last executing test programs:

22m49.928176801s ago: executing program 2 (id=560):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000001040)={'gre0\x00', &(0x7f0000001000)={'syztnl2\x00', 0x0, 0x0, 0x20, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x2f, 0x0, @broadcast, @rand_addr=0x3}}}})

22m49.180683337s ago: executing program 2 (id=564):
ioctl$FITRIM(0xffffffffffffffff, 0xc0185879, &(0x7f0000000000)={0x2, 0x9, 0x1ff})
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f0000000040)=0x8)
sendmmsg$inet6(r0, 0x0, 0x0, 0x64044800)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000200)={0x2, 0x0, 0x78d, 0x1, r2}, 0x10)

22m47.884216999s ago: executing program 2 (id=566):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20702, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f})
write$cgroup_int(r0, &(0x7f0000000100)=0x9, 0x12)

22m47.060387724s ago: executing program 2 (id=569):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000200100000102"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0xfe, 0x0, 0x7ffc0002}]})
getxattr(0x0, 0x0, 0x0, 0x0)

22m45.667469874s ago: executing program 2 (id=573):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x80000000}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x12, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000740)={r1, 0x0, 0x0}, 0x10)

22m45.208002559s ago: executing program 2 (id=577):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000001a40)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00'}, 0x10)
symlink(&(0x7f00000006c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', &(0x7f00000005c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
socket$inet_tcp(0x2, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
flock(r1, 0x5)
sched_setaffinity(0x0, 0x8, &(0x7f0000000100)=0x2)
sched_setscheduler(r2, 0x1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xfec8d000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000400)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
creat(0x0, 0xecf86c37d53049cc)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
clock_nanosleep(0x9, 0x0, &(0x7f0000000080)={0x0, 0x3938700}, 0x0)

22m41.824336066s ago: executing program 0 (id=583):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
socket$inet(0x2, 0x4000000000000001, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x8000, &(0x7f0000000240)={[{@noblock_validity}, {@grpquota}, {@i_version}, {@dioread_nolock}]}, 0x0, 0x44b, &(0x7f0000000dc0)="$eJzs281vG0UbAPBn7aR9274lKSof/YAGCqICkTRpgR44tAgkDiAhwaEcQ5JWoW6DmiDRKoKAUDmiShy4IY5I/AWc4IKAExJXuKNKFcqlhZPR2ruJ49hJnNh1iH8/aZWZ3XFmHu+OPbPjDaBnDUXEpxHx/4j4PSIGIiKpLzBU/XN3cX7i78X5iSTK5Tf/Sirl7izOT+RF89ftyzML1fyRBvXOXrt+abxUmrqa5UfmLr83Mnvt+rPTl8cvTl2cujJ25szpU6MvPD/2XFviTNt05/CHM0cPvfr2zdcnzt985+dvkyy8qIujTYbWOvhkmyvrtv016aSviw2hJcWISE9Xf6X/D0Qxlk/eQLzySVcbB3RUuVwu725+eKEM7GBJdLsFQHfkX/Tp/Dff7tHQY1u4fa46AUrjvptt1SN9UcjK9NfNb9spnW2dX/jnq3SLztyHAABY4ftz1b+rx3+FeLCm3NlsbWgwIg7ULG4cjIgHIiplH4qIh1usv36RZPX4p3CrxX/ZknT892K2trVy/JeP/mKwmOX2V+LvTy5Ml6ZORsR9EXEi+nen+dE16vjh5d8+b3ZsqGb8l25p/flYMGvHrb66G3ST43PjW4m51u2PIw73NYo/WVoJSCLiUEQcPra5Oqaf/uZos2Prx7+GNqwzlb+OeKp6/heiLv5csvb65Mj/ojR1ciS/Klb75dcbbzSrv9X4D3y5PGdrh/T87214/S/FP1gu1qzXzrZex40/Pms6p9ns9b8reauS3pXt+2B8bu7qaMSu5LVs/9nl/WPLr83zefk0/hPHG/f/+2P5nTgSEelF/EhEPBoRx7K2PxYRj0fE8TXi/+mlJ97dfPydlcY/uc75T2rX6zeRKF768bsVlQ62En96/k9XUieyPRv5/NtoA7f6/gEAAMB/QaHy2/+kMLyULhSGh6u/lz8Yewulmdm5Zy7MvH9lsvqMwGD0F/I7XQM190NHs2l9nh+ry5/K7ht/UdxTyQ9PzJQmux089Lh9Tfp/6s9it1sHdJzntaB36f/Qu/R/6F36P/SsRs//79lAGWAHaPT9/1EX2gHce8b/0Lta7f/VyYEpAewEvv+hd+n/0JO28lx/JxP5+sN2ac+KRLm8Xpm+7dLUziWisC2aIdGhRJc/mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANrk3wAAAP//+TvoKw==")
r0 = socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x7, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
socket$inet_tcp(0x2, 0x1, 0x0)
r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f00000083c0)={{0x1}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r2, 0x40505412, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
pipe2(&(0x7f0000000300), 0x80800)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r5}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x2d)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKINFO_GET(r7, 0x0, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="300000001000010800"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000080004000005000008001b"], 0x30}}, 0x0)

22m37.208775984s ago: executing program 0 (id=594):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@gettaction={0x30, 0x32, 0x20, 0x70bd25, 0x25dfdbfe, {}, [@action_gd=@TCA_ACT_TAB={0x1c, 0x1, [{0xc, 0x1c, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'bpf\x00'}}, {0xc, 0x1d, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x40000}, 0x4048840)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x4004001)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@newqdisc={0x44, 0x24, 0x1, 0x80000000, 0x0, {0x0, 0x0, 0x0, 0x0, {0x1, 0x3}, {0xa, 0xffe0}, {0x0, 0x9}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0x14, 0x8002, [@TCA_FQ_PIE_TUPDATE={0x8, 0x4, 0x12000000}, @TCA_FQ_PIE_LIMIT={0x8, 0x1, 0x9}]}}]}, 0x44}}, 0x20004055)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)

22m31.279520039s ago: executing program 32 (id=600):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x11, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a8000000b7080000000000007baaf8ff00000000b5080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000b300000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800"/16], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='task_newtask\x00', r2}, 0x10)
r4 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r3}, 0x8)
close(r4)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000940)={r1}, 0xc)

22m31.267114426s ago: executing program 0 (id=602):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x80000000}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x12, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000740)={r1, 0x0, 0x0}, 0x10)

22m30.824024429s ago: executing program 0 (id=606):
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000200)='./bus\x00', 0x1400c, &(0x7f0000000680)={[{@test_dummy_encryption}, {@init_itable}, {@noload}]}, 0x3, 0x470, &(0x7f0000001240)="$eJzs3MtvG1UXAPAzkzj98qUloZRXyyNQEBWPpGkLdMECEEgsioQEC1haSVqVpi1qjESrSKQsygohJPaIJf8CK9ggxAqJLexRpQp1Q8vKaOyZxHZsp2nsuMW/n+T23Hn43uOZa9+ZayeAoTWd/ZNE7I6I3yNisl5s3mC6/t+N6yvzN6+vzCdRrb77V1Lb7u/rK/PFpsV+E42FSOJAm3qXL146U15aWryQl2crZz+aXb546YXTZ8unFk8tnjty/Pixo3Mvv3TkxZ7kORFpHr31wVdvn/iiKf+WPHpkutvKp6vVHlc3WHsa4tEBtoOtGcmPV6nW/ydjpOHoTcabn60VPh1QA4G+qVar1YnOq1erwH9YEs1lXR6GRfFBX1z/trsOfrVvo4/Bu/Za/QIoy/tG/qivGV27Y1Bqub7tpemIeH/1n2+yR/TnPgQAQJMfsvHP89loZ2U+G3usjz/SeKBhu3vyuaGpiLg3IvZGxH1xLvZFxP0RtW0fjIiHtlh/6yTJxvFPevW2ErtF2fjvlXxuq3n8V4z+YmokL+2p5V9KTp5eWjycvyaHorQrK891qePHN377stO6xvFf9sjqL8aCeTuuju5q3mehXClvJ+dG1y5H7B9tl3+yNhOQRMTDEbG/3ROkm9dx+tnvHum0bvP8u+jBRFP124hn6sd/NVryLyTd5ydn/xdLi4dni7Nio19+vfJOp/q3lX8PZMf//23P/7X8p5LG+drlrddx5Y/PO17TTJfyYAvn/2q5Uh5L3qvFY/myT8qVyoW5iLHkRL3RjcuPrO9blIvts/wPHWzf//fG+itxICKyk/jRiHgsIh7Pj90TEfFkRBzskv/Prz/1Yeuy8SL/O+D4L2zp+K8HY9G6pH0wcuan75sqnVoP8/xvdn//O1aLDuVLbuX971badXtnMwAAANx90ojYHUk6sxan6cxM/Tv8+yLSpfPLledOnv/43EL9NwJTUUqLO12TDfdD5/LL+nr5ckTUv1pQrD8aae2+8dcj47XyzPz5pYVBJw9DbqJD/8/8OTLo1gF95wdbMLz0fxheXft/aefaAey8Df2/a5/f1de2ADurzef/+CDaAey8duN/f+8HhkNL/zftB0PE/X8YXvo/DC/9H4bS8nhs/iP5rkHxTLe5+2bBZMR2WziYIEp3RDP6FkTa9yrG+ntq9S1I7sI2bwgG954EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQS/8GAAD//3hZ0MA=")
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x2081413, 0x0, 0x1, 0x0, &(0x7f0000000080))
chdir(&(0x7f00000000c0)='./bus\x00')
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000040)='./bus\x00', 0x3010009, 0x0, 0x1, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
mount$overlay(0x0, &(0x7f0000000400)='./bus\x00', &(0x7f0000000b80), 0x200008, &(0x7f0000000380)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})

22m29.786288043s ago: executing program 33 (id=577):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000001a40)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00'}, 0x10)
symlink(&(0x7f00000006c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', &(0x7f00000005c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
socket$inet_tcp(0x2, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
flock(r1, 0x5)
sched_setaffinity(0x0, 0x8, &(0x7f0000000100)=0x2)
sched_setscheduler(r2, 0x1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xfec8d000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000400)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
creat(0x0, 0xecf86c37d53049cc)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
clock_nanosleep(0x9, 0x0, &(0x7f0000000080)={0x0, 0x3938700}, 0x0)

22m29.698760712s ago: executing program 0 (id=612):
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000001000000e27f000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000005700)={{r3}, &(0x7f0000005680), &(0x7f00000056c0)}, 0x20)
poll(&(0x7f0000002a40), 0x0, 0x9)

22m28.271493144s ago: executing program 0 (id=616):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000540), 0x1, 0x4a3, &(0x7f0000000580)="$eJzs3c1rXOUaAPBnZpo0SXNvP+7l0vbCbaEXej9oJh9IE3XjSl0UxIIbhRqTaayZZEJmUpvQRaq7LlyIoiAu3PsXuLEriyCudS8upKI1ggrCyDkzk+Zr4qBpBnJ+Pzid95z3dJ73zfC8nHnPOXMCyKyzyT+5iMGI+DwijjZWN+9wtvGydv/mVLLkol6//F0u3S9Zb+3a+n9HImI1Ivoi4tknI17KbY9bXV6ZnSyXS4vN9WJtbqFYXV65cG1ucqY0U5ofGb84MTE+PDY6sWd9vf3GK7cvffR074c/vX7v7puffJw0a7BZt7Efe6nR9Z44vmHboYh4/GEE64JCsz/93W4If0jy+f0tIs6l+X80CumnCWRBvV6v/1o/3K56tQ4cWPn0GDiXH4qIRjmfHxpqHMP/PQby5Uq19v+rlaX56cax8rHoyV+9Vi4NN78rHIueXLI+kpYfrI9uWR+LSI+B3yr0p+tDU5Xy9P4OdcAWR7bk/4+FRv4DGeErP2SX/Ifskv+QXfIfskv+Q3bJf8gu+Q/ZJf8hu+Q/ZJf8h+yS/5BJz1y6lCz11v3v09eXl2Yr1y9Ml6qzQ3NLU0NTlcWFoZlKZSa9Z2fu996vXKksjDwSSzeKtVK1Vqwur1yZqyzN166k9/VfKfXsS6+AThw/c+fLXESsPtqfLoneZp1chYOtXs9Ft+9BBrqj0O0BCOgaU3+QXb7jAzv8RO8mfe0qFva+LcD+yHe7AUDXnD/l/B9klfl/yC7z/5BdjvEB8/+QPeb/IbsG2zz/6y8bnt01HBF/jYgvCj2HW8/6Ag6C/De55vH/+aP/Htxa25v7OT1F0BsRr753+Z0bk7Xa4kiy/fv17bV3m9tHu9F+oFOtPG3lMQCQXWv3b061lv2M++0TjYsQtsc/1Jyb7EvPUQ6s5TZdq5Dbo2sXVm9FxMmd4ueazztvnPkYWCtsi3+i+ZprvEXa3kPpc9P3J/6pDfH/tSH+6T/9V4FsuJOMP8M75V8+zelYz7/N48/gHl070X78y6+Pf4U249+ZDmO8/P5rX7eNfyvi9I7xW/H60lhb4ydtO99h/HsvPPePdnX1Dxrvs1P8lqRUrM0tFKvLKxfS35GbKc2PjF+cmBgfHhudKKZz1MXWTPV2j5387O5u/R9oE3+3/ifb/tth/3/556fPn90l/n/O7fz5n9glfn9E/K/D+D+MfvViu7ok/nSb/ud3iZ9sG+swfvXtpw53uCsAsA+qyyuzk+VyaVFBQUFhvdDtkQl42B4kfbdbAgAAAAAAAAAAAHRqPy4n7nYfAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOgt8CAAD//1kn1ls=")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000700)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000012c0), 0xfe, 0x244, &(0x7f0000000400)="$eJzs3T9oJFUcB/DvzO565m6RUxtB/AMiooFwdoJNbBQCEoKIoEJExEZJhJhgl1jZWGitksomiJ3RUtIEG0WwipoiNoIGC4OFFiu7k0hMVqNu3Dkynw9MZibz3vzesPN9u83sBmisq0mmk7SSTCbpJCmON7i7Wq4e7q5PbM8nvd4TPxWDdtV+5ajflSRrSR5KslUWeamdrGw+s/fLzmP3vbncuff9zacnxnqRh/b3dh8/eG/2jY9mHlz54qsfZotMp/un6zp/xZD/tYvklv+j2HWiaNc9Av6Judc+/Lqf+1uT3DPIfydlqhfvraUbtjp54N2/6vv2j1/ePs6xAuev1+v03wPXekDjlEm6KcqpJNV2WU5NVZ/hv2ldLl9eXHp18sXF5YUX6p6pgPPSTXYf/eTSx1dO5P/7VpV/4OLq5//JuY1v+9sHrbpHA4zFHdWqn//J51bvj/xD48g/NJf8Q3PJPzSX/ENzyT80l/zDBdb5+8PyD80l/9Bc8g/NdTz/AECz9C7V/QQyUJe65x8AAAAAAAAAAAAAAAAAAOC09Ynt+aNlXDU/eyfZfyRJe1j91uD3iJMbB38v/1z0m/2hqLqN5Nm7RjzBiD6o+enrm76rt/7nd9Zbf3UhWXs9ybV2+/T9Vxzef//dzWcc7zw/YoF/qTix//BT461/0m8b9daf2Uk+7c8/14bNP2VuG6yHzz/ds79i+Uyv/DriCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABib3wMAAP//+kBtTA==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101842, 0x11)
r1 = openat(0xffffffffffffff9c, 0x0, 0x101042, 0x15)
pwrite64(r1, &(0x7f0000000140)='2', 0xfdef, 0xe7c)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000005c0))

22m27.601399426s ago: executing program 34 (id=616):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000540), 0x1, 0x4a3, &(0x7f0000000580)="$eJzs3c1rXOUaAPBnZpo0SXNvP+7l0vbCbaEXej9oJh9IE3XjSl0UxIIbhRqTaayZZEJmUpvQRaq7LlyIoiAu3PsXuLEriyCudS8upKI1ggrCyDkzk+Zr4qBpBnJ+Pzid95z3dJ73zfC8nHnPOXMCyKyzyT+5iMGI+DwijjZWN+9wtvGydv/mVLLkol6//F0u3S9Zb+3a+n9HImI1Ivoi4tknI17KbY9bXV6ZnSyXS4vN9WJtbqFYXV65cG1ucqY0U5ofGb84MTE+PDY6sWd9vf3GK7cvffR074c/vX7v7puffJw0a7BZt7Efe6nR9Z44vmHboYh4/GEE64JCsz/93W4If0jy+f0tIs6l+X80CumnCWRBvV6v/1o/3K56tQ4cWPn0GDiXH4qIRjmfHxpqHMP/PQby5Uq19v+rlaX56cax8rHoyV+9Vi4NN78rHIueXLI+kpYfrI9uWR+LSI+B3yr0p+tDU5Xy9P4OdcAWR7bk/4+FRv4DGeErP2SX/Ifskv+QXfIfskv+Q3bJf8gu+Q/ZJf8hu+Q/ZJf8h+yS/5BJz1y6lCz11v3v09eXl2Yr1y9Ml6qzQ3NLU0NTlcWFoZlKZSa9Z2fu996vXKksjDwSSzeKtVK1Vqwur1yZqyzN166k9/VfKfXsS6+AThw/c+fLXESsPtqfLoneZp1chYOtXs9Ft+9BBrqj0O0BCOgaU3+QXb7jAzv8RO8mfe0qFva+LcD+yHe7AUDXnD/l/B9klfl/yC7z/5BdjvEB8/+QPeb/IbsG2zz/6y8bnt01HBF/jYgvCj2HW8/6Ag6C/De55vH/+aP/Htxa25v7OT1F0BsRr753+Z0bk7Xa4kiy/fv17bV3m9tHu9F+oFOtPG3lMQCQXWv3b061lv2M++0TjYsQtsc/1Jyb7EvPUQ6s5TZdq5Dbo2sXVm9FxMmd4ueazztvnPkYWCtsi3+i+ZprvEXa3kPpc9P3J/6pDfH/tSH+6T/9V4FsuJOMP8M75V8+zelYz7/N48/gHl070X78y6+Pf4U249+ZDmO8/P5rX7eNfyvi9I7xW/H60lhb4ydtO99h/HsvPPePdnX1Dxrvs1P8lqRUrM0tFKvLKxfS35GbKc2PjF+cmBgfHhudKKZz1MXWTPV2j5387O5u/R9oE3+3/ifb/tth/3/556fPn90l/n/O7fz5n9glfn9E/K/D+D+MfvViu7ok/nSb/ud3iZ9sG+swfvXtpw53uCsAsA+qyyuzk+VyaVFBQUFhvdDtkQl42B4kfbdbAgAAAAAAAAAAAHRqPy4n7nYfAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOgt8CAAD//1kn1ls=")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000700)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000012c0), 0xfe, 0x244, &(0x7f0000000400)="$eJzs3T9oJFUcB/DvzO565m6RUxtB/AMiooFwdoJNbBQCEoKIoEJExEZJhJhgl1jZWGitksomiJ3RUtIEG0WwipoiNoIGC4OFFiu7k0hMVqNu3Dkynw9MZibz3vzesPN9u83sBmisq0mmk7SSTCbpJCmON7i7Wq4e7q5PbM8nvd4TPxWDdtV+5ajflSRrSR5KslUWeamdrGw+s/fLzmP3vbncuff9zacnxnqRh/b3dh8/eG/2jY9mHlz54qsfZotMp/un6zp/xZD/tYvklv+j2HWiaNc9Av6Judc+/Lqf+1uT3DPIfydlqhfvraUbtjp54N2/6vv2j1/ePs6xAuev1+v03wPXekDjlEm6KcqpJNV2WU5NVZ/hv2ldLl9eXHp18sXF5YUX6p6pgPPSTXYf/eTSx1dO5P/7VpV/4OLq5//JuY1v+9sHrbpHA4zFHdWqn//J51bvj/xD48g/NJf8Q3PJPzSX/ENzyT80l/zDBdb5+8PyD80l/9Bc8g/NdTz/AECz9C7V/QQyUJe65x8AAAAAAAAAAAAAAAAAAOC09Ynt+aNlXDU/eyfZfyRJe1j91uD3iJMbB38v/1z0m/2hqLqN5Nm7RjzBiD6o+enrm76rt/7nd9Zbf3UhWXs9ybV2+/T9Vxzef//dzWcc7zw/YoF/qTix//BT461/0m8b9daf2Uk+7c8/14bNP2VuG6yHzz/ds79i+Uyv/DriCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABib3wMAAP//+kBtTA==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101842, 0x11)
r1 = openat(0xffffffffffffff9c, 0x0, 0x101042, 0x15)
pwrite64(r1, &(0x7f0000000140)='2', 0xfdef, 0xe7c)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000005c0))

20m45.202111897s ago: executing program 1 (id=889):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39dcdb)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
close(r2)
r4 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x1a1)
fcntl$setlease(r4, 0x400, 0x1)
execve(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)

20m43.299156859s ago: executing program 1 (id=895):
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r0, &(0x7f0000000140)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000780)=ANY=[@ANYBLOB="40000000100039040000", @ANYRES32=r1, @ANYBLOB="01980000000000002000128008000100677265001400028008000100", @ANYRES32=r1], 0x40}}, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000000c0)=@newlink={0x38, 0x10, 0x439, 0xfffffffa, 0x0, {0x0, 0x0, 0x0, r1}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @gre={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_LOCAL={0x8, 0x6, @dev={0xac, 0x14, 0x14, 0x32}}]}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40080d5}, 0x0)

20m42.95050288s ago: executing program 1 (id=898):
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000200)={[{@nodelalloc}, {@norecovery}, {@minixdf}]}, 0x1, 0x4fa, &(0x7f0000000ac0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
r0 = creat(&(0x7f00000001c0)='./file1\x00', 0x0)
write$binfmt_elf64(r0, &(0x7f0000000080)=ANY=[], 0xfd14)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000))

20m41.339721835s ago: executing program 1 (id=907):
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000200)='./bus\x00', 0x1400c, &(0x7f0000000680)={[{@test_dummy_encryption}, {@init_itable}, {@noload}]}, 0x3, 0x470, &(0x7f0000001240)="$eJzs3MtvG1UXAPAzkzj98qUloZRXyyNQEBWPpGkLdMECEEgsioQEC1haSVqVpi1qjESrSKQsygohJPaIJf8CK9ggxAqJLexRpQp1Q8vKaOyZxHZsp2nsuMW/n+T23Hn43uOZa9+ZayeAoTWd/ZNE7I6I3yNisl5s3mC6/t+N6yvzN6+vzCdRrb77V1Lb7u/rK/PFpsV+E42FSOJAm3qXL146U15aWryQl2crZz+aXb546YXTZ8unFk8tnjty/Pixo3Mvv3TkxZ7kORFpHr31wVdvn/iiKf+WPHpkutvKp6vVHlc3WHsa4tEBtoOtGcmPV6nW/ydjpOHoTcabn60VPh1QA4G+qVar1YnOq1erwH9YEs1lXR6GRfFBX1z/trsOfrVvo4/Bu/Za/QIoy/tG/qivGV27Y1Bqub7tpemIeH/1n2+yR/TnPgQAQJMfsvHP89loZ2U+G3usjz/SeKBhu3vyuaGpiLg3IvZGxH1xLvZFxP0RtW0fjIiHtlh/6yTJxvFPevW2ErtF2fjvlXxuq3n8V4z+YmokL+2p5V9KTp5eWjycvyaHorQrK891qePHN377stO6xvFf9sjqL8aCeTuuju5q3mehXClvJ+dG1y5H7B9tl3+yNhOQRMTDEbG/3ROkm9dx+tnvHum0bvP8u+jBRFP124hn6sd/NVryLyTd5ydn/xdLi4dni7Nio19+vfJOp/q3lX8PZMf//23P/7X8p5LG+drlrddx5Y/PO17TTJfyYAvn/2q5Uh5L3qvFY/myT8qVyoW5iLHkRL3RjcuPrO9blIvts/wPHWzf//fG+itxICKyk/jRiHgsIh7Pj90TEfFkRBzskv/Prz/1Yeuy8SL/O+D4L2zp+K8HY9G6pH0wcuan75sqnVoP8/xvdn//O1aLDuVLbuX971badXtnMwAAANx90ojYHUk6sxan6cxM/Tv8+yLSpfPLledOnv/43EL9NwJTUUqLO12TDfdD5/LL+nr5ckTUv1pQrD8aae2+8dcj47XyzPz5pYVBJw9DbqJD/8/8OTLo1gF95wdbMLz0fxheXft/aefaAey8Df2/a5/f1de2ADurzef/+CDaAey8duN/f+8HhkNL/zftB0PE/X8YXvo/DC/9H4bS8nhs/iP5rkHxTLe5+2bBZMR2WziYIEp3RDP6FkTa9yrG+ntq9S1I7sI2bwgG954EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQS/8GAAD//3hZ0MA=")
syz_emit_ethernet(0x4e, &(0x7f0000000840)={@random="7f93b6f6d0d1", @local, @void, {@ipv4={0x800, @tipc={{0x6, 0x4, 0x2, 0x7, 0x40, 0x64, 0x0, 0x1, 0x6, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @dev={0xac, 0x14, 0x14, 0x2b}, {[@noop, @generic={0x83, 0x2}]}}, @payload_named={{{{{0x28, 0x0, 0x0, 0x1, 0x1, 0xa, 0x1, 0x2, 0x5, 0x0, 0x0, 0x0, 0x1, 0x2, 0x4, 0xf31a, 0x1, 0x4e21, 0x4004e24}, 0x4}, 0x3, 0x2}}}}}}}, 0x0)
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x2081413, 0x0, 0x1, 0x0, &(0x7f0000000080))
chdir(&(0x7f00000000c0)='./bus\x00')
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000040)='./bus\x00', 0x3010009, 0x0, 0x1, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x4, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000440)={0x3, &(0x7f00000003c0)=[{0x8d, 0x7, 0x0, 0x2}, {0x8, 0x4f, 0x6, 0x9}, {0x1, 0xc2, 0x8, 0x120f}]})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000840)=@abs={0x0, 0x0, 0x4e20}, 0x9)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)={0x1c, 0x0, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4008084}, 0x0)
sendmsg$NL80211_CMD_SET_CHANNEL(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000040)={0x38, 0x0, 0x200, 0x2, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x1, 0x45}}}}, [@NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x7}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x16f3}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xf}]}, 0x38}}, 0x45)
request_key(&(0x7f0000000180)='user\x00', &(0x7f0000000200)={'syz', 0x3}, &(0x7f0000000280)='\xa9\x1c)\x00', 0xfffffffffffffffd)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
mount$overlay(0x0, &(0x7f0000000400)='./bus\x00', &(0x7f0000000b80), 0x200008, &(0x7f0000000380)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})

20m37.410424075s ago: executing program 1 (id=921):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x4e24, @loopback}, 0x10)
sendmmsg$inet(r0, &(0x7f00000005c0)=[{{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000003c80)="f50c", 0x2}], 0x1}}], 0x1, 0x8011)
recvmmsg(r0, &(0x7f000000a400)=[{{0x0, 0x0, 0x0}, 0x40}], 0x1, 0x10120, 0x0)
shutdown(r0, 0x1)

20m30.877647161s ago: executing program 1 (id=942):
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
sendmsg$can_bcm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1/file0\x00', 0x0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000280)='./file1/file0\x00', 0x0, 0x1085408, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f00000003c0), 0x0, &(0x7f00000004c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1/file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000001c0)='./bus\x00')
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='blkio.bfq.sectors_recursive\x00', 0x275a, 0x0)
setuid(0xee01)
ioctl$FS_IOC_RESVSP(r0, 0xc0189436, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x2, 0x3})

20m28.28472587s ago: executing program 35 (id=942):
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
sendmsg$can_bcm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1/file0\x00', 0x0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000280)='./file1/file0\x00', 0x0, 0x1085408, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f00000003c0), 0x0, &(0x7f00000004c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1/file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000001c0)='./bus\x00')
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='blkio.bfq.sectors_recursive\x00', 0x275a, 0x0)
setuid(0xee01)
ioctl$FS_IOC_RESVSP(r0, 0xc0189436, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x2, 0x3})

8m3.667054718s ago: executing program 7 (id=5587):
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, 0x0, 0x0)
sendmmsg(r0, &(0x7f0000005000)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f00000000c0)="83af", 0x2}], 0x1}}], 0x1, 0xc044)

8m3.428127742s ago: executing program 7 (id=5590):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'syz_tun\x00', <r1=>0x0})
bind$packet(r0, &(0x7f0000000300)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @remote}, 0x14)
r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ptype\x00')
r3 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
bind$packet(r3, &(0x7f0000000000)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @link_local}, 0x14)
preadv(r2, &(0x7f00000001c0)=[{&(0x7f0000000500)=""/212, 0xd4}], 0x1, 0x1a, 0x0)

8m3.198524785s ago: executing program 7 (id=5595):
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$inet6_IPV6_DSTOPTS(0xffffffffffffffff, 0x29, 0x3b, 0x0, 0x8)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x3a, 0x0, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_UNLABEL_C_STATICADDDEF(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[], 0x44}, 0x1, 0x1000000}, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x89f9, &(0x7f0000000000)={'veth1_to_bond\x00', @random="faff61000600"})
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a30000000006c000000160a01020000000000000000010000000900010073797a30000000000900020073797a3000000000400003802c00038004000100766c616e31000000000000000000000014000100776c616e3100000000000000000000000800014000000000080002"], 0xfc}}, 0x0)
r3 = socket(0x10, 0x3, 0xc)
write(r3, &(0x7f0000000040)="effd00001000ff00fd4344c007110000f3050a00dbfd010000000001ffdf00", 0xfe00)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=ANY=[], 0x64}}, 0x0)

8m2.946747935s ago: executing program 7 (id=5597):
ioctl$KDGKBTYPE(0xffffffffffffffff, 0x4b33, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, 0x0)
chdir(&(0x7f0000000080)='./file1\x00')
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
faccessat2(0xffffffffffffffff, 0x0, 0xb1, 0x700)
setpgid(r0, 0x0)
setpgid(0x0, r0)
mount$9p_fd(0x0, 0x0, 0x0, 0x200000, 0x0)
mkdir(0x0, 0x0)
mount$afs(0x0, 0x0, 0x0, 0x88, 0x0)
r1 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
ioctl$AUTOFS_IOC_READY(r1, 0x9360, 0x800000000000001)

8m1.735823214s ago: executing program 7 (id=5604):
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000040)="4dc07f94", 0x4)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x10, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0, 0x24}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x2ba)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c0000001000850619fbb7c75150926b00000000", @ANYRES32=r3, @ANYBLOB="fe000000000000001c0012000c000100626f6e64000000000c0002000800010004"], 0x3c}}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x1, 0x803, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="540000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800e0001006970366772657461700000001800028014000700fc00000000000000000000000000000008000a00", @ANYRES32=r6], 0x54}}, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
r8 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="200000001000250800170000000000000a000000", @ANYRES32=r9, @ANYBLOB="01"], 0x20}}, 0x0)
getsockname$packet(r2, &(0x7f0000000340)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0xa)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000500)=ANY=[@ANYBLOB="500000001000110f00"/20, @ANYRES32=0x0, @ANYBLOB="040100000000000028001280090001007665746800000000180002801400010000000000", @ANYRES32=0x0, @ANYBLOB=' \x00\x00\x00 \x00\x00\x00\b\x00\n\x00', @ANYRES32=r10], 0x50}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

8m1.156304683s ago: executing program 7 (id=5607):
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f0000000040)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb1000000001"], 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000180)={{0x12, 0x1, 0x0, 0xc8, 0x54, 0x9b, 0x40, 0x2c7c, 0x30e, 0x8128, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xff, 0x18, 0xd4}}]}}]}}, 0x0)
syz_usb_control_io$cdc_ecm(r0, &(0x7f0000000180)={0x14, 0x0, &(0x7f0000001200)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xc38, &(0x7f0000000080)=ANY=[])

8m0.558839216s ago: executing program 36 (id=5607):
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f0000000040)=ANY=[@ANYBLOB="120100005520f010402038b1420104000001090238000100000000090400000371055900090582eb1000000001"], 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000180)={{0x12, 0x1, 0x0, 0xc8, 0x54, 0x9b, 0x40, 0x2c7c, 0x30e, 0x8128, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xff, 0x18, 0xd4}}]}}]}}, 0x0)
syz_usb_control_io$cdc_ecm(r0, &(0x7f0000000180)={0x14, 0x0, &(0x7f0000001200)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xc38, &(0x7f0000000080)=ANY=[])

21.052369198s ago: executing program 8 (id=7760):
bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[], 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'gre0\x00', &(0x7f0000000380)={'sit0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x24, 0x4, 0x0, 0x0, 0x90, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @rand_addr, {[@timestamp={0x44, 0x1c, 0xff, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @timestamp_prespec={0x44, 0x34, 0x0, 0x3, 0x0, [{@multicast2}, {@empty}, {@broadcast, 0x10001}, {@empty}, {@multicast1}, {@private}]}, @rr={0x7, 0x23, 0xfe, [@remote, @empty, @dev={0xac, 0x14, 0x14, 0x34}, @multicast1, @remote, @dev, @initdev={0xac, 0x1e, 0x1, 0x0}, @rand_addr=0x64010100]}, @noop, @lsrr={0x83, 0x3}, @generic={0x0, 0x2}]}}}}})
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r0, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000100)=ANY=[@ANYBLOB="dc01c6ba1cdcc12519250000000000007f007101001300000000000000000000000000000000000000000000000000000000000000dce600000000000000", @ANYRES32=0x0, @ANYBLOB="200100000000000000000000000000020000000032000000fe8000000000000000000000000000bb00"/168], 0x1dc}}, 0x0)
r1 = syz_io_uring_setup(0x24fa, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
write$UHID_CREATE2(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[@ANYBLOB='2'], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_READ_FIXED={0x4, 0x0, 0x0, @fd_index=0x1})
io_uring_enter(r1, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

20.629615972s ago: executing program 8 (id=7762):
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r0, &(0x7f0000000140)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="400000001000390400"/20, @ANYRES32=r1, @ANYBLOB="01980000000000002000128008000100677265001400028008000100", @ANYRES32=r1], 0x40}, 0x1, 0x0, 0x0, 0x4014}, 0x0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=@newqdisc={0x58, 0x24, 0x5820a61ca228659, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {0x0, 0x9}, {0xffff, 0xffff}, {0x0, 0x7}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x5, 0x7, 0x9, 0x200, 0x6, 0x500, 0x7, 0x398, 0x620b}}}}]}, 0x58}}, 0x800)
r4 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r4, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
sendmsg$nl_route_sched(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000b40)=@newtfilter={0x24, 0x29, 0xd27, 0x1004001, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0x9}, {}, {0x2, 0xb}}}, 0x24}, 0x1, 0x0, 0x0, 0x810}, 0x48c0)

18.492718952s ago: executing program 8 (id=7766):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000004c0)='setgroups\x00')
getpgrp(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000001700)=0x4)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}]}, @NFT_MSG_NEWRULE={0x64, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x3c, 0x4, 0x0, 0x1, [{0x38, 0x1, 0x0, 0x1, @dynset={{0xb}, @val={0x28, 0x2, 0x0, 0x1, [@NFTA_DYNSET_SET_NAME={0x9, 0x1, 'syz2\x00'}, @NFTA_DYNSET_FLAGS={0x8}, @NFTA_DYNSET_OP={0x8}, @NFTA_DYNSET_SREG_KEY={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xd8}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c00000021000f0000f901000000000002"], 0x1c}}, 0x8000)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_procs(r7, &(0x7f00000000c0)='cgroup.threads\x00', 0x2, 0x0)
socket$unix(0x1, 0x2, 0x0)
writev(r0, &(0x7f0000003740)=[{0x0}], 0x1)
r8 = socket$kcm(0xa, 0x2, 0x73)
acct(0x0)
sendmsg$inet(r8, &(0x7f0000001180)={0x0, 0x0, 0x0}, 0x0)

17.309254233s ago: executing program 8 (id=7768):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xb, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

17.200477853s ago: executing program 8 (id=7771):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x2000c10, &(0x7f00000002c0)={[{@sysvgroups}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x4000}}, {@usrjquota}, {@acl}, {@grpjquota}]}, 0xff, 0x23f, &(0x7f0000000540)="$eJzs3T1oLFUYBuB3Zne95t5FrtoI4g+IiAbCtRNsYqMQkBBEBBUiIjZKIsQEu8TKxkJrlVQ2QeyMlpIm2CiCVdQUsRE0WBgstFiZnURisuLPxh1xngdmZ2b3nPnOMPOe3WbYAK11Nclskk6S6SS9JMXpBnfWy9Xj3c2p3cVkMHjsh2LYrt6vnfS7kmQjyQNJdsoiL3STte2nDn7ae+Se11d7d7+7/eTURE/y2OHB/qNH78y/9sHc/WufffHdfJHZ9H93XhevGPFet0hu+jeK/UcU3aZHwF+x8Mr7X1a5vznJXcP891KmvnhvrFy308t9b/9R3ze///zWSY4VuHiDQa/6DtwYAK1TJumnKGeS1NtlOTNT/4b/qnO5fHF55eXp55dXl55reqYCLko/2X/4o0sfXjmT/287df6B/68q/48vbH1dbR91mh4NMBG31asq/9PPrN8b+YfWkX9oL/mH9pJ/aC/5h/aSf2gv+Yf2kn9oL/mH9pJ/aK/T+QcA2mVwqeknkIGmND3/AAAAAAAAAAAAAAAAAAAA521O7S6eLJOq+clbyeFDSbqj6neG/0ecXD98vfxjUTX7TVF3G8vTd4x5gDG91/DT1zd802z9T29vtv76UrLxapJr3e75+684vv/+uRv/5PPes2MW+JuKM/sPPjHZ+mf9stVs/bm95ONq/rk2av4pc8twPXr+6VfXb8z6L/085gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYmF8DAAD//xFQbUc=")
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xb2570000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x2000000}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000001c0)='sched_switch\x00', r4}, 0xe)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bind$tipc(0xffffffffffffffff, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41, 0x0, 0x40000}}, 0x10)
socket$tipc(0x1e, 0x5, 0x0)
add_key$keyring(&(0x7f0000000040), &(0x7f0000000340)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)
request_key(&(0x7f0000000400)='keyring\x00', &(0x7f0000000480)={'syz', 0x1}, 0x0, 0x0)

13.457623744s ago: executing program 8 (id=7779):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000004c0)='setgroups\x00')
getpgrp(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000001700)=0x4)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}]}, @NFT_MSG_NEWRULE={0x64, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x3c, 0x4, 0x0, 0x1, [{0x38, 0x1, 0x0, 0x1, @dynset={{0xb}, @val={0x28, 0x2, 0x0, 0x1, [@NFTA_DYNSET_SET_NAME={0x9, 0x1, 'syz2\x00'}, @NFTA_DYNSET_FLAGS={0x8}, @NFTA_DYNSET_OP={0x8}, @NFTA_DYNSET_SREG_KEY={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xd8}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c00000021000f0000f901000000000002"], 0x1c}}, 0x8000)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_procs(r7, &(0x7f00000000c0)='cgroup.threads\x00', 0x2, 0x0)
socket$unix(0x1, 0x2, 0x0)
writev(r0, &(0x7f0000003740)=[{0x0}], 0x1)
r8 = socket$kcm(0xa, 0x2, 0x73)
acct(0x0)
sendmsg$inet(r8, &(0x7f0000001180)={0x0, 0x0, 0x0}, 0x0)

13.115044954s ago: executing program 9 (id=7781):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000380)={0x2, 0x4e21, @rand_addr=0x64010102}, 0x10)

12.7837175s ago: executing program 9 (id=7782):
r0 = memfd_create(&(0x7f00000006c0)='\x00\xac=\x9d\xd2\xdb\xe6\xbf\xb4\xf2\xed\x04\x00\x00\x00\xd4N\x12\x9b\x1f\t\xd1Z+\x86T\x16\xf8\x01\x00\x00\x00\x9f+\x8d!\x0fG\xab\xc2\xdc\xa3\xb3\xae8\x9f9?\xefo\xa4k\x01\xb2>\xa1\x9c\x86xm\xe6\x9bZ4\x91\x1a\xdb\xdd\x89\xb9\xc0LF;\xd6\x84\x195\x06\x00\x00\x00~\xf3S\x12\"p^\xc1jP\x8a\xc6[\xbd\xe7q]\xdd\r\x1aZS\x01*\x1b\xfd\xbcMA\xdcq\xa1\x00\xb3\xf9\x91r\x7f\xdc\xf1\xc3G,\xdb\xccS\x15\x95b\x17\xab\xe4?\x96\x95\xa4kP\x99YO\xb8V\xd5p\x90X\xaaf', 0x0)
fallocate(r0, 0x0, 0x3, 0x2)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000002140)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB="00e2db00002100000000000000000000007d2a07b4078303e75e1ca99de237a8e67a253ba3248a8725e8000000d4e804a5b67a2630cbd439c561d6a016d04a4d2665026726bc8e4ec8358d9f02a1de78646618510e298fdadd0e9145543f12f0b46fce58dd09088fb72463a48df7f8ca78f080d6f5994bd004e991c1e51f5191ace7ea13b017440e000000000000001000000000f60bcbf9c8ccd710ec3a7668124a0ec1f8bdb1c5ca7d2f4a88a1259b14291c5dfdd87bdc7b3bf710c2d7a5a3fb5b3182328ffb54649ccc5e11a32d3ef0a484", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
r1 = socket(0x1, 0x5, 0x0)
close(0x3)
openat$rtc(0xffffff9c, &(0x7f0000000040), 0x2a00, 0x0)
r2 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000500)={0xe000200c})
epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r1, &(0x7f00000001c0)={0x80000002})
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
syz_genetlink_get_family_id$team(0x0, 0xffffffffffffffff)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x50)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
unshare(0x28020480)
r3 = gettid()
timer_create(0x0, &(0x7f00000001c0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = mq_open(&(0x7f0000000040)='!se\xf7ih,\x17i\xacP\xe6lNnuxselinux\x00', 0x6e93ebbbcc0884f2, 0x2, &(0x7f0000000300)={0x0, 0x1, 0x6})
mq_timedsend(r4, 0x0, 0x0, 0x0, 0x0)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x1)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000006c0f00000a"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r6}, 0x10)
pipe2$9p(&(0x7f0000001900)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff}, 0x0)
r9 = dup(r8)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r7}, 0x2c, {'wfdno', 0x3d, r9}, 0x2c, {[], [], 0x6b}})

11.177538378s ago: executing program 9 (id=7790):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x2000c10, &(0x7f00000002c0)={[{@sysvgroups}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x4000}}, {@usrjquota}, {@acl}, {@grpjquota}]}, 0xff, 0x23f, &(0x7f0000000540)="$eJzs3T1oLFUYBuB3Zne95t5FrtoI4g+IiAbCtRNsYqMQkBBEBBUiIjZKIsQEu8TKxkJrlVQ2QeyMlpIm2CiCVdQUsRE0WBgstFiZnURisuLPxh1xngdmZ2b3nPnOMPOe3WbYAK11Nclskk6S6SS9JMXpBnfWy9Xj3c2p3cVkMHjsh2LYrt6vnfS7kmQjyQNJdsoiL3STte2nDn7ae+Se11d7d7+7/eTURE/y2OHB/qNH78y/9sHc/WufffHdfJHZ9H93XhevGPFet0hu+jeK/UcU3aZHwF+x8Mr7X1a5vznJXcP891KmvnhvrFy308t9b/9R3ze///zWSY4VuHiDQa/6DtwYAK1TJumnKGeS1NtlOTNT/4b/qnO5fHF55eXp55dXl55reqYCLko/2X/4o0sfXjmT/287df6B/68q/48vbH1dbR91mh4NMBG31asq/9PPrN8b+YfWkX9oL/mH9pJ/aC/5h/aSf2gv+Yf2kn9oL/mH9pJ/aK/T+QcA2mVwqeknkIGmND3/AAAAAAAAAAAAAAAAAAAA521O7S6eLJOq+clbyeFDSbqj6neG/0ecXD98vfxjUTX7TVF3G8vTd4x5gDG91/DT1zd802z9T29vtv76UrLxapJr3e75+684vv/+uRv/5PPes2MW+JuKM/sPPjHZ+mf9stVs/bm95ONq/rk2av4pc8twPXr+6VfXb8z6L/085gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYmF8DAAD//xFQbUc=")
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xb2570000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x2000000}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000001c0)='sched_switch\x00', r4}, 0xe)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bind$tipc(0xffffffffffffffff, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41, 0x0, 0x40000}}, 0x10)
socket$tipc(0x1e, 0x5, 0x0)
add_key$keyring(&(0x7f0000000040), &(0x7f0000000340)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)
request_key(&(0x7f0000000400)='keyring\x00', &(0x7f0000000480)={'syz', 0x1}, 0x0, 0x0)

10.171667304s ago: executing program 4 (id=7795):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000240), r0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
sendmsg$IEEE802154_LIST_PHY(r0, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000a00)={&(0x7f00000005c0)={0x14, r1, 0x30b, 0x70bd27, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x4000804}, 0x20000004)

9.306082371s ago: executing program 4 (id=7798):
r0 = socket$netlink(0x10, 0x3, 0x10)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0xe)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x3, 0x10, &(0x7f0000000740)=ANY=[@ANYBLOB, @ANYBLOB='\x00\x00\x00\x00'], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x75b08000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'bridge0\x00'})
sendmmsg$inet(r3, 0x0, 0x0, 0x2000c044)
syz_emit_ethernet(0x84, &(0x7f0000000100)={@multicast, @empty, @val={@val={0x88a8, 0x0, 0x0, 0x2}}, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "5f1060", 0x46, 0x2f, 0x0, @private0, @mcast2, {[], {{0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x1, 0x8100, 0x0, 0x0, [0xfffb]}, {0x0, 0x0, 0x0, 0x0, 0x100}, {}, {0x8, 0x88be, 0x86ddffff}, {0x8, 0x22eb, 0x0, {{0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x7}}}}}}}}}, 0x0)
setsockopt$sock_int(r0, 0x1, 0x21, &(0x7f0000000000)=0xfffffffe, 0x4)
r5 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000600)=ANY=[@ANYBLOB="180000000002000000000000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000001000000850000008600"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000000)='kmem_cache_free\x00', r6}, 0x18)
syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r0)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000000c0)={'syz_tun\x00', &(0x7f0000000040)=@ethtool_link_settings={0x2, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x20, 0x8, [0x0, 0x0, 0x0, 0xc, 0x5, 0x0, 0x0, 0x2]}})

9.255018374s ago: executing program 6 (id=7800):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
getpid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000700)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000280)={0x0, 0xffffffffffffffff, 0x0, 0x14, &(0x7f00000001c0)='\x00'}, 0x11)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x18)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000540), 0x1, 0x4a3, &(0x7f0000000580)="$eJzs3c1rXOUaAPBnZpo0SXNvP+7l0vbCbaEXej9oJh9IE3XjSl0UxIIbhRqTaayZZEJmUpvQRaq7LlyIoiAu3PsXuLEriyCudS8upKI1ggrCyDkzk+Zr4qBpBnJ+Pzid95z3dJ73zfC8nHnPOXMCyKyzyT+5iMGI+DwijjZWN+9wtvGydv/mVLLkol6//F0u3S9Zb+3a+n9HImI1Ivoi4tknI17KbY9bXV6ZnSyXS4vN9WJtbqFYXV65cG1ucqY0U5ofGb84MTE+PDY6sWd9vf3GK7cvffR074c/vX7v7puffJw0a7BZt7Efe6nR9Z44vmHboYh4/GEE64JCsz/93W4If0jy+f0tIs6l+X80CumnCWRBvV6v/1o/3K56tQ4cWPn0GDiXH4qIRjmfHxpqHMP/PQby5Uq19v+rlaX56cax8rHoyV+9Vi4NN78rHIueXLI+kpYfrI9uWR+LSI+B3yr0p+tDU5Xy9P4OdcAWR7bk/4+FRv4DGeErP2SX/Ifskv+QXfIfskv+Q3bJf8gu+Q/ZJf8hu+Q/ZJf8h+yS/5BJz1y6lCz11v3v09eXl2Yr1y9Ml6qzQ3NLU0NTlcWFoZlKZSa9Z2fu996vXKksjDwSSzeKtVK1Vqwur1yZqyzN166k9/VfKfXsS6+AThw/c+fLXESsPtqfLoneZp1chYOtXs9Ft+9BBrqj0O0BCOgaU3+QXb7jAzv8RO8mfe0qFva+LcD+yHe7AUDXnD/l/B9klfl/yC7z/5BdjvEB8/+QPeb/IbsG2zz/6y8bnt01HBF/jYgvCj2HW8/6Ag6C/De55vH/+aP/Htxa25v7OT1F0BsRr753+Z0bk7Xa4kiy/fv17bV3m9tHu9F+oFOtPG3lMQCQXWv3b061lv2M++0TjYsQtsc/1Jyb7EvPUQ6s5TZdq5Dbo2sXVm9FxMmd4ueazztvnPkYWCtsi3+i+ZprvEXa3kPpc9P3J/6pDfH/tSH+6T/9V4FsuJOMP8M75V8+zelYz7/N48/gHl070X78y6+Pf4U249+ZDmO8/P5rX7eNfyvi9I7xW/H60lhb4ydtO99h/HsvPPePdnX1Dxrvs1P8lqRUrM0tFKvLKxfS35GbKc2PjF+cmBgfHhudKKZz1MXWTPV2j5387O5u/R9oE3+3/ifb/tth/3/556fPn90l/n/O7fz5n9glfn9E/K/D+D+MfvViu7ok/nSb/ud3iZ9sG+swfvXtpw53uCsAsA+qyyuzk+VyaVFBQUFhvdDtkQl42B4kfbdbAgAAAAAAAAAAAHRqPy4n7nYfAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOgt8CAAD//1kn1ls=")
open(&(0x7f00000001c0)='./file1\x00', 0x14927e, 0x20)

8.089293041s ago: executing program 4 (id=7802):
r0 = memfd_create(&(0x7f00000006c0)='\x00\xac=\x9d\xd2\xdb\xe6\xbf\xb4\xf2\xed\x04\x00\x00\x00\xd4N\x12\x9b\x1f\t\xd1Z+\x86T\x16\xf8\x01\x00\x00\x00\x9f+\x8d!\x0fG\xab\xc2\xdc\xa3\xb3\xae8\x9f9?\xefo\xa4k\x01\xb2>\xa1\x9c\x86xm\xe6\x9bZ4\x91\x1a\xdb\xdd\x89\xb9\xc0LF;\xd6\x84\x195\x06\x00\x00\x00~\xf3S\x12\"p^\xc1jP\x8a\xc6[\xbd\xe7q]\xdd\r\x1aZS\x01*\x1b\xfd\xbcMA\xdcq\xa1\x00\xb3\xf9\x91r\x7f\xdc\xf1\xc3G,\xdb\xccS\x15\x95b\x17\xab\xe4?\x96\x95\xa4kP\x99YO\xb8V\xd5p\x90X\xaaf', 0x0)
fallocate(r0, 0x0, 0x3, 0x2)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000002140)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=0x0, @ANYBLOB="00e2db00002100000000000000000000007d2a07b4078303e75e1ca99de237a8e67a253ba3248a8725e8000000d4e804a5b67a2630cbd439c561d6a016d04a4d2665026726bc8e4ec8358d9f02a1de78646618510e298fdadd0e9145543f12f0b46fce58dd09088fb72463a48df7f8ca78f080d6f5994bd004e991c1e51f5191ace7ea13b017440e000000000000001000000000f60bcbf9c8ccd710ec3a7668124a0ec1f8bdb1c5ca7d2f4a88a1259b14291c5dfdd87bdc7b3bf710c2d7a5a3fb5b3182328ffb54649ccc5e11a32d3ef0a484", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
r1 = socket(0x1, 0x5, 0x0)
close(0x3)
openat$rtc(0xffffff9c, &(0x7f0000000040), 0x2a00, 0x0)
r2 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000500)={0xe000200c})
epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r1, &(0x7f00000001c0)={0x80000002})
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
syz_genetlink_get_family_id$team(0x0, 0xffffffffffffffff)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x50)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
unshare(0x28020480)
r3 = gettid()
timer_create(0x0, &(0x7f00000001c0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
mq_open(&(0x7f0000000040)='!se\xf7ih,\x17i\xacP\xe6lNnuxselinux\x00', 0x6e93ebbbcc0884f2, 0x2, &(0x7f0000000300)={0x0, 0x1, 0x6})
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x1)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000006c0f00000a"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r5}, 0x10)
pipe2$9p(&(0x7f0000001900)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x0)
r8 = dup(r7)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r6}, 0x2c, {'wfdno', 0x3d, r8}, 0x2c, {[], [], 0x6b}})

7.736103916s ago: executing program 5 (id=7803):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x6c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x40, 0x4, 0x0, 0x1, [{0x3c, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_TYPE={0x5, 0x2, 0x17}, @NFTA_EXTHDR_LEN={0x8, 0x4, 0x1, 0x0, 0x1}, @NFTA_EXTHDR_FLAGS={0x8, 0x6, 0x1, 0x0, 0x2}, @NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0x13}, @NFTA_EXTHDR_OFFSET={0x8, 0x3, 0x1, 0x0, 0x18}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x94}}, 0x0)

7.719195588s ago: executing program 4 (id=7804):
r0 = syz_io_uring_setup(0x83d, &(0x7f0000000500)={0x0, 0xfc1a, 0x80, 0x2, 0x3cf}, &(0x7f0000000300)=<r1=>0x0, &(0x7f0000000440)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000600)=@IORING_OP_LINKAT={0x27, 0x1a, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffff, 0x1400, 0x1})
io_uring_enter(r0, 0x3516, 0x8000000, 0x0, 0x0, 0x0)

7.557502952s ago: executing program 5 (id=7805):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = openat$sndtimer(0xffffffffffffff9c, 0x0, 0x101343)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
ioctl$SNDRV_TIMER_IOCTL_PVERSION(r0, 0x400454a4, &(0x7f00000000c0))

7.526942747s ago: executing program 9 (id=7806):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xffff, 0x20000000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x7b53a000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000380)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
mlock(&(0x7f0000c00000/0x400000)=nil, 0x400000)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000002c0), r3)
sendmsg$IEEE802154_LLSEC_LIST_KEY(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)={0x14, r4, 0x325, 0x70bf27}, 0x14}, 0x1, 0x0, 0x0, 0x10004}, 0x8000)

7.41201964s ago: executing program 4 (id=7807):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r0}, 0x10)
syz_open_dev$usbfs(&(0x7f0000000000), 0x20000007d, 0x0)
r1 = socket(0x10, 0x803, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0x7}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0xfffd}}}]}, 0x38}}, 0x0)
r5 = socket(0x400000000010, 0x3, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
sendmsg$nl_route_sched(r5, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000680)=@newtfilter={0x8c, 0x2c, 0xd27, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0x5, 0xfff3}, {}, {0x7}}, [@filter_kind_options=@f_matchall={{0xd}, {0x58, 0x2, [@TCA_MATCHALL_ACT={0x54, 0x2, [@m_skbedit={0x50, 0x1, 0x0, 0x0, {{0xc}, {0x24, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x6fe2}, @TCA_SKBEDIT_PARMS={0x18, 0x2, {0xb380, 0x4, 0x0, 0x4, 0x6}}]}, {0x4}, {0x28}, {0xc, 0x8, {0x2, 0x3}}}}]}]}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x40044051}, 0x4)

7.409466244s ago: executing program 5 (id=7808):
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x301c48a, &(0x7f0000004040)=ANY=[@ANYBLOB="757466383d302c73686f72746e616d653d77696e39352c696f636861727365743d63703836392c757466383d302c696f636861727365743d63703836362c696f636861727365743d63703733372c756e695f786c6174653d302c73686f72746e616d653d6d697865642c756e695f786c6174653d302c636f6465706167653d3836312c756e695f786c6174653d312c757466383d302c73686f72746e616d653d77696e39352c726f6469722c696f636861727365743d6d61637475726b6973682c6572726f72733d636f6e74696e75652c756e695f786c6174653d312c00e1d625f10b9ee0a39b75b922489840691b55fdd962d869c07e5720a738d425cd66a3c97ccd3f631568b5d6c3"], 0x6, 0x2d5, &(0x7f0000000980)="$eJzs3T+LHGUcB/Df7O3tTrTYLaxEcEALq5BLa7OHJCBeZdhCLfQwCcjtIiRw4B+cTWUl2FhY+AoEwRdi4zsQbAU7IwRGZnYmM5vbXPbk9sTc59PcM8883+f5zdxwO1fccx+9Mj+6ncXdB1/+FmmaRG8Sk3iYxDh60VgUS/nycPJtAAD/Zw+LIv6sP9/PkksiIt1eWQDAFm32+d9vmz9fSFkAwBbdeu/9d/YPDm68m2Vp3Jx/fTwtf7Mvvy7P79+NT2IWd+JajOJRRPWisBvV20LZvFkURd7PSuN4fZ4fT8vk/MNf6vn3/4io8nsxinHV9fhto8q/fXBjL1vq5POyjhfq9Sdl/nqM4qXH4ZX89TX5mA7ijdc69V+NUfz6cXwas7hdFdHmv9rLsreK7/764oOyvDKf5MfTYTWuVex0j65czLcHAAAAAAAAAAAAAAAAAAAAAIDn1NV675xhVPv3lF31/js7j8qD3cga49X9eZb5pJmouz9QURR5ET80++tcy7KsqAe2+X683O9uLAgAAAAAAAAAAAAAAAAAAACX1/3PPj86nM3u3DuXRrMbQD8i/r4V8W/nmXR6Xo3TBw/rNQ9ns17dXB3T7/bETjMmiTi1jPIizum2PKtx5UTNdePHnzaaJ4lY1D3psxfdXb/WeTaap+voMFl/D4fR9KT1Q/L9IKIdM4inLbFY7Rk8rYwizvL4DdaeGm0W/6a+2nKeF6uevDm1OJmK5InCkqQz5s3fl3PVPcmTVzGo7uq6MiJtGm18dUy60fMc6TJ+8mdFYrcOAAAAAAAAAAAAAAAAAADYqvavf9ecfHBqtFcMt1YWAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFyo9v//n6GR1+ENBg/i3v3/+BIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4BP4JAAD//47KXt4=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
socket$inet_tcp(0x2, 0x1, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10)
mkdir(&(0x7f00000001c0)='./cgroup\x00', 0x4)

6.216656497s ago: executing program 9 (id=7809):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={0x0}, 0x18)
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r2, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
r3 = syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000240)={'team0\x00', <r4=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000840)={0x58, r3, 0x1, 0x70bd2a, 0x25dfdbfc, {}, [{{0x8, 0x1, r4}, {0x3c, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0xfffbfff9}}}]}}]}, 0x58}, 0x1, 0x1000000, 0x0, 0x24004000}, 0x24040840)

6.032595388s ago: executing program 4 (id=7811):
r0 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000c00)={'team_slave_1\x00'})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
getpid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000740)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x2000c10, &(0x7f0000000400)={[{@sysvgroups}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x4000}}]}, 0xff, 0x23f, &(0x7f0000000540)="$eJzs3T1oLFUYBuB3Zne95t5FrtoI4g+IiAbCtRNsYqMQkBBEBBUiIjZKIsQEu8TKxkJrlVQ2QeyMlpIm2CiCVdQUsRE0WBgstFiZnURisuLPxh1xngdmZ2b3nPnOMPOe3WbYAK11Nclskk6S6SS9JMXpBnfWy9Xj3c2p3cVkMHjsh2LYrt6vnfS7kmQjyQNJdsoiL3STte2nDn7ae+Se11d7d7+7/eTURE/y2OHB/qNH78y/9sHc/WufffHdfJHZ9H93XhevGPFet0hu+jeK/UcU3aZHwF+x8Mr7X1a5vznJXcP891KmvnhvrFy308t9b/9R3ze///zWSY4VuHiDQa/6DtwYAK1TJumnKGeS1NtlOTNT/4b/qnO5fHF55eXp55dXl55reqYCLko/2X/4o0sfXjmT/287df6B/68q/48vbH1dbR91mh4NMBG31asq/9PPrN8b+YfWkX9oL/mH9pJ/aC/5h/aSf2gv+Yf2kn9oL/mH9pJ/aK/T+QcA2mVwqeknkIGmND3/AAAAAAAAAAAAAAAAAAAA521O7S6eLJOq+clbyeFDSbqj6neG/0ecXD98vfxjUTX7TVF3G8vTd4x5gDG91/DT1zd802z9T29vtv76UrLxapJr3e75+684vv/+uRv/5PPes2MW+JuKM/sPPjHZ+mf9stVs/bm95ONq/rk2av4pc8twPXr+6VfXb8z6L/085gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYmF8DAAD//xFQbUc=")
r5 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x81000)
openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
symlinkat(&(0x7f0000000440)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', r5, &(0x7f00000007c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

5.334391868s ago: executing program 5 (id=7813):
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x5, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec850000007d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000800)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x101, 0x0, 0x0, 0x41100, 0x59}, 0x94)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
r3 = open(&(0x7f0000000300)='./file0\x00', 0x145142, 0x102)
sendfile(r3, r3, 0x0, 0x800000009)

4.97322985s ago: executing program 5 (id=7814):
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000280), 0x800, 0x0)
ioctl$TCSETS2(r4, 0x402c542b, &(0x7f0000000300)={0x3, 0x19, 0xff7d, 0x4, 0x2, "501fe88fc2aa9677d426a819a92aaefe7d41cc", 0xb, 0x1})

4.856204531s ago: executing program 3 (id=7815):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, 0x0)
bind$can_raw(r0, &(0x7f00000001c0), 0x10)
recvmmsg(r0, &(0x7f0000000ac0)=[{{0x0, 0x0, &(0x7f0000000a00)=[{&(0x7f0000000400)=""/61, 0x3d}], 0x1}, 0x4}], 0x1, 0x40000002, 0x0)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r0, 0x65, 0x4, &(0x7f00000003c0)=0x1, 0x4)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000000)=0x6, 0x4)
sendmsg$can_raw(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=@can={{}, 0x0, 0x0, 0x0, 0x0, "0000000000000003"}, 0x10}, 0x1, 0x0, 0x0, 0x8001}, 0x20000000)

2.944229761s ago: executing program 3 (id=7816):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
open(&(0x7f0000000080)='./bus\x00', 0x143142, 0x0)
mount(&(0x7f0000000100), &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x0, &(0x7f0000000300)='trans=rdma,')

2.897371418s ago: executing program 5 (id=7817):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x2000c10, &(0x7f00000002c0)={[{@sysvgroups}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x4000}}, {@usrjquota}, {@acl}, {@grpjquota}]}, 0xff, 0x23f, &(0x7f0000000540)="$eJzs3T1oLFUYBuB3Zne95t5FrtoI4g+IiAbCtRNsYqMQkBBEBBUiIjZKIsQEu8TKxkJrlVQ2QeyMlpIm2CiCVdQUsRE0WBgstFiZnURisuLPxh1xngdmZ2b3nPnOMPOe3WbYAK11Nclskk6S6SS9JMXpBnfWy9Xj3c2p3cVkMHjsh2LYrt6vnfS7kmQjyQNJdsoiL3STte2nDn7ae+Se11d7d7+7/eTURE/y2OHB/qNH78y/9sHc/WufffHdfJHZ9H93XhevGPFet0hu+jeK/UcU3aZHwF+x8Mr7X1a5vznJXcP891KmvnhvrFy308t9b/9R3ze///zWSY4VuHiDQa/6DtwYAK1TJumnKGeS1NtlOTNT/4b/qnO5fHF55eXp55dXl55reqYCLko/2X/4o0sfXjmT/287df6B/68q/48vbH1dbR91mh4NMBG31asq/9PPrN8b+YfWkX9oL/mH9pJ/aC/5h/aSf2gv+Yf2kn9oL/mH9pJ/aK/T+QcA2mVwqeknkIGmND3/AAAAAAAAAAAAAAAAAAAA521O7S6eLJOq+clbyeFDSbqj6neG/0ecXD98vfxjUTX7TVF3G8vTd4x5gDG91/DT1zd802z9T29vtv76UrLxapJr3e75+684vv/+uRv/5PPes2MW+JuKM/sPPjHZ+mf9stVs/bm95ONq/rk2av4pc8twPXr+6VfXb8z6L/085gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYmF8DAAD//xFQbUc=")
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xb2570000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x2000000}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000001c0)='sched_switch\x00', r4}, 0xe)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bind$tipc(0xffffffffffffffff, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41, 0x0, 0x40000}}, 0x10)
socket$tipc(0x1e, 0x5, 0x0)
add_key$keyring(&(0x7f0000000040), &(0x7f0000000340)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)
request_key(&(0x7f0000000400)='keyring\x00', &(0x7f0000000480)={'syz', 0x1}, 0x0, 0x0)

2.764081219s ago: executing program 3 (id=7818):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = getpid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
sendmsg$unix(r0, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000009c0)="ec663189d3348bf13f872a468352b72482b5b2b364a29c6f0f2c4e741bf6457d1418455e157253231681a3889f39b3da6b60dbe404cb9a145d0d49cfd1668a32b96ff302975748993a8a534144d211c681ff3d91ffa436d40b9afe648ec8bde2f7553fb5d3f3b8423873903abd024284bfd01511c149b6101851f7aae4675df76e7d32d7b91659e4adcc14ddfff8a2b49d1393de72b9d970ee7f45a755c1d9f7b4d43e37e17d6eaff5fe352d507eb0424ab937980ae8fae8a9062b651a53b6543733e259ee3083a308a78ac50f0972629b74e6aadefedf2352d024d8f27d4bc8703493b08bbe75e34ee5796d0d275cae3d3c0eba179e145feee0c8acc98af7888a374dbe705e058fc565e40677890a39e6999ae47202a9237803e9eee30f368725ca8571a8f6a8ba396905f4f023a60acb644bab6b0b8964aa514c37f23509c685648d6adb0e230aca690c91e664bc49fa30ae42a2c71abc7517181d4157ef996628b3624f367519970366acca85d399e2c7703930e2abd4bdbac076230ad16368ccb350357d57626ea47a15f0fa16bd5efa8233fa3ea1183da730204a455a673c783c10a26411c5de816699f7af3401b9f38592a4cd9f3f0b7de18cd69f831eee87a3d2edb64ecf517d201f32f86b80fcd3287330f286465260370527e6116df0651001405563622e14af715f6c3dd10e1986e3b95ebf618ff42bdd7a74f0d0cc2cc8dab1048eb5fdbfb72cb16f9e2a196b512720cbfbb4696f291200a153c383cc441091c62649a88ef173a42eced93a374e4f0a078244e56c14b3c4cc9625b3e9e1853839ecb00d6cfc2d2398634935aedd9a545e4b13895a3b8b05c8fca9af2bba82762db85a449f5d9c6ff87b724f19dc1805eca58445e67782a30f03e7b1272685ab8306c255604360b0d6e53cc443b0b81bcf92b470b8734b7b7b2ccf2d51fc1a8b43d8dba290e875f35b0bdb66790a3bb4d8391c5fdde5f461b5922c56f8a858865c0fd8b39cb79e8e182342ef0398641ca3c76620482705878ff0d9fe2eaae18a8ad73313663e36feca9bae81834482bb19c651e273bc04333963f2a64d516761280db45fc4217b5c2ab73a8a04c5d2c2aced37bb2825d17f68c4d65dfcc54057a46f045bf435391b7304ee376977220e71e97919cd67e3f0f0f63e0dcee8d90d80ead12a5eda22db217bd362c1a4f9244c99da91d618c6b71b21ed80826d4df95aee10786e61b3141002e342490f2d842051305d2e8d41aca580a13cd48a850eada7dfee4bda67a5491acf4cfdd3919135e7b113a1973595b99d6ba152ae8cc63fd95c1d7d4a59b038c426ffdb949fe1a6004df2bbae2acce3f5720419dc597229f2d120c689b07a344e75f4c631d83b3130cc927412daa9607c8c0fa254cde27306360a9a5d18ff9d4d4ed38162a5202ba214db4486887b5831d727bd93e6e7cddfa4d3480cb3b4683b1de52bdff534016719324051f81bdf49a5c12dd7b389107b3eb5dc4858caebe8c0a9866ff632deebc16492f95d202ce0f454476ab77871d3188ec83fc74f2ec1055893b2a138cce27ac5553c5496cbf147002a9c55fdb202969a4802ca3556453a58d2aa8e19f40e577fa280625468d385af8659a0f3ab69fabf4fa1326f7a7ebad98a23958c91f28c4b03ff9f343b6ecdb82e820bcb7de6f51d0fcfbbcef902d21a7eed03ea125363b758085022ade27451ba5e0acd9a0044ec50571d234855448be132e14517ae38b798482cc07e1c009c1a4cdd5c42f3862dd6d4c3b18f9c41d0bf5b709d742877ef7ee6d9932c6d7a9fd09bede9f80645a5c4b97ae48734985131f948bf20e93f82b93d6e69479491158d83655244d91bb5e9dfdf103e2238a95a92f35750769b87dce1d0e8bac4e6ee5467f9800a12fe27a2c8f727bbda617899ca26d13ec3b68b4acd7200b3206852aafb13c94681413ee7d0987f4d067b4bc5fc5e01ebe9bdbfc0198232f92da3371d12023388f86a4bb4db9bd559570aef27a96812dd2583c72732922266b98c89c264311577621ceb2625dac0af0fd08f5c27a658645777cb36d687d6f0e6835587cbe65ed922cbd1190b1d60259024be61e7e32b1ecb5e72799103c3a3ea91191667418fedf79d839200ee75da4d68fd6facdd1243f30727c40c6a7c4ffa3d937f4c21b076d146f439d8961258526d56336f7d94e945f90053ef865dd9f939b12d8b6b72b1f20a050b69b8a3b8bc88584766bf9783116c8fc8c4883f8dca31dbfd2775675d868136e5f5e16e3508986750fa8825231fed43ae2b444f5992011f0b80b1f3b0e397ff98fe81da3bd00593329f3014315fb4828fdfec77c8f3c8a92278866f7d299f9a0818e36d1bbad629a61345e01e495dfc4412fcc8b64eac5259de21dae5f5b34c06ee81c0e46b12203b639cfef7f12871287abca6b2f70ffa2cb225585bfbf2c0cd010bdd1b2b3f560016e4db6c30a26e517b608633aa40ab1802da8e94188bad14ab007e415ec41c3dabf4d2817a43a082313529e4a80596807b785af9391117f780db637f2214bb8082373303da889ffd89fa43f4cca427b43e3c17942d314a577112cfb31e841ae40fd18220e9aaa24e382936c0b859a3a425c2018b093e42648b7517dcce9af1366dc5ea8fd575001cbe880ddbb0a768033ee3802c68c4b2fc290fcb84f1e33318543fd2ddf065503c0767c86fcde6931797f275ee4c149d616ff02a9a019c223c16cfd6e618b07c7bd8009d3201a92b91a0944ff21d71ffc53c39b7a318c6451d80b05f9d9c81fd1a78ef35e14cbebc1b4e2de28039301042c0fa09ad2e43d5f78ab4104218bab2da5034050bbf625c6803496dd3d77b574aed51badd3e9967548014b8b318dfb2e0a6ce6637cee786806ec06b359d6569c65df2e538b43862be27d4ddb2710447ed7e56cb4a02779c8767e11056cfaca1ab1aea20d4198a050e98695ae3f2a0aadb5b34b6b945379b81259ebe7abe6d3ca23cae048429b6c850813706f59231034fce07c4111961193d581e3bbbd6c9afd8b3d1e0604807dbd880d2ccc5266818a18287e8c4bda311be83c6f1c5e7f571b9f5ab1f84f8252df9d62f75865adcdd61eaaf7df4cbdd994ab17d2d5d684f95715d4636a6cb69fa2619c6b76ee060202a0a8c934aa537d2c5cf736142349b19fb9b532b05e6dff05c4c635f4134bcc0ef2e38c3fd75d8664d7dfa3139e1b2c2cbbdbe4fc0e2e80870ade368b730d4c06946b608088991f346765afaad6765e5a16267b2d249ee22ea1c6cb85d5d0f8ee48204a5dc48ae6415e3802fd8a431d249f95c72f6895978b36c424e40f83dfe1d0ca01dca14c4a308e926fe726ea0b456dcd976147e61744675f81f38bd5ef06ed76692ac8ac03744c8dc313f06aa28832a3286e626d5e29c748c21164475c739d3f6c6ad046fbb1a149867faf770c089b3513a0649d787208f06e7db6f8a44a9e32c6bd8dd9cca53bcd8ba7ec49d4068d7018b4c8fbd13070f9b0d02d3686b54f96a21e74e346c380a99f21f33925d4a39d510842ed84f2605a15051a784d8216364c2f8ec79f7884ec151ac56d11e30e058d2c49998147c1d54e04aea5d2e9bcc5bf051690d7aa905fdd68528309afda3fd5920cecfae73f6d5f8962e647f5e909748ff9105097118feecf28d6d514ede8cb2d4201da6efc9f3c24893570b227dfe673158e6c17bfcd91625bc4f87eb6fc67e5b647b18231da1da165220815b24431144fc05e1e207e12dbd9e26254d61bc9f47e4ec7e5e19a58ea2444e97a6daf57c895ec35c497d84e2f0c2e520e123f3cadf380a7e54836f7b5a9ba24b1bbe690b7f3de459adbe4d80a648ac2d8158e8b0948ea6ec4b8ac3ce4dafc8ed0f709c13a5ada9fa6c254b57e3cc83411e26dacb6aee290ced0bd65f18884b33dfd1229acd273f97d3edf7673747193ececc83e9ba1e1a73ceb8c347ac88333308df5e4d9ea133e2c6fa4bb1489980cf8ce20201bbba6334936fbc6bb7e6495ba48a3648fe57a0957de758182d3248601ab2bc9d2edf826255d5774021ae4d5d7f87a18927ac866b24e9fa2ca4fb5623c9e0ccbe491a61566f5f649047f97db9cea177ce08ec58c28e7e174f427b38c2e3c2d7165b321eeffe4fc03e8acc2c0ba7520699e8f6480261de487e33d3169790024cec06e3d776c98ccbc5da2ec0032c8241bedea3db12687a82e1eafa4ff828f5347e8ae0b22bcfa5de853d05381a04e8eb953a54c5ebb528bc03d4f7d74b1741f7833a7b90456ff847619b5893bd1515ed87cfd9aa44208572d1578849d5e7310b29e4a5af6026d9d5d2d6c18cc222fa375bc756e86d30a673420c4ac99c0b0a6baadd5bb53bf161074e85b105d5c8f704ea4fef269b3e2d62dc9e494393957a9aba76d7a7c79a1f37a9c0b20a69c47f74b489a8d60bb017272497f2cc7e3dd85a6622c0c1038978ca44170229f1ef25d11d2757940a5b6d35eab977937a5cccfb979dd79accb86476ae7da6fa96527a0ad6a7613c9008fd3cb2cbf81d7be93304dab9059c38cb54a191118bdf39148f6a7e44eca45272a3a2f1812ab6ac72f3009c235abcfe300a5599340b7baa1d6b07797a8fc29533b1d39b24642a867cc188327927d224045bb65e47238f7e260dbe81e2fdd8dac3f3da3724817975e008e0ccbfd958fec78f01cd6cf9d46594513d8a67c9ff5d1f745a7b1b82ee0d1b0babcbea6d4334f8f474c0f1d438d80da71e1158865621613cb9eb1b08f224fca3c26ed879fb13a7148d7a65ea7d2364b71568e2b56e7ab492866ff1d9f0d83647682fd3a31ca4c3735ed4accb26d45e9b26f80856a287fdd42a12de98d1b5d4f2278dd78a8b287a18d8edd003d338049214faef3d6c17b3117da3e1c60715480e1739b52ac39265803d5d6019559d028bbc2c874071c021c581458c67aea919e14db399a54314b1d734eaeafee4844ee9c208887b1c4b7c475997146ccd5f6df48262ab997fc0e5f3ef5e68506fd1d9835b7028c22933024dd9ea325dbb1f8172f9c564b973a1668fb8b566e484a6f821c7bf709aecc0794a71ecc8bcf2fd5ac8d0c76b19f4ce02fefa9780549df3f606a0e520b059f95cb4f749b8c9204f1a052a588ce8ccc519a89e5444aec50739e92a914782bd1c991ae6e403aec0655570e1f90d921695548a645c317d9c13d36da32f86bb104d4b36b66b1e766731dfca460354bd9194e90523afc4e36d9aadd8dc777cfe26c955dcf57736139668b29f4c8ad197050737ebba3d55eb30cc94bdc3a1e28c3573a98ca4d5502d9893755cf2dfec4843fa39eb0a9948b6589eceebfe750b2db0", 0xec0}, {0x0}], 0x2, &(0x7f0000000780)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r1, @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32=r0, @ANYRES32=r2, @ANYRES32=r0, @ANYBLOB="000000002000000000000000010000e201000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB='\x00\x00\x00\x00'], 0x60}, 0x0)

2.520650498s ago: executing program 3 (id=7819):
r0 = syz_io_uring_setup(0x83d, &(0x7f0000000500)={0x0, 0xfc1a, 0x80, 0x2, 0x3cf}, &(0x7f0000000300)=<r1=>0x0, &(0x7f0000000440)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000600)=@IORING_OP_LINKAT={0x27, 0x1a, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffff, 0x1400, 0x1})
io_uring_enter(r0, 0x3516, 0x8000000, 0x0, 0x0, 0x0)

2.324223746s ago: executing program 3 (id=7820):
socket$kcm(0x11, 0xa, 0x300)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000700000000000000000095"], 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sock_rcvqueue_full\x00', r0}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000040)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sock_rcvqueue_full\x00', r1}, 0x10)
r2 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c018030029000b12d25a80648c2594f90124fc60100c020000040000053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0)

2.170523789s ago: executing program 3 (id=7821):
syz_open_dev$evdev(&(0x7f0000000000), 0x9468, 0x0)
r0 = syz_open_dev$evdev(0x0, 0xfffffffffffffffd, 0x50540)
ioctl$EVIOCSKEYCODE_V2(r0, 0x40284504, 0x0)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000207d1e512d000000000001090224000100000000090400000103000200092100000001220500090581030014000000"], 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
syz_usb_control_io(r1, &(0x7f00000003c0)={0x2c, &(0x7f0000000c40)=ANY=[@ANYBLOB='\x00\x00W'], 0x0, 0x0, 0x0, 0x0}, 0x0)
r2 = syz_open_dev$hidraw(&(0x7f0000002300), 0x0, 0x14a042)
syz_open_dev$hidraw(&(0x7f0000002300), 0x0, 0x44200)
r3 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da0700000000000109022400010000000009040000090300000009"], 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f00000004c0)={{0x12, 0x1, 0x110, 0x2e, 0x1e, 0xa2, 0x20, 0x12d1, 0x6855, 0x90b2, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x3, 0xc0, 0x60, 0x0, [{{0x9, 0x4, 0xc7, 0xf4, 0x0, 0xff, 0x6, 0x72, 0xff}}]}}]}}, &(0x7f0000000740)={0xa, &(0x7f0000000640)={0xa, 0x6, 0x201, 0xc9, 0xf, 0x9, 0x10}, 0x5, &(0x7f0000000680)={0x5, 0xf, 0x5}, 0x2, [{0x16, &(0x7f00000006c0)=@string={0x16, 0x3, "9ebf51e6bad89c357ac57541a3956554b4a95c6c"}}, {0x4, &(0x7f0000000700)=@lang_id={0x4, 0x3, 0x420}}]})
syz_usb_connect$hid(0x2, 0x4a, 0x0, 0x0)
syz_usb_connect$cdc_ncm(0x0, 0x0, 0x0, &(0x7f0000000440)={0xa, &(0x7f0000000200)={0xa, 0x6, 0x200, 0xf, 0x3, 0x2, 0x70, 0xe}, 0x5, &(0x7f0000000240)={0x5, 0xf, 0x5}, 0x4, [{0xf7, &(0x7f0000000280)=@string={0xf7, 0x3, "ea90e5ce2feee6e985b4124ec87f013fa0420cd5122e11fa1b36153a2e2c1d6d30d02538f702dfe0864a261961c135e660b0a37d2d5d8cfb5325288cfc1392956d2051c23f796145e2a1a6370273b1119f3e1d7678d3a8201bc7a8e5e274d7dacafcb2a9c94455039c8a7d5582412f7d6a4bb8d7041ba5ca28e926ba0d21e91567ccf349a87ac6b02a26621686f071dd7c0e695e551a85c979f88c96c7b65ecd6e803a2a63d1e47684d45d5b27a606f895e9fb8f04c7c9ae7a372e1a63a6325c61cc1400963f8c603283a809c4745fbad535ce1b8009743462eea497670229b7dbc1f1d564a4f4c0aedb5e5f3de698e90bd5768909"}}, {0x4, &(0x7f0000000380)=@lang_id={0x4, 0x3, 0xfcff}}, {0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x409}}, {0x4, &(0x7f0000000400)=@lang_id={0x4, 0x3, 0xf4ff}}]})
syz_usb_control_io$hid(r3, 0x0, 0x0)
syz_usb_control_io$hid(r3, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="00222200000096231306e53f070d0000002a940183"], 0x0}, 0x0)
ioctl$HIDIOCGRDESC(r2, 0x40305829, &(0x7f0000000440)={0x4, "3b820000"})

1.992062479s ago: executing program 6 (id=7822):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000004c0)='setgroups\x00')
getpgrp(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000001700)=0x4)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000840)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}]}, @NFT_MSG_NEWRULE={0x64, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x3c, 0x4, 0x0, 0x1, [{0x38, 0x1, 0x0, 0x1, @dynset={{0xb}, @val={0x28, 0x2, 0x0, 0x1, [@NFTA_DYNSET_SET_NAME={0x9, 0x1, 'syz2\x00'}, @NFTA_DYNSET_FLAGS={0x8}, @NFTA_DYNSET_OP={0x8}, @NFTA_DYNSET_SREG_KEY={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xd8}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c00000021000f0000f901000000000002"], 0x1c}}, 0x8000)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
openat$cgroup_procs(0xffffffffffffffff, &(0x7f00000000c0)='cgroup.threads\x00', 0x2, 0x0)
socket$unix(0x1, 0x2, 0x0)
writev(r0, &(0x7f0000003740)=[{0x0}], 0x1)
r7 = socket$kcm(0xa, 0x2, 0x73)
acct(0x0)
sendmsg$inet(r7, &(0x7f0000001180)={0x0, 0x0, 0x0}, 0x0)

560.195188ms ago: executing program 6 (id=7823):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r0, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000b00)=ANY=[], 0x44}, 0x1, 0x0, 0x0, 0x4000}, 0x4040094)

518.531083ms ago: executing program 6 (id=7824):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000001c0)={'sit0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r3, {0x0, 0x6}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x4}}, @TCA_RATE={0x6}]}, 0x38}, 0x1, 0x0, 0x0, 0x48801}, 0x0)

348.011416ms ago: executing program 6 (id=7825):
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x5, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec850000007d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000800)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x101, 0x0, 0x0, 0x41100, 0x59}, 0x94)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
r3 = open(&(0x7f0000000300)='./file0\x00', 0x145142, 0x102)
sendfile(r3, r3, 0x0, 0x800000009)

283.814284ms ago: executing program 9 (id=7826):
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x10, 0x0, &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[], 0x50)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000240)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="000086dd0500560008005400000060ec970001983a00fc000018c6ba35000000000000000700ff02000000000000000000000000000100000000000000cc00000000000000000000000000000000860090780000000000000000000000000000ee3f000000002b036f8c006e64021d683910c3090b3188a7c747eb2278a273c1b800294429118927"], 0xfdef)

0s ago: executing program 6 (id=7827):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000060a0b040000000000000000020000002c0004802800018007000100637400001c0002800800014000000002080002400000000b05000300000000000900010073797a30000000000900020073797a320000000014000000110001"], 0x80}}, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r1, &(0x7f0000000280)={@val={0x6f01, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x14}, @mpls={[], @ipv4=@tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffffff, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x5, 0x5, 0x0, 0x0, 0x0, 0x18}}}}}, 0x36)

kernel console output (not intermixed with test programs):

rror -32 req 02 val 2600
[ 1479.317823][   T24] pwc: recv_control_msg error -32 req 02 val 2900
[ 1479.684563][T27742] loop9: detected capacity change from 0 to 512
[ 1479.738649][   T24] pwc: recv_control_msg error -71 req 04 val 1100
[ 1479.803640][   T24] pwc: recv_control_msg error -71 req 04 val 1200
[ 1481.333463][T27742] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1481.346779][T27742] ext4 filesystem being mounted at /393/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1481.834172][   T30] kauditd_printk_skb: 33 callbacks suppressed
[ 1481.834222][   T30] audit: type=1326 audit(1754587108.660:529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27751 comm="syz.5.7170" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5db198ebe9 code=0x7ffc0000
[ 1482.017408][   T30] audit: type=1326 audit(1754587108.730:530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27751 comm="syz.5.7170" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f5db198ebe9 code=0x7ffc0000
[ 1482.076365][   T24] pwc: Registered as video103.
[ 1482.083342][   T24] input: PWC snapshot button as /devices/platform/dummy_hcd.4/usb5/5-1/input/input52
[ 1482.094002][   T30] audit: type=1326 audit(1754587108.730:531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27751 comm="syz.5.7170" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5db198ebe9 code=0x7ffc0000
[ 1482.120874][   T30] audit: type=1326 audit(1754587108.730:532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27751 comm="syz.5.7170" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5db198ebe9 code=0x7ffc0000
[ 1482.148849][   T24] usb 5-1: USB disconnect, device number 66
[ 1482.440148][   T30] audit: type=1326 audit(1754587108.740:533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27751 comm="syz.5.7170" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7f5db198ebe9 code=0x7ffc0000
[ 1482.913089][T20713] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1483.286667][T27765] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[ 1483.415522][   T30] audit: type=1326 audit(1754587108.740:534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27751 comm="syz.5.7170" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5db198ebe9 code=0x7ffc0000
[ 1483.440404][   T30] audit: type=1326 audit(1754587108.740:535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27751 comm="syz.5.7170" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5db198ebe9 code=0x7ffc0000
[ 1483.464076][   T30] audit: type=1326 audit(1754587108.740:536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27751 comm="syz.5.7170" exe="/root/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7f5db198ebe9 code=0x7ffc0000
[ 1483.882764][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[ 1483.889252][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[ 1484.245942][T27781] fuse: Bad value for 'fd'
[ 1484.267456][   T30] audit: type=1326 audit(1754587108.740:537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27751 comm="syz.5.7170" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5db198ebe9 code=0x7ffc0000
[ 1484.292375][   T30] audit: type=1326 audit(1754587108.740:538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27751 comm="syz.5.7170" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5db198ebe9 code=0x7ffc0000
[ 1484.664133][T27790] loop9: detected capacity change from 0 to 128
[ 1484.671681][T27790] FAT-fs (loop9): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 1484.971584][T27790] FAT-fs (loop9): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[ 1486.743508][T27802] loop6: detected capacity change from 0 to 1024
[ 1486.813818][T27804] serio: Serial port ptm0
[ 1486.834255][T27802] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1487.066186][T27813] loop3: detected capacity change from 0 to 2048
[ 1487.093810][T19575] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1487.130574][T27779] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1487.143676][T27813] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1487.197645][T27779] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1487.230253][T27779] bond0 (unregistering): Released all slaves
[ 1487.251359][T27818] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7191'.
[ 1487.338074][T16541] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1487.437447][T27817] netlink: 'syz.5.7191': attribute type 12 has an invalid length.
[ 1487.471712][T27818] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1487.519761][T27818] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1487.588674][T27818] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1487.635956][T27818] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1488.009770][T27826] fuse: Bad value for 'fd'
[ 1489.232745][T27843] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1489.242636][T27843] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1490.018603][T27843] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1490.060790][T27843] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1490.068669][T27843] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1490.381642][T27858] netlink: 40 bytes leftover after parsing attributes in process `syz.5.7204'.
[ 1490.611026][T27869] sd 0:0:1:0: device reset
[ 1490.891339][T27839] chnl_net:caif_netlink_parms(): no params data found
[ 1491.151996][T27839] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1491.164973][T27839] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1491.181934][T27839] bridge_slave_0: entered allmulticast mode
[ 1491.201349][T27839] bridge_slave_0: entered promiscuous mode
[ 1491.223477][T27839] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1491.241904][T27839] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1491.249232][T27839] bridge_slave_1: entered allmulticast mode
[ 1491.272058][T27839] bridge_slave_1: entered promiscuous mode
[ 1491.383559][   T30] kauditd_printk_skb: 49 callbacks suppressed
[ 1491.383591][   T30] audit: type=1326 audit(1754587118.220:588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27899 comm="syz.4.7219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f677898ebe9 code=0x7ffc0000
[ 1491.697727][T27839] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1492.093644][T27906] netlink: 40 bytes leftover after parsing attributes in process `syz.5.7220'.
[ 1492.223477][ T5177] Bluetooth: hci6: command tx timeout
[ 1492.243159][T27839] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1492.369943][   T30] audit: type=1326 audit(1754587118.220:589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27899 comm="syz.4.7219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f677898ebe9 code=0x7ffc0000
[ 1492.408857][   T30] audit: type=1326 audit(1754587118.220:590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27899 comm="syz.4.7219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f677898ebe9 code=0x7ffc0000
[ 1492.435805][   T30] audit: type=1326 audit(1754587118.220:591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27899 comm="syz.4.7219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f677898ebe9 code=0x7ffc0000
[ 1492.467422][   T30] audit: type=1326 audit(1754587118.220:592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27899 comm="syz.4.7219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=233 compat=0 ip=0x7f677898ebe9 code=0x7ffc0000
[ 1492.566007][   T30] audit: type=1326 audit(1754587118.220:593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27899 comm="syz.4.7219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f677898ebe9 code=0x7ffc0000
[ 1492.680853][T27839] team0: Port device team_slave_0 added
[ 1492.737170][   T30] audit: type=1326 audit(1754587118.220:594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27899 comm="syz.4.7219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=233 compat=0 ip=0x7f677898ebe9 code=0x7ffc0000
[ 1492.764776][T27839] team0: Port device team_slave_1 added
[ 1492.955248][   T30] audit: type=1326 audit(1754587118.220:595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27899 comm="syz.4.7219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f677898ebe9 code=0x7ffc0000
[ 1493.108207][   T30] audit: type=1326 audit(1754587118.230:596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27899 comm="syz.4.7219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f677898ebe9 code=0x7ffc0000
[ 1493.208642][T27839] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1493.237054][T27839] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1493.264192][   T24] usb 7-1: new high-speed USB device number 102 using dummy_hcd
[ 1493.299155][   T30] audit: type=1326 audit(1754587118.230:597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27899 comm="syz.4.7219" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f677898ebe9 code=0x7ffc0000
[ 1493.423800][T27839] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1493.480047][   T24] usb 7-1: Using ep0 maxpacket: 32
[ 1493.504842][   T24] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1493.538549][T27839] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1493.571587][   T24] usb 7-1: New USB device found, idVendor=1e7d, idProduct=2d51, bcdDevice= 0.00
[ 1493.589637][T27839] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1493.642240][T27839] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1493.649713][   T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1493.732066][   T24] usb 7-1: config 0 descriptor??
[ 1493.967403][T27839] hsr_slave_0: entered promiscuous mode
[ 1493.979295][T27839] hsr_slave_1: entered promiscuous mode
[ 1493.986368][T27839] debugfs: 'hsr0' already exists in 'hsr'
[ 1493.996557][T27839] Cannot create hsr debugfs directory
[ 1494.319648][ T5177] Bluetooth: hci6: command tx timeout
[ 1494.608370][T27920] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1494.676025][T27920] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1494.749454][T27920] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1494.783079][T27920] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1494.872331][   T24] usbhid 7-1:0.0: can't add hid device: -71
[ 1494.878402][   T24] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[ 1494.908875][   T24] usb 7-1: USB disconnect, device number 102
[ 1495.214922][T27839] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1495.242190][T27952] loop9: detected capacity change from 0 to 2048
[ 1495.302134][T27952] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1495.317163][T27959] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7237'.
[ 1495.362071][T27954] loop5: detected capacity change from 0 to 2048
[ 1495.386346][T27839] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1495.530122][T27954] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1495.634314][T27839] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1495.753026][T27954] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.7238: bg 0: block 234: padding at end of block bitmap is not set
[ 1496.017904][T27954] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 32 with error 117
[ 1496.299282][T27954] EXT4-fs (loop5): This should not happen!! Data will be lost
[ 1496.299282][T27954] 
[ 1496.381088][ T5177] Bluetooth: hci6: command tx timeout
[ 1496.392374][T20713] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1496.848088][T26920] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1496.923212][T27839] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1496.944630][T27977] loop4: detected capacity change from 0 to 1024
[ 1497.007860][T27977] EXT4-fs: Ignoring removed orlov option
[ 1498.389812][T27977] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1498.462734][ T5177] Bluetooth: hci6: command tx timeout
[ 1498.632576][T27990] loop5: detected capacity change from 0 to 16
[ 1498.685993][T27990] erofs (device loop5): mounted with root inode @ nid 36.
[ 1498.743801][T23066] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1498.867219][T27839] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1498.918010][T27839] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1498.963118][T27839] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1498.984877][T27999] netlink: 60 bytes leftover after parsing attributes in process `syz.4.7252'.
[ 1499.025285][T28002] netlink: 60 bytes leftover after parsing attributes in process `syz.4.7252'.
[ 1499.039618][T27839] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1499.229654][  T974] usb 10-1: new high-speed USB device number 106 using dummy_hcd
[ 1499.264543][T27839] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1499.598793][T27839] 8021q: adding VLAN 0 to HW filter on device team0
[ 1499.624314][ T1160] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1499.631508][ T1160] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1499.642394][ T1160] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1499.649540][ T1160] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1499.679547][  T974] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 128, changing to 11
[ 1499.711881][  T974] usb 10-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1499.741211][  T974] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1499.775687][  T974] usb 10-1: config 0 descriptor??
[ 1500.005358][  T974] usbhid 10-1:0.0: can't add hid device: -71
[ 1500.032705][  T974] usbhid 10-1:0.0: probe with driver usbhid failed with error -71
[ 1500.066715][  T974] usb 10-1: USB disconnect, device number 106
[ 1500.281212][T27839] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1501.344555][T27839] veth0_vlan: entered promiscuous mode
[ 1501.425818][T27839] veth1_vlan: entered promiscuous mode
[ 1501.586840][T27839] veth0_macvtap: entered promiscuous mode
[ 1501.648168][T27839] veth1_macvtap: entered promiscuous mode
[ 1501.750277][T27839] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1501.834023][T27839] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1501.860318][T28044] loop8: detected capacity change from 0 to 2048
[ 1501.948243][ T6361] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1502.014033][ T6361] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1502.029631][T28044] FAT-fs (loop8): error, fat_get_cluster: detected the cluster chain loop (i_pos 1)
[ 1502.071216][T28044] FAT-fs (loop8): Filesystem has been set read-only
[ 1502.110192][ T6361] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1502.163336][ T6361] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1502.364071][T28048] netlink: 40 bytes leftover after parsing attributes in process `syz.5.7266'.
[ 1502.612602][ T6361] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1502.668546][ T6361] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1502.875369][ T6363] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1502.899380][ T6363] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1503.420294][ T3474] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1504.140128][T28068] 9pnet: Could not find request transport: 0xffffffffffffffff
[ 1504.832821][T28091] loop6: detected capacity change from 0 to 2048
[ 1505.362747][   T90] usb 10-1: new high-speed USB device number 107 using dummy_hcd
[ 1505.374572][T28091] FAT-fs (loop6): error, fat_get_cluster: detected the cluster chain loop (i_pos 1)
[ 1505.402807][T28091] FAT-fs (loop6): Filesystem has been set read-only
[ 1507.668316][T28116] loop8: detected capacity change from 0 to 512
[ 1507.775361][T28116] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1507.798610][T28116] ext4 filesystem being mounted at /532/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1507.977381][T19115] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1508.128680][   T30] kauditd_printk_skb: 22 callbacks suppressed
[ 1508.128700][   T30] audit: type=1326 audit(1754587134.960:620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28121 comm="syz.8.7292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe04858ebe9 code=0x7ffc0000
[ 1508.161322][   T30] audit: type=1326 audit(1754587134.980:621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28121 comm="syz.8.7292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe04858ebe9 code=0x7ffc0000
[ 1508.215859][   T30] audit: type=1326 audit(1754587134.980:622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28121 comm="syz.8.7292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=294 compat=0 ip=0x7fe04858ebe9 code=0x7ffc0000
[ 1508.242987][   T30] audit: type=1326 audit(1754587134.980:623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28121 comm="syz.8.7292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe04858ebe9 code=0x7ffc0000
[ 1508.268125][   T30] audit: type=1326 audit(1754587134.980:624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28121 comm="syz.8.7292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe04858ebe9 code=0x7ffc0000
[ 1508.303308][   T30] audit: type=1326 audit(1754587134.980:625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28121 comm="syz.8.7292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=254 compat=0 ip=0x7fe04858ebe9 code=0x7ffc0000
[ 1508.335171][   T30] audit: type=1326 audit(1754587134.980:626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28121 comm="syz.8.7292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe04858ebe9 code=0x7ffc0000
[ 1508.361452][   T30] audit: type=1326 audit(1754587134.980:627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28121 comm="syz.8.7292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe04858ebe9 code=0x7ffc0000
[ 1508.741798][   T43] usb 9-1: new full-speed USB device number 95 using dummy_hcd
[ 1508.912665][   T43] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1508.923921][   T43] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1508.934055][   T43] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1508.947319][   T43] usb 9-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[ 1508.957488][   T43] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1508.968586][   T43] usb 9-1: config 0 descriptor??
[ 1509.286466][T28105] macvtap0: refused to change device tx_queue_len
[ 1509.401015][T28128] loop8: detected capacity change from 0 to 512
[ 1509.426791][T28128] EXT4-fs: Ignoring removed i_version option
[ 1509.445613][T28128] EXT4-fs: Ignoring removed nobh option
[ 1509.458284][T28128] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[ 1509.477551][T28128] EXT4-fs (loop8): 1 truncate cleaned up
[ 1509.485279][T28128] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1510.548936][T28128] netlink: 64 bytes leftover after parsing attributes in process `syz.8.7295'.
[ 1510.840240][   T43] usbhid 9-1:0.0: can't add hid device: -71
[ 1510.846295][   T43] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[ 1510.862134][   T43] usb 9-1: USB disconnect, device number 95
[ 1510.979618][ T5863] usb 7-1: new high-speed USB device number 103 using dummy_hcd
[ 1511.374355][T28159] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1511.949132][ T5863] usb 7-1: Using ep0 maxpacket: 32
[ 1511.998216][ T5863] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1511.999160][T19115] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1512.012464][ T5863] usb 7-1: New USB device found, idVendor=1e7d, idProduct=2d51, bcdDevice= 0.00
[ 1512.032329][ T5863] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1512.044761][ T5863] usb 7-1: config 0 descriptor??
[ 1512.084151][T28162] fuse: Bad value for 'fd'
[ 1512.661049][T28149] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1512.699917][T28149] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1512.722048][T28149] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1512.754370][T28149] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1512.776710][ T5863] usbhid 7-1:0.0: can't add hid device: -71
[ 1512.789725][ T5863] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[ 1512.791117][   T43] usb 5-1: new high-speed USB device number 67 using dummy_hcd
[ 1512.810713][ T5863] usb 7-1: USB disconnect, device number 103
[ 1512.959544][ T6038] usb 9-1: new high-speed USB device number 96 using dummy_hcd
[ 1512.979601][   T43] usb 5-1: Using ep0 maxpacket: 16
[ 1513.002739][   T43] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1513.020293][   T43] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1513.050053][   T43] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1513.070118][   T43] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1513.089591][   T43] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1513.112477][   T43] usb 5-1: config 0 descriptor??
[ 1513.129919][ T6038] usb 9-1: Using ep0 maxpacket: 16
[ 1513.148891][ T6038] usb 9-1: config 0 interface 0 altsetting 16 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1513.165739][ T6038] usb 9-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1513.175705][ T6038] usb 9-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 28
[ 1513.199165][ T6038] usb 9-1: config 0 interface 0 has no altsetting 0
[ 1513.209316][ T6038] usb 9-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[ 1513.218902][ T6038] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1513.271508][ T6038] usb 9-1: config 0 descriptor??
[ 1513.487179][T28197] netlink: 'syz.6.7318': attribute type 2 has an invalid length.
[ 1513.498443][T28197] netlink: 199836 bytes leftover after parsing attributes in process `syz.6.7318'.
[ 1513.527464][T28197] nbd: must specify at least one socket
[ 1513.707425][T28203] loop6: detected capacity change from 0 to 1024
[ 1513.718472][T28203] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1513.726363][T28203] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[ 1513.750157][T28203] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1513.779078][   T43] usbhid 5-1:0.0: can't add hid device: -71
[ 1513.812396][   T43] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[ 1513.832985][   T43] usb 5-1: USB disconnect, device number 67
[ 1513.887762][ T5863] usb 10-1: new full-speed USB device number 108 using dummy_hcd
[ 1513.919549][ T6038] usb 9-1: USB disconnect, device number 96
[ 1513.963527][T28207] netlink: 64 bytes leftover after parsing attributes in process `syz.6.7320'.
[ 1514.084349][ T5863] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1514.096035][ T5863] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1514.116434][ T5863] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1514.139424][ T5863] usb 10-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[ 1514.159016][ T5863] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1514.180356][ T5863] usb 10-1: config 0 descriptor??
[ 1514.399031][T28209] loop4: detected capacity change from 0 to 1024
[ 1514.407425][T28209] EXT4-fs: Ignoring removed nobh option
[ 1514.413161][T28209] EXT4-fs: Ignoring removed bh option
[ 1514.458042][T28209] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1514.616513][T28201] loop9: detected capacity change from 0 to 512
[ 1514.637010][T28201] EXT4-fs: Ignoring removed i_version option
[ 1514.676776][T28201] EXT4-fs: Ignoring removed nobh option
[ 1514.704561][T28201] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[ 1514.756676][T28201] EXT4-fs (loop9): 1 truncate cleaned up
[ 1514.765118][T28201] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1515.518573][T28201] netlink: 64 bytes leftover after parsing attributes in process `syz.9.7319'.
[ 1515.574371][ T5863] usbhid 10-1:0.0: can't add hid device: -71
[ 1515.582076][ T5863] usbhid 10-1:0.0: probe with driver usbhid failed with error -71
[ 1515.586337][T23066] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1515.632059][ T5863] usb 10-1: USB disconnect, device number 108
[ 1515.732942][T28219] loop4: detected capacity change from 0 to 128
[ 1515.751352][T28219] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1515.766579][T28219] ext4 filesystem being mounted at /301/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1515.781980][T19575] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1516.199144][T20713] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1516.476308][T23066] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1517.329843][ T5863] usb 10-1: new high-speed USB device number 109 using dummy_hcd
[ 1517.501268][ T5863] usb 10-1: Using ep0 maxpacket: 8
[ 1517.547501][ T5863] usb 10-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[ 1517.563643][ T5863] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1517.582187][ T5863] usb 10-1: Product: syz
[ 1517.586545][ T5863] usb 10-1: Manufacturer: syz
[ 1517.591890][ T5863] usb 10-1: SerialNumber: syz
[ 1517.620389][ T5863] usb 10-1: config 0 descriptor??
[ 1517.867104][ T5863] usb 10-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[ 1518.557060][T28213] workqueue: Failed to create a rescuer kthread for wq "bond0": -EINTR
[ 1518.579453][   T90] usb 5-1: new high-speed USB device number 68 using dummy_hcd
[ 1518.759492][   T90] usb 5-1: Using ep0 maxpacket: 16
[ 1518.768562][   T90] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1518.799772][   T90] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1518.839456][   T90] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1518.889649][   T90] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1518.915798][   T90] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1518.939192][   T90] usb 5-1: config 0 descriptor??
[ 1519.118738][T28266] loop6: detected capacity change from 0 to 128
[ 1519.221903][T28266] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1519.235483][T28266] ext4 filesystem being mounted at /523/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1519.612659][ T5863] dvb_usb_rtl28xxu 10-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[ 1519.859761][ T5863] usb 10-1: USB disconnect, device number 109
[ 1520.066898][T28270] mmap: syz.5.7336 (28270) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[ 1520.256486][   T30] audit: type=1326 audit(1754587147.090:628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28256 comm="syz.5.7336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5db198ebe9 code=0x7ffc0000
[ 1520.286261][T28270] loop5: detected capacity change from 0 to 164
[ 1520.373163][T28270] ISOFS: unable to read i-node block
[ 1520.379068][   T30] audit: type=1326 audit(1754587147.090:629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28256 comm="syz.5.7336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5db198ebe9 code=0x7ffc0000
[ 1520.424760][T28270] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[ 1520.488418][   T30] audit: type=1326 audit(1754587147.120:630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28256 comm="syz.5.7336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5db198ebe9 code=0x7ffc0000
[ 1520.583456][   T30] audit: type=1326 audit(1754587147.120:631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28256 comm="syz.5.7336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5db198ebe9 code=0x7ffc0000
[ 1520.676531][   T30] audit: type=1326 audit(1754587147.120:632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28256 comm="syz.5.7336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5db198ebe9 code=0x7ffc0000
[ 1520.795245][   T30] audit: type=1326 audit(1754587147.120:633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28256 comm="syz.5.7336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5db198ebe9 code=0x7ffc0000
[ 1520.925303][   T30] audit: type=1326 audit(1754587147.120:634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28256 comm="syz.5.7336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f5db198ebe9 code=0x7ffc0000
[ 1521.060275][   T30] audit: type=1326 audit(1754587147.120:635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28256 comm="syz.5.7336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f5db198ec23 code=0x7ffc0000
[ 1521.171769][   T30] audit: type=1326 audit(1754587147.120:636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28256 comm="syz.5.7336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f5db198d69f code=0x7ffc0000
[ 1521.270203][   T90] usbhid 5-1:0.0: can't add hid device: -71
[ 1521.276368][   T90] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[ 1521.287498][   T90] usb 5-1: USB disconnect, device number 68
[ 1521.296369][   T30] audit: type=1326 audit(1754587147.120:637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28256 comm="syz.5.7336" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f5db198ec77 code=0x7ffc0000
[ 1521.339787][   T43] usb 9-1: new full-speed USB device number 97 using dummy_hcd
[ 1521.362076][T19575] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1521.427330][T28279] netlink: 60 bytes leftover after parsing attributes in process `syz.4.7341'.
[ 1521.459890][T28278] netlink: 60 bytes leftover after parsing attributes in process `syz.4.7341'.
[ 1521.516733][   T43] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1521.550447][   T43] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1521.576977][   T43] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1521.633404][   T43] usb 9-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[ 1521.655747][T28286] loop6: detected capacity change from 0 to 1024
[ 1521.664489][T28286] EXT4-fs: Ignoring removed nobh option
[ 1521.670522][T28286] EXT4-fs: Ignoring removed bh option
[ 1521.675073][   T43] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1521.710606][T28286] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1521.724712][   T43] usb 9-1: config 0 descriptor??
[ 1522.010274][   T43] usbhid 9-1:0.0: can't add hid device: -71
[ 1522.016321][   T43] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[ 1522.579967][   T43] usb 9-1: USB disconnect, device number 97
[ 1522.768552][T19575] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1523.009543][ T5863] usb 5-1: new high-speed USB device number 69 using dummy_hcd
[ 1523.179506][  T974] usb 10-1: new high-speed USB device number 110 using dummy_hcd
[ 1523.189807][ T5863] usb 5-1: Using ep0 maxpacket: 32
[ 1523.212792][ T5863] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1523.240116][ T5863] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d51, bcdDevice= 0.00
[ 1523.269589][ T5863] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1523.311493][ T5863] usb 5-1: config 0 descriptor??
[ 1523.359931][T28259] syz.3.7335: vmalloc error: size 1075838976, failed to allocated page array size 2101248, mode:0x400dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 1523.388084][  T974] usb 10-1: Using ep0 maxpacket: 16
[ 1523.394280][T28259] CPU: 0 UID: 0 PID: 28259 Comm: syz.3.7335 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(full) 
[ 1523.394326][T28259] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1523.394343][T28259] Call Trace:
[ 1523.394352][T28259]  <TASK>
[ 1523.394364][T28259]  dump_stack_lvl+0x189/0x250
[ 1523.394405][T28259]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1523.394437][T28259]  ? __pfx__printk+0x10/0x10
[ 1523.394475][T28259]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[ 1523.394507][T28259]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[ 1523.394540][T28259]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1523.394571][T28259]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[ 1523.394605][T28259]  warn_alloc+0x214/0x310
[ 1523.394653][T28259]  ? __pfx_warn_alloc+0x10/0x10
[ 1523.394701][T28259]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1523.394737][T28259]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1523.394766][T28259]  ? __get_vm_area_node+0x28f/0x300
[ 1523.394804][T28259]  ? hash_netiface_create+0x358/0xfe0
[ 1523.394835][T28259]  __vmalloc_node_range_noprof+0x67e/0x12f0
[ 1523.394876][T28259]  ? do_syscall_64+0xfa/0x3b0
[ 1523.394945][T28259]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1523.394990][T28259]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1523.395020][T28259]  ? rcu_is_watching+0x15/0xb0
[ 1523.395049][T28259]  ? hash_netiface_create+0x358/0xfe0
[ 1523.395073][T28259]  ? hash_netiface_create+0x358/0xfe0
[ 1523.395096][T28259]  __kvmalloc_node_noprof+0x3b8/0x5f0
[ 1523.395134][T28259]  ? hash_netiface_create+0x358/0xfe0
[ 1523.395157][T28259]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1523.395189][T28259]  ? hash_netiface_create+0x2fe/0xfe0
[ 1523.395219][T28259]  hash_netiface_create+0x358/0xfe0
[ 1523.395254][T28259]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1523.395284][T28259]  ? __nla_parse+0x40/0x60
[ 1523.395324][T28259]  ? __pfx_hash_netiface_create+0x10/0x10
[ 1523.395353][T28259]  ip_set_create+0xa97/0x1940
[ 1523.395380][T28259]  ? ip_set_create+0x4a2/0x1940
[ 1523.395421][T28259]  ? __pfx_ip_set_create+0x10/0x10
[ 1523.395481][T28259]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1523.395520][T28259]  nfnetlink_rcv_msg+0xb4d/0x1130
[ 1523.395552][T28259]  ? nfnetlink_rcv_msg+0x20d/0x1130
[ 1523.395604][T28259]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[ 1523.395630][T28259]  ? kasan_save_free_info+0x46/0x50
[ 1523.395716][T28259]  netlink_rcv_skb+0x208/0x470
[ 1523.395751][T28259]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[ 1523.395782][T28259]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1523.395828][T28259]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1523.395858][T28259]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1523.395887][T28259]  ? security_capable+0x7e/0x2e0
[ 1523.395924][T28259]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1523.395959][T28259]  nfnetlink_rcv+0x26a/0x2520
[ 1523.395990][T28259]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1523.396019][T28259]  ? __dev_queue_xmit+0x1d79/0x3b50
[ 1523.396045][T28259]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1523.396086][T28259]  ? __dev_queue_xmit+0x27b/0x3b50
[ 1523.396126][T28259]  ? __pfx_nfnetlink_rcv+0x10/0x10
[ 1523.396155][T28259]  ? __pfx___dev_queue_xmit+0x10/0x10
[ 1523.396196][T28259]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1523.396226][T28259]  ? ref_tracker_free+0x63a/0x7d0
[ 1523.396257][T28259]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1523.396287][T28259]  ? __asan_memcpy+0x40/0x70
[ 1523.396323][T28259]  ? __pfx_ref_tracker_free+0x10/0x10
[ 1523.396373][T28259]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1523.396402][T28259]  ? skb_clone+0x246/0x3a0
[ 1523.396429][T28259]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1523.396458][T28259]  ? __netlink_deliver_tap+0x807/0x850
[ 1523.396492][T28259]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1523.396528][T28259]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1523.396561][T28259]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1523.396605][T28259]  netlink_unicast+0x82f/0x9e0
[ 1523.396644][T28259]  ? __pfx_netlink_unicast+0x10/0x10
[ 1523.396677][T28259]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1523.396706][T28259]  ? skb_put+0x11b/0x210
[ 1523.396740][T28259]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1523.396775][T28259]  netlink_sendmsg+0x805/0xb30
[ 1523.396821][T28259]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1523.396859][T28259]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1523.396888][T28259]  ? aa_sock_msg_perm+0xf1/0x1d0
[ 1523.396926][T28259]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1523.396956][T28259]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1523.396986][T28259]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1523.397021][T28259]  __sock_sendmsg+0x21c/0x270
[ 1523.397055][T28259]  ____sys_sendmsg+0x505/0x830
[ 1523.397101][T28259]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1523.397152][T28259]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1523.397183][T28259]  ? import_iovec+0x74/0xa0
[ 1523.397212][T28259]  ___sys_sendmsg+0x21f/0x2a0
[ 1523.397254][T28259]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1523.397307][T28259]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1523.397370][T28259]  ? __fget_files+0x2a/0x420
[ 1523.397409][T28259]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1523.397437][T28259]  ? __fget_files+0x3a0/0x420
[ 1523.397491][T28259]  __x64_sys_sendmsg+0x19b/0x260
[ 1523.397533][T28259]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1523.397595][T28259]  ? do_syscall_64+0xbe/0x3b0
[ 1523.397635][T28259]  do_syscall_64+0xfa/0x3b0
[ 1523.397668][T28259]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1523.397699][T28259]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1523.397723][T28259]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1523.397753][T28259]  ? exc_page_fault+0x9f/0xf0
[ 1523.397787][T28259]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1523.397811][T28259] RIP: 0033:0x7f6bff18ebe9
[ 1523.397834][T28259] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1523.397856][T28259] RSP: 002b:00007f6bfff9e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1523.397882][T28259] RAX: ffffffffffffffda RBX: 00007f6bff3b5fa0 RCX: 00007f6bff18ebe9
[ 1523.397902][T28259] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000003
[ 1523.397919][T28259] RBP: 00007f6bff211e19 R08: 0000000000000000 R09: 0000000000000000
[ 1523.397937][T28259] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1523.397953][T28259] R13: 00007f6bff3b6038 R14: 00007f6bff3b5fa0 R15: 00007fff74531648
[ 1523.397992][T28259]  </TASK>
[ 1523.398481][T28259] Mem-Info:
[ 1523.692818][   T90] usb 9-1: new full-speed USB device number 98 using dummy_hcd
[ 1523.700993][T28259] active_anon:25233 inactive_anon:0 isolated_anon:0
[ 1523.700993][T28259]  active_file:19257 inactive_file:40459 isolated_file:0
[ 1523.700993][T28259]  unevictable:17116 dirty:175 writeback:0
[ 1523.700993][T28259]  slab_reclaimable:12458 slab_unreclaimable:121895
[ 1523.700993][T28259]  mapped:37422 shmem:20748 pagetables:1391
[ 1523.700993][T28259]  sec_pagetables:0 bounce:0
[ 1523.700993][T28259]  kernel_misc_reclaimable:0
[ 1523.700993][T28259]  free:1189414 free_pcp:20999 free_cma:0
[ 1523.871803][   T90] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1523.875535][  T974] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1523.896062][   T90] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1523.902026][  T974] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1523.909574][T28259] Node 0 active_anon:95032kB inactive_anon:0kB active_file:77028kB inactive_file:161632kB unevictable:66928kB isolated(anon):0kB isolated(file):0kB mapped:149688kB dirty:696kB writeback:0kB shmem:81456kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:12936kB pagetables:5620kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1523.915745][ T5863] hid_parser_main: 31 callbacks suppressed
[ 1523.915770][ T5863] koneplus 0003:1E7D:2D51.001D: unknown main item tag 0x0
[ 1523.922961][T28259] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:144kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1523.928412][  T974] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1523.928476][  T974] usb 10-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1523.945850][   T90] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1523.963452][ T5863] koneplus 0003:1E7D:2D51.001D: unknown main item tag 0x0
[ 1523.963498][ T5863] koneplus 0003:1E7D:2D51.001D: unknown main item tag 0x0
[ 1523.963523][ T5863] koneplus 0003:1E7D:2D51.001D: unknown main item tag 0x0
[ 1523.963547][ T5863] koneplus 0003:1E7D:2D51.001D: unknown main item tag 0x0
[ 1523.967213][  T974] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1524.021444][T28300] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1524.037641][ T5863] koneplus 0003:1E7D:2D51.001D: hidraw0: USB HID v0.00 Device [HID 1e7d:2d51] on usb-dummy_hcd.4-1/input0
[ 1524.078216][   T90] usb 9-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[ 1524.089805][  T974] usb 10-1: config 0 descriptor??
[ 1524.106561][   T90] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1524.195908][T28259] Node 0 
[ 1524.215124][T28300] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1524.219276][T28300] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1524.251628][T28259] DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1524.263214][T28300] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1524.266811][T28259] lowmem_reserve[]:
[ 1524.288452][   T90] usb 9-1: config 0 descriptor??
[ 1524.295354][ T5863] koneplus 0003:1E7D:2D51.001D: couldn't init struct koneplus_device
[ 1524.300815][T28259]  0
[ 1524.316690][ T5863] koneplus 0003:1E7D:2D51.001D: couldn't install mouse
[ 1524.322441][T28259]  2497
[ 1524.334361][ T5863] koneplus 0003:1E7D:2D51.001D: probe with driver koneplus failed with error -71
[ 1524.425380][ T5863] usb 5-1: USB disconnect, device number 69
[ 1524.438668][T28259]  2499 2499 2499
[ 1524.446857][T28259] Node 0 DMA32 free:844712kB boost:0kB min:34248kB low:42808kB high:51368kB reserved_highatomic:0KB free_highatomic:0KB active_anon:94804kB inactive_anon:0kB active_file:77028kB inactive_file:160056kB unevictable:66928kB writepending:732kB present:3129332kB managed:2557520kB mlocked:0kB bounce:0kB free_pcp:78480kB local_pcp:31192kB free_cma:0kB
[ 1524.482603][T28259] lowmem_reserve[]: 0 0 1 1 1
[ 1524.487505][T28259] Node 0 Normal free:12kB boost:0kB min:20kB low:24kB high:28kB reserved_highatomic:0KB free_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1576kB unevictable:0kB writepending:0kB present:1048580kB managed:1644kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB
[ 1524.533342][ T6038] kernel write not supported for file /1425/attr/exec (pid: 6038 comm: kworker/1:6)
[ 1524.539676][T28332] loop5: detected capacity change from 0 to 1024
[ 1524.553017][T28332] EXT4-fs: Ignoring removed nobh option
[ 1524.558621][T28332] EXT4-fs: Ignoring removed bh option
[ 1524.564276][T28259] lowmem_reserve[]: 0 0 0 0 0
[ 1524.569073][T28259] Node 1 Normal free:3904948kB boost:0kB min:55632kB low:69540kB high:83448kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:4412kB local_pcp:4408kB free_cma:0kB
[ 1524.601134][T28259] lowmem_reserve[]: 0 0 0 0 0
[ 1524.606476][T28259] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[ 1524.623144][T28259] Node 0 DMA32: 147*4kB (UME) 193*8kB (UME) 20*16kB (UME) 83*32kB (UME) 297*64kB (UME) 410*128kB (ME) 641*256kB (UME) 391*512kB (UME) 203*1024kB (UM) 2*2048kB (U) 47*4096kB (UM) = 845364kB
[ 1524.652120][T28259] Node 0 Normal: 1*4kB (M) 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 12kB
[ 1524.667179][T28332] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1524.683730][T28259] Node 1 Normal: 193*4kB (U) 52*8kB (UE) 43*16kB (UE) 259*32kB (UE) 98*64kB (UE) 35*128kB (UE) 12*256kB (UME) 6*512kB (UME) 1*1024kB (M) 3*2048kB (UE) 945*4096kB (M) = 3904948kB
[ 1524.711568][T28259] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1524.722823][T28259] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1524.732196][T28259] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1524.741903][T28259] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1524.751574][T28259] 97242 total pagecache pages
[ 1524.756306][T28259] 0 pages in swap cache
[ 1524.760580][T28259] Free swap  = 124996kB
[ 1524.764835][T28259] Total swap = 124996kB
[ 1524.769005][T28259] 2097051 pages RAM
[ 1524.772924][T28259] 0 pages HighMem/MovableOnly
[ 1524.777614][T28259] 425645 pages reserved
[ 1524.784095][T28259] 0 pages cma reserved
[ 1524.825483][  T974] usbhid 10-1:0.0: can't add hid device: -71
[ 1524.838168][T28337] netlink: 32 bytes leftover after parsing attributes in process `syz.6.7365'.
[ 1524.847470][  T974] usbhid 10-1:0.0: probe with driver usbhid failed with error -71
[ 1524.866199][T28321] loop8: detected capacity change from 0 to 512
[ 1524.880604][T28321] EXT4-fs: Ignoring removed i_version option
[ 1524.897350][  T974] usb 10-1: USB disconnect, device number 110
[ 1524.909490][T28321] EXT4-fs: Ignoring removed nobh option
[ 1524.989619][T28321] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[ 1525.039605][T28321] EXT4-fs (loop8): 1 truncate cleaned up
[ 1525.489738][T28321] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1525.711976][T28345] fuse: Bad value for 'rootmode'
[ 1525.918697][T28349] hub 6-0:1.0: USB hub found
[ 1525.940245][T26920] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1525.950575][T28350] netlink: 64 bytes leftover after parsing attributes in process `syz.8.7359'.
[ 1525.962928][T28349] hub 6-0:1.0: 1 port detected
[ 1526.668586][T28368] netlink: 132 bytes leftover after parsing attributes in process `syz.5.7376'.
[ 1527.028543][  T974] kernel write not supported for file /838/attr/exec (pid: 974 comm: kworker/0:2)
[ 1527.047882][T28372] loop6: detected capacity change from 0 to 128
[ 1527.090409][T28372] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 1527.126214][T28372] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[ 1527.286632][ T6363] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[ 1527.689529][   T43] usb 5-1: new high-speed USB device number 70 using dummy_hcd
[ 1527.700099][T16165] usb 10-1: new high-speed USB device number 111 using dummy_hcd
[ 1527.855857][T28385] netlink: 60 bytes leftover after parsing attributes in process `syz.6.7384'.
[ 1527.859521][   T43] usb 5-1: Using ep0 maxpacket: 16
[ 1527.865414][T28384] netlink: 60 bytes leftover after parsing attributes in process `syz.6.7384'.
[ 1527.882811][T16165] usb 10-1: Using ep0 maxpacket: 32
[ 1527.891220][T16165] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1527.891507][   T43] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1527.927472][T16165] usb 10-1: New USB device found, idVendor=1e7d, idProduct=2d51, bcdDevice= 0.00
[ 1527.939557][   T43] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1527.949329][   T43] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1527.953409][T16165] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1527.990446][T16165] usb 10-1: config 0 descriptor??
[ 1528.009838][   T43] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1528.018941][   T43] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1528.053499][   T43] usb 5-1: config 0 descriptor??
[ 1528.412128][T16165] koneplus 0003:1E7D:2D51.001E: unknown main item tag 0x0
[ 1528.429466][T16165] koneplus 0003:1E7D:2D51.001E: unknown main item tag 0x0
[ 1528.447023][T16165] koneplus 0003:1E7D:2D51.001E: unknown main item tag 0x0
[ 1528.457178][T16165] koneplus 0003:1E7D:2D51.001E: unknown main item tag 0x0
[ 1528.477532][T16165] koneplus 0003:1E7D:2D51.001E: unknown main item tag 0x0
[ 1528.508428][T16165] koneplus 0003:1E7D:2D51.001E: hidraw0: USB HID v0.00 Device [HID 1e7d:2d51] on usb-dummy_hcd.9-1/input0
[ 1528.539731][   T90] usbhid 9-1:0.0: can't add hid device: -71
[ 1528.545812][   T90] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[ 1528.573878][T19115] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1528.589228][   T90] usb 9-1: USB disconnect, device number 98
[ 1528.622544][T28377] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1528.640463][T28377] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1528.656810][T28395] netlink: 'syz.6.7389': attribute type 10 has an invalid length.
[ 1528.667826][T28377] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1528.700592][   T43] usbhid 5-1:0.0: can't add hid device: -71
[ 1528.706631][   T43] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[ 1528.719200][T28377] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1528.743527][T16165] koneplus 0003:1E7D:2D51.001E: couldn't init struct koneplus_device
[ 1528.755596][   T43] usb 5-1: USB disconnect, device number 70
[ 1528.776483][T16165] koneplus 0003:1E7D:2D51.001E: couldn't install mouse
[ 1528.806357][T16165] koneplus 0003:1E7D:2D51.001E: probe with driver koneplus failed with error -71
[ 1528.823060][T28395] team0: Failed to send port change of device dummy0 via netlink (err -105)
[ 1528.832149][T28395] team0: Failed to send options change via netlink (err -105)
[ 1528.857409][T28395] team0: Port device dummy0 added
[ 1528.876774][T16165] usb 10-1: USB disconnect, device number 111
[ 1528.989596][   T30] kauditd_printk_skb: 20 callbacks suppressed
[ 1528.989620][   T30] audit: type=1326 audit(1754587155.740:658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28397 comm="syz.8.7390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe04858ebe9 code=0x7ffc0000
[ 1529.086600][   T30] audit: type=1326 audit(1754587155.740:659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28397 comm="syz.8.7390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe04858ebe9 code=0x7ffc0000
[ 1529.109941][   T30] audit: type=1326 audit(1754587155.750:660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28397 comm="syz.8.7390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=204 compat=0 ip=0x7fe04858ebe9 code=0x7ffc0000
[ 1529.259954][T28403] loop5: detected capacity change from 0 to 256
[ 1529.857677][   T30] audit: type=1326 audit(1754587155.750:661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28397 comm="syz.8.7390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe04858ebe9 code=0x7ffc0000
[ 1529.998695][   T30] audit: type=1326 audit(1754587155.750:662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28397 comm="syz.8.7390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe04858ebe9 code=0x7ffc0000
[ 1530.135273][   T30] audit: type=1326 audit(1754587155.750:663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28397 comm="syz.8.7390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fe04858d69f code=0x7ffc0000
[ 1530.225834][   T30] audit: type=1326 audit(1754587155.750:664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28397 comm="syz.8.7390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe04858ebe9 code=0x7ffc0000
[ 1530.324107][   T30] audit: type=1326 audit(1754587155.770:665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28397 comm="syz.8.7390" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe04858ebe9 code=0x7ffc0000
[ 1530.673669][T28417] netlink: 'syz.3.7397': attribute type 12 has an invalid length.
[ 1530.969055][T28399] infiniband syz!: set active
[ 1531.008109][T28399] infiniband syz!: added team_slave_0
[ 1531.071739][T28399] syz!: rxe_create_cq: returned err = -12
[ 1531.116323][T28399] infiniband syz!: Couldn't create ib_mad CQ
[ 1531.146885][T28399] infiniband syz!: Couldn't open port 1
[ 1531.407158][T28399] RDS/IB: syz!: added
[ 1531.447090][T28399] smc: adding ib device syz! with port count 1
[ 1531.469723][T28399] smc:    ib device syz! port 1 has pnetid 
[ 1531.689724][T16624] usb 6-1: new full-speed USB device number 2 using dummy_hcd
[ 1531.845467][T19616] usb 10-1: new high-speed USB device number 112 using dummy_hcd
[ 1531.872763][T16624] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1531.901720][T16624] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1531.942027][T16624] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1531.979563][T16624] usb 6-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[ 1532.014668][T16624] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1532.029458][T19616] usb 10-1: Using ep0 maxpacket: 16
[ 1532.044201][T16624] usb 6-1: config 0 descriptor??
[ 1532.062287][T19616] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1532.100991][T19616] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1532.121465][T19616] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1532.153388][T19616] usb 10-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1532.174788][T19616] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1532.228965][T19616] usb 10-1: config 0 descriptor??
[ 1532.504645][T28428] loop5: detected capacity change from 0 to 512
[ 1532.537410][T28428] EXT4-fs: Ignoring removed i_version option
[ 1532.557647][T28428] EXT4-fs: Ignoring removed nobh option
[ 1532.584033][T28428] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[ 1532.750611][T28458] loop3: detected capacity change from 0 to 256
[ 1533.075089][T19616] usbhid 10-1:0.0: can't add hid device: -71
[ 1533.176450][T19616] usbhid 10-1:0.0: probe with driver usbhid failed with error -71
[ 1533.251425][T19616] usb 10-1: USB disconnect, device number 112
[ 1533.582039][T28428] EXT4-fs (loop5): 1 truncate cleaned up
[ 1533.597310][T28461] loop4: detected capacity change from 0 to 512
[ 1533.634628][T28428] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1533.970155][T28428] netlink: 64 bytes leftover after parsing attributes in process `syz.5.7402'.
[ 1534.572324][T16624] usbhid 6-1:0.0: can't add hid device: -71
[ 1534.578375][T16624] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[ 1534.588897][T16624] usb 6-1: USB disconnect, device number 2
[ 1534.639224][T26920] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1535.104232][T28480] loop9: detected capacity change from 0 to 256
[ 1535.116629][T28480] FAT-fs (loop9): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1535.149445][ T5863] usb 4-1: new high-speed USB device number 97 using dummy_hcd
[ 1535.339154][ T5863] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 128, changing to 11
[ 1535.355963][ T5863] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1535.385063][ T5863] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1535.397650][ T5863] usb 4-1: config 0 descriptor??
[ 1535.662428][ T5863] usbhid 4-1:0.0: can't add hid device: -71
[ 1535.673805][ T5863] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[ 1535.714923][ T5863] usb 4-1: USB disconnect, device number 97
[ 1536.019293][T28495] fuse: Unknown parameter 'use00000000000000000000'
[ 1536.083996][T28496] FAT-fs (loop9): error, corrupted directory (invalid entries)
[ 1536.159497][ T5863] usb 4-1: new high-speed USB device number 98 using dummy_hcd
[ 1536.341681][ T5863] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 128, changing to 11
[ 1536.387547][ T5863] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1536.398783][ T6365] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1536.439453][ T5863] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1536.510827][ T5863] usb 4-1: config 0 descriptor??
[ 1536.803396][T28504] loop4: detected capacity change from 0 to 128
[ 1536.867333][T28504] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1536.916511][T28509] netlink: 40 bytes leftover after parsing attributes in process `syz.5.7435'.
[ 1536.996245][T28504] ext4 filesystem being mounted at /322/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1537.453698][T28519] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1537.697026][T28519] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1537.786956][T23066] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1537.842430][T28528] loop6: detected capacity change from 0 to 2048
[ 1537.892485][T28519] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1537.933304][T28528]  loop6: p1 < > p4
[ 1537.943293][T28528] loop6: p4 size 8388608 extends beyond EOD, truncated
[ 1538.137329][T28519] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1538.258133][ T5863] usbhid 4-1:0.0: can't add hid device: -71
[ 1538.286516][ T5863] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[ 1538.318407][ T5863] usb 4-1: USB disconnect, device number 98
[ 1538.368842][ T6365] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1538.455853][ T6365] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1538.464482][ T6038] usb 5-1: new high-speed USB device number 71 using dummy_hcd
[ 1538.508555][ T6365] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1538.563461][ T1160] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1538.623507][ T6038] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1538.652765][ T6038] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1538.684747][ T6038] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1538.720534][ T6038] usb 5-1: config 0 descriptor??
[ 1538.743522][ T6038] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[ 1539.178716][ T5863] usb 5-1: USB disconnect, device number 71
[ 1539.572010][T28560] loop5: detected capacity change from 0 to 256
[ 1539.890816][ T5863] usb 5-1: new high-speed USB device number 72 using dummy_hcd
[ 1539.907358][T28580] loop8: detected capacity change from 0 to 512
[ 1539.955604][T28580] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1539.968443][T28580] ext4 filesystem being mounted at /550/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1540.059450][   T43] usb 10-1: new high-speed USB device number 113 using dummy_hcd
[ 1540.069453][ T5863] usb 5-1: Using ep0 maxpacket: 32
[ 1540.076766][ T5863] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1540.091379][ T5863] usb 5-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice= 0.40
[ 1540.100822][ T5863] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1540.112296][ T5863] usb 5-1: config 0 descriptor??
[ 1540.126952][ T5863] ldusb 5-1:0.0: Interrupt in endpoint not found
[ 1540.141968][ T5863] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[ 1540.242334][   T43] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 128, changing to 11
[ 1540.267745][   T43] usb 10-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1540.295379][   T43] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1540.312848][T28588] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1540.326784][   T43] usb 10-1: config 0 descriptor??
[ 1540.334226][ T5863] usb 5-1: USB disconnect, device number 72
[ 1540.432942][T28588] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1540.496138][T28588] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1540.541120][T28588] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1540.562166][   T43] usbhid 10-1:0.0: can't add hid device: -71
[ 1540.568373][   T43] usbhid 10-1:0.0: probe with driver usbhid failed with error -71
[ 1540.581565][   T43] usb 10-1: USB disconnect, device number 113
[ 1540.626999][T19115] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1540.679992][T16624] usb 4-1: new high-speed USB device number 99 using dummy_hcd
[ 1540.684506][T28599] netlink: 'syz.8.7468': attribute type 2 has an invalid length.
[ 1540.697694][T28599] netlink: 199836 bytes leftover after parsing attributes in process `syz.8.7468'.
[ 1540.707525][T28599] nbd: must specify at least one socket
[ 1540.766394][T28601] netlink: 'syz.8.7469': attribute type 12 has an invalid length.
[ 1540.839480][T16624] usb 4-1: Using ep0 maxpacket: 16
[ 1540.853358][T16624] usb 4-1: config 0 interface 0 altsetting 16 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1540.878856][T16624] usb 4-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1540.895887][T28605] netlink: 8 bytes leftover after parsing attributes in process `syz.8.7470'.
[ 1540.911401][T16624] usb 4-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 28
[ 1540.929554][T16624] usb 4-1: config 0 interface 0 has no altsetting 0
[ 1540.944192][T16624] usb 4-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[ 1540.963970][T16624] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1540.987296][T16624] usb 4-1: config 0 descriptor??
[ 1541.001477][T19265] usb 10-1: new high-speed USB device number 114 using dummy_hcd
[ 1541.010608][T28610] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7471'.
[ 1541.172000][T19265] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 128, changing to 11
[ 1541.185062][T19265] usb 10-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1541.197389][T19265] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1541.245681][T19265] usb 10-1: config 0 descriptor??
[ 1541.383373][   T30] audit: type=1326 audit(1754587168.220:666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28617 comm="syz.8.7474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe04858ebe9 code=0x7ffc0000
[ 1541.437031][   T30] audit: type=1326 audit(1754587168.250:667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28617 comm="syz.8.7474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe04858ebe9 code=0x7ffc0000
[ 1541.491439][   T30] audit: type=1326 audit(1754587168.250:668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28617 comm="syz.8.7474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=99 compat=0 ip=0x7fe04858ebe9 code=0x7ffc0000
[ 1541.524528][   T30] audit: type=1326 audit(1754587168.250:669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28617 comm="syz.8.7474" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe04858ebe9 code=0x7ffc0000
[ 1541.653456][T16624] usb 4-1: USB disconnect, device number 99
[ 1541.785779][T16165] kernel write not supported for file /873/attr/exec (pid: 16165 comm: kworker/0:4)
[ 1542.323487][T28638] bridge0: port 3(batadv0) entered blocking state
[ 1542.408604][T28638] bridge0: port 3(batadv0) entered disabled state
[ 1542.427988][T28638] batadv0: entered allmulticast mode
[ 1542.629111][T28638] batadv0: entered promiscuous mode
[ 1543.110713][   T30] audit: type=1326 audit(1754587169.950:670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28649 comm="syz.9.7488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95ddd8ebe9 code=0x7ffc0000
[ 1543.146291][ T6361] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[ 1543.156699][ T6361] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[ 1543.168623][T19265] usbhid 10-1:0.0: can't add hid device: -71
[ 1543.171371][T28648] loop3: detected capacity change from 0 to 2048
[ 1543.175455][T19265] usbhid 10-1:0.0: probe with driver usbhid failed with error -71
[ 1543.204078][T19265] usb 10-1: USB disconnect, device number 114
[ 1543.223916][   T30] audit: type=1326 audit(1754587169.950:671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28649 comm="syz.9.7488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95ddd8ebe9 code=0x7ffc0000
[ 1543.271222][   T30] audit: type=1326 audit(1754587169.950:672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28649 comm="syz.9.7488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=99 compat=0 ip=0x7f95ddd8ebe9 code=0x7ffc0000
[ 1543.341596][T28648] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1543.353536][   T30] audit: type=1326 audit(1754587169.950:673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28649 comm="syz.9.7488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95ddd8ebe9 code=0x7ffc0000
[ 1543.377610][   T30] audit: type=1326 audit(1754587169.950:674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28649 comm="syz.9.7488" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95ddd8ebe9 code=0x7ffc0000
[ 1543.407790][ T6361] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1543.434243][T28648] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.7486: bg 0: block 234: padding at end of block bitmap is not set
[ 1543.476745][ T3474] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1543.489086][T28648] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 32 with error 117
[ 1543.523869][T28648] EXT4-fs (loop3): This should not happen!! Data will be lost
[ 1543.523869][T28648] 
[ 1543.543423][ T3520] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1543.575102][ T6418] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1543.675575][ T6418] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 1 with error 28
[ 1543.710786][T28667] loop5: detected capacity change from 0 to 256
[ 1543.769420][ T6418] EXT4-fs (loop3): This should not happen!! Data will be lost
[ 1543.769420][ T6418] 
[ 1543.800474][ T6418] EXT4-fs (loop3): Total free blocks count 0
[ 1543.806469][ T6418] EXT4-fs (loop3): Free/Dirty block details
[ 1543.819502][ T6418] EXT4-fs (loop3): free_blocks=0
[ 1543.824451][ T6418] EXT4-fs (loop3): dirty_blocks=16
[ 1543.839428][ T6418] EXT4-fs (loop3): Block reservation details
[ 1544.223989][T28676] loop4: detected capacity change from 0 to 512
[ 1544.321042][T28673] loop9: detected capacity change from 0 to 512
[ 1545.049820][T28676] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[ 1545.238211][T28676] EXT4-fs (loop4): 1 truncate cleaned up
[ 1545.259892][T28676] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1545.316087][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[ 1545.335653][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[ 1546.424331][T23066] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1546.655592][T28692] loop8: detected capacity change from 0 to 1024
[ 1547.065153][T28692] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1547.923502][T27843] Bluetooth: hci5: command 0x0406 tx timeout
[ 1547.990810][T28703] loop4: detected capacity change from 0 to 1024
[ 1547.998676][T28703] EXT4-fs: Ignoring removed nobh option
[ 1548.011489][T19115] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1548.044093][T28703] EXT4-fs: Ignoring removed bh option
[ 1548.155166][T28703] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1548.254549][T28706] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1548.537987][T28706] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1549.036253][T28706] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1549.143552][   T30] audit: type=1326 audit(1754587175.980:675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28729 comm="syz.6.7514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff178ebe9 code=0x7ffc0000
[ 1549.202205][   T30] audit: type=1326 audit(1754587176.010:676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28729 comm="syz.6.7514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff178ebe9 code=0x7ffc0000
[ 1549.229462][   T30] audit: type=1326 audit(1754587176.010:677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28729 comm="syz.6.7514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=99 compat=0 ip=0x7f5ff178ebe9 code=0x7ffc0000
[ 1549.257299][   T30] audit: type=1326 audit(1754587176.010:678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28729 comm="syz.6.7514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff178ebe9 code=0x7ffc0000
[ 1549.265932][T23066] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1549.280695][   T30] audit: type=1326 audit(1754587176.010:679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28729 comm="syz.6.7514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff178ebe9 code=0x7ffc0000
[ 1549.441971][T28706] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1549.478949][T28734] netlink: 12 bytes leftover after parsing attributes in process `syz.9.7518'.
[ 1549.489244][T28734] netlink: 28 bytes leftover after parsing attributes in process `syz.9.7518'.
[ 1549.504483][T28734] netlink: 12 bytes leftover after parsing attributes in process `syz.9.7518'.
[ 1549.516969][T28740] loop6: detected capacity change from 0 to 16
[ 1549.570257][T28740] erofs (device loop6): mounted with root inode @ nid 36.
[ 1549.626888][T28740] overlayfs: missing 'lowerdir'
[ 1549.721524][ T3520] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1549.797891][ T3520] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1549.813591][T28750] loop4: detected capacity change from 0 to 1024
[ 1549.832990][T28750] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1549.850326][ T3520] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1549.914012][ T6363] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1549.938936][   T30] audit: type=1800 audit(1754587176.770:680): pid=28754 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.7527" name="/" dev="9p" ino=2 res=0 errno=0
[ 1549.941603][T28750] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1550.034310][T28761] loop6: detected capacity change from 0 to 512
[ 1550.373751][   T30] audit: type=1326 audit(1754587177.210:681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28769 comm="syz.3.7531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6bff18ebe9 code=0x7ffc0000
[ 1550.440551][   T30] audit: type=1326 audit(1754587177.240:682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28769 comm="syz.3.7531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=99 compat=0 ip=0x7f6bff18ebe9 code=0x7ffc0000
[ 1550.488111][   T30] audit: type=1326 audit(1754587177.240:683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28769 comm="syz.3.7531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6bff18ebe9 code=0x7ffc0000
[ 1550.518455][T28772] loop8: detected capacity change from 0 to 512
[ 1550.957857][   T30] audit: type=1800 audit(1754587177.780:684): pid=28750 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.7523" name="file1" dev="loop4" ino=15 res=0 errno=0
[ 1551.065769][T28761] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1551.078530][T28761] ext4 filesystem being mounted at /576/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1551.995657][T19575] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1552.015955][T23066] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1552.249521][   T90] usb 9-1: new full-speed USB device number 99 using dummy_hcd
[ 1552.425103][   T90] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1552.449460][   T90] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1552.473067][   T90] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1552.516693][   T90] usb 9-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[ 1552.546534][   T90] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1552.575020][   T90] usb 9-1: config 0 descriptor??
[ 1553.029138][T28799] loop8: detected capacity change from 0 to 512
[ 1553.061183][T28799] EXT4-fs: Ignoring removed i_version option
[ 1553.076482][T28799] EXT4-fs: Ignoring removed nobh option
[ 1553.113731][T28799] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[ 1553.162791][T28799] EXT4-fs (loop8): 1 truncate cleaned up
[ 1553.205078][T28799] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1553.675281][   T90] usbhid 9-1:0.0: can't add hid device: -71
[ 1553.694616][   T90] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[ 1553.741225][   T90] usb 9-1: USB disconnect, device number 99
[ 1554.327934][T19115] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1554.421952][T28845] loop3: detected capacity change from 0 to 512
[ 1554.530944][T28848] netlink: 'syz.6.7561': attribute type 2 has an invalid length.
[ 1554.565451][T28848] netlink: 199836 bytes leftover after parsing attributes in process `syz.6.7561'.
[ 1554.599689][T28848] nbd: must specify at least one socket
[ 1555.650092][T28864] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7567'.
[ 1555.912073][T28875] netlink: 60 bytes leftover after parsing attributes in process `syz.4.7568'.
[ 1555.970818][T28870] loop5: detected capacity change from 0 to 2048
[ 1555.979819][T28868] netlink: 60 bytes leftover after parsing attributes in process `syz.4.7568'.
[ 1555.995437][T28876] netlink: 60 bytes leftover after parsing attributes in process `syz.4.7568'.
[ 1556.017054][T28870] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1556.340106][T16165] usb 9-1: new full-speed USB device number 100 using dummy_hcd
[ 1556.483918][   T30] kauditd_printk_skb: 17 callbacks suppressed
[ 1556.483941][   T30] audit: type=1326 audit(1754587183.320:702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28891 comm="syz.6.7578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff178ebe9 code=0x7ffc0000
[ 1556.552016][T16165] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1556.584859][   T30] audit: type=1326 audit(1754587183.350:703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28891 comm="syz.6.7578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f5ff178ebe9 code=0x7ffc0000
[ 1556.596457][T16165] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1556.618394][   T30] audit: type=1326 audit(1754587183.450:704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28891 comm="syz.6.7578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff178ebe9 code=0x7ffc0000
[ 1556.645856][   T30] audit: type=1326 audit(1754587183.450:705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28891 comm="syz.6.7578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ff178ebe9 code=0x7ffc0000
[ 1557.190421][   T30] audit: type=1326 audit(1754587183.480:706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28897 comm="syz.6.7578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f5ff17c14a5 code=0x7ffc0000
[ 1557.260024][T16165] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1557.395882][   T30] audit: type=1326 audit(1754587183.480:707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28891 comm="syz.6.7578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=247 compat=0 ip=0x7f5ff178ebe9 code=0x7ffc0000
[ 1557.397005][T16165] usb 9-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[ 1557.429082][T16165] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1557.439973][T16165] usb 9-1: config 0 descriptor??
[ 1557.553083][   T30] audit: type=1326 audit(1754587183.630:708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28897 comm="syz.6.7578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7f5ff178ebe9 code=0x7ffc0000
[ 1557.722427][ T6418] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[ 1557.740028][T28913] netlink: 60 bytes leftover after parsing attributes in process `syz.9.7584'.
[ 1557.744344][ T6418] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[ 1557.749739][T28909] netlink: 60 bytes leftover after parsing attributes in process `syz.9.7584'.
[ 1557.777763][ T6418] EXT4-fs (loop5): This should not happen!! Data will be lost
[ 1557.777763][ T6418] 
[ 1557.787968][ T6418] EXT4-fs (loop5): Total free blocks count 0
[ 1557.800226][ T6418] EXT4-fs (loop5): Free/Dirty block details
[ 1557.806186][ T6418] EXT4-fs (loop5): free_blocks=2415919104
[ 1557.816303][ T6418] EXT4-fs (loop5): dirty_blocks=2640
[ 1557.824930][ T6418] EXT4-fs (loop5): Block reservation details
[ 1557.833579][ T6418] EXT4-fs (loop5): i_reserved_data_blocks=165
[ 1557.879806][T28914] netlink: 60 bytes leftover after parsing attributes in process `syz.3.7585'.
[ 1557.907166][T28912] netlink: 60 bytes leftover after parsing attributes in process `syz.3.7585'.
[ 1557.924583][T28880] loop8: detected capacity change from 0 to 512
[ 1557.932489][T28915] netlink: 60 bytes leftover after parsing attributes in process `syz.3.7585'.
[ 1557.960689][T28880] EXT4-fs: Ignoring removed i_version option
[ 1557.966759][T28880] EXT4-fs: Ignoring removed nobh option
[ 1557.992651][T28880] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[ 1558.066845][ T6418] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 574 with error 28
[ 1558.102294][T28880] EXT4-fs (loop8): 1 truncate cleaned up
[ 1558.155883][T28880] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1558.424663][T16165] usbhid 9-1:0.0: can't add hid device: -71
[ 1558.434806][T16165] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[ 1558.542179][T16165] usb 9-1: USB disconnect, device number 100
[ 1558.873895][T28939] bond_slave_0: entered promiscuous mode
[ 1558.878099][T28943] loop4: detected capacity change from 0 to 512
[ 1558.879671][T28939] bond_slave_1: entered promiscuous mode
[ 1558.899638][T28939] macvtap1: entered allmulticast mode
[ 1558.905032][T28939] bond0: entered allmulticast mode
[ 1558.916482][T28943] EXT4-fs: Ignoring removed i_version option
[ 1559.136374][T28943] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[ 1559.169762][T28939] bond_slave_0: entered allmulticast mode
[ 1559.175546][T28939] bond_slave_1: entered allmulticast mode
[ 1559.181668][T19115] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1559.203230][T28939] 8021q: adding VLAN 0 to HW filter on device macvtap1
[ 1559.253518][T28943] EXT4-fs (loop4): 1 truncate cleaned up
[ 1559.261211][T28943] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1559.514249][T28953] loop3: detected capacity change from 0 to 1024
[ 1559.556561][T28953] EXT4-fs: Ignoring removed nobh option
[ 1559.589522][T28953] EXT4-fs: Ignoring removed bh option
[ 1559.624384][T28954] syz_tun: entered allmulticast mode
[ 1559.667977][T28953] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1559.962781][T28965] loop6: detected capacity change from 0 to 128
[ 1559.991024][T28961] netlink: 'syz.8.7599': attribute type 10 has an invalid length.
[ 1560.786135][T28965] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1560.799806][T28965] ext4 filesystem being mounted at /588/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1560.832720][T27839] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1560.946578][T28941] syz_tun: left allmulticast mode
[ 1561.034881][T28961] team0: Port device dummy0 added
[ 1562.152259][T23066] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1562.206956][T19575] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1562.565653][T28996] fuse: Invalid rootmode
[ 1562.777309][T29008] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1562.971506][T29014] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1565.184024][T29042] loop4: detected capacity change from 0 to 128
[ 1566.151634][T29040] __nla_validate_parse: 2 callbacks suppressed
[ 1566.151661][T29040] netlink: 132 bytes leftover after parsing attributes in process `syz.3.7624'.
[ 1566.193453][T29042] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1566.208596][T29042] ext4 filesystem being mounted at /354/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1567.140532][T29056] fuse: Invalid rootmode
[ 1567.636047][ T6363] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1567.669319][T23066] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1568.382390][T29074] netlink: 60 bytes leftover after parsing attributes in process `syz.3.7633'.
[ 1568.430306][T29073] netlink: 60 bytes leftover after parsing attributes in process `syz.3.7633'.
[ 1569.069442][   T90] usb 9-1: new high-speed USB device number 101 using dummy_hcd
[ 1569.149455][ T6038] usb 4-1: new high-speed USB device number 100 using dummy_hcd
[ 1569.342296][   T90] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1569.439480][ T6038] usb 4-1: Using ep0 maxpacket: 32
[ 1569.535580][   T90] usb 9-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[ 1569.579767][ T6038] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1569.729522][   T90] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1569.759511][ T6038] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d51, bcdDevice= 0.00
[ 1569.799437][ T6038] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1569.816117][T29088] netlink: 96 bytes leftover after parsing attributes in process `syz.5.7639'.
[ 1569.830904][   T90] usb 9-1: config 0 descriptor??
[ 1569.859701][T29088] netlink: 80 bytes leftover after parsing attributes in process `syz.5.7639'.
[ 1569.886329][   T90] pwc: Askey VC010 type 2 USB webcam detected.
[ 1569.911136][ T6038] usb 4-1: config 0 descriptor??
[ 1570.024042][T29096] loop6: detected capacity change from 0 to 512
[ 1570.063821][T29096] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[ 1570.086187][   T90] pwc: send_video_command error -71
[ 1570.096760][   T90] pwc: Failed to set video mode CIF@30 fps; return code = -71
[ 1570.115204][   T90] Philips webcam 9-1:0.0: probe with driver Philips webcam failed with error -71
[ 1570.131144][T29096] EXT4-fs (loop6): orphan cleanup on readonly fs
[ 1570.162443][T29096] EXT4-fs error (device loop6): ext4_read_block_bitmap_nowait:517: comm syz.6.7642: Block bitmap for bg 0 marked uninitialized
[ 1570.181072][   T90] usb 9-1: USB disconnect, device number 101
[ 1570.192255][T29103] loop5: detected capacity change from 0 to 512
[ 1570.208559][T29103] EXT4-fs: Ignoring removed i_version option
[ 1570.217513][T29103] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[ 1570.228014][T29096] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6657: Corrupt filesystem
[ 1570.239281][T29096] EXT4-fs (loop6): 1 orphan inode deleted
[ 1570.247197][T29096] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[ 1570.262710][T29103] EXT4-fs (loop5): 1 truncate cleaned up
[ 1570.270807][T29103] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1570.333198][T29096] netlink: 8 bytes leftover after parsing attributes in process `syz.6.7642'.
[ 1570.423773][   T30] audit: type=1326 audit(1754587197.260:709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29108 comm="syz.9.7647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95ddd8ebe9 code=0x7ffc0000
[ 1570.535731][   T30] audit: type=1326 audit(1754587197.300:710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29108 comm="syz.9.7647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95ddd8ebe9 code=0x7ffc0000
[ 1570.563121][ T6038] koneplus 0003:1E7D:2D51.0020: unknown main item tag 0x0
[ 1570.571343][ T6038] koneplus 0003:1E7D:2D51.0020: unknown main item tag 0x0
[ 1570.573195][T29079] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1570.578464][ T6038] koneplus 0003:1E7D:2D51.0020: unknown main item tag 0x0
[ 1570.595693][ T6038] koneplus 0003:1E7D:2D51.0020: unknown main item tag 0x0
[ 1570.603510][T29079] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1570.611558][ T6038] koneplus 0003:1E7D:2D51.0020: unknown main item tag 0x0
[ 1571.303451][T29111] syz_tun: entered allmulticast mode
[ 1571.315466][   T30] audit: type=1326 audit(1754587197.300:711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29108 comm="syz.9.7647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f95ddd8ebe9 code=0x7ffc0000
[ 1571.338698][ T6038] koneplus 0003:1E7D:2D51.0020: hidraw0: USB HID v0.00 Device [HID 1e7d:2d51] on usb-dummy_hcd.3-1/input0
[ 1571.366402][   T30] audit: type=1326 audit(1754587197.300:712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29108 comm="syz.9.7647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95ddd8ebe9 code=0x7ffc0000
[ 1571.420470][ T6038] koneplus 0003:1E7D:2D51.0020: couldn't init struct koneplus_device
[ 1571.539821][   T30] audit: type=1326 audit(1754587197.300:713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29108 comm="syz.9.7647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95ddd8ebe9 code=0x7ffc0000
[ 1571.568341][   T90] usb 9-1: new high-speed USB device number 102 using dummy_hcd
[ 1571.581190][T19575] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1571.588357][ T6038] koneplus 0003:1E7D:2D51.0020: couldn't install mouse
[ 1571.759489][   T30] audit: type=1326 audit(1754587197.300:714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29108 comm="syz.9.7647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f95ddd8ebe9 code=0x7ffc0000
[ 1571.879608][T29102] syz_tun: left allmulticast mode
[ 1571.933306][   T30] audit: type=1326 audit(1754587197.310:715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29108 comm="syz.9.7647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95ddd8ebe9 code=0x7ffc0000
[ 1572.063957][   T30] audit: type=1326 audit(1754587197.310:716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29108 comm="syz.9.7647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f95ddd8ebe9 code=0x7ffc0000
[ 1572.147772][T26920] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1572.215604][   T30] audit: type=1326 audit(1754587197.310:717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29108 comm="syz.9.7647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95ddd8ebe9 code=0x7ffc0000
[ 1572.256326][ T6038] koneplus 0003:1E7D:2D51.0020: probe with driver koneplus failed with error -71
[ 1572.282415][ T6038] usb 4-1: USB disconnect, device number 100
[ 1572.298713][   T30] audit: type=1326 audit(1754587197.310:718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29108 comm="syz.9.7647" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7f95ddd8ebe9 code=0x7ffc0000
[ 1572.646171][T29129] loop4: detected capacity change from 0 to 8192
[ 1573.257186][T29160] tipc: Enabled bearer <udp:syz2>, priority 10
[ 1573.266640][T16165] usb 7-1: new full-speed USB device number 104 using dummy_hcd
[ 1573.791572][T16165] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1573.841234][T16165] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1573.936316][T16165] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1574.025965][T16165] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1574.281317][T19265] tipc: Node number set to 2846510247
[ 1574.303972][T16165] usb 7-1: usb_control_msg returned -32
[ 1574.330886][T16165] usbtmc 7-1:16.0: can't read capabilities
[ 1574.496230][T29179] loop9: detected capacity change from 0 to 512
[ 1574.506407][T29179] EXT4-fs (loop9): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[ 1574.548807][T29179] EXT4-fs (loop9): orphan cleanup on readonly fs
[ 1574.558625][T29179] EXT4-fs error (device loop9): ext4_read_block_bitmap_nowait:517: comm syz.9.7671: Block bitmap for bg 0 marked uninitialized
[ 1574.591187][   T90] usb 5-1: new high-speed USB device number 73 using dummy_hcd
[ 1574.598328][T29179] EXT4-fs error (device loop9) in ext4_mb_clear_bb:6657: Corrupt filesystem
[ 1574.633398][T29179] EXT4-fs (loop9): 1 orphan inode deleted
[ 1574.641576][T29179] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[ 1574.674574][T29179] netlink: 8 bytes leftover after parsing attributes in process `syz.9.7671'.
[ 1574.919481][   T90] usb 5-1: Using ep0 maxpacket: 32
[ 1574.927883][   T90] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1574.949070][   T90] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d51, bcdDevice= 0.00
[ 1574.958220][   T90] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1574.995498][   T90] usb 5-1: config 0 descriptor??
[ 1575.666884][T20713] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1575.708152][   T90] koneplus 0003:1E7D:2D51.0021: unknown main item tag 0x0
[ 1575.736522][   T90] koneplus 0003:1E7D:2D51.0021: unknown main item tag 0x0
[ 1575.774558][   T90] koneplus 0003:1E7D:2D51.0021: unknown main item tag 0x0
[ 1575.817590][   T90] koneplus 0003:1E7D:2D51.0021: unknown main item tag 0x0
[ 1575.861862][   T90] koneplus 0003:1E7D:2D51.0021: unknown main item tag 0x0
[ 1575.885884][T29171] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1575.914622][T19265] usb 7-1: USB disconnect, device number 104
[ 1575.945824][   T90] koneplus 0003:1E7D:2D51.0021: hidraw0: USB HID v0.00 Device [HID 1e7d:2d51] on usb-dummy_hcd.4-1/input0
[ 1575.964760][T29171] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1576.216845][   T90] koneplus 0003:1E7D:2D51.0021: couldn't init struct koneplus_device
[ 1576.227586][   T90] koneplus 0003:1E7D:2D51.0021: couldn't install mouse
[ 1576.238606][   T90] koneplus 0003:1E7D:2D51.0021: probe with driver koneplus failed with error -71
[ 1576.250921][   T90] usb 5-1: USB disconnect, device number 73
[ 1576.294362][T29219] loop3: detected capacity change from 0 to 512
[ 1576.342496][T29219] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1576.355163][T29219] ext4 filesystem being mounted at /61/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1576.972652][T27839] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1577.326072][T27843] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1577.359779][T27843] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1577.368814][T27843] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1577.386659][T27843] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1577.399767][   T24] usb 4-1: new high-speed USB device number 101 using dummy_hcd
[ 1577.399923][T27843] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1577.591291][   T24] usb 4-1: Using ep0 maxpacket: 16
[ 1577.602477][   T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1577.621937][   T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1577.633668][   T24] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1577.655543][   T24] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1577.904970][   T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1577.916527][   T24] usb 4-1: config 0 descriptor??
[ 1578.113277][T29272] netlink: 60 bytes leftover after parsing attributes in process `syz.9.7705'.
[ 1578.188155][T29270] netlink: 60 bytes leftover after parsing attributes in process `syz.9.7705'.
[ 1578.531977][   T24] usbhid 4-1:0.0: can't add hid device: -71
[ 1578.540274][   T24] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[ 1578.550938][   T24] usb 4-1: USB disconnect, device number 101
[ 1578.729097][T29251] chnl_net:caif_netlink_parms(): no params data found
[ 1578.745867][   T30] kauditd_printk_skb: 3 callbacks suppressed
[ 1578.745885][   T30] audit: type=1800 audit(1754587205.580:722): pid=29291 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.7712" name="/" dev="9p" ino=2 res=0 errno=0
[ 1579.141254][T29251] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1579.174268][T29251] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1579.209198][T29251] bridge_slave_0: entered allmulticast mode
[ 1579.245078][T29251] bridge_slave_0: entered promiscuous mode
[ 1579.273674][T29251] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1579.281516][T29251] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1579.288806][T29251] bridge_slave_1: entered allmulticast mode
[ 1579.298711][T29251] bridge_slave_1: entered promiscuous mode
[ 1579.538429][ T5177] Bluetooth: hci4: command tx timeout
[ 1580.107072][T29251] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1580.177527][T29308] netlink: 60 bytes leftover after parsing attributes in process `syz.8.7717'.
[ 1580.181607][T29251] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1580.426718][T29312] netlink: 'syz.3.7719': attribute type 12 has an invalid length.
[ 1580.465421][T29251] team0: Port device team_slave_0 added
[ 1580.483203][T29313] loop9: detected capacity change from 0 to 512
[ 1580.508526][T29310] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1580.519932][T29251] team0: Port device team_slave_1 added
[ 1580.610780][T29312] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7719'.
[ 1580.705853][T29312] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1580.727718][T29312] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1580.766214][T29312] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1580.789588][T29312] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1580.906383][T29251] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1580.924649][T29251] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1580.986237][T29251] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1581.008479][T29322] netlink: 60 bytes leftover after parsing attributes in process `syz.8.7720'.
[ 1581.047142][   T30] audit: type=1326 audit(1754587207.880:723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29327 comm="syz.4.7725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f677898ebe9 code=0x7ffc0000
[ 1581.081785][T29251] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1581.097705][T29251] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1581.112666][   T30] audit: type=1326 audit(1754587207.880:724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29327 comm="syz.4.7725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f677898ebe9 code=0x7ffc0000
[ 1581.155373][T29251] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1581.199545][T29318] netlink: 60 bytes leftover after parsing attributes in process `syz.8.7720'.
[ 1581.207762][   T30] audit: type=1326 audit(1754587207.880:725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29327 comm="syz.4.7725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=99 compat=0 ip=0x7f677898ebe9 code=0x7ffc0000
[ 1581.231596][   T30] audit: type=1326 audit(1754587207.880:726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29327 comm="syz.4.7725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f677898ebe9 code=0x7ffc0000
[ 1581.340691][T29336] loop5: detected capacity change from 0 to 512
[ 1581.441778][T29251] hsr_slave_0: entered promiscuous mode
[ 1581.463761][T29251] hsr_slave_1: entered promiscuous mode
[ 1581.478303][T29251] debugfs: 'hsr0' already exists in 'hsr'
[ 1581.490534][T29251] Cannot create hsr debugfs directory
[ 1581.579769][ T5177] Bluetooth: hci4: command tx timeout
[ 1581.838144][T29349] loop8: detected capacity change from 0 to 512
[ 1581.923131][T29349] EXT4-fs (loop8): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[ 1581.947505][T29349] EXT4-fs (loop8): orphan cleanup on readonly fs
[ 1582.149184][T29349] EXT4-fs error (device loop8): ext4_read_block_bitmap_nowait:517: comm syz.8.7734: Block bitmap for bg 0 marked uninitialized
[ 1582.614904][T29349] EXT4-fs error (device loop8) in ext4_mb_clear_bb:6657: Corrupt filesystem
[ 1582.642356][T29349] EXT4-fs (loop8): 1 orphan inode deleted
[ 1582.676042][T29349] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[ 1582.795804][T29349] netlink: 8 bytes leftover after parsing attributes in process `syz.8.7734'.
[ 1582.892054][T29251] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1583.573302][T29251] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1583.660343][ T5177] Bluetooth: hci4: command tx timeout
[ 1583.701236][T29376] netlink: 4 bytes leftover after parsing attributes in process `syz.9.7739'.
[ 1583.762837][T19115] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1583.797584][T29370] netlink: 'syz.9.7739': attribute type 12 has an invalid length.
[ 1584.056572][T29251] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1584.150632][T29390] netlink: 132 bytes leftover after parsing attributes in process `syz.4.7744'.
[ 1584.203729][T29392] loop3: detected capacity change from 0 to 512
[ 1584.297514][T29251] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1584.369898][T29399] netlink: 'syz.4.7748': attribute type 2 has an invalid length.
[ 1584.385003][T29399] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.7748'.
[ 1584.421407][T29399] nbd: must specify at least one socket
[ 1584.801049][T29251] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 1584.815482][T29251] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 1585.489460][T29251] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 1585.534669][T29251] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 1585.611906][T29413] loop8: detected capacity change from 0 to 1024
[ 1585.619230][T29413] EXT4-fs: Ignoring removed nobh option
[ 1585.624914][T29413] EXT4-fs: Ignoring removed bh option
[ 1585.666249][T29413] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1585.687316][T29418] loop9: detected capacity change from 0 to 512
[ 1585.722429][   T30] audit: type=1800 audit(1754587212.550:727): pid=29420 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.7753" name="/" dev="9p" ino=2 res=0 errno=0
[ 1585.745651][ T5177] Bluetooth: hci4: command tx timeout
[ 1585.919799][T19265] usb 4-1: new full-speed USB device number 102 using dummy_hcd
[ 1586.014589][   T30] audit: type=1326 audit(1754587212.840:728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29430 comm="syz.5.7756" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5db198ebe9 code=0x7ffc0000
[ 1586.079329][   T30] audit: type=1326 audit(1754587212.880:729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29430 comm="syz.5.7756" exe="/root/syz-executor" sig=0 arch=c000003e syscall=99 compat=0 ip=0x7f5db198ebe9 code=0x7ffc0000
[ 1586.103532][   T30] audit: type=1326 audit(1754587212.880:730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29430 comm="syz.5.7756" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5db198ebe9 code=0x7ffc0000
[ 1586.136971][T19265] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1586.139262][   T30] audit: type=1326 audit(1754587212.880:731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29430 comm="syz.5.7756" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5db198ebe9 code=0x7ffc0000
[ 1586.160028][T19265] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1586.213011][T19265] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1586.232282][T19265] usb 4-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[ 1586.248129][T19265] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1586.273711][T19265] usb 4-1: config 0 descriptor??
[ 1586.596762][T19115] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1586.717033][T29427] loop3: detected capacity change from 0 to 512
[ 1586.735013][T29427] EXT4-fs: Ignoring removed i_version option
[ 1586.744354][T29427] EXT4-fs: Ignoring removed nobh option
[ 1586.757764][T29427] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[ 1586.886168][T29427] EXT4-fs (loop3): 1 truncate cleaned up
[ 1586.897661][T29427] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1587.162911][T29449] netlink: 8 bytes leftover after parsing attributes in process `syz.8.7762'.
[ 1587.653075][T19265] usbhid 4-1:0.0: can't add hid device: -71
[ 1587.659182][T19265] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[ 1587.670806][T19265] usb 4-1: USB disconnect, device number 102
[ 1588.335710][T27839] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1588.578550][T29455] loop3: detected capacity change from 0 to 128
[ 1588.615121][T29455] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1588.679889][T29455] ext4 filesystem being mounted at /69/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1589.006077][T29437] netlink: 132 bytes leftover after parsing attributes in process `syz.5.7759'.
[ 1589.021362][T29447] tipc: Enabled bearer <udp:syz2>, priority 10
[ 1589.312534][T29251] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1589.346687][T29251] 8021q: adding VLAN 0 to HW filter on device team0
[ 1589.420370][T29251] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1589.441727][T29251] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1589.513660][T27745] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1589.520914][T27745] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1589.552979][T27745] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1589.560213][T27745] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1590.327469][T16624] usb 5-1: new high-speed USB device number 74 using dummy_hcd
[ 1590.504977][T16624] usb 5-1: Using ep0 maxpacket: 32
[ 1590.530538][T16624] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1590.543041][T29479] loop8: detected capacity change from 0 to 128
[ 1590.569444][T16624] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d51, bcdDevice= 0.00
[ 1590.586770][T16624] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1590.606813][T29479] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1590.650687][T16624] usb 5-1: config 0 descriptor??
[ 1590.676954][T29479] ext4 filesystem being mounted at /601/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1590.755305][T29251] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1591.062769][T16624] koneplus 0003:1E7D:2D51.0022: unknown main item tag 0x0
[ 1591.089758][T16624] koneplus 0003:1E7D:2D51.0022: unknown main item tag 0x0
[ 1591.112452][T16624] koneplus 0003:1E7D:2D51.0022: unknown main item tag 0x0
[ 1591.139543][T16624] koneplus 0003:1E7D:2D51.0022: unknown main item tag 0x0
[ 1591.146679][T16624] koneplus 0003:1E7D:2D51.0022: unknown main item tag 0x0
[ 1591.169571][   T24] usb 6-1: new full-speed USB device number 3 using dummy_hcd
[ 1591.187443][T16624] koneplus 0003:1E7D:2D51.0022: hidraw0: USB HID v0.00 Device [HID 1e7d:2d51] on usb-dummy_hcd.4-1/input0
[ 1591.276920][T29464] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1591.289957][T29464] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1591.332507][T29464] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1591.361834][   T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1591.373922][T29464] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1591.393270][   T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1591.412873][T16624] koneplus 0003:1E7D:2D51.0022: couldn't init struct koneplus_device
[ 1591.429435][T16624] koneplus 0003:1E7D:2D51.0022: couldn't install mouse
[ 1591.429642][   T24] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1591.461214][T16624] koneplus 0003:1E7D:2D51.0022: probe with driver koneplus failed with error -71
[ 1591.464031][   T24] usb 6-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[ 1591.518637][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1591.561467][T29494] loop9: detected capacity change from 0 to 512
[ 1591.569169][   T24] usb 6-1: config 0 descriptor??
[ 1591.661206][T16624] usb 5-1: USB disconnect, device number 74
[ 1591.894042][T29251] veth0_vlan: entered promiscuous mode
[ 1591.932204][T29251] veth1_vlan: entered promiscuous mode
[ 1592.010948][T29489] loop5: detected capacity change from 0 to 512
[ 1592.026426][T29489] EXT4-fs: Ignoring removed i_version option
[ 1592.028325][T29251] veth0_macvtap: entered promiscuous mode
[ 1592.044784][T29489] EXT4-fs: Ignoring removed nobh option
[ 1592.056717][T29489] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[ 1592.073024][T29251] veth1_macvtap: entered promiscuous mode
[ 1592.128761][T29489] EXT4-fs (loop5): 1 truncate cleaned up
[ 1592.135943][T29251] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1592.154631][T29489] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1592.168756][T29251] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1592.218664][ T6361] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1592.549265][ T6361] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1592.558997][   T24] usbhid 6-1:0.0: can't add hid device: -71
[ 1592.568191][   T24] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[ 1592.582892][   T24] usb 6-1: USB disconnect, device number 3
[ 1592.607232][ T6361] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1592.637962][T27745] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1592.703775][T29506] loop4: detected capacity change from 0 to 128
[ 1592.927563][T29506] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1593.026678][T29506] ext4 filesystem being mounted at /383/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1593.616798][T26920] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1593.938638][T27745] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1593.990369][T27745] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1594.162634][ T6361] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1594.195297][T19115] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1594.215344][ T6361] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1594.600331][T29515] loop6: detected capacity change from 0 to 4096
[ 1594.678520][T29515] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1594.796192][T29520] netlink: 132 bytes leftover after parsing attributes in process `syz.5.7777'.
[ 1594.944167][T23066] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1596.230957][T29251] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1596.467870][T29540] loop5: detected capacity change from 0 to 256
[ 1596.506700][T29540] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1596.586463][T29545] loop9: detected capacity change from 0 to 128
[ 1596.640228][T29545] EXT4-fs (loop9): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1596.662316][T29545] ext4 filesystem being mounted at /493/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1597.165499][T27843] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1597.175437][T27843] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1597.184884][T27843] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1597.193568][T27843] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1597.201900][T27843] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1597.721252][T29561] FAT-fs (loop5): error, corrupted directory (invalid entries)
[ 1598.247178][T29565] netlink: 20 bytes leftover after parsing attributes in process `syz.6.7797'.
[ 1598.377316][T27839] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1598.594977][T29577] loop3: detected capacity change from 0 to 4096
[ 1598.619119][ T6365] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1598.695824][T29578] loop6: detected capacity change from 0 to 512
[ 1598.711384][T29577] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1598.887135][T27745] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1599.308977][ T5177] Bluetooth: hci3: command tx timeout
[ 1599.384572][T27839] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1599.404259][T29578] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1599.547182][T29578] ext4 filesystem being mounted at /6/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1599.658684][ T6365] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1600.026545][ T6365] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1600.135737][T20713] EXT4-fs (loop9): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1600.254751][ T6365] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1600.313466][T29600] loop5: detected capacity change from 0 to 256
[ 1600.349108][T29600] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1600.509026][T29601] netlink: 24 bytes leftover after parsing attributes in process `syz.4.7807'.
[ 1600.580797][T29601] netlink: 24 bytes leftover after parsing attributes in process `syz.4.7807'.
[ 1601.339666][ T5177] Bluetooth: hci3: command tx timeout
[ 1601.467017][T29553] chnl_net:caif_netlink_parms(): no params data found
[ 1601.730770][T29609] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1601.829792][T29619] FAT-fs (loop5): error, corrupted directory (invalid entries)
[ 1601.843461][T29618] loop4: detected capacity change from 0 to 128
[ 1602.143418][T29618] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1602.274925][T29618] ext4 filesystem being mounted at /392/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1602.287533][T29609] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1602.420556][T29623] bridge0: port 3(batadv0) entered blocking state
[ 1602.445335][   T30] audit: type=1800 audit(1754587229.270:732): pid=29626 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.7813" name="/" dev="9p" ino=2 res=0 errno=0
[ 1602.469549][T29623] bridge0: port 3(batadv0) entered disabled state
[ 1602.532808][T29623] batadv0: entered allmulticast mode
[ 1602.590558][T29623] batadv0: entered promiscuous mode
[ 1602.625209][ T6365] bridge_slave_1: left allmulticast mode
[ 1602.652055][ T6365] bridge_slave_1: left promiscuous mode
[ 1602.657862][ T6365] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1602.696529][ T6365] bridge_slave_0: left allmulticast mode
[ 1602.732638][ T6365] bridge_slave_0: left promiscuous mode
[ 1602.738388][ T6365] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1602.954941][ T1160] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[ 1602.964342][ T1160] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[ 1603.419675][ T5177] Bluetooth: hci3: command tx timeout
[ 1604.294872][ T6365] $Hÿ (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1604.312040][ T6365] bond_slave_0: left promiscuous mode
[ 1604.352764][ T6365] $Hÿ (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1604.375400][ T6365] bond_slave_1: left promiscuous mode
[ 1604.403245][ T6365] $Hÿ (unregistering): Released all slaves
[ 1604.502055][T29609] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1604.673747][ T6365] tipc: Disabling bearer <udp:syz2>
[ 1604.685944][ T6365] tipc: Left network mode
[ 1604.864236][T29609] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1604.886427][T29641] loop5: detected capacity change from 0 to 128
[ 1604.944074][T29641] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1605.031306][T29553] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1605.038536][T29553] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1605.056038][T29641] ext4 filesystem being mounted at /147/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1605.077471][T29553] bridge_slave_0: entered allmulticast mode
[ 1605.118258][T29553] bridge_slave_0: entered promiscuous mode
[ 1605.166314][T29553] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1605.194198][T29553] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1605.215272][T29553] bridge_slave_1: entered allmulticast mode
[ 1605.231739][T29553] bridge_slave_1: entered promiscuous mode
[ 1605.348401][T29649] netlink: 'syz.3.7820': attribute type 2 has an invalid length.
[ 1605.366773][T29649] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.7820'.
[ 1605.385397][T29649] nbd: must specify at least one socket
[ 1605.501696][ T5177] Bluetooth: hci3: command tx timeout
[ 1605.519150][T29553] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1605.664040][T29251] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1605.678288][T29553] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1605.934344][T29553] team0: Port device team_slave_0 added
[ 1605.962521][ T6361] netdevsim netdevsim9 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1606.034397][   T24] usb 4-1: new high-speed USB device number 103 using dummy_hcd
[ 1606.200849][   T24] usb 4-1: Using ep0 maxpacket: 32
[ 1606.457084][   T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1606.600877][   T24] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d51, bcdDevice= 0.00
[ 1606.729900][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[ 1606.736386][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[ 1606.772825][   T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1606.785316][T29553] team0: Port device team_slave_1 added
[ 1606.809501][   T24] usb 4-1: config 0 descriptor??
[ 1606.824642][ T6418] netdevsim netdevsim9 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1607.059736][T29553] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1607.099570][T29553] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1607.163923][T29553] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1607.198827][ T6418] netdevsim netdevsim9 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1607.227598][ T6418] netdevsim netdevsim9 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1607.270998][T29553] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1607.304424][   T24] koneplus 0003:1E7D:2D51.0023: unknown main item tag 0x0
[ 1607.309427][T29553] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1607.343235][   T24] koneplus 0003:1E7D:2D51.0023: unknown main item tag 0x0
[ 1607.388353][   T24] koneplus 0003:1E7D:2D51.0023: unknown main item tag 0x0
[ 1607.414427][   T24] koneplus 0003:1E7D:2D51.0023: unknown main item tag 0x0
[ 1607.419393][T29553] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1607.453334][   T24] koneplus 0003:1E7D:2D51.0023: unknown main item tag 0x0
[ 1607.501969][T29651] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1607.513804][   T30] audit: type=1800 audit(1754587234.340:733): pid=29665 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.7825" name="/" dev="9p" ino=2 res=0 errno=0
[ 1607.562682][   T24] koneplus 0003:1E7D:2D51.0023: hidraw0: USB HID v0.00 Device [HID 1e7d:2d51] on usb-dummy_hcd.3-1/input0
[ 1607.562758][T29651] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1607.664191][T29651] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1607.705360][T29651] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1607.770876][   T24] koneplus 0003:1E7D:2D51.0023: couldn't init struct koneplus_device
[ 1607.779045][   T24] koneplus 0003:1E7D:2D51.0023: couldn't install mouse
[ 1607.831009][   T24] koneplus 0003:1E7D:2D51.0023: probe with driver koneplus failed with error -71
[ 1607.881730][   T24] usb 4-1: USB disconnect, device number 103
[ 1607.902646][ T6365] hsr_slave_0: left promiscuous mode
[ 1607.916041][ T6365] hsr_slave_1: left promiscuous mode
[ 1607.968197][ T6365] veth0_macvtap: left promiscuous mode
[ 1607.989972][ T6365] veth1_vlan: left promiscuous mode
[ 1608.002388][ T6365] veth0_vlan: left promiscuous mode
[ 1608.068469][ T6365] ------------[ cut here ]------------
[ 1608.074510][ T6365] WARNING: CPU: 0 PID: 6365 at net/ipv6/route.c:4857 rt6_multipath_rebalance+0x455/0x8b0
[ 1608.084401][ T6365] Modules linked in:
[ 1608.088746][ T6365] CPU: 0 UID: 0 PID: 6365 Comm: kworker/u8:14 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(full) 
[ 1608.100702][ T6365] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1608.110821][ T6365] Workqueue: netns cleanup_net
[ 1608.115631][ T6365] RIP: 0010:rt6_multipath_rebalance+0x455/0x8b0
[ 1608.121956][ T6365] Code: ff ff 44 89 e1 80 e1 07 38 c1 0f 8c 85 fe ff ff 4c 89 e7 e8 ad 3b f3 f7 e9 78 fe ff ff e8 93 d1 8f f7 eb 05 e8 8c d1 8f f7 90 <0f> 0b 90 48 83 c4 10 5b 41 5c 41 5d 41 5e 41 5f 5d e9 d0 66 e0 f6
[ 1608.141633][ T6365] RSP: 0018:ffffc9000bcd6ea0 EFLAGS: 00010293
[ 1608.147738][ T6365] RAX: ffffffff8a2fda1d RBX: ffff888050082400 RCX: ffff888026083c00
[ 1608.155769][ T6365] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[ 1608.163789][ T6365] RBP: dffffc0000000000 R08: 0000000000000003 R09: 0000000000000004
[ 1608.171812][ T6365] R10: dffffc0000000000 R11: fffff5200179adcc R12: ffff8880500824de
[ 1608.179836][ T6365] R13: ffff888050082490 R14: 0000000000000000 R15: 1ffff1100a010492
[ 1608.187822][ T6365] FS:  0000000000000000(0000) GS:ffff888125c21000(0000) knlGS:0000000000000000
[ 1608.196811][ T6365] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1608.203445][ T6365] CR2: 00007f8fec14cf98 CR3: 000000008face000 CR4: 0000000000350ef0
[ 1608.211464][ T6365] Call Trace:
[ 1608.214749][ T6365]  <TASK>
[ 1608.217694][ T6365]  fib6_ifdown+0x401/0x4c0
[ 1608.222170][ T6365]  ? __pfx_fib6_ifdown+0x10/0x10
[ 1608.227134][ T6365]  fib6_clean_node+0x24d/0x590
[ 1608.231958][ T6365]  ? __pfx_fib6_clean_node+0x10/0x10
[ 1608.237257][ T6365]  ? __lock_acquire+0xab9/0xd20
[ 1608.242174][ T6365]  ? __local_bh_enable_ip+0x12d/0x1c0
[ 1608.247567][ T6365]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1608.253281][ T6365]  fib6_walk_continue+0x67b/0x910
[ 1608.258358][ T6365]  fib6_walk+0x149/0x290
[ 1608.262656][ T6365]  __fib6_clean_all+0x234/0x380
[ 1608.267522][ T6365]  ? __fib6_clean_all+0x9b/0x380
[ 1608.272506][ T6365]  ? __pfx_fib6_ifdown+0x10/0x10
[ 1608.277462][ T6365]  ? __pfx___fib6_clean_all+0x10/0x10
[ 1608.282895][ T6365]  ? __pfx_fib6_clean_node+0x10/0x10
[ 1608.288205][ T6365]  ? __pfx_fib6_ifdown+0x10/0x10
[ 1608.293216][ T6365]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1608.298878][ T6365]  ? __mutex_trylock_common+0x153/0x260
[ 1608.304488][ T6365]  rt6_disable_ip+0x120/0x720
[ 1608.309187][ T6365]  ? rcu_is_watching+0x15/0xb0
[ 1608.314008][ T6365]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1608.319689][ T6365]  ? trace_contention_end+0x39/0x120
[ 1608.324997][ T6365]  ? __pfx_rt6_disable_ip+0x10/0x10
[ 1608.330279][ T6365]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1608.335943][ T6365]  addrconf_ifdown+0x15d/0x1880
[ 1608.340863][ T6365]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1608.346517][ T6365]  ? __mutex_unlock_slowpath+0x1a1/0x760
[ 1608.352254][ T6365]  ? tls_dev_event+0x717/0xec0
[ 1608.357073][ T6365]  ? __pfx_addrconf_ifdown+0x10/0x10
[ 1608.362448][ T6365]  addrconf_notify+0x1bc/0x1010
[ 1608.367331][ T6365]  notifier_call_chain+0x1b6/0x3e0
[ 1608.372532][ T6365]  netif_close_many+0x29c/0x410
[ 1608.377417][ T6365]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1608.383467][ T6365]  ? __pfx_netif_close_many+0x10/0x10
[ 1608.388881][ T6365]  unregister_netdevice_many_notify+0x7b9/0x1ff0
[ 1608.395296][ T6365]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[ 1608.402129][ T6365]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1608.407792][ T6365]  ? unregister_netdevice_queue+0x1b3/0x380
[ 1608.413749][ T6365]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[ 1608.420042][ T6365]  ? __pfx_vxcan_dellink+0x10/0x10
[ 1608.425185][ T6365]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1608.430885][ T6365]  default_device_exit_batch+0x819/0x890
[ 1608.436558][ T6365]  ? __pfx___might_resched+0x10/0x10
[ 1608.441895][ T6365]  ? __pfx_default_device_exit_batch+0x10/0x10
[ 1608.448084][ T6365]  ? __pfx_rdma_dev_exit_net+0x10/0x10
[ 1608.453603][ T6365]  ? net_generic+0x1e/0x240
[ 1608.458148][ T6365]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1608.463841][ T6365]  ? __pfx_default_device_exit_batch+0x10/0x10
[ 1608.470063][ T6365]  ops_undo_list+0x525/0x990
[ 1608.474684][ T6365]  ? __pfx_ops_undo_list+0x10/0x10
[ 1608.479872][ T6365]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1608.485557][ T6365]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1608.491257][ T6365]  ? do_raw_spin_unlock+0x122/0x240
[ 1608.496491][ T6365]  cleanup_net+0x4c5/0x800
[ 1608.500985][ T6365]  ? __pfx_cleanup_net+0x10/0x10
[ 1608.505953][ T6365]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1608.511652][ T6365]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1608.516873][ T6365]  ? process_scheduled_works+0x9ef/0x17b0
[ 1608.522659][ T6365]  ? process_scheduled_works+0x9ef/0x17b0
[ 1608.528412][ T6365]  process_scheduled_works+0xae1/0x17b0
[ 1608.534051][ T6365]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1608.540093][ T6365]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1608.545757][ T6365]  worker_thread+0x8a0/0xda0
[ 1608.550410][ T6365]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1608.556771][ T6365]  ? __kthread_parkme+0x7b/0x200
[ 1608.561787][ T6365]  kthread+0x711/0x8a0
[ 1608.565895][ T6365]  ? __pfx_worker_thread+0x10/0x10
[ 1608.571066][ T6365]  ? __pfx_kthread+0x10/0x10
[ 1608.575673][ T6365]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1608.581370][ T6365]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1608.586628][ T6365]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1608.592334][ T6365]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1608.597580][ T6365]  ? __pfx_kthread+0x10/0x10
[ 1608.602240][ T6365]  ret_from_fork+0x3fc/0x770
[ 1608.606847][ T6365]  ? __pfx_ret_from_fork+0x10/0x10
[ 1608.612017][ T6365]  ? __switch_to_asm+0x39/0x70
[ 1608.616807][ T6365]  ? __switch_to_asm+0x33/0x70
[ 1608.621619][ T6365]  ? __pfx_kthread+0x10/0x10
[ 1608.626226][ T6365]  ret_from_fork_asm+0x1a/0x30
[ 1608.631053][ T6365]  </TASK>
[ 1608.634091][ T6365] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 1608.641388][ T6365] CPU: 0 UID: 0 PID: 6365 Comm: kworker/u8:14 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(full) 
[ 1608.653279][ T6365] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1608.663336][ T6365] Workqueue: netns cleanup_net
[ 1608.668122][ T6365] Call Trace:
[ 1608.671389][ T6365]  <TASK>
[ 1608.674316][ T6365]  dump_stack_lvl+0x99/0x250
[ 1608.678902][ T6365]  ? __asan_memcpy+0x40/0x70
[ 1608.683488][ T6365]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1608.688689][ T6365]  ? __pfx__printk+0x10/0x10
[ 1608.693295][ T6365]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1608.698935][ T6365]  vpanic+0x281/0x750
[ 1608.702913][ T6365]  ? __pfx__printk+0x10/0x10
[ 1608.707505][ T6365]  ? __pfx_vpanic+0x10/0x10
[ 1608.711999][ T6365]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1608.717629][ T6365]  ? is_bpf_text_address+0x26/0x2b0
[ 1608.722833][ T6365]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1608.728469][ T6365]  panic+0xb9/0xc0
[ 1608.732192][ T6365]  ? __pfx_panic+0x10/0x10
[ 1608.736639][ T6365]  __warn+0x31b/0x4b0
[ 1608.740621][ T6365]  ? rt6_multipath_rebalance+0x455/0x8b0
[ 1608.746253][ T6365]  ? rt6_multipath_rebalance+0x455/0x8b0
[ 1608.751880][ T6365]  report_bug+0x2be/0x4f0
[ 1608.756204][ T6365]  ? rt6_multipath_rebalance+0x455/0x8b0
[ 1608.761834][ T6365]  ? rt6_multipath_rebalance+0x455/0x8b0
[ 1608.767461][ T6365]  ? rt6_multipath_rebalance+0x457/0x8b0
[ 1608.773088][ T6365]  handle_bug+0x84/0x160
[ 1608.777335][ T6365]  exc_invalid_op+0x1a/0x50
[ 1608.781840][ T6365]  asm_exc_invalid_op+0x1a/0x20
[ 1608.786684][ T6365] RIP: 0010:rt6_multipath_rebalance+0x455/0x8b0
[ 1608.792919][ T6365] Code: ff ff 44 89 e1 80 e1 07 38 c1 0f 8c 85 fe ff ff 4c 89 e7 e8 ad 3b f3 f7 e9 78 fe ff ff e8 93 d1 8f f7 eb 05 e8 8c d1 8f f7 90 <0f> 0b 90 48 83 c4 10 5b 41 5c 41 5d 41 5e 41 5f 5d e9 d0 66 e0 f6
[ 1608.812521][ T6365] RSP: 0018:ffffc9000bcd6ea0 EFLAGS: 00010293
[ 1608.818584][ T6365] RAX: ffffffff8a2fda1d RBX: ffff888050082400 RCX: ffff888026083c00
[ 1608.826553][ T6365] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[ 1608.834546][ T6365] RBP: dffffc0000000000 R08: 0000000000000003 R09: 0000000000000004
[ 1608.842506][ T6365] R10: dffffc0000000000 R11: fffff5200179adcc R12: ffff8880500824de
[ 1608.850470][ T6365] R13: ffff888050082490 R14: 0000000000000000 R15: 1ffff1100a010492
[ 1608.858440][ T6365]  ? rt6_multipath_rebalance+0x44d/0x8b0
[ 1608.864084][ T6365]  fib6_ifdown+0x401/0x4c0
[ 1608.868502][ T6365]  ? __pfx_fib6_ifdown+0x10/0x10
[ 1608.873431][ T6365]  fib6_clean_node+0x24d/0x590
[ 1608.878191][ T6365]  ? __pfx_fib6_clean_node+0x10/0x10
[ 1608.883466][ T6365]  ? __lock_acquire+0xab9/0xd20
[ 1608.888330][ T6365]  ? __local_bh_enable_ip+0x12d/0x1c0
[ 1608.893695][ T6365]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1608.899331][ T6365]  fib6_walk_continue+0x67b/0x910
[ 1608.904372][ T6365]  fib6_walk+0x149/0x290
[ 1608.908612][ T6365]  __fib6_clean_all+0x234/0x380
[ 1608.913455][ T6365]  ? __fib6_clean_all+0x9b/0x380
[ 1608.918386][ T6365]  ? __pfx_fib6_ifdown+0x10/0x10
[ 1608.923321][ T6365]  ? __pfx___fib6_clean_all+0x10/0x10
[ 1608.928692][ T6365]  ? __pfx_fib6_clean_node+0x10/0x10
[ 1608.933974][ T6365]  ? __pfx_fib6_ifdown+0x10/0x10
[ 1608.938922][ T6365]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1608.944552][ T6365]  ? __mutex_trylock_common+0x153/0x260
[ 1608.950103][ T6365]  rt6_disable_ip+0x120/0x720
[ 1608.954809][ T6365]  ? rcu_is_watching+0x15/0xb0
[ 1608.959589][ T6365]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1608.965223][ T6365]  ? trace_contention_end+0x39/0x120
[ 1608.970508][ T6365]  ? __pfx_rt6_disable_ip+0x10/0x10
[ 1608.975708][ T6365]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1608.981345][ T6365]  addrconf_ifdown+0x15d/0x1880
[ 1608.986200][ T6365]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1608.991828][ T6365]  ? __mutex_unlock_slowpath+0x1a1/0x760
[ 1608.997472][ T6365]  ? tls_dev_event+0x717/0xec0
[ 1609.002241][ T6365]  ? __pfx_addrconf_ifdown+0x10/0x10
[ 1609.007552][ T6365]  addrconf_notify+0x1bc/0x1010
[ 1609.012403][ T6365]  notifier_call_chain+0x1b6/0x3e0
[ 1609.017544][ T6365]  netif_close_many+0x29c/0x410
[ 1609.022476][ T6365]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1609.028504][ T6365]  ? __pfx_netif_close_many+0x10/0x10
[ 1609.033906][ T6365]  unregister_netdevice_many_notify+0x7b9/0x1ff0
[ 1609.040248][ T6365]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[ 1609.047007][ T6365]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1609.052634][ T6365]  ? unregister_netdevice_queue+0x1b3/0x380
[ 1609.058523][ T6365]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[ 1609.064756][ T6365]  ? __pfx_vxcan_dellink+0x10/0x10
[ 1609.069870][ T6365]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1609.075500][ T6365]  default_device_exit_batch+0x819/0x890
[ 1609.081142][ T6365]  ? __pfx___might_resched+0x10/0x10
[ 1609.086420][ T6365]  ? __pfx_default_device_exit_batch+0x10/0x10
[ 1609.092574][ T6365]  ? __pfx_rdma_dev_exit_net+0x10/0x10
[ 1609.098028][ T6365]  ? net_generic+0x1e/0x240
[ 1609.102541][ T6365]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1609.108177][ T6365]  ? __pfx_default_device_exit_batch+0x10/0x10
[ 1609.114329][ T6365]  ops_undo_list+0x525/0x990
[ 1609.118932][ T6365]  ? __pfx_ops_undo_list+0x10/0x10
[ 1609.124038][ T6365]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1609.129672][ T6365]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1609.135300][ T6365]  ? do_raw_spin_unlock+0x122/0x240
[ 1609.140508][ T6365]  cleanup_net+0x4c5/0x800
[ 1609.144939][ T6365]  ? __pfx_cleanup_net+0x10/0x10
[ 1609.149873][ T6365]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1609.155503][ T6365]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1609.160725][ T6365]  ? process_scheduled_works+0x9ef/0x17b0
[ 1609.166437][ T6365]  ? process_scheduled_works+0x9ef/0x17b0
[ 1609.172146][ T6365]  process_scheduled_works+0xae1/0x17b0
[ 1609.177713][ T6365]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1609.183693][ T6365]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1609.189329][ T6365]  worker_thread+0x8a0/0xda0
[ 1609.193919][ T6365]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1609.200254][ T6365]  ? __kthread_parkme+0x7b/0x200
[ 1609.205197][ T6365]  kthread+0x711/0x8a0
[ 1609.209268][ T6365]  ? __pfx_worker_thread+0x10/0x10
[ 1609.214371][ T6365]  ? __pfx_kthread+0x10/0x10
[ 1609.218957][ T6365]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1609.224588][ T6365]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1609.229779][ T6365]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1609.235405][ T6365]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1609.240600][ T6365]  ? __pfx_kthread+0x10/0x10
[ 1609.245187][ T6365]  ret_from_fork+0x3fc/0x770
[ 1609.249775][ T6365]  ? __pfx_ret_from_fork+0x10/0x10
[ 1609.254883][ T6365]  ? __switch_to_asm+0x39/0x70
[ 1609.259646][ T6365]  ? __switch_to_asm+0x33/0x70
[ 1609.264407][ T6365]  ? __pfx_kthread+0x10/0x10
[ 1609.268994][ T6365]  ret_from_fork_asm+0x1a/0x30
[ 1609.273776][ T6365]  </TASK>
[ 1609.277120][ T6365] Kernel Offset: disabled
[ 1609.281437][ T6365] Rebooting in 86400 seconds..