last executing test programs:

7m24.862118607s ago: executing program 0 (id=1437):
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000200)=@ipv4_newroute={0x1c, 0x1a, 0x1, 0x80000000, 0x25dfdbfb, {0xa, 0x80, 0x80, 0x0, 0xfc, 0x0, 0xfe}}, 0x1c}, 0x1, 0x0, 0x0, 0x4004881}, 0x20000050)

7m24.665266976s ago: executing program 0 (id=1439):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeeb, 0x8031, 0xffffffffffffffff, 0xc36e5000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000440)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cipher_null\x00'}, 0x58)
r4 = accept$alg(r3, 0x0, 0x0)
r5 = dup(r4)
r6 = open(&(0x7f00000000c0)='./file0\x00', 0x1298c2, 0x14a)
ftruncate(r6, 0x200004)
sendfile(r5, r6, 0x0, 0x80001d00c0d1)
setsockopt(r5, 0x1, 0x20, &(0x7f0000000040)="c04bfa0a", 0x4)

7m22.686250652s ago: executing program 0 (id=1445):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x1)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000300)={0x1, 0x0, 0x0, 'queue1\x00'})
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x80000)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6, 0x10, 0x0, 0x7fff7ffc}]})
close_range(r1, 0xffffffffffffffff, 0x0)

7m22.547618809s ago: executing program 0 (id=1446):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x408e, &(0x7f0000000880)={[{@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@min_batch_time={'min_batch_time', 0x3d, 0xfff}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x80}}, {@stripe={'stripe', 0x3d, 0x12}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x20}}, {@max_batch_time={'max_batch_time', 0x3d, 0x7}}]}, 0x3, 0x43a, &(0x7f0000000340)="$eJzs28tvG0UYAPBv13FKXySU8ugDCBRExCNp0gI9cAGBxAEkJDiUY0jSqtRtUBMkWlUQECpHVIk74ojEX8AJLgg4IXGFO6pUoVxaOBmtvZs4jp0mwY5L/ftJm8zsjjPzeXbs2Z1sAH1rJPuRROyJiN8jYqieXV1gpP7r5tLl6b+XLk8nUa2+9VdSK3dj6fJ0UbR43e48M5pGpJ8lcahFvfMXL52dqlRmL+T58YVz74/PX7z07JlzU6dnT8+enzxx4vixiReen3yuI3Fmbbpx8KO5wwdee+fqG9Mnr77787dJEX9THB0yst7BJ6rVDlfXW3sb0slADxvCppQiIuuucm38D0UpVjpvKF79tKeNA7qqWq1Wd7c/vFgF7mBJbLTk2fzzArgzFF/02fVvsW3T1OO2cP2l+gVQFvfNfKsfGYg0L1Nuur7tpJGIOLn4z1fZFt25DwEAsMr32fznmVbzvzTubyh3d742NBwR90TEvoi4NyL2R8R9EbWyD0TEg5usv3mRZO38J722pcA2KJv/vZivba2e/xWzvxgu5bm9tfjLyakzldmj+XsyGuUdWX5inTp+eOW3L9oda5z/ZVtWfzEXzNtxbWDH6tfMTC1M/ZeYG13/JOLgQKv4k+WVgCQiDkTEwS3Wceapbw63O9Yu/vJG/nAH1pmqX0c8We//xWiKv5Csvz45fldUZo+OF2fFWr/8euXNdvXfuv+7K+v/XS3P/+X4h5PG9dr5zddx5Y/P217TbPX8H0zerqUH830fTi0sXJiIGExerze6cf/kymuLfFE+i3/0SOvxvy9W3olDEZGdxA9FxMMR8Uje9kcj4rGIOLJO/D+9/Ph7W4+/u7L4ZzbV/yuJwWje0zpROvvjd6sqHd5M/Fn/H6+lRvM9G/n820i7tnY2AwAAwP9PGhF7IknHltNpOjZW/3/5/bErrczNLzx9au6D8zP1ZwSGo5wWd7qGGu6HTuSX9UV+sil/LL9v/GVpZy0/Nj1Xmel18NDndrcZ/5k/S71uHdB1nteC/mX8Q/8y/qF/Gf/Qv1qM/529aAew/Vp9/3/cg3YA269p/Fv2gz7i+h/6l/EP/cv4h740vzNu/ZC8hMSaRKS3RTMkupTo9ScTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAZ/wbAAD//9E940M=")
creat(&(0x7f0000000040)='./bus\x00', 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x8042, 0x0)
mount(&(0x7f0000000880)=@loop={'/dev/loop', 0x0}, &(0x7f0000000840)='./bus\x00', 0x0, 0x1000, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7f03)
ioctl$KVM_GET_CLOCK(0xffffffffffffffff, 0x8030ae7c, 0x0)
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14113e, 0x6ceac77f206eabb9)
write$binfmt_script(r0, &(0x7f0000000080), 0x208e24b)
listxattr(&(0x7f0000000080)='./file1\x00', 0x0, 0x0)

7m21.925567276s ago: executing program 0 (id=1453):
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r0, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r0, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4})
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x40804)
r1 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000300)={[0x80, 0x9, 0xfffffffffffffffd, 0x0, 0x2, 0x0, 0x4002004c8, 0x1004, 0x45c5, 0xc595, 0x7, 0x2, 0x3, 0x2000000000000000, 0x80000004000000, 0xc], 0x8000000, 0x41257})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

7m20.897211091s ago: executing program 0 (id=1460):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4})
sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r2 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_group_source_req(r2, 0x29, 0x2e, 0x0, 0x108)

7m19.937665782s ago: executing program 32 (id=1460):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4})
sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r2 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_group_source_req(r2, 0x29, 0x2e, 0x0, 0x108)

7.357310709s ago: executing program 4 (id=3531):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000dd0000000000003b810000850000006d000000a50000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x84, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x20, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @netfilter=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000580)={r1, 0x0, 0x44, 0x0, &(0x7f0000000080)="f6f4e9a10000502468da5eb1c6b2feff8833c0000000000000c548dc7914cb11ad63bf3707164aac031971c4be105eb953f86fbc6b204e076aa7a493e796123bbbd8e3b7e62d8fd097cf21d6d431a069ebc0aefd5fce80cc99fb38c771fa46e2c32a95fe99", 0x0, 0x86, 0x0, 0xffffffffffffff80, 0x0, &(0x7f0000000000)="daf9e846ab156efc71b59652333536dbfd26a6d0546366e36eb77dd0aaa2dbe567d168904cf0d5bce1771889c98ffc0abf", 0x0}, 0x15)

7.128767349s ago: executing program 4 (id=3533):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x41, 0x0)
r1 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000)={0x40000000})
write$binfmt_aout(r0, 0x0, 0xff2e)

6.471114768s ago: executing program 4 (id=3537):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x200000000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000000)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0xce56fe61a68fc369, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000})
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r5, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x18)
io_setup(0x8f0, &(0x7f0000002400)=<r7=>0x0)
io_submit(r7, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x2002000000, 0x4, 0x0, 0x1, 0x0, r5, &(0x7f0000000040)="0200ffff0000", 0x6, 0x0, 0x0, 0x2}])

5.865273484s ago: executing program 1 (id=3542):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x47f2, 0x1})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x2)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, 0x0)

5.27004375s ago: executing program 2 (id=3544):
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000280), 0x42, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x4, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r1}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r2}, &(0x7f0000000040), &(0x7f0000000140)=r0}, 0x20)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
ppoll(&(0x7f0000000200)=[{r3}], 0x1, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x40000000000, 0x3, 0x4, 0xfffffffffffffffd, 0x0, 0x3}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7ffffffc}, 0x0, 0x0)
setns(0xffffffffffffffff, 0x24020000)

5.007588542s ago: executing program 4 (id=3546):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x2000081, &(0x7f0000000080)=ANY=[@ANYRES8=0x0, @ANYRES8, @ANYRES64, @ANYRES8], 0x0, 0x23e, &(0x7f0000000bc0)="$eJzs3c9qE1EUB+AzSdqmukgWrkRwQBeuStsnSJEKYldKFupCi21BklCwEGgVQ1c+gU/ic7jxDXwAoTtdFEYmSZsWUm0wf0r9vk0uzP3NOTe5Iau5eX2n1dja3ds5/PA9yuUkCrWoJUcR1ShEbiEAgOvmV5bFUdYzWrJUmFRPAMBkXfL3f3GKLQEAE/bs+Ysnaxsb60/TtBzR+tSuJ9F77V1f24m30YztWI5KHEdkp3rjR4831qOU5qpxv9Vp1/Nk69XX/v3XfkR08ytRierw/Eracybfadfn4ka/fi3Pr0Ylbg3Prw7JR30+Htw70/9SVOLbm9iNZmxFnh3kP66k6cPs88/3L/OO83zSadcXuvMGsuLUPxwAAAAAAAAAAAAAAAAAAAAAAK6tpTRN0yz7kmVZ1jl3/k7xuHt9KT1RPX8+Ty9/0flAnTPn6yznJZLe/EG+FLdLUZrl2gEAAAAAAAAAAAAAAAAAAOCq2Ns/aGw2m9vvxjo4eax//Hf+10EU+601k4gr0E93sJj3M51ad2PEWrURS0Rh/6Bxsrsam0n8JVWe0CbJhmy/4oWp+TFVn7853lUkETF3+mb+aXIh5sb8TQEAAAAAAAAAAAAAAAAAAKZs8NDvkIuHM2gIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGZg8P//Iww6/fAlUzNeIgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP+B3wEAAP//bkR7Lg==")
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='kfree\x00', r0}, 0x18)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r1, 0xa02000000000000, 0x60, &(0x7f0000000000)={'filter\x00', 0xb001, 0x4, 0x3e8, 0x0, 0x0, 0x130, 0x300, 0x300, 0x300, 0x7fffffe, 0x0, {[{{@arp={@local, @empty, 0x0, 0x0, 0x0, 0x0, {}, {@mac=@local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'pimreg\x00', 'veth0_to_bridge\x00'}, 0xc0, 0x130}, @unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "f67b23ffdfa27f907a03732da3acbc6518e62a77ca06f258762e88c0d9f9d2f413b94a105f4bdf01425ce81c5d000000000000000500ffffffff00"}}}, {{@arp={@multicast2, @empty, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0_to_team\x00', 'ip6tnl0\x00'}, 0xc0, 0xe8}, @unspec=@CLASSIFY={0x28}}, {{@uncond, 0xc0, 0xe8}, @unspec=@NFQUEUE3={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x438)

4.704874324s ago: executing program 5 (id=3549):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000cc0)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000007d000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x10)
r1 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
ioctl$USBDEVFS_CONTROL(r1, 0xc0105500, &(0x7f0000000140)={0x80, 0x6, 0x303, 0xfffd, 0x13, 0x0, 0x0})

4.510160733s ago: executing program 1 (id=3550):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB, @ANYRES32=r3, @ANYBLOB="0100000001"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=@newqdisc={0x48, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0xfffffffe, 0x8}}]}}]}, 0x48}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000480)=@newtfilter={0x24, 0x28, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {}, {0xfff1, 0x4}}}, 0x24}, 0x1, 0x0, 0x0, 0x48090}, 0x4c000)

3.837054572s ago: executing program 5 (id=3551):
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080), 0x101080, 0x0)
read$snapshot(r0, 0x0, 0x0)

3.808175114s ago: executing program 2 (id=3552):
bind$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='net_dev_xmit\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001600)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e01f3440cee51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cad32b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337602d3e5a815232f5e16c1b30c3a6abc85018e5ff2c91018afc9ffc2cc788bee1b47683db012469398685211dfbbae3e2ed0a50e7393bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d300006aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7af22e30d46a9d26d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977fb536a9caab37d9ac4cfc1c7b400000000000007ffc826b956ba859ac8e3c177b91bd7d5e41ff83ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d000069a16203a967c1bbe09315c29877a308bcc87dc3addb08142bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8240000e3428d2129369ee1b85af9ffffff0d0df414b315f651c8412392191fa83ee830548f11be359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92000000000f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb74d4ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905de328c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a978ee56c83a3466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342e0eaf6f330e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea95ec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf81700cd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be3827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f969369de47422604e2fc5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293b6c833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b612272d40f522d8c98c879aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbe71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd46dbd61627a2e0a74b5e6aefb7eee403502734137ff47a57f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a125e3af1130d66a7b66837ae7e7123dde7404a067ad0a6a2d6bec9411b61cad4121be3c72ff3a04713042253d438e7becf8120de3895b8ce974958bde39cb8da3427a2e9e2de936431e67fed5ab5684db07de39083d8948cc4c8a2608100000000000000000000aecb8b0b7941088f971ce17427eec32a012295cc0cdd32955176b6ad5a4bb953e58ccfa9428f452cfb5a48a9fda26db3985c8be3c2f99827da074825b01c4a3a71fb59d5798100000000000000c76b05a45d2dd8c20d971e2f3e4369168f5cb83d6ff3a18733fec726034fbfa95624135bee374414b2c8c61f52357a520efd6a10aff244bc8a62ed367981fb4d5d77f7bc093958ff46527499957da4934cd4b370cf76f72dd05fa80cdfb68c836fd81be7a58532e041a87f9222f157610a4bcdc05b2a55308c8e7568b90f7a338557e816a16972aea79dff5becefa6f9c5ce6c58fb38da9e7532dc53cfdc2e789b76f7d32aca1bfea2aa62621b78dded30fc07171866bf3d552900000000a32dda61eeda1750e157c2d569b9d08f583c0ee28daec2e8bb85f3c8e91c4448096ee953def18dc73e55cb30f9cd069d8780b00eaba382f0c3ae391c30a5f1b0f36dd0c2193b791995d2890327a10d7abac76d1202f72e97f0105184d7aaaab8d3e29c9a8d263f076b55cf53c5bb9c0662a3d19a6722d7f83ae4331d3256f90af0857788b380ccc3b266c418e66d1d756d5df6423dd0cea67bc235d3776d22270fc19301ead09f156893e91a8322e39d998cf95eceb2afdff4674575ff6a3fac0bce5ba929d717204966a8e2438b257ffb4e17d3ee539a8ad0081395046f1b2df9d3d104bbe930e810776f0bcb1c81f8b337352e47c323508157daf8ab0d057d4d87da8ad14225f77d1d4bc353054c7af3c0c2226944e45ddb2b94e801fd5f00e61fd1783f9e9bd01506c734de5945028a9d48dc3eadc4b49f840ab44eac469cca98", @ANYRESHEX, @ANYRESHEX], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x5c, 0x0, 0xffffffffffffffff, 0xffffffffffffff7f}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x18000000000002a0, 0xe2c, 0x60000000, &(0x7f0000000100)="b9ff03316844268cb89e14f0080047e0ffff00124000632f77fbac14fe16e000030a07080403fe80000020006558845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x24, 0x60000000}, 0x2c)

3.699657659s ago: executing program 1 (id=3553):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f00000001c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'xchacha20\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000300)="c99b57381801238c09d0ff0f1d0dbd301e5a47b2f3caa73dcd2a6a370554375a", 0x20)
r5 = accept4(r4, 0x0, 0x0, 0x0)
sendmsg$ETHTOOL_MSG_CHANNELS_GET(r5, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={0x0, 0x104}, 0x1, 0x0, 0x0, 0x91}, 0x24008000)
recvmmsg$unix(r5, &(0x7f0000004ac0)=[{{0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000003c0)=""/67, 0x43}], 0x1}}], 0x1, 0x2124, 0x0)

3.698823229s ago: executing program 3 (id=3554):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000180), r0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='kfree\x00', r2}, 0x18)
sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000480)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01022dbd7000ffdb652520e7000109001f0070687931000000000a0001007770616e33000000050020"], 0x34}, 0x1, 0x0, 0x0, 0x4000000}, 0x40000)

3.517167517s ago: executing program 4 (id=3555):
syz_genetlink_get_family_id$ethtool(&(0x7f0000001440), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00'}, 0x94)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'wg0\x00', <r3=>0x0})
setsockopt$packet_int(r2, 0x107, 0x14, &(0x7f0000000080)=0x8000, 0x4)
sendto$packet(r2, &(0x7f0000000180)="0b03feff4f00020002004788aa96a13bb1000011000088ca1a00", 0x1fffc, 0x0, &(0x7f0000000140)={0x11, 0x0, r3}, 0x14)

3.516639367s ago: executing program 5 (id=3556):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x210000, &(0x7f0000000280)={[{@user_xattr}, {@noquota}, {@dioread_nolock}, {@jqfmt_vfsv1}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x70}}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x7b1}}, {@stripe={'stripe', 0x3d, 0x20}}, {@bsdgroups}, {@max_batch_time={'max_batch_time', 0x3d, 0x3fe}}, {@user_xattr}, {@noinit_itable}]}, 0x3, 0x583, &(0x7f0000000800)="$eJzs3c9rHGUfAPDvbHb7+32bQilvX15eCj1Yqd00iT8qeKhH0WJBPdclmYaSTbdkN6WJBduDvXiRIohYEO969+ChePHoX1HQQpES9OBlZTazybbZJJt0Y2L384Fpn2dmNs8888z34Zl9dpgABtaJ7J9CxPGI+CyJONyxrRj5xhNL+y0+vjmRLUk0m+/9lkSSr2vvn+T/H8wz/4mIHz+JOF1YXW59fmG6Uq2ms3l+pDFzbaQ+v3DmykxlKp1Kr46Nj597ZXzs9dde7VtdX7z4x5fv3n/r3KcnF7/47uGRu0mcj0P5ts56PINbnZkTzWZ+Tkpx/qkdR/tQ2G6S7PQBsCVDeZyXIuJ46XCpHfXA8+/jiGgCAyrZZPzv1V/Ac6I9Dmjf2/fpPvgf49GbSzdAq+tfXPpuJPa17o0OLCZP3Bll97vDfSg/K+P7X+/dzZbo3/cQABu6dTsizhaLq/u/JO//tu5sD/s8XYb+D/4+97Pxz0vdxj+F5fFPdBn/HOwSu1uxcfwXHvahmDVl4783uo5/lyethofy3L9aY75ScvlKNc36tn9HxKko7c3y683nnFt80FxrW+f4L1uy8ttjwfw4Hhb3PvmZyUqj8ix17vTodsR/u45/k+X2T7q0f3Y+PuixjGPpvf+vtW3j+m+v5jcRL3Rt/5UZrWT9+cmR1vUw0r4qVvv9zrGf1yq/e/1/+mEbqtpV1v4H1q//cNI5X1vffBlf7/szXWvbVq//Pcn7rfSefN2NSqMxOxqxJ3ln9fqxlc+28+39s/qfOrl+/9ft+t8fER/2WP87R7/939brv72y+k9uqv03n3jw9kdfrVV+b+3/cit1Kl/TS//X6wE+y7kDAAAAAACA3aYQEYciKZRjX54uFMrlpd93HI0DhWqt3jh9uTZ3dTJaz8oOR6nQnuk+3PF7iNH897Dt/NhT+fGIOBIRnw/tb+XLE7Xq5E5XHgAAAAAAAAAAAAAAAAAAAHaJg8vP/8cTz/9nfhna6aMDtl1x6f3fwADa8JX//XjTE7ArbRj/wHNL/MPgEv8wuMQ/DKTWFJ/4h8El/mFwiX8YXOIfAAAAAAAAAAAAAAAAAAAAAAAAAAAA+urihQvZ0lx8fHMiy09en5+brl0/M5nWp8szcxPlidrstfJUrTZVTcsTtZmN/l61Vrs2OhZzN0Yaab0xUp9fuDRTm7vauHRlpjKVXkq9ZxwAAAAAAAAAAAAAAAAAAABWq88vTFeq1XS2D4lStZoWIqKXnSP6VOgAJrJ2u1Xs7TxvTyKJlTXF3XJaJPqa2OmeCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABW/BUAAP//2SsyHQ==")
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x40)
futex(&(0x7f000000cffc)=0x2, 0xa, 0x100000, 0x0, 0x0, 0x3000000)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000580), 0x2, 0x0)
read(r0, &(0x7f0000000040)=""/148, 0xffffff96)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$cgroup_int(r1, &(0x7f0000000000), 0xffffff6a)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$P9_RREAD(r0, &(0x7f0000000ec0)={0xb0, 0x75, 0x1, {0xa5, "8ef23383c0c93c46595ebd1ab3c2fe43916c5068ec140a238b2558947cba3f34cded064aad403fc2772933c05d2bf3d581a474b11cc7009c45dfa9acaa390edc2d8a7406ee364bf5bcc02f3f26959fa901eb1cdff54886fae3fbf19c5949129bb648d82c3db0d9d206312533f5c2ae019000c45ea49fac3896ff8a3e628d8f78260b5f561f748109d8609779309328d82857348fe2262a9cae9ecd18bab80f54e9db65883e"}}, 0xb0)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r2}, &(0x7f0000000040), &(0x7f0000000280)='%pS    \x00'}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000838500000071000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40e00, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)

3.452156209s ago: executing program 3 (id=3557):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x200000000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000000)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0xce56fe61a68fc369, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000})
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r5, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x18)
io_setup(0x8f0, &(0x7f0000002400)=<r7=>0x0)
io_submit(r7, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x2002000000, 0x4, 0x0, 0x1, 0x0, r5, &(0x7f0000000040)="0200ffff0000", 0x6, 0x0, 0x0, 0x2}])

3.420968621s ago: executing program 2 (id=3558):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="18010000008000000000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x40}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000000000)={0x2, 0x24e23, @loopback}, 0x10)

3.145250923s ago: executing program 2 (id=3559):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001400)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000240)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r1, 0x0, 0x1}, 0x18)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
fcntl$lock(r2, 0x24, &(0x7f0000000180)={0x2, 0x1, 0x7, 0xa})

2.294692111s ago: executing program 1 (id=3560):
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000400)={@fallback, 0xffffffffffffffff, 0x24}, 0x20)

2.283796731s ago: executing program 5 (id=3561):
waitid(0x0, 0x0, 0x0, 0xe, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000000c00850000000f00000095"], &(0x7f0000000180)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2}, 0x94)
r1 = socket(0x10, 0x3, 0x6)
r2 = socket(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, 0x0)
sendmsg$nl_route_sched(r2, 0x0, 0x20008010)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000002c0)=0x1)
ioctl$TIOCSETD(r3, 0x5423, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.current\x00', 0x275a, 0x0)

2.06807152s ago: executing program 2 (id=3562):
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000280), 0x42, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x4, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r1}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r2}, &(0x7f0000000040), &(0x7f0000000140)=r0}, 0x20)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00"/12], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
ppoll(&(0x7f0000000200)=[{r3}], 0x1, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x40000000000, 0x3, 0x4, 0xfffffffffffffffd, 0x0, 0x3}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7ffffffc}, 0x0, 0x0)
setns(0xffffffffffffffff, 0x24020000)

2.035691582s ago: executing program 3 (id=3563):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8000000000000000}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r4)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x14, r5, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@void, @void}}}, 0x14}}, 0x4000054)

1.991624203s ago: executing program 1 (id=3564):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2, &(0x7f0000000340)={[{@jqfmt_vfsold}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x4000000}}, {@abort}, {@noload}, {@delalloc}, {@max_batch_time={'max_batch_time', 0x3d, 0x1}}, {@init_itable_val={'init_itable', 0x3d, 0x601}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@bsdgroups}, {@init_itable_val={'init_itable', 0x3d, 0xfff}}]}, 0xfa, 0x477, &(0x7f0000001380)="$eJzs3M9vFFUcAPDvTH/w21bEHyBIFY3EHy0tP+TgRaMJB01M9IDxVNtCKgs1tCZCiFYPeDQk3o3/hfGkF6NeNPGqd0NCDBdQL2tmZwaWZbfd0m0X2M8nme57M6/73ndm3u6bebsbQM8ayf4kEVsj4o+IGMqztxYYyR+uX70w9c/VC1NJVKtv/53Uyl27emGqLFr+35Y8U60W+Q1N6r34XsRkpTJztsiPLZz+cGz+3PkXZ09Pnpw5OXNm4ujRQwf3DB6ZONyROLO4ru36ZG73zmPvXnpz6vil939O0sjjjoY4OmUk37tNPdPpyrpsW1066a/fsvfXm+lmZwLd1BcR2eEaqPX/oeiLTTe2DcXrn3e1ccCaqlar1SVelRerwH0siW63AOiO8o0+u/4tl3UaetwVrrySXwBlcV8vlnxLf6R5Yu9Aw/Xt1g7WPxIRxxf//TpbYo3uQwAA1Ps+G/+80Gz8l8YjeWIw+/NAMYcyHBEPRsT2iHgoInZExMMRtbKPRsRjK6y/cYbk9vFPevmOg2tDNv57uZjbunX8l5ZFhvuK3LZa/APJidnKzIFin+yPgQ0nZpOZ8SXq+OG1379sta1+/JctWf3lWLBox+X+hht005MLk6uJud6VzyJ29TeLP4lyGieJiJ0RsesO65h9rr/ltuXjX0Lrp21b9ZuIZ/PjvxgN8ZeSlvOT4y8dmTg8tjEqMwfGyrPidr/8dvGtVvWvKv4OyI7/5qbn/434h5ONEfPnzp+qzdfOr+jps64TF//8ouU1TRF/1r3aOf+PbSvO/8HkndqKwWLDx5MLC2fHIwaTN25fP3Hz2cp8WT6Lf/++5v1/e9zcE49HxO6I2BMRT2QXhUXbn4yIpyJi3xI74adXn/5gmfibHP/1mSvN4p9e7vhH/fFfeaLv1I/fLR//xohodfwP1VL7izXtvP6128DV7DsAAAC4V+SfgU/S0RvpNB0dzT/DvyM2p5W5+YXnT8x9dGY6n/cejoG0vNM1VHc/dLy4N1zmJxryB4v7xl/1barlR6fmKtPdDh563JYW/T/zV1+3WwesuQ7MowH3KP0fepf+D70p0f+hp+n/0Lua9f9PW5Ye/XZNGwOsK+//0Lva6P+L+UPrUQFwb/L+D71L/4ee1PK78emqvvK/7on/it8zvFvac/8nIr0rmnH/J/rb/jGLFSSqQ3n/z9ZsaFqm269MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnfF/AAAA//8Qi+Nc")
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x9)
symlink(&(0x7f0000000440)='./cgroup.cpu/cgroup.procs\x00', &(0x7f0000000980)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
creat(&(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xa1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
rename(0x0, &(0x7f0000001900)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

1.962022285s ago: executing program 4 (id=3565):
creat(&(0x7f00000000c0)='./bus\x00', 0x182)
mount(0x0, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{}, 0x0, &(0x7f00000005c0)}, 0x20)
epoll_create1(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x8000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080", @ANYBLOB, @ANYBLOB], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f00000004c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x458, 0x190, 0x168, 0x10, 0x388, 0xb, 0x388, 0x250, 0x250, 0x388, 0x250, 0x3, 0x0, {[{{@ipv6={@remote, @rand_addr=' \x01\x00', [0xff6a], [0xff], 'ip6gretap0\x00', 'veth1_to_hsr\x00', {}, {0xff}, 0x3a, 0xb6, 0x0, 0x20}, 0x6000000, 0x128, 0x190, 0x0, {0x0, 0x28e}, [@inet=@rpfilter={{0x28}, {0x1}}, @common=@inet=@hashlimit1={{0x58}, {'netdevsim0\x00', {0x0, 0x0, 0x3ff, 0x1, 0xfffffffc, 0x10000, 0x80000001}}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x10000, '\x00', 'syz1\x00'}}}, {{@uncond, 0x0, 0xd0, 0x1f8, 0x0, {}, [@common=@eui64={{0x28}}]}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x0, 0x0, 'system_u:object_r:usb_device_t:s0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4b8)

1.504973475s ago: executing program 5 (id=3566):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={0x0}, 0x18)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000500)={'syzkaller0\x00', 0x7101})
r2 = accept4$tipc(r0, &(0x7f0000002d80)=@name, &(0x7f0000002dc0)=0x10, 0x800)
connect$tipc(r2, &(0x7f0000002e00)=@id={0x1e, 0x3, 0x2, {0x4e23, 0x4}}, 0x10)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa802, 0x0)
close(r3)
socket$inet6(0xa, 0x2, 0x0)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast})
mkdir(&(0x7f0000000000)='./file0\x00', 0xe6)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f0000000440)=ANY=[@ANYBLOB="1800f9fffdffffff0000000000000000851000222600000085000c00890000009500000000000000"], 0x0, 0xfffffffe, 0x0, 0x0, 0x727c45cd4283345, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_mount_image$ext4(&(0x7f0000000540)='ext4\x00', &(0x7f0000000580)='./file0\x00', 0x0, &(0x7f00000005c0), 0x1, 0x502, &(0x7f0000000600)="$eJzs3V9oXFkZAPDvTpOY7WY7FRbUZdGg4C6uJm2T7boUpAX/UZtSG1+0gZK00yR0kgnJRJsIUrFIwRefRKgU7YOCKMbHvqkIWiz6UCj6UooU1EJbqPocuTNzY0gmzWybzm3T3w9O77ln2jnn3m/uzD2n954bwAurNyIORsSOiHgrIoqN8kIjxfl6Sv/e2MDSRJqSWF4efpBEEhGHB5YmsvdKGsuXG2/wZkT8rjOJsQvr651bWDw7Wi6XZhvr/dWpmf65hcVPTU6NjpfGS9MD777z6f0Dbw/uH9iybb09emLqF5WhAz+9e/TXH/74Jx4kcTB6Gq+t3o6t0hu9jX3SGa+sfiGJ+PpWV5az7lX5pCPHhtCyP73z+g/ybgMA0H6Fxrl/R+38vxg7on7y1n1j5GEx7vx5o393eOTyv9rZTgAAAODxLS9/pLEEAAAAtq9E3x8AAAC2uew6gMMDSxNZate1B3e/0K6a2Mi9QxGxux7/7P7u+isdjXt6u6MzInb+O4nVt/Uma+75fRzVz0X0xjf+UD3//TNpiqd0HzbPpqW/590C8tQ1mHcLyNNrX867BeTpLxfzbgF5unEv7xaQp+PDebeAPB3dn3cLyNOlB3m3gN8cqk8AuH78r1Cb8y8b5Vk7/pPmX3rCuu8XInqj+5ery4z/tFc2/je2bvyvsDL+t2OD8b9dLdZx9Ws3P9Ss/ItfTeM/PJaN/31y5EeltP50+cQbRkvufTvitY5m8U9W4p9sEP9ii3X8/vpg05H+3+5K4/+zn6fxzpL4t9fyTyLeiObxzySPnp+1/8xkubSn/mfTOj768B//bVY+/dc0/tc+kx3/aUrrz/4vgKcvPf53bhD/zb7/d7dYx5XJO01Heod70vi/8a1Hx79wtyv5Su3D2NUoOTdarc7ujehKjqwv3/de98CLJdtH2T5M4//mx5r//n+wtmz+/Z9+Jt7fYp1HThQONCsf/FUa/+993vGfnzT+pzc5/jf6/X+11Tpu3h5tVj7x2TT+x6+IPwAAAAAAAAA8mUJE9ERS6FvJFwp9ffVneL8aOwvlylz1rTOV+enTUXtW9u7oLGRXehXr60m6vrdxPVC2vm/N+kDjepGLxZdq632nKuXTeW88AAAAbHM9EbdOfOfqB15e0///Z7He/wcAAACef2n///UfX76U5v/T6kQ+AAAAwHMl7f8//O79a6H/DwAAANuW/j8AAABsf1n//9jQUBwbGlrOnvs3XRmfPDsx8+6+PX1T86f6TlVmZ/rGK5Xx2ox9U5u/b7lSmdn7dsyf66+W5qr9cwuLJ6cq89PVk7Xnxp4sdbZh24DNXfjb1ZG82wAAALRPzwbz/7+yau7+PRGxKyKuFzvfl831DwAAADz7eiJufemH3/zj3MLi2dFyuTQrIyMjs5LJ+xsKAADYav8/6c+7JQAAAAAAAAAAAAAAAAAAAPDiasd0YnlvIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM+P/wUAAP//faYBPg==")
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {0xb, 0xd}, {}, {0x8, 0xfff1}}}, 0x24}}, 0x40004)
readv(r4, &(0x7f0000002cc0)=[{&(0x7f0000000540)=""/214, 0xd6}, {&(0x7f0000000380)=""/144, 0x90}, {&(0x7f0000000740)=""/132, 0x84}, {&(0x7f0000000040)=""/59, 0x3b}, {&(0x7f0000000180)=""/40, 0x28}, {&(0x7f00000002c0)=""/101, 0x65}, {&(0x7f00000004c0)=""/58, 0x3a}, {&(0x7f0000000800)=""/86, 0x56}, {&(0x7f0000000880)=""/231, 0xe7}, {&(0x7f0000001cc0)=""/4096, 0x1000}], 0xa)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41)
r8 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341)
prctl$PR_SET_NAME(0xf, &(0x7f0000002e40)='/dev/bus/usb/00#/00#\x00')
ioctl$USBDEVFS_IOCTL(r8, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect)
recvmmsg(r7, &(0x7f0000005140)=[{{0x0, 0x0, &(0x7f0000001a80)=[{&(0x7f0000000640)=""/216, 0xd8}, {&(0x7f00000052c0)=""/235, 0xeb}, {&(0x7f0000003080)=""/4096, 0x1000}], 0x3}, 0x3}], 0x1b00, 0x0, 0x0)

1.061098744s ago: executing program 3 (id=3567):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=@newlink={0x44, 0x10, 0x403, 0xfffffffc, 0x3f, {0x0, 0x0, 0x0, 0x0, 0x88adfda5, 0xa90}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BR_GROUP_FWD_MASK={0x6, 0x9, 0x8001}, @IFLA_BR_VLAN_STATS_PER_PORT={0x5, 0x2d, 0x1}]}}}]}, 0x44}, 0x1, 0x300000000000000, 0x0, 0x4004}, 0x0)

745.905568ms ago: executing program 2 (id=3568):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
recvfrom(r0, 0x0, 0x0, 0x40000063, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000480)=0x7)
recvmmsg(r0, &(0x7f0000001ec0)=[{{&(0x7f0000000180)=@in={0x2, 0x0, @remote}, 0x80, &(0x7f00000000c0)=[{&(0x7f00000000c0)}], 0x1, &(0x7f00000005c0)=""/247, 0xf7}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000006c0)=""/214, 0xd6}, {&(0x7f0000000440)=""/39, 0x27}, {&(0x7f00000007c0)=""/117, 0x75}, {&(0x7f0000000840)=""/48, 0x30}, {0x0}, {&(0x7f0000000880)=""/73, 0x49}], 0x6, &(0x7f0000000980)=""/145, 0x91}, 0xffff3169}, {{&(0x7f0000000a40)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, 0x80, &(0x7f0000000c80), 0x0, &(0x7f0000000cc0)=""/51, 0x33}, 0x21e}, {{&(0x7f0000000d00)=@in6={0xa, 0x0, 0x0, @ipv4={""/10, ""/2, @initdev}}, 0x80, &(0x7f0000000d80)=[{&(0x7f0000001e00)=""/106, 0x6a}], 0x1, &(0x7f0000001e80)=""/33, 0x21}, 0x4}], 0x4, 0x0, &(0x7f0000001fc0))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2}, 0x94)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
unshare(0x2040400)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write(r3, &(0x7f0000000080)="520003000100b8", 0x7)

426.483792ms ago: executing program 1 (id=3569):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1e, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x1e00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f00000007c0)={[{@nodioread_nolock}, {@errors_remount}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5a}}, {@nouid32}, {@resgid}, {@acl}, {@init_itable_val={'init_itable', 0x3d, 0x3}}]}, 0x1, 0x46f, &(0x7f0000000bc0)="$eJzs281rHOUfAPDvTF7a/vqS/Gp9aa0aLUJQTJq0ag9eFAWRioIe6jEm2xK6baSJYmuxqYgnQQp6Fo+if4E3EUQ9CV49eZJC0V7aeorM7Ey62WYTazaZ2P18YLPPM/PszvebeXv2eXYD6FpD2Z8kYkdE/BoRA43q0gZDjafrV89P3rh6fjKJhYXX/kjydteunp8sm5av215UhtOI9MOk2MhSs2fPnZyo12tnivro3Km3RmfPnnvinVMTJ2onaqfHjxw5fGjs6afGn+xInlle1/a9P7N/74tvXHp58tilN3/8Oot3R7G+OY9OGcoS/3Mh17ru0U5vrGI7m8pJb4WBcFt6IiLbXX35+T8QPXFz5w3ECx9UGhywrrJ705b2q+cXgDtYElVHAFSjvNFnn3/LxwZ1PTaFK882PgBleV8vHo01vZEWbfpaPt920lBEHJv/6/PsEes0DgEA0Ozjyc+O9kfEeze+einrewwsrknjnvz5t/zvrmIOZTAi/h8RuyPirojYExF3R+Rt742I+9YYz639n/TyGt9yRVn/75libmtp/6/s/cVgT1HbmefflxyfrtcOFv+T4ejbktXHVtjGt8//8km7dc39v+yRbb/sCxZxXO5tGaCbmpibyDulHXDlYsS+3uXyTxZnApKI2BsR+27vrXeVhenHvtzfrtHq+a+gA/NMC19k6c1n+c9HS/6lpHl+cvqW+cnRrVGvHRwtj4pb/fTzR6+22/6a8u+AK7XGc9P+b20ymDTP1852dvv/8vhP+5PX83nm/mLZuxNzc2fGIvqTo3l9yfLxm68t62X77PgfPrD8+b+7eE2W//0RkR3ED0TEgxHxUBH7wxHxSEQcWCHHH55bPf9IK9r/FyOmlr3+LR7/Lfv/9gs9J7//pt32/9n+P5yXhosl+fVvFcuFk10uWgNcy/8OAAAA/ivS/DvwSTqyWE7TkZHGd/j3xP/S+szs3OPHZ94+PdX4rvxg9KXlSNdAMR5an67XxpL54h0b46PjxVhxOV56qBg3/rRnW14fmZypT1WcO3S77W3O/8zvPVVHB6yzbcsuHe/f8ECACrTOo6dLqxdeCRcDuFP5vTZ0r1XO/3Sj4gA2nvs/dK/lzv8LLXVzAXBncv+H7uX8hy6Vfld1BECF3P+hK63ld/3rWNi6OcKoprBZd0peiCgL6aaIR2GdClVfmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADrj7wAAAP//KFzmgQ==")

373.112844ms ago: executing program 3 (id=3570):
r0 = creat(&(0x7f00000000c0)='./file0\x00', 0xf4)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0xffffffffffffffa0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
dup2(r0, r0)

223.443501ms ago: executing program 5 (id=3571):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000e40)=@raw={'raw\x00', 0x3c1, 0x3, 0x290, 0x0, 0x18c, 0x203, 0x8000000, 0x19030000, 0x3f0, 0x2e0, 0x2e0, 0x3f0, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE3={0x28, 'NFQUEUE\x00', 0x3, {0x0, 0x4}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0xb, 'syz1\x00', {0x6c8}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x2f0)
r1 = getpid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000f40)=ANY=[@ANYBLOB="61128c000000000061134c0000000000bf2000000000000007000000080000002d0301000000000095000000000000007126000000000000bf670000000000005601000000ff07ad6706000002000000070300000ee60000bf250000000000002d350000000000006507000002000000070700004c0000001f75000000000000bf54000000000000160400000400f9ffad3001000000000084000000000000004500000001f0ffff95000000000000006e8ad524a56600a5585b7351ca1136aef2e9407e5c2501d11900db85604036883647b1003f1403b816f511c8c56e56e40b01005505f8a89dae4293b10f3631b25fc9f189084c7fddccff01361d355f6cce8ec2abcdf1bc9040daef2cfa2046e2091e269f4734ffa55eb2d4e8de20b38c8808b365b46bd54c68cd30139a8c3827a7dd6d6e2b5fea3906f8456b0000000000ff07efffffff0047018ae79db613d2aec070f718ab629b4975320dd7a7da532281fd22c7b835005bf52715396669836db6000000005b4f0591ee7c8cd263dd172b28d01c4d8ddaf2cdad3d1a74a2f078aa6402483856a6e495408d0b33047f06aec2cc590df28efc7dbec6857db922195a271af103f03e1155197e067b2ebf4e2dae06e394c9639564f000fc3cdd05a157544d0200000000000000ee48f5287123a0d246c0c4c00fe979dbc09ed4db22d7172adc6ae8faa5f9ad188e07000000000000008d88a0b4684559d46cae41db1b914e93f1f88e80ef80c6ed3e1ff91ff111000000000000000000e33de432e488ad0e724c2d14a1e770e116984a5700afb8a1f3d47277ef0e33e7e00ec5f74e10937ba0e321346977b7d1b18013f509675b5b0f352e30dffda780055c301f4fc7d5a76475ace6b128b02bfd71023daffdf748a6bd356fcbacec96373d1101000736ac0bbcb5f4836bddfe8bf46308000000ade9e59fcf271bb98bd0b8b5216b858b414c31682f9f3db2e4d8e5898e445fe55ac56c0ddd932d838ff651023853d42210642986f8bbc7340bc8393f774318c9fc9b05788de2c6e601b50777e8dff581de1d5ae3d801ead7eba31126e2172fa1eadf5f3bec81004d00000000c8e4692e051c731f9ac766b7fd66278d40f0760f23e8c7d1f47cd8e02504e85e152955ad8acd989c0b2eea71414f533f5685c3904bfe1d0011ffc1ba5398f3d68124674478186edd036f15bf847c33f79e1a0ad3d2b5080ecb01420c9f1b534e969fce97ffff07000009000000bfe0ed7c5853a665c0805752dca0e571d75cac5a5d8e4f6e05055b6dec5a9a5696f053a92d81fd9e5f2b9dbbe24f38e745b5a95d45003d0600e413dc623f3e6b096c8b0ad7438c6631388892c55b0671140afbfb83bba415f729fea4c8a8a86189dceedad84cdd17c46bdd847a1f4b0facd3744f5bbb06abb319204fca4bcd4297fe7b4cee75abf43e14fe861224799c0f12702964fc890a176fdafa2c9387280b5693c000c0304cece48642649375dae0b7979b229f708a97349e96e783af9a23cd3980a2c29d3d62875e5319cd51bdd224878a0b25edf0e83c930633bd9a823e28f359608ea326c77a1aa17318f392a0ec6c188916f4149c503027feccfd68ec8278a90252693fb133c4615801077e1d75420017c03990b855fe481a20b4919bb11c6d737b6545ef140a0fc339bb53953662f1454f9852e7c4e17eb8e68f076c659f56d6c7f97a94d604f45cfe88b30c170000000001000000ef931f137967de563c29d81aacb3d48226a4e4b6670900000000000000fa68bff3693afc44db223f0400000000000000d23b48bb38b31a14ffcddd92c38f6b6d86a0e56d47a82bad5d2a6dce4c4d353261260c9d7a6bd9f2c872c4172a3d2ac80dfb71"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x94)

0s ago: executing program 3 (id=3572):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000080)={0x3, 0xc, 0x0, 0x0}, 0x94)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000000)={'netdevsim0\x00', &(0x7f00000000c0)=@ethtool_gfeatures={0x3d}})

kernel console output (not intermixed with test programs):

2259f8f749 code=0x7ffc0000
[  585.344919][   T26] audit: type=1326 audit(1764022699.275:1227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12205 comm="syz.5.2678" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  585.401233][   T26] audit: type=1326 audit(1764022699.315:1228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12205 comm="syz.5.2678" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  585.437880][   T26] audit: type=1326 audit(1764022699.315:1229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12205 comm="syz.5.2678" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  585.475280][   T26] audit: type=1326 audit(1764022699.315:1230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12205 comm="syz.5.2678" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  585.510412][   T26] audit: type=1326 audit(1764022699.315:1231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12205 comm="syz.5.2678" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  585.539334][   T26] audit: type=1326 audit(1764022699.315:1232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12205 comm="syz.5.2678" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  585.555613][T12212] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  585.569920][   T26] audit: type=1326 audit(1764022699.315:1233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12205 comm="syz.5.2678" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  585.597932][   T26] audit: type=1326 audit(1764022699.315:1234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12205 comm="syz.5.2678" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  585.621229][   T26] audit: type=1326 audit(1764022699.315:1235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12205 comm="syz.5.2678" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  585.756298][T12216] loop2: detected capacity change from 0 to 512
[  585.776574][T12216] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  585.808804][T12216] EXT4-fs error (device loop2): ext4_orphan_get:1400: inode #15: comm syz.2.2684: inode has both inline data and extents flags
[  585.842380][T12216] EXT4-fs (loop2): Remounting filesystem read-only
[  585.852205][T12216] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.2684: couldn't read orphan inode 15 (err -117)
[  585.870205][T12216] EXT4-fs (loop2): Remounting filesystem read-only
[  585.881500][T12216] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  585.928241][T12216] EXT4-fs error (device loop2): ext4_lookup:1858: inode #15: comm syz.2.2684: inode has both inline data and extents flags
[  585.945011][T12216] EXT4-fs (loop2): Remounting filesystem read-only
[  586.082239][ T4267] EXT4-fs (loop2): unmounting filesystem.
[  586.652691][T12237] xt_hashlimit: max too large, truncated to 1048576
[  586.659985][T12237] No such timeout policy "syz1"
[  588.162293][ T4389] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  588.354099][ T4389] usb 3-1: New USB device found, idVendor=0870, idProduct=0001, bcdDevice=28.a9
[  588.379767][ T4389] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  588.403776][ T4389] usb 3-1: config 0 descriptor??
[  588.642780][ T4275] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  588.669657][ T4275] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  588.672559][   T14] usb 3-1: USB disconnect, device number 18
[  588.683117][T12296] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  588.693884][T12296] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  588.703402][T12296] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  588.710815][T12296] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  589.472336][T12293] chnl_net:caif_netlink_parms(): no params data found
[  589.891533][T12293] bridge0: port 1(bridge_slave_0) entered blocking state
[  589.918380][T12293] bridge0: port 1(bridge_slave_0) entered disabled state
[  589.962339][T12293] device bridge_slave_0 entered promiscuous mode
[  590.040021][T12293] bridge0: port 2(bridge_slave_1) entered blocking state
[  590.057708][T12293] bridge0: port 2(bridge_slave_1) entered disabled state
[  590.082875][T12293] device bridge_slave_1 entered promiscuous mode
[  590.322734][T12293] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  590.418041][T12293] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  590.621562][T12293] team0: Port device team_slave_0 added
[  590.707400][T12293] team0: Port device team_slave_1 added
[  590.722158][T12296] Bluetooth: hci4: command 0x0406 tx timeout
[  590.802281][T12296] Bluetooth: hci2: command 0x0409 tx timeout
[  590.999516][T12369] syz.5.2736 uses obsolete (PF_INET,SOCK_PACKET)
[  591.006914][T12293] batman_adv: batadv0: Adding interface: batadv_slave_0
[  591.017581][T12293] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  591.072079][T12293] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  591.141392][T12293] batman_adv: batadv0: Adding interface: batadv_slave_1
[  591.154748][T12293] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  591.238578][T12293] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  591.309770][T12377] fuse: Bad value for 'fd'
[  591.543629][T12293] device hsr_slave_0 entered promiscuous mode
[  591.566334][T12293] device hsr_slave_1 entered promiscuous mode
[  591.585370][T12293] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  591.599831][T12293] Cannot create hsr debugfs directory
[  592.176717][    T9] device hsr_slave_0 left promiscuous mode
[  592.193268][    T9] device hsr_slave_1 left promiscuous mode
[  592.200841][    T9] batman_adv: batadv0: Removing interface: batadv_slave_0
[  592.229819][    T9] batman_adv: batadv0: Removing interface: batadv_slave_1
[  592.248145][    T9] device bridge_slave_1 left promiscuous mode
[  592.257496][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[  592.279494][    T9] device bridge_slave_0 left promiscuous mode
[  592.292257][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[  592.431339][T12396] loop2: detected capacity change from 0 to 512
[  592.451972][T12396] EXT4-fs (loop2): Test dummy encryption mode enabled
[  592.472696][T12396] EXT4-fs (loop2): can't mount with data_err=abort, fs mounted w/o journal
[  592.882311][T12296] Bluetooth: hci2: command 0x041b tx timeout
[  593.026906][T12419] fuse: Bad value for 'fd'
[  593.167230][T12422] netlink: 36 bytes leftover after parsing attributes in process `syz.5.2758'.
[  593.701198][    T9] team0 (unregistering): Port device team_slave_1 removed
[  593.813044][    T9] team0 (unregistering): Port device team_slave_0 removed
[  593.963289][    T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  594.080453][    T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  594.553718][T12458] fuse: Bad value for 'fd'
[  594.994495][T12296] Bluetooth: hci2: command 0x040f tx timeout
[  595.970658][    T9] bond0 (unregistering): Released all slaves
[  596.166973][T12484] fuse: Bad value for 'fd'
[  597.162098][ T4270] Bluetooth: hci2: command 0x0419 tx timeout
[  598.301483][T12293] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  598.323462][T12293] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  598.346449][T12293] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  598.363120][   T26] kauditd_printk_skb: 7 callbacks suppressed
[  598.363135][   T26] audit: type=1326 audit(1764022712.345:1243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12530 comm="syz.2.2795" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7feacf98f749 code=0x0
[  598.409852][T12293] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  599.564241][T12293] 8021q: adding VLAN 0 to HW filter on device bond0
[  599.613766][T12559] fuse: Bad value for 'max_read'
[  599.638228][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  599.648654][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  599.677925][T12293] 8021q: adding VLAN 0 to HW filter on device team0
[  599.733195][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  599.753593][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  599.772476][   T46] bridge0: port 1(bridge_slave_0) entered blocking state
[  599.779739][   T46] bridge0: port 1(bridge_slave_0) entered forwarding state
[  599.805699][T12563] loop2: detected capacity change from 0 to 1024
[  599.813708][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  599.842948][T12562] netlink: 'syz.4.2803': attribute type 12 has an invalid length.
[  599.861697][T12563] hfsplus: failed to load catalog file
[  599.878542][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  599.894079][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  599.952181][   T46] bridge0: port 2(bridge_slave_1) entered blocking state
[  599.959510][   T46] bridge0: port 2(bridge_slave_1) entered forwarding state
[  600.013011][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  600.034168][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  600.097619][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  600.127776][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  600.173079][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  600.211336][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  600.223197][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  600.285139][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  600.310998][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  600.352663][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  600.367064][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  600.394458][T12293] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  600.554825][    T7] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  600.592633][    T7] hid-generic 0000:0000:0000.0005: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  602.256367][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  602.296292][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  602.331028][T12293] 8021q: adding VLAN 0 to HW filter on device batadv0
[  602.425327][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  602.463167][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  602.543888][ T5394] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  602.578111][ T5394] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  602.598992][ T5394] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  602.623658][ T5394] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  602.672540][T12293] device veth0_vlan entered promiscuous mode
[  602.704664][T12293] device veth1_vlan entered promiscuous mode
[  602.809544][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  602.829258][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  602.875354][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  602.901036][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  602.930872][T12293] device veth0_macvtap entered promiscuous mode
[  602.958172][T12293] device veth1_macvtap entered promiscuous mode
[  603.024934][T12293] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  603.061870][T12293] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  603.096020][T12293] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  603.126800][T12293] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  603.155777][T12293] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  603.176494][T12293] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  603.194195][T12293] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  603.206206][T12293] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  603.224117][T12293] batman_adv: batadv0: Interface activated: batadv_slave_0
[  603.252296][ T5394] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  603.269843][ T5394] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  603.310977][ T5394] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  603.338989][ T5394] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  603.549534][T12293] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  603.566359][T12293] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  603.577510][T12293] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  603.619529][T12293] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  603.842916][T12293] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  604.110918][T12293] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  604.290547][T12293] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  604.314730][T12293] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  604.370773][T12293] batman_adv: batadv0: Interface activated: batadv_slave_1
[  604.421933][ T4804] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  604.434321][ T4804] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  604.456778][T12293] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  604.486248][T12293] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  604.500832][T12293] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  604.511529][T12293] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  604.638044][T12659] bridge_slave_0: default FDB implementation only supports local addresses
[  604.743161][   T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  604.767492][   T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  604.803288][ T4804] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  604.857956][   T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  604.874921][   T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  604.936263][ T4804] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  607.387212][    T7] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  607.573913][    T7] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  607.623502][    T7] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  608.377006][    T7] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  608.387753][    T7] usb 4-1: config 0 descriptor??
[  608.550948][T12711] netlink: 292 bytes leftover after parsing attributes in process `syz.5.2843'.
[  608.810546][    T7] keytouch 0003:0926:3333.0006: fixing up Keytouch IEC report descriptor
[  608.848160][    T7] input: HID 0926:3333 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0926:3333.0006/input/input16
[  610.094347][T12731] fuse: Bad value for 'fd'
[  610.396074][    T7] keytouch 0003:0926:3333.0006: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.3-1/input0
[  610.439864][    T7] usb 4-1: USB disconnect, device number 2
[  610.699310][ T4406] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  610.866868][T12739] fido_id[12739]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory
[  612.402471][T11248] usb 3-1: new full-speed USB device number 19 using dummy_hcd
[  612.706868][T12781] fuse: Bad value for 'fd'
[  613.107855][T11248] usb 3-1: unable to get BOS descriptor or descriptor too short
[  613.149906][T11248] usb 3-1: not running at top speed; connect to a high speed hub
[  613.216278][T11248] usb 3-1: New USB device found, idVendor=1235, idProduct=4661, bcdDevice=ae.13
[  613.478177][T11248] usb 3-1: New USB device strings: Mfr=17, Product=2, SerialNumber=3
[  613.487553][T11248] usb 3-1: Product: syz
[  613.491773][T11248] usb 3-1: Manufacturer: syz
[  613.496736][T11248] usb 3-1: SerialNumber: syz
[  613.520982][T11248] snd-usb-audio: probe of 3-1:8.0 failed with error -2
[  613.755408][T11248] usb 3-1: USB disconnect, device number 19
[  613.973325][T11737] udevd[11737]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:8.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  615.593382][T12822] fuse: Bad value for 'fd'
[  615.668776][T12824] loop3: detected capacity change from 0 to 256
[  615.707236][T12824] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  615.746433][T12824] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  616.280530][   T26] audit: type=1326 audit(1764022730.255:1244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12837 comm="syz.5.2884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  616.547930][   T26] audit: type=1326 audit(1764022730.255:1245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12837 comm="syz.5.2884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  616.696669][   T26] audit: type=1326 audit(1764022730.285:1246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12837 comm="syz.5.2884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  617.316296][   T26] audit: type=1326 audit(1764022730.285:1247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12837 comm="syz.5.2884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  617.339371][   T26] audit: type=1326 audit(1764022730.285:1248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12837 comm="syz.5.2884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  617.407551][T12851] loop3: detected capacity change from 0 to 512
[  617.509554][   T26] audit: type=1326 audit(1764022730.285:1249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12837 comm="syz.5.2884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  617.556808][T12851] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  617.613300][   T26] audit: type=1326 audit(1764022730.285:1250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12837 comm="syz.5.2884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f2259f8f783 code=0x7ffc0000
[  617.702973][T12851] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2819: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  617.741495][T12851] EXT4-fs (loop3): 1 truncate cleaned up
[  618.862521][T12860] xt_hashlimit: size too large, truncated to 1048576
[  620.970925][T12851] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  621.156745][   T26] audit: type=1326 audit(1764022730.335:1251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12837 comm="syz.5.2884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f2259f8e1ff code=0x7ffc0000
[  621.578724][   T26] audit: type=1326 audit(1764022730.375:1252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12837 comm="syz.5.2884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f2259f8f7d7 code=0x7ffc0000
[  621.601563][   T26] audit: type=1326 audit(1764022730.385:1253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12837 comm="syz.5.2884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2259f8df90 code=0x7ffc0000
[  621.688158][   T26] audit: type=1326 audit(1764022730.385:1254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12837 comm="syz.5.2884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f2259f8e3aa code=0x7ffc0000
[  621.711149][   T26] audit: type=1326 audit(1764022730.425:1255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12837 comm="syz.5.2884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  621.816590][   T26] audit: type=1326 audit(1764022730.425:1256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12837 comm="syz.5.2884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  621.858123][T12293] EXT4-fs (loop3): unmounting filesystem.
[  621.899379][T12871] netlink: 'syz.2.2896': attribute type 1 has an invalid length.
[  621.926637][   T26] audit: type=1326 audit(1764022730.455:1257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12837 comm="syz.5.2884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  622.037453][   T26] audit: type=1326 audit(1764022730.455:1258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12837 comm="syz.5.2884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  622.155916][T12877] fuse: Bad value for 'fd'
[  622.201623][   T26] audit: type=1326 audit(1764022730.455:1259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12837 comm="syz.5.2884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  622.335931][   T26] audit: type=1326 audit(1764022730.455:1260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12837 comm="syz.5.2884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  622.419256][   T26] audit: type=1326 audit(1764022730.455:1261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12837 comm="syz.5.2884" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  622.478963][T12887] loop3: detected capacity change from 0 to 1024
[  623.676668][ T5394] hfsplus: b-tree write err: -5, ino 4
[  624.438705][T12917] loop3: detected capacity change from 0 to 1024
[  624.484318][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  624.497621][T12917] EXT4-fs warning (device loop3): ext4_enable_quotas:7061: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  624.633223][T12917] EXT4-fs (loop3): mount failed
[  624.871622][T12925] loop3: detected capacity change from 0 to 1024
[  626.100323][T12296] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  626.126048][T12296] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  626.136108][T12296] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  626.146042][   T75] hfsplus: b-tree write err: -5, ino 4
[  626.154858][T12296] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  626.164367][T12296] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  626.171783][T12296] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  626.318225][T12947] netlink: 'syz.3.2924': attribute type 1 has an invalid length.
[  626.538171][ T5394] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  626.678395][ T5394] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  626.806789][ T5394] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  626.988600][ T5394] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  627.490821][T12942] chnl_net:caif_netlink_parms(): no params data found
[  627.528182][ T5394] tipc: Left network mode
[  628.190420][T12942] bridge0: port 1(bridge_slave_0) entered blocking state
[  628.225838][T12942] bridge0: port 1(bridge_slave_0) entered disabled state
[  628.242368][T12296] Bluetooth: hci5: command 0x0409 tx timeout
[  628.263388][T12942] device bridge_slave_0 entered promiscuous mode
[  628.382934][T12942] bridge0: port 2(bridge_slave_1) entered blocking state
[  628.390386][T12942] bridge0: port 2(bridge_slave_1) entered disabled state
[  628.436505][T12942] device bridge_slave_1 entered promiscuous mode
[  628.455543][T12996] loop2: detected capacity change from 0 to 512
[  628.673829][T11737] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  628.928668][T13001] loop2: detected capacity change from 0 to 128
[  628.941713][T11737] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  628.986362][T12942] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  629.012039][T13001] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  629.077361][T12942] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  629.139094][T13001] ext4 filesystem being mounted at /580/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  629.463568][ T4267] EXT4-fs (loop2): unmounting filesystem.
[  629.499863][T12942] team0: Port device team_slave_0 added
[  629.647823][T12942] team0: Port device team_slave_1 added
[  630.742167][T12296] Bluetooth: hci5: command 0x041b tx timeout
[  630.828272][T12942] batman_adv: batadv0: Adding interface: batadv_slave_0
[  630.835558][T12942] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  630.942112][T12942] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  631.001911][T12942] batman_adv: batadv0: Adding interface: batadv_slave_1
[  631.042101][T12942] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  631.116700][T12942] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  631.402193][ T4350] usb 4-1: new full-speed USB device number 3 using dummy_hcd
[  631.605627][ T4350] usb 4-1: config 1 interface 0 altsetting 221 endpoint 0x1 has invalid maxpacket 512, setting to 64
[  631.631398][ T4350] usb 4-1: config 1 interface 0 has no altsetting 0
[  631.654024][T13043] loop2: detected capacity change from 0 to 1024
[  631.654716][ T4350] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  631.684351][ T4350] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  631.703053][ T4350] usb 4-1: Product: á Š
[  631.712423][T13043] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  631.712596][ T4350] usb 4-1: Manufacturer: �
[  631.745535][ T4350] usb 4-1: SerialNumber: syz
[  631.773218][T13043] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (53380!=20869)
[  631.780515][T13030] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  631.790541][ T5394] device hsr_slave_0 left promiscuous mode
[  631.798945][ T5394] device hsr_slave_1 left promiscuous mode
[  631.818779][T13043] EXT4-fs (loop2): barriers disabled
[  631.839072][ T5394] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  631.843447][T13043] JBD2: no valid journal superblock found
[  631.872120][T13043] EXT4-fs (loop2): error loading journal
[  631.879554][ T5394] batman_adv: batadv0: Removing interface: batadv_slave_0
[  631.918522][ T5394] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  631.962780][ T5394] batman_adv: batadv0: Removing interface: batadv_slave_1
[  631.990767][ T5394] device bridge_slave_0 left promiscuous mode
[  632.022751][ T5394] bridge0: port 1(bridge_slave_0) entered disabled state
[  632.034057][ T4350] usblp 4-1:1.0: usblp0: USB Unidirectional printer dev 3 if 0 alt 221 proto 1 vid 0x0525 pid 0xA4A8
[  632.106074][ T4350] usb 4-1: USB disconnect, device number 3
[  632.172766][ T4350] usblp0: removed
[  632.194274][ T5394] device veth1_macvtap left promiscuous mode
[  632.200412][ T5394] device veth0_macvtap left promiscuous mode
[  632.240613][ T5394] device veth1_vlan left promiscuous mode
[  632.269247][ T5394] device veth0_vlan left promiscuous mode
[  632.813859][T12296] Bluetooth: hci5: command 0x040f tx timeout
[  633.076737][   T26] kauditd_printk_skb: 111 callbacks suppressed
[  633.076753][   T26] audit: type=1326 audit(1764022747.055:1372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13070 comm="syz.5.2958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  633.108249][   T26] audit: type=1326 audit(1764022747.095:1373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13070 comm="syz.5.2958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  633.137150][    T7] usb 4-1: new full-speed USB device number 4 using dummy_hcd
[  633.173693][   T26] audit: type=1326 audit(1764022747.125:1374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13070 comm="syz.5.2958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  633.282569][   T26] audit: type=1326 audit(1764022747.125:1375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13070 comm="syz.5.2958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  633.370272][   T26] audit: type=1326 audit(1764022747.125:1376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13070 comm="syz.5.2958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  633.376677][    T7] usb 4-1: unable to get BOS descriptor or descriptor too short
[  633.394357][   T26] audit: type=1326 audit(1764022747.125:1377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13070 comm="syz.5.2958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  633.425287][   T26] audit: type=1326 audit(1764022747.125:1378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13070 comm="syz.5.2958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f2259f8f783 code=0x7ffc0000
[  633.430222][    T7] usb 4-1: not running at top speed; connect to a high speed hub
[  633.447886][   T26] audit: type=1326 audit(1764022747.125:1379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13070 comm="syz.5.2958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f2259f8e1ff code=0x7ffc0000
[  633.447930][   T26] audit: type=1326 audit(1764022747.135:1380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13070 comm="syz.5.2958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f2259f8f7d7 code=0x7ffc0000
[  633.447964][   T26] audit: type=1326 audit(1764022747.135:1381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13070 comm="syz.5.2958" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2259f8df90 code=0x7ffc0000
[  634.027585][    T7] usb 4-1: config 17 has an invalid interface number: 8 but max is 1
[  634.052727][    T7] usb 4-1: config 17 has 1 interface, different from the descriptor's value: 2
[  634.076825][    T7] usb 4-1: config 17 has no interface number 0
[  634.092893][    T7] usb 4-1: config 17 interface 8 altsetting 6 endpoint 0x3 has invalid maxpacket 65535, setting to 64
[  634.110877][    T7] usb 4-1: config 17 interface 8 has no altsetting 0
[  634.142089][    T7] usb 4-1: New USB device found, idVendor=0763, idProduct=2001, bcdDevice=2c.ff
[  634.183818][    T7] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  634.197176][    T7] usb 4-1: Product: syz
[  634.201403][    T7] usb 4-1: Manufacturer: syz
[  634.207815][    T7] usb 4-1: SerialNumber: syz
[  634.241921][T13066] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  634.497427][    T7] usb 4-1: selecting invalid altsetting 0
[  634.541902][    T7] usb 4-1: USB disconnect, device number 4
[  634.794871][ T5394] team0 (unregistering): Port device team_slave_1 removed
[  634.805146][T11737] udevd[11737]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:17.8/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  634.892522][T12296] Bluetooth: hci5: command 0x0419 tx timeout
[  634.927584][ T5394] team0 (unregistering): Port device team_slave_0 removed
[  635.011825][ T5394] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  635.077046][ T5394] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  636.391107][ T5394] bond0 (unregistering): Released all slaves
[  636.514072][T12942] device hsr_slave_0 entered promiscuous mode
[  636.528257][T12942] device hsr_slave_1 entered promiscuous mode
[  639.118871][T13120] loop3: detected capacity change from 0 to 512
[  639.222752][T13120] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2196: inode #15: comm syz.3.2973: corrupted in-inode xattr
[  639.290992][T13120] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.2973: couldn't read orphan inode 15 (err -117)
[  639.348637][T13120] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  640.391817][T13147] xt_hashlimit: max too large, truncated to 1048576
[  640.403232][T13147] No such timeout policy "syz1"
[  642.186801][T12942] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  642.225307][T12942] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  642.298235][T12942] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  642.326398][T12942] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  642.696497][T12942] 8021q: adding VLAN 0 to HW filter on device bond0
[  642.778972][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  642.794963][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  642.837586][T12942] 8021q: adding VLAN 0 to HW filter on device team0
[  642.869215][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  642.891576][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  642.931397][   T75] bridge0: port 1(bridge_slave_0) entered blocking state
[  642.938609][   T75] bridge0: port 1(bridge_slave_0) entered forwarding state
[  642.958889][T12293] EXT4-fs (loop3): unmounting filesystem.
[  642.983271][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  642.999011][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  643.033232][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  643.056124][   T75] bridge0: port 2(bridge_slave_1) entered blocking state
[  643.063878][   T75] bridge0: port 2(bridge_slave_1) entered forwarding state
[  643.341784][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  643.365042][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  643.478967][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  643.521614][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  643.541314][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  643.558310][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  643.567564][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  643.582812][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  643.605407][T12942] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  643.690765][T12942] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  643.729216][T13189] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2990'.
[  643.768125][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  643.796656][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  643.827369][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  644.411114][T13211] loop3: detected capacity change from 0 to 512
[  644.498474][T13211] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2196: inode #15: comm syz.3.2998: corrupted in-inode xattr
[  644.618550][T13211] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.2998: couldn't read orphan inode 15 (err -117)
[  644.767966][T12942] 8021q: adding VLAN 0 to HW filter on device batadv0
[  644.783039][ T5394] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  644.790692][T13211] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  644.823212][ T5394] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  646.623780][T12942] device veth0_vlan entered promiscuous mode
[  646.714888][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  646.743671][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  646.832905][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  646.841512][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  646.903551][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  646.911533][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  646.975220][T12942] device veth1_vlan entered promiscuous mode
[  647.128749][T12942] device veth0_macvtap entered promiscuous mode
[  647.170282][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  647.195427][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  647.235310][T12293] EXT4-fs (loop3): unmounting filesystem.
[  647.262917][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  647.479370][T13246] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3005'.
[  647.598875][T12942] device veth1_macvtap entered promiscuous mode
[  647.699580][T12942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  647.747509][T12942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  647.770835][T12942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  647.807179][T12942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  647.833294][T12942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  647.861749][T12942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  647.898411][T12942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  647.931513][T12942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  648.008270][T12942] batman_adv: batadv0: Interface activated: batadv_slave_0
[  648.041187][ T4804] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  648.087259][ T4804] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  648.145262][ T4804] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  648.268397][T12942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  648.347218][T12942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  648.398741][T12942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  648.426440][T12942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  648.473381][T12942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  648.499200][T12942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  648.526656][T12942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  648.567706][T12942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  648.605669][T12942] batman_adv: batadv0: Interface activated: batadv_slave_1
[  648.713210][ T4804] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  648.804003][ T4804] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  648.842801][T12942] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  648.851593][T12942] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  648.902071][T12942] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  648.910944][T12942] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  649.166712][   T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  649.197358][   T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  649.369056][   T75] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  649.421412][ T4804] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  649.464756][   T75] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  649.749603][T10517] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  651.040026][T13300] xt_CT: No such helper "pptp"
[  653.894149][T13344] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3031'.
[  654.163383][ T4270] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  654.177740][ T4270] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  654.188605][ T4270] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  654.199607][ T4270] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  654.208987][ T4270] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  654.216726][ T4270] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  654.328050][   T26] kauditd_printk_skb: 24 callbacks suppressed
[  654.328067][   T26] audit: type=1326 audit(1764022768.305:1406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13358 comm="syz.4.3034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feff258f749 code=0x7ffc0000
[  654.462606][   T26] audit: type=1326 audit(1764022768.305:1407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13358 comm="syz.4.3034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feff258f749 code=0x7ffc0000
[  654.674066][   T26] audit: type=1326 audit(1764022768.325:1408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13358 comm="syz.4.3034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7feff258f749 code=0x7ffc0000
[  654.697535][   T26] audit: type=1326 audit(1764022768.325:1409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13358 comm="syz.4.3034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feff258f749 code=0x7ffc0000
[  654.721418][   T26] audit: type=1326 audit(1764022768.325:1410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13358 comm="syz.4.3034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feff258f749 code=0x7ffc0000
[  654.752446][   T26] audit: type=1326 audit(1764022768.345:1411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13358 comm="syz.4.3034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7feff258f749 code=0x7ffc0000
[  655.374721][   T26] audit: type=1326 audit(1764022768.345:1412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13358 comm="syz.4.3034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7feff258f783 code=0x7ffc0000
[  655.558980][   T46] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  655.570296][   T26] audit: type=1326 audit(1764022768.345:1413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13358 comm="syz.4.3034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7feff258e1ff code=0x7ffc0000
[  655.664344][T13374] loop1: detected capacity change from 0 to 512
[  655.671936][T13374] EXT4-fs: Ignoring removed nomblk_io_submit option
[  655.686299][   T26] audit: type=1326 audit(1764022768.395:1414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13358 comm="syz.4.3034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7feff258f7d7 code=0x7ffc0000
[  655.792972][   T26] audit: type=1326 audit(1764022768.395:1415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13358 comm="syz.4.3034" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7feff258df90 code=0x7ffc0000
[  655.818048][T13374] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  655.861882][T13374] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  655.870045][T13374] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=842c01c, mo2=0002]
[  655.880771][T13374] EXT4-fs (loop1): couldn't mount RDWR because of unsupported optional features (80)
[  655.890616][T13374] EXT4-fs (loop1): Skipping orphan cleanup due to unknown ROCOMPAT features
[  655.900114][T13374] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  655.946774][T12942] EXT4-fs (loop1): unmounting filesystem.
[  655.993142][    T7] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  656.067890][   T46] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  656.220133][    T7] usb 4-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00
[  656.262551][    T7] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  656.296491][    T7] usb 4-1: Product: syz
[  656.308465][    T7] usb 4-1: Manufacturer: syz
[  656.322248][ T4270] Bluetooth: hci0: command 0x0409 tx timeout
[  656.323739][    T7] usb 4-1: SerialNumber: syz
[  656.347556][   T46] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  656.486517][    T7] usb 4-1: config 0 descriptor??
[  656.623706][   T46] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  656.677793][T13392] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3043'.
[  656.738549][T13352] chnl_net:caif_netlink_parms(): no params data found
[  656.747864][    T7] usb-storage 4-1:0.0: USB Mass Storage device detected
[  656.970177][    T7] usb 4-1: USB disconnect, device number 5
[  657.240183][T13406] overlayfs: unrecognized mount option "=7õñÇo¿iÎù
apÙÂhöˬÂæ›" or missing value
[  657.396303][T13352] bridge0: port 1(bridge_slave_0) entered blocking state
[  657.453943][T13352] bridge0: port 1(bridge_slave_0) entered disabled state
[  657.498966][T13352] device bridge_slave_0 entered promiscuous mode
[  657.529102][   T46] tipc: Left network mode
[  657.558589][T13352] bridge0: port 2(bridge_slave_1) entered blocking state
[  657.577642][T13352] bridge0: port 2(bridge_slave_1) entered disabled state
[  657.598556][T13352] device bridge_slave_1 entered promiscuous mode
[  657.832704][T13419] loop3: detected capacity change from 0 to 512
[  657.873096][T13352] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  657.991061][T13419] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2196: inode #15: comm syz.3.3048: corrupted in-inode xattr
[  658.085746][T13419] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.3048: couldn't read orphan inode 15 (err -117)
[  658.402888][ T4270] Bluetooth: hci0: command 0x041b tx timeout
[  658.509878][T13419] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  658.524432][T13352] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  658.943248][T12293] EXT4-fs (loop3): unmounting filesystem.
[  659.225063][T13352] team0: Port device team_slave_0 added
[  659.308084][T13352] team0: Port device team_slave_1 added
[  659.499687][T13352] batman_adv: batadv0: Adding interface: batadv_slave_0
[  659.518280][T13352] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  659.572735][T13352] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  659.635614][T13444] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3054'.
[  659.652562][    T7] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  659.656622][T13352] batman_adv: batadv0: Adding interface: batadv_slave_1
[  659.677141][T13352] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  659.725219][T13352] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  659.866558][    T7] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  659.894053][    T7] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  659.981175][    T7] usb 4-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[  659.990739][    T7] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  660.009511][    T7] usb 4-1: config 0 descriptor??
[  660.069971][    T7] usbhid 4-1:0.0: can't add hid device: -22
[  660.103266][    T7] usbhid: probe of 4-1:0.0 failed with error -22
[  660.173030][T13458] loop1: detected capacity change from 0 to 1024
[  660.188349][T13458] EXT4-fs: Ignoring removed bh option
[  660.217162][T13458] EXT4-fs: inline encryption not supported
[  660.267889][    T7] usb 4-1: USB disconnect, device number 6
[  660.297602][T13458] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c80ce018, mo2=0000]
[  660.357028][T13458] EXT4-fs error (device loop1): ext4_map_blocks:635: inode #3: block 2: comm syz.1.3057: lblock 2 mapped to illegal pblock 2 (length 1)
[  660.411330][T13464] xt_hashlimit: max too large, truncated to 1048576
[  660.421349][T13464] No such timeout policy "syz1"
[  660.483799][ T4270] Bluetooth: hci0: command 0x040f tx timeout
[  660.540874][T13458] __quota_error: 60 callbacks suppressed
[  660.540924][T13458] Quota error (device loop1): qtree_write_dquot: dquota write failed
[  661.157865][T13352] device hsr_slave_0 entered promiscuous mode
[  661.195341][T13352] device hsr_slave_1 entered promiscuous mode
[  661.217322][T13458] EXT4-fs error (device loop1): ext4_map_blocks:635: inode #3: block 48: comm syz.1.3057: lblock 0 mapped to illegal pblock 48 (length 1)
[  661.234241][T13352] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  661.242920][T13458] Quota error (device loop1): v2_write_file_info: Can't write info structure
[  661.272255][T13352] Cannot create hsr debugfs directory
[  661.278792][   T26] audit: type=1326 audit(1764022775.255:1476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13466 comm="syz.5.3059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  661.290531][T13458] EXT4-fs error (device loop1): ext4_acquire_dquot:6809: comm syz.1.3057: Failed to acquire dquot type 0
[  661.310763][   T26] audit: type=1326 audit(1764022775.255:1477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13466 comm="syz.5.3059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  661.337380][   T26] audit: type=1326 audit(1764022775.285:1478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13466 comm="syz.5.3059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  661.360465][T13458] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5929: Corrupt filesystem
[  661.407266][T13458] EXT4-fs error (device loop1): ext4_evict_inode:279: inode #11: comm syz.1.3057: mark_inode_dirty error
[  661.423915][   T26] audit: type=1326 audit(1764022775.285:1479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13466 comm="syz.5.3059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  661.447056][T13458] EXT4-fs warning (device loop1): ext4_evict_inode:282: couldn't mark inode dirty (err -117)
[  661.460180][T13458] EXT4-fs (loop1): 1 orphan inode deleted
[  661.466369][T13458] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  661.476531][T10517] EXT4-fs error (device loop1): ext4_map_blocks:635: inode #3: block 1: comm kworker/u4:1: lblock 1 mapped to illegal pblock 1 (length 1)
[  661.476792][   T26] audit: type=1326 audit(1764022775.285:1480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13466 comm="syz.5.3059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  661.551039][   T26] audit: type=1326 audit(1764022775.325:1481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13466 comm="syz.5.3059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  661.588208][T10517] Quota error (device loop1): remove_tree: Can't read quota data block 1
[  661.606816][   T26] audit: type=1326 audit(1764022775.325:1482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13466 comm="syz.5.3059" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f2259f8f783 code=0x7ffc0000
[  661.644417][T10517] EXT4-fs error (device loop1): ext4_release_dquot:6845: comm kworker/u4:1: Failed to release dquot type 0
[  661.719318][T13458] EXT4-fs (loop1): re-mounted. Quota mode: writeback.
[  662.199255][T13474] loop3: detected capacity change from 0 to 512
[  662.290391][T12942] EXT4-fs (loop1): unmounting filesystem.
[  662.356149][T13474] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2196: inode #15: comm syz.3.3060: corrupted in-inode xattr
[  662.452801][T13474] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.3060: couldn't read orphan inode 15 (err -117)
[  662.536191][T13474] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  662.570084][ T4270] Bluetooth: hci0: command 0x0419 tx timeout
[  663.607651][T12293] EXT4-fs (loop3): unmounting filesystem.
[  664.143773][T13495] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3065'.
[  664.578171][T13507] loop3: detected capacity change from 0 to 128
[  664.700784][T13507] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  664.715538][   T46] device hsr_slave_0 left promiscuous mode
[  664.747472][   T46] device hsr_slave_1 left promiscuous mode
[  664.809018][   T46] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  664.827029][   T46] batman_adv: batadv0: Removing interface: batadv_slave_0
[  664.827844][T13507] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  664.886298][   T46] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  664.906471][   T46] batman_adv: batadv0: Removing interface: batadv_slave_1
[  664.992958][   T46] device bridge_slave_1 left promiscuous mode
[  665.007337][   T46] bridge0: port 2(bridge_slave_1) entered disabled state
[  665.048336][   T46] device bridge_slave_0 left promiscuous mode
[  665.072260][   T46] bridge0: port 1(bridge_slave_0) entered disabled state
[  665.138707][T13518] loop1: detected capacity change from 0 to 1024
[  665.218307][   T46] device veth1_macvtap left promiscuous mode
[  665.232491][   T46] device veth0_macvtap left promiscuous mode
[  665.254902][   T46] device veth1_vlan left promiscuous mode
[  665.291409][   T46] device veth0_vlan left promiscuous mode
[  666.586841][ T4397] hfsplus: b-tree write err: -5, ino 4
[  668.940009][   T26] kauditd_printk_skb: 74 callbacks suppressed
[  668.940025][   T26] audit: type=1326 audit(1764022782.905:1557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13566 comm="syz.4.3086" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feff258f749 code=0x7ffc0000
[  668.969563][   T26] audit: type=1326 audit(1764022782.945:1558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13566 comm="syz.4.3086" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7feff258f749 code=0x7ffc0000
[  669.004417][   T26] audit: type=1326 audit(1764022782.945:1559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13566 comm="syz.4.3086" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feff258f749 code=0x7ffc0000
[  669.040764][   T26] audit: type=1326 audit(1764022782.965:1560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13566 comm="syz.4.3086" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7feff258f749 code=0x7ffc0000
[  669.779173][   T26] audit: type=1326 audit(1764022782.965:1561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13566 comm="syz.4.3086" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7feff258f783 code=0x7ffc0000
[  669.812178][   T26] audit: type=1326 audit(1764022782.985:1562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13566 comm="syz.4.3086" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7feff258e1ff code=0x7ffc0000
[  669.837225][   T26] audit: type=1326 audit(1764022782.985:1563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13566 comm="syz.4.3086" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7feff258f7d7 code=0x7ffc0000
[  669.869155][   T26] audit: type=1326 audit(1764022783.035:1564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13566 comm="syz.4.3086" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7feff258df90 code=0x7ffc0000
[  670.022490][   T26] audit: type=1326 audit(1764022783.035:1565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13566 comm="syz.4.3086" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7feff258e3aa code=0x7ffc0000
[  670.081601][   T26] audit: type=1326 audit(1764022783.035:1566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13566 comm="syz.4.3086" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feff258f749 code=0x7ffc0000
[  672.865142][   T46] team0 (unregistering): Port device team_slave_1 removed
[  672.975862][   T46] team0 (unregistering): Port device team_slave_0 removed
[  673.124073][   T46] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  673.331786][   T46] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  674.447665][T11883] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  674.546812][   T46] bond0 (unregistering): Released all slaves
[  674.632284][T11883] usb 4-1: Using ep0 maxpacket: 32
[  674.640467][T11883] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  674.651902][T11883] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  674.663460][T11883] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  674.672687][T11883] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  674.683654][T13541] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3079'.
[  674.694324][T11883] usb 4-1: config 0 descriptor??
[  675.245580][T11883] savu 0003:1E7D:2D5A.0007: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.3-1/input0
[  676.047274][   T27] usb 4-1: USB disconnect, device number 7
[  676.108361][T13352] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  676.133602][T13352] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  676.192289][T13352] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  676.269639][T13352] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  676.421504][T13627] fido_id[13627]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory
[  676.657236][T13352] 8021q: adding VLAN 0 to HW filter on device bond0
[  676.746669][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  676.786817][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  676.799894][T13352] 8021q: adding VLAN 0 to HW filter on device team0
[  676.865722][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  676.886504][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  676.901637][   T75] bridge0: port 1(bridge_slave_0) entered blocking state
[  676.909027][   T75] bridge0: port 1(bridge_slave_0) entered forwarding state
[  676.970908][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  677.007171][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  677.057963][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  677.067376][   T75] bridge0: port 2(bridge_slave_1) entered blocking state
[  677.074614][   T75] bridge0: port 2(bridge_slave_1) entered forwarding state
[  677.090373][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  677.125099][ T4804] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  677.313401][ T4804] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  677.722097][T13658] xt_CT: No such helper "pptp"
[  677.754353][ T4804] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  677.896094][T13663] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3109'.
[  677.922417][ T4804] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  677.942857][ T4804] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  677.967754][ T4804] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  678.007495][ T4804] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  678.034136][ T4804] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  678.060341][ T4804] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  678.184766][ T4804] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  678.284270][T13352] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  679.202384][T11248] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  679.502441][T11248] usb 2-1: Using ep0 maxpacket: 16
[  679.510461][T11248] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  679.546751][T11248] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  679.566549][T11248] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  679.584260][T11248] usb 2-1: Product: syz
[  679.588638][T11248] usb 2-1: Manufacturer: syz
[  679.593767][T11248] usb 2-1: SerialNumber: syz
[  679.799909][ T4804] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  679.811431][ T4804] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  679.814689][T11248] usb 2-1: 2:1 : UAC_AS_GENERAL descriptor not found
[  679.841854][T13352] 8021q: adding VLAN 0 to HW filter on device batadv0
[  679.881436][T11248] usb 2-1: USB disconnect, device number 16
[  679.891340][ T4804] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  679.939381][ T4804] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  680.016241][ T4804] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  680.035359][ T4804] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  680.057240][T13352] device veth0_vlan entered promiscuous mode
[  680.072946][ T4804] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  680.098209][ T4804] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  680.204395][T13352] device veth1_vlan entered promiscuous mode
[  680.276822][ T4804] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  680.289445][T13610] udevd[13610]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  680.340359][ T4804] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  680.395101][T13352] device veth0_macvtap entered promiscuous mode
[  680.429817][T13352] device veth1_macvtap entered promiscuous mode
[  680.458465][T13352] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  680.470455][T13352] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  680.520607][T13352] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  680.560468][T13352] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  680.607387][T13352] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  680.618864][T13352] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  680.631600][T13352] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  680.643804][T13352] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  680.658100][T13352] batman_adv: batadv0: Interface activated: batadv_slave_0
[  680.689032][T13706] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3123'.
[  680.725365][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  680.734166][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  680.743967][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  680.754267][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  680.774812][T13352] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  680.806416][T13352] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  680.852064][T13352] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  680.886603][T13352] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  680.958524][T13352] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  680.969680][T13352] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  680.980019][T13352] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  680.991277][T13352] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  681.003253][T13352] batman_adv: batadv0: Interface activated: batadv_slave_1
[  681.016170][T13352] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  681.025092][T13352] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  681.101685][T13352] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  681.111029][T13352] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  682.112118][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  682.121066][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  682.209857][   T33] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  682.232151][   T33] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  682.266129][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  682.351904][ T5394] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  682.371543][ T5394] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  682.413225][ T5394] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  682.672230][ T4330] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  682.919098][ T4330] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  682.995460][ T4330] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2
[  683.131327][ T4330] usb 2-1: config 1 has no interface number 0
[  683.282806][ T4330] usb 2-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  683.353218][ T4330] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  683.427802][ T4330] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  683.481617][ T4330] usb 2-1: Product: syz
[  683.499916][ T4330] usb 2-1: Manufacturer: syz
[  683.526471][ T4330] usb 2-1: SerialNumber: syz
[  683.577568][ T4330] usb 2-1: selecting invalid altsetting 1
[  683.782278][ T4330] cdc_ncm 2-1:1.1: bind() failure
[  683.812332][ T4330] usb 2-1: USB disconnect, device number 17
[  686.576919][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  686.923452][T12296] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  686.935807][T12296] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  686.986762][T13773] loop1: detected capacity change from 0 to 1024
[  686.994254][T13773] EXT4-fs: Ignoring removed nobh option
[  687.070982][T12296] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  687.079483][T12296] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  687.087571][T12296] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  687.103879][T12296] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  687.155434][T13773] EXT4-fs error (device loop1): ext4_ext_check_inode:520: inode #11: comm syz.1.3145: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  689.424712][T13773] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.3145: couldn't read orphan inode 11 (err -117)
[  689.452723][T13773] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  689.533956][ T4275] Bluetooth: hci1: command 0x0409 tx timeout
[  689.583794][T13773] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:477: comm syz.1.3145: Invalid block bitmap block 0 in block_group 0
[  689.708469][T13773] __quota_error: 26 callbacks suppressed
[  689.708489][T13773] Quota error (device loop1): write_blk: dquota write failed
[  689.728167][T13773] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  689.740555][T13773] EXT4-fs error (device loop1): ext4_acquire_dquot:6809: comm syz.1.3145: Failed to acquire dquot type 0
[  689.943834][T12942] EXT4-fs (loop1): unmounting filesystem.
[  689.996024][T13788] xt_hashlimit: max too large, truncated to 1048576
[  690.003733][T13788] No such timeout policy "syz1"
[  691.000840][T13766] chnl_net:caif_netlink_parms(): no params data found
[  691.282948][T13766] bridge0: port 1(bridge_slave_0) entered blocking state
[  691.290125][T13766] bridge0: port 1(bridge_slave_0) entered disabled state
[  691.316553][T13766] device bridge_slave_0 entered promiscuous mode
[  691.338628][T13766] bridge0: port 2(bridge_slave_1) entered blocking state
[  691.355172][T13766] bridge0: port 2(bridge_slave_1) entered disabled state
[  691.364934][T13766] device bridge_slave_1 entered promiscuous mode
[  691.413827][   T26] audit: type=1326 audit(1764022805.395:1593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13810 comm="syz.2.3155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc65b8f749 code=0x7ffc0000
[  691.444725][   T26] audit: type=1326 audit(1764022805.395:1594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13810 comm="syz.2.3155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc65b8f749 code=0x7ffc0000
[  691.481103][T13811] loop2: detected capacity change from 0 to 1024
[  691.482769][T13766] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  691.490129][   T26] audit: type=1326 audit(1764022805.455:1595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13810 comm="syz.2.3155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fdc65b8f749 code=0x7ffc0000
[  691.536062][T13766] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  691.612123][ T4275] Bluetooth: hci1: command 0x041b tx timeout
[  691.743033][   T26] audit: type=1326 audit(1764022805.455:1596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13810 comm="syz.2.3155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc65b8f749 code=0x7ffc0000
[  691.766467][   T26] audit: type=1326 audit(1764022805.455:1597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13810 comm="syz.2.3155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fdc65b8f749 code=0x7ffc0000
[  691.789457][   T26] audit: type=1326 audit(1764022805.455:1598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13810 comm="syz.2.3155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fdc65b8f783 code=0x7ffc0000
[  692.359344][   T26] audit: type=1326 audit(1764022805.455:1599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13810 comm="syz.2.3155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fdc65b8e1ff code=0x7ffc0000
[  692.382018][   T26] audit: type=1326 audit(1764022805.455:1600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13810 comm="syz.2.3155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fdc65b8f7d7 code=0x7ffc0000
[  692.533798][ T4766] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  692.821191][T13766] team0: Port device team_slave_0 added
[  692.916908][T13766] team0: Port device team_slave_1 added
[  692.989698][ T5394] hfsplus: b-tree write err: -5, ino 4
[  693.241312][T13766] batman_adv: batadv0: Adding interface: batadv_slave_0
[  693.277097][T13766] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  693.316954][T13766] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  693.357731][T13766] batman_adv: batadv0: Adding interface: batadv_slave_1
[  693.452145][T13766] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  693.542037][T13766] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  693.682350][ T4275] Bluetooth: hci1: command 0x040f tx timeout
[  693.721391][T13831] loop3: detected capacity change from 0 to 1024
[  693.733368][T13831] EXT4-fs: Ignoring removed nobh option
[  693.739284][T13831] EXT4-fs: Ignoring removed bh option
[  693.937054][ T4766] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  694.061347][T13831] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  694.194426][T13766] device hsr_slave_0 entered promiscuous mode
[  694.201670][T13766] device hsr_slave_1 entered promiscuous mode
[  694.208816][T13766] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  694.218276][T13766] Cannot create hsr debugfs directory
[  694.270009][T13831] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  694.334610][ T4766] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  694.502985][T12293] EXT4-fs (loop3): unmounting filesystem.
[  694.619026][ T4766] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  695.717645][T13856] loop3: detected capacity change from 0 to 512
[  695.762436][ T4275] Bluetooth: hci1: command 0x0419 tx timeout
[  696.027206][T13856] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  696.037989][T13856] ext4 filesystem being mounted at /79/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  700.146401][T12293] EXT4-fs (loop3): unmounting filesystem.
[  700.159067][T13878] 9pnet_fd: Insufficient options for proto=fd
[  701.387887][T13896] loop1: detected capacity change from 0 to 512
[  701.498930][T13896] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2196: inode #15: comm syz.1.3183: corrupted in-inode xattr
[  701.618682][T13896] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.3183: couldn't read orphan inode 15 (err -117)
[  701.671746][T13896] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  701.686775][T13903] loop2: detected capacity change from 0 to 128
[  701.773847][T13766] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  702.124010][   T26] kauditd_printk_skb: 33 callbacks suppressed
[  702.124026][   T26] audit: type=1800 audit(1764022816.105:1634): pid=13903 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.3184" name="file1" dev="loop2" ino=1048652 res=0 errno=0
[  702.559338][T13766] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  702.564410][T12942] EXT4-fs (loop1): unmounting filesystem.
[  702.631510][T13766] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  702.782606][T13766] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  704.159660][T13943] loop3: detected capacity change from 0 to 1024
[  704.176358][T13943] EXT4-fs: inline encryption not supported
[  704.223954][T13943] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  704.320956][T13943] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  704.332926][T13946] loop1: detected capacity change from 0 to 512
[  704.455054][T13946] EXT4-fs (loop1): couldn't mount as ext2 due to feature incompatibilities
[  704.561113][   T26] audit: type=1326 audit(1764022818.535:1635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13945 comm="syz.1.3193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa54d98f749 code=0x7ffc0000
[  704.653631][   T26] audit: type=1326 audit(1764022818.565:1636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13945 comm="syz.1.3193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa54d98f749 code=0x7ffc0000
[  704.660233][T12293] EXT4-fs (loop3): unmounting filesystem.
[  704.779499][   T26] audit: type=1326 audit(1764022818.565:1637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13945 comm="syz.1.3193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa54d98f749 code=0x7ffc0000
[  704.902887][   T26] audit: type=1326 audit(1764022818.565:1638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13945 comm="syz.1.3193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa54d98f749 code=0x7ffc0000
[  704.930745][ T4766] device hsr_slave_0 left promiscuous mode
[  704.943020][ T4766] device hsr_slave_1 left promiscuous mode
[  704.979470][   T26] audit: type=1326 audit(1764022818.565:1639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13945 comm="syz.1.3193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa54d98f749 code=0x7ffc0000
[  705.017874][   T26] audit: type=1326 audit(1764022818.565:1640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13945 comm="syz.1.3193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa54d98f749 code=0x7ffc0000
[  705.083501][ T4766] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  705.095626][ T4766] batman_adv: batadv0: Removing interface: batadv_slave_0
[  705.131073][   T26] audit: type=1326 audit(1764022818.565:1641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13945 comm="syz.1.3193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa54d98f749 code=0x7ffc0000
[  705.154810][   T26] audit: type=1326 audit(1764022818.565:1642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13945 comm="syz.1.3193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa54d98f749 code=0x7ffc0000
[  705.164616][ T4766] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  705.177550][   T26] audit: type=1326 audit(1764022818.575:1643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13945 comm="syz.1.3193" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fa54d98f749 code=0x7ffc0000
[  705.217547][ T4766] batman_adv: batadv0: Removing interface: batadv_slave_1
[  705.832430][ T4766] device veth1_macvtap left promiscuous mode
[  705.866587][ T4766] device veth0_macvtap left promiscuous mode
[  705.893589][ T4766] device veth1_vlan left promiscuous mode
[  705.901174][ T4766] device veth0_vlan left promiscuous mode
[  707.531621][   T26] kauditd_printk_skb: 29 callbacks suppressed
[  707.531637][   T26] audit: type=1326 audit(1764022821.505:1673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13993 comm="syz.5.3202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  707.634572][   T26] audit: type=1326 audit(1764022821.565:1674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13993 comm="syz.5.3202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=94 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  707.709068][   T26] audit: type=1326 audit(1764022821.565:1675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13993 comm="syz.5.3202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  707.895549][   T26] audit: type=1326 audit(1764022821.565:1676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13993 comm="syz.5.3202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  707.930879][T13998] loop1: detected capacity change from 0 to 512
[  707.969509][T13998] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2196: inode #15: comm syz.1.3204: corrupted in-inode xattr
[  707.986012][T13998] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.3204: couldn't read orphan inode 15 (err -117)
[  707.998824][T13998] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  709.305142][T12942] EXT4-fs (loop1): unmounting filesystem.
[  709.977451][ T4766] team0 (unregistering): Port device team_slave_1 removed
[  710.049182][ T4766] team0 (unregistering): Port device team_slave_0 removed
[  710.136387][ T4766] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  710.210471][ T4766] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  711.076817][ T4766] bond0 (unregistering): Released all slaves
[  711.131806][T13969] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3196'.
[  711.295600][T13766] 8021q: adding VLAN 0 to HW filter on device bond0
[  711.368377][ T4346] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  711.395430][ T4346] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  711.487341][T13766] 8021q: adding VLAN 0 to HW filter on device team0
[  711.540941][ T4346] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  711.723862][ T4346] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  711.898850][ T4346] bridge0: port 1(bridge_slave_0) entered blocking state
[  711.906107][ T4346] bridge0: port 1(bridge_slave_0) entered forwarding state
[  712.138433][ T4346] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  712.265932][ T4346] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  712.280835][ T4346] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  712.289725][ T4346] bridge0: port 2(bridge_slave_1) entered blocking state
[  712.296926][ T4346] bridge0: port 2(bridge_slave_1) entered forwarding state
[  712.359648][ T4346] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  712.388682][T14029] netlink: 'syz.3.3214': attribute type 1 has an invalid length.
[  712.405142][T14029] netlink: 131740 bytes leftover after parsing attributes in process `syz.3.3214'.
[  712.446757][ T4346] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  712.498743][ T4346] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  712.521122][ T4346] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  712.582603][ T4346] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  712.622982][ T4346] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  712.635138][ T4346] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  712.666038][ T4346] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  712.728755][ T4346] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  712.749731][T13766] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  712.794213][T13766] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  712.805478][ T4346] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  712.815585][ T4346] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  713.336207][   T26] audit: type=1326 audit(1764022827.255:1677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14036 comm="syz.1.3218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa54d98f749 code=0x7ffc0000
[  713.507553][   T26] audit: type=1326 audit(1764022827.345:1678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14036 comm="syz.1.3218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7fa54d98f749 code=0x7ffc0000
[  713.531057][   T26] audit: type=1326 audit(1764022827.365:1679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14036 comm="syz.1.3218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa54d98f749 code=0x7ffc0000
[  713.607422][T12296] Bluetooth: hci2: command 0x0406 tx timeout
[  713.752151][   T26] audit: type=1326 audit(1764022827.375:1680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14036 comm="syz.1.3218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa54d98f749 code=0x7ffc0000
[  713.820931][   T26] audit: type=1326 audit(1764022827.405:1681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14036 comm="syz.1.3218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa54d98f749 code=0x7ffc0000
[  713.957948][   T26] audit: type=1326 audit(1764022827.445:1682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14036 comm="syz.1.3218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fa54d98f749 code=0x7ffc0000
[  714.032618][   T26] audit: type=1326 audit(1764022827.445:1683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14036 comm="syz.1.3218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa54d98f749 code=0x7ffc0000
[  714.033069][T14053] netlink: 100 bytes leftover after parsing attributes in process `syz.2.3222'.
[  714.110319][   T26] audit: type=1326 audit(1764022827.465:1684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14036 comm="syz.1.3218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fa54d98f749 code=0x7ffc0000
[  714.162196][   T26] audit: type=1326 audit(1764022827.465:1685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14036 comm="syz.1.3218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa54d98f749 code=0x7ffc0000
[  714.166462][ T4398] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  714.211652][   T26] audit: type=1326 audit(1764022827.475:1686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14036 comm="syz.1.3218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7fa54d98f749 code=0x7ffc0000
[  714.231414][ T4398] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  714.257711][T13766] 8021q: adding VLAN 0 to HW filter on device batadv0
[  714.337833][T14060] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  715.138018][T14068] loop2: detected capacity change from 0 to 256
[  715.682700][T12296] Bluetooth: hci3: Opcode 0x1003 failed: -110
[  716.690768][T10517] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  716.708021][T10517] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  716.749161][ T4804] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  716.790392][ T4804] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  716.809471][T13766] device veth0_vlan entered promiscuous mode
[  716.819204][ T4804] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  716.835422][ T4804] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  716.860521][T13766] device veth1_vlan entered promiscuous mode
[  716.925901][ T4766] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  716.940118][ T4766] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  716.989280][ T4766] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  717.005804][ T4766] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  717.024101][T13766] device veth0_macvtap entered promiscuous mode
[  717.049321][T13766] device veth1_macvtap entered promiscuous mode
[  717.087803][T13766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  717.105768][T13766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  717.127082][T13766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  717.140113][T13766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  717.156478][T13766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  717.168888][T13766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  717.186574][T13766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  717.199585][T13766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  717.223957][T13766] batman_adv: batadv0: Interface activated: batadv_slave_0
[  717.231448][ T4766] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  717.247297][ T4766] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  717.257656][T14098] loop1: detected capacity change from 0 to 512
[  717.257714][ T4766] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  717.283231][T14098] EXT4-fs: Ignoring removed nobh option
[  717.298993][ T4766] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  717.312808][T13766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  717.330605][T14098] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  717.330785][T13766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  717.350525][T14098] ext4 filesystem being mounted at /57/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  717.358022][T13766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  717.372551][T13766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  717.382530][T13766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  717.393462][T13766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  717.409493][T13766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  717.420997][T13766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  717.432997][T13766] batman_adv: batadv0: Interface activated: batadv_slave_1
[  717.440804][ T4398] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  717.453262][ T4398] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  717.468532][T13766] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  717.477784][T13766] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  717.486575][T13766] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  717.496075][T13766] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  717.597225][ T4804] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  717.613610][ T4804] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  717.669591][ T4398] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  717.697332][ T4398] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  717.737063][ T4398] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  717.758022][ T4766] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  718.027263][T12942] EXT4-fs (loop1): unmounting filesystem.
[  718.346945][T14120] loop4: detected capacity change from 0 to 164
[  718.386765][T14120] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  718.404871][T14120] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  718.420305][T14120] Symlink component flag not implemented
[  718.426358][T14120] Symlink component flag not implemented
[  718.450661][T14120] Symlink component flag not implemented (7)
[  718.514144][T14120] Symlink component flag not implemented (116)
[  720.536754][T14138] loop2: detected capacity change from 0 to 1024
[  720.544328][T14138] EXT4-fs: inline encryption not supported
[  720.615796][T14138] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  720.787011][T14138] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  721.357872][T14138] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3836: comm syz.2.3247: Allocating blocks 385-513 which overlap fs metadata
[  721.537790][T14158] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3252'.
[  721.572211][T14158] device bridge_slave_1 left promiscuous mode
[  721.594189][T14158] bridge0: port 2(bridge_slave_1) entered disabled state
[  721.620646][T14138] EXT4-fs (loop2): pa ffff888073f91380: logic 16, phys. 129, len 24
[  721.629687][T14138] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:4876: group 0, free 0, pa_free 8
[  721.655794][T14158] device bridge_slave_0 left promiscuous mode
[  721.700154][T14158] bridge0: port 1(bridge_slave_0) entered disabled state
[  721.959922][T13352] EXT4-fs (loop2): unmounting filesystem.
[  724.087079][T14188] loop3: detected capacity change from 0 to 128
[  724.294576][   T26] kauditd_printk_skb: 13 callbacks suppressed
[  724.294592][   T26] audit: type=1326 audit(1764022838.275:1700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14189 comm="syz.5.3264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  724.374668][T14190] netlink: 14 bytes leftover after parsing attributes in process `syz.5.3264'.
[  724.423339][   T26] audit: type=1326 audit(1764022838.305:1701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14189 comm="syz.5.3264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  724.423384][   T26] audit: type=1326 audit(1764022838.305:1702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14189 comm="syz.5.3264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  724.423422][   T26] audit: type=1326 audit(1764022838.305:1703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14189 comm="syz.5.3264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2259f91667 code=0x7ffc0000
[  724.423458][   T26] audit: type=1326 audit(1764022838.305:1704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14189 comm="syz.5.3264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f2259f915dc code=0x7ffc0000
[  724.423495][   T26] audit: type=1326 audit(1764022838.305:1705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14189 comm="syz.5.3264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f2259f91514 code=0x7ffc0000
[  724.423534][   T26] audit: type=1326 audit(1764022838.305:1706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14189 comm="syz.5.3264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f2259f91514 code=0x7ffc0000
[  724.423571][   T26] audit: type=1326 audit(1764022838.305:1707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14189 comm="syz.5.3264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f2259f8e3aa code=0x7ffc0000
[  724.423608][   T26] audit: type=1326 audit(1764022838.305:1708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14189 comm="syz.5.3264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  724.423644][   T26] audit: type=1326 audit(1764022838.305:1709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14189 comm="syz.5.3264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  725.419798][T14197] tty tty25: ldisc open failed (-12), clearing slot 24
[  725.944896][T14190] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  725.968371][T14190] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  725.982930][T14190] bond0 (unregistering): Released all slaves
[  726.000534][T14208] IPv6: Can't replace route, no match found
[  728.319437][T14246] hub 2-0:1.0: USB hub found
[  728.325592][T14246] hub 2-0:1.0: 1 port detected
[  730.154202][T14267] netlink: 256 bytes leftover after parsing attributes in process `syz.1.3291'.
[  731.841255][T14281] xt_hashlimit: max too large, truncated to 1048576
[  731.848138][T14281] No such timeout policy "syz1"
[  732.258471][T14290] 8021q: adding VLAN 0 to HW filter on device bond1
[  732.316208][T14290] loop1: detected capacity change from 0 to 512
[  732.341260][   T26] kauditd_printk_skb: 34 callbacks suppressed
[  732.341275][   T26] audit: type=1326 audit(1764022846.315:1744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14292 comm="syz.5.3300" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2259f8f749 code=0x0
[  732.408319][T14290] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  732.488530][T14306] loop4: detected capacity change from 0 to 512
[  732.568907][T14306] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2196: inode #15: comm syz.4.3303: corrupted in-inode xattr
[  732.605678][T14308] loop3: detected capacity change from 0 to 512
[  732.619789][T12942] EXT4-fs (loop1): unmounting filesystem.
[  732.627165][T14308] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  732.638807][T14306] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.3303: couldn't read orphan inode 15 (err -117)
[  732.653340][T14306] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  732.807770][T14308] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  732.876457][T14308] ext4 filesystem being mounted at /108/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  733.574720][T12293] EXT4-fs (loop3): unmounting filesystem.
[  733.615601][T13766] EXT4-fs (loop4): unmounting filesystem.
[  737.583066][T14345] loop4: detected capacity change from 0 to 1024
[  737.609825][T14345] EXT4-fs: Ignoring removed bh option
[  737.744169][T14345] EXT4-fs: inline encryption not supported
[  737.862075][T14347] xt_hashlimit: max too large, truncated to 1048576
[  737.868924][T14347] No such timeout policy "syz1"
[  738.158914][T14345] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c80ce018, mo2=0000]
[  738.187157][T14345] EXT4-fs error (device loop4): ext4_map_blocks:635: inode #3: block 2: comm syz.4.3313: lblock 2 mapped to illegal pblock 2 (length 1)
[  738.212915][T14345] Quota error (device loop4): qtree_write_dquot: dquota write failed
[  738.221111][T14345] EXT4-fs error (device loop4): ext4_map_blocks:635: inode #3: block 48: comm syz.4.3313: lblock 0 mapped to illegal pblock 48 (length 1)
[  738.250571][T14345] Quota error (device loop4): v2_write_file_info: Can't write info structure
[  738.272079][T14345] EXT4-fs error (device loop4): ext4_acquire_dquot:6809: comm syz.4.3313: Failed to acquire dquot type 0
[  738.317113][T14345] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5929: Corrupt filesystem
[  738.444569][T14345] EXT4-fs error (device loop4): ext4_evict_inode:279: inode #11: comm syz.4.3313: mark_inode_dirty error
[  738.520645][T14345] EXT4-fs warning (device loop4): ext4_evict_inode:282: couldn't mark inode dirty (err -117)
[  738.558198][T14345] EXT4-fs (loop4): 1 orphan inode deleted
[  738.574639][ T4804] EXT4-fs error (device loop4): ext4_map_blocks:635: inode #3: block 1: comm kworker/u4:15: lblock 1 mapped to illegal pblock 1 (length 1)
[  738.590632][T14345] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  738.660762][ T4804] Quota error (device loop4): remove_tree: Can't read quota data block 1
[  738.686811][ T4804] EXT4-fs error (device loop4): ext4_release_dquot:6845: comm kworker/u4:15: Failed to release dquot type 0
[  738.818969][T14345] EXT4-fs (loop4): re-mounted. Quota mode: writeback.
[  739.674532][T14369] xt_CT: No such helper "pptp"
[  739.788467][T13766] EXT4-fs (loop4): unmounting filesystem.
[  742.696076][T14404] xt_hashlimit: max too large, truncated to 1048576
[  742.703175][T14404] No such timeout policy "syz1"
[  743.159803][   T26] audit: type=1326 audit(1764022857.135:1745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14407 comm="syz.3.3332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f707bb8f749 code=0x7ffc0000
[  743.269616][   T26] audit: type=1326 audit(1764022857.135:1746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14407 comm="syz.3.3332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f707bb8f749 code=0x7ffc0000
[  743.348696][   T26] audit: type=1326 audit(1764022857.135:1747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14407 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f707bb8f749 code=0x7ffc0000
[  743.388117][T14418] netlink: 'syz.5.3331': attribute type 7 has an invalid length.
[  743.402336][   T26] audit: type=1326 audit(1764022857.135:1748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14407 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f707bb8f749 code=0x7ffc0000
[  743.514799][   T26] audit: type=1326 audit(1764022857.135:1749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14407 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f707bb8f749 code=0x7ffc0000
[  743.626130][   T26] audit: type=1326 audit(1764022857.135:1750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14407 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f707bb8f749 code=0x7ffc0000
[  743.782235][   T26] audit: type=1326 audit(1764022857.165:1751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14407 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f707bb8f749 code=0x7ffc0000
[  743.862045][   T26] audit: type=1326 audit(1764022857.165:1752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14407 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=163 compat=0 ip=0x7f707bb8f749 code=0x7ffc0000
[  743.949689][   T26] audit: type=1326 audit(1764022857.165:1753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14407 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f707bb8f749 code=0x7ffc0000
[  744.241205][T14429] device bridge0 entered promiscuous mode
[  745.584964][T14429] device bridge0 left promiscuous mode
[  746.849667][T14452] netlink: 'syz.3.3344': attribute type 1 has an invalid length.
[  747.102496][T14452] netlink: 'syz.3.3344': attribute type 1 has an invalid length.
[  747.252259][T14455] loop2: detected capacity change from 0 to 512
[  747.950600][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  748.010214][T14455] EXT4-fs error (device loop2): __ext4_iget:5091: inode #3: block 127754: comm syz.2.3343: invalid block
[  748.023174][T14455] EXT4-fs error (device loop2): ext4_quota_enable:7020: comm syz.2.3343: Bad quota inode: 3, type: 0
[  748.035613][T14455] EXT4-fs warning (device loop2): ext4_enable_quotas:7061: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  748.052241][T14455] EXT4-fs (loop2): mount failed
[  748.673864][T14474] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3353'.
[  750.022129][ T4275] Bluetooth: hci5: command 0x0406 tx timeout
[  750.689806][T14494] xt_hashlimit: max too large, truncated to 1048576
[  750.696716][T14494] No such timeout policy "syz1"
[  750.910148][T14498] loop4: detected capacity change from 0 to 128
[  751.003551][T14498] netlink: 'syz.4.3362': attribute type 39 has an invalid length.
[  751.185447][T14507] netlink: 'syz.1.3364': attribute type 1 has an invalid length.
[  751.241889][T14507] 8021q: adding VLAN 0 to HW filter on device bond2
[  752.101593][T14514] bond2: (slave ip6gretap1): making interface the new active one
[  752.112554][T14514] bond2: (slave ip6gretap1): Enslaving as an active interface with an up link
[  752.122382][ T5394] IPv6: ADDRCONF(NETDEV_CHANGE): bond2: link becomes ready
[  753.143462][T14539] xt_hashlimit: max too large, truncated to 1048576
[  753.150295][T14539] No such timeout policy "syz1"
[  755.235410][   T26] audit: type=1326 audit(1764022869.215:1754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14579 comm="syz.5.3388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  755.288836][   T26] audit: type=1326 audit(1764022869.215:1755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14579 comm="syz.5.3388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  755.368880][   T26] audit: type=1326 audit(1764022869.215:1756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14579 comm="syz.5.3388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  755.466390][   T26] audit: type=1326 audit(1764022869.215:1757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14579 comm="syz.5.3388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  755.516726][T14555] loop3: detected capacity change from 0 to 128
[  755.555803][   T26] audit: type=1326 audit(1764022869.215:1758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14579 comm="syz.5.3388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  755.629246][   T26] audit: type=1326 audit(1764022869.215:1759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14579 comm="syz.5.3388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  755.705136][   T26] audit: type=1326 audit(1764022869.215:1760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14579 comm="syz.5.3388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  755.811738][   T26] audit: type=1326 audit(1764022869.235:1761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14579 comm="syz.5.3388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  755.893189][   T26] audit: type=1326 audit(1764022869.235:1762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14579 comm="syz.5.3388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  755.939988][   T26] audit: type=1326 audit(1764022869.235:1763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14579 comm="syz.5.3388" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  757.308533][T14597] loop1: detected capacity change from 0 to 8192
[  758.520734][T14622] x_tables: duplicate underflow at hook 1
[  758.565677][T14623] loop4: detected capacity change from 0 to 128
[  760.341418][   T26] kauditd_printk_skb: 39 callbacks suppressed
[  760.341435][   T26] audit: type=1326 audit(1764022874.315:1803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14653 comm="syz.5.3418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  760.405690][   T26] audit: type=1326 audit(1764022874.355:1804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14653 comm="syz.5.3418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  760.474529][   T26] audit: type=1326 audit(1764022874.365:1805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14653 comm="syz.5.3418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  760.532133][   T26] audit: type=1326 audit(1764022874.365:1806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14653 comm="syz.5.3418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  760.655626][   T26] audit: type=1326 audit(1764022874.385:1807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14653 comm="syz.5.3418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  760.692042][   T26] audit: type=1326 audit(1764022874.385:1808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14653 comm="syz.5.3418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  760.812060][   T26] audit: type=1326 audit(1764022874.435:1809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14653 comm="syz.5.3418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  760.933218][   T26] audit: type=1326 audit(1764022874.435:1810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14653 comm="syz.5.3418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  761.018116][   T26] audit: type=1326 audit(1764022874.455:1811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14653 comm="syz.5.3418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  761.089590][   T26] audit: type=1326 audit(1764022874.455:1812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14653 comm="syz.5.3418" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2259f8f749 code=0x7ffc0000
[  761.229449][T14678] loop4: detected capacity change from 0 to 2048
[  761.313910][T14678] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  762.500219][T13766] EXT4-fs (loop4): unmounting filesystem.
[  763.949416][T14718] bridge0: port 3(gretap0) entered blocking state
[  763.973763][T14718] bridge0: port 3(gretap0) entered disabled state
[  763.994654][T14718] device gretap0 entered promiscuous mode
[  764.016573][T14718] bridge0: port 3(gretap0) entered blocking state
[  764.023911][T14718] bridge0: port 3(gretap0) entered forwarding state
[  764.088943][T14721] device gretap0 left promiscuous mode
[  764.097162][T14721] bridge0: port 3(gretap0) entered disabled state
[  764.438637][T14715] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3438'.
[  765.050940][T14750] xt_hashlimit: max too large, truncated to 1048576
[  765.057848][T14750] No such timeout policy "syz1"
[  765.235573][T14752] netlink: 64 bytes leftover after parsing attributes in process `syz.5.3453'.
[  765.711340][T14764] netlink: 'syz.5.3456': attribute type 10 has an invalid length.
[  767.360754][T14790] xt_hashlimit: max too large, truncated to 1048576
[  767.378071][T14790] No such timeout policy "syz1"
[  767.655203][T14792] loop3: detected capacity change from 0 to 512
[  767.729327][T14792] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2196: inode #15: comm syz.3.3468: corrupted in-inode xattr
[  767.790240][T14792] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.3468: couldn't read orphan inode 15 (err -117)
[  767.861327][T14792] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  768.864976][T12293] EXT4-fs (loop3): unmounting filesystem.
[  769.017615][T14803] loop4: detected capacity change from 0 to 512
[  769.136732][   T26] kauditd_printk_skb: 155 callbacks suppressed
[  769.136749][   T26] audit: type=1326 audit(1764022883.115:1968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14808 comm="syz.2.3472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc65b8f749 code=0x7ffc0000
[  769.189046][T14803] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.3469: bg 0: block 393: padding at end of block bitmap is not set
[  769.284277][   T26] audit: type=1326 audit(1764022883.155:1969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14808 comm="syz.2.3472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc65b8f749 code=0x7ffc0000
[  769.340819][T14803] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6165: Corrupt filesystem
[  769.391185][   T26] audit: type=1326 audit(1764022883.155:1970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14808 comm="syz.2.3472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdc65b8f749 code=0x7ffc0000
[  769.428842][T14803] EXT4-fs (loop4): 2 truncates cleaned up
[  769.478179][T14803] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  769.487738][   T26] audit: type=1326 audit(1764022883.165:1971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14808 comm="syz.2.3472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc65b8f749 code=0x7ffc0000
[  769.612173][   T26] audit: type=1326 audit(1764022883.165:1972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14808 comm="syz.2.3472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc65b8f749 code=0x7ffc0000
[  769.710490][   T26] audit: type=1326 audit(1764022883.165:1973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14808 comm="syz.2.3472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=424 compat=0 ip=0x7fdc65b8f749 code=0x7ffc0000
[  769.819926][   T26] audit: type=1326 audit(1764022883.165:1974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14808 comm="syz.2.3472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc65b8f749 code=0x7ffc0000
[  769.915193][   T26] audit: type=1326 audit(1764022883.165:1975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14808 comm="syz.2.3472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc65b8f749 code=0x7ffc0000
[  770.388819][T14827] loop3: detected capacity change from 0 to 512
[  770.469232][T14827] fscrypt (loop3, inode 2): Error -61 getting encryption context
[  770.495353][T14827] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -61
[  770.533322][T14827] EXT4-fs error (device loop3): ext4_orphan_get:1400: inode #13: comm syz.3.3477: iget: bad i_size value: 12154757448730
[  770.632236][T14827] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.3477: couldn't read orphan inode 13 (err -117)
[  770.676832][T14832] serio: Serial port ttyS3
[  770.686188][T14827] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  770.825988][T12293] EXT4-fs (loop3): unmounting filesystem.
[  771.041344][T14837] netlink: 'syz.3.3480': attribute type 39 has an invalid length.
[  771.594158][T14842] loop3: detected capacity change from 0 to 512
[  771.710921][T14842] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2196: inode #15: comm syz.3.3482: corrupted in-inode xattr
[  771.744664][T14842] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.3482: couldn't read orphan inode 15 (err -117)
[  771.796363][T14842] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  772.767454][T12293] EXT4-fs (loop3): unmounting filesystem.
[  773.715718][ T4322] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  773.735586][ T4322] hid-generic 0000:0000:0000.0008: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  773.897895][T14760] Set syz1 is full, maxelem 65536 reached
[  774.044496][T14871] loop2: detected capacity change from 0 to 512
[  774.096914][T14871] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  774.272933][T14871] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1097: group 0, block bitmap and bg descriptor inconsistent: 214 vs 220 free clusters
[  774.311184][T14871] EXT4-fs (loop2): 1 truncate cleaned up
[  774.317145][T14871] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  775.117047][T13352] EXT4-fs (loop2): unmounting filesystem.
[  775.826379][T14893] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3)
[  775.832977][T14893] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  775.842066][T14896] vhci_hcd vhci_hcd.0: pdev(3) rhport(1) sockfd(6)
[  775.848663][T14896] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  775.899125][T14893] vhci_hcd vhci_hcd.0: Device attached
[  775.918766][T13766] EXT4-fs (loop4): unmounting filesystem.
[  775.932348][T14896] vhci_hcd vhci_hcd.0: Device attached
[  775.959867][T14897] vhci_hcd: connection closed
[  775.983690][ T4406] vhci_hcd: stop threads
[  775.997496][T14894] vhci_hcd: connection closed
[  775.998848][ T4406] vhci_hcd: release socket
[  776.013660][ T4406] vhci_hcd: disconnect device
[  776.018865][ T4406] vhci_hcd: stop threads
[  776.031817][ T4406] vhci_hcd: release socket
[  776.040845][ T4406] vhci_hcd: disconnect device
[  776.112307][ T4322] vhci_hcd: vhci_device speed not set
[  778.534444][T14937] tipc: Started in network mode
[  778.539400][T14937] tipc: Node identity ac14140f, cluster identity 4711
[  778.566821][T14937] tipc: New replicast peer: 255.255.255.83
[  778.609167][T14937] tipc: Enabled bearer <udp:£>, priority 10
[  779.540196][   T26] audit: type=1326 audit(1764022893.515:1976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14952 comm="syz.3.3524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f707bb8f749 code=0x7ffc0000
[  779.644768][   T26] audit: type=1326 audit(1764022893.515:1977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14952 comm="syz.3.3524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=85 compat=0 ip=0x7f707bb8f749 code=0x7ffc0000
[  779.729101][   T26] audit: type=1326 audit(1764022893.515:1978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14952 comm="syz.3.3524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f707bb8f749 code=0x7ffc0000
[  779.753710][T11248] tipc: Node number set to 2886997007
[  779.761022][   T26] audit: type=1326 audit(1764022893.555:1979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14952 comm="syz.3.3524" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f707bb8f749 code=0x7ffc0000
[  779.808978][   T26] audit: type=1326 audit(1764022893.765:1980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14960 comm="syz.4.3525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f415918f749 code=0x7ffc0000
[  779.902167][   T26] audit: type=1326 audit(1764022893.765:1981): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14960 comm="syz.4.3525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f415918f749 code=0x7ffc0000
[  779.964270][T14966] loop1: detected capacity change from 0 to 512
[  779.993263][   T26] audit: type=1326 audit(1764022893.785:1982): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14960 comm="syz.4.3525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f415918f749 code=0x7ffc0000
[  780.023869][   T26] audit: type=1326 audit(1764022893.785:1983): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14960 comm="syz.4.3525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f415918f749 code=0x7ffc0000
[  780.048585][   T26] audit: type=1326 audit(1764022893.785:1984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14960 comm="syz.4.3525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f415918f749 code=0x7ffc0000
[  780.072223][   T26] audit: type=1326 audit(1764022893.785:1985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14960 comm="syz.4.3525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f415918f749 code=0x7ffc0000
[  780.082407][T14966] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2196: inode #15: comm syz.1.3528: corrupted in-inode xattr
[  780.172520][T14966] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.3528: couldn't read orphan inode 15 (err -117)
[  780.208747][T14966] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  780.242159][ T4275] Bluetooth: hci0: command 0x0406 tx timeout
[  781.135433][T12942] EXT4-fs (loop1): unmounting filesystem.
[  782.299618][T15005] syz.5.3543[15005] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  782.300838][T15005] syz.5.3543[15005] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  782.366654][T15005] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3543'.
[  782.773840][T15014] loop3: detected capacity change from 0 to 512
[  782.786155][T15015] loop4: detected capacity change from 0 to 256
[  782.822054][T15015] FAT-fs (loop4): bogus number of FAT sectors
[  782.834756][T15015] FAT-fs (loop4): Can't find a valid FAT filesystem
[  782.840551][T15014] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2196: inode #15: comm syz.3.3547: corrupted in-inode xattr
[  782.892375][T15014] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.3547: couldn't read orphan inode 15 (err -117)
[  782.912185][T15014] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  782.921183][T13609] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  783.970147][T12293] EXT4-fs (loop3): unmounting filesystem.
[  784.543426][   T26] kauditd_printk_skb: 117 callbacks suppressed
[  784.543443][   T26] audit: type=1326 audit(1764022898.525:2103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15046 comm="syz.2.3559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc65b8f749 code=0x7ffc0000
[  785.372059][   T26] audit: type=1326 audit(1764022898.595:2104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15046 comm="syz.2.3559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdc65b8f749 code=0x7ffc0000
[  785.443272][   T26] audit: type=1326 audit(1764022898.595:2105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15046 comm="syz.2.3559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc65b8f749 code=0x7ffc0000
[  785.496707][   T26] audit: type=1326 audit(1764022898.595:2106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15046 comm="syz.2.3559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fdc65b8f749 code=0x7ffc0000
[  785.554154][   T26] audit: type=1326 audit(1764022898.675:2107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15046 comm="syz.2.3559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc65b8f749 code=0x7ffc0000
[  785.587103][   T26] audit: type=1326 audit(1764022898.675:2108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15046 comm="syz.2.3559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc65b8f749 code=0x7ffc0000
[  785.715251][T15060] loop1: detected capacity change from 0 to 512
[  785.739133][T15060] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2196: inode #15: comm syz.1.3564: corrupted in-inode xattr
[  786.352359][T15060] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.3564: couldn't read orphan inode 15 (err -117)
[  786.364997][T15060] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  786.909218][T15071] xt_hashlimit: max too large, truncated to 1048576
[  786.924617][T15071] No such timeout policy "syz1"
[  787.188486][T12942] EXT4-fs (loop1): unmounting filesystem.
[  787.466161][   T26] audit: type=1326 audit(1764022901.445:2109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15085 comm="syz.3.3570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f707bb8f749 code=0x7ffc0000
[  787.483033][T15087] loop1: detected capacity change from 0 to 512
[  787.525748][   T26] audit: type=1326 audit(1764022901.485:2110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15085 comm="syz.3.3570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=33 compat=0 ip=0x7f707bb8f749 code=0x7ffc0000
[  787.588074][   T26] audit: type=1326 audit(1764022901.485:2111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15085 comm="syz.3.3570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f707bb8f749 code=0x7ffc0000
[  787.775287][T15087] 
[  787.777700][T15087] ======================================================
[  787.784775][T15087] WARNING: possible circular locking dependency detected
[  787.792356][T15087] syzkaller #0 Not tainted
[  787.796832][T15087] ------------------------------------------------------
[  787.804026][T15087] syz.1.3569/15087 is trying to acquire lock:
[  787.812046][T15087] ffff88802e626b98 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: ext4_writepages+0x1c0/0x2e50
[  787.822305][T15087] 
[  787.822305][T15087] but task is already holding lock:
[  787.829708][T15087] ffff888073eb00c8 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x3fe/0x770
[  787.839623][T15087] 
[  787.839623][T15087] which lock already depends on the new lock.
[  787.839623][T15087] 
[  787.850072][T15087] 
[  787.850072][T15087] the existing dependency chain (in reverse order) is:
[  787.859119][T15087] 
[  787.859119][T15087] -> #1 (&ei->xattr_sem){++++}-{3:3}:
[  787.866824][T15087]        down_read+0x42/0x2d0
[  787.871580][T15087]        ext4_xattr_get+0x107/0x650
[  787.876855][T15087]        ext4_get_acl+0x80/0x660
[  787.881839][T15087]        get_acl+0x154/0x250
[  787.886466][T15087]        posix_acl_create+0x124/0x430
[  787.891986][T15087]        ext4_init_acl+0xb0/0x320
[  787.897097][T15087]        __ext4_new_inode+0x2e24/0x3a20
[  787.903125][T15087]        ext4_ext_migrate+0x5ef/0xe50
[  787.908729][T15087]        ext4_fileattr_set+0xeed/0x16c0
[  787.914801][T15087]        vfs_fileattr_set+0x842/0xaf0
[  787.920256][T15087]        do_vfs_ioctl+0x16c1/0x1d10
[  787.927957][T15087]        __se_sys_ioctl+0x83/0x170
[  787.933179][T15087]        do_syscall_64+0x4c/0xa0
[  787.938157][T15087]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  787.944692][T15087] 
[  787.944692][T15087] -> #0 (&sbi->s_writepages_rwsem){++++}-{0:0}:
[  787.953167][T15087]        __lock_acquire+0x2cf8/0x7c50
[  787.958588][T15087]        lock_acquire+0x1b4/0x490
[  787.963655][T15087]        percpu_down_read+0x44/0x1a0
[  787.968974][T15087]        ext4_writepages+0x1c0/0x2e50
[  787.974477][T15087]        do_writepages+0x3b7/0x610
[  787.980285][T15087]        __writeback_single_inode+0x156/0x1160
[  787.986951][T15087]        writeback_single_inode+0x221/0x8b0
[  787.992895][T15087]        write_inode_now+0x15d/0x1d0
[  787.998220][T15087]        iput+0x613/0x980
[  788.002579][T15087]        ext4_xattr_block_set+0x2736/0x32a0
[  788.008611][T15087]        ext4_expand_extra_isize_ea+0x109b/0x19b0
[  788.015374][T15087]        __ext4_expand_extra_isize+0x301/0x3e0
[  788.021572][T15087]        __ext4_mark_inode_dirty+0x47f/0x770
[  788.027623][T15087]        ext4_evict_inode+0xa73/0x1100
[  788.033160][T15087]        evict+0x485/0x870
[  788.037625][T15087]        ext4_orphan_cleanup+0xbd3/0x1400
[  788.043377][T15087]        ext4_fill_super+0x7bdf/0x8150
[  788.048855][T15087]        get_tree_bdev+0x3f1/0x610
[  788.053989][T15087]        vfs_get_tree+0x88/0x270
[  788.058951][T15087]        do_new_mount+0x24a/0xa40
[  788.064105][T15087]        __se_sys_mount+0x2d6/0x3c0
[  788.069388][T15087]        do_syscall_64+0x4c/0xa0
[  788.074361][T15087]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  788.080816][T15087] 
[  788.080816][T15087] other info that might help us debug this:
[  788.080816][T15087] 
[  788.091087][T15087]  Possible unsafe locking scenario:
[  788.091087][T15087] 
[  788.098547][T15087]        CPU0                    CPU1
[  788.104071][T15087]        ----                    ----
[  788.109728][T15087]   lock(&ei->xattr_sem);
[  788.114707][T15087]                                lock(&sbi->s_writepages_rwsem);
[  788.122626][T15087]                                lock(&ei->xattr_sem);
[  788.129493][T15087]   lock(&sbi->s_writepages_rwsem);
[  788.134718][T15087] 
[  788.134718][T15087]  *** DEADLOCK ***
[  788.134718][T15087] 
[  788.142873][T15087] 3 locks held by syz.1.3569/15087:
[  788.148111][T15087]  #0: ffff888079e840e0 (&type->s_umount_key#27/1){+.+.}-{3:3}, at: alloc_super+0x1fa/0x930
[  788.158236][T15087]  #1: ffff888079e84650 (sb_internal){.+.+}-{0:0}, at: ext4_evict_inode+0x436/0x1100
[  788.167976][T15087]  #2: ffff888073eb00c8 (&ei->xattr_sem){++++}-{3:3}, at: __ext4_mark_inode_dirty+0x3fe/0x770
[  788.178295][T15087] 
[  788.178295][T15087] stack backtrace:
[  788.184226][T15087] CPU: 0 PID: 15087 Comm: syz.1.3569 Not tainted syzkaller #0
[  788.191785][T15087] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  788.202658][T15087] Call Trace:
[  788.205960][T15087]  <TASK>
[  788.209013][T15087]  dump_stack_lvl+0x168/0x22e
[  788.213862][T15087]  ? load_image+0x3b0/0x3b0
[  788.218516][T15087]  ? show_regs_print_info+0x12/0x12
[  788.223845][T15087]  ? print_circular_bug+0x12b/0x1a0
[  788.229082][T15087]  check_noncircular+0x274/0x310
[  788.234188][T15087]  ? add_chain_block+0x940/0x940
[  788.239170][T15087]  ? lockdep_lock+0xdc/0x1e0
[  788.243793][T15087]  ? verify_lock_unused+0x140/0x140
[  788.249007][T15087]  ? _find_first_zero_bit+0xcf/0x100
[  788.254331][T15087]  __lock_acquire+0x2cf8/0x7c50
[  788.259395][T15087]  ? lockdep_unlock+0x133/0x2d0
[  788.264344][T15087]  ? verify_lock_unused+0x140/0x140
[  788.269577][T15087]  ? mark_lock+0x94/0x320
[  788.273925][T15087]  ? __lock_acquire+0x13c0/0x7c50
[  788.278967][T15087]  ? mark_lock+0x94/0x320
[  788.283324][T15087]  lock_acquire+0x1b4/0x490
[  788.287845][T15087]  ? ext4_writepages+0x1c0/0x2e50
[  788.292899][T15087]  ? __might_sleep+0xd0/0xd0
[  788.297541][T15087]  ? __lock_acquire+0x13c0/0x7c50
[  788.302807][T15087]  ? read_lock_is_recursive+0x10/0x10
[  788.308234][T15087]  percpu_down_read+0x44/0x1a0
[  788.313039][T15087]  ? ext4_writepages+0x1c0/0x2e50
[  788.318271][T15087]  ext4_writepages+0x1c0/0x2e50
[  788.323164][T15087]  ? xfd_validate_state+0x69/0x140
[  788.328315][T15087]  ? save_fpregs_to_fpstate+0x9f/0x200
[  788.333817][T15087]  ? mark_lock+0x94/0x320
[  788.338170][T15087]  ? ext4_read_folio+0x370/0x370
[  788.343124][T15087]  ? __lock_acquire+0x13c0/0x7c50
[  788.348171][T15087]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  788.354176][T15087]  ? lockdep_hardirqs_on+0x94/0x140
[  788.359396][T15087]  ? __schedule+0x10f4/0x40b0
[  788.364135][T15087]  ? ext4_read_folio+0x370/0x370
[  788.369085][T15087]  do_writepages+0x3b7/0x610
[  788.373696][T15087]  ? __writepage+0x130/0x130
[  788.378298][T15087]  ? writeback_single_inode+0x216/0x8b0
[  788.383861][T15087]  ? __lock_acquire+0x7c50/0x7c50
[  788.388903][T15087]  ? do_raw_spin_lock+0x11d/0x280
[  788.394039][T15087]  __writeback_single_inode+0x156/0x1160
[  788.399693][T15087]  writeback_single_inode+0x221/0x8b0
[  788.405205][T15087]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[  788.411610][T15087]  ? write_inode_now+0x1d0/0x1d0
[  788.416764][T15087]  write_inode_now+0x15d/0x1d0
[  788.421634][T15087]  ? bdi_split_work_to_wbs+0x890/0x890
[  788.427154][T15087]  ? rcu_is_watching+0x11/0xa0
[  788.431943][T15087]  ? do_raw_spin_unlock+0x11d/0x230
[  788.437171][T15087]  iput+0x613/0x980
[  788.441114][T15087]  ext4_xattr_block_set+0x2736/0x32a0
[  788.446556][T15087]  ? __might_sleep+0xd0/0xd0
[  788.451199][T15087]  ? xattr_find_entry+0x12b/0x2f0
[  788.456255][T15087]  ? ext4_xattr_block_find+0x2b0/0x2b0
[  788.461781][T15087]  ? ext4_xattr_block_find+0x241/0x2b0
[  788.467264][T15087]  ext4_expand_extra_isize_ea+0x109b/0x19b0
[  788.473188][T15087]  __ext4_expand_extra_isize+0x301/0x3e0
[  788.478847][T15087]  __ext4_mark_inode_dirty+0x47f/0x770
[  788.484334][T15087]  ext4_evict_inode+0xa73/0x1100
[  788.489294][T15087]  ? _raw_spin_unlock+0x24/0x40
[  788.494168][T15087]  ? ext4_inode_is_fast_symlink+0x390/0x390
[  788.500084][T15087]  ? do_raw_spin_unlock+0x11d/0x230
[  788.505305][T15087]  ? ext4_inode_is_fast_symlink+0x390/0x390
[  788.511582][T15087]  evict+0x485/0x870
[  788.515510][T15087]  ? __lock_acquire+0x7c50/0x7c50
[  788.520592][T15087]  ? proc_nr_inodes+0x2f0/0x2f0
[  788.525582][T15087]  ? do_raw_spin_unlock+0x11d/0x230
[  788.530837][T15087]  ? _raw_spin_unlock+0x24/0x40
[  788.535710][T15087]  ? iput+0x768/0x980
[  788.539711][T15087]  ext4_orphan_cleanup+0xbd3/0x1400
[  788.544937][T15087]  ? ext4_orphan_del+0xb90/0xb90
[  788.549900][T15087]  ? errseq_check_and_advance+0x62/0x120
[  788.555556][T15087]  ext4_fill_super+0x7bdf/0x8150
[  788.560565][T15087]  ? bdev_name+0x2c1/0x3f0
[  788.565078][T15087]  ? ext4_parse_test_dummy_encryption+0xb0/0xb0
[  788.571357][T15087]  ? snprintf+0xd7/0x120
[  788.575670][T15087]  ? preempt_count_add+0x8d/0x190
[  788.580726][T15087]  ? vscnprintf+0x80/0x80
[  788.585082][T15087]  ? set_blocksize+0x1d3/0x350
[  788.589870][T15087]  ? sb_set_blocksize+0xa5/0xe0
[  788.594739][T15087]  get_tree_bdev+0x3f1/0x610
[  788.599355][T15087]  ? ext4_parse_test_dummy_encryption+0xb0/0xb0
[  788.605631][T15087]  vfs_get_tree+0x88/0x270
[  788.610682][T15087]  do_new_mount+0x24a/0xa40
[  788.615230][T15087]  __se_sys_mount+0x2d6/0x3c0
[  788.619934][T15087]  ? __x64_sys_mount+0xc0/0xc0
[  788.624739][T15087]  ? lockdep_hardirqs_on+0x94/0x140
[  788.630045][T15087]  ? __x64_sys_mount+0x1c/0xc0
[  788.634824][T15087]  do_syscall_64+0x4c/0xa0
[  788.639258][T15087]  ? clear_bhb_loop+0x60/0xb0
[  788.643951][T15087]  ? clear_bhb_loop+0x60/0xb0
[  788.648649][T15087]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  788.654558][T15087] RIP: 0033:0x7fa54d990eea
[  788.659001][T15087] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  788.678635][T15087] RSP: 002b:00007fa54e886e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  788.687064][T15087] RAX: ffffffffffffffda RBX: 00007fa54e886ef0 RCX: 00007fa54d990eea
[  788.695078][T15087] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007fa54e886eb0
[  788.703696][T15087] RBP: 0000200000000180 R08: 00007fa54e886ef0 R09: 0000000000800700
[  788.711710][T15087] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0
[  788.719993][T15087] R13: 00007fa54e886eb0 R14: 000000000000046f R15: 000000000000002c
[  788.728006][T15087]  </TASK>
[  789.151162][T15087] ------------[ cut here ]------------
[  789.156941][T15087] EA inode 11 i_nlink=2
[  789.157269][T15087] WARNING: CPU: 0 PID: 15087 at fs/ext4/xattr.c:1022 ext4_xattr_inode_update_ref+0x4be/0x520
[  789.171745][T15087] Modules linked in:
[  789.175766][T15087] CPU: 0 PID: 15087 Comm: syz.1.3569 Not tainted syzkaller #0
[  789.183313][T15087] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  789.193449][T15087] RIP: 0010:ext4_xattr_inode_update_ref+0x4be/0x520
[  789.200114][T15087] Code: 8d 7d 40 4c 89 f8 48 c1 e8 03 42 80 3c 30 00 74 08 4c 89 ff e8 63 ef 9c ff 49 8b 37 48 c7 c7 40 91 a0 8a 89 da e8 32 e5 18 ff <0f> 0b 49 be 00 00 00 00 00 fc ff df 4c 8b 6c 24 10 4c 8b 7c 24 08
[  789.221013][T15087] RSP: 0018:ffffc90003457200 EFLAGS: 00010246
[  789.227293][T15087] RAX: c97086c1e2a20e00 RBX: 0000000000000002 RCX: 0000000000080000
[  789.235420][T15087] RDX: ffffc9000e2f1000 RSI: 000000000007ffff RDI: 0000000000080000
[  789.243484][T15087] RBP: ffffc900034572e8 R08: dffffc0000000000 R09: fffff5200068add1
[  789.251490][T15087] R10: fffff5200068add1 R11: 1ffff9200068add0 R12: ffffc90003457260
[  789.259540][T15087] R13: ffff888073eb20c8 R14: dffffc0000000000 R15: ffff888073eb2108
[  789.267571][T15087] FS:  00007fa54e8876c0(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[  789.276589][T15087] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  789.283239][T15087] CR2: 00007f225a1b42f8 CR3: 00000000572e9000 CR4: 00000000003506f0
[  789.291244][T15087] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  789.299372][T15087] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  789.308309][T15087] Call Trace:
[  789.312037][T15087]  <TASK>
[  789.315005][T15087]  ? ext4_xattr_block_csum+0x500/0x500
[  789.320486][T15087]  ? ext4_xattr_inode_iget+0x3f0/0x600
[  789.326224][T15087]  ext4_xattr_set_entry+0xb33/0x1e90
[  789.331563][T15087]  ext4_xattr_ibody_set+0x250/0x690
[  789.336967][T15087]  ext4_expand_extra_isize_ea+0x10e5/0x19b0
[  789.342962][T15087]  __ext4_expand_extra_isize+0x301/0x3e0
[  789.348643][T15087]  __ext4_mark_inode_dirty+0x47f/0x770
[  789.354192][T15087]  ext4_evict_inode+0xa73/0x1100
[  789.359179][T15087]  ? _raw_spin_unlock+0x24/0x40
[  789.364132][T15087]  ? ext4_inode_is_fast_symlink+0x390/0x390
[  789.370072][T15087]  ? do_raw_spin_unlock+0x11d/0x230
[  789.375438][T15087]  ? ext4_inode_is_fast_symlink+0x390/0x390
[  789.381566][T15087]  evict+0x485/0x870
[  789.385532][T15087]  ? __lock_acquire+0x7c50/0x7c50
[  789.390600][T15087]  ? proc_nr_inodes+0x2f0/0x2f0
[  789.395519][T15087]  ? do_raw_spin_unlock+0x11d/0x230
[  789.401389][T15087]  ? _raw_spin_unlock+0x24/0x40
[  789.406585][T15087]  ? iput+0x768/0x980
[  789.410716][T15087]  ext4_orphan_cleanup+0xbd3/0x1400
[  789.416493][T15087]  ? ext4_orphan_del+0xb90/0xb90
[  789.421733][T15087]  ? errseq_check_and_advance+0x62/0x120
[  789.427895][T15087]  ext4_fill_super+0x7bdf/0x8150
[  789.433025][T15087]  ? bdev_name+0x2c1/0x3f0
[  789.437554][T15087]  ? ext4_parse_test_dummy_encryption+0xb0/0xb0
[  789.443893][T15087]  ? snprintf+0xd7/0x120
[  789.448199][T15087]  ? preempt_count_add+0x8d/0x190
[  789.453285][T15087]  ? vscnprintf+0x80/0x80
[  789.457665][T15087]  ? set_blocksize+0x1d3/0x350
[  789.462536][T15087]  ? sb_set_blocksize+0xa5/0xe0
[  789.467505][T15087]  get_tree_bdev+0x3f1/0x610
[  789.472224][T15087]  ? ext4_parse_test_dummy_encryption+0xb0/0xb0
[  789.478588][T15087]  vfs_get_tree+0x88/0x270
[  789.483082][T15087]  do_new_mount+0x24a/0xa40
[  789.487778][T15087]  __se_sys_mount+0x2d6/0x3c0
[  789.492623][T15087]  ? __x64_sys_mount+0xc0/0xc0
[  789.497548][T15087]  ? lockdep_hardirqs_on+0x94/0x140
[  789.502950][T15087]  ? __x64_sys_mount+0x1c/0xc0
[  789.508128][T15087]  do_syscall_64+0x4c/0xa0
[  789.512904][T15087]  ? clear_bhb_loop+0x60/0xb0
[  789.517714][T15087]  ? clear_bhb_loop+0x60/0xb0
[  789.523092][T15087]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  789.529150][T15087] RIP: 0033:0x7fa54d990eea
[  789.533667][T15087] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  789.553353][T15087] RSP: 002b:00007fa54e886e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  789.561803][T15087] RAX: ffffffffffffffda RBX: 00007fa54e886ef0 RCX: 00007fa54d990eea
[  789.569840][T15087] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007fa54e886eb0
[  789.577893][T15087] RBP: 0000200000000180 R08: 00007fa54e886ef0 R09: 0000000000800700
[  789.585957][T15087] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0
[  789.594000][T15087] R13: 00007fa54e886eb0 R14: 000000000000046f R15: 000000000000002c
[  789.602810][T15087]  </TASK>
[  789.606059][T15087] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  789.613502][T15087] CPU: 0 PID: 15087 Comm: syz.1.3569 Not tainted syzkaller #0
[  789.620975][T15087] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  789.631079][T15087] Call Trace:
[  789.634383][T15087]  <TASK>
[  789.637360][T15087]  dump_stack_lvl+0x168/0x22e
[  789.642059][T15087]  ? memcpy+0x3c/0x60
[  789.646084][T15087]  ? show_regs_print_info+0x12/0x12
[  789.651296][T15087]  ? load_image+0x3b0/0x3b0
[  789.655829][T15087]  panic+0x2c9/0x710
[  789.659745][T15087]  ? bpf_jit_dump+0xd0/0xd0
[  789.664285][T15087]  __warn+0x2f8/0x4f0
[  789.668319][T15087]  ? ext4_xattr_inode_update_ref+0x4be/0x520
[  789.674322][T15087]  ? ext4_xattr_inode_update_ref+0x4be/0x520
[  789.680325][T15087]  report_bug+0x2ba/0x4f0
[  789.684671][T15087]  ? ext4_xattr_inode_update_ref+0x4be/0x520
[  789.690690][T15087]  handle_bug+0x3a/0x70
[  789.694863][T15087]  exc_invalid_op+0x16/0x40
[  789.699980][T15087]  asm_exc_invalid_op+0x16/0x20
[  789.705063][T15087] RIP: 0010:ext4_xattr_inode_update_ref+0x4be/0x520
[  789.711729][T15087] Code: 8d 7d 40 4c 89 f8 48 c1 e8 03 42 80 3c 30 00 74 08 4c 89 ff e8 63 ef 9c ff 49 8b 37 48 c7 c7 40 91 a0 8a 89 da e8 32 e5 18 ff <0f> 0b 49 be 00 00 00 00 00 fc ff df 4c 8b 6c 24 10 4c 8b 7c 24 08
[  789.731366][T15087] RSP: 0018:ffffc90003457200 EFLAGS: 00010246
[  789.737976][T15087] RAX: c97086c1e2a20e00 RBX: 0000000000000002 RCX: 0000000000080000
[  789.745982][T15087] RDX: ffffc9000e2f1000 RSI: 000000000007ffff RDI: 0000000000080000
[  789.753970][T15087] RBP: ffffc900034572e8 R08: dffffc0000000000 R09: fffff5200068add1
[  789.761955][T15087] R10: fffff5200068add1 R11: 1ffff9200068add0 R12: ffffc90003457260
[  789.769995][T15087] R13: ffff888073eb20c8 R14: dffffc0000000000 R15: ffff888073eb2108
[  789.778003][T15087]  ? ext4_xattr_block_csum+0x500/0x500
[  789.783658][T15087]  ? ext4_xattr_inode_iget+0x3f0/0x600
[  789.789157][T15087]  ext4_xattr_set_entry+0xb33/0x1e90
[  789.794469][T15087]  ext4_xattr_ibody_set+0x250/0x690
[  789.799711][T15087]  ext4_expand_extra_isize_ea+0x10e5/0x19b0
[  789.805638][T15087]  __ext4_expand_extra_isize+0x301/0x3e0
[  789.811674][T15087]  __ext4_mark_inode_dirty+0x47f/0x770
[  789.817451][T15087]  ext4_evict_inode+0xa73/0x1100
[  789.822444][T15087]  ? _raw_spin_unlock+0x24/0x40
[  789.827324][T15087]  ? ext4_inode_is_fast_symlink+0x390/0x390
[  789.833248][T15087]  ? do_raw_spin_unlock+0x11d/0x230
[  789.838490][T15087]  ? ext4_inode_is_fast_symlink+0x390/0x390
[  789.844423][T15087]  evict+0x485/0x870
[  789.848331][T15087]  ? __lock_acquire+0x7c50/0x7c50
[  789.853394][T15087]  ? proc_nr_inodes+0x2f0/0x2f0
[  789.858258][T15087]  ? do_raw_spin_unlock+0x11d/0x230
[  789.863479][T15087]  ? _raw_spin_unlock+0x24/0x40
[  789.868349][T15087]  ? iput+0x768/0x980
[  789.872346][T15087]  ext4_orphan_cleanup+0xbd3/0x1400
[  789.877573][T15087]  ? ext4_orphan_del+0xb90/0xb90
[  789.882529][T15087]  ? errseq_check_and_advance+0x62/0x120
[  789.888179][T15087]  ext4_fill_super+0x7bdf/0x8150
[  789.893124][T15087]  ? bdev_name+0x2c1/0x3f0
[  789.897613][T15087]  ? ext4_parse_test_dummy_encryption+0xb0/0xb0
[  789.903893][T15087]  ? snprintf+0xd7/0x120
[  789.908271][T15087]  ? preempt_count_add+0x8d/0x190
[  789.913968][T15087]  ? vscnprintf+0x80/0x80
[  789.918340][T15087]  ? set_blocksize+0x1d3/0x350
[  789.923148][T15087]  ? sb_set_blocksize+0xa5/0xe0
[  789.928036][T15087]  get_tree_bdev+0x3f1/0x610
[  789.932661][T15087]  ? ext4_parse_test_dummy_encryption+0xb0/0xb0
[  789.938956][T15087]  vfs_get_tree+0x88/0x270
[  789.943422][T15087]  do_new_mount+0x24a/0xa40
[  789.947942][T15087]  __se_sys_mount+0x2d6/0x3c0
[  789.952635][T15087]  ? __x64_sys_mount+0xc0/0xc0
[  789.957433][T15087]  ? lockdep_hardirqs_on+0x94/0x140
[  789.962673][T15087]  ? __x64_sys_mount+0x1c/0xc0
[  789.967497][T15087]  do_syscall_64+0x4c/0xa0
[  789.972111][T15087]  ? clear_bhb_loop+0x60/0xb0
[  789.976803][T15087]  ? clear_bhb_loop+0x60/0xb0
[  789.981498][T15087]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  789.987414][T15087] RIP: 0033:0x7fa54d990eea
[  789.991877][T15087] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  790.012491][T15087] RSP: 002b:00007fa54e886e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  790.021014][T15087] RAX: ffffffffffffffda RBX: 00007fa54e886ef0 RCX: 00007fa54d990eea
[  790.029110][T15087] RDX: 0000200000000180 RSI: 00002000000001c0 RDI: 00007fa54e886eb0
[  790.037118][T15087] RBP: 0000200000000180 R08: 00007fa54e886ef0 R09: 0000000000800700
[  790.045115][T15087] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0
[  790.053102][T15087] R13: 00007fa54e886eb0 R14: 000000000000046f R15: 000000000000002c
[  790.061095][T15087]  </TASK>
[  790.064567][T15087] Kernel Offset: disabled
[  790.068932][T15087] Rebooting in 86400 seconds..