last executing test programs:

4m25.320330949s ago: executing program 4 (id=486):
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x18)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r2, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
r3 = syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000240)={'team0\x00', <r4=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000840)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01005ee1fadefcdbdf250100000008000100", @ANYRES32=r4, @ANYBLOB="3c00028038000100240001006d636173745f72656a6f696e5f696e74657276616c000000000000000000"], 0x58}, 0x1, 0x1000000, 0x0, 0x24004000}, 0x24040840)

4m23.128003476s ago: executing program 4 (id=502):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000c40)={0x11, 0xc, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000001480)='GPL\x00', 0x5, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000380)='kfree\x00', r0, 0x0, 0x4804}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r1, &(0x7f0000001040)={&(0x7f0000000040)={0x2, 0xffff, @remote}, 0x10, &(0x7f0000000000)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f0000000180)="2d0000008058", 0x6}], 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000007000000890b040a0101027f00000100000000001c000000000000000000000008"], 0x40}, 0x20000024)

4m22.906418559s ago: executing program 4 (id=507):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x2c, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0xd, 0xfffffffb, 0x7ffeffff}}}}]}, 0x44}}, 0x20040084)
sendmsg$nl_route_sched(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000003c0)=@newqdisc={0x44, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffdfdfc, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}, {0x2, 0x1}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_USC={0x10, 0x3, {0x4, 0x30, 0x2}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x400dc}, 0x24000080)

4m22.608473557s ago: executing program 4 (id=511):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000002340)={0x11, 0xf, &(0x7f0000000440)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000002140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3804402, &(0x7f0000000340), 0xfd, 0x564, &(0x7f0000000b00)="$eJzs3d9rW+UbAPDnpE33+7sOxvgqIoVdOJlL19YfE7yYl6LDgd7P0mZlNFlGk461Dtwu3I03MgQRB8Nr9d7L4T/gXzHQwZBRFPEmctKTmK3JmnXZmprPB872vjkne8+T9zzv3jcnIQEMrYn0j1zECxHxZRJxsG3faGQ7J9aPW3twdS7dkqjXP/o9iSR7rHl8kv29L6v8PyJ+/jzieG5ju9WV1cXZUqm4lNUna+VLk9WV1RMXyrMLxYXixemZmVNvzEy//dabfYv11bN/fvPhnfdOfXF07esf7x26mcTp2J/ta4/jKVxrr0zERPaa5OP0IwdO9aGxQZJs9wmwJSNZnucjHQMOxkiW9cB/32cRUQeGVCL/YUg15wHNtX2f1sE7xv131xdAG+MfXX9vJHY31kZ715KHVkbpene8D+2nbfz0262b6Rb9ex8CYFPXrkfEydHRjeNfko1/W3eyh2MebcP4B8/PnXT+81qn+U+uNf+JDvOffR1ydys2z//cvT4001U6/3un4/y3ddNqfCSrHWjM+fLJ+QulYjq2/S8ijkV+V1p/3P2cU2t36932tc//0i1tvzkXzM7j3uiuh58zP1ubfZqY292/HvFix/lv0ur/pEP/p6/H2R7bOFK89XK3fZvH/2zVv4t4pWP/51vHJI+/PznZuB4mm1fFRn/cOPJLt/a3O/60//eux/9XtiRs9X9mPGm/X1t98jZu7/672G3fVq//seTjRnkse+zKbK22NBUxlnyw8fHpf5/brDePT+M/dvTx41+n639PRHzSY/w3Dv/w0tbjf7bS+Oc7Xv/d+v/JC3ff//Tbzq3f7rH/X4+k7QZzL+Nfryf4VC8eAAAAAAAADJhcROyPJFdolXO5QmH98x2HY2+uVKnWjp+vLF+cj8Z3Zccjn2ve6T7Y9nmIqezzsM369CP1mYg4FBFfjexp1AtzldL8dgcPAAAAAAAAAAAAAAAAAAAAA2Jfl+//p34d2e6zA545P/kNw2vT/O/HLz0BA8n//zC85D8ML/kPw0v+w/CS/zC85D8ML/kPw0v+AwAAAAAAAAAAAAAAAAAAAAAAAAAAQF+dPXMm3eprD67OpfX5yyvLi5XLJ+aL1cVCeXmuMFdZulRYqFQWSsXCXKW82b9XqlQuTU3H8pXJWrFam6yurJ4rV5Yv1s5dKH9/IKKYfy5RAQAAAAAAAAAAAAAAAAAAwM5SXVldnC2ViksKjcKuGIjT2EGF0cE4DYU+FzoMFmPbMEABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQET8EwAA//+ndDnV")
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000007c0), 0x0, 0x0)
mount(0x0, &(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000000)='tracefs\x00', 0x800, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r2, 0xc0189374, &(0x7f0000000240)={{0x1, 0x1, 0x1018, 0xffffffffffffffff, {0x29}}, './file0\x00'})

4m22.148015574s ago: executing program 4 (id=516):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
ioprio_set$pid(0x3, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x1c0)
write$cgroup_freezer_state(0xffffffffffffffff, &(0x7f00000000c0)='FROZEN\x00', 0x7)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x3000010, &(0x7f0000000040), 0x1, 0x512, &(0x7f0000000380)="$eJzs3d9rY1kdAPDvvW1mOzNdk1WRdcF1cVc6i07Sbt3dIqLriz4tqOv7WNu0lCZNadJ1Whbt4H8ggoJPPvki+AcIwzz4B8jAgL6ID6KiiM7og6DOlSQ3TidN2rrTNp3m84HTnHPvzf2ec0NO7o/TewMYWy9FxFsRMRERr0ZEMZ+e5in2uqm93IP77y21UxJZ9s5fk0jyab11tdcxGRFX87dNRcTXvhzxzeRg3ObO7vpirVbdysuVVn2z0tzZvb5WX1ytrlY35ufn3lh4c+H1hdks90TtLPUyP/nS529/+lu/u/Hna99uV+tzH4lC9LXjJHWbXuhsi572Nto6jWAj0PvMC6OuCAAAx9Lex/9gRHyis/9fjInO3lyfiVHUDAAAADgp2Rem499JRAYAAABcWGlETEeSlvOxANORppfycwMfjitprdFsfWqlsb2x3J4XUYpCurJWq87mY4VLUUja5bl8jG2v/FpfeT4inouI7xcvd8rlpUZtecTnPgAAAGBcXO07/v9HMe3kjzbg/wQAAACA86s0tAAAAABcFA75AQAA4OLrP/6/PaJ6AAAAAKfiK2+/3U5Z7/nXy+/ubK833r2+XG2ul+vbS+WlxtZmebXRWO3cs69+1PpqjcbmZ2Jj+2alVW22Ks2d3Rv1xvZG68baY4/ABgAAAM7Qcx+/8+skIvY+e7mTIr8PIMBj/jDqCgAnaWLUFQBGxl28YXwVRl0BYOSSI+YbvAMAAE+/mY8evP7fe/6/cwNwsRnrAwDjx/V/GF8FIwBhrKUR8YFu9plhywy9/v/L40bJsoi7xf1TnF8EAICzNd1JSVrOjwOmI03L5YhnI9JSFJKVtVp1Nj8++FWx8Ey7PNd5Z3LkmGEAAAAAAAAAAAAAAAAAAAAAAAAAoCvLksgAAACACy0i/VPSuZt/xEzxlen+8wOXkn8W44954Ufv/ODmYqu1Ndee/rfOs7wuRUTrh/n014Y+PgwAAAA4acne0Fnd4/T8de5MawUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAGHhw/72lXjrLuH/5YkSUBsWfjKnO61QUIuLK35OY3Pe+JCImTiD+3q2IeH5Q/CQeZllWymvRHz+NiMunHL/U2TTD4189gfgwzu60+5+3Bn3/0nip8zr4+zeZpyc1vP9L88jPd/q5Qf3fswfWVh8Y44V7P6sMjX8r4oXJwf1Pr/9NhsR/+cDa/pVl2cEY3/j67u6w+NmPI2YG/v4kj8WqtOqblebO7vW1+uJqdbW6MT8/98bCmwuvL8xWVtZq1fzvwBjf+9jPHx7W/isD4v/2N93+97D2vzJspX3+c+/m/Q91s4VB8a+9PPD3dyqGxE/z375P5vn2/Jlefq+b3+/Fn9598bD2Lw/Z/kd9/teO2f5Xv/rd3x9zUQDgDDR3dtcXa7Xq1iGZqWMs8zRmfjF1Lqrxf2ay73Q/ufNSn/ebae+tPprSa9U5qNi+THZmsSbinDT5f5mRdksAAMApeLTTP+qaAAAAAAAAAAAAAAAAAAAAwPg6i9uJ9cfcG01TAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO9d8AAAD//yLg4A8=")

4m19.303114988s ago: executing program 4 (id=553):
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
syz_open_dev$swradio(0x0, 0x0, 0x2)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1, 0x3, &(0x7f00000007c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x4}}, &(0x7f0000000900)='GPL\x00', 0x0, 0x1000, &(0x7f0000001600)=""/4096, 0x41100, 0x34, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000e00), &(0x7f0000000e40), 0x10, 0x9}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB, @ANYRES32, @ANYRES32=0x0, @ANYBLOB], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000001540)={0x1f, 0x14, 0x0, &(0x7f00000000c0)='GPL\x00', 0x3, 0x0, 0x0, 0x41100, 0x1a, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="12000000070000000800", @ANYRES32, @ANYBLOB="0000000000000000001000"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000002000000000000"], 0x50)

4m18.827432929s ago: executing program 32 (id=553):
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
syz_open_dev$swradio(0x0, 0x0, 0x2)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ec0)={0x1, 0x3, &(0x7f00000007c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x4}}, &(0x7f0000000900)='GPL\x00', 0x0, 0x1000, &(0x7f0000001600)=""/4096, 0x41100, 0x34, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000e00), &(0x7f0000000e40), 0x10, 0x9}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB, @ANYRES32, @ANYRES32=0x0, @ANYBLOB], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000001540)={0x1f, 0x14, 0x0, &(0x7f00000000c0)='GPL\x00', 0x3, 0x0, 0x0, 0x41100, 0x1a, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="12000000070000000800", @ANYRES32, @ANYBLOB="0000000000000000001000"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000002000000000000"], 0x50)

32.260201904s ago: executing program 1 (id=2416):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x6000, 0x1)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x101000, 0x0)
fsync(r2)

31.971993438s ago: executing program 1 (id=2419):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r0}, &(0x7f0000000000), &(0x7f0000000300)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r1}, 0x18)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x100002, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00', r3}, 0x10)
r4 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'lo\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000007c0)=@newqdisc={0x4c, 0x24, 0xd0f, 0x3, 0x0, {0x60, 0x0, 0x0, r5, {0x0, 0x2}, {0xffff, 0xffff}, {0x4}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x10, 0x3, 0x1, 0x3, 0x400, 0x8}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40001d4}, 0x8840)

31.637645714s ago: executing program 1 (id=2422):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000"], 0x15)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
unshare(0x60600)
gettid()
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r0 = socket$can_raw(0x1d, 0x3, 0x1)
recvfrom(r0, 0x0, 0x0, 0x40010000, 0x0, 0x0)

29.449689075s ago: executing program 1 (id=2425):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x4000000000000, 0x40, &(0x7f00000006c0)=@raw={'raw\x00', 0x4001, 0x3, 0x3e8, 0x0, 0x0, 0x148, 0x0, 0x148, 0x350, 0x240, 0x240, 0x350, 0x240, 0x7fffffe, 0x0, {[{{@ip={@private=0xa010102, @local, 0x0, 0x0, 'ip6gretap0\x00', 'nicvf0\x00', {}, {}, 0x88, 0x3, 0x10}, 0x0, 0xf8, 0x158, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'wg1\x00', {0x0, 0x0, 0x1ff, 0x100000, 0x0, 0xed, 0x10000007}}}, @common=@unspec=@connmark={{0x30}, {0xfffffff9, 0x8}}]}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, 0x85d, 0xf, [0x10, 0x32, 0x1e, 0x32, 0x2b, 0x25, 0x3f, 0x17, 0x19, 0x22, 0x2c, 0x3d, 0x7, 0x3f, 0x1e, 0x31], 0x0, 0x2, 0x2}}}, {{@ip={@rand_addr=0x64010101, @local, 0xff, 0x0, 'tunl0\x00', 'lo\x00', {0xff}, {}, 0x2e, 0x3, 0x4}, 0x0, 0x190, 0x1f8, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x8, 0x9, 0x1, 0x1, 'syz1\x00', 0x2}}, @inet=@rpfilter={{0x28}, {0x8}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0xfff, 0x7e, 0x1c, 'netbios-ns\x00', 'syz0\x00', {0x3}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x448)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendto$inet(r2, &(0x7f0000000040)='\f', 0x1, 0x0, 0x0, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000000c0)='cubic', 0x4)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)

27.769882001s ago: executing program 1 (id=2435):
getpgrp(0x0)
syz_clone(0x820000, &(0x7f0000000000)="bbfc3f52191b997a76e371cc8fe2c7a809076cb687174932f13e9216576caf0a25a1bacb263543f50f4cb10411175efb9e9c662d8be45f06e36baf1a3808a2cfc17342873affac52067ff6760f70e27e20", 0x51, &(0x7f0000000080), &(0x7f0000000100), 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)
sendmsg$nl_route(r0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x14000}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x18, 0xe, &(0x7f0000000a00)=ANY=[@ANYBLOB="b700000001000000bfa30000000000000703000030feffff720af0fff8ffffff71a4f0ff000000002d040000000000003d400300000000006504000001ed000079110000000000006c440000000000007a0ab0fe000000007b13000000000000c500f9ffffff00009500000000000000023bc065b7a379d17cf9333379fc9e94af05000000f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a715bc5181554a090f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128c4e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d0800af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d390dd65be2467b373eafd9aa58f2077184b6a89adaf17b0a6041bdef728d236619074d6ebdf098bc908f523d228a40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c5da18ec0ae564162a27afea62d84f3a10746443d64364f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b93d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d710b651f898ba749e40bc6980fe78683ac5c0c31030699ddd71063be9261b2e1aab1675b34a220488c126aeef5f510a8f1aded94a129e4aec6ffc3a15d96c2ea3e2e04cfe0e669e51731b2875353193f82ade69d0540059fe6c7fe7cd86975023cb08cc7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed82641687f3b3a70bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c5538a294270a1ad10c80fef7c24c87afce829ba0f85da6d888f18ea40ab959f6074ab2a4009b9e5f07ab513cdc6c0e57fb1c1ca571380d7b4ead35a655e0b4a26b702396df7e0cbe02b6e4114f244a94aa8e98b0b263f0083bf93f05beb72f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba5823a34a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a9b702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b728fe26e37037f27f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e05000000d03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d0a874c74b777df005c55fc30511d00000000c85265b2bd83d64a532869d708000000000000007baa5b6a682b50f0937f778af083e055f6138a757ebd0ed91114a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a9037d2283c42efc54fa84323a56edbd287eba77f35c35d91f3c62a0ca74836a640224de85f2b4a5fee500bbc584328a6a7a4628c4378c9b71dff64075b74a6520adb187b40d2cccbcb08c0634ee74658d3e23bf2871ed2aa2a05e319374511c8b0bf1b69d2b3782b3f481c314e7bd4615dbbf24c06ac95bd639e68d0e6aa7f0d07bf69a93365f803f0144af37236ea133c2255b0613bf8ba1d538e06c2411e8d70053b712084fd0e313de9bb19266e49a3a2190cb039c6f89610acd896319b9c8d1b8aac2eaa5a4f8be7419a09e3fb5be3be2fcdadd2299839cc40e684e6e2b4e1385fde7a0babcb0be672110268a34dad364fddee69e564119cebb6940c6356ff83ca527c573d700000000000000c6299263e6d9097f225de969485bce3d7dc471c0669bb6a467cf0de54dfcc1857048fe22a19dbb1b3cb9babaa839f1f6e817a62d95a5b971ff96a5c66c338c6f2a2da4644519f40761402e9c81013d76c7152c95ba5efa24ce1930f23a2277f057ffb6b0144f3b434a2adc456ef4d2fbdf7c6238c2bb00ffcf2d23d68cb9b027f3b225ec4e09b089f7956b66c5692b46ea03abb6a404c8ccceaa4ba4161409fcb54b86eaca26b2"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
ioctl$SCSI_IOCTL_SYNC(0xffffffffffffffff, 0x4)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000001c0), 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r1, &(0x7f0000000140)='2', 0xff10, 0x8000c61)

27.409749921s ago: executing program 1 (id=2439):
creat(&(0x7f0000000140)='./file0\x00', 0x82)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x1, &(0x7f0000000580)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
get_robust_list(0x0, &(0x7f00000022c0)=0x0, &(0x7f0000002300))

12.239638023s ago: executing program 33 (id=2439):
creat(&(0x7f0000000140)='./file0\x00', 0x82)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x1, &(0x7f0000000580)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
get_robust_list(0x0, &(0x7f00000022c0)=0x0, &(0x7f0000002300))

5.823649944s ago: executing program 0 (id=2522):
sendmsg$TCPDIAG_GETSOCK(0xffffffffffffffff, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000004c0)={0x68, 0x12, 0x0, 0x70bd26, 0x25dfdbfc, {0x8, 0x6, 0xa, 0x1, {0x4e24, 0x4e23, [0xfffffff8, 0x3, 0x6], [0x400, 0x9, 0x8, 0x9], 0x0, [0x1, 0x3]}, 0x4, 0xb}, [@INET_DIAG_REQ_BYTECODE={0x19, 0x1, "f102dcf29effae15cd649e6a6437eb61afd9d8ae2b"}]}, 0x68}, 0x1, 0x0, 0x0, 0x4000004}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x3, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1000}}, &(0x7f0000000080)='syzkaller\x00', 0x3, 0x72, &(0x7f0000000000)=""/114}, 0x94)

5.670746657s ago: executing program 0 (id=2523):
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r0 = io_uring_setup(0x1b78, &(0x7f0000000040)={0x0, 0xca72, 0xc000, 0x0, 0x20002fb})
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x18, 0xfa00, {0x3, 0x0, 0x2, 0x9}}, 0x20)
r1 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000300)=0x8)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001340)={0x11, 0x10, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffffb)
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)

5.516203785s ago: executing program 0 (id=2524):
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000072"], 0x0, 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x94)
close(r0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000100)={{r1}, &(0x7f0000000000), &(0x7f0000000080)=r0}, 0x20)

5.372158864s ago: executing program 0 (id=2525):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000180)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r3 = dup(r2)
write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])

5.371751821s ago: executing program 2 (id=2526):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="1800"/15], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2c}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x6, 0x3, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0))
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x12, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000373010b000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x14}, 0x94)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0), 0x48)
bpf$MAP_LOOKUP_ELEM(0x5, &(0x7f00000000c0)={r0, &(0x7f0000000000), &(0x7f0000000040)=""/73}, 0x70)

5.299320487s ago: executing program 0 (id=2527):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00'}, 0x10)
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00"/13], 0x50)
unshare(0x400)
fcntl$setlease(r0, 0x400, 0x0)

5.28444708s ago: executing program 2 (id=2528):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000300)=ANY=[@ANYBLOB="2400000076001f03000000000000000008000000"], 0x24}], 0x1}, 0x0)

5.103975144s ago: executing program 0 (id=2529):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
syz_usb_connect(0x1, 0xfffffffffffffd22, 0x0, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @void}, 0x10)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xc)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000700))
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
unshare(0x64000600)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000300)={[{@init_itable_val}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@jqfmt_vfsold}, {@minixdf}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")

4.871357613s ago: executing program 2 (id=2530):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000500), 0x400, 0x0)
close(r3)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340))
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
writev(r0, &(0x7f0000000040)=[{&(0x7f0000000100)="89e7ee2c78dad9b4b473fec988a8", 0xe}, {&(0x7f00000002c0)="9c", 0x1}], 0x2)

4.683981011s ago: executing program 3 (id=2532):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0)
r3 = eventfd(0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f})
ioctl$VHOST_SET_LOG_FD(r2, 0x4004af07, &(0x7f0000000240)=r3)
ioctl$VHOST_SET_VRING_KICK(r2, 0x4008af20, &(0x7f0000000040)={0x1, r3})
connect$unix(0xffffffffffffffff, 0x0, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/53, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000800)=""/90})
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]})
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, &(0x7f0000000080))
ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000340)=0x1)
ioctl$BTRFS_IOC_SCRUB_PROGRESS(r2, 0xc400941d, &(0x7f0000000380)={0x0, 0x3ff, 0x5})
fsetxattr$trusted_overlay_redirect(r1, &(0x7f0000000440), &(0x7f0000000480)='./file0\x00', 0x8, 0x2)
setsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x11, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)

4.638591273s ago: executing program 3 (id=2533):
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x3938700}}, 0x0)
madvise(&(0x7f00002e5000/0x400000)=nil, 0x400000, 0xf)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800002, 0xe)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004000000", @ANYRES32=0x0, @ANYBLOB, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000e90d0018110000000000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000010000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
rt_sigprocmask(0x1, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0, 0x38}}, 0x0)
epoll_create1(0x80000)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x10}, {}, {0xe}}, [@TCA_RATE={0x6, 0x5, {0x6, 0xd}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x0, 0x49, 0x0, 0x3, 0x0, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x8000}, 0x20000000)

3.95634791s ago: executing program 5 (id=2534):
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000072"], 0x0, 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x94)
close(r0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000100)={{r1}, &(0x7f0000000000), &(0x7f0000000080)=r0}, 0x20)

3.775229263s ago: executing program 5 (id=2535):
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x800)
write$P9_RVERSION(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r1 = dup(r0)
r2 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000000000000000640000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='fdb_delete\x00', r3}, 0x18)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r4, 0x8924, &(0x7f0000000000)={'bridge_slave_0\x00', @random="010000201000"})
write$FUSE_BMAP(r1, &(0x7f0000000100)={0x18}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0xb, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYRES8=r5, @ANYRESHEX], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
syz_open_pts(0xffffffffffffffff, 0x800)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r6}, 0x10)
syz_emit_ethernet(0x6d, &(0x7f0000000480)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000086dd6100272400373aff20010000000000000000000000000000ff0200000000000000000000000000010200907800000500663a794500023a00fe80000000000000000000000000001eff0200000000000041000000000000018029335287b7a06effacb98c9c11b66cc866e9887f02d2b06eff36afaa946b3f03bc1c7ed3e4578a7401672241d792b482cd7a11d2ed1600fbce472a7f326af1e3ceefcef05e04d2600ae64cce8ce92c326b6dbc8364a4dcdcc2b8725bf9096b145c3e052f73e7e71810e37bab56e3c5f14fc79927a59d372134526c1a18bb41eeb88758d7870ec79f690a92c31f487cd05d52be7f4f1a8f9452a16758f7f5d5dff16b03cfeb39e5e971c4c5b37f319d0f653b6f4b700f96cd189ba67ab90db096d9f95a1679de78c607030af38a38a0226042b03982"], 0x0)
bpf$MAP_CREATE(0xe4ffffff00000000, &(0x7f0000001000)=ANY=[], 0x48)
r7 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/profiling', 0x40402, 0x1)
write$FUSE_NOTIFY_STORE(r7, &(0x7f0000000100)=ANY=[@ANYRESHEX=r7], 0x2d)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_udplite(0xa, 0x2, 0x88)
r8 = gettid()
timer_create(0x1, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r8}, &(0x7f0000bbdffc))

2.323878052s ago: executing program 2 (id=2536):
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f0000000880)=""/166}, 0x20)
r0 = bpf$TOKEN_CREATE(0x24, &(0x7f0000000400), 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xf, 0xc, &(0x7f00000002c0)=ANY=[@ANYRES16=r0, @ANYRESDEC=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000030000008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@newtaction={0x60, 0x30, 0x727, 0x7ffffd, 0x0, {}, [{0x4c, 0x1, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x3, 0x10000, 0x10000000, 0x7}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc}}}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x4004}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[], 0x70}}, 0x0)
uname(0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0xb, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r2}, 0x10)
mknodat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x40, 0x7)
r3 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x19, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0900000004000000ff0f00000500000000000000", @ANYRES32, @ANYBLOB="0000000000000000000000030000fbffffff0000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r5 = fsopen(&(0x7f0000000040)='vfat\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f00000000c0)=',+\x00', &(0x7f0000000100)='sys_enter\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x10)
readlinkat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', &(0x7f00000004c0)=""/106, 0x6a)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
listxattr(0x0, 0x0, 0x0)
write$binfmt_register(r3, &(0x7f0000000000)={0x3a, 'syz2', 0x3a, 'E', 0x3a, 0x7, 0x3a, ')', 0x3a, '', 0x3a, './file0', 0x3a, [0x46]}, 0x29)

2.185885557s ago: executing program 3 (id=2537):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000180)='sys_enter\x00', r5}, 0x10)
syz_open_procfs(0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r7 = openat$cgroup_ro(r6, &(0x7f0000000440)='blkio.bfq.io_serviced_recursive\x00', 0x0, 0x0)
preadv2(r7, 0x0, 0x0, 0x2, 0x0, 0x1)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000640)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x2, [@const={0x0, 0x0, 0x0, 0xd}, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x1, 0x2, 0x36000000}}]}}, &(0x7f0000000000)=""/144, 0x3e, 0x90, 0x1}, 0x28)
sched_setscheduler(0x0, 0x2, 0x0)
r8 = getpid()
sched_setscheduler(r8, 0x2, &(0x7f0000000200)=0x7)

1.936299055s ago: executing program 5 (id=2538):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='sched_switch\x00'}, 0x18)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)={0x4c, 0x2, 0x6, 0x801, 0xe4340000, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}]}, 0x4c}}, 0x2)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000c80)={0x54, 0x9, 0x6, 0x3, 0x0, 0x0, {0x7}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0x34, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0x18, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @remote}}, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0xe1f}, @IPSET_ATTR_PROTO={0x5, 0x7, 0x88}, @IPSET_ATTR_PORT_TO={0x6, 0x5, 0x1, 0x0, 0x4e22}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x10000042}, 0x90)

1.585033646s ago: executing program 2 (id=2539):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r0}, &(0x7f0000000000), &(0x7f0000000300)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r1}, 0x18)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x100002, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'lo\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000007c0)=@newqdisc={0x4c, 0x24, 0xd0f, 0x3, 0x0, {0x60, 0x0, 0x0, r4, {0x0, 0x2}, {0xffff, 0xffff}, {0x4}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x10, 0x3, 0x1, 0x3, 0x400, 0x8}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40001d4}, 0x8840)

1.181535673s ago: executing program 5 (id=2540):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffff"], 0x48)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @remote}, 0x6}, 0x1c)
syz_emit_ethernet(0x36, &(0x7f0000000280)={@local, @empty, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x2, 0x3, 0x28, 0x64, 0x0, 0x7, 0x6, 0x0, @remote, @remote}, {{0x4e22, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4, 0x6071, 0x0, 0xe7}}}}}}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2, 0x0, 0x3}, 0x18)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={0x0, 0xf0}, 0x1, 0x0, 0x0, 0x8801}, 0x0)
getpid()
openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x1)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = mq_open(&(0x7f0000000040)='!se\xf7ih,\x17i\xacP\xe6lNnuxselinux\x00', 0x6e93ebbbcc0884f2, 0x2, &(0x7f0000000300)={0x0, 0x1, 0x6})
mq_timedsend(r4, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r4, 0x0, 0x0, 0x0, 0x0)

1.086922498s ago: executing program 3 (id=2541):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000000)="5c00000003006b03000000d86e6c1d0002847e", 0x13}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="300000003c0007010000000000400000037c00000400fc8010000180"], 0x30}, 0x1, 0x0, 0x0, 0xc000}, 0xc010)

1.086463836s ago: executing program 5 (id=2542):
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b00000007000000010001000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0a00000001010000ff7f0000cc"], 0x50)

1.029471111s ago: executing program 3 (id=2543):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000e00)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x27, 0x0, &(0x7f0000000c40)="bcceb54f8793761baf54949ccc1878cb76eb90f4191b23f64e322f258a5acd9fa6c3616f23f307", 0x0, 0x2, 0x0, 0x5}, 0x50)
r0 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xffffff1f, &(0x7f0000000080)=[{&(0x7f0000000040)="c018030029000b12d25a80648c2594f90124fc60100c020000040000050248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0)

996.978333ms ago: executing program 2 (id=2544):
connect$unix(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file2\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r3, 0x800448d2, 0x0)
unshare(0x40020000)

703.872245ms ago: executing program 3 (id=2545):
getpid()
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000040)='./file2\x00', 0x1000052, &(0x7f0000000240)=ANY=[], 0xf5, 0x1219, &(0x7f0000002100)="$eJzs3E9rHGUcB/Bf1o1JU/NHrdX2oA948TQ0OXgSJEgKkgWlNkIrCFOz0SVjNmRCYEWsnrz2dXj2JvgOcvE1eMvFYw/iSGYam223VMHdFfv5HDI/nuf55pln2F2YZZ49eefel7s7ZbaTH0ZrZiZa+xHpfooUrTjz+mZzvHV7c73T2biR0vX1m6tvp5SW3vj5k6/nIuLixz8u/TQXxyufnvy29uvx5eMrJ3/c/KJXpl6ZVvqHKU93+v3D/E7RTdu9cjdL6cOim5fd1NsruwdD/TtFf39/kPK97cWF/YNuWaZ8b5B27+UR/XR4MEj553lvL2VZlhYXgieaffqQrR/uV1UVUVWz8XxUVVVdiIW4GC/EYizFtxHxYrwUL8eleCUux6vxWlypR03i9AEAAAAAAAAAAAAAAAAAAODZcX7/f0QM7f9fjhX7/wEAAAAAAAAAAAAAAAAAAGACPrp1e3O909m4kdJ8RPH90dbRVnNs+td3ohdFdONaLMfvUe/+bzT19fc7G9dSbSW+K+4+yN892nquyZ/+Oc2v1j8n8CDfrvvO8qtNPg3n52Lh/PxrsRyXRs+/NjI/H2+9eS6fxXL88ln0o4jteu6H+W9WU3rvg84j+av1OAAAAPg/yNJfRt6/Z9mT+pv83/5+oB2P3F+342p7umsnohx8tZu3iu5BXRRnxfxjLWMrZiNiUnONq5gbbmmNaa7WUy7UzLgW2P6PXGfF48Xpu/jf+D8XYrhl2p9MTMLDl8G0zwQAAAAAAAAAAIB/YszPJ7ZjxJNl705nqQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ/swLEAAAAAgDB/6zQ6NgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGCoAAP//I6LAUA==")
r0 = creat(&(0x7f00000001c0)='./bus\x00', 0x40)
io_setup(0x9, &(0x7f0000000300)=<r1=>0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0x8, &(0x7f0000003340)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_NAME(0xf, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="24000000680001d30a00000000000081000000569d7a00bb2c83b400199008000c000200010000000400000095cb81449c2250cec2244b4078bf360ceedb77918c314ce00d927bbb666af2406aff54c971e9d0dd3ef9c7fca20aeba68cc657441f47f50af1fb9539eb02ceeb53"], 0x24}, 0x1, 0x0, 0x0, 0x24008000}, 0x4000)
socket$nl_route(0x10, 0x3, 0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0xe7030003, 0x2, 0x1, 0x0, r0, &(0x7f0000000000), 0x100000}])
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', 0xffffffffffffffff, 0x0, 0x1}, 0x18)
r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000200)=ANY=[@ANYBLOB="140100002800010004000000fcdbdf250401f2800c00180008ac0f0000000100140001"], 0x114}], 0x1, 0x0, 0x0, 0x20000001}, 0x0)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r5, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x7, 0x0, 0x0, 0x1, 0x0, "ef35af413bb901527fe4d0ce5d29c3ee5e5c3676345a41499db7aac63a01000000000000004faa2ae2c084a0ea0000000000000000000c00002000", "036c47c67808200400000000000000335263bdc4ef549ba1a12be47ddfdd753abd000000002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00", [0x4, 0x5]})
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000300)={0x0, 0x4, 0x18}, 0xc)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)

0s ago: executing program 5 (id=2546):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000280)={@remote}, 0x14)
r2 = fspick(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newtfilter={0x24, 0x11, 0x1, 0x70bd28, 0x2000, {0x0, 0x0, 0x74, 0x0, {0xfffd, 0x10}, {0x1, 0xfff1}, {0x6, 0x3}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x14004804}, 0x8804)
r3 = dup2(r0, r1)
bind$inet6(r1, &(0x7f0000000180)={0xa, 0x4e23, 0x7, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000340)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x9}}, {@bh}, {@auto_da_alloc}, {@resuid={'resuid', 0x3d, 0xee01}}, {@sysvgroups}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x1, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
r4 = open(&(0x7f00000001c0)='./file1\x00', 0x14927e, 0x20)
r5 = open(&(0x7f0000000080)='./file1\x00', 0x64842, 0x86)
pwritev2(r5, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x140000}], 0x1, 0x7800, 0x0, 0x3)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000540), r3)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r4, &(0x7f0000000640)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x68, r6, 0x8, 0x70bd26, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x4, 0x13}}}}, [@chandef_params=[@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xe}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x8}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x2}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x4}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x27a}], @NL80211_ATTR_DURATION={0x8, 0x57, 0x9}, @NL80211_ATTR_DURATION={0x8, 0x57, 0x1261bdb5}, @NL80211_ATTR_DURATION={0x8, 0x57, 0x7f}]}, 0x68}, 0x1, 0x0, 0x0, 0x11}, 0x90)

kernel console output (not intermixed with test programs):

eec9 code=0x7ffc0000
[  191.771369][ T5873] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.050231][ T7949] rdma_op ffff88802c33f1f0 conn xmit_rdma 0000000000000000
[  192.265028][ T7957] netlink: 16 bytes leftover after parsing attributes in process `syz.5.706'.
[  192.313356][ T7957] macvlan2: entered promiscuous mode
[  192.356750][ T7957] macvlan2: entered allmulticast mode
[  192.463645][ T7959] loop2: detected capacity change from 0 to 128
[  192.576126][   T30] audit: type=1800 audit(1758674073.161:530): pid=7959 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.707" name="bus" dev="loop2" ino=1048626 res=0 errno=0
[  192.669986][ T7967] loop5: detected capacity change from 0 to 512
[  192.754356][ T7969] netlink: 8 bytes leftover after parsing attributes in process `syz.1.712'.
[  192.780050][ T7967] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  192.826502][ T7967] ext4 filesystem being mounted at /18/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  193.042911][ T7557] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.324265][ T7987] Invalid ELF header magic: != ELF
[  193.431184][ T7989] loop3: detected capacity change from 0 to 1764
[  193.436731][ T5869] Bluetooth: hci2: command 0x0c1a tx timeout
[  193.470173][ T7991] loop5: detected capacity change from 0 to 8192
[  193.482141][ T7991] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  193.499538][ T7991] netlink: 12 bytes leftover after parsing attributes in process `syz.5.721'.
[  193.516688][ T5869] Bluetooth: hci1: command 0x0c1a tx timeout
[  193.678352][ T5869] Bluetooth: hci4: command 0x0406 tx timeout
[  193.757516][ T5869] Bluetooth: hci3: command 0x0c1a tx timeout
[  194.101026][ T8006] loop2: detected capacity change from 0 to 1024
[  194.174477][ T8009] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  194.190806][ T8006] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  194.382348][ T8021] netlink: 96 bytes leftover after parsing attributes in process `syz.5.733'.
[  194.388576][ T5873] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.547191][   T30] audit: type=1326 audit(1758674075.131:531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8023 comm="syz.3.737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faaa978eec9 code=0x7ffc0000
[  194.584964][ T8027] capability: warning: `syz.1.738' uses deprecated v2 capabilities in a way that may be insecure
[  194.619873][   T30] audit: type=1326 audit(1758674075.131:532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8023 comm="syz.3.737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faaa978eec9 code=0x7ffc0000
[  194.806114][   T30] audit: type=1326 audit(1758674075.141:533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8023 comm="syz.3.737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=131 compat=0 ip=0x7faaa978eec9 code=0x7ffc0000
[  194.847877][   T30] audit: type=1326 audit(1758674075.141:534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8023 comm="syz.3.737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faaa978eec9 code=0x7ffc0000
[  194.906239][   T30] audit: type=1326 audit(1758674075.141:535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8023 comm="syz.3.737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faaa978eec9 code=0x7ffc0000
[  195.235442][ T8043] netlink: 8 bytes leftover after parsing attributes in process `syz.5.744'.
[  195.517858][ T5869] Bluetooth: hci2: command 0x0c1a tx timeout
[  195.575488][ T8052] loop3: detected capacity change from 0 to 1024
[  195.597443][ T5869] Bluetooth: hci1: command 0x0c1a tx timeout
[  195.692137][ T8052] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  195.836269][ T5869] Bluetooth: hci3: command 0x0c1a tx timeout
[  195.982500][ T5864] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.765869][ T8078] netlink: 8 bytes leftover after parsing attributes in process `syz.1.755'.
[  197.150954][ T8093] netlink: 4 bytes leftover after parsing attributes in process `syz.3.762'.
[  197.255332][ T8096] loop3: detected capacity change from 0 to 1024
[  197.273008][ T8096] EXT4-fs: inline encryption not supported
[  197.286142][ T8096] EXT4-fs: Ignoring removed i_version option
[  197.309195][ T8096] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  197.334327][ T8096] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 2: comm syz.3.762: lblock 2 mapped to illegal pblock 2 (length 1)
[  197.366417][ T8096] Quota error (device loop3): qtree_write_dquot: dquota write failed
[  197.374584][ T8096] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 48: comm syz.3.762: lblock 0 mapped to illegal pblock 48 (length 1)
[  197.392929][ T8096] Quota error (device loop3): v2_write_file_info: Can't write info structure
[  197.403983][ T8096] EXT4-fs error (device loop3): ext4_acquire_dquot:6943: comm syz.3.762: Failed to acquire dquot type 0
[  197.425923][ T8096] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  197.446775][ T8096] EXT4-fs error (device loop3): ext4_evict_inode:254: inode #11: comm syz.3.762: mark_inode_dirty error
[  197.490972][ T8096] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  197.536147][ T8096] EXT4-fs (loop3): 1 orphan inode deleted
[  197.537354][ T8099] loop5: detected capacity change from 8192 to 0
[  197.544046][ T8096] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  197.572172][ T1159] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:6: lblock 1 mapped to illegal pblock 1 (length 1)
[  197.613759][ T1159] Quota error (device loop3): remove_tree: Can't read quota data block 1
[  197.632646][    T9] IPVS: starting estimator thread 0...
[  197.635409][ T1159] EXT4-fs error (device loop3): ext4_release_dquot:6979: comm kworker/u8:6: Failed to release dquot type 0
[  197.647462][ T8096] IPVS: sed: FWM 3 0x00000003 - no destination available
[  197.666704][ T8105] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  197.746372][ T8103] IPVS: using max 25 ests per chain, 60000 per kthread
[  198.110265][ T5864] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.177766][ T5864] EXT4-fs error (device loop3): __ext4_get_inode_loc:4861: comm syz-executor: Invalid inode table block 1 in block_group 0
[  198.213255][ T5864] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  198.242075][ T5864] EXT4-fs error (device loop3): ext4_quota_off:7227: inode #3: comm syz-executor: mark_inode_dirty error
[  198.478128][ T8117] loop2: detected capacity change from 0 to 512
[  198.544842][ T8117] EXT4-fs: Ignoring removed mblk_io_submit option
[  198.584281][ T8117] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  198.641180][ T8117] EXT4-fs (loop2): 1 truncate cleaned up
[  198.665744][ T8117] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  198.842084][   T30] audit: type=1804 audit(1758674079.421:536): pid=8117 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.771" name="/newroot/136/bus/bus" dev="loop2" ino=18 res=1 errno=0
[  198.902924][ T5873] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  199.213177][ T8134] loop2: detected capacity change from 0 to 1024
[  199.269443][ T8134] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  199.286363][ T8134] ext4 filesystem being mounted at /137/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  199.431087][ T8138] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  199.454256][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  199.542005][ T5873] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  200.173539][ T8150] loop3: detected capacity change from 0 to 1764
[  201.155176][   T30] audit: type=1326 audit(1758674081.741:537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8158 comm="syz.3.786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faaa978eec9 code=0x7ffc0000
[  201.189730][   T30] audit: type=1326 audit(1758674081.741:538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8158 comm="syz.3.786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faaa978eec9 code=0x7ffc0000
[  201.267197][   T30] audit: type=1326 audit(1758674081.771:539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8158 comm="syz.3.786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faaa978eec9 code=0x7ffc0000
[  201.322764][   T30] audit: type=1326 audit(1758674081.771:540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8158 comm="syz.3.786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faaa978eec9 code=0x7ffc0000
[  201.356870][ T8164] loop3: detected capacity change from 0 to 512
[  201.373534][   T30] audit: type=1326 audit(1758674081.771:541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8158 comm="syz.3.786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faaa978eec9 code=0x7ffc0000
[  201.373589][   T30] audit: type=1326 audit(1758674081.771:542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8158 comm="syz.3.786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faaa978eec9 code=0x7ffc0000
[  201.381464][ T8164] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  201.381582][ T8164] ext4 filesystem being mounted at /153/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  201.384229][ T8164] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  201.510127][ T8165] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  201.553299][ T8174] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  201.756422][ T8178] serio: Serial port ptm0
[  201.787678][ T8165] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  201.790094][ T8181] loop3: detected capacity change from 0 to 512
[  201.867473][ T8176] netlink: 'syz.2.791': attribute type 12 has an invalid length.
[  201.976830][ T8165] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  202.030372][ T8181] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  202.074072][ T8188] netlink: 'syz.2.796': attribute type 10 has an invalid length.
[  202.092470][ T8181] ext4 filesystem being mounted at /155/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  202.229517][ T8165] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  202.290554][ T8193] loop2: detected capacity change from 0 to 128
[  202.293341][ T5864] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  202.299413][ T8193] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  202.663085][ T8200] loop2: detected capacity change from 0 to 512
[  202.734684][   T12] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  202.785104][ T8200] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  202.860910][   T12] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  202.890835][ T8200] ext4 filesystem being mounted at /142/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  202.901622][   T12] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  202.929422][ T8200] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  202.971984][   T12] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  203.214537][   T30] kauditd_printk_skb: 9 callbacks suppressed
[  203.214557][   T30] audit: type=1326 audit(1758674083.781:552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8214 comm="syz.0.804" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f76aa18eec9 code=0x0
[  209.007212][ T8222] loop2: detected capacity change from 0 to 8192
[  209.045189][ T8222] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  209.157968][ T8222] netlink: 12 bytes leftover after parsing attributes in process `syz.2.806'.
[  209.277638][ T8234] netlink: 224 bytes leftover after parsing attributes in process `syz.2.806'.
[  209.321039][ T8234] ksmbd: Unknown IPC event: 4, ignore.
[  209.876502][ T8242] lo speed is unknown, defaulting to 1000
[  210.257800][   T30] audit: type=1326 audit(1758674090.851:553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8238 comm="syz.5.812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2cff8eec9 code=0x7ffc0000
[  210.259224][ T8236] loop2: detected capacity change from 8192 to 0
[  210.293476][    C0] I/O error, dev loop2, sector 33 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2
[  210.303407][    C0] Buffer I/O error on dev loop2, logical block 33, lost sync page write
[  210.320661][ T8243] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  210.322300][ T8222] Buffer I/O error on dev loop2, logical block 1, lost sync page write
[  210.326937][ T8243] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  210.341440][ T8240] netlink: 28 bytes leftover after parsing attributes in process `syz.3.813'.
[  210.342299][ T8243] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  210.356892][ T8243] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  210.363132][ T8243] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  210.374966][   T30] audit: type=1326 audit(1758674090.851:554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8238 comm="syz.5.812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2cff8eec9 code=0x7ffc0000
[  210.488921][ T8222] FAT-fs (loop2): unable to read inode block for updating (i_pos 1050)
[  210.526100][   T30] audit: type=1326 audit(1758674090.871:555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8238 comm="syz.5.812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd2cff8eec9 code=0x7ffc0000
[  210.546376][ T8222] Buffer I/O error on dev loop2, logical block 85, lost async page write
[  210.567284][ T8247] serio: Serial port ptm0
[  210.579583][ T8222] Buffer I/O error on dev loop2, logical block 97, lost async page write
[  210.595879][   T30] audit: type=1326 audit(1758674090.881:556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8238 comm="syz.5.812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2cff8eec9 code=0x7ffc0000
[  210.623197][   T30] audit: type=1326 audit(1758674090.881:557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8238 comm="syz.5.812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd2cff8eec9 code=0x7ffc0000
[  210.646439][ T8222] Buffer I/O error on dev loop2, logical block 98, lost async page write
[  210.655325][ T8222] Buffer I/O error on dev loop2, logical block 99, lost async page write
[  210.664201][   T30] audit: type=1326 audit(1758674090.881:558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8238 comm="syz.5.812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2cff8eec9 code=0x7ffc0000
[  210.706844][ T8222] Buffer I/O error on dev loop2, logical block 100, lost async page write
[  210.721061][   T30] audit: type=1326 audit(1758674090.911:559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8238 comm="syz.5.812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7fd2cff8eec9 code=0x7ffc0000
[  210.758922][ T8222] Buffer I/O error on dev loop2, logical block 101, lost async page write
[  210.781592][ T8222] Buffer I/O error on dev loop2, logical block 102, lost async page write
[  210.800501][   T30] audit: type=1326 audit(1758674090.941:560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8238 comm="syz.5.812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2cff8eec9 code=0x7ffc0000
[  210.866378][ T8222] Buffer I/O error on dev loop2, logical block 103, lost async page write
[  210.883707][   T30] audit: type=1326 audit(1758674090.941:561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8238 comm="syz.5.812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=251 compat=0 ip=0x7fd2cff8eec9 code=0x7ffc0000
[  210.925931][   T30] audit: type=1326 audit(1758674090.941:562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8238 comm="syz.5.812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2cff8eec9 code=0x7ffc0000
[  211.551009][ T8274] netlink: 'syz.3.826': attribute type 3 has an invalid length.
[  211.771951][ T8282] netlink: 40 bytes leftover after parsing attributes in process `syz.3.829'.
[  212.252138][ T8297] serio: Serial port ptm0
[  212.396244][ T5882] Bluetooth: hci3: command 0x0c1a tx timeout
[  212.396430][ T5869] Bluetooth: hci4: command 0x0406 tx timeout
[  212.402317][ T5882] Bluetooth: hci1: command 0x0c1a tx timeout
[  212.409420][ T5872] Bluetooth: hci2: command 0x0c1a tx timeout
[  213.142448][ T8323] loop3: detected capacity change from 0 to 512
[  213.242849][ T8323] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  213.291826][ T8323] ext4 filesystem being mounted at /166/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  213.519400][ T8334] netlink: 'syz.5.846': attribute type 1 has an invalid length.
[  213.527256][ T8334] netlink: 224 bytes leftover after parsing attributes in process `syz.5.846'.
[  214.854976][ T5864] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  215.419780][ T8349] lo speed is unknown, defaulting to 1000
[  215.901069][ T8346] IPv6: Can't replace route, no match found
[  216.519114][ T8359] netlink: 'syz.2.856': attribute type 12 has an invalid length.
[  217.814407][ T8391] loop3: detected capacity change from 0 to 128
[  218.062708][   T30] kauditd_printk_skb: 5 callbacks suppressed
[  218.062728][   T30] audit: type=1800 audit(1758674098.651:568): pid=8391 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.867" name="file1" dev="loop3" ino=1048629 res=0 errno=0
[  218.106190][ T8391] syz.3.867: attempt to access beyond end of device
[  218.106190][ T8391] loop3: rw=2049, sector=138, nr_sectors = 2 limit=128
[  219.208930][ T8408] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  219.458214][   T30] audit: type=1326 audit(1758674100.051:569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8412 comm="syz.1.876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd7738eec9 code=0x7ffc0000
[  219.521696][   T30] audit: type=1326 audit(1758674100.051:570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8412 comm="syz.1.876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd7738eec9 code=0x7ffc0000
[  219.647829][   T30] audit: type=1326 audit(1758674100.071:571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8412 comm="syz.1.876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fcd77390de7 code=0x7ffc0000
[  219.716399][   T30] audit: type=1326 audit(1758674100.071:572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8412 comm="syz.1.876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd7738eec9 code=0x7ffc0000
[  219.795103][   T30] audit: type=1326 audit(1758674100.071:573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8412 comm="syz.1.876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=150 compat=0 ip=0x7fcd7738eec9 code=0x7ffc0000
[  219.884379][   T30] audit: type=1326 audit(1758674100.071:574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8412 comm="syz.1.876" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd7738eec9 code=0x7ffc0000
[  220.019163][ T1159] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  220.216143][ T1159] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  220.640058][ T1159] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  220.717816][ T1159] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  220.825473][ T8444] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  221.033111][ T1159] bridge_slave_1: left allmulticast mode
[  221.040585][ T1159] bridge_slave_1: left promiscuous mode
[  221.048682][ T1159] bridge0: port 2(bridge_slave_1) entered disabled state
[  221.074894][ T1159] bridge_slave_0: left allmulticast mode
[  221.088169][ T1159] bridge_slave_0: left promiscuous mode
[  221.099951][ T1159] bridge0: port 1(bridge_slave_0) entered disabled state
[  221.243753][ T8452] netlink: 12 bytes leftover after parsing attributes in process `syz.1.890'.
[  221.933291][ T1159] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  221.948374][ T1159] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  221.959939][ T1159] bond0 (unregistering): Released all slaves
[  222.021830][ T8464] netlink: 224 bytes leftover after parsing attributes in process `syz.1.890'.
[  222.047762][ T8464] ksmbd: Unknown IPC event: 4, ignore.
[  222.274834][ T8489] Invalid ELF header magic: != ELF
[  223.244707][ T1159] hsr_slave_0: left promiscuous mode
[  223.253048][ T1159] hsr_slave_1: left promiscuous mode
[  223.270194][ T1159] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  223.288034][ T1159] batman_adv: batadv0: Removing interface: batadv_slave_0
[  223.339780][ T1159] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  223.347559][ T1159] batman_adv: batadv0: Removing interface: batadv_slave_1
[  223.365676][ T8512] netlink: 256 bytes leftover after parsing attributes in process `syz.2.913'.
[  223.375470][ T8512] ksmbd: Unknown IPC event: 3, ignore.
[  223.430871][ T1159] veth1_macvtap: left promiscuous mode
[  223.454643][ T1159] veth0_macvtap: left promiscuous mode
[  223.466435][ T1159] veth1_vlan: left promiscuous mode
[  223.480811][ T1159] veth0_vlan: left promiscuous mode
[  223.922183][   T30] audit: type=1326 audit(1758674104.511:575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8520 comm="syz.0.917" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76aa18eec9 code=0x7ffc0000
[  223.965755][   T30] audit: type=1326 audit(1758674104.511:576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8520 comm="syz.0.917" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76aa18eec9 code=0x7ffc0000
[  224.003991][   T30] audit: type=1326 audit(1758674104.511:577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8520 comm="syz.0.917" exe="/root/syz-executor" sig=0 arch=c000003e syscall=36 compat=0 ip=0x7f76aa18eec9 code=0x7ffc0000
[  224.074677][   T30] audit: type=1326 audit(1758674104.511:578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8520 comm="syz.0.917" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76aa18eec9 code=0x7ffc0000
[  224.128714][   T30] audit: type=1326 audit(1758674104.581:579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8520 comm="syz.0.917" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76aa18eec9 code=0x7ffc0000
[  224.655958][ T1159] team0 (unregistering): Port device team_slave_1 removed
[  224.814183][ T1159] team0 (unregistering): Port device team_slave_0 removed
[  225.610716][   T30] audit: type=1326 audit(1758674106.191:580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8545 comm="syz.5.928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2cff8eec9 code=0x7ffc0000
[  225.638617][ T1159] team0 (unregistering): Port device dummy0 removed
[  225.653381][   T30] audit: type=1326 audit(1758674106.191:581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8545 comm="syz.5.928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2cff8eec9 code=0x7ffc0000
[  225.712174][ T3572] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  225.751072][   T30] audit: type=1326 audit(1758674106.191:582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8545 comm="syz.5.928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7fd2cff8eec9 code=0x7ffc0000
[  225.777740][ T3572] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  225.804733][   T30] audit: type=1326 audit(1758674106.191:583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8545 comm="syz.5.928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2cff8eec9 code=0x7ffc0000
[  225.858727][   T30] audit: type=1326 audit(1758674106.191:584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8545 comm="syz.5.928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2cff8eec9 code=0x7ffc0000
[  228.516673][ T8595] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  228.523508][ T8595] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  228.529793][ T8595] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  228.537582][ T8595] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  228.543726][ T8595] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  228.755299][ T8611] IPv6: Can't replace route, no match found
[  228.817278][ T8615] netlink: 'syz.2.955': attribute type 4 has an invalid length.
[  229.167730][   T30] kauditd_printk_skb: 48 callbacks suppressed
[  229.167750][   T30] audit: type=1326 audit(1758674109.751:633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8618 comm="syz.1.958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd7738eec9 code=0x7ffc0000
[  229.955180][   T30] audit: type=1326 audit(1758674109.751:634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8618 comm="syz.1.958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd7738eec9 code=0x7ffc0000
[  230.024944][   T30] audit: type=1326 audit(1758674109.761:635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8618 comm="syz.1.958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=270 compat=0 ip=0x7fcd7738eec9 code=0x7ffc0000
[  230.123494][   T30] audit: type=1326 audit(1758674109.761:636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8618 comm="syz.1.958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd7738eec9 code=0x7ffc0000
[  230.154967][ T3572] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  230.216090][   T30] audit: type=1326 audit(1758674109.761:637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8618 comm="syz.1.958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd7738eec9 code=0x7ffc0000
[  230.381852][ T3572] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  230.411889][ T3572] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  230.452302][ T3572] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  230.516452][ T3572] usb 3-1: New USB device found, idVendor=056e, idProduct=00fb, bcdDevice= 0.00
[  230.525599][ T3572] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  230.556351][ T5872] Bluetooth: hci3: command 0x0c1a tx timeout
[  230.562442][ T5872] Bluetooth: hci4: command 0x0406 tx timeout
[  230.568577][ T5869] Bluetooth: hci1: command 0x0c1a tx timeout
[  230.574647][ T5869] Bluetooth: hci2: command 0x0c1a tx timeout
[  230.733464][ T8648] loop3: detected capacity change from 0 to 512
[  230.877081][ T8648] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8842c11c, mo2=0002]
[  230.886231][ T8648] EXT4-fs (loop3): orphan cleanup on readonly fs
[  230.905740][ T8648] EXT4-fs warning (device loop3): ext4_enable_quotas:7178: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  230.929675][ T8648] EXT4-fs (loop3): Cannot turn on quotas: error -22
[  230.940295][ T8648] EXT4-fs error (device loop3): ext4_ext_check_inode:523: inode #13: comm syz.3.965: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  230.962145][ T8648] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.965: couldn't read orphan inode 13 (err -117)
[  230.987437][ T8648] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  231.055221][ T8648] EXT4-fs error (device loop3): ext4_lookup:1791: inode #2: comm syz.3.965: deleted inode referenced: 12
[  231.291323][ T3572] usb 3-1: config 0 descriptor??
[  231.390024][ T5864] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  231.518567][ T8657] loop3: detected capacity change from 0 to 128
[  232.282204][ T8670] netlink: 19 bytes leftover after parsing attributes in process `syz.3.973'.
[  232.417129][ T8673] netlink: 8 bytes leftover after parsing attributes in process `syz.0.974'.
[  232.618596][ T3572] usbhid 3-1:0.0: can't add hid device: -71
[  232.624821][ T3572] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  232.801038][ T3572] usb 3-1: USB disconnect, device number 2
[  232.817912][ T8676] loop3: detected capacity change from 0 to 1024
[  233.005223][ T8676] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  233.055049][   T30] audit: type=1804 audit(1758674113.641:638): pid=8676 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.975" name="/newroot/192/file1/file1" dev="loop3" ino=15 res=1 errno=0
[  233.198476][ T5864] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  233.642321][ T8695] netlink: 8 bytes leftover after parsing attributes in process `syz.5.982'.
[  233.663366][   T30] audit: type=1326 audit(1758674114.251:639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8694 comm="syz.5.982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2cff8eec9 code=0x7ffc0000
[  233.688173][ T8695] netlink: 8 bytes leftover after parsing attributes in process `syz.5.982'.
[  233.726090][   T30] audit: type=1326 audit(1758674114.281:640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8694 comm="syz.5.982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd2cff8eec9 code=0x7ffc0000
[  233.757909][   T30] audit: type=1326 audit(1758674114.281:641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8694 comm="syz.5.982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2cff8eec9 code=0x7ffc0000
[  233.826178][   T30] audit: type=1326 audit(1758674114.281:642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8694 comm="syz.5.982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7fd2cff8eec9 code=0x7ffc0000
[  235.010246][ T8715] gretap1: entered allmulticast mode
[  235.555582][ T8730] netlink: 56 bytes leftover after parsing attributes in process `syz.3.995'.
[  235.646936][ T8720] netlink: 12 bytes leftover after parsing attributes in process `syz.0.991'.
[  235.743809][ T8720] netlink: 224 bytes leftover after parsing attributes in process `syz.0.991'.
[  235.763635][ T8720] ksmbd: Unknown IPC event: 4, ignore.
[  235.773958][ T8734] netlink: 8 bytes leftover after parsing attributes in process `syz.2.996'.
[  236.062281][ T8742] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1000'.
[  236.196057][   T30] kauditd_printk_skb: 5 callbacks suppressed
[  236.196079][   T30] audit: type=1326 audit(1758674116.781:648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8744 comm="syz.0.1002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76aa18eec9 code=0x7ffc0000
[  236.287743][   T30] audit: type=1326 audit(1758674116.781:649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8744 comm="syz.0.1002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=304 compat=0 ip=0x7f76aa18eec9 code=0x7ffc0000
[  236.332531][ T8750] loop3: detected capacity change from 0 to 512
[  236.358813][   T30] audit: type=1326 audit(1758674116.781:650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8744 comm="syz.0.1002" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76aa18eec9 code=0x7ffc0000
[  236.406149][ T8750] EXT4-fs error (device loop3): ext4_read_inode_bitmap:139: comm syz.3.1004: Invalid inode bitmap blk 4 in block_group 0
[  236.416135][   T30] audit: type=1326 audit(1758674116.841:651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8747 comm="syz.2.1003" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe62398eec9 code=0x0
[  236.471643][ T8750] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  236.537800][ T8750] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  236.664571][   T30] audit: type=1326 audit(1758674117.241:652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8759 comm="syz.0.1008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76aa18eec9 code=0x7ffc0000
[  236.743714][   T30] audit: type=1326 audit(1758674117.241:653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8759 comm="syz.0.1008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f76aa18eec9 code=0x7ffc0000
[  236.795761][   T30] audit: type=1326 audit(1758674117.241:654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8759 comm="syz.0.1008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76aa18eec9 code=0x7ffc0000
[  236.851721][ T8768] loop3: detected capacity change from 0 to 512
[  236.855177][   T30] audit: type=1326 audit(1758674117.241:655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8759 comm="syz.0.1008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f76aa18eec9 code=0x7ffc0000
[  236.916103][   T30] audit: type=1326 audit(1758674117.241:656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8759 comm="syz.0.1008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76aa18eec9 code=0x7ffc0000
[  236.916451][ T8768] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  236.978052][   T30] audit: type=1326 audit(1758674117.251:657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8759 comm="syz.0.1008" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f76aa18eec9 code=0x7ffc0000
[  237.001428][ T8768] ext4 filesystem being mounted at /199/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  237.080028][ T8764] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1009'.
[  237.083976][ T8768] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #2: comm syz.3.1011: corrupted inode contents
[  237.108130][ T8764] ksmbd: Unknown IPC event: 4, ignore.
[  237.130695][ T8768] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #2: comm syz.3.1011: mark_inode_dirty error
[  237.170818][ T8768] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #2: comm syz.3.1011: corrupted inode contents
[  237.188744][ T8773] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #2: comm syz.3.1011: corrupted inode contents
[  237.220511][ T8773] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #2: comm syz.3.1011: mark_inode_dirty error
[  237.254130][ T8773] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #2: comm syz.3.1011: corrupted inode contents
[  237.289619][ T8773] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #2: comm syz.3.1011: mark_inode_dirty error
[  237.316720][ T8773] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #2: comm syz.3.1011: corrupted inode contents
[  237.349687][ T8773] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #2: comm syz.3.1011: mark_inode_dirty error
[  237.434596][ T5864] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  238.149237][ T8799] __nla_validate_parse: 1 callbacks suppressed
[  238.149257][ T8799] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1022'.
[  238.835073][ T8815] loop3: detected capacity change from 0 to 2048
[  239.676502][ T6129] FAT-fs (loop2): unable to read inode block for updating (i_pos 1050)
[  239.919430][ T8815]  loop3: p1 p3 p4
[  239.968437][ T8815] loop3: p4 size 589824 extends beyond EOD, truncated
[  240.477507][ T8809] netlink: 'syz.2.1025': attribute type 13 has an invalid length.
[  240.558739][ T8805] atomic_op ffff888029149998 conn xmit_atomic 0000000000000000
[  240.597170][ T8838] netlink: 'syz.1.1035': attribute type 4 has an invalid length.
[  240.605184][ T8838] netlink: 3657 bytes leftover after parsing attributes in process `syz.1.1035'.
[  240.657849][ T8809] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  240.907393][ T8843] loop3: detected capacity change from 0 to 1024
[  240.959676][ T8843] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  241.330831][ T5864] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  241.474747][ T8858] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1043'.
[  241.578312][ T8858] 8021q: adding VLAN 0 to HW filter on device bond1
[  242.308335][ T8878] syzkaller0: entered allmulticast mode
[  242.330307][ T8878] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  242.346419][ T8878] batman_adv: batadv0: Removing interface: batadv_slave_0
[  242.367805][ T8878] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  242.382241][ T8889] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1057'.
[  242.387052][ T8878] batman_adv: batadv0: Removing interface: batadv_slave_1
[  242.391635][ T8889] ksmbd: Unknown IPC event: 4, ignore.
[  242.521784][ T8898] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1059'.
[  242.531335][ T8875] syzkaller0: left allmulticast mode
[  242.619797][ T8898] 8021q: adding VLAN 0 to HW filter on device bond2
[  242.737138][ T8906] loop3: detected capacity change from 0 to 128
[  242.749427][ T8879] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  242.755737][ T8879] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  242.759715][ T8906] FAT-fs (loop3): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  242.762021][ T8879] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  242.779696][ T8879] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  242.785846][ T8879] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  242.931606][ T6129] FAT-fs (loop3): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  244.396186][ T5872] Bluetooth: hci2: command 0x0c1a tx timeout
[  244.470410][ T8956] netlink: 'syz.1.1081': attribute type 4 has an invalid length.
[  244.499438][ T8956] netlink: 3657 bytes leftover after parsing attributes in process `syz.1.1081'.
[  244.796236][ T5872] Bluetooth: hci3: command 0x0c1a tx timeout
[  244.796255][ T5869] Bluetooth: hci4: command 0x0406 tx timeout
[  244.796298][ T5869] Bluetooth: hci1: command 0x0c1a tx timeout
[  246.185819][   T30] kauditd_printk_skb: 27 callbacks suppressed
[  246.185838][   T30] audit: type=1326 audit(1758674126.771:685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8997 comm="syz.2.1097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe62398eec9 code=0x7ffc0000
[  246.222167][ T8992] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1095'.
[  246.346075][   T30] audit: type=1326 audit(1758674126.811:686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8997 comm="syz.2.1097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=304 compat=0 ip=0x7fe62398eec9 code=0x7ffc0000
[  246.391134][   T30] audit: type=1326 audit(1758674126.811:687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8997 comm="syz.2.1097" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe62398eec9 code=0x7ffc0000
[  247.455815][   T30] audit: type=1326 audit(1758674128.041:688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9016 comm="syz.2.1104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe62398eec9 code=0x7ffc0000
[  247.489945][   T30] audit: type=1326 audit(1758674128.041:689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9016 comm="syz.2.1104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe62398eec9 code=0x7ffc0000
[  247.515642][   T30] audit: type=1326 audit(1758674128.041:690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9016 comm="syz.2.1104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe62398eec9 code=0x7ffc0000
[  247.660207][   T30] audit: type=1326 audit(1758674128.041:691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9016 comm="syz.2.1104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe62398eec9 code=0x7ffc0000
[  247.690402][   T30] audit: type=1326 audit(1758674128.041:692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9016 comm="syz.2.1104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe62398eec9 code=0x7ffc0000
[  247.744905][   T30] audit: type=1326 audit(1758674128.041:693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9016 comm="syz.2.1104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe62398eec9 code=0x7ffc0000
[  247.769725][   T30] audit: type=1326 audit(1758674128.041:694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9016 comm="syz.2.1104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe62398eec9 code=0x7ffc0000
[  249.535676][ T9057] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1121'.
[  249.943275][ T9073] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1128'.
[  250.966634][ T9114] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[  250.973495][ T9114] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  251.013367][ T9114] vhci_hcd vhci_hcd.0: Device attached
[  251.053109][ T9117] vhci_hcd: connection closed
[  251.060276][ T6283] vhci_hcd: stop threads
[  251.089435][ T6283] vhci_hcd: release socket
[  251.098962][ T6283] vhci_hcd: disconnect device
[  251.390886][ T9137] netlink: 100 bytes leftover after parsing attributes in process `syz.3.1150'.
[  252.158255][ T9145] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  252.164467][ T9145] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  252.170685][ T9145] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  252.176817][ T9145] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  252.182946][ T9145] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  252.469321][ T9158] 9pnet_virtio: no channels available for device syz
[  253.035925][ T9167] loop3: detected capacity change from 0 to 512
[  253.110120][   T30] kauditd_printk_skb: 21 callbacks suppressed
[  253.110139][   T30] audit: type=1326 audit(1758674133.701:716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9168 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2cff8eec9 code=0x7ffc0000
[  253.169031][   T30] audit: type=1326 audit(1758674133.731:717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9168 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2cff8eec9 code=0x7ffc0000
[  253.232266][   T30] audit: type=1326 audit(1758674133.731:718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9168 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=26 compat=0 ip=0x7fd2cff8eec9 code=0x7ffc0000
[  253.254529][   T30] audit: type=1326 audit(1758674133.731:719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9168 comm="gtp" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2cff8eec9 code=0x7ffc0000
[  253.283465][ T9167] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  253.331324][ T9167] ext4 filesystem being mounted at /224/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  253.375806][ T9167] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #2: comm syz.3.1161: corrupted inode contents
[  253.401414][ T9167] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #2: comm syz.3.1161: mark_inode_dirty error
[  253.447334][ T9167] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #2: comm syz.3.1161: corrupted inode contents
[  253.470672][ T9176] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #2: comm syz.3.1161: corrupted inode contents
[  253.504273][ T9176] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #2: comm syz.3.1161: mark_inode_dirty error
[  253.529592][ T9176] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #2: comm syz.3.1161: corrupted inode contents
[  253.542731][ T9178] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1164'.
[  253.563662][ T9176] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #2: comm syz.3.1161: mark_inode_dirty error
[  253.618032][ T9176] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #2: comm syz.3.1161: corrupted inode contents
[  253.668820][ T9176] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #2: comm syz.3.1161: mark_inode_dirty error
[  253.696460][ T9178] 8021q: adding VLAN 0 to HW filter on device bond1
[  253.810224][ T5864] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  253.836176][ T5877] Bluetooth: hci2: command 0x0c1a tx timeout
[  254.050920][ T9188] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1168'.
[  254.093664][ T9188] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1168'.
[  254.131370][ T9188] ksmbd: Unknown IPC event: 4, ignore.
[  254.195071][ T9206] netlink: 'syz.3.1177': attribute type 4 has an invalid length.
[  254.205255][ T9206] netlink: 3657 bytes leftover after parsing attributes in process `syz.3.1177'.
[  254.316210][ T5877] Bluetooth: hci3: command 0x0c1a tx timeout
[  254.324397][ T5877] Bluetooth: hci4: command 0x0406 tx timeout
[  254.330536][ T5877] Bluetooth: hci1: command 0x0c1a tx timeout
[  254.391890][   T30] audit: type=1326 audit(1758674134.971:720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9210 comm="syz.2.1179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe62398eec9 code=0x7ffc0000
[  254.456290][   T30] audit: type=1326 audit(1758674134.971:721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9210 comm="syz.2.1179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe62398eec9 code=0x7ffc0000
[  254.486245][   T30] audit: type=1326 audit(1758674134.971:722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9210 comm="syz.2.1179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fe62398eec9 code=0x7ffc0000
[  254.509083][   T30] audit: type=1326 audit(1758674134.971:723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9210 comm="syz.2.1179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe62398eec9 code=0x7ffc0000
[  254.573251][   T30] audit: type=1326 audit(1758674135.011:724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9210 comm="syz.2.1179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fe62398eec9 code=0x7ffc0000
[  254.596811][   T30] audit: type=1326 audit(1758674135.011:725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9210 comm="syz.2.1179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe62398eec9 code=0x7ffc0000
[  256.437205][ T9235] IPv6: Can't replace route, no match found
[  256.929292][ T9243] loop3: detected capacity change from 0 to 8192
[  257.099097][ T9243] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  257.160741][ T9242] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1190'.
[  257.293116][ T9256] lo speed is unknown, defaulting to 1000
[  257.299882][ T9256] lo speed is unknown, defaulting to 1000
[  257.309832][ T9256] lo speed is unknown, defaulting to 1000
[  257.423264][ T9256] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  257.645079][ T9256] lo speed is unknown, defaulting to 1000
[  257.667862][ T9256] lo speed is unknown, defaulting to 1000
[  257.691062][ T9256] lo speed is unknown, defaulting to 1000
[  257.715670][ T9256] lo speed is unknown, defaulting to 1000
[  257.741577][ T9256] lo speed is unknown, defaulting to 1000
[  257.812203][ T9243] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1190'.
[  257.847012][ T9243] ksmbd: Unknown IPC event: 4, ignore.
[  257.889684][    C0] I/O error, dev loop3, sector 1 op 0x1:(WRITE) flags 0x0 phys_seg 1 prio class 2
[  257.899057][    C0] Buffer I/O error on dev loop3, logical block 1, lost sync page write
[  257.907547][ T9243] loop3: detected capacity change from 8192 to 0
[  257.907675][    C1] I/O error, dev loop3, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  257.925529][ T9242] FAT-fs (loop3): FAT read failed (blocknr 1)
[  257.956633][ T9242] FAT-fs (loop3): unable to read inode block for updating (i_pos 1050)
[  258.147395][ T9269] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1201'.
[  258.244283][ T9269] 8021q: adding VLAN 0 to HW filter on device bond1
[  258.960837][ T9276] macvlan2: entered promiscuous mode
[  258.978143][ T9276] macvlan2: entered allmulticast mode
[  259.280237][ T5948] usb 3-1: new full-speed USB device number 3 using dummy_hcd
[  259.375835][   T30] kauditd_printk_skb: 77 callbacks suppressed
[  259.375861][   T30] audit: type=1326 audit(1758674139.961:803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9298 comm="syz.0.1210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76aa18eec9 code=0x7ffc0000
[  259.413540][   T30] audit: type=1326 audit(1758674140.001:804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9298 comm="syz.0.1210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76aa18eec9 code=0x7ffc0000
[  259.437634][ T5948] usb 3-1: device descriptor read/64, error -71
[  259.453910][   T30] audit: type=1326 audit(1758674140.031:805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9298 comm="syz.0.1210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f76aa18eec9 code=0x7ffc0000
[  259.484168][   T30] audit: type=1326 audit(1758674140.031:806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9298 comm="syz.0.1210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76aa18eec9 code=0x7ffc0000
[  259.507773][   T30] audit: type=1326 audit(1758674140.031:807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9298 comm="syz.0.1210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76aa18eec9 code=0x7ffc0000
[  259.531221][   T30] audit: type=1326 audit(1758674140.041:808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9298 comm="syz.0.1210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f76aa18eec9 code=0x7ffc0000
[  259.593039][ T9306] netlink: 'syz.3.1213': attribute type 4 has an invalid length.
[  259.601570][ T9306] netlink: 3657 bytes leftover after parsing attributes in process `syz.3.1213'.
[  259.638888][   T30] audit: type=1326 audit(1758674140.041:809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9298 comm="syz.0.1210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76aa18eec9 code=0x7ffc0000
[  259.686275][ T5948] usb 3-1: new full-speed USB device number 4 using dummy_hcd
[  259.688943][   T30] audit: type=1326 audit(1758674140.041:810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9298 comm="syz.0.1210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76aa18eec9 code=0x7ffc0000
[  259.720119][   T30] audit: type=1326 audit(1758674140.071:811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9298 comm="syz.0.1210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f76aa18eec9 code=0x7ffc0000
[  259.743158][   T30] audit: type=1326 audit(1758674140.071:812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9298 comm="syz.0.1210" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f76aa185d67 code=0x7ffc0000
[  259.826138][ T5948] usb 3-1: device descriptor read/64, error -71
[  259.947241][ T5948] usb usb3-port1: attempt power cycle
[  260.166080][ T9323] IPv6: Can't replace route, no match found
[  260.914622][ T9327] random: crng reseeded on system resumption
[  260.929155][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  261.076086][ T5948] usb 3-1: new full-speed USB device number 5 using dummy_hcd
[  261.109157][ T5948] usb 3-1: device descriptor read/8, error -71
[  261.433716][ T9334] netlink: 48 bytes leftover after parsing attributes in process `+}[@'.
[  261.635328][ T5948] usb 3-1: new full-speed USB device number 6 using dummy_hcd
[  261.646700][ T9340] netlink: 'syz.1.1227': attribute type 12 has an invalid length.
[  261.666923][ T5948] usb 3-1: device descriptor read/8, error -71
[  261.911441][ T5948] usb usb3-port1: unable to enumerate USB device
[  261.976929][ T9357] netlink: 'syz.3.1234': attribute type 4 has an invalid length.
[  261.984918][ T9357] netlink: 3657 bytes leftover after parsing attributes in process `syz.3.1234'.
[  263.144519][ T9360] qrtr: Invalid version 0
[  263.286307][ T9361] netlink: 'syz.1.1233': attribute type 1 has an invalid length.
[  263.294158][ T9361] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1233'.
[  266.170859][ T9410] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1254'.
[  266.595048][ T9425] IPVS: Error joining to the multicast group
[  267.373205][ T9448] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1271'.
[  267.414575][ T9448] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1271'.
[  267.460414][ T9448] ksmbd: Unknown IPC event: 4, ignore.
[  268.571279][ T9492] Driver unsupported XDP return value 0 on prog  (id 410) dev N/A, expect packet loss!
[  269.401384][ T9507] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  269.441741][   T43] lo speed is unknown, defaulting to 1000
[  269.534455][ T9507] netlink: 'syz.0.1296': attribute type 10 has an invalid length.
[  269.546082][ T9507] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1296'.
[  269.635355][ T9507] batman_adv: batadv0: Adding interface: virt_wifi0
[  269.707653][ T9507] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  269.760705][ T9507] batman_adv: batadv0: Interface activated: virt_wifi0
[  272.737328][   T43] IPVS: starting estimator thread 0...
[  272.784303][ T9566] serio: Serial port ptm0
[  272.836078][ T9567] IPVS: using max 26 ests per chain, 62400 per kthread
[  273.275620][   T30] kauditd_printk_skb: 67 callbacks suppressed
[  273.275640][   T30] audit: type=1326 audit(1758674153.861:880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9570 comm="syz.5.1324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2cff8eec9 code=0x7ffc0000
[  273.375771][   T30] audit: type=1326 audit(1758674153.901:881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9570 comm="syz.5.1324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd2cff8eec9 code=0x7ffc0000
[  273.430844][   T30] audit: type=1326 audit(1758674153.911:882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9570 comm="syz.5.1324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2cff8eec9 code=0x7ffc0000
[  273.469600][   T30] audit: type=1326 audit(1758674153.911:883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9570 comm="syz.5.1324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2cff8eec9 code=0x7ffc0000
[  273.504942][   T30] audit: type=1326 audit(1758674153.911:884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9570 comm="syz.5.1324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7fd2cff8eec9 code=0x7ffc0000
[  273.577278][   T30] audit: type=1326 audit(1758674153.911:885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9570 comm="syz.5.1324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2cff8eec9 code=0x7ffc0000
[  273.622453][   T30] audit: type=1326 audit(1758674153.911:886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9570 comm="syz.5.1324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2cff8eec9 code=0x7ffc0000
[  273.668222][   T30] audit: type=1326 audit(1758674153.911:887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9570 comm="syz.5.1324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fd2cff8eec9 code=0x7ffc0000
[  273.707152][   T30] audit: type=1326 audit(1758674153.911:888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9570 comm="syz.5.1324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2cff8eec9 code=0x7ffc0000
[  273.730014][   T30] audit: type=1326 audit(1758674153.911:889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9570 comm="syz.5.1324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2cff8eec9 code=0x7ffc0000
[  274.941762][ T9631] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1351'.
[  274.977102][ T9631] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1351'.
[  275.180941][ T9636] siw: device registration error -23
[  276.376026][ T9661] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  276.391592][ T9662] netlink: 'syz.3.1363': attribute type 10 has an invalid length.
[  276.746587][ T9683] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1280
[  276.923234][ T9693] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1376'.
[  277.247217][ T9711] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1385'.
[  278.081435][ T9748] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1402'.
[  279.030447][ T9763] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  279.139724][ T9763] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  279.231620][ T9763] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  279.399690][ T9763] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  279.608631][ T6283] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  279.662771][ T6283] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  279.719790][   T12] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  279.748631][   T12] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  280.560189][ T9840] netlink: 'syz.3.1437': attribute type 10 has an invalid length.
[  281.493436][ T9867] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  281.613773][ T9867] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  281.720229][ T9867] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  281.810172][ T9867] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  281.855631][   T30] kauditd_printk_skb: 79 callbacks suppressed
[  281.855651][   T30] audit: type=1326 audit(1758674162.441:969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9881 comm="syz.0.1457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76aa18eec9 code=0x7ffc0000
[  281.926185][   T30] audit: type=1326 audit(1758674162.481:970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9881 comm="syz.0.1457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=249 compat=0 ip=0x7f76aa18eec9 code=0x7ffc0000
[  282.128906][   T30] audit: type=1326 audit(1758674162.481:971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9881 comm="syz.0.1457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76aa18eec9 code=0x7ffc0000
[  282.155105][   T30] audit: type=1326 audit(1758674162.481:972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9881 comm="syz.0.1457" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76aa18eec9 code=0x7ffc0000
[  282.225340][   T12] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  282.250139][   T12] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  282.310148][  T801] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  282.406912][ T1159] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  282.523438][ T9891] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1460'.
[  282.816688][ T9890] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  282.849856][ T9890] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  282.880038][ T9890] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  282.912613][ T9890] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  282.956795][ T9890] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  283.109666][ T5918] IPVS: starting estimator thread 0...
[  283.210429][ T9906] IPVS: using max 25 ests per chain, 60000 per kthread
[  283.242678][ T9911] lo speed is unknown, defaulting to 1000
[  283.946091][   T30] audit: type=1326 audit(1758674164.531:973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9927 comm="syz.3.1474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faaa978eec9 code=0x7ffc0000
[  284.001819][ T9934] netlink: 'syz.5.1477': attribute type 1 has an invalid length.
[  284.042565][   T30] audit: type=1326 audit(1758674164.531:974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9927 comm="syz.3.1474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faaa978eec9 code=0x7ffc0000
[  284.094430][   T30] audit: type=1326 audit(1758674164.531:975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9927 comm="syz.3.1474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=99 compat=0 ip=0x7faaa978eec9 code=0x7ffc0000
[  284.202210][   T30] audit: type=1326 audit(1758674164.531:976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9927 comm="syz.3.1474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faaa978eec9 code=0x7ffc0000
[  284.397872][ T5872] Bluetooth: hci2: command 0x0c1a tx timeout
[  285.067051][ T5872] Bluetooth: hci4: command 0x0406 tx timeout
[  285.073332][ T5872] Bluetooth: hci1: command 0x0c1a tx timeout
[  285.079631][ T5872] Bluetooth: hci3: command 0x0c1a tx timeout
[  285.735253][   T30] audit: type=1326 audit(1758674166.321:977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9972 comm="syz.1.1490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd7738eec9 code=0x7ffc0000
[  285.861740][   T30] audit: type=1326 audit(1758674166.351:978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9972 comm="syz.1.1490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=280 compat=0 ip=0x7fcd7738eec9 code=0x7ffc0000
[  286.611632][ T9994] lo speed is unknown, defaulting to 1000
[  287.374752][ T5939] IPVS: starting estimator thread 0...
[  287.466141][T10017] IPVS: using max 26 ests per chain, 62400 per kthread
[  287.969185][T10030] usb usb8: usbfs: process 10030 (syz.3.1512) did not claim interface 0 before use
[  288.380272][   T30] kauditd_printk_skb: 1 callbacks suppressed
[  288.380317][   T30] audit: type=1326 audit(1758674168.911:980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10022 comm="syz.3.1512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faaa978eec9 code=0x7ffc0000
[  288.409060][    C1] vkms_vblank_simulate: vblank timer overrun
[  288.520739][T10030] lo speed is unknown, defaulting to 1000
[  288.595843][   T30] audit: type=1326 audit(1758674168.911:981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10022 comm="syz.3.1512" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faaa978eec9 code=0x7ffc0000
[  289.607050][T10061] netlink: 'syz.3.1524': attribute type 1 has an invalid length.
[  289.614994][T10061] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1524'.
[  289.998256][ T1159] FAT-fs (loop3): unable to read inode block for updating (i_pos 1050)
[  290.833552][T10086] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check.
[  291.062948][   T30] audit: type=1326 audit(1758674171.651:982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10094 comm="syz.0.1540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76aa18eec9 code=0x7ffc0000
[  291.176737][   T30] audit: type=1326 audit(1758674171.651:983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10094 comm="syz.0.1540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76aa18eec9 code=0x7ffc0000
[  291.227116][   T30] audit: type=1326 audit(1758674171.651:984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10094 comm="syz.0.1540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f76aa18eec9 code=0x7ffc0000
[  291.551366][   T30] audit: type=1326 audit(1758674171.681:985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10094 comm="syz.0.1540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76aa18eec9 code=0x7ffc0000
[  291.573730][    C1] vkms_vblank_simulate: vblank timer overrun
[  291.630954][   T30] audit: type=1326 audit(1758674171.681:986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10094 comm="syz.0.1540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76aa18eec9 code=0x7ffc0000
[  291.738371][   T30] audit: type=1326 audit(1758674171.751:987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10094 comm="syz.0.1540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7f76aa18eec9 code=0x7ffc0000
[  291.814204][   T30] audit: type=1326 audit(1758674171.751:988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10094 comm="syz.0.1540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76aa18eec9 code=0x7ffc0000
[  291.843430][T10110] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1547'.
[  291.878568][   T30] audit: type=1326 audit(1758674171.751:989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10094 comm="syz.0.1540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76aa18eec9 code=0x7ffc0000
[  292.668877][T10122] lo speed is unknown, defaulting to 1000
[  293.550575][    T9] IPVS: starting estimator thread 0...
[  293.666300][T10137] IPVS: using max 26 ests per chain, 62400 per kthread
[  294.220702][T10157] tipc: Started in network mode
[  294.234084][T10157] tipc: Node identity ac14140f, cluster identity 4711
[  294.250184][T10157] tipc: New replicast peer: 255.255.255.83
[  294.311314][T10157] tipc: Enabled bearer <udp:£>, priority 10
[  294.758209][T10181] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1576'.
[  294.802712][T10168] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1569'.
[  294.812209][T10168] ksmbd: Unknown IPC event: 4, ignore.
[  295.308519][   T43] tipc: Node number set to 2886997007
[  295.745312][T10214] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1591'.
[  295.767936][T10214] ksmbd: Unknown IPC event: 4, ignore.
[  295.986932][T10237] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1599'.
[  296.004282][T10238] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1598'.
[  296.494653][T10255] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1607'.
[  296.765671][T10257] netlink: 224 bytes leftover after parsing attributes in process `syz.5.1610'.
[  296.816224][T10257] ksmbd: Unknown IPC event: 4, ignore.
[  297.054329][T10279] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1619'.
[  297.367310][   T30] kauditd_printk_skb: 3 callbacks suppressed
[  297.367329][   T30] audit: type=1326 audit(1758674177.961:993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10296 comm="syz.5.1628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2cff8eec9 code=0x7ffc0000
[  297.467209][   T30] audit: type=1326 audit(1758674177.961:994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10296 comm="syz.5.1628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2cff8eec9 code=0x7ffc0000
[  297.516416][   T30] audit: type=1326 audit(1758674178.001:995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10296 comm="syz.5.1628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd2cff8eec9 code=0x7ffc0000
[  297.579556][   T30] audit: type=1326 audit(1758674178.001:996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10296 comm="syz.5.1628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2cff8eec9 code=0x7ffc0000
[  297.668567][   T30] audit: type=1326 audit(1758674178.001:997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10296 comm="syz.5.1628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2cff8eec9 code=0x7ffc0000
[  297.760497][   T30] audit: type=1326 audit(1758674178.001:998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10296 comm="syz.5.1628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7fd2cff8eec9 code=0x7ffc0000
[  297.830361][   T30] audit: type=1326 audit(1758674178.001:999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10296 comm="syz.5.1628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2cff8eec9 code=0x7ffc0000
[  297.946114][   T30] audit: type=1326 audit(1758674178.001:1000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10296 comm="syz.5.1628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2cff8eec9 code=0x7ffc0000
[  298.025772][   T30] audit: type=1326 audit(1758674178.001:1001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10296 comm="syz.5.1628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fd2cff8eec9 code=0x7ffc0000
[  298.106476][   T30] audit: type=1326 audit(1758674178.001:1002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10296 comm="syz.5.1628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2cff8eec9 code=0x7ffc0000
[  298.169625][T10326] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1641'.
[  298.278552][T10326] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1641'.
[  300.343220][T10377] netlink: 'syz.5.1659': attribute type 1 has an invalid length.
[  300.351206][T10377] netlink: 224 bytes leftover after parsing attributes in process `syz.5.1659'.
[  302.996280][T10421] usb usb8: usbfs: process 10421 (syz.3.1676) did not claim interface 0 before use
[  303.643664][T10407] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1673'.
[  303.681602][T10407] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1673'.
[  303.697077][T10407] ksmbd: Unknown IPC event: 4, ignore.
[  304.626156][ T5918] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  304.873002][   T30] kauditd_printk_skb: 4 callbacks suppressed
[  304.873022][   T30] audit: type=1326 audit(1758674185.461:1007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10438 comm="syz.2.1685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe62398eec9 code=0x7ffc0000
[  304.936133][ T5918] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  304.978600][ T5918] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  304.996111][   T30] audit: type=1326 audit(1758674185.501:1008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10438 comm="syz.2.1685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe62398eec9 code=0x7ffc0000
[  305.044690][   T30] audit: type=1326 audit(1758674185.501:1009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10438 comm="syz.2.1685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe62398eec9 code=0x7ffc0000
[  305.046678][ T5918] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  305.126132][   T30] audit: type=1326 audit(1758674185.511:1010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10438 comm="syz.2.1685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe62398eec9 code=0x7ffc0000
[  305.141760][ T5918] usb 1-1: New USB device found, idVendor=056e, idProduct=00fb, bcdDevice= 0.00
[  305.202530][   T30] audit: type=1326 audit(1758674185.511:1011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10438 comm="syz.2.1685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7fe62398eec9 code=0x7ffc0000
[  305.246073][ T5918] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  305.277699][ T5918] usb 1-1: config 0 descriptor??
[  305.283386][   T30] audit: type=1326 audit(1758674185.511:1012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10438 comm="syz.2.1685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe62398eec9 code=0x7ffc0000
[  305.307768][T10446] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1688'.
[  305.339375][T10446] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1688'.
[  305.380490][   T30] audit: type=1326 audit(1758674185.511:1013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10438 comm="syz.2.1685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fe62398eec9 code=0x7ffc0000
[  305.506129][   T30] audit: type=1326 audit(1758674185.511:1014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10438 comm="syz.2.1685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe62398eec9 code=0x7ffc0000
[  305.611733][T10454] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1691'.
[  305.648870][T10454] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1691'.
[  305.651777][T10455] tipc: Started in network mode
[  305.668738][T10455] tipc: Node identity 6649451a10f5, cluster identity 4711
[  305.676448][T10454] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1691'.
[  305.677388][T10455] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  305.728537][T10451] tipc: Resetting bearer <eth:syzkaller0>
[  305.783216][T10454] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1691'.
[  305.792505][T10454] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1691'.
[  305.801706][T10454] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1691'.
[  305.933298][T10454] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1691'.
[  305.947949][T10454] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1691'.
[  305.961471][T10454] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1691'.
[  306.291868][T10467] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  306.299210][T10467] IPv6: NLM_F_CREATE should be set when creating new route
[  306.706093][ T5978] tipc: Node number set to 1992049946
[  306.996839][ T5918] usbhid 1-1:0.0: can't add hid device: -71
[  307.002971][ T5918] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  307.021920][ T5918] usb 1-1: USB disconnect, device number 2
[  308.117620][T10451] tipc: Disabling bearer <eth:syzkaller0>
[  308.130890][T10498] netlink: 'syz.0.1707': attribute type 12 has an invalid length.
[  308.792982][ T5918] usb 1-1: new full-speed USB device number 3 using dummy_hcd
[  309.162258][ T5918] usb 1-1: device descriptor read/64, error -71
[  309.626297][ T5918] usb 1-1: new full-speed USB device number 4 using dummy_hcd
[  309.986085][ T5918] usb 1-1: device descriptor read/64, error -71
[  310.035159][T10559] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  310.071562][T10562] 9pnet_fd: Insufficient options for proto=fd
[  310.116537][ T5918] usb usb1-port1: attempt power cycle
[  310.323196][   T30] audit: type=1326 audit(1758674190.911:1015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10573 comm="syz.5.1742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2cff8eec9 code=0x7ffc0000
[  310.378612][   T30] audit: type=1326 audit(1758674190.911:1016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10573 comm="syz.5.1742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2cff8eec9 code=0x7ffc0000
[  310.414434][   T30] audit: type=1326 audit(1758674190.911:1017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10573 comm="syz.5.1742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2cff8eec9 code=0x7ffc0000
[  310.445162][   T30] audit: type=1326 audit(1758674190.911:1018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10573 comm="syz.5.1742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2cff8eec9 code=0x7ffc0000
[  310.480327][ T5918] usb 1-1: new full-speed USB device number 5 using dummy_hcd
[  310.515344][   T30] audit: type=1326 audit(1758674190.911:1019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10573 comm="syz.5.1742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=65 compat=0 ip=0x7fd2cff8eec9 code=0x7ffc0000
[  310.519317][ T5918] usb 1-1: device descriptor read/8, error -71
[  310.549855][T10580] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1745'.
[  310.586189][   T30] audit: type=1326 audit(1758674190.911:1020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10573 comm="syz.5.1742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2cff8eec9 code=0x7ffc0000
[  310.642467][   T30] audit: type=1326 audit(1758674190.911:1021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10573 comm="syz.5.1742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2cff8eec9 code=0x7ffc0000
[  310.683382][   T30] audit: type=1326 audit(1758674190.941:1022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10573 comm="syz.5.1742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2cff8eec9 code=0x7ffc0000
[  310.716044][   T30] audit: type=1326 audit(1758674190.941:1023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10573 comm="syz.5.1742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fd2cff8eec9 code=0x7ffc0000
[  310.719522][T10586] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  310.749907][   T30] audit: type=1326 audit(1758674190.941:1024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10573 comm="syz.5.1742" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7fd2cff8eec9 code=0x7ffc0000
[  310.847004][ T5918] usb 1-1: new full-speed USB device number 6 using dummy_hcd
[  310.876929][ T5918] usb 1-1: device descriptor read/8, error -71
[  310.935285][T10586] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  310.968541][T10594] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1749'.
[  310.996157][ T5918] usb usb1-port1: unable to enumerate USB device
[  311.003758][T10594] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1749'.
[  311.036177][T10594] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1749'.
[  311.110870][T10586] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  311.191199][T10594] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1749'.
[  311.221005][T10594] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1749'.
[  311.244928][T10594] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1749'.
[  311.280963][T10586] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  311.613018][T10594] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1749'.
[  311.623872][T10594] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1749'.
[  311.632900][T10594] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1749'.
[  311.716286][T10615] siw: device registration error -23
[  311.784730][   T36] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  312.348053][   T50] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  312.481649][   T36] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  312.505173][   T36] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  312.537102][T10624] rdma_rxe: rxe_newlink: failed to add wg0
[  313.207403][T10651] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1773'.
[  313.890287][T10674] ksmbd: Unknown IPC event: 4, ignore.
[  315.957332][T10724] program syz.5.1802 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  316.278607][T10738] __nla_validate_parse: 2 callbacks suppressed
[  316.278628][T10738] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1807'.
[  316.666472][T10752] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1811'.
[  316.873756][T10765] netlink: 'syz.5.1817': attribute type 27 has an invalid length.
[  317.997461][T10769] usb usb8: usbfs: process 10769 (syz.3.1816) did not claim interface 0 before use
[  318.360209][T10774] siw: device registration error -23
[  319.265582][T10765] bridge0: port 2(bridge_slave_1) entered disabled state
[  319.273505][T10765] bridge0: port 1(bridge_slave_0) entered disabled state
[  319.493549][T10787] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1821'.
[  319.548078][   T30] kauditd_printk_skb: 18 callbacks suppressed
[  319.548097][   T30] audit: type=1326 audit(1758674200.131:1043): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10785 comm="syz.3.1823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faaa978eec9 code=0x7ffc0000
[  319.579527][   T30] audit: type=1326 audit(1758674200.131:1044): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10785 comm="syz.3.1823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faaa978eec9 code=0x7ffc0000
[  319.593827][T10765] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  319.602431][   T30] audit: type=1326 audit(1758674200.141:1045): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10785 comm="syz.3.1823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faaa978eec9 code=0x7ffc0000
[  319.632695][   T30] audit: type=1326 audit(1758674200.141:1046): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10785 comm="syz.3.1823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7faaa978eec9 code=0x7ffc0000
[  319.659033][T10765] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  319.692516][   T30] audit: type=1326 audit(1758674200.141:1047): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10785 comm="syz.3.1823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faaa978eec9 code=0x7ffc0000
[  319.731739][   T30] audit: type=1326 audit(1758674200.141:1048): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10785 comm="syz.3.1823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7faaa978eec9 code=0x7ffc0000
[  319.774831][   T30] audit: type=1326 audit(1758674200.141:1049): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10785 comm="syz.3.1823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faaa978eec9 code=0x7ffc0000
[  319.798351][   T30] audit: type=1326 audit(1758674200.141:1050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10785 comm="syz.3.1823" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faaa978eec9 code=0x7ffc0000
[  319.873615][T10765] macvlan2: left promiscuous mode
[  319.880419][T10765] macvlan2: left allmulticast mode
[  319.929936][T10759] 8021q: adding VLAN 0 to HW filter on device bond0
[  319.938933][T10759] 8021q: adding VLAN 0 to HW filter on device team0
[  319.951923][T10759] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  319.968726][T10772] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1817'.
[  320.130172][  T801] netdevsim netdevsim5 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  320.130268][   T43] syz0: Port: 1 Link DOWN
[  320.166073][  T801] netdevsim netdevsim5 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  320.188246][  T801] netdevsim netdevsim5 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  320.225827][  T801] netdevsim netdevsim5 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  320.974612][T10820] netlink: 'syz.2.1836': attribute type 27 has an invalid length.
[  321.061633][T10822] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1836'.
[  321.235674][T10820] bridge0: port 2(bridge_slave_1) entered disabled state
[  321.243806][T10820] bridge0: port 1(bridge_slave_0) entered disabled state
[  321.478804][T10820] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  321.527775][T10820] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  321.711266][   T30] audit: type=1326 audit(1758674202.301:1051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10843 comm="syz.3.1845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faaa978eec9 code=0x7ffc0000
[  321.786345][   T30] audit: type=1326 audit(1758674202.331:1052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10843 comm="syz.3.1845" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faaa978eec9 code=0x7ffc0000
[  321.994197][T10824] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1836'.
[  322.012237][ T1159] netdevsim netdevsim2 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  322.028605][ T1159] netdevsim netdevsim2 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  322.048724][ T1159] netdevsim netdevsim2 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  322.100119][T10854] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1850'.
[  322.222275][ T1159] netdevsim netdevsim2 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  322.322801][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  322.932373][T10889] syzkaller0: entered promiscuous mode
[  322.959071][T10889] syzkaller0: entered allmulticast mode
[  323.762582][T10966] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1879'.
[  324.306424][T10986] delete_channel: no stack
[  325.424745][   T30] kauditd_printk_skb: 470 callbacks suppressed
[  325.424764][   T30] audit: type=1326 audit(1758674206.011:1523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10998 comm="syz.1.1894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd7738eec9 code=0x7ffc0000
[  325.485324][   T30] audit: type=1326 audit(1758674206.051:1524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10998 comm="syz.1.1894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd7738eec9 code=0x7ffc0000
[  325.509622][   T30] audit: type=1326 audit(1758674206.051:1525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10998 comm="syz.1.1894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcd7738eec9 code=0x7ffc0000
[  325.533019][   T30] audit: type=1326 audit(1758674206.051:1526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10998 comm="syz.1.1894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd7738eec9 code=0x7ffc0000
[  325.559122][   T30] audit: type=1326 audit(1758674206.051:1527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10998 comm="syz.1.1894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd7738eec9 code=0x7ffc0000
[  325.592124][   T30] audit: type=1326 audit(1758674206.051:1528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10998 comm="syz.1.1894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=460 compat=0 ip=0x7fcd7738eec9 code=0x7ffc0000
[  325.624865][   T30] audit: type=1326 audit(1758674206.051:1529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10998 comm="syz.1.1894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd7738eec9 code=0x7ffc0000
[  325.648894][   T30] audit: type=1326 audit(1758674206.051:1530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10998 comm="syz.1.1894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd7738eec9 code=0x7ffc0000
[  326.022112][T11031] netlink: 'syz.1.1906': attribute type 4 has an invalid length.
[  327.216442][T11043] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1911'.
[  327.246619][T11043] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1911'.
[  327.325214][T11020] infiniband !yz!: set active
[  327.357282][T11020] infiniband !yz!: added team_slave_0
[  327.364482][T11020] !yz!: rxe_create_cq: returned err = -12
[  327.394729][T11020] infiniband !yz!: Couldn't create ib_mad CQ
[  327.424012][T11020] infiniband !yz!: Couldn't open port 1
[  327.485625][T11020] RDS/IB: !yz!: added
[  328.031228][T11065] lo speed is unknown, defaulting to 1000
[  328.426675][T11064] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  328.432866][T11064] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  328.439060][T11064] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  328.445168][T11064] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  328.451341][T11064] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  328.605331][   T30] audit: type=1326 audit(1758674209.181:1531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11068 comm="syz.5.1920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2cff8eec9 code=0x7ffc0000
[  328.684124][   T30] audit: type=1326 audit(1758674209.181:1532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11068 comm="syz.5.1920" exe="/root/syz-executor" sig=0 arch=c000003e syscall=163 compat=0 ip=0x7fd2cff8eec9 code=0x7ffc0000
[  330.236171][ T5872] Bluetooth: hci2: command 0x0c1a tx timeout
[  330.476944][ T5869] Bluetooth: hci1: command 0x0c1a tx timeout
[  330.481748][ T5877] Bluetooth: hci3: command 0x0c1a tx timeout
[  330.483204][ T5872] Bluetooth: hci4: command 0x0406 tx timeout
[  330.682552][T11109] /dev/loop5: Can't open blockdev
[  330.798401][T11115] tmpfs: Bad value for 'mpol'
[  331.310154][T11124] netlink: 'syz.2.1943': attribute type 46 has an invalid length.
[  332.676712][T11169] lo speed is unknown, defaulting to 1000
[  333.156321][T11168] IPv6: Can't replace route, no match found
[  333.857970][T11182] usb usb8: usbfs: process 11182 (syz.5.1964) did not claim interface 0 before use
[  333.876698][T11178] sd 0:0:1:0: device reset
[  335.387152][T11202] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(7)
[  335.393751][T11202] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  335.460682][T11202] vhci_hcd vhci_hcd.0: Device attached
[  335.606931][T11205] vhci_hcd: connection closed
[  335.608154][T10864] vhci_hcd: stop threads
[  335.697276][    T9] vhci_hcd: vhci_device speed not set
[  335.717578][T11209] $Hÿ: renamed from bond0 (while UP)
[  335.739203][T10864] vhci_hcd: release socket
[  335.763054][T10864] vhci_hcd: disconnect device
[  335.788217][    T9] usb 37-1: new full-speed USB device number 2 using vhci_hcd
[  335.802351][T11209] $Hÿ: entered promiscuous mode
[  335.807621][T11209] bond_slave_0: entered promiscuous mode
[  335.816902][T11209] bond_slave_1: entered promiscuous mode
[  336.089178][   T30] kauditd_printk_skb: 2 callbacks suppressed
[  336.089198][   T30] audit: type=1326 audit(1758674216.681:1535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11222 comm="syz.3.1981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faaa978eec9 code=0x7ffc0000
[  336.184799][   T30] audit: type=1326 audit(1758674216.681:1536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11222 comm="syz.3.1981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faaa978eec9 code=0x7ffc0000
[  336.221621][   T30] audit: type=1326 audit(1758674216.691:1537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11222 comm="syz.3.1981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faaa978eec9 code=0x7ffc0000
[  336.245631][   T30] audit: type=1326 audit(1758674216.691:1538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11222 comm="syz.3.1981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faaa978eec9 code=0x7ffc0000
[  336.293707][   T30] audit: type=1326 audit(1758674216.691:1539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11222 comm="syz.3.1981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7faaa978eec9 code=0x7ffc0000
[  336.319913][   T30] audit: type=1326 audit(1758674216.701:1540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11222 comm="syz.3.1981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faaa978eec9 code=0x7ffc0000
[  336.344393][   T30] audit: type=1326 audit(1758674216.701:1541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11222 comm="syz.3.1981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=105 compat=0 ip=0x7faaa978eec9 code=0x7ffc0000
[  336.370130][   T30] audit: type=1326 audit(1758674216.701:1542): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=11222 comm="syz.3.1981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faaa978eec9 code=0x7ffc0000
[  336.509815][   T30] audit: type=1326 audit(1758674216.701:1543): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=11222 comm="syz.3.1981" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faaa978eec9 code=0x7ffc0000
[  336.596066][   T30] audit: type=1326 audit(1758674217.091:1544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11228 comm="syz.2.1984" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe62398eec9 code=0x7ffc0000
[  337.531230][T11260] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1993'.
[  338.045729][T11280] netlink: 'syz.1.1999': attribute type 27 has an invalid length.
[  338.173997][T11280] bridge0: port 2(bridge_slave_1) entered disabled state
[  338.183058][T11280] bridge0: port 1(bridge_slave_0) entered disabled state
[  338.604185][T11280] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  338.682356][T11310] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2008'.
[  338.688783][T11280] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  339.026373][T11300] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2007'.
[  339.058325][T11300] netlink: 224 bytes leftover after parsing attributes in process `syz.0.2007'.
[  339.069242][T11300] ksmbd: Unknown IPC event: 4, ignore.
[  339.273645][T11274] 8021q: adding VLAN 0 to HW filter on device bond0
[  339.298263][T11274] 8021q: adding VLAN 0 to HW filter on device team0
[  339.348010][T11274] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  339.406177][T11293] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1999'.
[  339.434337][T10864] netdevsim netdevsim1 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  339.456456][T10864] netdevsim netdevsim1 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  339.495030][T10864] netdevsim netdevsim1 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  339.521523][T10864] netdevsim netdevsim1 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  340.866149][    T9] vhci_hcd: vhci_device speed not set
[  342.367556][T11394] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2035'.
[  343.956880][T11437] netlink: 'syz.5.2053': attribute type 29 has an invalid length.
[  344.019784][T11437] netlink: 'syz.5.2053': attribute type 29 has an invalid length.
[  344.076913][T11441] netlink: 'syz.5.2053': attribute type 29 has an invalid length.
[  344.097254][T11437] netlink: 'syz.5.2053': attribute type 29 has an invalid length.
[  345.743205][T11520] lo speed is unknown, defaulting to 1000
[  345.755607][   T30] kauditd_printk_skb: 7 callbacks suppressed
[  345.755627][   T30] audit: type=1326 audit(1758674226.324:1552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11524 comm="syz.1.2085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd7738eec9 code=0x7ffc0000
[  345.836427][   T30] audit: type=1326 audit(1758674226.324:1553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11524 comm="syz.1.2085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=163 compat=0 ip=0x7fcd7738eec9 code=0x7ffc0000
[  346.056955][T11527] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  346.073466][T11527] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  346.093735][T11527] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  346.130331][   T30] audit: type=1326 audit(1758674226.324:1554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11524 comm="syz.1.2085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd7738eec9 code=0x7ffc0000
[  346.150663][T11527] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  346.196149][   T30] audit: type=1326 audit(1758674226.324:1555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11524 comm="syz.1.2085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd7738eec9 code=0x7ffc0000
[  346.207467][T11527] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  346.396125][T11541] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2092'.
[  347.755862][ T5872] Bluetooth: hci2: command 0x0c1a tx timeout
[  348.156127][ T5872] Bluetooth: hci4: command 0x0406 tx timeout
[  348.162256][ T5877] Bluetooth: hci1: command 0x0c1a tx timeout
[  348.239361][ T5872] Bluetooth: hci3: command 0x0c1a tx timeout
[  348.646482][T11597] tipc: Started in network mode
[  348.659504][T11597] tipc: Node identity ae0db8287da3, cluster identity 4711
[  348.681346][T11597] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  348.718116][T11606] syzkaller0: entered promiscuous mode
[  348.753026][T11606] syzkaller0: entered allmulticast mode
[  348.797353][T11597] tipc: Resetting bearer <eth:syzkaller0>
[  348.858485][T11609] usb usb8: usbfs: process 11609 (syz.2.2113) did not claim interface 0 before use
[  348.891159][   T30] audit: type=1326 audit(1758674229.475:1556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11610 comm="syz.5.2118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2cff8eec9 code=0x7ffc0000
[  348.928281][   T30] audit: type=1326 audit(1758674229.505:1557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11610 comm="syz.5.2118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=163 compat=0 ip=0x7fd2cff8eec9 code=0x7ffc0000
[  348.956378][   T30] audit: type=1326 audit(1758674229.505:1558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11610 comm="syz.5.2118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2cff8eec9 code=0x7ffc0000
[  348.994248][   T30] audit: type=1326 audit(1758674229.505:1559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11610 comm="syz.5.2118" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2cff8eec9 code=0x7ffc0000
[  349.996198][T11648] lo speed is unknown, defaulting to 1000
[  350.500402][T11645] IPv6: Can't replace route, no match found
[  350.506985][T11285] tipc: Node number set to 3551442984
[  350.809114][T11658] netlink: 'syz.2.2137': attribute type 22 has an invalid length.
[  351.319000][T11668] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2141'.
[  351.375875][T11667] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2141'.
[  351.395939][T11670] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2141'.
[  351.512890][T11675] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2144'.
[  352.348111][T11690] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2149'.
[  352.414891][T11690] netlink: 224 bytes leftover after parsing attributes in process `syz.5.2149'.
[  352.472250][T11690] ksmbd: Unknown IPC event: 4, ignore.
[  353.217206][T11722] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  354.315393][T11285] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  354.537407][T11285] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  354.598823][T11285] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  354.635369][T11285] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  354.663003][T11285] usb 4-1: New USB device found, idVendor=056e, idProduct=00fb, bcdDevice= 0.00
[  354.682869][T11285] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  354.716384][T11285] usb 4-1: config 0 descriptor??
[  356.066188][    T9] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  356.255908][    T9] usb 6-1: Using ep0 maxpacket: 8
[  356.493472][T11781] lo speed is unknown, defaulting to 1000
[  357.080468][T11782] IPv6: Can't replace route, no match found
[  357.243334][T11285] usbhid 4-1:0.0: can't add hid device: -71
[  357.264792][T11285] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  357.267936][    T9] usb 6-1: too many endpoints for config 0 interface 0 altsetting 250: 255, using maximum allowed: 30
[  357.285097][    T9] usb 6-1: config 0 interface 0 altsetting 250 has 1 endpoint descriptor, different from the interface descriptor's value: 255
[  357.348005][T11285] usb 4-1: USB disconnect, device number 2
[  357.380443][    T9] usb 6-1: config 0 interface 0 has no altsetting 0
[  357.411220][    T9] usb 6-1: New USB device found, idVendor=1770, idProduct=ff00, bcdDevice= 0.00
[  357.464851][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  357.532624][    T9] usb 6-1: config 0 descriptor??
[  358.036476][    T9] gt683r_led 0003:1770:FF00.0002: unknown main item tag 0x1
[  358.076944][    T9] gt683r_led 0003:1770:FF00.0002: item fetching failed at offset 3/5
[  358.955281][    T9] gt683r_led 0003:1770:FF00.0002: hid parsing failed
[  358.962164][    T9] gt683r_led 0003:1770:FF00.0002: probe with driver gt683r_led failed with error -22
[  358.985523][    T9] usb 6-1: USB disconnect, device number 2
[  360.471813][T11828] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  360.796464][T11847] tipc: Started in network mode
[  360.801414][T11847] tipc: Node identity 72dce7928c7e, cluster identity 4711
[  360.814453][T11847] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  360.826349][T11847] syzkaller0: entered promiscuous mode
[  360.832008][T11847] syzkaller0: entered allmulticast mode
[  360.868962][T11847] tipc: Resetting bearer <eth:syzkaller0>
[  360.893919][T11845] tipc: Resetting bearer <eth:syzkaller0>
[  360.929504][T11845] tipc: Disabling bearer <eth:syzkaller0>
[  360.954654][T11315] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  361.114994][T11315] usb 4-1: Using ep0 maxpacket: 8
[  361.126254][T11315] usb 4-1: config 0 interface 0 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  361.156099][T11315] usb 4-1: config 0 interface 0 has no altsetting 0
[  361.201779][T11315] usb 4-1: New USB device found, idVendor=5543, idProduct=0042, bcdDevice= 0.00
[  361.219004][T11315] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  361.235298][T11315] usb 4-1: config 0 descriptor??
[  361.836979][T11886] usb usb6: usbfs: process 11886 (syz.5.2226) did not claim interface 0 before use
[  362.122902][T11873] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2225'.
[  362.208782][T11890] netlink: 224 bytes leftover after parsing attributes in process `syz.1.2225'.
[  362.300189][T11890] ksmbd: Unknown IPC event: 4, ignore.
[  362.337978][T11315] uclogic 0003:5543:0042.0003: hidraw0: USB HID v0.07 Device [HID 5543:0042] on usb-dummy_hcd.3-1/input0
[  362.569532][T11328] usb 4-1: USB disconnect, device number 3
[  363.744279][T11328] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  363.905707][T11328] usb 2-1: Using ep0 maxpacket: 32
[  363.931621][T11328] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  363.967454][T11328] usb 2-1: config 0 interface 0 altsetting 16 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  364.019376][T11328] usb 2-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  364.046703][T11918] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2242'.
[  364.070771][T11328] usb 2-1: config 0 interface 0 has no altsetting 0
[  364.093001][T11918] netlink: 224 bytes leftover after parsing attributes in process `syz.0.2242'.
[  364.104710][T11328] usb 2-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00
[  364.123730][T11918] ksmbd: Unknown IPC event: 4, ignore.
[  364.132048][T11328] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  364.154273][T11328] usb 2-1: config 0 descriptor??
[  364.541327][T11946] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  364.653151][T11328] hid-thrustmaster 0003:044F:B65D.0004: unbalanced collection at end of report description
[  364.786407][T11328] hid-thrustmaster 0003:044F:B65D.0004: parse failed with error -22
[  364.876342][T11328] hid-thrustmaster 0003:044F:B65D.0004: probe with driver hid-thrustmaster failed with error -22
[  365.070152][T11328] usb 2-1: USB disconnect, device number 2
[  367.497902][T11968] lo speed is unknown, defaulting to 1000
[  367.506977][T11971] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2261'.
[  367.580411][T11971] netlink: 224 bytes leftover after parsing attributes in process `syz.3.2261'.
[  367.621461][T11971] ksmbd: Unknown IPC event: 4, ignore.
[  367.809410][T11967] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  367.815732][T11967] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  367.821847][T11967] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  367.828054][T11967] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  367.834295][T11967] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  368.895791][T11989] tipc: Enabled bearer <udp:s>, priority 10
[  369.351183][   T79] Bluetooth: hci5: Frame reassembly failed (-84)
[  369.357172][T12000] tipc: Started in network mode
[  369.362847][T12000] tipc: Node identity 5aa4e1dd6873, cluster identity 4711
[  369.370528][T12000] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  369.378515][T12000] syzkaller0: entered promiscuous mode
[  369.385210][T11996] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  369.407448][T12000] syzkaller0: entered allmulticast mode
[  369.433241][ T5872] Bluetooth: hci2: command 0x0c1a tx timeout
[  369.441505][T12000] tipc: Resetting bearer <eth:syzkaller0>
[  369.498832][T11994] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2271'.
[  369.508258][T11999] tipc: Resetting bearer <eth:syzkaller0>
[  369.530862][T11994] netlink: 224 bytes leftover after parsing attributes in process `syz.3.2271'.
[  369.540517][T11994] ksmbd: Unknown IPC event: 4, ignore.
[  369.563980][T11999] tipc: Disabling bearer <eth:syzkaller0>
[  369.993549][ T5872] Bluetooth: hci3: command 0x0c1a tx timeout
[  369.999860][ T5869] Bluetooth: hci4: command 0x0406 tx timeout
[  369.999887][ T5882] Bluetooth: hci1: command 0x0c1a tx timeout
[  370.453582][T12023] tipc: New replicast peer: 255.255.255.255
[  370.480519][T12023] tipc: Enabled bearer <udp:syz2>, priority 10
[  370.515211][T12009] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  370.521435][T12009] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  370.527687][T12009] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  370.533898][T12009] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  370.540032][T12009] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  371.353413][ T5877] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  372.126329][ T5877] Bluetooth: hci2: command 0x0c1a tx timeout
[  372.278853][ T5918] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  372.452499][T12039] lo speed is unknown, defaulting to 1000
[  373.242772][ T5877] Bluetooth: hci3: command 0x0c1a tx timeout
[  373.248923][ T5877] Bluetooth: hci4: command 0x0406 tx timeout
[  373.255004][ T5877] Bluetooth: hci1: command 0x0c1a tx timeout
[  374.127439][ T5918] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  374.282626][ T5918] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  374.332764][ T5918] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  374.348038][T12047] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  374.386504][ T5918] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  374.409657][ T5918] usb 2-1: config 0 descriptor??
[  374.452754][ T5918] usb 2-1: can't set config #0, error -71
[  374.467204][ T5918] usb 2-1: USB disconnect, device number 3
[  375.522687][T12062] vxcan3: entered promiscuous mode
[  381.590078][T12109] lo speed is unknown, defaulting to 1000
[  381.632678][T12145] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  381.638878][T12145] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  381.650188][T12145] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  381.656363][T12145] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  381.662513][T12145] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  383.900398][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  383.922297][ T5877] Bluetooth: hci3: command 0x0c1a tx timeout
[  383.928373][ T5877] Bluetooth: hci4: command 0x0406 tx timeout
[  383.935540][ T5877] Bluetooth: hci1: command 0x0c1a tx timeout
[  383.941818][ T5872] Bluetooth: hci2: command 0x0c1a tx timeout
[  384.023251][T12169] netlink: 'syz.5.2332': attribute type 1 has an invalid length.
[  384.077077][T12169] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2332'.
[  387.587186][T12190] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  387.618304][T12189] tipc: Disabling bearer <eth:syzkaller0>
[  387.951885][    T9] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  388.143515][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  388.201201][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  388.245045][    T9] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  388.305121][    T9] usb 2-1: New USB device found, idVendor=056e, idProduct=00fb, bcdDevice= 0.00
[  388.337384][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  388.487715][    T9] usb 2-1: config 0 descriptor??
[  389.080873][ T5918] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  389.255903][ T5918] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  389.290428][ T5918] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  389.314464][ T5918] usb 1-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[  389.334038][ T5918] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  389.356808][ T5918] usb 1-1: config 0 descriptor??
[  389.796794][    T9] usbhid 2-1:0.0: can't add hid device: -71
[  389.803548][    T9] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  389.928336][ T5918] cp2112 0003:10C4:EA90.0005: item fetching failed at offset 4/7
[  389.937105][ T5918] cp2112 0003:10C4:EA90.0005: parse failed
[  389.943163][ T5918] cp2112 0003:10C4:EA90.0005: probe with driver cp2112 failed with error -22
[  389.961618][    T9] usb 2-1: USB disconnect, device number 4
[  390.728539][ T5918] usb 1-1: USB disconnect, device number 7
[  391.965685][T12267] usb usb8: usbfs: process 12267 (syz.1.2359) did not claim interface 0 before use
[  396.220135][   T30] audit: type=1326 audit(1758674276.781:1560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12312 comm="syz.3.2382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faaa978eec9 code=0x7ffc0000
[  396.269958][   T30] audit: type=1326 audit(1758674276.781:1561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12312 comm="syz.3.2382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7faaa978eec9 code=0x7ffc0000
[  396.328524][   T30] audit: type=1326 audit(1758674276.781:1562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12312 comm="syz.3.2382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faaa978eec9 code=0x7ffc0000
[  396.382592][   T30] audit: type=1326 audit(1758674276.781:1563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12312 comm="syz.3.2382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=111 compat=0 ip=0x7faaa978eec9 code=0x7ffc0000
[  396.447406][T12317] lo speed is unknown, defaulting to 1000
[  396.488173][   T30] audit: type=1326 audit(1758674276.781:1564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12312 comm="syz.3.2382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faaa978eec9 code=0x7ffc0000
[  397.218518][   T30] audit: type=1326 audit(1758674276.781:1565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12312 comm="syz.3.2382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7faaa978eec9 code=0x7ffc0000
[  397.269976][   T30] audit: type=1326 audit(1758674276.781:1566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12312 comm="syz.3.2382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faaa978eec9 code=0x7ffc0000
[  397.359662][   T30] audit: type=1326 audit(1758674276.781:1567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12312 comm="syz.3.2382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7faaa978eec9 code=0x7ffc0000
[  397.421142][   T30] audit: type=1326 audit(1758674276.781:1568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12312 comm="syz.3.2382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faaa978eec9 code=0x7ffc0000
[  397.502402][   T30] audit: type=1326 audit(1758674276.791:1569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12312 comm="syz.3.2382" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7faaa978eec9 code=0x7ffc0000
[  398.208695][T12349] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  399.404441][T12362] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  401.296074][T12388] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  401.321745][T12387] tipc: Disabling bearer <eth:syzkaller0>
[  402.700323][T12419] lo: Caught tx_queue_len zero misconfig
[  403.191121][T12428] usb usb8: usbfs: process 12428 (syz.0.2420) did not claim interface 0 before use
[  405.013341][T12440] $Hÿ: left promiscuous mode
[  405.018492][T12440] bond_slave_0: left promiscuous mode
[  405.030891][T12440] bond_slave_1: left promiscuous mode
[  405.117033][T12440] syzkaller0: left promiscuous mode
[  405.821998][T12454] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2428'.
[  405.932423][T12454] netlink: 224 bytes leftover after parsing attributes in process `syz.0.2428'.
[  405.979535][T12454] ksmbd: Unknown IPC event: 4, ignore.
[  407.585296][T12482] netlink: 'syz.2.2438': attribute type 2 has an invalid length.
[  407.676473][T12488] siw: device registration error -23
[  408.342709][T12482] netlink: 137592 bytes leftover after parsing attributes in process `syz.2.2438'.
[  408.911820][T12494] netlink: 'syz.3.2443': attribute type 1 has an invalid length.
[  408.934164][T12494] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2443'.
[  409.024872][   T30] kauditd_printk_skb: 10 callbacks suppressed
[  409.024892][   T30] audit: type=1326 audit(1758674289.622:1580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12498 comm="syz.0.2445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76aa18eec9 code=0x7ffc0000
[  409.158471][   T30] audit: type=1326 audit(1758674289.662:1581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12498 comm="syz.0.2445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76aa18eec9 code=0x7ffc0000
[  409.182647][   T30] audit: type=1326 audit(1758674289.662:1582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12498 comm="syz.0.2445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f76aa18eec9 code=0x7ffc0000
[  409.205648][   T30] audit: type=1326 audit(1758674289.662:1583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12498 comm="syz.0.2445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76aa18eec9 code=0x7ffc0000
[  409.233490][   T30] audit: type=1326 audit(1758674289.662:1584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12498 comm="syz.0.2445" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76aa18eec9 code=0x7ffc0000
[  409.478033][T12505] usb usb8: usbfs: process 12505 (syz.5.2444) did not claim interface 0 before use
[  409.931801][T12511] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2442'.
[  410.107298][T12511] macsec1: entered allmulticast mode
[  410.183674][T12511] bridge0: entered allmulticast mode
[  410.241935][T12511] bridge0: port 3(macsec1) entered blocking state
[  410.299612][T12511] bridge0: port 3(macsec1) entered disabled state
[  410.546598][T12511] bridge0: left allmulticast mode
[  411.288297][T12521] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  411.699472][T12529] netlink: 'syz.0.2453': attribute type 2 has an invalid length.
[  411.798218][T12529] netlink: 137592 bytes leftover after parsing attributes in process `syz.0.2453'.
[  412.026881][T12532] lo speed is unknown, defaulting to 1000
[  412.498941][T12531] IPv6: Can't replace route, no match found
[  415.686861][T12565] netlink: 'syz.2.2467': attribute type 2 has an invalid length.
[  415.768942][T12565] netlink: 137592 bytes leftover after parsing attributes in process `syz.2.2467'.
[  417.123340][T12585] lo speed is unknown, defaulting to 1000
[  417.593041][T12584] IPv6: Can't replace route, no match found
[  417.814607][T12589] netlink: 'syz.3.2475': attribute type 1 has an invalid length.
[  417.847502][T12589] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2475'.
[  419.336706][T12608] netlink: 'syz.0.2481': attribute type 2 has an invalid length.
[  419.367338][T12608] netlink: 137592 bytes leftover after parsing attributes in process `syz.0.2481'.
[  423.114625][T12664] netlink: 'syz.0.2503': attribute type 1 has an invalid length.
[  423.176699][T12664] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2503'.
[  423.394024][ T5877] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  423.404416][ T5877] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  423.486936][ T5877] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  423.496845][ T5877] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  423.505260][ T5877] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  423.554948][T12668] lo speed is unknown, defaulting to 1000
[  424.619013][T12683] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2509'.
[  424.984781][T10864] bridge_slave_1: left allmulticast mode
[  425.006475][T10864] bridge_slave_1: left promiscuous mode
[  425.026689][T10864] bridge0: port 2(bridge_slave_1) entered disabled state
[  425.280705][T10864] bridge_slave_0: left allmulticast mode
[  425.309771][T10864] bridge_slave_0: left promiscuous mode
[  425.315675][T10864] bridge0: port 1(bridge_slave_0) entered disabled state
[  425.597556][ T5882] Bluetooth: hci5: command tx timeout
[  427.683603][ T5882] Bluetooth: hci5: command tx timeout
[  429.340918][T10864] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  429.357780][T10864] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  429.369605][T10864] bond0 (unregistering): Released all slaves
[  429.537894][T10864] bond1 (unregistering): Released all slaves
[  429.635763][T12714] syzkaller0: entered promiscuous mode
[  429.654580][T12733] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2528'.
[  429.696551][T12716] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  429.702743][T12716] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  429.709152][T12716] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  429.715283][T12716] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  429.721888][T12716] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  429.728197][T12716] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  429.738323][T12716] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  429.814891][T10864] tipc: Disabling bearer <udp:£>
[  429.855508][T10864] tipc: Left network mode
[  429.878310][T12736] lo speed is unknown, defaulting to 1000
[  429.977586][T12747] netlink: 'syz.5.2531': attribute type 2 has an invalid length.
[  429.985695][T12747] netlink: 137592 bytes leftover after parsing attributes in process `syz.5.2531'.
[  430.928897][T12756] kernel profiling enabled (shift: 16)
[  431.755161][ T5882] Bluetooth: hci5: command 0x0419 tx timeout
[  431.759266][ T5872] Bluetooth: hci4: command 0x0406 tx timeout
[  431.762701][ T5869] Bluetooth: hci2: command 0x0c1a tx timeout
[  431.776593][ T5877] Bluetooth: hci3: command 0x0c1a tx timeout
[  432.177242][T12751] bridge0: port 2(bridge_slave_1) entered disabled state
[  432.184947][T12751] bridge0: port 1(bridge_slave_0) entered disabled state
[  432.369532][T12751] tipc: Resetting bearer <eth:syzkaller0>
[  432.377154][T12751] syzkaller0: left promiscuous mode
[  432.382414][T12751] syzkaller0: left allmulticast mode
[  432.390553][   T30] audit: type=1326 audit(1758674312.995:1585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12757 comm="syz.2.2536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe62398eec9 code=0x7ffc0000
[  432.424081][   T30] audit: type=1326 audit(1758674313.005:1586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12757 comm="syz.2.2536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=194 compat=0 ip=0x7fe62398eec9 code=0x7ffc0000
[  432.451834][   T30] audit: type=1326 audit(1758674313.005:1587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12757 comm="syz.2.2536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe62398eec9 code=0x7ffc0000
[  432.483149][   T30] audit: type=1326 audit(1758674313.005:1588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12757 comm="syz.2.2536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fe62398eec9 code=0x7ffc0000
[  432.512876][T12668] chnl_net:caif_netlink_parms(): no params data found
[  432.522386][   T30] audit: type=1326 audit(1758674313.005:1589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12757 comm="syz.2.2536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe62398eec9 code=0x7ffc0000
[  432.614738][   T30] audit: type=1326 audit(1758674313.005:1590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12757 comm="syz.2.2536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe62398eec9 code=0x7ffc0000
[  432.715425][T10900] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  432.735748][T10900] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  432.744703][T10900] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  433.504006][T10900] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  433.509023][T12775] netlink: 'syz.3.2541': attribute type 1 has an invalid length.
[  433.523335][T12775] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2541'.
[  433.728873][T12783] netlink: 'syz.3.2543': attribute type 2 has an invalid length.
[  433.760414][T12783] netlink: 137592 bytes leftover after parsing attributes in process `syz.3.2543'.
[  433.849715][ T5877] Bluetooth: hci5: command 0x0419 tx timeout
[  434.596521][T12785] 
[  434.598918][T12785] =====================================
[  434.604499][T12785] WARNING: bad unlock balance detected!
[  434.610079][T12785] syzkaller #0 Not tainted
[  434.614503][T12785] -------------------------------------
[  434.620053][T12785] syz.2.2544/12785 is trying to release lock (namespace_sem) at:
[  434.627788][T12785] [<ffffffff82401096>] namespace_unlock+0x486/0x760
[  434.634524][T12785] but there are no more locks to release!
[  434.640243][T12785] 
[  434.640243][T12785] other info that might help us debug this:
[  434.648313][T12785] no locks held by syz.2.2544/12785.
[  434.653637][T12785] 
[  434.653637][T12785] stack backtrace:
[  434.659560][T12785] CPU: 1 UID: 0 PID: 12785 Comm: syz.2.2544 Not tainted syzkaller #0 PREEMPT(full) 
[  434.659589][T12785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  434.659609][T12785] Call Trace:
[  434.659617][T12785]  <TASK>
[  434.659625][T12785]  dump_stack_lvl+0x189/0x250
[  434.659652][T12785]  ? __pfx_dump_stack_lvl+0x10/0x10
[  434.659671][T12785]  ? __pfx__printk+0x10/0x10
[  434.659700][T12785]  ? namespace_unlock+0x486/0x760
[  434.659718][T12785]  ? namespace_unlock+0x486/0x760
[  434.659734][T12785]  ? namespace_unlock+0x486/0x760
[  434.659751][T12785]  print_unlock_imbalance_bug+0xdc/0xf0
[  434.659768][T12785]  lock_release+0x212/0x3e0
[  434.659789][T12785]  ? __pfx_call_rcu+0x10/0x10
[  434.659807][T12785]  up_write+0x2d/0x420
[  434.659824][T12785]  namespace_unlock+0x486/0x760
[  434.659841][T12785]  ? clone_mnt+0xba/0x9a0
[  434.659863][T12785]  ? copy_tree+0x80/0x930
[  434.659879][T12785]  ? __pfx_namespace_unlock+0x10/0x10
[  434.659899][T12785]  ? alloc_mnt_ns+0x241/0x300
[  434.659916][T12785]  copy_mnt_ns+0x6e5/0x880
[  434.659932][T12785]  ? trace_kmem_cache_alloc+0x1f/0xc0
[  434.659957][T12785]  ? preempt_schedule_common+0x83/0xd0
[  434.659977][T12785]  ? create_new_namespaces+0x31/0x720
[  434.660002][T12785]  create_new_namespaces+0xd1/0x720
[  434.660028][T12785]  ? bpf_lsm_capable+0x9/0x20
[  434.660051][T12785]  ? security_capable+0x7e/0x2e0
[  434.660076][T12785]  unshare_nsproxy_namespaces+0x11c/0x170
[  434.660101][T12785]  ksys_unshare+0x4c8/0x8c0
[  434.660127][T12785]  ? __pfx_ksys_unshare+0x10/0x10
[  434.660157][T12785]  __x64_sys_unshare+0x38/0x50
[  434.660181][T12785]  do_syscall_64+0xfa/0xfa0
[  434.660215][T12785]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  434.660232][T12785]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  434.660247][T12785]  ? clear_bhb_loop+0x60/0xb0
[  434.660274][T12785]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  434.660289][T12785] RIP: 0033:0x7fe62398eec9
[  434.660308][T12785] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  434.660322][T12785] RSP: 002b:00007fe624882038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  434.660339][T12785] RAX: ffffffffffffffda RBX: 00007fe623be6180 RCX: 00007fe62398eec9
[  434.660351][T12785] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040020000
[  434.660361][T12785] RBP: 00007fe623a11f91 R08: 0000000000000000 R09: 0000000000000000
[  434.660371][T12785] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  434.660380][T12785] R13: 00007fe623be6218 R14: 00007fe623be6180 R15: 00007ffd89487378
[  434.660399][T12785]  </TASK>
[  434.916331][T12785] ------------[ cut here ]------------
[  434.921828][T12785] DEBUG_RWSEMS_WARN_ON((rwsem_owner(sem) != current) && !rwsem_test_oflags(sem, RWSEM_NONSPINNABLE)): count = 0x0, magic = 0xffffffff8e48df00, owner = 0x0, curr 0xffff888026f73c80, list empty
[  434.940772][T12785] WARNING: kernel/locking/rwsem.c:1381 at up_write+0x3a2/0x420, CPU#1: syz.2.2544/12785
[  434.950668][T12785] Modules linked in:
[  434.954593][T12785] CPU: 1 UID: 0 PID: 12785 Comm: syz.2.2544 Not tainted syzkaller #0 PREEMPT(full) 
[  434.964136][T12785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  434.974382][T12785] RIP: 0010:up_write+0x3a2/0x420
[  434.979407][T12785] Code: d0 48 c7 c7 80 ff aa 8b 48 c7 c6 a0 01 ab 8b 48 8b 14 24 4c 89 f1 4d 89 e0 4c 8b 4c 24 08 41 52 e8 83 37 e6 ff 48 83 c4 08 90 <0f> 0b 90 90 e9 6d fd ff ff 48 c7 c1 74 37 c3 8f 80 e1 07 80 c1 03
[  434.999063][T12785] RSP: 0018:ffffc90004987af0 EFLAGS: 00010296
[  435.005142][T12785] RAX: a2db4876e5972200 RBX: ffffffff8e48df00 RCX: 0000000000080000
[  435.013178][T12785] RDX: ffffc9000f506000 RSI: 0000000000020ef6 RDI: 0000000000020ef7
[  435.021210][T12785] RBP: dffffc0000000000 R08: 0000000000000003 R09: 0000000000000004
[  435.029220][T12785] R10: dffffc0000000000 R11: fffffbfff1c3a654 R12: 0000000000000000
[  435.037251][T12785] R13: ffffffff8e48df58 R14: ffffffff8e48df00 R15: 1ffffffff1c91be1
[  435.045286][T12785] FS:  00007fe6248826c0(0000) GS:ffff888125b0a000(0000) knlGS:0000000000000000
[  435.054227][T12785] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  435.060933][T12785] CR2: 0000001b3361aff8 CR3: 00000000227d0000 CR4: 00000000003526f0
[  435.069131][T12785] Call Trace:
[  435.072475][T12785]  <TASK>
[  435.075623][T12785]  namespace_unlock+0x486/0x760
[  435.080507][T12785]  ? clone_mnt+0xba/0x9a0
[  435.084860][T12785]  ? copy_tree+0x80/0x930
[  435.089280][T12785]  ? __pfx_namespace_unlock+0x10/0x10
[  435.094700][T12785]  ? alloc_mnt_ns+0x241/0x300
[  435.099448][T12785]  copy_mnt_ns+0x6e5/0x880
[  435.103892][T12785]  ? trace_kmem_cache_alloc+0x1f/0xc0
[  435.109365][T12785]  ? preempt_schedule_common+0x83/0xd0
[  435.114839][T12785]  ? create_new_namespaces+0x31/0x720
[  435.120256][T12785]  create_new_namespaces+0xd1/0x720
[  435.125489][T12785]  ? bpf_lsm_capable+0x9/0x20
[  435.130187][T12785]  ? security_capable+0x7e/0x2e0
[  435.135149][T12785]  unshare_nsproxy_namespaces+0x11c/0x170
[  435.140988][T12785]  ksys_unshare+0x4c8/0x8c0
[  435.145541][T12785]  ? __pfx_ksys_unshare+0x10/0x10
[  435.150578][T12785]  __x64_sys_unshare+0x38/0x50
[  435.155379][T12785]  do_syscall_64+0xfa/0xfa0
[  435.159904][T12785]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  435.166006][T12785]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  435.171765][T12785]  ? clear_bhb_loop+0x60/0xb0
[  435.176624][T12785]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  435.182546][T12785] RIP: 0033:0x7fe62398eec9
[  435.187092][T12785] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  435.206778][T12785] RSP: 002b:00007fe624882038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  435.215263][T12785] RAX: ffffffffffffffda RBX: 00007fe623be6180 RCX: 00007fe62398eec9
[  435.223282][T12785] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040020000
[  435.231323][T12785] RBP: 00007fe623a11f91 R08: 0000000000000000 R09: 0000000000000000
[  435.239327][T12785] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  435.247333][T12785] R13: 00007fe623be6218 R14: 00007fe623be6180 R15: 00007ffd89487378
[  435.255363][T12785]  </TASK>
[  435.258403][T12785] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  435.265687][T12785] CPU: 1 UID: 0 PID: 12785 Comm: syz.2.2544 Not tainted syzkaller #0 PREEMPT(full) 
[  435.275060][T12785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  435.285130][T12785] Call Trace:
[  435.288463][T12785]  <TASK>
[  435.291408][T12785]  dump_stack_lvl+0x99/0x250
[  435.296014][T12785]  ? __asan_memcpy+0x40/0x70
[  435.300613][T12785]  ? __pfx_dump_stack_lvl+0x10/0x10
[  435.305813][T12785]  ? __pfx__printk+0x10/0x10
[  435.310433][T12785]  vpanic+0x237/0x6d0
[  435.314423][T12785]  ? __pfx_vpanic+0x10/0x10
[  435.318931][T12785]  ? is_bpf_text_address+0x26/0x2b0
[  435.324148][T12785]  panic+0xb9/0xc0
[  435.327895][T12785]  ? __pfx_panic+0x10/0x10
[  435.332316][T12785]  __warn+0x334/0x4c0
[  435.336324][T12785]  ? up_write+0x3a2/0x420
[  435.340670][T12785]  ? up_write+0x3a2/0x420
[  435.345032][T12785]  report_bug+0x2be/0x4f0
[  435.349372][T12785]  ? up_write+0x3a2/0x420
[  435.353726][T12785]  ? up_write+0x3a2/0x420
[  435.358060][T12785]  ? up_write+0x3a4/0x420
[  435.362408][T12785]  handle_bug+0x84/0x160
[  435.366670][T12785]  exc_invalid_op+0x1a/0x50
[  435.371216][T12785]  asm_exc_invalid_op+0x1a/0x20
[  435.376076][T12785] RIP: 0010:up_write+0x3a2/0x420
[  435.381026][T12785] Code: d0 48 c7 c7 80 ff aa 8b 48 c7 c6 a0 01 ab 8b 48 8b 14 24 4c 89 f1 4d 89 e0 4c 8b 4c 24 08 41 52 e8 83 37 e6 ff 48 83 c4 08 90 <0f> 0b 90 90 e9 6d fd ff ff 48 c7 c1 74 37 c3 8f 80 e1 07 80 c1 03
[  435.400724][T12785] RSP: 0018:ffffc90004987af0 EFLAGS: 00010296
[  435.406802][T12785] RAX: a2db4876e5972200 RBX: ffffffff8e48df00 RCX: 0000000000080000
[  435.414776][T12785] RDX: ffffc9000f506000 RSI: 0000000000020ef6 RDI: 0000000000020ef7
[  435.422753][T12785] RBP: dffffc0000000000 R08: 0000000000000003 R09: 0000000000000004
[  435.430725][T12785] R10: dffffc0000000000 R11: fffffbfff1c3a654 R12: 0000000000000000
[  435.438718][T12785] R13: ffffffff8e48df58 R14: ffffffff8e48df00 R15: 1ffffffff1c91be1
[  435.446710][T12785]  namespace_unlock+0x486/0x760
[  435.451572][T12785]  ? clone_mnt+0xba/0x9a0
[  435.455919][T12785]  ? copy_tree+0x80/0x930
[  435.460252][T12785]  ? __pfx_namespace_unlock+0x10/0x10
[  435.465633][T12785]  ? alloc_mnt_ns+0x241/0x300
[  435.470317][T12785]  copy_mnt_ns+0x6e5/0x880
[  435.474737][T12785]  ? trace_kmem_cache_alloc+0x1f/0xc0
[  435.480129][T12785]  ? preempt_schedule_common+0x83/0xd0
[  435.485603][T12785]  ? create_new_namespaces+0x31/0x720
[  435.490990][T12785]  create_new_namespaces+0xd1/0x720
[  435.496201][T12785]  ? bpf_lsm_capable+0x9/0x20
[  435.500895][T12785]  ? security_capable+0x7e/0x2e0
[  435.505845][T12785]  unshare_nsproxy_namespaces+0x11c/0x170
[  435.511578][T12785]  ksys_unshare+0x4c8/0x8c0
[  435.516095][T12785]  ? __pfx_ksys_unshare+0x10/0x10
[  435.521143][T12785]  __x64_sys_unshare+0x38/0x50
[  435.525926][T12785]  do_syscall_64+0xfa/0xfa0
[  435.530449][T12785]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  435.536524][T12785]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  435.542167][T12785]  ? clear_bhb_loop+0x60/0xb0
[  435.546874][T12785]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  435.552770][T12785] RIP: 0033:0x7fe62398eec9
[  435.557196][T12785] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  435.576806][T12785] RSP: 002b:00007fe624882038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  435.585235][T12785] RAX: ffffffffffffffda RBX: 00007fe623be6180 RCX: 00007fe62398eec9
[  435.593215][T12785] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040020000
[  435.601192][T12785] RBP: 00007fe623a11f91 R08: 0000000000000000 R09: 0000000000000000
[  435.609191][T12785] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  435.617173][T12785] R13: 00007fe623be6218 R14: 00007fe623be6180 R15: 00007ffd89487378
[  435.625250][T12785]  </TASK>
[  435.628600][T12785] Kernel Offset: disabled
[  435.632924][T12785] Rebooting in 86400 seconds..