4/75b/qFyHsjH+ksTbZn3xGObiR2XKtQmafrl1YvxURp3aLn2nc77z+ycfgRm5H/JONx0z9KZL+Hknum/4o8e+902n80y3x/9AS/8wj/1QgHe7U5p+R3fI/m+R0bObf1vlnaJ+uj24//2U3579cm/nvbIcxnn3rxXtt49+KOLNr/Ga8/iTW9vi1vl3oMP79p574Xbu26tv159ktflOtlK8sLOXLq2sX5xamZguzhcXRiUuTkxMj42OT+WSNOt9cqd7pH6c+vrvX+AfbxN9r/LW6P3c4/h9+/9GT5/aI/6fzu7/+J/eIPxARf+kw/jdjnz/drq0Wf6bN+LPb47cs8NXqxjuMX37tP30dHgoAPAbl1bX5qWKxsKygoKCwWej2zAQctIdJ3+2eAAAAAAAAAAAAAJ16HJcTd3uMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACHwU8BAAD//zAx0oQ=")
openat(0xffffffffffffff9c, 0x0, 0x82, 0x160)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x22000406, &(0x7f00000003c0)={[{@dioread_nolock}, {@minixdf}, {@grpjquota_path={'grpjquota', 0x3d, './file0'}}, {@usrjquota}, {@grpquota}, {@grpjquota, 0x2e}, {@nomblk_io_submit}, {@errors_remount}, {@jqfmt_vfsv0}, {@delalloc}], [], 0x2c}, 0x86, 0x4ac, &(0x7f0000000740)="$eJzs3MtvG8UfAPDvbh59N2l//QF9QA0FUVFImrRADxwKAqkXJCQ4lGNIQ1WatqgJEq0qGhAqR8RfAByRkDhx4QQSQsCJxxXuCKlCvbRwQEFr7ybrxE4d52GoPx/JzszurGe+uzv2eCfrALpWJXtKIrZGxC8RMVDL1heo1P7cunFl/M8bV8aTmJ198Y+kWu7mjSvjRdFiuy155qfLEem7SextUO/UpctnxyYnJy7m+eHpc68PT126/NiZc2OnJ05PnB89duzokZEnnxh9fFXizOK6ueetC/t2n3j5g+fHZ+OV7z7N2rs1X1+Oo2ZwxXVWohKzufml/dXnh1b86v8u20rppLeDDWFZeiIiO1x91f4/ED0xf/AG4rl35jJfd6iBwJrJPpt2LFrak/9N5z6/gDtRoo9Dlyo+8bPvv8VjPccfnXb96ex5ohr/rfxRW9MbafZddrD2jb2nyfbHV1j/1og4OfPXh9kjGl6HAABYXV9m459HG43/0rirVG57PocyGBGHImJnRPwvInZFxP8jqmXvjoh7lll/ZUF+8fjnx01tBdaibPz3VD63VT/+S/MSyVxuWzX+vuTVM5MTh/N9cjD6NmT5kSXq+OrZn99vtq5SGv9lj6z+YiyYt+P33g3125wamx5bQch1rr8dsae3UfzJ3ExAtgd2R8SeNl4/22dnHvlkX5bevmXx+tvHv4RVmGea/Tji4drxn4kF8ReSWk3N5ieHN8bkxOHh4qxY7Psfrr1QzveV0nXxb2wtpo3tBttAdvw3Nzz/8/iLblDM104tv45rv77X9DvN4uOfxMmZcon8/C+9C2Tnf3/yUjXdny97c2x6+uJIRH++oG756Py2Rb4on8V/8EDj/r8z4u+P8u32RkR2Et8bEfdFxP687fdHxAMRcWCJ+L995sHXlt5DbZ7/qyCL/9RSxz9iMCnP17eR6Dn7zRfN6m/t/e9oNXUwX9LK+1+rDVzJvgMAAID/irQ6B52kQ0W6dHFqV2xOJy9MTR+qxBvnT9XmqgejLy2udA2UroeO5NeGi/zogvyRiNhR/U+jTdX80PiFyW2dDByo3qtT1/8jTYeGaut+a/ZPL8CdY1nzaOW7Az/7fPUbA6wr92tC99L/oXvp/9C99H/oXo36/9WIWx1oCrDOfP5D99L/oXvp/9C99H/oSotviS9+aKGdO/3nEztPrGjzNU/MDqzJK88sf6ueNYo0yj/a0TSRRER7VUS6dJn+FmrvWCK9bZnjbe6WZST254kNEdHqVlfXba929n0JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgtfwTAAD//+8W3h0=")
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000300)={@mcast2, 0x0, 0x0, 0xff, 0x3, 0x0, 0xfffc}, 0x20)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x75b08000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18)
r4 = dup(r0)
setsockopt$IPT_SO_SET_REPLACE(r4, 0x4000000000000, 0x40, &(0x7f0000000880)=@raw={'raw\x00', 0xe501, 0x3, 0x338, 0x1a0, 0x6affffff, 0x3403000b, 0x0, 0x7, 0x2a0, 0x230, 0x230, 0x2a0, 0x223, 0x3, 0x0, {[{{@uncond, 0x0, 0x180, 0x1a0, 0x0, {}, [@common=@unspec=@conntrack3={{0xc8}, {{@ipv4, [], @ipv6=@private2, [], @ipv6=@dev, [], @ipv6=@empty}}}, @common=@unspec=@helper={{0x48}, {0x0, 'ftp-20000\x00'}}]}, @unspec=@NOTRACK={0x20}}, {{@ip={@multicast1, @multicast2, 0x0, 0x0, 'veth1_to_batadv\x00', 'batadv0\x00'}, 0x0, 0x98, 0x100, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'syz1\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x398)

15.419938216s ago: executing program 0 (id=2805):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x18)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x8, &(0x7f0000000080)={[{@sb={'sb', 0x3d, 0x1}}, {@quota}]}, 0x2, 0x53a, &(0x7f0000000c80)="$eJzs3c9vI1cdAPDvOPHmR7NNCj0AArqUwoJW6yTeNqp6YXsBoaoSouLEYRsSN4pir6PYK5qwh+yReyVW4gT8B9w4IPXEgRs3kDj0Ug5IC6xADRIHoxlPEjexE7dJ7ST+fKTJzHszO9/34n3veV5kvwBG1o2I2I2IaxHxdkTM5vlJvsXd9pZe99HThyt7Tx+uJNFqvfXPJDuf5kXHv0k9k99zMiJ++L2InyTH4za2dzaWq9XKVp6eb9Y25xvbO7fXC3lOeWlxaeHVO6+Uz62uL9R+++S762/86Pe/+8qHf9r99s/SYs38/Hp2rrMeh4pnjpnk95npyBuPiDfOfOeLYzz//8Plk7a2z0XEi1n7n42x7NUEAK6yVms2WrOdaQDgqkuf/2ciKZTyuYCZKBRKpfYc3vMxXajWG81bs/UH91cjm8Oai2LhnfVqZSGfK5yLYpKmF7Pjw3T5Y+n3Knci4rmIeG9iKjtfWqlXV4f5xgcARtgzR8b//0y0x/9OZ/8rGABw4UwOuwAAwMB1jP9zwywHADA4nv8BYPR8gvHfpwMB4Irw/A8Ao8f4DwCj59Tx/9FgygEADMQP3nwz3Vp77e+/3v+m7turlcZGqfZgpbRS39osrdXra9VKaaXVOu1+1Xp9c/Hlg2Rje+derf7gfvPeem15rXKv4rsEAGD4nnvh/b+kg/7ua1PZFh1rORir4WorDLsAwNCMDbsAwND4PA+Mrj6e8U0DwBXXZYnetnyCIOl1wWOLv8JldfOL5v9hVJ1l/t/cAVxun27+/zvnXg5g8IzhMLparcSa/wAwYszxAz3//p/r+RUhj/u4+d1PXh4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4DGayLSmUsrXAd9OfhVIp4npEzEUxeWe9WlmIiGcj4s8TxYk0vTjsQgMAZ1T4e5Kv/3Vz9qWZo2evJf+dyPYR8dNfvvWLd5ebza3FNP9fB/nNx2n+VHOrfG0YFQAAOu2vu/nBYVY2fpfzfceD/EdPH67sb4Ms4pPXI2JyKou/l2/tM+Mxnu0noxgR0/9O8nRb+n5l7Bzi7z6KiC/s138y3u2IMJPNgbRXPj0aP419/dzjd/7+j8YvfKy+hexcui9mv4vPx5HCAad6//V2P5m3vbSJ5+2vEDeyfff2P5n1UGeX9n9pc9071v8VDvq/sWPxk6zN3zhIn1ySJy//4fvHMluz7XOPIr403i1+chA/6d7/Fl/qs44ffPmrL/Y61/pVxM2u9d9fkbqWdbPzzdrmfGN75/Z6bXmtsla5Xy4vLS4tvHrnlfJ8Nkfd/vnHbjH+8dqtZ3vFT+s/3SP+5Mn1j2/0Wf9f/+/tH3/thPjf+nr31//5E+KnY+I3+4y/PH235/LdafzVHvU/5fWPW33G//BvO6t9XgoADEBje2djuVqtbJ1ykL7XPO0aB/0fpM/2F6AY2UHsRpzXDbNJiYjoek36jvpiVPmzOkiGFv03533DYfdMwGftsNH3vuavgywQAAAAAAAAAAAAAABwTGN7Z2Oi+6e1zu1g2HUEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg6vp/AAAA//9W1cZQ")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0b000000080000000200000004000000050000", @ANYRES32, @ANYBLOB="00000400040000001ebc992d9d6d09fd0000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
chdir(0x0)
chown(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
syz_usb_connect(0x0, 0x2d, 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
r5 = openat$uhid(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
write$UHID_INPUT(r5, &(0x7f00000039c0)={0xc, {"a2e3ad214fc752f91b25060987f70e06d038e7ff7fc6e5539b325d078b089b3b08386e090890e0878f0e1ac6e7049b334d959b429a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31303b305d0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b70490bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c0428918246d9e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ea03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff13d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1ccab2689bee59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae23034202210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ecdf5e08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006)
rmdir(&(0x7f0000000080)='./cgroup/../file0\x00')
r6 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r6, 0x6, 0x0, 0x0, 0x0)
r7 = fsmount(r6, 0x0, 0x0)
r8 = openat$cgroup_subtree(r7, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_subtree(r8, &(0x7f0000000980)={[{0x2d, 'pids'}]}, 0x1f)

3.959914161s ago: executing program 5 (id=2855):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xb2570000)
ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, &(0x7f0000000580)={0x0, 0x1, 0x0, 0xa527})
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x2000000}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000001c0)='sched_switch\x00', r2}, 0xe)
sendmsg$sock(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000180), 0x2, 0x0, 0xff31}, 0x8800)
chdir(&(0x7f0000000080)='./file0\x00')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0}, 0x18)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = openat$cgroup_int(r3, &(0x7f00000000c0)='cpuset.sched_relax_domain_level\x00', 0x2, 0x0)
write$cgroup_int(r4, &(0x7f0000000100), 0x12)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000080)={0x1b, 0x0, 0x0, 0xfff, 0x0, 0xffffffffffffffff, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x3}, 0x50)
syz_open_procfs(0x0, &(0x7f0000000000)='net/xfrm_stat\x00')
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000440)={'syztnl1\x00', &(0x7f00000003c0)={'ip6_vti0\x00', 0x0, 0x2f, 0xff, 0x4, 0xa21, 0x18, @ipv4={'\x00', '\xff\xff', @local}, @private0={0xfc, 0x0, '\x00', 0x1}, 0x80, 0x80, 0x5}})
bpf$OBJ_GET_MAP(0x7, 0x0, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)

3.554145944s ago: executing program 5 (id=2858):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1})
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, 0x0, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETOFFLOAD(r1, 0x400454c9, 0xba98575a95aeb70d)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r2)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140))
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
close(0x3)
close(0x4)

3.383825827s ago: executing program 3 (id=2859):
r0 = socket(0x1d, 0x1, 0x10a0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0xd, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x18, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800004e9d00047b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$inet6_udp(0xa, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, &(0x7f0000000180)={[{@grpid}, {@mblk_io_submit}, {@nodioread_nolock}, {@test_dummy_encryption}, {@inode_readahead_blks}, {@nodelalloc}, {@minixdf}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x40}}]}, 0x4, 0xbaf, &(0x7f00000017c0)="$eJzs3M1rXFUbAPDn3ny2zftO+vIi1k0jIi2o07SSYotgKxU3LgTdCg3ppIRMP0giNWkWE/0HRF0LbgS1KF3YdTcKbt1o3VpcCEVioyCikTsfSWxmkrSd5Ibk94Mz95w5d+Z5nrlM7j0wNwHsWgPZQxpxICLOJhGF+vNpRHRXe70Rldp+C/OzI7/Pz44ksbj42i9JJBFxd352pPFeSX27rz7ojYhvX0zif++sjjs5PTM+XC6XJurjI1MXLh+ZnJ55ZuzC8PnS+dLFo8efGzo2dHzwxFDbav3jx1M3fnv85Z8qf37617Vf3/84iVPRV59bWUe7DMTA0meyUmdEDLc7WE466vWsrDPpXOdF6SYnBQBAS+mKa7hHohAdsXzxVoivvss1OQAAAKAtFjsiFgEAAIAdLrH+BwAAgB2u8TuAu/OzI42W7y8Sttad0xHRX6t/od5qM51RqW57oysi9t5NYuVtrUntZQ9tICJu/3Dii6zFJt2HvJbKXEQ82uz4J9X6+6t3ca+uP42IwTbEH7hnvN3qf7q7df2n2hA/7/oB2J1unq6dyFaf/9Kl659ocv7rbHLuehB5n/8a138Lq67/luvvaHH99+oGY1z95MMrreay+p+/8dLnjZbFz7YPVdR9uDMX8Vhns/qTpfqTFvWf3WCMwt9XSq3m8q5/8aOIQ9G8/oZk7f9PdGR0rFwarD02jTH3zdBnreLnXX92/Pe2qH+94395gzHeOHPmequ59etPf+5OXq/2uuvPvDU8NTVxNKI7eWX188fqN7S30Nin8R5Z/YefWPv736z+LESl/jlka4G5+jYbv31PzBeuXf1yrfqztV+ex//cAx7/dzcY48mv3zvcam7l+jdrWfzbSW0tDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANaUT0RZIWl/ppWixG7IuI/8fetHxpcuqp0UtvXjyXzUX0R1c6OlYuDUZEoTZOsvHRan95fOye8bMRsT8iPijsqY6LI5fK5/IuHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgCX7IqIvkrQYEWlELBTStFjMOysAAACg7frzTgAAAADYdNb/AAAAsPNZ/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALDJ9h+8eSuJiMrJPdWW6a7PdeWaGbDZ0rwTAHLTkXcCQG46804AyM19rvFdLsAOlKwz39typqftuQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwfR06cPNWEhGVk3uqLdNdn+tq+oqDW5gdsJnSvBMActOx1mTn1uUBbD1fcdi9mq/xgd0kWWe+d3mfyr9nejYtJwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC2n75qS9JiRKTVfpoWixH/iYj+6EpGx8qlwYj4b0R8X+jqycY9eScNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA201Oz4wPl8ulCR0dnXw7yfZIo9bJ+y8TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB5mJyeGR8ul0sTk3lnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAORtcnpmfLhcLk1soHP9fnZe0cm7RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8vNPAAAA///5ZQ4Q")
write$binfmt_format(0xffffffffffffffff, &(0x7f0000000000)='1\x00', 0x2400)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)

2.60675387s ago: executing program 1 (id=2860):
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000500)=ANY=[@ANYBLOB="4c00000044000701fc00000000000000000004802c000000", @ANYRESDEC], 0x4c}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000500)=ANY=[@ANYBLOB="1c0000002d00090027bd7000000000000600000008000a"], 0x1c}}, 0x84)

2.555690384s ago: executing program 5 (id=2861):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)={{0x14, 0x10, 0x4}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7, 0x0, 0xffff}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}]}, @NFT_MSG_NEWSETELEM={0x74, 0xc, 0xa, 0x301, 0x0, 0x0, {0x7, 0x0, 0x9}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x48, 0x3, 0x0, 0x1, [{0x44, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_EXPRESSIONS={0x38, 0xb, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @limit={{0xa}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_LIMIT_UNIT={0xc, 0x2, 0x1, 0x0, 0x8}, @NFTA_LIMIT_RATE={0xc, 0x1, 0x1, 0x0, 0x3}, @NFTA_LIMIT_BURST={0x8}]}}}]}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xf8}}, 0x0)

2.424653094s ago: executing program 3 (id=2862):
syz_open_dev$tty20(0xc, 0x4, 0x1)
socket$unix(0x1, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000005700)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000005680), &(0x7f00000056c0)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x1b, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000004}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x1e8629867d7bdaee, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$TIPC_NL_MON_SET(r6, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x14, r7, 0x1, 0x0, 0x25dfdbfe}, 0x14}}, 0x200000c0)
connect$unix(0xffffffffffffffff, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
sendmmsg(0xffffffffffffffff, &(0x7f0000002dc0), 0x307017fdb7a66cb, 0x3ec0)

2.417904356s ago: executing program 1 (id=2863):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x5, 0x2, 0x4}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r0}, &(0x7f0000000000), &(0x7f0000000080)}, 0x20)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000dc0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001c40)={0x14, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000001000000850000008600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000180)=ANY=[], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f00000000c0)=r4, 0x4)
sendmsg$unix(r3, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x0)

2.339981361s ago: executing program 5 (id=2864):
r0 = socket$kcm(0x11, 0x200000000000002, 0x300)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000c40)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
close(r2)
recvmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r3=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r0, 0x107, 0x12, &(0x7f0000000340)=r3, 0x4)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
close(r5)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff0000000002000000090001"], 0x7c}}, 0x0)
recvmsg$unix(r4, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r6=>0xffffffffffffffff]}}], 0x18}, 0x0)
setsockopt$sock_attach_bpf(r0, 0x107, 0x12, &(0x7f0000000440)=r6, 0x4)

2.202631963s ago: executing program 1 (id=2865):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r0, 0x0, 0x10, 0x38, &(0x7f00000006c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000700)=""/8, 0x60ff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

2.189932264s ago: executing program 5 (id=2866):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xb2570000)
ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, &(0x7f0000000580)={0x0, 0x1, 0x0, 0xa527})
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x2000000}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000001c0)='sched_switch\x00', r2}, 0xe)
sendmsg$sock(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000180), 0x2, 0x0, 0xff31}, 0x8800)
chdir(&(0x7f0000000080)='./file0\x00')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0}, 0x18)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = openat$cgroup_int(r3, &(0x7f00000000c0)='cpuset.sched_relax_domain_level\x00', 0x2, 0x0)
write$cgroup_int(r4, &(0x7f0000000100), 0x12)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000080)={0x1b, 0x0, 0x0, 0xfff, 0x0, 0xffffffffffffffff, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x3}, 0x50)
syz_open_procfs(0x0, &(0x7f0000000000)='net/xfrm_stat\x00')
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000440)={'syztnl1\x00', &(0x7f00000003c0)={'ip6_vti0\x00', 0x0, 0x2f, 0xff, 0x4, 0xa21, 0x18, @ipv4={'\x00', '\xff\xff', @local}, @private0={0xfc, 0x0, '\x00', 0x1}, 0x80, 0x80, 0x5}})
bpf$OBJ_GET_MAP(0x7, 0x0, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)

1.848001441s ago: executing program 1 (id=2867):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000900)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a2c000000060a0b040000000000000000020000000900010073797a30000000000900020073797a320000000014000000110001"], 0x54}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000580)={{0x14}, [@NFT_MSG_DELRULE={0x38, 0x6, 0xa, 0xe01, 0x0, 0x0, {0x2}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_POSITION={0xc, 0x6, 0x1, 0x0, 0x2}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x5}}}, 0x60}, 0x1, 0x0, 0x0, 0x20040804}, 0x0)

1.653722197s ago: executing program 1 (id=2868):
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000640)='./bus\x00', 0x0, &(0x7f0000000440)=ANY=[], 0x1, 0x1268, &(0x7f0000002500)="$eJzs3U9rI2UcB/Bf2vTv2qbquroL4oNeFCFue/DkpcguiAWl2gUVhFmbamialCYUIuLWkyfBlyHq0ZsgvoFevHgWBJFePO5BHGmT1aZJu7ptU5HP5zIPzzzfeWYyzMCE+TF7L32+sb7WLK9lrRgpFKK4ORbFuylSjMRodOzEc7d+/OnJN956+9XFpaUbyyndXHxz/sWU0uxT373z0ddPf9+6dOub2W8nYnfu3b3fFn7evbJ7de+Pr6LaTNVmqjdaKUu3G41WdrtWSavV5no5pddrlaxZSdV6s7LVs36t1tjcbKesvjozvblVaTZTVm+n9Uo7tQqptdVO2ftZtZ7K5XKamQ5OY+XLu3meR+T5WIxHnuf5VEzHpXgoZmI2SjEXD8cj8WhcjsfiSjweT8TVg1EXvd8AAAAAAAAAAAAAAAAAAADw/3Kf+v+C+n8AAAAAAAAAAAAAAAAAAAA4f0fr/4sRvv8PAAAAAAAAAAAAAAAAAAAAQ3af7/8fqf9/Xv0/AAAAAAAAAAAAAAAAAAAAnIfJzmI5pcmIjU+3V7ZXOstO/+JaVKMWlbgepfg9Dqr/Ozrtm68s3bieDszFCxt3uvk72yujvfn5sVLMFQbm5zv51JufiOnD+YUoxeXB8y8MzE/Gs8/s5z/p5MtRih/ei0bUYjWi0D36g/zH8ym9/NrSVG/+2v64Y42e82kBAACAs1ROf+l/ft/pDhq4vrOq+3yeuiMLJ/w/cOT5vBjXihd11NzTbH+4ntVqla0HbIwfv53x0225r1GIiCwO98xO/7K8P/mZTfGgjdGhTjp28phTnNMo/gd+zDNo/PrFoZ7JGO7sI91LIqvt3z//WSp28vxcd2zgxThxUur4e0ZhCPclhuPvk37RewIAAAAAAAAAAMC/MfDtv6mI6Hsf8IO+nnuvh/fG+7d8/OyfDeEIAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/mQHjgUAAAAAhPlbp9GxAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFcBAAD///ME0UM=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000540)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbee7, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000001000000850000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000001c0)='sched_switch\x00', r4}, 0x18)
unlink(&(0x7f0000000000)='./file1\x00')

1.643683948s ago: executing program 3 (id=2869):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DEL(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="e00000000a06010100000000000000000300000908000940800000010900020073797a31000000000500010007000000080009400000000588000880"], 0x13a}, 0x1, 0x0, 0x0, 0x4800}, 0x48080)

1.534975117s ago: executing program 5 (id=2870):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1})
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, 0x0, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETOFFLOAD(r1, 0x400454c9, 0xba98575a95aeb70d)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r2)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140))
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
close(0x3)
close(0x4)

1.307838045s ago: executing program 3 (id=2871):
r0 = socket(0x1d, 0x1, 0x10a0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0xd, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x18, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800004e9d00047b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$inet6_udp(0xa, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, &(0x7f0000000180)={[{@grpid}, {@mblk_io_submit}, {@nodioread_nolock}, {@test_dummy_encryption}, {@inode_readahead_blks}, {@nodelalloc}, {@minixdf}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x40}}]}, 0x4, 0xbaf, &(0x7f00000017c0)="$eJzs3M1rXFUbAPDn3ny2zftO+vIi1k0jIi2o07SSYotgKxU3LgTdCg3ppIRMP0giNWkWE/0HRF0LbgS1KF3YdTcKbt1o3VpcCEVioyCikTsfSWxmkrSd5Ibk94Mz95w5d+Z5nrlM7j0wNwHsWgPZQxpxICLOJhGF+vNpRHRXe70Rldp+C/OzI7/Pz44ksbj42i9JJBFxd352pPFeSX27rz7ojYhvX0zif++sjjs5PTM+XC6XJurjI1MXLh+ZnJ55ZuzC8PnS+dLFo8efGzo2dHzwxFDbav3jx1M3fnv85Z8qf37617Vf3/84iVPRV59bWUe7DMTA0meyUmdEDLc7WE466vWsrDPpXOdF6SYnBQBAS+mKa7hHohAdsXzxVoivvss1OQAAAKAtFjsiFgEAAIAdLrH+BwAAgB2u8TuAu/OzI42W7y8Sttad0xHRX6t/od5qM51RqW57oysi9t5NYuVtrUntZQ9tICJu/3Dii6zFJt2HvJbKXEQ82uz4J9X6+6t3ca+uP42IwTbEH7hnvN3qf7q7df2n2hA/7/oB2J1unq6dyFaf/9Kl659ocv7rbHLuehB5n/8a138Lq67/luvvaHH99+oGY1z95MMrreay+p+/8dLnjZbFz7YPVdR9uDMX8Vhns/qTpfqTFvWf3WCMwt9XSq3m8q5/8aOIQ9G8/oZk7f9PdGR0rFwarD02jTH3zdBnreLnXX92/Pe2qH+94395gzHeOHPmequ59etPf+5OXq/2uuvPvDU8NTVxNKI7eWX188fqN7S30Nin8R5Z/YefWPv736z+LESl/jlka4G5+jYbv31PzBeuXf1yrfqztV+ex//cAx7/dzcY48mv3zvcam7l+jdrWfzbSW0tDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANaUT0RZIWl/ppWixG7IuI/8fetHxpcuqp0UtvXjyXzUX0R1c6OlYuDUZEoTZOsvHRan95fOye8bMRsT8iPijsqY6LI5fK5/IuHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgCX7IqIvkrQYEWlELBTStFjMOysAAACg7frzTgAAAADYdNb/AAAAsPNZ/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALDJ9h+8eSuJiMrJPdWW6a7PdeWaGbDZ0rwTAHLTkXcCQG46804AyM19rvFdLsAOlKwz39typqftuQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwfR06cPNWEhGVk3uqLdNdn+tq+oqDW5gdsJnSvBMActOx1mTn1uUBbD1fcdi9mq/xgd0kWWe+d3mfyr9nejYtJwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC2n75qS9JiRKTVfpoWixH/iYj+6EpGx8qlwYj4b0R8X+jqycY9eScNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA201Oz4wPl8ulCR0dnXw7yfZIo9bJ+y8TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB5mJyeGR8ul0sTk3lnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAORtcnpmfLhcLk1soHP9fnZe0cm7RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8vNPAAAA///5ZQ4Q")
write$binfmt_format(0xffffffffffffffff, &(0x7f0000000000)='1\x00', 0x2400)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)

337.976783ms ago: executing program 3 (id=2872):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, 0x0, 0x0)

159.351767ms ago: executing program 1 (id=2873):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', <r3=>0x0})
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[], 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r4, 0x2, &(0x7f00000005c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
ioctl$BINDER_FREEZE(0xffffffffffffffff, 0x400c620e, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000d8d60b007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4b, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r8}, 0x10)
r9 = creat(&(0x7f0000000080)='./bus\x00', 0x0)
fsetxattr$system_posix_acl(r9, 0x0, 0x0, 0xfe44, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="280000001400090a0000000000000000021f", @ANYRES32=r3, @ANYBLOB="08000200e4d4c21e080008004c06"], 0x28}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x1000000, 0x0, {0x0, 0x0, 0x74, r3}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x3000000, &(0x7f0000000080), 0x1, 0x533, &(0x7f0000000b00)="$eJzs3e9rI2kdAPDvTJped7dncyqyHnh3uCe7h26yvXp3VeRuBdFXB+r5fi1tWkrTpjTpuS2H9vCFLwURFfwDfCP4Bwhyf4IIB/peVBTRPX2pO5Jkgv2RNKFNN73084Fpnmcm83y/z9BMZiYPMwFcWS9ExP2IKETESxExl89P8ykOOlPrfR88eme5NSWRZW/9I4kkn9dtq1Wfiogb+WozEfHNr0XcSk/GbeztbyzVatWdvF5pbm5XGnv7d9c3l9aqa9WthYX5VxdfW3xl8V6WO1c/SxHx+lf+8pMf/uKrr//mc9/544O/3fluK98vfaKTd0QsnytAH522i+1t0dXaRjsXEWxMWv0pFsadBQAAw2gdmn80Ij7dPv6fi0L7aA4AAACYJNkbs/GfJCIDAAAAJlYaEbORpOV8LMBspGm53BnD+/G4ntbqjeZnV+u7WyutZRGlKKar67XqvXyscCmKSas+n4+x7dZfPlZfiIhnIuLHc9fa9fJyvbYy7osfAAAAcEXceP7o+f+/59J2GQAAAJgwpb4VAAAAYFI45QcAAIDJ5/wfAAAAJtrX33yzNWXd53ivvL23u1F/++5KtbFR3txdLi/Xd7bLa/X6WvuefZuD2qvV69ufj63dh5VmtdGsNPb2H2zWd7eaD9aPPAIbAAAAeIKeef69PyQRcfDFa+0p8vsADjJ94ZkBl8qfx50AMEqFcScAjM3UuBMAxqY48B32EDDpkgHLTw7e6VwrjN9eTD4AAMDo3f7kyd//u7/tD742AHyYDTPWBwCYLH7dg6ureNYRgDdHnQkwLh/pvDzVb3nfm3cM8ft/5xpDlp0pMQAAYGRm21OSlvPj9NlI03I54un2YwGKyep6rXovPz/4/VzxqVZ9vr1mMnDMMAAAAAAAAAAAAAAAAAAAAAAAAADQkWVJZAAAAMBEi0j/mrTv5h9xe+7F2aNXB4499evnb/304VKzuTMfMZ38c641azoimj/L57+ceSQAAAAAXAKd8/T8dX7c2QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwaT549M5yd3qScf/+5Ygo9Yo/FTPt15koRsT1fyUxdWi9JCIKI4h/8G5E3OwVP4nHWZaV8ix6xb92wfFL7U0zkyX5ew/HTyPixgjiw1X2Xmv/c7/X5y+NF9qvvT//U8c+j2fV3f9N5/XD8bv7v0Kf/c/Th+tp/xjPvv+rSt/470Y8O9WJez+O7n+68ZNO/CSOxb81ZB+//a39/Z4LDjXZa/93OFalubldaezt313fXFqrrlW3FhbmX118bfGVxXuV1fVaNf/bM8yPPvXrx6f1/3qf+KWj/T+x/V8cqvdZ/Pf9h48+1qkUe8W/c6v39+/NPvHT/LvvM3m5tfx2t3zQKR/23C9/99xp/V/p0/+ZAf2/M1T/4wsvfeP7f+q55MTWAACehMbe/sZSrVbdOaUwM8R7hi4URtLOGyPL57IU4nKkMa5C9r3O/+P52jnn6icKWfUHZ199KkaQxvSJz2khztpgEnHQamvIf0gAAGDC/P+gPxl3KgAAAAAAAAAAAAAAAAAAAHBlnfG2ZDMR0ZlTHHw7seMxD8bTVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAU/0vAAD//xluyPE=")
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)

0s ago: executing program 3 (id=2874):
close(0xffffffffffffffff)
r0 = socket$kcm(0xa, 0x2, 0x88)
sendmsg$inet(r0, &(0x7f0000001600)={&(0x7f0000001340)={0x2, 0x2, @multicast2}, 0x10, 0x0, 0x0, &(0x7f0000001580)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @multicast1}}}], 0x20}, 0x8000)
close(0x3)

kernel console output (not intermixed with test programs):

0
[  977.506886][   T28] audit: type=1326 audit(2000000216.083:972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14537 comm="syz.5.2257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f9a8278d550 code=0x7ffc0000
[  977.548434][   T28] audit: type=1326 audit(2000000216.083:973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14537 comm="syz.5.2257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9a8278e7eb code=0x7ffc0000
[  977.606701][   T28] audit: type=1326 audit(2000000216.083:974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14537 comm="syz.5.2257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9a8278e7eb code=0x7ffc0000
[  977.663855][T14357] 8021q: adding VLAN 0 to HW filter on device batadv0
[  977.671558][   T28] audit: type=1326 audit(2000000216.093:975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14537 comm="syz.5.2257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9a8278e7eb code=0x7ffc0000
[  977.694243][T10996] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  977.745333][   T28] audit: type=1326 audit(2000000216.093:976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14537 comm="syz.5.2257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9a8278e7eb code=0x7ffc0000
[  977.806180][   T28] audit: type=1326 audit(2000000216.383:977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14537 comm="syz.5.2257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9a8278e7eb code=0x7ffc0000
[  977.830132][T14357] veth0_vlan: entered promiscuous mode
[  977.847715][T14357] veth1_vlan: entered promiscuous mode
[  977.861224][   T28] audit: type=1326 audit(2000000216.393:978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14537 comm="syz.5.2257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9a8278e7eb code=0x7ffc0000
[  977.889550][T10996] usb 6-1: Using ep0 maxpacket: 32
[  977.916168][T10996] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  977.953176][T10996] usb 6-1: config 0 has no interface number 0
[  977.960884][T10996] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  977.982983][T14357] veth0_macvtap: entered promiscuous mode
[  977.988911][   T28] audit: type=1326 audit(2000000216.583:979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14537 comm="syz.5.2257" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9a8278e7eb code=0x7ffc0000
[  978.020572][T14357] veth1_macvtap: entered promiscuous mode
[  978.030280][T10996] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  978.049147][T10996] usb 6-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00
[  978.072266][T10996] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  978.097426][T14357] batman_adv: batadv0: Interface activated: batadv_slave_0
[  978.115647][T10996] usb 6-1: config 0 descriptor??
[  978.143063][T14357] batman_adv: batadv0: Interface activated: batadv_slave_1
[  978.240258][T14357] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  978.283456][T14357] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  978.322878][T14357] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  978.341041][T14357] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  979.644426][T14556] binder: 14545:14556 ioctl c0306201 0 returned -14
[  980.646512][T10996] usbhid 6-1:0.1: can't add hid device: -71
[  980.655825][T14554] netlink: 148 bytes leftover after parsing attributes in process `syz.0.2258'.
[  980.684258][T10996] usbhid: probe of 6-1:0.1 failed with error -71
[  980.845098][T14562] loop3: detected capacity change from 0 to 1024
[  980.852726][T14562] EXT4-fs: Ignoring removed oldalloc option
[  980.882092][ T6405] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  980.892037][T10996] usb 6-1: USB disconnect, device number 3
[  980.912018][ T6405] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  980.934219][T14562] EXT4-fs: Ignoring removed bh option
[  980.950187][T14562] EXT4-fs: Project quota feature not enabled. Cannot enable project quota enforcement.
[  981.430116][T14566] bridge0: port 3(gretap0) entered disabled state
[  982.130520][T14566] bridge0: port 2(bridge_slave_1) entered disabled state
[  982.138021][T14566] bridge0: port 1(bridge_slave_0) entered disabled state
[  983.505760][T14566] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  983.515583][T14566] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  983.525605][T14566] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  983.535021][T14566] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  983.735557][T14566] vlan2: left allmulticast mode
[  983.787707][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  983.814348][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  984.648145][T14604] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2265'.
[  984.710165][T14604] loop3: detected capacity change from 0 to 512
[  985.016346][T14604] EXT4-fs (loop3): 1 orphan inode deleted
[  985.030348][T14604] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  985.047197][T14604] ext4 filesystem being mounted at /567/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  985.557362][ T5795] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  985.871497][T14616] netlink: 208 bytes leftover after parsing attributes in process `syz.1.2267'.
[  985.882638][T14616] netlink: 208 bytes leftover after parsing attributes in process `syz.1.2267'.
[  986.761850][   T28] kauditd_printk_skb: 17 callbacks suppressed
[  986.761866][   T28] audit: type=1326 audit(2000000225.443:997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14620 comm="syz.3.2268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5bbd8ebe9 code=0x7ffc0000
[  986.891382][   T28] audit: type=1326 audit(2000000225.493:998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14620 comm="syz.3.2268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5bbd8ebe9 code=0x7ffc0000
[  986.949933][   T28] audit: type=1326 audit(2000000225.523:999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14620 comm="syz.3.2268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd5bbd8d550 code=0x7ffc0000
[  988.773507][T14628] binder: 14623:14628 ioctl c0306201 0 returned -14
[  989.284587][   T28] audit: type=1326 audit(2000000225.523:1000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14620 comm="syz.3.2268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fd5bbd8e7eb code=0x7ffc0000
[  989.365479][   T28] audit: type=1326 audit(2000000225.523:1001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14620 comm="syz.3.2268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fd5bbd8e7eb code=0x7ffc0000
[  989.461627][   T28] audit: type=1326 audit(2000000225.523:1002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14620 comm="syz.3.2268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fd5bbd8e7eb code=0x7ffc0000
[  989.489537][T11002] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  989.503600][ T9322] block nbd0: Possible stuck request ffff888021d28000: control (read@0,1024B). Runtime 660 seconds
[  989.514626][ T9322] block nbd0: Possible stuck request ffff888021d28200: control (read@1024,1024B). Runtime 660 seconds
[  989.526016][ T9322] block nbd0: Possible stuck request ffff888021d28400: control (read@2048,1024B). Runtime 660 seconds
[  989.537886][ T9322] block nbd0: Possible stuck request ffff888021d28600: control (read@3072,1024B). Runtime 660 seconds
[  989.573406][   T28] audit: type=1326 audit(2000000225.523:1003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14620 comm="syz.3.2268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fd5bbd8e7eb code=0x7ffc0000
[  989.596277][   T28] audit: type=1326 audit(2000000228.223:1004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14620 comm="syz.3.2268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fd5bbd8e7eb code=0x7ffc0000
[  989.615859][T14635] loop5: detected capacity change from 0 to 1024
[  989.621734][   T28] audit: type=1326 audit(2000000228.243:1005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14620 comm="syz.3.2268" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fd5bbd8e7eb code=0x7ffc0000
[  989.684556][T14635] EXT4-fs: Ignoring removed oldalloc option
[  989.690707][T14635] EXT4-fs: Ignoring removed bh option
[  989.698590][T14635] EXT4-fs: Project quota feature not enabled. Cannot enable project quota enforcement.
[  990.320547][T11002] usb 4-1: Using ep0 maxpacket: 32
[  990.328759][T11002] usb 4-1: device descriptor read/all, error -71
[  992.838777][T14668] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[  993.428549][ T1285] ieee802154 phy0 wpan0: encryption failed: -22
[  993.435495][ T1285] ieee802154 phy1 wpan1: encryption failed: -22
[  994.388322][T14680] binder: 14672:14680 ioctl c0306201 0 returned -14
[  994.834711][   T28] audit: type=1326 audit(2000000233.513:1006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14684 comm="syz.5.2283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a8278ebe9 code=0x7ffc0000
[  994.923338][   T28] audit: type=1326 audit(2000000233.523:1007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14684 comm="syz.5.2283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a8278ebe9 code=0x7ffc0000
[  994.976645][   T28] audit: type=1326 audit(2000000233.553:1008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14684 comm="syz.5.2283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f9a8278d550 code=0x7ffc0000
[  995.033422][   T28] audit: type=1326 audit(2000000233.553:1009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14684 comm="syz.5.2283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9a8278e7eb code=0x7ffc0000
[  995.085503][   T28] audit: type=1326 audit(2000000233.553:1010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14684 comm="syz.5.2283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9a8278e7eb code=0x7ffc0000
[  995.164739][   T28] audit: type=1326 audit(2000000233.563:1011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14684 comm="syz.5.2283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9a8278e7eb code=0x7ffc0000
[  995.193468][T11004] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  995.260751][   T28] audit: type=1326 audit(2000000233.563:1012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14684 comm="syz.5.2283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9a8278e7eb code=0x7ffc0000
[  995.326459][   T28] audit: type=1326 audit(2000000233.903:1013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14684 comm="syz.5.2283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9a8278e7eb code=0x7ffc0000
[  995.373305][   T28] audit: type=1326 audit(2000000233.903:1014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14684 comm="syz.5.2283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9a8278e7eb code=0x7ffc0000
[  995.403988][T11004] usb 6-1: Using ep0 maxpacket: 32
[  995.418698][   T28] audit: type=1326 audit(2000000234.093:1015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14684 comm="syz.5.2283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9a8278e7eb code=0x7ffc0000
[  995.425661][T11004] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  995.495399][T11004] usb 6-1: config 0 has no interface number 0
[  995.501594][T11004] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  995.553371][T11004] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  995.583324][T11004] usb 6-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00
[  995.824377][T11004] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  995.836369][T11004] usb 6-1: config 0 descriptor??
[  996.771808][T11004] usbhid 6-1:0.1: can't add hid device: -71
[  996.787055][T11004] usbhid: probe of 6-1:0.1 failed with error -71
[  996.814180][T11004] usb 6-1: USB disconnect, device number 4
[  998.874566][T14726] netlink: 'syz.1.2288': attribute type 4 has an invalid length.
[  999.686846][T14723] netlink: 'syz.1.2288': attribute type 4 has an invalid length.
[  999.716637][T14730] xt_CT: No such helper "snmp_trap"
[  999.941058][T14739] loop5: detected capacity change from 0 to 1024
[  999.961200][T14739] EXT4-fs: Ignoring removed oldalloc option
[ 1000.040234][T14739] EXT4-fs: Ignoring removed bh option
[ 1000.057426][T14739] EXT4-fs: Project quota feature not enabled. Cannot enable project quota enforcement.
[ 1000.186370][T14747] binder: 14746:14747 ioctl c00c620f 0 returned -14
[ 1000.573154][T14757] sch_fq: defrate 0 ignored.
[ 1001.766985][   T28] kauditd_printk_skb: 25 callbacks suppressed
[ 1001.767000][   T28] audit: type=1326 audit(2000000240.453:1041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14765 comm="syz.5.2297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a8278ebe9 code=0x7ffc0000
[ 1001.834931][   T28] audit: type=1326 audit(2000000240.483:1042): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14765 comm="syz.5.2297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a8278ebe9 code=0x7ffc0000
[ 1001.893370][   T28] audit: type=1326 audit(2000000240.493:1043): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14765 comm="syz.5.2297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f9a8278d550 code=0x7ffc0000
[ 1001.953455][   T28] audit: type=1326 audit(2000000240.493:1044): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14765 comm="syz.5.2297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9a8278e7eb code=0x7ffc0000
[ 1002.004090][   T28] audit: type=1326 audit(2000000240.493:1045): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14765 comm="syz.5.2297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9a8278e7eb code=0x7ffc0000
[ 1002.032724][   T28] audit: type=1326 audit(2000000240.493:1046): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14765 comm="syz.5.2297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9a8278e7eb code=0x7ffc0000
[ 1002.055554][   T28] audit: type=1326 audit(2000000240.493:1047): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14765 comm="syz.5.2297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9a8278e7eb code=0x7ffc0000
[ 1002.083450][T10996] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[ 1002.091649][   T28] audit: type=1326 audit(2000000240.773:1048): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14765 comm="syz.5.2297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9a8278e7eb code=0x7ffc0000
[ 1002.216699][   T28] audit: type=1326 audit(2000000240.803:1049): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14765 comm="syz.5.2297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9a8278e7eb code=0x7ffc0000
[ 1002.282497][T10996] usb 6-1: Using ep0 maxpacket: 32
[ 1002.327761][   T28] audit: type=1326 audit(2000000241.013:1050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14765 comm="syz.5.2297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9a8278e7eb code=0x7ffc0000
[ 1002.355148][T10996] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[ 1002.395143][T10996] usb 6-1: config 0 has no interface number 0
[ 1002.401357][T10996] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1002.414569][T10996] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1002.424876][T10996] usb 6-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00
[ 1002.438587][T10996] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1003.319062][T10996] usb 6-1: config 0 descriptor??
[ 1004.661740][T10996] usbhid 6-1:0.1: can't add hid device: -71
[ 1004.684810][T10996] usbhid: probe of 6-1:0.1 failed with error -71
[ 1004.734957][T10996] usb 6-1: USB disconnect, device number 5
[ 1004.941527][T14784] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2300'.
[ 1004.990345][T14784] loop0: detected capacity change from 0 to 512
[ 1005.105228][T14784] EXT4-fs (loop0): 1 orphan inode deleted
[ 1005.117810][T14784] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1005.138952][T14784] ext4 filesystem being mounted at /571/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1005.628068][ T5789] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1005.932117][T14798] loop0: detected capacity change from 0 to 4096
[ 1005.939746][T14798] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1005.957021][T14798] EXT4-fs (loop0): Test dummy encryption mode enabled
[ 1006.044634][T14798] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1007.019664][ T5789] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1007.667028][T14816] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2307'.
[ 1007.728982][T14816] loop5: detected capacity change from 0 to 512
[ 1007.960043][T14816] EXT4-fs (loop5): 1 orphan inode deleted
[ 1007.974151][T14816] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1007.999882][T14816] ext4 filesystem being mounted at /241/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1008.394213][T10712] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1010.994639][T14831] netlink: 'syz.0.2311': attribute type 4 has an invalid length.
[ 1011.049968][T14831] netlink: 17 bytes leftover after parsing attributes in process `syz.0.2311'.
[ 1011.073271][T14830] lo speed is unknown, defaulting to 1000
[ 1011.173803][T14833] loop3: detected capacity change from 0 to 1024
[ 1011.194552][T14833] EXT4-fs: Ignoring removed oldalloc option
[ 1011.220891][T14833] EXT4-fs: Ignoring removed bh option
[ 1011.237895][T14833] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1011.317330][T14833] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1011.382993][   T28] kauditd_printk_skb: 31 callbacks suppressed
[ 1011.383011][   T28] audit: type=1804 audit(2000000250.073:1082): pid=14833 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.2312" name="/newroot/583/file1/bus" dev="loop3" ino=18 res=1 errno=0
[ 1011.541445][   T28] audit: type=1804 audit(2000000250.223:1083): pid=14840 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.2312" name="/newroot/583/file1/bus" dev="loop3" ino=18 res=1 errno=0
[ 1011.582711][T14839] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1011.592921][T14839] syzkaller0: entered promiscuous mode
[ 1011.600025][T14839] syzkaller0: entered allmulticast mode
[ 1011.694737][T14839] tipc: Resetting bearer <eth:syzkaller0>
[ 1011.715520][T14838] tipc: Resetting bearer <eth:syzkaller0>
[ 1011.747867][T14838] tipc: Disabling bearer <eth:syzkaller0>
[ 1011.832149][ T5859] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[ 1012.027489][ T5859] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1012.062516][ T5859] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1012.254502][ T5859] usb 1-1: New USB device found, idVendor=0fc5, idProduct=b080, bcdDevice= 0.00
[ 1012.264420][ T5859] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1012.277499][ T5859] usb 1-1: config 0 descriptor??
[ 1012.288140][ T5795] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1012.391142][T14853] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2317'.
[ 1012.408783][T14853] loop5: detected capacity change from 0 to 512
[ 1012.574411][T14853] EXT4-fs (loop5): 1 orphan inode deleted
[ 1012.581612][T14853] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1012.596905][T14853] ext4 filesystem being mounted at /245/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1012.817685][T14843] loop0: detected capacity change from 0 to 128
[ 1012.907454][ T9447] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1013.042143][ T5859] usbhid 1-1:0.0: can't add hid device: -71
[ 1013.059787][ T5859] usbhid: probe of 1-1:0.0 failed with error -71
[ 1013.088642][ T5859] usb 1-1: USB disconnect, device number 15
[ 1013.188187][T10712] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1013.718245][T14875] loop0: detected capacity change from 0 to 4096
[ 1013.726002][T14875] ext4: Unknown parameter 'uid<00000000000000000000'
[ 1015.221522][T14893] loop0: detected capacity change from 0 to 128
[ 1015.348896][T14900] bio_check_eod: 201 callbacks suppressed
[ 1015.348910][T14900] syz.0.2329: attempt to access beyond end of device
[ 1015.348910][T14900] loop0: rw=2049, sector=145, nr_sectors = 544 limit=128
[ 1015.428954][T14899] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2328'.
[ 1015.445293][T14899] loop3: detected capacity change from 0 to 512
[ 1015.472952][T14899] EXT4-fs (loop3): 1 orphan inode deleted
[ 1015.480167][T14899] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1015.493819][T14899] ext4 filesystem being mounted at /587/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1015.505156][T14900] syz.0.2329: attempt to access beyond end of device
[ 1015.505156][T14900] loop0: rw=524288, sector=145, nr_sectors = 224 limit=128
[ 1015.523393][T10993] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[ 1015.549431][T14900] syz.0.2329: attempt to access beyond end of device
[ 1015.549431][T14900] loop0: rw=0, sector=145, nr_sectors = 8 limit=128
[ 1015.637237][T14900] syz.0.2329: attempt to access beyond end of device
[ 1015.637237][T14900] loop0: rw=0, sector=145, nr_sectors = 8 limit=128
[ 1015.737413][T14900] syz.0.2329: attempt to access beyond end of device
[ 1015.737413][T14900] loop0: rw=0, sector=145, nr_sectors = 8 limit=128
[ 1015.796762][T14900] syz.0.2329: attempt to access beyond end of device
[ 1015.796762][T14900] loop0: rw=0, sector=145, nr_sectors = 8 limit=128
[ 1015.801977][T10993] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1015.830203][T10993] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1015.837674][T14900] syz.0.2329: attempt to access beyond end of device
[ 1015.837674][T14900] loop0: rw=0, sector=145, nr_sectors = 8 limit=128
[ 1015.856123][T10993] usb 2-1: New USB device found, idVendor=0fc5, idProduct=b080, bcdDevice= 0.00
[ 1015.879593][T10993] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1015.883436][T14900] syz.0.2329: attempt to access beyond end of device
[ 1015.883436][T14900] loop0: rw=0, sector=145, nr_sectors = 8 limit=128
[ 1015.908105][T10993] usb 2-1: config 0 descriptor??
[ 1016.548154][T10993] usbhid 2-1:0.0: can't add hid device: -71
[ 1016.554369][T10993] usbhid: probe of 2-1:0.0 failed with error -71
[ 1016.565578][T10993] usb 2-1: USB disconnect, device number 3
[ 1016.711177][ T5795] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1017.321411][ T5859] usb 4-1: new full-speed USB device number 16 using dummy_hcd
[ 1017.346290][T14928] loop0: detected capacity change from 0 to 512
[ 1017.364470][T14928] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1017.371702][T14928] EXT4-fs: inline encryption not supported
[ 1017.383327][T14928] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1017.865811][ T5859] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1018.070790][T14928] EXT4-fs (loop0): Test dummy encryption mode enabled
[ 1018.088547][T14928] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[ 1018.099642][ T5859] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1018.124059][ T5859] usb 4-1: New USB device found, idVendor=056a, idProduct=00e5, bcdDevice= 0.00
[ 1018.146023][ T5859] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1018.169735][T14928] EXT4-fs (loop0): 1 truncate cleaned up
[ 1018.184795][T14928] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1018.220558][ T5859] usb 4-1: config 0 descriptor??
[ 1018.527219][T14923] loop5: detected capacity change from 0 to 40427
[ 1018.553370][T14923] F2FS-fs (loop5): Unrecognized mount option "whint_mode=user-based" or missing value
[ 1018.626112][ T9447] I/O error, dev loop5, sector 40192 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1019.424720][ T5859] wacom 0003:056A:00E5.0009: hidraw0: USB HID v0.00 Device [HID 056a:00e5] on usb-dummy_hcd.3-1/input0
[ 1019.550400][ T9322] block nbd0: Possible stuck request ffff888021d28000: control (read@0,1024B). Runtime 690 seconds
[ 1019.561768][ T9322] block nbd0: Possible stuck request ffff888021d28200: control (read@1024,1024B). Runtime 690 seconds
[ 1019.573440][ T9322] block nbd0: Possible stuck request ffff888021d28400: control (read@2048,1024B). Runtime 690 seconds
[ 1019.584792][ T9322] block nbd0: Possible stuck request ffff888021d28600: control (read@3072,1024B). Runtime 690 seconds
[ 1019.603683][ T5859] usb 4-1: USB disconnect, device number 16
[ 1019.763059][T14936] fido_id[14936]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory
[ 1019.918536][   T28] audit: type=1804 audit(2000000258.513:1084): pid=14942 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.2341" name="/newroot/580/bus/bus" dev="loop0" ino=18 res=1 errno=0
[ 1020.416392][ T5789] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1020.683589][T10996] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[ 1020.768697][   T28] audit: type=1326 audit(2000000259.453:1085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14960 comm="syz.1.2350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b0018ebe9 code=0x7ffc0000
[ 1020.792875][   T28] audit: type=1326 audit(2000000259.453:1086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14960 comm="syz.1.2350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b0018ebe9 code=0x7ffc0000
[ 1020.816296][   T28] audit: type=1326 audit(2000000259.463:1087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14960 comm="syz.1.2350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=149 compat=0 ip=0x7f7b0018ebe9 code=0x7ffc0000
[ 1020.839711][   T28] audit: type=1326 audit(2000000259.463:1088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14960 comm="syz.1.2350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b0018ebe9 code=0x7ffc0000
[ 1020.864945][   T28] audit: type=1326 audit(2000000259.463:1089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14960 comm="syz.1.2350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b0018ebe9 code=0x7ffc0000
[ 1020.890601][T10996] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1020.905100][T10996] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1020.913346][   T28] audit: type=1326 audit(2000000259.463:1090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14960 comm="syz.1.2350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=152 compat=0 ip=0x7f7b0018ebe9 code=0x7ffc0000
[ 1020.916585][T10996] usb 6-1: New USB device found, idVendor=0fc5, idProduct=b080, bcdDevice= 0.00
[ 1020.938117][   T28] audit: type=1326 audit(2000000259.463:1091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14960 comm="syz.1.2350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b0018ebe9 code=0x7ffc0000
[ 1020.958309][T10996] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1020.995133][T10996] usb 6-1: config 0 descriptor??
[ 1021.012564][   T28] audit: type=1326 audit(2000000259.463:1092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14960 comm="syz.1.2350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b0018ebe9 code=0x7ffc0000
[ 1021.073385][   T28] audit: type=1326 audit(2000000259.463:1093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14960 comm="syz.1.2350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=25 compat=0 ip=0x7f7b0018ebe9 code=0x7ffc0000
[ 1021.511835][T14955] loop5: detected capacity change from 0 to 128
[ 1021.716987][T14974] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2355'.
[ 1021.829510][T10996] usbhid 6-1:0.0: can't add hid device: -71
[ 1021.853430][T14976] loop0: detected capacity change from 0 to 128
[ 1021.856951][T10996] usbhid: probe of 6-1:0.0 failed with error -71
[ 1021.898905][T14976] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1021.916620][T10996] usb 6-1: USB disconnect, device number 6
[ 1021.926900][T14976] ext4 filesystem being mounted at /582/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1022.752029][T14984] loop3: detected capacity change from 0 to 4096
[ 1022.759655][T14984] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1022.792059][T14984] EXT4-fs (loop3): Test dummy encryption mode enabled
[ 1022.820414][T14984] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1023.060624][ T5789] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1023.108495][ T5795] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1024.433606][T10993] usb 1-1: new full-speed USB device number 16 using dummy_hcd
[ 1024.620246][T10993] usb 1-1: config 17 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[ 1024.631675][T10993] usb 1-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[ 1024.645665][T10993] usb 1-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[ 1024.655359][T10993] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1025.809784][T10993] aiptek 1-1:17.0: Aiptek using 400 ms programming speed
[ 1025.820128][T10993] input: Aiptek as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:17.0/input/input9
[ 1025.913770][T10993] input: failed to attach handler kbd to device input9, error: -5
[ 1025.996844][T10993] usb 1-1: USB disconnect, device number 16
[ 1026.223347][T10986] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[ 1026.253607][T11004] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[ 1026.337676][T15020] loop0: detected capacity change from 0 to 4096
[ 1026.345283][T15020] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1026.353335][T15020] EXT4-fs (loop0): Test dummy encryption mode enabled
[ 1026.378540][T15020] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1026.461857][T11004] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1026.474073][T10986] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1026.485916][T10986] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1026.495258][T11004] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1026.599320][T11004] usb 2-1: New USB device found, idVendor=0fc5, idProduct=b080, bcdDevice= 0.00
[ 1026.608970][T11004] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1026.617652][T10986] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1026.627106][T10986] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1026.637780][T10986] usb 4-1: SerialNumber: syz
[ 1026.645167][T11004] usb 2-1: config 0 descriptor??
[ 1026.888726][T10986] usb 4-1: 0:2 : does not exist
[ 1026.939394][T10986] usb 4-1: USB disconnect, device number 17
[ 1027.011948][ T9447] udevd[9447]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1027.165816][ T5789] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1027.467470][T11004] usbhid 2-1:0.0: can't add hid device: -71
[ 1027.475539][T11004] usbhid: probe of 2-1:0.0 failed with error -71
[ 1027.486630][T11004] usb 2-1: USB disconnect, device number 4
[ 1027.645013][T15029] loop0: detected capacity change from 0 to 8192
[ 1028.025726][T15036] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF
[ 1028.034806][T15036] FAT-fs (loop0): Filesystem has been set read-only
[ 1028.069032][T15033] loop5: detected capacity change from 0 to 512
[ 1028.094904][T15033] EXT4-fs (loop5): Test dummy encryption mode enabled
[ 1028.111555][T15033] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[ 1028.129097][T15033] EXT4-fs (loop5): 1 truncate cleaned up
[ 1028.136942][T15033] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1028.390639][T15033] EXT4-fs error (device loop5): ext4_generic_delete_entry:2729: inode #2: block 13: comm syz.5.2374: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[ 1028.417926][T15033] EXT4-fs error (device loop5) in ext4_delete_entry:2800: Corrupt filesystem
[ 1028.480415][T15044] loop0: detected capacity change from 0 to 128
[ 1028.542574][T15045] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1028.612227][T15044] syz.0.2377: attempt to access beyond end of device
[ 1028.612227][T15044] loop0: rw=2049, sector=145, nr_sectors = 480 limit=128
[ 1028.762430][T15043] syz.0.2377: attempt to access beyond end of device
[ 1028.762430][T15043] loop0: rw=524288, sector=145, nr_sectors = 224 limit=128
[ 1028.791274][T15047] syz.0.2377: attempt to access beyond end of device
[ 1028.791274][T15047] loop0: rw=0, sector=145, nr_sectors = 8 limit=128
[ 1028.845986][T15047] syz.0.2377: attempt to access beyond end of device
[ 1028.845986][T15047] loop0: rw=0, sector=145, nr_sectors = 8 limit=128
[ 1028.874647][T15047] syz.0.2377: attempt to access beyond end of device
[ 1028.874647][T15047] loop0: rw=0, sector=145, nr_sectors = 8 limit=128
[ 1028.903443][T15047] syz.0.2377: attempt to access beyond end of device
[ 1028.903443][T15047] loop0: rw=0, sector=145, nr_sectors = 8 limit=128
[ 1028.947586][T15047] syz.0.2377: attempt to access beyond end of device
[ 1028.947586][T15047] loop0: rw=0, sector=145, nr_sectors = 8 limit=128
[ 1028.991600][T15047] syz.0.2377: attempt to access beyond end of device
[ 1028.991600][T15047] loop0: rw=0, sector=145, nr_sectors = 8 limit=128
[ 1029.024863][T15047] syz.0.2377: attempt to access beyond end of device
[ 1029.024863][T15047] loop0: rw=0, sector=145, nr_sectors = 8 limit=128
[ 1029.063747][T15047] syz.0.2377: attempt to access beyond end of device
[ 1029.063747][T15047] loop0: rw=0, sector=145, nr_sectors = 8 limit=128
[ 1029.752524][T15060] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1029.789902][T15060] syzkaller0: entered promiscuous mode
[ 1029.833410][T15060] syzkaller0: entered allmulticast mode
[ 1029.894892][T15061] tipc: Resetting bearer <eth:syzkaller0>
[ 1029.952063][T15059] tipc: Resetting bearer <eth:syzkaller0>
[ 1030.024520][T15059] tipc: Disabling bearer <eth:syzkaller0>
[ 1030.158930][T12731] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1030.193564][T12731] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1030.202672][T12731] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1030.214227][T12731] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1030.222064][T12731] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 1030.230089][T12731] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1030.263780][ T5796] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1030.271247][ T5796] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1030.284643][ T5796] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1030.295068][ T5796] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1030.318156][ T5796] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 1030.332277][ T5796] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1030.469556][T15062] lo speed is unknown, defaulting to 1000
[ 1030.761352][T15062] chnl_net:caif_netlink_parms(): no params data found
[ 1030.843356][T11004] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[ 1030.957232][T15062] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1030.982245][T15062] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1031.010102][T15062] bridge_slave_0: entered allmulticast mode
[ 1031.036207][T15062] bridge_slave_0: entered promiscuous mode
[ 1031.076800][T11004] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1031.078805][T15062] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1031.093343][T11004] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1031.112274][T15062] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1031.120498][T15062] bridge_slave_1: entered allmulticast mode
[ 1031.130764][T15062] bridge_slave_1: entered promiscuous mode
[ 1031.133351][T11004] usb 1-1: New USB device found, idVendor=0fc5, idProduct=b080, bcdDevice= 0.00
[ 1031.179325][T11004] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1031.208557][T15062] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1031.228047][T11004] usb 1-1: config 0 descriptor??
[ 1031.248196][T15062] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1031.348236][T15062] team0: Port device team_slave_0 added
[ 1031.376600][T15062] team0: Port device team_slave_1 added
[ 1031.452918][T15062] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1031.470934][T15062] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1031.533297][T15062] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1031.556345][T15062] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1031.557904][T15070] loop0: detected capacity change from 0 to 128
[ 1031.574611][T15062] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1031.644563][T15062] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1031.664444][T15070] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1031.724402][T15070] ext4 filesystem being mounted at /589/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1031.821803][T11004] usbhid 1-1:0.0: can't add hid device: -71
[ 1031.828331][T11004] usbhid: probe of 1-1:0.0 failed with error -71
[ 1031.840617][T15062] hsr_slave_0: entered promiscuous mode
[ 1031.877309][T15062] hsr_slave_1: entered promiscuous mode
[ 1031.877714][T11004] usb 1-1: USB disconnect, device number 17
[ 1031.897670][T15062] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1031.915595][T15062] Cannot create hsr debugfs directory
[ 1032.366547][T15062] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1032.425006][T12731] Bluetooth: hci0: command tx timeout
[ 1032.924042][ T5789] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1032.925673][T15062] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1033.075291][T15062] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1033.288115][T15062] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1033.542376][T15062] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1033.560497][T15062] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1033.575396][T15062] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1033.590170][T15062] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1033.735373][T15062] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1033.768510][T15062] 8021q: adding VLAN 0 to HW filter on device team0
[ 1033.781673][T10712] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1033.794805][ T6405] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1033.801988][ T6405] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1033.824418][ T6405] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1033.831828][ T6405] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1034.653340][T15108] loop0: detected capacity change from 0 to 512
[ 1034.865972][T15108] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1034.879042][T15108] ext4 filesystem being mounted at /592/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1035.835362][T15062] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1036.188415][T15062] veth0_vlan: entered promiscuous mode
[ 1036.238093][T15062] veth1_vlan: entered promiscuous mode
[ 1036.347592][T15062] veth0_macvtap: entered promiscuous mode
[ 1036.384969][T15062] veth1_macvtap: entered promiscuous mode
[ 1036.428780][T15062] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1036.440074][T11004] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[ 1036.478364][T15062] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1036.514748][T15062] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1036.786959][T15062] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1036.798967][T15062] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1036.954430][ T5789] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1036.964286][T15062] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1037.149116][T11004] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1037.167576][T15062] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1037.196168][T11004] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1037.218830][T15062] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1037.249156][T11004] usb 6-1: New USB device found, idVendor=0fc5, idProduct=b080, bcdDevice= 0.00
[ 1037.267962][T15062] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1037.287167][T11004] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1037.297984][T15062] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1037.325302][T11004] usb 6-1: config 0 descriptor??
[ 1038.367760][T15119] loop5: detected capacity change from 0 to 128
[ 1038.446658][ T6404] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1038.586329][T15119] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1038.613334][ T6404] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1038.689249][T15119] ext4 filesystem being mounted at /266/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1038.753068][T11004] usbhid 6-1:0.0: can't add hid device: -71
[ 1038.760207][   T48] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1038.778397][T11004] usbhid: probe of 6-1:0.0 failed with error -71
[ 1038.802620][   T48] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1038.816135][T11004] usb 6-1: USB disconnect, device number 7
[ 1039.278005][T10712] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1039.408476][T15143] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 1039.598538][T15148] loop5: detected capacity change from 0 to 512
[ 1039.672047][T15148] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1039.717625][T15148] ext4 filesystem being mounted at /268/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1040.869942][T15158] loop0: detected capacity change from 0 to 8192
[ 1041.293275][T15162] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF
[ 1041.301955][T15162] FAT-fs (loop0): Filesystem has been set read-only
[ 1043.238722][T10712] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1044.268419][T10993] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[ 1044.463689][T10993] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1044.497861][T10993] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1044.539029][T10993] usb 2-1: New USB device found, idVendor=0fc5, idProduct=b080, bcdDevice= 0.00
[ 1044.593234][T10993] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1044.617169][T10993] usb 2-1: config 0 descriptor??
[ 1044.693020][T15183] syz.0.2407[15183] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1044.693934][T15183] syz.0.2407[15183] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1044.790144][T15183] loop0: detected capacity change from 0 to 256
[ 1044.927678][T15183] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d)
[ 1046.139785][T15186] loop5: detected capacity change from 0 to 128
[ 1046.211050][T15186] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1046.282401][T15186] ext4 filesystem being mounted at /271/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1046.607154][T10712] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1046.783992][T10993] usbhid 2-1:0.0: can't add hid device: -71
[ 1046.790074][T10993] usbhid: probe of 2-1:0.0 failed with error -71
[ 1046.799146][T10993] usb 2-1: USB disconnect, device number 5
[ 1049.274000][T15202] kvm: MONITOR instruction emulated as NOP!
[ 1050.084349][ T9322] block nbd0: Possible stuck request ffff888021d28000: control (read@0,1024B). Runtime 720 seconds
[ 1050.095626][ T9322] block nbd0: Possible stuck request ffff888021d28200: control (read@1024,1024B). Runtime 720 seconds
[ 1050.108865][ T9322] block nbd0: Possible stuck request ffff888021d28400: control (read@2048,1024B). Runtime 720 seconds
[ 1050.120057][ T9322] block nbd0: Possible stuck request ffff888021d28600: control (read@3072,1024B). Runtime 720 seconds
[ 1051.815554][T15213] loop0: detected capacity change from 0 to 128
[ 1051.823041][T15213] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1051.829770][T15213] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1051.843971][T15222] loop5: detected capacity change from 0 to 256
[ 1052.103398][T15213] EXT4-fs (loop0): Test dummy encryption mode enabled
[ 1052.170489][T15213] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1052.201809][T15213] ext4 filesystem being mounted at /603/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1052.569028][ T5789] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1054.173966][T15239] loop0: detected capacity change from 0 to 4096
[ 1054.181472][T15239] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1054.191005][T15239] EXT4-fs (loop0): Test dummy encryption mode enabled
[ 1054.218289][T15239] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1054.753074][ T1285] ieee802154 phy0 wpan0: encryption failed: -22
[ 1054.761176][ T1285] ieee802154 phy1 wpan1: encryption failed: -22
[ 1054.941163][ T5789] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1058.548663][T15258] netlink: 'syz.0.2428': attribute type 4 has an invalid length.
[ 1058.556742][T15258] netlink: 17 bytes leftover after parsing attributes in process `syz.0.2428'.
[ 1059.389249][T15275] loop0: detected capacity change from 0 to 128
[ 1059.399992][T15275] EXT4-fs (loop0): Test dummy encryption mode enabled
[ 1059.661701][T15275] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1059.748905][T15275] ext4 filesystem being mounted at /608/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1060.748185][ T5789] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1062.163258][   T28] kauditd_printk_skb: 21 callbacks suppressed
[ 1062.163284][   T28] audit: type=1326 audit(2000000300.843:1115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15289 comm="syz.0.2436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f625bb8ebe9 code=0x7ffc0000
[ 1062.226329][   T28] audit: type=1326 audit(2000000300.843:1116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15289 comm="syz.0.2436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f625bb8ebe9 code=0x7ffc0000
[ 1062.252421][   T28] audit: type=1326 audit(2000000300.853:1117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15289 comm="syz.0.2436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f625bb8d550 code=0x7ffc0000
[ 1062.279318][   T28] audit: type=1326 audit(2000000300.853:1118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15289 comm="syz.0.2436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f625bb8e7eb code=0x7ffc0000
[ 1062.306588][   T28] audit: type=1326 audit(2000000300.853:1119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15289 comm="syz.0.2436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f625bb8e7eb code=0x7ffc0000
[ 1062.332852][   T28] audit: type=1326 audit(2000000300.853:1120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15289 comm="syz.0.2436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f625bb8e7eb code=0x7ffc0000
[ 1062.362248][   T28] audit: type=1326 audit(2000000300.853:1121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15289 comm="syz.0.2436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f625bb8e7eb code=0x7ffc0000
[ 1062.435776][T15292] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[ 1062.446054][T15292] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[ 1062.455283][T15292] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[ 1062.464468][T15292] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[ 1062.473669][T15292] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[ 1062.482821][T15292] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[ 1062.492055][T15292] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[ 1062.501272][T15292] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[ 1062.510566][T15292] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[ 1062.519792][T15292] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[ 1062.536124][T14574] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[ 1062.546139][   T28] audit: type=1326 audit(2000000301.233:1122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15289 comm="syz.0.2436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f625bb8e7eb code=0x7ffc0000
[ 1062.624099][   T28] audit: type=1326 audit(2000000301.233:1123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15289 comm="syz.0.2436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f625bb8e7eb code=0x7ffc0000
[ 1062.739193][T14574] usb 1-1: Using ep0 maxpacket: 32
[ 1062.754388][T14574] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[ 1062.768613][T14574] usb 1-1: config 0 has no interface number 0
[ 1062.789196][T14574] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1062.819043][T14574] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1062.836667][   T28] audit: type=1326 audit(2000000301.433:1124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15289 comm="syz.0.2436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f625bb8e7eb code=0x7ffc0000
[ 1062.891358][T14574] usb 1-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00
[ 1062.901979][T14574] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1062.940278][T14574] usb 1-1: config 0 descriptor??
[ 1064.099353][T14574] uclogic 0003:28BD:0094.000A: pen parameters not found
[ 1064.134204][T14574] uclogic 0003:28BD:0094.000A: interface is invalid, ignoring
[ 1064.175235][T14574] usb 1-1: USB disconnect, device number 18
[ 1064.423580][T15300] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2440'.
[ 1064.433787][T15300] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2440'.
[ 1064.442812][T15300] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1064.625705][T15300] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1065.053608][T15309] loop5: detected capacity change from 0 to 1024
[ 1065.062390][T15309] EXT4-fs: Ignoring removed nobh option
[ 1065.102054][T15309] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1065.156323][T15309] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1065.377269][T15309] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4031: comm syz.5.2442: Allocating blocks 449-513 which overlap fs metadata
[ 1065.420330][T15307] EXT4-fs (loop5): pa ffff88805aaf2740: logic 160, phys. 321, len 12
[ 1065.429499][T15307] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:5372: group 0, free 0, pa_free 4
[ 1065.492936][T10712] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1065.632969][T15321] loop5: detected capacity change from 0 to 512
[ 1065.791450][T15321] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1065.822521][T15321] ext4 filesystem being mounted at /281/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1066.459731][T15327] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1066.486870][T15327] syzkaller0: entered promiscuous mode
[ 1066.496785][T15327] syzkaller0: entered allmulticast mode
[ 1066.540540][T15327] tipc: Resetting bearer <eth:syzkaller0>
[ 1066.550402][T15326] tipc: Resetting bearer <eth:syzkaller0>
[ 1066.583877][T15326] tipc: Disabling bearer <eth:syzkaller0>
[ 1068.159625][   T28] kauditd_printk_skb: 21 callbacks suppressed
[ 1068.159643][   T28] audit: type=1326 audit(2000000306.843:1146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15338 comm="syz.0.2449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f625bb8ebe9 code=0x7ffc0000
[ 1068.194695][   T28] audit: type=1326 audit(2000000306.853:1147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15338 comm="syz.0.2449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f625bb8d550 code=0x7ffc0000
[ 1068.220463][   T28] audit: type=1326 audit(2000000306.853:1148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15338 comm="syz.0.2449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f625bb8e7eb code=0x7ffc0000
[ 1068.255802][   T28] audit: type=1326 audit(2000000306.853:1149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15338 comm="syz.0.2449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f625bb8e7eb code=0x7ffc0000
[ 1068.280085][   T28] audit: type=1326 audit(2000000306.863:1150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15338 comm="syz.0.2449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f625bb8e7eb code=0x7ffc0000
[ 1068.304142][   T28] audit: type=1326 audit(2000000306.863:1151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15338 comm="syz.0.2449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f625bb8e7eb code=0x7ffc0000
[ 1068.853278][T11002] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[ 1068.861968][   T28] audit: type=1326 audit(2000000307.543:1152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15338 comm="syz.0.2449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f625bb8e7eb code=0x7ffc0000
[ 1068.889366][   T28] audit: type=1326 audit(2000000307.573:1153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15338 comm="syz.0.2449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f625bb8e7eb code=0x7ffc0000
[ 1068.918725][T10712] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1069.053305][T11002] usb 1-1: Using ep0 maxpacket: 32
[ 1069.060341][   T28] audit: type=1326 audit(2000000307.743:1154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15338 comm="syz.0.2449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f625bb8e7eb code=0x7ffc0000
[ 1069.085488][T11002] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[ 1069.097702][T11002] usb 1-1: config 0 has no interface number 0
[ 1069.111995][T11002] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1069.124894][   T28] audit: type=1326 audit(2000000307.773:1155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15338 comm="syz.0.2449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f625bb8e7eb code=0x7ffc0000
[ 1069.350320][T11002] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1069.369220][T11002] usb 1-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00
[ 1069.378584][T11002] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1069.391104][T11002] usb 1-1: config 0 descriptor??
[ 1070.486344][T11002] uclogic 0003:28BD:0094.000B: pen parameters not found
[ 1072.013341][T11002] uclogic 0003:28BD:0094.000B: interface is invalid, ignoring
[ 1072.036830][T11002] usb 1-1: USB disconnect, device number 19
[ 1072.134733][T15360] syz.1.2455[15360] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1072.134874][T15360] syz.1.2455[15360] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1074.662219][T15374] sch_fq: defrate 0 ignored.
[ 1074.961210][T15376] loop5: detected capacity change from 0 to 4096
[ 1074.987704][T15376] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1075.033040][T15376] EXT4-fs (loop5): Test dummy encryption mode enabled
[ 1075.086385][T15376] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1075.998744][T15387] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2461'.
[ 1076.012923][T15387] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2461'.
[ 1076.063250][T15387] loop0: detected capacity change from 0 to 512
[ 1076.281247][T15387] EXT4-fs (loop0): 1 orphan inode deleted
[ 1076.294235][T15387] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1076.314994][T15387] ext4 filesystem being mounted at /618/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1076.727169][ T5789] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1076.972676][T15393] syzkaller0: create flow: hash 3288061988 index 1
[ 1076.981251][ T2932] syzkaller0: tun_net_xmit 76
[ 1076.989590][ T2932] syzkaller0: tun_net_xmit 48
[ 1077.003586][T10998] syzkaller0: tun_net_xmit 76
[ 1077.163689][T11002] syzkaller0: tun_net_xmit 76
[ 1077.173929][T15391] syzkaller0: delete flow: hash 3288061988 index 1
[ 1079.481330][T15403] syz.1.2465[15403] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1079.482111][T15403] syz.1.2465[15403] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1080.033644][ T5158] udevd[5158]: worker [5794] /devices/virtual/block/nbd0 timeout; kill it
[ 1080.099918][ T5158] udevd[5158]: seq 12860 '/devices/virtual/block/nbd0' killed
[ 1080.657773][ T9322] block nbd0: Possible stuck request ffff888021d28000: control (read@0,1024B). Runtime 750 seconds
[ 1080.669529][ T9322] block nbd0: Possible stuck request ffff888021d28200: control (read@1024,1024B). Runtime 750 seconds
[ 1080.681928][ T9322] block nbd0: Possible stuck request ffff888021d28400: control (read@2048,1024B). Runtime 750 seconds
[ 1080.693624][ T9322] block nbd0: Possible stuck request ffff888021d28600: control (read@3072,1024B). Runtime 750 seconds
[ 1080.989568][T10712] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1082.324281][T15412] syz.5.2466[15412] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1082.324416][T15412] syz.5.2466[15412] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1082.344611][T15412] loop5: detected capacity change from 0 to 256
[ 1082.610117][T15412] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d)
[ 1084.611120][T15423] loop5: detected capacity change from 0 to 512
[ 1084.676254][T15423] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1084.701280][T15423] ext4 filesystem being mounted at /287/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1085.633694][T10712] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1086.111175][T15429] syzkaller0: create flow: hash 3288061988 index 1
[ 1086.176350][T15436] loop0: detected capacity change from 0 to 128
[ 1086.307897][T15430] syzkaller0: delete flow: hash 3288061988 index 1
[ 1086.405680][T15438] bio_check_eod: 983 callbacks suppressed
[ 1086.405694][T15438] syz.0.2473: attempt to access beyond end of device
[ 1086.405694][T15438] loop0: rw=2049, sector=145, nr_sectors = 256 limit=128
[ 1086.609353][T15434] syz.0.2473: attempt to access beyond end of device
[ 1086.609353][T15434] loop0: rw=524288, sector=145, nr_sectors = 224 limit=128
[ 1086.783874][T15438] syz.0.2473: attempt to access beyond end of device
[ 1086.783874][T15438] loop0: rw=0, sector=145, nr_sectors = 8 limit=128
[ 1087.121656][T15438] syz.0.2473: attempt to access beyond end of device
[ 1087.121656][T15438] loop0: rw=0, sector=145, nr_sectors = 8 limit=128
[ 1087.192920][T15438] syz.0.2473: attempt to access beyond end of device
[ 1087.192920][T15438] loop0: rw=0, sector=145, nr_sectors = 8 limit=128
[ 1087.254953][T15438] syz.0.2473: attempt to access beyond end of device
[ 1087.254953][T15438] loop0: rw=0, sector=145, nr_sectors = 8 limit=128
[ 1089.514412][T15467] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1089.525051][T15467] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1089.570056][T15467] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1089.600775][T15467] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1089.643435][T15467] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 1089.668072][T15467] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1089.738559][T12731] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1089.761117][T12731] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1089.771053][T12731] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1089.782399][T12731] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1089.790409][T12731] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 1089.797997][T12731] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1091.956499][T15467] Bluetooth: hci3: command tx timeout
[ 1093.050878][T15474] sch_fq: defrate 0 ignored.
[ 1093.276893][T15466] lo speed is unknown, defaulting to 1000
[ 1093.438023][T15484] loop5: detected capacity change from 0 to 4096
[ 1093.445708][T15484] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1093.457070][T15484] EXT4-fs (loop5): Test dummy encryption mode enabled
[ 1093.534456][T15484] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1093.969444][T15491] lo speed is unknown, defaulting to 1000
[ 1094.024254][T15467] Bluetooth: hci3: command tx timeout
[ 1094.086857][T15466] chnl_net:caif_netlink_parms(): no params data found
[ 1094.198126][T10712] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1094.254319][ T3484] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1094.569920][T15510] loop5: detected capacity change from 0 to 512
[ 1094.695384][T15510] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1094.749565][ T3484] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1094.826883][T15510] ext4 filesystem being mounted at /290/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1094.976148][T15508] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2488'.
[ 1094.987153][T15514] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2488'.
[ 1095.080502][ T3484] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1095.132454][T15466] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1095.152537][T15466] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1095.190540][T15466] bridge_slave_0: entered allmulticast mode
[ 1095.212354][T15466] bridge_slave_0: entered promiscuous mode
[ 1095.510157][ T3484] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1095.686580][T15466] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1095.758324][T15466] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1096.586581][T15466] bridge_slave_1: entered allmulticast mode
[ 1096.675495][T15467] Bluetooth: hci3: command tx timeout
[ 1096.725835][T15466] bridge_slave_1: entered promiscuous mode
[ 1096.818971][T15523] sch_fq: defrate 0 ignored.
[ 1096.911669][T15466] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1096.976042][T15466] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1097.181569][T15466] team0: Port device team_slave_0 added
[ 1097.222903][T15466] team0: Port device team_slave_1 added
[ 1097.425302][T15466] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1097.432619][T15466] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1097.482434][T15466] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1097.587430][T15466] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1097.598202][T15466] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1097.673324][T15466] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1097.846846][T10712] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1098.286598][T15539] loop5: detected capacity change from 0 to 128
[ 1098.409013][T15539] syz.5.2494: attempt to access beyond end of device
[ 1098.409013][T15539] loop5: rw=2049, sector=145, nr_sectors = 392 limit=128
[ 1098.517107][T15542] syz.5.2494: attempt to access beyond end of device
[ 1098.517107][T15542] loop5: rw=524288, sector=145, nr_sectors = 224 limit=128
[ 1098.556217][T15542] syz.5.2494: attempt to access beyond end of device
[ 1098.556217][T15542] loop5: rw=0, sector=145, nr_sectors = 8 limit=128
[ 1098.612248][T15542] syz.5.2494: attempt to access beyond end of device
[ 1098.612248][T15542] loop5: rw=0, sector=145, nr_sectors = 8 limit=128
[ 1098.638106][T15546] loop0: detected capacity change from 0 to 256
[ 1098.660192][T15542] syz.5.2494: attempt to access beyond end of device
[ 1098.660192][T15542] loop5: rw=0, sector=145, nr_sectors = 8 limit=128
[ 1098.695209][T15542] syz.5.2494: attempt to access beyond end of device
[ 1098.695209][T15542] loop5: rw=0, sector=145, nr_sectors = 8 limit=128
[ 1098.723594][T15546] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d)
[ 1098.743397][T15467] Bluetooth: hci3: command tx timeout
[ 1098.759593][T15542] syz.5.2494: attempt to access beyond end of device
[ 1098.759593][T15542] loop5: rw=0, sector=145, nr_sectors = 8 limit=128
[ 1098.788786][T15466] hsr_slave_0: entered promiscuous mode
[ 1098.810599][T15466] hsr_slave_1: entered promiscuous mode
[ 1098.821139][T15542] syz.5.2494: attempt to access beyond end of device
[ 1098.821139][T15542] loop5: rw=0, sector=145, nr_sectors = 8 limit=128
[ 1098.855754][T15466] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1098.876496][T15542] syz.5.2494: attempt to access beyond end of device
[ 1098.876496][T15542] loop5: rw=0, sector=145, nr_sectors = 8 limit=128
[ 1098.890224][T15466] Cannot create hsr debugfs directory
[ 1098.905482][T15542] syz.5.2494: attempt to access beyond end of device
[ 1098.905482][T15542] loop5: rw=0, sector=145, nr_sectors = 8 limit=128
[ 1099.045301][T15558] loop0: detected capacity change from 0 to 128
[ 1099.062306][T15558] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1099.090163][T15558] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1099.118305][T15551] lo speed is unknown, defaulting to 1000
[ 1099.126806][T15558] EXT4-fs (loop0): Test dummy encryption mode enabled
[ 1099.146404][T15558] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1099.182872][T15558] ext4 filesystem being mounted at /631/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1099.356009][ T5789] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1099.595322][T15564] bridge0: port 5(syz_tun) entered blocking state
[ 1099.601981][T15564] bridge0: port 5(syz_tun) entered disabled state
[ 1099.608759][T15564] syz_tun: entered allmulticast mode
[ 1099.615938][T15564] syz_tun: entered promiscuous mode
[ 1099.626431][T15564] bridge0: port 5(syz_tun) entered blocking state
[ 1099.634763][T15564] bridge0: port 5(syz_tun) entered forwarding state
[ 1099.687891][T15567] binder: 15563:15567 ioctl c0306201 0 returned -14
[ 1099.727132][T15566] netlink: 148 bytes leftover after parsing attributes in process `syz.5.2499'.
[ 1099.933622][T15572] loop5: detected capacity change from 0 to 512
[ 1099.948637][T15572] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[ 1099.999073][T15572] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1100.025893][T15572] ext4 filesystem being mounted at /293/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1100.388871][T15577] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1101.025901][ T3484] hsr_slave_0: left promiscuous mode
[ 1101.036771][ T3484] hsr_slave_1: left promiscuous mode
[ 1101.058803][T10712] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1101.071970][ T3484] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1101.080855][ T3484] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1101.102506][ T3484] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1101.110625][ T3484] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1101.127324][ T3484] bridge_slave_1: left allmulticast mode
[ 1101.143545][ T3484] bridge_slave_1: left promiscuous mode
[ 1101.159913][ T3484] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1101.217740][ T3484] bridge_slave_0: left allmulticast mode
[ 1101.243137][ T3484] bridge_slave_0: left promiscuous mode
[ 1101.269348][ T3484] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1101.399978][ T3484] veth1_macvtap: left promiscuous mode
[ 1101.411032][ T3484] veth0_macvtap: left promiscuous mode
[ 1101.420242][ T3484] veth1_vlan: left promiscuous mode
[ 1101.426843][ T3484] veth0_vlan: left promiscuous mode
[ 1103.019773][T15593] syz.0.2506[15593] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1103.019916][T15593] syz.0.2506[15593] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1103.038789][T15593] loop0: detected capacity change from 0 to 256
[ 1103.170559][T15593] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d)
[ 1103.674495][T15595] loop5: detected capacity change from 0 to 128
[ 1103.832305][T15598] bio_check_eod: 597 callbacks suppressed
[ 1103.832324][T15598] syz.5.2507: attempt to access beyond end of device
[ 1103.832324][T15598] loop5: rw=2049, sector=145, nr_sectors = 312 limit=128
[ 1105.913040][ T3484] team0 (unregistering): Port device team_slave_1 removed
[ 1106.041872][ T3484] team0 (unregistering): Port device team_slave_0 removed
[ 1106.146267][ T3484] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1106.229369][ T3484] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1107.284334][ T3484] bond0 (unregistering): Released all slaves
[ 1107.500731][T15610] lo speed is unknown, defaulting to 1000
[ 1108.177709][T15633] loop5: detected capacity change from 0 to 128
[ 1108.231409][T15633] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1108.251476][T15633] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1108.292217][T15633] EXT4-fs (loop5): Test dummy encryption mode enabled
[ 1108.344432][T15633] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1108.372108][T15633] ext4 filesystem being mounted at /298/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1108.556547][T10712] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1108.703463][T15466] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1108.744598][T15466] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1108.804426][T15466] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1108.919588][T15466] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1109.459566][T15466] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1109.529939][T15466] 8021q: adding VLAN 0 to HW filter on device team0
[ 1109.577518][ T3510] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1109.584792][ T3510] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1109.635328][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1109.642535][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1110.565250][T15466] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1110.645318][T15686] syz.0.2524[15686] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1110.646110][T15686] syz.0.2524[15686] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1110.714306][T15686] loop0: detected capacity change from 0 to 256
[ 1110.895636][T15686] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d)
[ 1111.686729][T15466] veth0_vlan: entered promiscuous mode
[ 1111.779211][T15466] veth1_vlan: entered promiscuous mode
[ 1111.990791][T15466] veth0_macvtap: entered promiscuous mode
[ 1112.051609][T15466] veth1_macvtap: entered promiscuous mode
[ 1112.187738][T15466] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1112.222785][T15466] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1112.266951][ T9322] block nbd0: Possible stuck request ffff888021d28000: control (read@0,1024B). Runtime 780 seconds
[ 1112.285039][T15466] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1112.294985][ T9322] block nbd0: Possible stuck request ffff888021d28200: control (read@1024,1024B). Runtime 780 seconds
[ 1112.307702][ T9322] block nbd0: Possible stuck request ffff888021d28400: control (read@2048,1024B). Runtime 780 seconds
[ 1112.320804][ T9322] block nbd0: Possible stuck request ffff888021d28600: control (read@3072,1024B). Runtime 780 seconds
[ 1112.420789][T15466] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1112.509638][T15466] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1112.540528][T15466] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1112.581096][T15466] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1112.648902][T15466] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1112.985870][T15701] lo speed is unknown, defaulting to 1000
[ 1113.007737][ T3484] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1113.037677][T15706] loop0: detected capacity change from 0 to 4096
[ 1113.039232][ T3484] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1113.045433][T15706] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1113.077992][T15706] EXT4-fs (loop0): Test dummy encryption mode enabled
[ 1113.113733][T15706] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1113.139133][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1113.178420][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1113.512338][T15716] loop3: detected capacity change from 0 to 1024
[ 1113.532728][T15716] EXT4-fs: Ignoring removed oldalloc option
[ 1113.556658][T15716] EXT4-fs: Ignoring removed bh option
[ 1113.579006][T15716] EXT4-fs: Project quota feature not enabled. Cannot enable project quota enforcement.
[ 1113.893262][ T5789] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1114.950491][T15727] lo speed is unknown, defaulting to 1000
[ 1115.429978][T12731] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1115.447384][T12731] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1115.458642][T12731] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1115.495000][T12731] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1115.510265][T15742] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[ 1115.519227][T15745] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2532'.
[ 1115.535590][T12731] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 1115.553534][T12731] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1115.773726][T15743] lo speed is unknown, defaulting to 1000
[ 1116.154137][T15754] syz.3.2533[15754] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1116.154870][T15754] syz.3.2533[15754] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1116.188266][T15754] loop3: detected capacity change from 0 to 256
[ 1116.246642][ T1285] ieee802154 phy0 wpan0: encryption failed: -22
[ 1116.253052][ T1285] ieee802154 phy1 wpan1: encryption failed: -22
[ 1116.328066][T15754] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d)
[ 1117.524816][   T12] tipc: Disabling bearer <udp:syz2>
[ 1117.556221][   T12] tipc: Left network mode
[ 1117.568062][T15743] chnl_net:caif_netlink_parms(): no params data found
[ 1117.635407][T12731] Bluetooth: hci0: command tx timeout
[ 1118.384965][T15743] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1118.392178][T15743] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1118.428362][T15743] bridge_slave_0: entered allmulticast mode
[ 1118.447380][T15743] bridge_slave_0: entered promiscuous mode
[ 1118.468983][T15743] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1118.485698][T15743] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1118.493027][T15743] bridge_slave_1: entered allmulticast mode
[ 1118.540238][T15743] bridge_slave_1: entered promiscuous mode
[ 1119.060078][T15743] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1119.201912][T15790] sit0: entered allmulticast mode
[ 1119.267064][T15743] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1119.359029][T15796] loop5: detected capacity change from 0 to 128
[ 1119.537233][T15800] syz.5.2542: attempt to access beyond end of device
[ 1119.537233][T15800] loop5: rw=2049, sector=145, nr_sectors = 824 limit=128
[ 1119.660859][T15743] team0: Port device team_slave_0 added
[ 1120.079929][T15807] syz.1.2544[15807] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1120.080073][T15807] syz.1.2544[15807] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1120.407411][T15743] team0: Port device team_slave_1 added
[ 1120.885304][   T12] gretap0 (unregistering): left allmulticast mode
[ 1120.932641][   T12] gretap0 (unregistering): left promiscuous mode
[ 1120.973971][   T12] bridge0: port 3(gretap0) entered disabled state
[ 1121.209013][T15743] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1121.247321][T15743] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1122.342172][T15743] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1122.424977][T15743] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1122.432228][T15743] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1122.493359][T15743] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1122.550146][T15818] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1122.660838][T15814] tipc: Resetting bearer <eth:syzkaller0>
[ 1122.773680][T15743] hsr_slave_0: entered promiscuous mode
[ 1122.822653][T15743] hsr_slave_1: entered promiscuous mode
[ 1122.858702][T15743] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1122.886183][T15743] Cannot create hsr debugfs directory
[ 1122.909889][T15813] tipc: Disabling bearer <eth:syzkaller0>
[ 1124.049937][T15841] loop5: detected capacity change from 0 to 512
[ 1124.688821][T15841] EXT4-fs (loop5): 1 orphan inode deleted
[ 1124.696846][T15841] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1124.709937][T15841] ext4 filesystem being mounted at /304/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1124.914485][T15840] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2550'.
[ 1125.114979][T10712] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1125.371289][T15857] loop3: detected capacity change from 0 to 128
[ 1125.555984][T15857] syz.3.2554: attempt to access beyond end of device
[ 1125.555984][T15857] loop3: rw=2049, sector=145, nr_sectors = 128 limit=128
[ 1125.849528][   T12] hsr_slave_0: left promiscuous mode
[ 1125.866159][   T12] hsr_slave_1: left promiscuous mode
[ 1125.879898][   T12] bridge_slave_1: left allmulticast mode
[ 1125.887343][   T12] bridge_slave_1: left promiscuous mode
[ 1125.902700][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1125.960269][   T12] bridge_slave_0: left allmulticast mode
[ 1125.987323][   T12] bridge_slave_0: left promiscuous mode
[ 1125.993260][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1126.213564][T15872] loop5: detected capacity change from 0 to 128
[ 1126.299017][T15872] siw: device registration error -23
[ 1126.312292][T15872] netlink: 60 bytes leftover after parsing attributes in process `syz.5.2555'.
[ 1129.713108][   T12] team0 (unregistering): Port device team_slave_1 removed
[ 1129.780096][   T12] team0 (unregistering): Port device team_slave_0 removed
[ 1129.846548][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1129.915683][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1130.482099][   T12] bond0 (unregistering): Released all slaves
[ 1131.561982][   T12] IPVS: stop unused estimator thread 0...
[ 1133.831299][T15743] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1134.059778][T15743] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1134.147499][T15743] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1134.202901][T15743] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1134.350039][T15938] syzkaller0: entered promiscuous mode
[ 1134.444373][T15938] syzkaller0: entered allmulticast mode
[ 1134.839790][T15743] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1134.919380][T15743] 8021q: adding VLAN 0 to HW filter on device team0
[ 1134.999017][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1135.006302][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1135.019653][T15960] loop5: detected capacity change from 0 to 512
[ 1135.036737][T15960] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[ 1135.092488][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1135.092668][T15960] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1135.099704][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1135.247663][T15960] ext4 filesystem being mounted at /314/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1135.270902][T15743] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1135.773806][T15974] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1136.276338][T15743] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1136.360951][T10712] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1136.530457][T15743] veth0_vlan: entered promiscuous mode
[ 1136.568272][T15743] veth1_vlan: entered promiscuous mode
[ 1136.689688][T15743] veth0_macvtap: entered promiscuous mode
[ 1136.738109][T15743] veth1_macvtap: entered promiscuous mode
[ 1136.864835][T15743] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1137.208409][T15743] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1137.513291][T15743] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1137.571672][T15743] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1137.653619][T15743] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1137.700666][T15743] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1137.743097][T15743] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1137.765085][T15743] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1137.780683][T15743] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1137.790197][T15743] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1137.805785][T15743] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1137.818620][T15743] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1137.866560][T15998] syzkaller0: entered promiscuous mode
[ 1137.873009][T15998] syzkaller0: entered allmulticast mode
[ 1138.114458][T16004] syz.5.2584[16004] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1138.115250][T16004] syz.5.2584[16004] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1138.182133][T16004] loop5: detected capacity change from 0 to 256
[ 1138.309589][T16004] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d)
[ 1139.349155][ T3484] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1139.406853][ T3484] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1139.613049][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1139.654024][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1140.312877][T16023] loop5: detected capacity change from 0 to 128
[ 1140.345359][T16024] lo speed is unknown, defaulting to 1000
[ 1140.389880][T16023] siw: device registration error -23
[ 1140.421029][T16023] netlink: 60 bytes leftover after parsing attributes in process `syz.5.2589'.
[ 1141.549486][T16030] loop3: detected capacity change from 0 to 8192
[ 1141.796066][T16045] syzkaller0: entered promiscuous mode
[ 1141.854690][T16045] syzkaller0: entered allmulticast mode
[ 1142.062547][T16053] FAT-fs (loop3): error, fat_free_clusters: deleting FAT entry beyond EOF
[ 1142.071296][T16053] FAT-fs (loop3): Filesystem has been set read-only
[ 1142.654637][T16059] syz.1.2596[16059] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1142.654777][T16059] syz.1.2596[16059] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1143.584025][ T9322] block nbd0: Possible stuck request ffff888021d28000: control (read@0,1024B). Runtime 810 seconds
[ 1143.613657][ T9322] block nbd0: Possible stuck request ffff888021d28200: control (read@1024,1024B). Runtime 810 seconds
[ 1143.626123][ T9322] block nbd0: Possible stuck request ffff888021d28400: control (read@2048,1024B). Runtime 810 seconds
[ 1143.638131][ T9322] block nbd0: Possible stuck request ffff888021d28600: control (read@3072,1024B). Runtime 810 seconds
[ 1145.166618][T16072] loop5: detected capacity change from 0 to 1024
[ 1145.190352][T16072] EXT4-fs: Ignoring removed oldalloc option
[ 1145.256400][T16072] EXT4-fs: Ignoring removed bh option
[ 1145.276874][T16072] EXT4-fs: Project quota feature not enabled. Cannot enable project quota enforcement.
[ 1145.351826][T16079] loop3: detected capacity change from 0 to 128
[ 1145.488089][T16079] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2601'.
[ 1146.843401][T16094] syzkaller0: entered promiscuous mode
[ 1146.862286][T16094] syzkaller0: entered allmulticast mode
[ 1147.236858][T16097] lo speed is unknown, defaulting to 1000
[ 1148.888947][T16117] loop5: detected capacity change from 0 to 128
[ 1149.031550][T16117] netlink: 60 bytes leftover after parsing attributes in process `syz.5.2612'.
[ 1149.162612][T16122] syz.3.2610[16122] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1149.163454][T16122] syz.3.2610[16122] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1149.379523][T16122] loop3: detected capacity change from 0 to 256
[ 1149.521880][T16122] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d)
[ 1150.182968][T16125] loop0: detected capacity change from 0 to 1024
[ 1150.248562][T16125] EXT4-fs: Ignoring removed oldalloc option
[ 1150.320826][T16125] EXT4-fs: Ignoring removed bh option
[ 1150.593899][T16125] EXT4-fs: Project quota feature not enabled. Cannot enable project quota enforcement.
[ 1150.933989][T16130] syz.5.2614[16130] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1150.934133][T16130] syz.5.2614[16130] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1151.423527][T16130] loop5: detected capacity change from 0 to 256
[ 1151.546180][T16130] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d)
[ 1154.981922][ T2932] tipc: Disabling bearer <udp:syz2>
[ 1155.012789][ T2932] tipc: Left network mode
[ 1155.260847][T16147] loop0: detected capacity change from 0 to 4096
[ 1155.268558][T16147] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1155.298190][T16147] EXT4-fs (loop0): Test dummy encryption mode enabled
[ 1155.329964][T16147] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1155.992183][T15743] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1156.348009][T16170] loop3: detected capacity change from 0 to 128
[ 1156.429033][T16170] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2622'.
[ 1156.526886][T16173] loop0: detected capacity change from 0 to 128
[ 1156.556045][T16173] EXT4-fs (loop0): Test dummy encryption mode enabled
[ 1156.630397][T16173] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1156.739642][T16173] ext4 filesystem being mounted at /9/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1157.634081][T16189] syz.5.2625[16189] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1157.634228][T16189] syz.5.2625[16189] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1157.776693][T16189] loop5: detected capacity change from 0 to 256
[ 1157.952056][T16189] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d)
[ 1158.405478][T15743] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1159.879911][T16205] loop0: detected capacity change from 0 to 128
[ 1160.019620][ T2932] hsr_slave_0: left promiscuous mode
[ 1160.068301][ T2932] hsr_slave_1: left promiscuous mode
[ 1160.076613][T16205] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2632'.
[ 1160.119295][ T2932] bridge_slave_1: left allmulticast mode
[ 1160.125155][ T2932] bridge_slave_1: left promiscuous mode
[ 1160.131069][ T2932] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1160.142729][ T2932] bridge_slave_0: left allmulticast mode
[ 1160.148728][ T2932] bridge_slave_0: left promiscuous mode
[ 1160.155125][ T2932] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1161.169661][ T2932] veth1_macvtap: left promiscuous mode
[ 1161.189786][ T2932] veth0_macvtap: left promiscuous mode
[ 1161.239868][ T2932] veth1_vlan: left promiscuous mode
[ 1161.257629][ T2932] veth0_vlan: left promiscuous mode
[ 1161.303809][T16224] loop0: detected capacity change from 0 to 512
[ 1161.547921][T16224] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1161.640692][T16224] ext4 filesystem being mounted at /13/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1162.689205][T16241] loop5: detected capacity change from 0 to 4096
[ 1162.696754][T16241] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1162.720576][T16241] EXT4-fs (loop5): Test dummy encryption mode enabled
[ 1162.741686][T16241] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1163.607460][T16246] syz.1.2640[16246] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1163.608270][T16246] syz.1.2640[16246] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1165.514672][T15743] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1166.438325][ T2932] team0 (unregistering): Port device team_slave_1 removed
[ 1166.617443][ T2932] team0 (unregistering): Port device team_slave_0 removed
[ 1166.719071][ T2932] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1166.793584][T16255] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2643'.
[ 1166.844509][ T2932] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1168.381816][ T2932] bond0 (unregistering): Released all slaves
[ 1168.622785][T16240] sch_fq: defrate 0 ignored.
[ 1168.917609][T10712] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1169.594380][ T2932] IPVS: stop unused estimator thread 0...
[ 1169.618903][T16262] lo speed is unknown, defaulting to 1000
[ 1170.309877][T16276] loop3: detected capacity change from 0 to 512
[ 1170.539954][T16276] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1170.605298][T16276] ext4 filesystem being mounted at /39/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1170.936443][T16286] loop5: detected capacity change from 0 to 128
[ 1171.007062][T16286] netlink: 60 bytes leftover after parsing attributes in process `syz.5.2652'.
[ 1173.291671][T16300] loop0: detected capacity change from 0 to 4096
[ 1173.299472][T16300] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1173.344662][T16300] EXT4-fs (loop0): Test dummy encryption mode enabled
[ 1173.362835][T15466] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1173.462166][T16300] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1174.031573][T15743] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1174.141694][ T9322] block nbd0: Possible stuck request ffff888021d28000: control (read@0,1024B). Runtime 840 seconds
[ 1174.153413][ T9322] block nbd0: Possible stuck request ffff888021d28200: control (read@1024,1024B). Runtime 840 seconds
[ 1174.165068][ T9322] block nbd0: Possible stuck request ffff888021d28400: control (read@2048,1024B). Runtime 840 seconds
[ 1174.176307][ T9322] block nbd0: Possible stuck request ffff888021d28600: control (read@3072,1024B). Runtime 840 seconds
[ 1174.547679][T16314] loop0: detected capacity change from 0 to 128
[ 1174.602331][T16314] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2661'.
[ 1175.165586][T16321] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2663'.
[ 1175.174856][T16321] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1175.335056][T16322] loop0: detected capacity change from 0 to 512
[ 1175.582248][T16322] EXT4-fs (loop0): 1 orphan inode deleted
[ 1175.597842][T16322] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1175.620589][T16322] ext4 filesystem being mounted at /19/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1175.783020][T16326] loop5: detected capacity change from 0 to 512
[ 1175.849845][T16326] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1175.916146][T16321] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1175.920725][T16326] ext4 filesystem being mounted at /339/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1176.199687][T15743] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1177.631482][ T1285] ieee802154 phy0 wpan0: encryption failed: -22
[ 1177.638200][ T1285] ieee802154 phy1 wpan1: encryption failed: -22
[ 1177.669639][T16339] loop0: detected capacity change from 0 to 512
[ 1177.714254][T16339] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[ 1177.798968][T16339] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1177.853041][T16344] loop3: detected capacity change from 0 to 1024
[ 1177.853373][T16339] ext4 filesystem being mounted at /21/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1177.871381][T16344] EXT4-fs: Ignoring removed oldalloc option
[ 1177.884655][T16344] EXT4-fs: Ignoring removed bh option
[ 1177.934817][T16344] EXT4-fs: Project quota feature not enabled. Cannot enable project quota enforcement.
[ 1178.161977][T12676] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1178.494018][T16346] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1179.001321][T15743] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1179.557043][T10712] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1179.728841][T16356] lo speed is unknown, defaulting to 1000
[ 1179.845672][T16364] loop0: detected capacity change from 0 to 4096
[ 1179.853411][T16364] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1179.975445][T16364] EXT4-fs (loop0): Test dummy encryption mode enabled
[ 1180.032485][T16364] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1180.969728][T15743] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1181.226377][T16376] loop3: detected capacity change from 0 to 1024
[ 1181.425519][T16376] EXT4-fs: Ignoring removed oldalloc option
[ 1181.487219][T16376] EXT4-fs: Ignoring removed bh option
[ 1181.513019][T16376] EXT4-fs: Project quota feature not enabled. Cannot enable project quota enforcement.
[ 1181.577143][T16382] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1182.373964][T16384] loop0: detected capacity change from 0 to 512
[ 1182.489561][T16384] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1182.546005][T16384] ext4 filesystem being mounted at /25/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1183.610529][T16410] tipc: Started in network mode
[ 1183.623214][T16410] tipc: Node identity 821841b557f1, cluster identity 4711
[ 1183.637199][T16410] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1183.663303][T16410] tipc: Resetting bearer <eth:syzkaller0>
[ 1183.684528][T16409] tipc: Disabling bearer <eth:syzkaller0>
[ 1184.327254][T16421] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2689'.
[ 1185.503376][T16423] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2690'.
[ 1185.703471][T16423] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2690'.
[ 1185.712526][T16423] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1185.830768][T16424] loop3: detected capacity change from 0 to 512
[ 1186.438179][T16424] EXT4-fs (loop3): 1 orphan inode deleted
[ 1186.445609][T16424] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1186.460225][T16424] ext4 filesystem being mounted at /47/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1186.701217][T16423] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1186.959835][T15466] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1187.133358][T15743] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1187.497182][T16434] lo speed is unknown, defaulting to 1000
[ 1187.950234][T16448] tipc: Started in network mode
[ 1187.959947][T16449] loop3: detected capacity change from 0 to 128
[ 1187.963024][T16448] tipc: Node identity 96ccfe59cb38, cluster identity 4711
[ 1187.986602][T16449] EXT4-fs (loop3): Test dummy encryption mode enabled
[ 1188.008980][T16448] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1188.029852][T16448] tipc: Resetting bearer <eth:syzkaller0>
[ 1188.038452][T16449] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1188.104398][T16449] ext4 filesystem being mounted at /51/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1188.411407][T16446] tipc: Disabling bearer <eth:syzkaller0>
[ 1188.579129][T15466] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1188.768205][T16458] loop3: detected capacity change from 0 to 512
[ 1188.798307][T16458] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1188.866014][T16458] ext4 filesystem being mounted at /52/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1188.912252][T16464] binder: 16444:16464 ioctl c0306201 0 returned -14
[ 1189.123577][T16462] netlink: 148 bytes leftover after parsing attributes in process `syz.5.2697'.
[ 1189.684148][T16472] syz.0.2704[16472] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1189.684908][T16472] syz.0.2704[16472] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1189.752411][T16472] loop0: detected capacity change from 0 to 256
[ 1189.882926][T16472] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d)
[ 1191.871764][T16479] lo speed is unknown, defaulting to 1000
[ 1191.926818][T15466] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1192.459332][T16492] tipc: Started in network mode
[ 1192.479695][T16492] tipc: Node identity 72073744874, cluster identity 4711
[ 1192.512381][T16492] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1192.558416][T16492] tipc: Resetting bearer <eth:syzkaller0>
[ 1193.308900][T16489] tipc: Disabling bearer <eth:syzkaller0>
[ 1193.925474][T16512] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2714'.
[ 1193.942010][T16512] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2714'.
[ 1194.191440][T16508] loop3: detected capacity change from 0 to 512
[ 1194.531351][T16508] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1194.601532][T16508] ext4 filesystem being mounted at /55/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1194.640091][T16507] lo speed is unknown, defaulting to 1000
[ 1194.906467][T16520] lo speed is unknown, defaulting to 1000
[ 1195.572224][T16535] loop5: detected capacity change from 0 to 128
[ 1195.600667][T16535] EXT4-fs (loop5): Test dummy encryption mode enabled
[ 1195.670612][T16535] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1195.724668][T16535] ext4 filesystem being mounted at /351/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1196.039556][T16542] pim6reg1: entered promiscuous mode
[ 1196.048167][T16542] pim6reg1: entered allmulticast mode
[ 1196.716335][T10712] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1197.038272][T15466] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1197.289226][T16554] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2726'.
[ 1198.286502][T16568] lo speed is unknown, defaulting to 1000
[ 1198.384047][T16571] bridge0: port 3(syz_tun) entered blocking state
[ 1198.401659][T16571] bridge0: port 3(syz_tun) entered disabled state
[ 1198.421688][T16571] syz_tun: entered allmulticast mode
[ 1198.467421][T16571] syz_tun: entered promiscuous mode
[ 1198.481752][T16571] bridge0: port 3(syz_tun) entered blocking state
[ 1198.488486][T16571] bridge0: port 3(syz_tun) entered forwarding state
[ 1198.553426][T16576] binder: 16555:16576 ioctl c0306201 0 returned -14
[ 1198.572447][T16575] netlink: 148 bytes leftover after parsing attributes in process `syz.3.2727'.
[ 1198.720162][T16579] loop0: detected capacity change from 0 to 128
[ 1198.784919][T16579] EXT4-fs (loop0): Test dummy encryption mode enabled
[ 1198.824890][T16579] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1198.931015][T16579] ext4 filesystem being mounted at /40/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1199.091310][T15743] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1199.703874][T16594] syz.5.2737[16594] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1199.704553][T16594] syz.5.2737[16594] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1199.761985][T16594] loop5: detected capacity change from 0 to 256
[ 1199.981098][T16594] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d)
[ 1201.217761][T16603] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2739'.
[ 1201.283287][T16603] loop3: detected capacity change from 0 to 512
[ 1201.957241][T16603] EXT4-fs (loop3): 1 orphan inode deleted
[ 1201.964541][T16603] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1201.978142][T16603] ext4 filesystem being mounted at /57/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1202.612489][T16614] loop5: detected capacity change from 0 to 128
[ 1202.634210][T16614] EXT4-fs (loop5): Test dummy encryption mode enabled
[ 1202.656975][T15466] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1202.676249][T16614] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1202.741426][T16614] ext4 filesystem being mounted at /355/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1202.840856][T10712] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1202.859080][T16616] lo speed is unknown, defaulting to 1000
[ 1202.992137][T16623] netlink: 60 bytes leftover after parsing attributes in process `syz.5.2746'.
[ 1203.009148][T16623] netlink: 60 bytes leftover after parsing attributes in process `syz.5.2746'.
[ 1203.019891][T16623] netlink: 60 bytes leftover after parsing attributes in process `syz.5.2746'.
[ 1203.434541][T16632] loop0: detected capacity change from 0 to 128
[ 1203.476726][T16632] EXT4-fs (loop0): Test dummy encryption mode enabled
[ 1203.518438][T16632] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1203.554854][T16632] ext4 filesystem being mounted at /47/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1203.931081][T16644] loop5: detected capacity change from 0 to 128
[ 1203.982524][T15743] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1204.027457][T16644] siw: device registration error -23
[ 1204.476202][T16653] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2754'.
[ 1204.486398][T16653] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2754'.
[ 1204.527769][ T9322] block nbd0: Possible stuck request ffff888021d28000: control (read@0,1024B). Runtime 870 seconds
[ 1204.539214][ T9322] block nbd0: Possible stuck request ffff888021d28200: control (read@1024,1024B). Runtime 870 seconds
[ 1204.550662][ T9322] block nbd0: Possible stuck request ffff888021d28400: control (read@2048,1024B). Runtime 870 seconds
[ 1204.562344][ T9322] block nbd0: Possible stuck request ffff888021d28600: control (read@3072,1024B). Runtime 870 seconds
[ 1204.648553][T16663] loop0: detected capacity change from 0 to 512
[ 1204.657499][T16655] lo speed is unknown, defaulting to 1000
[ 1204.704302][T16663] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1204.717878][T16663] ext4 filesystem being mounted at /49/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1205.701355][T16674] syzkaller0: entered promiscuous mode
[ 1205.733280][T16674] syzkaller0: entered allmulticast mode
[ 1207.776752][T15743] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1210.557013][T16699] lo speed is unknown, defaulting to 1000
[ 1210.628135][T16702] loop3: detected capacity change from 0 to 512
[ 1210.655920][T16702] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[ 1210.978010][T16713] option changes via remount are deprecated (pid=16710 comm=syz.5.2770)
[ 1210.989361][T16702] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1211.053431][T16702] ext4 filesystem being mounted at /61/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1211.149942][T16702] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1211.214774][T15466] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1211.506026][T16721] loop3: detected capacity change from 0 to 512
[ 1211.621349][T16721] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1211.712638][T16721] ext4 filesystem being mounted at /62/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1212.013376][T16726] IPv6: NLM_F_CREATE should be specified when creating new route
[ 1212.431353][T16732] loop5: detected capacity change from 0 to 1024
[ 1212.464615][T16732] EXT4-fs: Ignoring removed oldalloc option
[ 1212.523753][T16732] EXT4-fs: Ignoring removed bh option
[ 1212.551070][T16732] EXT4-fs: Project quota feature not enabled. Cannot enable project quota enforcement.
[ 1213.721930][T16740] lo speed is unknown, defaulting to 1000
[ 1213.782716][T16743] sock: sock_timestamping_bind_phc: sock not bind to device
[ 1214.066049][T16749] loop5: detected capacity change from 0 to 512
[ 1214.088516][T16749] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[ 1214.165404][T16749] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1214.225956][T16749] ext4 filesystem being mounted at /370/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1214.768273][T16762] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1215.350179][T16768] loop0: detected capacity change from 0 to 1024
[ 1215.374113][T16768] EXT4-fs: Ignoring removed oldalloc option
[ 1215.393914][T16768] EXT4-fs: Ignoring removed bh option
[ 1215.415420][T16768] EXT4-fs: Project quota feature not enabled. Cannot enable project quota enforcement.
[ 1215.574349][ T9447] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1215.769268][T15466] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1216.363383][T10712] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1216.428081][T16776] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2790'.
[ 1216.502253][T16778] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2793'.
[ 1216.687709][T16780] loop3: detected capacity change from 0 to 128
[ 1216.712974][T16780] EXT4-fs (loop3): Test dummy encryption mode enabled
[ 1216.731851][T16784] loop5: detected capacity change from 0 to 128
[ 1216.768876][T16780] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1216.781992][T16780] ext4 filesystem being mounted at /64/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1216.799142][T16784] EXT4-fs (loop5): Test dummy encryption mode enabled
[ 1217.441320][T16784] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1217.456866][T16784] ext4 filesystem being mounted at /371/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1218.298440][T16803] syz.1.2798[16803] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1218.299218][T16803] syz.1.2798[16803] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1219.639998][T15466] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1219.937259][T10712] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1222.511124][T16828] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1222.521931][T16829] net_ratelimit: 3254 callbacks suppressed
[ 1222.521950][T16829] netlink: set zone limit has 8 unknown bytes
[ 1222.531274][T16828] syzkaller0: entered promiscuous mode
[ 1222.550840][T16828] syzkaller0: entered allmulticast mode
[ 1222.626896][T16831] loop5: detected capacity change from 0 to 128
[ 1222.638512][T16828] tipc: Resetting bearer <eth:syzkaller0>
[ 1222.666242][T16827] tipc: Resetting bearer <eth:syzkaller0>
[ 1222.694136][T16831] siw: device registration error -23
[ 1222.722862][T16827] tipc: Disabling bearer <eth:syzkaller0>
[ 1222.798083][T16833] netlink: 'syz.1.2811': attribute type 29 has an invalid length.
[ 1222.833295][T16833] netlink: 'syz.1.2811': attribute type 29 has an invalid length.
[ 1223.032321][T15467] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1223.051421][T15467] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1223.060689][T15467] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1223.072094][T15467] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1223.080861][T15467] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 1223.088826][T15467] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1223.111718][T12731] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1223.128293][T12731] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1223.142697][T12731] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1223.173743][T12731] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1223.184033][T12731] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 1223.192914][T12731] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1223.293558][T16839] lo speed is unknown, defaulting to 1000
[ 1224.461100][T16839] chnl_net:caif_netlink_parms(): no params data found
[ 1224.665783][T16864] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2820'.
[ 1224.743620][ T5158] udevd[5158]: worker [9447] terminated by signal 33 (Unknown signal 33)
[ 1224.752176][ T5158] udevd[5158]: worker [9447] failed while handling '/devices/virtual/block/loop5'
[ 1224.825097][T16839] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1224.843366][T16839] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1224.850940][T16839] bridge_slave_0: entered allmulticast mode
[ 1224.903075][T16839] bridge_slave_0: entered promiscuous mode
[ 1224.924569][T16839] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1224.950818][T16839] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1224.958508][T16839] bridge_slave_1: entered allmulticast mode
[ 1224.971117][T16839] bridge_slave_1: entered promiscuous mode
[ 1224.978682][T16869] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2823'.
[ 1224.988015][T16869] tc_dump_action: action bad kind
[ 1225.150007][T16839] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1225.177033][T16839] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1225.224066][T12731] Bluetooth: hci0: command tx timeout
[ 1225.542215][T16839] team0: Port device team_slave_0 added
[ 1225.642036][T16839] team0: Port device team_slave_1 added
[ 1225.804512][T16839] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1225.838709][T16839] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1225.948997][T16839] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1225.982843][T16839] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1226.005193][T16839] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1226.078197][T16839] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1227.280579][T16892] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2831'.
[ 1227.303847][T12731] Bluetooth: hci0: command tx timeout
[ 1227.326795][T16839] hsr_slave_0: entered promiscuous mode
[ 1227.348620][T16839] hsr_slave_1: entered promiscuous mode
[ 1227.389260][T16839] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1227.431145][T16839] Cannot create hsr debugfs directory
[ 1227.743371][T16903] loop3: detected capacity change from 0 to 1024
[ 1227.763632][T16903] EXT4-fs: Ignoring removed oldalloc option
[ 1227.769967][T16903] EXT4-fs: Ignoring removed bh option
[ 1227.800639][T16903] EXT4-fs: Project quota feature not enabled. Cannot enable project quota enforcement.
[ 1228.110562][T16839] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1228.916495][T16914] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2840'.
[ 1228.949443][T16914] netlink: 'syz.5.2840': attribute type 2 has an invalid length.
[ 1229.201343][T16839] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1229.423425][T12731] Bluetooth: hci0: command tx timeout
[ 1229.601707][T16839] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1230.376908][T16839] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1231.586628][T12731] Bluetooth: hci0: command tx timeout
[ 1231.698812][T16942] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2851'.
[ 1231.877024][T16839] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1231.914929][T16839] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1231.946456][T16839] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1231.976971][T16839] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1232.317928][T16839] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1232.341451][T16839] 8021q: adding VLAN 0 to HW filter on device team0
[ 1232.480078][   T48] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1232.487359][   T48] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1232.570733][   T48] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1232.578022][   T48] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1232.959845][T16967] loop3: detected capacity change from 0 to 4096
[ 1232.967455][T16967] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1233.004034][T16839] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1233.034507][T16839] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1233.052204][T16967] EXT4-fs (loop3): Test dummy encryption mode enabled
[ 1233.106043][T16967] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1233.496007][T15466] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1233.860095][T16839] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1234.088686][T16839] veth0_vlan: entered promiscuous mode
[ 1234.158685][T16839] veth1_vlan: entered promiscuous mode
[ 1234.358355][T16839] veth0_macvtap: entered promiscuous mode
[ 1234.430052][T16839] veth1_macvtap: entered promiscuous mode
[ 1234.460052][T16997] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2869'.
[ 1234.477537][T16839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1234.508856][T16839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1234.531800][T16839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1234.554178][T16839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1234.573512][T16839] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1234.587041][ T9322] block nbd0: Possible stuck request ffff888021d28000: control (read@0,1024B). Runtime 900 seconds
[ 1234.598162][ T9322] block nbd0: Possible stuck request ffff888021d28200: control (read@1024,1024B). Runtime 900 seconds
[ 1234.609364][ T9322] block nbd0: Possible stuck request ffff888021d28400: control (read@2048,1024B). Runtime 900 seconds
[ 1234.620599][ T9322] block nbd0: Possible stuck request ffff888021d28600: control (read@3072,1024B). Runtime 900 seconds
[ 1234.643315][T16839] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1234.655392][T16839] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1234.709618][T16839] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1234.772286][T16839] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1234.784317][T16839] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1234.792295][T17003] loop3: detected capacity change from 0 to 4096
[ 1234.793373][T16839] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1234.800877][T17003] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1234.808542][T16839] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1234.833303][T17003] EXT4-fs (loop3): Test dummy encryption mode enabled
[ 1234.876677][T17003] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1235.549063][T15466] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1235.863907][   T29] INFO: task udevd:5794 blocked for more than 143 seconds.
[ 1235.871192][   T29]       Not tainted syzkaller #0
[ 1235.877115][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1235.886288][   T29] task:udevd           state:D stack:24040 pid:5794  ppid:5158   flags:0x00004006
[ 1235.895882][   T29] Call Trace:
[ 1235.899570][   T29]  <TASK>
[ 1235.902569][   T29]  __schedule+0x14d2/0x44d0
[ 1235.923170][   T29]  ? _raw_spin_unlock_irqrestore+0x86/0x110
[ 1235.932748][   T29]  ? asan.module_dtor+0x20/0x20
[ 1235.948169][   T29]  ? mark_lock+0x94/0x320
[ 1235.959469][   T29]  ? lock_chain_count+0x20/0x20
[ 1235.973135][   T29]  ? _raw_spin_lock_irq+0xaf/0xe0
[ 1235.988589][   T29]  ? _raw_spin_lock_irqsave+0xf0/0xf0
[ 1236.004442][   T29]  schedule+0xbd/0x170
[ 1236.016877][   T29]  io_schedule+0x80/0xd0
[ 1236.027065][   T29]  folio_wait_bit_common+0x6eb/0xf70
[ 1236.042789][   T29]  ? folio_wait_bit+0x30/0x30
[ 1236.052815][   T29]  ? _compound_head+0x120/0x120
[ 1236.068391][   T29]  ? filemap_add_folio+0x192/0x3c0
[ 1236.089794][   T29]  ? __filemap_get_folio+0x70a/0xbc0
[ 1236.118223][   T29]  ? blkdev_writepage+0x30/0x30
[ 1236.151716][   T29]  do_read_cache_folio+0x1c0/0x7e0
[ 1236.173218][   T29]  ? blkdev_writepage+0x30/0x30
[ 1236.178307][   T29]  read_part_sector+0xd2/0x350
[ 1236.183510][   T29]  adfspart_check_POWERTEC+0x8d/0xf00
[ 1236.188989][   T29]  ? adfspart_check_ADFS+0x660/0x660
[ 1236.194458][   T29]  ? put_partition+0x350/0x350
[ 1236.199309][   T29]  ? alloc_pages+0x4dc/0x740
[ 1236.204003][   T29]  bdev_disk_changed+0x73a/0x1410
[ 1236.209064][   T29]  ? bdev_resize_partition+0xf0/0xf0
[ 1236.214461][   T29]  ? iput+0x347/0x920
[ 1236.218569][   T29]  blkdev_get_whole+0x30d/0x390
[ 1236.223959][   T29]  blkdev_get_by_dev+0x279/0x600
[ 1236.229025][   T29]  blkdev_open+0x152/0x360
[ 1236.233610][   T29]  ? blkdev_mmap+0x1b0/0x1b0
[ 1236.238240][   T29]  do_dentry_open+0x8c6/0x1500
[ 1236.243065][   T29]  path_openat+0x274b/0x3190
[ 1236.257866][   T29]  ? __kasan_slab_alloc+0x6c/0x80
[ 1236.263066][   T29]  ? entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1236.270596][   T29]  ? verify_lock_unused+0x140/0x140
[ 1236.288031][   T29]  ? do_filp_open+0x3d0/0x3d0
[ 1236.292935][   T29]  ? __virt_addr_valid+0x18c/0x540
[ 1236.300007][   T29]  do_filp_open+0x1c5/0x3d0
[ 1236.318403][   T29]  ? vfs_tmpfile+0x490/0x490
[ 1236.328671][   T29]  ? _raw_spin_unlock+0x28/0x40
[ 1236.335953][   T29]  ? alloc_fd+0x58f/0x630
[ 1236.340420][   T29]  do_sys_openat2+0x12c/0x1c0
[ 1236.352027][   T29]  ? do_sys_open+0xe0/0xe0
[ 1236.357896][   T29]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[ 1236.369285][   T29]  ? lock_chain_count+0x20/0x20
[ 1236.379075][   T29]  __x64_sys_openat+0x139/0x160
[ 1236.394786][   T29]  do_syscall_64+0x55/0xb0
[ 1236.401656][   T29]  ? clear_bhb_loop+0x40/0x90
[ 1236.406622][   T29]  ? clear_bhb_loop+0x40/0x90
[ 1236.411369][   T29]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1236.422026][   T29] RIP: 0033:0x7ff22b0a7407
[ 1236.426787][   T29] RSP: 002b:00007ffca5ab8690 EFLAGS: 00000202 ORIG_RAX: 0000000000000101
[ 1236.454079][   T29] RAX: ffffffffffffffda RBX: 00007ff22b7b4880 RCX: 00007ff22b0a7407
[ 1236.462232][   T29] RDX: 00000000000a0800 RSI: 000055647700b100 RDI: ffffffffffffff9c
[ 1236.499380][   T29] RBP: 0000556476fe5910 R08: 0000000000000000 R09: 0000000000000000
[ 1236.518874][   T29] R10: 0000000000000000 R11: 0000000000000202 R12: 0000556476ff9ba0
[ 1236.528665][   T29] R13: 0000556476ffd410 R14: 0000000000000000 R15: 0000556476ff9ba0
[ 1236.552035][   T29]  </TASK>
[ 1236.559813][   T29] 
[ 1236.559813][   T29] Showing all locks held in the system:
[ 1236.571190][   T29] 3 locks held by kworker/u4:0/11:
[ 1236.576541][   T29]  #0: ffff888017871538 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0
[ 1236.602809][   T29]  #1: ffffc90000107d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0
[ 1236.626579][   T29]  #2: ffffffff8dfbc348 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60
[ 1236.652433][   T29] 1 lock held by khungtaskd/29:
[ 1236.658370][   T29]  #0: ffffffff8cd2fbe0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x290
[ 1236.669228][   T29] 2 locks held by getty/5547:
[ 1236.674001][   T29]  #0: ffff88814c4450a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[ 1236.687643][   T29]  #1: ffffc9000326e2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x425/0x1380
[ 1236.697967][   T29] 1 lock held by udevd/5794:
[ 1236.702592][   T29]  #0: ffff888021c864c8 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_get_by_dev+0x121/0x600
[ 1236.718544][   T29] 3 locks held by kworker/u4:2/10854:
[ 1236.724029][   T29]  #0: ffff888017871538 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0
[ 1236.736032][   T29]  #1: ffffc900036dfd00 ((work_completion)(&map->work)){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0
[ 1236.750213][   T29]  #2: ffffffff8cd35bb8 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x360/0x830
[ 1236.766682][   T29] 2 locks held by kworker/0:12/10993:
[ 1236.772125][   T29]  #0: ffff888017872538 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0
[ 1236.787910][   T29]  #1: ffffc9000452fd00 ((work_completion)(&rew->rew_work)){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0
[ 1236.800089][   T29] 3 locks held by kworker/1:11/10998:
[ 1236.810096][   T29]  #0: ffff888017870938 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0
[ 1236.821210][   T29]  #1: ffffc900049afd00 ((work_completion)(&data->fib_event_work)){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0
[ 1236.842935][   T29]  #2: ffff888055fbc240 (&data->fib_lock){+.+.}-{3:3}, at: nsim_fib_event_work+0x26c/0x3170
[ 1236.860146][   T29] 2 locks held by kworker/1:15/11002:
[ 1236.865628][   T29]  #0: ffff8880b8f3c458 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140
[ 1236.880481][   T29]  #1: ffff8880b8f289c0 (psi_seq){-.-.}-{0:0}, at: __schedule+0x20ee/0x44d0
[ 1236.889436][   T29] 3 locks held by kworker/u4:4/16538:
[ 1236.897894][   T29]  #0: ffff88814c04c138 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0
[ 1236.909877][   T29]  #1: ffffc9000c3afd00 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0
[ 1236.922955][   T29]  #2: ffffffff8dfbc348 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_dad_work+0xd0/0x14e0
[ 1236.932487][   T29] 1 lock held by syz-executor/16839:
[ 1236.937832][   T29]  #0: ffffffff8dfbc348 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x76f/0xf10
[ 1236.949813][   T29] 2 locks held by syz.5.2870/17000:
[ 1236.955138][   T29]  #0: ffffffff8dfbc348 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x41/0x1c0
[ 1236.964264][   T29]  #1: ffffffff8cd35bb8 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x448/0x830
[ 1236.975290][   T29] 1 lock held by syz.1.2873/17017:
[ 1236.980451][   T29]  #0: ffffffff8dfbc348 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x76f/0xf10
[ 1236.990043][   T29] 1 lock held by syz.1.2873/17018:
[ 1236.995523][   T29]  #0: ffffffff8dfbc348 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x76f/0xf10
[ 1237.019727][   T29] 
[ 1237.022133][   T29] =============================================
[ 1237.022133][   T29] 
[ 1237.043976][   T29] NMI backtrace for cpu 0
[ 1237.048374][   T29] CPU: 0 PID: 29 Comm: khungtaskd Not tainted syzkaller #0
[ 1237.055682][   T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1237.065761][   T29] Call Trace:
[ 1237.069056][   T29]  <TASK>
[ 1237.071998][   T29]  dump_stack_lvl+0x16c/0x230
[ 1237.076688][   T29]  ? preempt_count_add+0x91/0x1a0
[ 1237.081730][   T29]  ? show_regs_print_info+0x20/0x20
[ 1237.086948][   T29]  ? load_image+0x3b0/0x3b0
[ 1237.091481][   T29]  nmi_cpu_backtrace+0x39b/0x3d0
[ 1237.096435][   T29]  ? nmi_trigger_cpumask_backtrace+0x2f0/0x2f0
[ 1237.102615][   T29]  ? _printk+0xd0/0x110
[ 1237.106799][   T29]  ? load_image+0x3b0/0x3b0
[ 1237.111344][   T29]  ? load_image+0x3b0/0x3b0
[ 1237.115900][   T29]  ? arch_trigger_cpumask_backtrace+0x10/0x10
[ 1237.121983][   T29]  nmi_trigger_cpumask_backtrace+0x17a/0x2f0
[ 1237.128101][   T29]  watchdog+0xf41/0xf80
[ 1237.132282][   T29]  ? watchdog+0x1e1/0xf80
[ 1237.136648][   T29]  kthread+0x2fa/0x390
[ 1237.140744][   T29]  ? hungtask_pm_notify+0x90/0x90
[ 1237.145851][   T29]  ? kthread_blkcg+0xd0/0xd0
[ 1237.150460][   T29]  ret_from_fork+0x48/0x80
[ 1237.154896][   T29]  ? kthread_blkcg+0xd0/0xd0
[ 1237.159513][   T29]  ret_from_fork_asm+0x11/0x20
[ 1237.164326][   T29]  </TASK>
[ 1237.168146][   T29] Sending NMI from CPU 0 to CPUs 1:
[ 1237.173500][    C1] NMI backtrace for cpu 1
[ 1237.173512][    C1] CPU: 1 PID: 2932 Comm: kworker/u4:6 Not tainted syzkaller #0
[ 1237.173536][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1237.173547][    C1] Workqueue: wg-kex-wg0 wg_packet_handshake_send_worker
[ 1237.173571][    C1] RIP: 0010:__this_cpu_preempt_check+0xe/0x20
[ 1237.173601][    C1] Code: c7 c7 c0 70 fc 8a e8 01 9c f4 ff e8 fc 7e ff ff eb a8 e8 c5 e8 ff ff 0f 1f 44 00 00 f3 0f 1e fa 48 89 fe 48 c7 c7 40 70 fc 8a <e9> dd fe ff ff cc cc cc cc cc cc cc cc cc cc cc cc cc 55 41 57 41
[ 1237.173616][    C1] RSP: 0018:ffffc9000b9f72f8 EFLAGS: 00000293
[ 1237.173630][    C1] RAX: ffffffff8130f768 RBX: 0000000000200000 RCX: ffff88802bac5a00
[ 1237.173644][    C1] RDX: 0000000000000000 RSI: ffffffff8aa58a20 RDI: ffffffff8afc7040
[ 1237.173656][    C1] RBP: ffffc9000b9f73b0 R08: 5c5c5c5c5c5c5c5c R09: 5c5c5c5c5c5c5c5c
[ 1237.173669][    C1] R10: 5c5c5c5c5c5c5c5c R11: 5c5c5c5c5c5c5c5c R12: dffffc0000000000
[ 1237.173682][    C1] R13: 1ffff9200173ee64 R14: ffff88802bac5a00 R15: ffffc9000b9f7401
[ 1237.173695][    C1] FS:  0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[ 1237.173710][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1237.173722][    C1] CR2: 000000110c4229a6 CR3: 0000000051879000 CR4: 00000000003506e0
[ 1237.173737][    C1] DR0: 0000000000000000 DR1: 0000000000000032 DR2: 0000000000000000
[ 1237.173747][    C1] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[ 1237.173758][    C1] Call Trace:
[ 1237.173764][    C1]  <TASK>
[ 1237.173771][    C1]  kernel_fpu_begin_mask+0x352/0x4c0
[ 1237.173800][    C1]  ? fpu_copy_uabi_to_guest_fpstate+0x1d0/0x1d0
[ 1237.173825][    C1]  ? __asan_memset+0x22/0x40
[ 1237.173847][    C1]  ? __chacha20poly1305_encrypt+0x240/0x2b0
[ 1237.173875][    C1]  blake2s_compress+0x43/0xd0
[ 1237.173896][    C1]  blake2s_update+0x138/0x430
[ 1237.173922][    C1]  hmac+0x289/0x330
[ 1237.173938][    C1]  ? kdf+0x270/0x270
[ 1237.173973][    C1]  kdf+0xdf/0x270
[ 1237.173988][    C1]  ? keypair_free_rcu+0x20/0x20
[ 1237.174012][    C1]  ? __asan_memset+0x22/0x40
[ 1237.174037][    C1]  wg_noise_handshake_create_initiation+0x463/0x7e0
[ 1237.174060][    C1]  ? wg_noise_set_static_identity_private_key+0x150/0x150
[ 1237.174094][    C1]  ? mark_lock+0x94/0x320
[ 1237.174114][    C1]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[ 1237.174141][    C1]  ? ktime_get_coarse_with_offset+0x88/0x190
[ 1237.174161][    C1]  ? seqcount_lockdep_reader_access+0x176/0x1c0
[ 1237.174190][    C1]  ? ktime_get_coarse_with_offset+0x145/0x190
[ 1237.174212][    C1]  wg_packet_handshake_send_worker+0x164/0x310
[ 1237.174234][    C1]  ? wg_prev_queue_dequeue+0x220/0x220
[ 1237.174263][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1237.174290][    C1]  ? process_scheduled_works+0x957/0x15b0
[ 1237.174312][    C1]  ? process_scheduled_works+0x957/0x15b0
[ 1237.174332][    C1]  process_scheduled_works+0xa45/0x15b0
[ 1237.174368][    C1]  ? assign_work+0x400/0x400
[ 1237.174391][    C1]  ? assign_work+0x39e/0x400
[ 1237.174413][    C1]  worker_thread+0xa55/0xfc0
[ 1237.174447][    C1]  kthread+0x2fa/0x390
[ 1237.174461][    C1]  ? pr_cont_work+0x560/0x560
[ 1237.174482][    C1]  ? kthread_blkcg+0xd0/0xd0
[ 1237.174497][    C1]  ret_from_fork+0x48/0x80
[ 1237.174517][    C1]  ? kthread_blkcg+0xd0/0xd0
[ 1237.174539][    C1]  ret_from_fork_asm+0x11/0x20
[ 1237.174582][    C1]  </TASK>
[ 1237.192474][   T29] Kernel panic - not syncing: hung_task: blocked tasks
[ 1237.192493][   T29] CPU: 0 PID: 29 Comm: khungtaskd Not tainted syzkaller #0
[ 1237.192518][   T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1237.192529][   T29] Call Trace:
[ 1237.192543][   T29]  <TASK>
[ 1237.192554][   T29]  dump_stack_lvl+0x16c/0x230
[ 1237.192592][   T29]  ? show_regs_print_info+0x20/0x20
[ 1237.192620][   T29]  ? load_image+0x3b0/0x3b0
[ 1237.192657][   T29]  panic+0x2c0/0x710
[ 1237.192690][   T29]  ? schedule_preempt_disabled+0x20/0x20
[ 1237.192726][   T29]  ? bpf_jit_dump+0xd0/0xd0
[ 1237.192757][   T29]  ? __irq_work_queue_local+0x13a/0x3b0
[ 1237.192797][   T29]  ? nmi_trigger_cpumask_backtrace+0x2a4/0x2f0
[ 1237.192835][   T29]  watchdog+0xf80/0xf80
[ 1237.192865][   T29]  ? watchdog+0x1e1/0xf80
[ 1237.192901][   T29]  kthread+0x2fa/0x390
[ 1237.192923][   T29]  ? hungtask_pm_notify+0x90/0x90
[ 1237.192964][   T29]  ? kthread_blkcg+0xd0/0xd0
[ 1237.192984][   T29]  ret_from_fork+0x48/0x80
[ 1237.193011][   T29]  ? kthread_blkcg+0xd0/0xd0
[ 1237.193033][   T29]  ret_from_fork_asm+0x11/0x20
[ 1237.193098][   T29]  </TASK>
[ 1237.195551][   T29] Kernel Offset: disabled
[ 1237.615862][   T29] Rebooting in 86400 seconds..