last executing test programs:

6m29.61757612s ago: executing program 32 (id=380):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x4801})
socket$inet6_sctp(0xa, 0xd1126770f3137b34, 0x84)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
bind$packet(0xffffffffffffffff, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
setxattr$security_evm(&(0x7f00000000c0)='./cgroup.cpu/cgroup.procs\x00', &(0x7f00000003c0), &(0x7f0000000400)=@md5={0x1, "8dbf4697425daabfecc13e32d6f7038a"}, 0x11, 0x3)
r4 = getpid()
r5 = syz_pidfd_open(r4, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x20)
preadv(r6, &(0x7f0000001b00)=[{&(0x7f00000009c0)=""/239, 0xef}], 0x1, 0x2, 0x0)
ioctl$BTRFS_IOC_ADD_DEV(r5, 0xff08, 0x0)
close(r1)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x118)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000500))
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000000)={'syzkaller0\x00', @broadcast})
write$cgroup_devices(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="1b23000d"], 0xffdd)

5m16.565797323s ago: executing program 3 (id=578):
r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0xfa09c4119783e9d)
syz_usb_disconnect(r0)
r1 = syz_usb_connect(0x3, 0x24, &(0x7f00000003c0)={{0x12, 0x1, 0x0, 0x5a, 0xe4, 0xc4, 0x10, 0x596, 0x1, 0x5f5, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0xd6, 0x0, 0x0, 0xb5, 0xe1, 0x45}}]}}]}}, 0x0)
syz_usb_control_io$printer(r1, 0x0, &(0x7f0000000440)={0x34, &(0x7f0000000200)={0x0, 0xa, 0x10, "93c32a9ac9758ba5825c27dd7cd1698a"}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_ep_write$ath9k_ep1(r1, 0x82, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r1, 0x0, 0x0)

5m13.174039959s ago: executing program 3 (id=587):
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300))
prlimit64(0x0, 0x7, &(0x7f0000000180)={0x7, 0x65d}, 0x0)
syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)

5m12.798480586s ago: executing program 3 (id=591):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)={0xac, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @private0}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_DST={0x18, 0xd, 0x0, 0x1, [@CTA_NAT_V6_MAXIP={0x14, 0x5, @remote}]}]}, 0xac}}, 0x0)

5m11.430739426s ago: executing program 3 (id=594):
syz_mount_image$ext4(&(0x7f0000000bc0)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x0, &(0x7f0000000100)={[{@quota}, {@nodelalloc}]}, 0x2, 0xbd1, &(0x7f0000001340)="$eJzs3M1rHOcZAPBnRquVbKtduZRS91KVUmwoXUsuMrUp1C4uvfRQaK8Fq/LKCK0/kFRcyTqskn8gX+dALoEkJiGH+OxLQnLNJbGvCTkETFCsBEJIFGY/pI2lleR4V6PIvx+8mvedd7TP8+ywO/PC7gbwxBrJ/qQRxyLiYhJRau5PI6JY7w1G1BrHra4sTX65sjSZxNravz5LIomIBytLk63HSprbI83BYES8/9ckfvb05rhzC4szE9VqZbY5Pjl/5frJuYXFP0xfmbhcuVy5Onb6T+Onxk+PnhnvWq1ffXTu9he/+fsnta9f/ebW58+/nMS5GGrOtdfRLSMxsv6ctCtExES3g+Wkr1lPe51JYYd/SnucFAAAHaVt93C/iFL0xcbNWyne/iDX5AAAAICuWOuLWAMAAAAOuMT6HwAAAA641ucAHqwsTbZavp9I2Fv3z0fEcKP+1WZrzBSiVt8ORn9EHH6QRPvXWpPGvz22kYj4+N6ZN7IWPfoe8nZqyxHxy63Of1Kvf7j+Le7N9acRMdqF+CMPjX9M9Z/rQvy86wfgyXTnfONCtvn6l67f/8QW17/CFteuHyLv61/r/m910/3fRv19He7//rnLGDdfefFGp7ms/j/f/tvrrZbFz7aPVdQjuL8c8avCVvUn6/UnHeq/uMsYpW9vVDrN5V3/2ksRx2Pr+luS7X+f6OTUdLUy2vi7ZYzl98Zf6xQ/7/qz83+4Q/2t33/qdP6v7zLGfy5ceHPTznsb3e3rTz8tJv+u94rNPf+fmJ+fHYsoJv/YvP/U9rm0jmk9Rlb/id9u//rfqv7sPaHWfB6ytcByc5uNn3oo5l9u3XyrUz6t9V+e5/9Sh/PfXv+7hc3n/5ldxvjdO8+d6DTXvv7NWha/tRYGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgJY0IoYiScvr/TQtlyOORMTP43BavTY3//upa/+7eimbixiO/nRquloZjYhSY5xk47F6f2N86qHxHyPiaES8UDpUH5cnr1Uv5V08AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA645ExFAkaTki0ohYLaVpuZx3VgAAAEDXDeedAAAAANBz1v8AAABw8Fn/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0GNHf33nbhIRtbOH6i1TbM7155oZ0Gtp3gkAuenLOwEgN4W8EwBy84hrfLcLcAAlO8wPdpwZ6HouAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOxfx4/duZtERO3soXrLFJtz/blmBvRa2tZPcswD2Ht9200W9i4PYO95icOTyxof2GntP7hxTO37MwM9ywkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/Weo3pK0HBHF5r5yOeInETEc/cnUdLUyGhE/jYgPS/0D2Xgs55wBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADovrmFxZmJarUym3XSaHbW9/Sg09eM3MMQvekkjbxr+yWfg90ZeHanY/4bjxmiGPui0n3ayfNdCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAvMwtLM5MVKuV2bm8MwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyNrewODNRrVZme9jJu0YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPLzXQAAAP//jAsGRw==")
r0 = creat(&(0x7f0000000580)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r1 = open(&(0x7f0000000180)='./bus\x00', 0x14113e, 0x6ceac77f206eabb9)
sendmsg$NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)={0x14, 0x0, 0x1, 0x70bd27, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x20000800}, 0x800)
write$binfmt_script(r1, &(0x7f0000000080), 0x208e24b)
ioctl$EXT4_IOC_GROUP_EXTEND(r0, 0x40086607, 0x0)

5m8.496111407s ago: executing program 3 (id=600):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f00000002c0)={0x3, 0x1, &(0x7f0000000380)=""/231, 0x0, 0x0, 0x4})

4m59.436004788s ago: executing program 3 (id=613):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r2, &(0x7f0000000200)={0xa, 0x0, 0xfffffffd, @empty}, 0x1c)
r3 = dup(r2)
r4 = open(&(0x7f00000000c0)='./file0\x00', 0x1298c2, 0x0)
ftruncate(r4, 0x200004)
sendfile(r3, r4, 0x0, 0x80001d00c0d1)

4m58.732266572s ago: executing program 33 (id=613):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r2, &(0x7f0000000200)={0xa, 0x0, 0xfffffffd, @empty}, 0x1c)
r3 = dup(r2)
r4 = open(&(0x7f00000000c0)='./file0\x00', 0x1298c2, 0x0)
ftruncate(r4, 0x200004)
sendfile(r3, r4, 0x0, 0x80001d00c0d1)

4m17.679924457s ago: executing program 0 (id=691):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$sndmidi(0x0, 0x2, 0x141101)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000180)='personality\x00')
r3 = socket(0x400000000010, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x20000801}, 0x4041810)
lseek(r2, 0x6, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, 0x0)
r6 = socket(0x400000000010, 0x3, 0x0)
r7 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r8, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x3}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000480)=@newtfilter={0x84, 0x2c, 0xd27, 0x70bd26, 0x25dfdc00, {0x0, 0x0, 0x0, r8, {0x2, 0x4}, {}, {0x8, 0xf}}, [@filter_kind_options=@f_matchall={{0xd}, {0x50, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x6, 0x1000, 0x20000000, 0xfffffffc, 0x7ff}}]}, {0x4}, {0x2, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x3}}}}]}]}}]}, 0x84}, 0x1, 0x0, 0x0, 0x20000010}, 0x20000000)
sendmsg$nl_route_sched(r4, &(0x7f0000000700)={0x0, 0x1e5, &(0x7f00000006c0)={&(0x7f0000000440)=@deltaction={0x28, 0x32, 0x101, 0x0, 0x0, {}, [@TCA_ACT_TAB={0x14, 0x1, [{0x10, 0x1, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}]}]}, 0x28}}, 0x0)
unshare(0x2040400)
unshare(0x2000400)
fsmount(0xffffffffffffffff, 0x0, 0x0)
ioctl$VIDIOC_ENUM_FRAMESIZES(0xffffffffffffffff, 0xc02c564a, 0x0)
write$nbd(0xffffffffffffffff, &(0x7f0000000340)={0x1000000, 0x0, 0x0, 0x40, 0x9, "82b0cfc4337965941538be09000000000000000000007400a391793ba70d0000000000fdf700000000baffda6e4a4d83"}, 0x40)

4m4.261794548s ago: executing program 0 (id=707):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000001840), r0)
sendmsg$TIPC_NL_MEDIA_SET(r0, &(0x7f0000001a40)={0x0, 0x0, &(0x7f0000001a00)={&(0x7f0000000100)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010029b87000fbdbdf250c00"], 0x34}, 0x1, 0x0, 0x0, 0x4034}, 0x8094)

4m3.775014981s ago: executing program 0 (id=710):
r0 = socket(0x10, 0x80003, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x0, 0xfff2}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0xf, "0000000000000000000100000e00"}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x2000000}, 0x0)

4m3.359800754s ago: executing program 0 (id=715):
socket(0x26, 0x1, 0xe6c)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f0000004700)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x14, 0x0, 0xb19, 0x70bd2a, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x240040c0}, 0x20008080)

4m2.084567833s ago: executing program 0 (id=718):
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001940)=@newtaction={0x18, 0x30, 0x871a15abc695fa3d, 0xfffffffd, 0x25dfdbfc, {}, [{0x4}]}, 0x18}}, 0x0)

3m59.12835217s ago: executing program 0 (id=720):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$sndmidi(0x0, 0x2, 0x141101)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000180)='personality\x00')
r3 = socket(0x400000000010, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x20000801}, 0x4041810)
lseek(r2, 0x6, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, 0x0)
r6 = socket(0x400000000010, 0x3, 0x0)
r7 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r8, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x3}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000480)=@newtfilter={0x84, 0x2c, 0xd27, 0x70bd26, 0x25dfdc00, {0x0, 0x0, 0x0, r8, {0x2, 0x4}, {}, {0x8, 0xf}}, [@filter_kind_options=@f_matchall={{0xd}, {0x50, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x6, 0x1000, 0x20000000, 0xfffffffc, 0x7ff}}]}, {0x4}, {0x2, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x3}}}}]}]}}]}, 0x84}, 0x1, 0x0, 0x0, 0x20000010}, 0x20000000)
sendmsg$nl_route_sched(r4, &(0x7f0000000700)={0x0, 0x1e5, &(0x7f00000006c0)={&(0x7f0000000440)=@deltaction={0x28, 0x32, 0x101, 0x0, 0x0, {}, [@TCA_ACT_TAB={0x14, 0x1, [{0x10, 0x1, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}]}]}, 0x28}}, 0x0)
unshare(0x2040400)
unshare(0x2000400)
fsmount(0xffffffffffffffff, 0x0, 0x0)
ioctl$VIDIOC_ENUM_FRAMESIZES(0xffffffffffffffff, 0xc02c564a, 0x0)
write$nbd(0xffffffffffffffff, &(0x7f0000000340)={0x1000000, 0x0, 0x0, 0x40, 0x9, "82b0cfc4337965941538be09000000000000000000007400a391793ba70d0000000000fdf700000000baffda6e4a4d83"}, 0x40)

3m43.096423545s ago: executing program 34 (id=720):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$sndmidi(0x0, 0x2, 0x141101)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000180)='personality\x00')
r3 = socket(0x400000000010, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x20000801}, 0x4041810)
lseek(r2, 0x6, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, 0x0)
r6 = socket(0x400000000010, 0x3, 0x0)
r7 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r8, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x3}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000480)=@newtfilter={0x84, 0x2c, 0xd27, 0x70bd26, 0x25dfdc00, {0x0, 0x0, 0x0, r8, {0x2, 0x4}, {}, {0x8, 0xf}}, [@filter_kind_options=@f_matchall={{0xd}, {0x50, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x6, 0x1000, 0x20000000, 0xfffffffc, 0x7ff}}]}, {0x4}, {0x2, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x3}}}}]}]}}]}, 0x84}, 0x1, 0x0, 0x0, 0x20000010}, 0x20000000)
sendmsg$nl_route_sched(r4, &(0x7f0000000700)={0x0, 0x1e5, &(0x7f00000006c0)={&(0x7f0000000440)=@deltaction={0x28, 0x32, 0x101, 0x0, 0x0, {}, [@TCA_ACT_TAB={0x14, 0x1, [{0x10, 0x1, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}]}]}, 0x28}}, 0x0)
unshare(0x2040400)
unshare(0x2000400)
fsmount(0xffffffffffffffff, 0x0, 0x0)
ioctl$VIDIOC_ENUM_FRAMESIZES(0xffffffffffffffff, 0xc02c564a, 0x0)
write$nbd(0xffffffffffffffff, &(0x7f0000000340)={0x1000000, 0x0, 0x0, 0x40, 0x9, "82b0cfc4337965941538be09000000000000000000007400a391793ba70d0000000000fdf700000000baffda6e4a4d83"}, 0x40)

2m54.595052955s ago: executing program 2 (id=833):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0xb007}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'wg0\x00', <r2=>0x0})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$inet6_udplite(0xa, 0x2, 0x88)
sendto$packet(r1, &(0x7f0000000180)="0b03feff4f12021202004788aa96a13bb1000011000088ca1a00", 0x1fffc, 0x0, &(0x7f0000000140)={0x11, 0x0, r2}, 0x14)

2m53.722319834s ago: executing program 2 (id=839):
prlimit64(0x0, 0xe, &(0x7f0000000300)={0xa, 0x200000000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000000)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f00000003c0)='net/mcfilter6\x00')
read$char_usb(r3, &(0x7f0000001080)=""/160, 0xa0)

2m50.595698273s ago: executing program 2 (id=842):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xf)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
process_vm_writev(r0, &(0x7f0000000900)=[{&(0x7f0000000440)=""/212, 0xd4}, {0x0}, {0x0}, {&(0x7f0000000280)=""/24, 0x18}, {&(0x7f0000000800)=""/239, 0xef}, {&(0x7f00000002c0)=""/41, 0x29}, {&(0x7f0000000a00)=""/241, 0xf1}], 0x7, 0x0, 0x0, 0x0)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000007c0)=@newtaction={0x14, 0x1e, 0x109, 0x100, 0x25dfdbff}, 0x14}, 0x1, 0x2b1e, 0x0, 0x10}, 0x24040010)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, 0x0, 0x48c0)
r5 = syz_open_procfs(0xffffffffffffffff, 0x0)
writev(r5, &(0x7f00000008c0)=[{&(0x7f0000002440)="003ac1", 0x3}], 0x1)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
r6 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r6, &(0x7f0000000140), 0x10)
sendmsg$can_bcm(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="0500000001090000000000", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x2710], 0x80}}, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x80}, 0x0)
r7 = syz_genetlink_get_family_id$ipvs(0x0, 0xffffffffffffffff)
sendmsg$IPVS_CMD_NEW_DEST(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, r7, 0x8, 0x70bd26, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0xf}]}, 0x1c}, 0x1, 0x0, 0x0, 0x48000}, 0x0)
sendmsg$IPVS_CMD_DEL_DEST(r5, &(0x7f0000000c40)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000c00)={&(0x7f0000001200)={0x24, r7, 0x100, 0x70bd2a, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0x4}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x9}, @IPVS_CMD_ATTR_DAEMON={0x4}]}, 0x24}}, 0x48000)

2m46.451899408s ago: executing program 2 (id=848):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, 0x0, 0x0)
unshare(0x20000400)
sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f0000000d00)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4010}, 0x4008020)
socket$kcm(0x29, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bind$can_j1939(0xffffffffffffffff, &(0x7f0000000080), 0x18)
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='timers\x00')
preadv(r2, &(0x7f0000002380)=[{&(0x7f0000000200)=""/122, 0x7a}], 0x1, 0x0, 0x0)
r3 = socket(0xa, 0x3, 0xff)
recvmmsg(r3, &(0x7f0000000280), 0x0, 0x4020, 0x0)

2m33.640956749s ago: executing program 2 (id=874):
socket(0x40000000015, 0x5, 0x0)
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000040)={0x84, @broadcast, 0x4e21, 0x3, 'rr\x00', 0x1, 0x10000004, 0x8}, 0x2c)
r1 = socket$kcm(0xa, 0x2, 0x0)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADDDEST(r0, 0x0, 0x487, &(0x7f0000000000)={{0x84, @private=0xa010101, 0x4e21, 0x3, 'wrr\x00', 0x23, 0x81, 0x5}, {@dev={0xac, 0x14, 0x14, 0x3c}, 0x4e23, 0x10000, 0x1cb, 0x12d61, 0x12d58}}, 0x44)
setsockopt$IP_VS_SO_SET_ADDDEST(r2, 0x0, 0x487, &(0x7f0000000000)={{0x84, @rand_addr=0x64010100, 0x4e24, 0x3, 'lc\x00', 0x8, 0x323b, 0x55}, {@remote, 0x4e23, 0x10000, 0x0, 0x12d5c, 0x12d4c}}, 0x44)
sendmsg$sock(r1, &(0x7f0000000400)={&(0x7f0000000580)=@in6={0x2, 0x4e22, 0x0, @dev, 0xfffffeec}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@mark={{0x14, 0x1, 0x24, 0x3}}], 0x18}, 0x0)

2m30.781898791s ago: executing program 2 (id=878):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB="210000000000000000000000000010000004"], 0x48)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3000001, 0x11, r0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x972, &(0x7f0000006680))
r1 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFBR(r1, 0x8940, &(0x7f0000003040)=@generic={0x0, 0x9, 0xfffffffffffffff9})

2m15.357751403s ago: executing program 35 (id=878):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB="210000000000000000000000000010000004"], 0x48)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3000001, 0x11, r0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x972, &(0x7f0000006680))
r1 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFBR(r1, 0x8940, &(0x7f0000003040)=@generic={0x0, 0x9, 0xfffffffffffffff9})

2m15.353200877s ago: executing program 7 (id=922):
syz_emit_ethernet(0x32, &(0x7f00000006c0)={@broadcast, @broadcast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x6, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9, 0x0, @gue={{0x2, 0x0, 0x0, 0x0, 0x0, @val=0x80}}}}}}}, 0x0)

2m13.699165336s ago: executing program 7 (id=927):
r0 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_INIT(r0, 0x29, 0xc8, &(0x7f0000000340), 0x4)
setsockopt$MRT6_ADD_MFC_PROXY(r0, 0x29, 0xd2, &(0x7f00000005c0)={{0xa, 0xfffc, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x33}}}, {0xa, 0x0, 0x1, @empty}, 0x0, {[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe]}}, 0x5c)
setsockopt$MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f0000000100)={0x0, 0x1, 0x8, 0x0, 0x9}, 0xc)
setsockopt$MRT6_FLUSH(r0, 0x29, 0xd4, &(0x7f0000000080)=0x6, 0x4)

2m12.886978993s ago: executing program 7 (id=933):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x21081e, &(0x7f0000000540)={[{@grpquota}, {@nobh}, {@quota}, {@nogrpid}, {@max_dir_size_kb}, {@quota}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x1, 0x511, &(0x7f0000000ac0)="$eJzs3c9vI2cZAOB3nDhxsmmTlh4AQbu0hQWt1km8bVT1AOWEEKqE6BGkbUi8URQ7jmKnNGEP2zNXJCpxgiN/AOeeuHNBcOOyHJD4EYE2SByMZjzOerN2Ntps7BA/jzSa+ebz+n2/tWa+zJt4JoCxdT0i7kfEVER8GBHz+f4kX+K9zpK+7uHhvbWjw3trSbTbH/wjyfrTfdHzb1LX8vcsRcQPvhPx4+TJuM39g63VWq26m7cXW/Wdxeb+wa3N+upGdaO6XamsLK8svXP77cpzG+tr9al868sPfn//Gz9N05rL9/SO41kknSH32x8RxeM4qcmI+N55gl0iE/l4pkadCM+kEBEvR8Tr2fE/HxPZpwkAXGXt9ny053vbAMBVV8hqYEmhnNcC5qJQKJc7NbxXYrZQazRbN+829rbXO7WyhSgW7m7Wqkt5rXAhiknaXs62H7UrnfZ0t307Il6KiJ9Pz2Tt8lqjtj7KH3wAYIxdOzH//3u6M/8DAFdcadQJAABDZ/4HgPFj/geA8WP+B4Dx05n/Z0adBgAwRKde/7sfEABcSer/ADBWvv/+++nSPsrvf73+0f7eVuOjW+vV5la5vrdWXmvs7pQ3Go2N7J499ae9X63R2Fl+K/Y+XvjmTrO12Nw/uFNv7G237mT39b5TLWav6nurbABgSF567bM/JemM/O5MtkTPsxyKI80MuGiFUScAjMzEqBMARsZf98D4Osc1vvIAXBF9HtH7mFK/Lwi12+32xaUEXLAbX1D/h3HVU//3V8AwZtT/YXyp/8P4areTsz7zP876QgDgclPjBwb8/v/lfP2b/JcDP1o/+YpPLzIrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuNy6z/8t588Cn4tCoVyOeCEiFqKY3N2sVZci4sWI+ON0cTptL484ZwDgvAp/TfLnf92Yf3Pusa5Xrx1vTkXET375wS8+Xm21dv8QMZX8c7q7v/Vpvr8y/OwBgNOl1/rdeTpb91zIPzy8t9ZdhpnT374dEaVO/KPDqTg6jj8Zk9m6FMWImP1Xkrc7kp7axXnc/yQiPt9v/EnMZTWQzpNPT8ZPY78w1PiFx+IXsr7OOv2/+NxzyAXGzWfp+ee9fsdfIa5n6/7Hfyk7Q51ffv5L32rtKDsHPorfPf9NDDj/XT9rjLd+993O1syTfZ9EfHEyohv7qOf8042fDIj/5hnj//lLr74+qK/9q4gb0T9+b6zFVn1nsbl/cGuzvrpR3ahuVyoryytL79x+u7KY1agXB88Gf3/35ouD+tLxzw6IX3rK+L96xvH/+r8f/vArp8T/+hv94hfilVPip3Pi184Yf3X2t6VBfWn89QHjf9rnf/OM8R/85eCJx4YDAKPT3D/YWq3Vqrv/7xtzxc6ALks+Ni5iI/2EL0EafTe+NaxYU9G/62dvdA6BE13t9jPFGnTGeB5VN+AyOD7oI+I/o04GAAAAAAAAAAAAAADoaxjfWBr1GAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALi6/hcAAP//leLMXA==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x10)
ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, &(0x7f0000000000)={0x40000000, 0xdd, 0x479c28ea, 0x4, 0x4, 0xb})

2m10.222415471s ago: executing program 7 (id=940):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2, 0x0, 0x3}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @counter={{0xc}, @val={0x10, 0x2, 0x0, 0x1, [@NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x7f}]}}}]}]}], {0x14}}, 0x78}, 0x1, 0x0, 0x0, 0x8001}, 0x24000014)

2m9.695489365s ago: executing program 7 (id=942):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x44, 0x86}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r1, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
getpriority(0x2, r0)

2m8.520746076s ago: executing program 7 (id=944):
r0 = socket(0x2b, 0x80801, 0x1)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000001740)=@raw={'raw\x00', 0x8000000, 0x7fffffe, 0x2b0, 0x110, 0xffffffff, 0xffffffff, 0x110, 0xffffffff, 0x1e0, 0xffffffff, 0xffffffff, 0x1e0, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x3, 0x0}, @mcast1, [0x0, 0x0, 0x0, 0xffffff], [0xff000000, 0x0, 0x4c62d6309aaa1bde, 0xffffff00], 'batadv0\x00', 'nicvf0\x00', {}, {0xff}, 0x3a, 0x0, 0x3, 0x42}, 0x0, 0xa8, 0x110}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0xa, 0x100, 0x2, 0x8, 'pptp\x00', 'syz0\x00', {0xf}}}}, {{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', [0x0, 0x0, 0xffffffff, 0xffffff00], [0x0, 0x0, 0xffffff00, 0xff], 'syzkaller0\x00', 'vxcan1\x00', {}, {}, 0x3c}, 0x0, 0xa8, 0xd0}, @common=@inet=@SYNPROXY={0x28, 'SYNPROXY\x00', 0x0, {0x1a, 0x7, 0xc}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x310)
getsockopt$bt_BT_VOICE(r0, 0x112, 0xb, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, 0x0, 0x0)

1m50.667439389s ago: executing program 36 (id=944):
r0 = socket(0x2b, 0x80801, 0x1)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000001740)=@raw={'raw\x00', 0x8000000, 0x7fffffe, 0x2b0, 0x110, 0xffffffff, 0xffffffff, 0x110, 0xffffffff, 0x1e0, 0xffffffff, 0xffffffff, 0x1e0, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x3, 0x0}, @mcast1, [0x0, 0x0, 0x0, 0xffffff], [0xff000000, 0x0, 0x4c62d6309aaa1bde, 0xffffff00], 'batadv0\x00', 'nicvf0\x00', {}, {0xff}, 0x3a, 0x0, 0x3, 0x42}, 0x0, 0xa8, 0x110}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0xa, 0x100, 0x2, 0x8, 'pptp\x00', 'syz0\x00', {0xf}}}}, {{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', [0x0, 0x0, 0xffffffff, 0xffffff00], [0x0, 0x0, 0xffffff00, 0xff], 'syzkaller0\x00', 'vxcan1\x00', {}, {}, 0x3c}, 0x0, 0xa8, 0xd0}, @common=@inet=@SYNPROXY={0x28, 'SYNPROXY\x00', 0x0, {0x1a, 0x7, 0xc}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x310)
getsockopt$bt_BT_VOICE(r0, 0x112, 0xb, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, 0x0, 0x0)

44.02207418s ago: executing program 9 (id=1179):
r0 = socket$inet6(0xa, 0x3, 0x84)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, 0x0, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xff}}}, 0x1c)

43.52684796s ago: executing program 9 (id=1183):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x38, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2, 0x0, 0xffff}, [@IPSET_ATTR_DATA={0x10, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x40c0080)

43.285007087s ago: executing program 9 (id=1184):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r0, 0x400448ca, 0x0)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0x0, 0x1}, 0x6)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
waitid$P_PIDFD(0x2, r1, 0x0, 0x8, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x10, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000028000000bca30000000000003403000040feffff720af1ff0000000071a4f0ff000000001f030000000000002e0a0200000000002604fdffffff000e61144400000000001d430000000000007a0a00fe0000001f61141c0000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f30002af51efd601b6bf01c8e8b1fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f0177184b6a89adaf17b0a6041bdef728f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101ab062cd54e67051d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566de74e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48b936e6f9e0fcda88fe4413537528fd79153baae244e7bf573eac34b781337ad5901a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab51380d7b4ead35a385e0b4a26b602396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb1188883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcc536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d648532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2654026c6ea08b83b123145ab5703dad844ceb201efeb6dc5f6a9037d2283c42efc54dd84323afc4c10eff462c8843187f1dd48ef0900000000000000ff0f4000000000f00700003c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fcdb4c1011e32f808890205f0e6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963442aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2869291b7d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e637d4219ef7ec61261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ecab5d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addbc4b3093c91b8068c5adfcb0d7fd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf699b3746979f99f6a1527f004f37e84fb478199dc1020f4beb98b8074bf7df8b5e783637daf121f175a81cffff4ac55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a4a274000000000000000000000000000000000000000000000009dd14b38f2f5426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4120260ffcd030000006d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb3928143be1c1023a375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10b0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d3b332240d450fdb0a9a69f432e277f3a0386eb2bd1305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07e18b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e8c0a0d213c3ffad44d2a376def42e41e9fc3167a257e040fa7cf32c221aaac6cfdeb33c27500001a0000000000000000000017350000c11ae694b0c69c2c03f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d10522a7a945b93fb705b95b6aae27a8fab1e6984c8bdc12360627137ab6737b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481ffe46a4ce86be0b1f8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0b74903580ac98708007c80d6c7d0de4614195e40d797c0348dd70f36a220e8b3710fb5358c27e90793bcb9ee6319342c4b239ca8cbc6fc83d32e6eb62ad92e43991f2447be9c2a1ae1119eafb901a43d57e885116d19aa152bfb89f8d0b2516f80120a1cddff771657f3d0288ec3899f1e3ba0151c4037148fb479de703fc52b6573349c28d1b107d859b4961324c17756dde99de1924a1d2b7095d34a55060f47f4407d89acf9f285b20c2e6b3d0491d0d3591b0d94713332b6b79c8297117b0d14eff64e0aca8a4b4aa773d8fba1217e9519952419bb9dd998d0ec870ff00b6d556018602738fbc6cec89d6dd13cf55b96f6fe9a137d2d6a56ad78e52c23ed080000000000002bc261a781fd14126c146a0aac4221839a4b9bbf61e4bba695a41e2109eba8e40c370267cc51ffadbd15cafc97a4d3edfdcb9b5729307c6bdaf7b69325fb05fa8a9869de0600ee477d71bf3e36d1d9019edfa27aae24b632f251df210c86a18fae731ecb8b0d48357378caf2b6789509b1bacfd4fa812dc341875cfa5e798bbf59770000000000000000c8a594ea3c3347962d9113b1fecdfad5a8da641053f02e49456f5d21674521e67a5b18ea451eccf69dd6af928d2d68da9304a296c22fdcea26498d26229110b1aade386b113045033a6188d56e675564d8cb8d5b40114b0f5bf15dd64c9ece60b8588ee8777d0ea8f4713b258427c7d90f9e93348e17723ba9ab8ae790f74cc41ae5795835f3cec40dff485d2802c08611454d9ea784a205bcc07ec26f906f3cf45bb37014ab6f22af6213618e242b283ea9d3f0677ee598072ec06f7170009d92bb7ed9d12c378dfd3e74ec056ee83eef666423d934fc5908c9ff98715218a5964f1e00000000426ac9588e27aefe307f49662990ee823568bbc2f89596ced7c6c52d76b8096f1848410843b93fd404f535be474f456778b5ef85abb8fc2336abd5ea64a6efea8a5aca0015499b88ae780a7bae4df603bd3c72808cf300440b1b638a6640f7de8d0d82f359ca2f779cd48cd8d3603f4f69e47f386988c9b7b5d6dd3d48a1fdca780049d7c87bea42161a4c0d7cf0125b43dc9d8845f3c05a08acda647e7143d0e0aee2949a45e2848890522c2288072467d2afe269f589fb7e034b92d3ca245b16b71998711bfe206c9690b6d0eebb06a29349229eb45ff15c63aa2c82c56d7420738cd1b04eb16e87cb524315d7361ea3635d3799bb7fcc56aa5e1dbe031a7a12554dee6754b72f43a6fddf427f32ec3df274a88097725679769beebf1aa6eb09d5154e4900000000000d0f7160a05911d969879953d3d4702b2676c07bb0fd14020a66718378825d5ed789711b77d40dc31e0b8fc651b45559da463f0000000000000000000000000052d42124e9c26aba885015e69d42ecd710342ac597ebea576ae15fdf611356f622e831741ab15549e0d7a2bd0324e2b3b48a10551607492c19eaf58485feb4cab19c303b30ba2ddea0d792d77724c9fa4ed58b93668fc20484f141ee2b6a0029e88fdc853189b4dafd36ff23b11967090e508f45e3f10857038a52ef275cf9e3e4b5d30b12d138dfa70930c603b5e3f4b7be67be3dba3cbd8d4d143195af0697d779445d67dcfbd922d12a8b49f93eac7a72faacf80346b3b6"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff97, 0x10, &(0x7f00000000c0), 0xffffffffffffffc2}, 0x48)

41.793482467s ago: executing program 9 (id=1189):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="180200000100000000000000020000008500000087000000180100002020702500000000002020207b1af8ff00"], &(0x7f0000000080)='GPL\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0xe, 0x0, &(0x7f00000003c0)="e097566f5bec64466cf0925782dd", 0x0, 0x8c9, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

41.49849s ago: executing program 9 (id=1194):
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f00000004c0)={[{@noload}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1}}, {@bh}, {@noload}, {@data_err_ignore}, {@usrjquota}]}, 0xff, 0x44d, &(0x7f0000000900)="$eJzs3MtvG8UfAPDvrp30/Ut+UB4tLQQKouKRNOnzwKUIJA4gIcGhiFNI0qrUbaAJEq0qKBzKEVXijjgi8RdwggsCTkhc4Y4qVaiXFiQko13vpsa107hx6rb+fKRNZrzjzHx3d+zZGTsBDKyx7EcSsTkifouIkUb2vwXGGr+uXTk389eVczNJ1Otv/Jnk5a5eOTdTFi2ft6mRqdeL/Lo29V54O2K6Vps7XeQnFk++N7Fw5uzzx09OH5s7Nndq6tChfXt3Dh+Y2t+TOLO4rm7/aH7HtlfeuvjazJGL7/z0TdbezcX+5jh6ZaxxdNt6qteV9dmWpnRS7WND6EolIrLTNZT3/5GoxIalfSPx8qd9bRywpur1er3d+3PhfB24hyXR7xYA/VG+0Wf3v+V2m4Yed4TLhyPeP9iI/1qxNfZUIy3KDLXc3/bSWEQcOf/3l9kWazQPAQDQ7LvDEfFcu/FfGg82lftfsYYyGhH/j4j7IuL+iNgaEQ9E5GUfioiHu6y/dYXkxvFPeumWAluhbPz3QrG2tTT++6eex18YrRS5LXn8Q8nR47W5PcUx2R1D67L85DJ1fP/Sr5932tc8/su2rP5yLNiQXqq2TNDNTi9OrzLsJZc/idhebYk/l0S5jJNExLaI2N7VX75+h3H8ma93dCp18/iX0YN1pvpXEU83zv/5aIm/lHRcn5w8eGBq/8T6qM3tmSivihv9/MuF1zvVv6r4eyA7/xtbr//cUvyjyfqIhTNnT+TrtQvd13Hh98863tPc6vU/nLyZp4eLxz6cXlw8PRkxnLx64+NT159b5svyWfy7d7WLP81f48oj8UhEZBfxzoh4NCIeK9r+eEQ8ERG7lon/xxeffLf7+JeZle+hLP7Zm53/aD7/3ScqJ374tvv4S9n535endhePrOT1b6UNXM2xAwAAgLtFmn8GPknHl9JpOj7e+Az/1tiY1uYXFp89Ov/BqdnGZ+VHYygtZ7pGmuZDJ4u54TI/1ZLfW8wbf1HZkOfHZ+Zrs/0OHgbcpg79P/NHpd+tA9ac72vB4NL/YXDp/zC49H8YXPo/DK52/f/jPrQDuP28/8Pg0v9hcOn/MLj0fxhIHb8bn67qK/8S93wi0u6fVY07pPF3U6K64n9mcYuJdW139fuVCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDf+DQAA//9X4u4v")
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b)
fdatasync(r0)

39.694867998s ago: executing program 9 (id=1199):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x44, 0x86}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
getpriority(0x2, r0)

23.656017357s ago: executing program 37 (id=1199):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x44, 0x86}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
getpriority(0x2, r0)

12.79532623s ago: executing program 1 (id=1304):
openat$zero(0xffffffffffffff9c, 0x0, 0x5db4d7dc6192623b, 0x0)
getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000d00), 0xffffffffffffffff)
sendmsg$FOU_CMD_GET(r0, &(0x7f0000000dc0)={0x0, 0x0, &(0x7f0000000d80)={&(0x7f0000000d40)={0x1c, r1, 0x1, 0x70bd2c, 0x25dfdbfc, {}, [@FOU_ATTR_PORT={0x6, 0x1, 0x4e20}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x40000)

12.417461322s ago: executing program 1 (id=1306):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000c80)={'hsr0\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000880)=@newqdisc={0x6c, 0x24, 0xd0f, 0x200000, 0x0, {0x60, 0x0, 0x0, r1, {}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x3c, 0x2, [@TCA_GRED_PARMS={0x38, 0x1, {0x1ff, 0x1, 0x6, 0x3, 0x2, 0x0, 0xcb, 0xf, 0x5, 0xb, 0x1f, 0x1a, 0x8, 0xf, 0xf, 0x9}}]}}]}, 0x6c}}, 0x24008004)

11.936069839s ago: executing program 1 (id=1310):
r0 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="48000000140081fb7059ae08060c04000aff0f11000000040011018701546fabca1b4e7d06a6bd7c493872f750375ed08a562af5745e17b8c119418f0f000000d6e74703c48f93b8", 0x48}], 0x1}, 0x0)

11.924545757s ago: executing program 6 (id=1311):
r0 = socket$kcm(0xf, 0x3, 0x2)
sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)="020b070102000000e4a17c455b3a89", 0xf}, {&(0x7f00000000c0)="1c7df6602900d6bd1c", 0x9}], 0x2}, 0x40000)

11.743383201s ago: executing program 1 (id=1312):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r1 = syz_io_uring_setup(0x1e1e, &(0x7f0000000380)={0x0, 0x86f7, 0x10100}, &(0x7f0000002000)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x22})
io_uring_enter(r1, 0x48e9, 0x0, 0x2, 0x0, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000040)=0x4)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0xff)

10.875931216s ago: executing program 6 (id=1313):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
keyctl$restrict_keyring(0xa, 0x0, &(0x7f0000000140)='keyring\x00', &(0x7f0000000880)='\x00\x00\x00\b\x00\xf2?60\xac\x14\b\x00\x00\x00\x00\x00\x00\x00\xde\x00\x00\xd4\x98\xfb\x0e-\\\x82D\xb2\xdeT%9\xab\x1f\xbe\xb0\xe1\xef\x9du\x1a\xd9\xc6@e\xdb\xa4m2\xc8\x85!\xeew2\xa9w\x1fx\xbf\xc5.\be\xb2\x94\xf6\xa4\xd6&\xe5\xd4\x9c\xfc\x85\xbc\xb3(l\xe1B\xbf7-\x04\xf5M\x88\xdaM\x94\xc7e\xbc\xa8!\x82\xab\xfc\x8fX\xc0I%C\x9e\xdd\xe7l\xa7\x9e3\xf4\x04\xaf\xa3\xc5')

10.813407577s ago: executing program 1 (id=1315):
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000240)={'batadv_slave_1\x00', <r1=>0x0})
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000000)={r1, 0x1, 0x6, @random}, 0x10)
setsockopt$packet_add_memb(r0, 0x107, 0x1, 0x0, 0x0)
setsockopt$packet_drop_memb(r0, 0x107, 0x2, &(0x7f0000000140)={0x0, 0x1, 0x6, @link_local}, 0x10)

9.727835065s ago: executing program 6 (id=1317):
r0 = socket$kcm(0xa, 0x2, 0x73)
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[], 0x44}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000050)
sendmsg$inet(r0, &(0x7f0000001180)={&(0x7f0000000000)={0xa, 0x1700, @empty}, 0xffac, &(0x7f0000001080)=[{&(0x7f0000000040)="a72d11a15c048c0a7d63aebc5cea1f815108f6091475aeec600831aa9d3944e60bc2ad06a619c560aa0118b28f68f1eb14549d633b4b23f179fb680716faa43414787559be90843c35ab30acad8a6740140e00721abc2eb362f7bde53b3c992d3e28ccc20ec84fdc569947047f6c09a647ee8c0a747b951e66c068ccf1af93ee9e6f9528ff79e2f989383b05a690a6bec4634b867c9446c1c644b3010e8a3514c6328323b4bbdd602b8f0dace6aea70902c4ddd2a2f2810f1348b0d0df3c1e6a5938fcfdc87e7580c6be0c6a06eca62d6f787dd16add086a21391c4c707d8b61929d1252681b84c245e0efafe2e6e73ad86a3cf59235ab0eacbb414af92ec3cdac420a064a98e8cc18bdf63f8997f96436e0fe6f06fdbf47fff353b01a861babd4a38d126bfe3e29049e6cc883e6efae6e70ef9ed124b1b09887a58c991e223b6420dca5ae238027e91b17b1707dc5c0d5f59f0ca95614f1ea1d263c1ee54dfe31ae35eb3c8e3b931dff7920c57fbba89adf2e392c1ad719b90c7ade0d38ff9792934ef1fb12f51d8e2fad12486d5883d5b1a46696fad128c6805cfb25bc6487e1e407d6b266971b09d0d864a7a550284e24b6cdc9f4ae1081a638175dffef002c76ac5558d23e41edbe68f4b4950a13aa000326dae5a857603dc5a40d6c6618a98c7b6e1eebd325ea2c14601a25658965f40864fd015d9b2fff83ee5ed3212ebd9fa429f0140f633556ac07c0c08e67a1848c9942ecc47dd4ffede9a429e9e0472be7cdbcd117e621ddf745c00a814ffff0224634472577dc0b35a9c153409f1a2bddc193b20b4d244d9cbbd59816c46000c596865f58b4e640ed4a9ab6086cede697fb113560925498da83273e679e0e28b84961eb7b9c9b4fa916590965c76b48e5d453f27a821bd2bf0946ff2413ec30f7893d1f046e18f736c40ceda26dfc4a0a62f71a3606d3f72c0a858dfd7895e2572292e11af913c6b513a141d28e501ae7c49618d104aac9abb78466a636efb88120d0eef0a501558a5aa34784a9823f2802a0bcdf318f9b436b34b42a2a7cf513f80364ad9a699d2e23eb4f3a2bbce818bd20da61882b3dac699d05dc24f29b72471b712423ace6278c43df2be7a09e815517b86d8b3ce16af3d64a575958c5fd52aac53b391f3d2a67c24c6c13ec11428b61b80a6a58cbba1790a98d190a572070f63fc0b809669895ea9865c3066b06102f6f2c7171dc7f76e1931b3e4deb569ef9d07d5f86a848f50942e93c419c3a23489f14803b08182dfd48b8d4375be6b7f805a21209c05e5927693a8834c8d5a5acbd47ed8a30a8a741d1ad77639b56b3b90c0b2023fa334befd28b2e27cbcd94b0ce7437f88ce67a925cea6d6d7e5313de6d328b1124a8b9ef83fe39ca3da97d33c60b7fd4af67d3c8fccb595a27a5bffc71e5a5b2ec966828993b0c0f83cbc55f9a7fb66a4101d5c83b77885072b6e2b2ceebe32f635509698c05089b9ff1cb1959b211e114dadb224ef2d5e7a3c55b3ac00fcdc9018577603c6301e5d4341b3d7eeb2665349d448d28d5d108f576408cbe533a6adbba18ebb2d84bb9af81108506a2f50fb56d595579000747930449fdf4ed01715ec624a0cb73636a35b9136f10b79e3d7ded09008b92e92c64e26e6b6d17f18b70b1d9813de8d2ff151c7a6a0452c660a57c33f13e2d9b88fa5f5c0505722d2e787a425e4a3e9b5efa9668e9199f5fb9fe7d5b8a57719a57df152e7f2c6a1087a2a24084f82455b65353a70559f04d5ed12defb81497ea69c1c7e69c373524770b7473c16a69c7a3648a9dd93377b89cdff61cf62512d1ee67a55ea67993937c1f55a2179bc9c8a337364cfb84d295adda1ad9700fc2f5c11cbfc1b90affb4666c6e7e23a6f7751410a5651819f29f690c6dba2b8a67e0f7f8cc377feb1854c393578994c85391ba21b3961aed477f771645571dc7d6cae72bf79c82a92a4edc3742b1398060a0a5c9e81c016b7f2ae3db529c6ff824cc28678764d8ab49d7dc68e5b0556c9e7ffb6fef442776d86fbd458741830e57f22a1f8513b92abd5b2df93a67cc560134078f0b8ecc3276e40aadef5cd579888b86b4988f396679250701f3869e7493b33692035ecd94aca5189fd0a0893ccc5bb19c0b4caca86cf90ebc2a5558f39cccb33f6773a4e425bf551fb3b6456ee1cc62fa1843a9e5539bb2d02ae6ef82533a9dbcfb562c1ab18c1f639ae7ff02083746f74a15ba2d10e4b955940a5d6f488d326a99f287c48ad463ce40367aeeff519cbad0a2d7fdbfa48bff75955467977764c2be2bd2ffa18396c46920c40c50a4037003666406d177e2cd20aee423d07169d8f611f635ba0b62b61265ff2c5548446a2423dd1038482b6852b2d9d2f90aa05d82c5e2c3d1af0c7aad72d82b3da67471af7b037bb0424a785e73f35b5a10a2ab300a195c20cd119a5390e0cd5d49c70bd80883b933e843d0d2902749dcf3c140c708a0f004b7a2f50bf311305dc01719016fcce5863815ca7951de710fcb71cd177551ff6fcd9f8bf01b93868f24c6129b6d7917125338cf62110083093fc7f862015d48450d992f2bb43e601cab19b2ea7b83962a382fc2a31fdf2358bf8a9a9e506eaa7b6eb5e7444d1ef459b24ffa51362abce902dfd84201a0e4b5a3b62757aad54fb65b83821c6bba663886de092065a565921ea3eb6781bb8ed4f4db3abcfeeb379b7e52fca790bea719918e299ab01bf5e92177d134360bf7a16a59e9d03d3dcfb0a25599237e3d41b3f0026c9402b1fb1894426303413a2cbcf7c72807ca694afa285990d07c3bca26413c9947b3b344aafc04544b8c11416e0312b028da7302e316c3966d41884b15055a49a4a0b3eac8e11f88a5615fb0af582f065d28e5a454447e9d0cfc60356439ebf7e1d0a00f5b9cc6daf2bd7195ba96b4d1a0679ff0fb1c01282c378a880f90f460889b67d76d4d0e8db6c928d113533d1d10b810303c43d8ff622c5bab7f095b96e64bf9daa48a2bdf3d9d40bac00cf1b66df61a4f7c3e21938e876f81b1179dce6a008f28eb682cae690ced0ea0d542da604d8056f2b1813ed36683c4c51aeb2650772cfb1c55d4e60604ff06344cfc271b2175a6c94defb807af240b483e24298ca73bfc743ca2ca2e77e6d5b817b3c1986601537faf59ac84c74d8bd0c068cb8e6bd03ac2dcf5793fb4a00b3c901a33aa3ee86e4f0db317b94bb8678ab26e36d305ebac4b0f7f164947148255b562dd0f87648499d45bccfb7d8c9d5624cadf8160a396e79fbcdc100058ba4606e41c02fb2cc0dc6c36196bd28acfde82a18cda2321d2d83fecd3b85380667cd1d0bc68298c6c8f10421a80c8fa86912b6c3e8ddd9d9668520d5151409e6b77f0d7730b374a68a744151bfbd123cfdf871e8c24e70d2ca3b50e84a48e0b78c1781000cfc848d43584985763a76c0ab9ba882c55e3e4aa8f2174255db38adb8350b48a77be22a869d13d183325f859b883464e5e46de5ea8a92532b9a794daaeff657cd361f7f158f8bebe36e9de1f5b9721d4263dcc9472229bc02d3f552180abfb25ca7aa36cb914d99c09fd5bb99dcab9b4e3c634d18fc7dfe84dc4425ad1e39c3e7410d49b4ea0a8a2958688c7725822f6dfc0827d19dc385e0e35a949941e4dd1aaeaab9ebe402f8c584bca7efc829f2ccfb63fd7bde1c182a67c14f9d3f033ca674e2604e89cd55a15419f956cd61a755c1b13554dae98e77be078aadfc131c9677381f1dbe6ef194eb17603a463e8b844ab46a6046e1f07d96d66de669359bff4c3d80948a4de3abb2f171a09b5d8999c379fb62244114e218c79805df7d899e5661320ee6721d652b95f09e4dfe69bd67099c73294b17ab574e0b966aa3ab44478965b9dca3cb3b9282945f24ccdd07c638ae25a84a728ca24f87ff49d718121a694be46f3616e27b1041b3c6cd24b9cf775bfc28dfbe0a009048f0599f2d5d6586cfd1e7f7fe69872d08b98f60d28e6af0d49d7f06ad71a7b5c41df261aba5de114022c7288bc265cc17909fdeadc3d7b256d7ab3b96e40f857060f16b54a6bb7248ee571f87ace5ee39eab412706cf52fa711468b21ea129c3f44bceb429fcc1a0ac2aa87b9365077dcfcfa9a1b32a0a09699197c20019a66cbd0a897feab3706c23123b888ada643d4560082033e31596b0483578968e3c9593ebd97141c228a42fc7645f92171c120aabca36657683fd7c72fcb87217f124d6fabc52f1d221d8410b47b0ad4bd944bf4085365e9b52a53911ab4ee142c5a1ebbe034c9d98c538c066f2dc0acf372eb2397dcac765055123e0ba19be22b18c886bf0f7490abe9fde91ffa62e059962bd134be8501cb5b715a744b1398e2c4c7e8afe72e189dda0654296afa1c1f99ab7d800fa40f72a758625c833b6fc7b7d42250522b456e1e7de815350c36c9cb2f4d1c9cb99109f89b456c559463f11b8b58247809b17a4ed4912bd0a47a529f1364d6dc593ea7f3eb98962078ac90e5012ee1c7b4b9ed5a8c7a9c0231b4ce425693faab64fa0f3482a04d4be2e06ee5d103694d288810a1a7f4d1e908dd82dd2016a064ece5cd67ef1dd5f4cda728fc6f1ccdd949dd8f775d862621507248ef4c83ae274969d19c7ddb02a4e8a1ab2b7aa539a442b22735ceedeefe60a1059dfaaa0979ce8d5387b5a047841fd9749b88ca91216b02d7926408a01916b7781bb7167528ccdb9a486d173437a5ba3e552c8674dff2cc9b21054e0e4f86b61b8723fca58ceef4413bffae9e9be79c5b9788f5449811ce78be9bc7a86375a670197baaef751beabcba0aa6c7c33f1cd702cb78ec39fa1f17d9da733d6abf2b80f9c51ac8f6f664b24edc53a7c9525c3016bd05c67272375fe816b2b121f2de68b885a0fd8f8b8c6c342237b632f6414a3eb3480f5f42106c5812e9bfd4e8c8dea8d08525d9aa1da7c7c2ee7ff3d31b79b211dd01e304a8ffc83a89a59f3b1e2ef5e969b6d90bea7e161066f25622fad914bff52bacd2807093dda1838b529ee57f718b374ce2841b924a42457867547a6edcb8412d85f11796742bf640b5819a9546357df778c332af5983c4373a95d9c58b52dba445eee92e6911824f0c534e7a5934d9eac9b7f6fec22002fc53a3003a3304217f567b47cd326edc5f48eb1f46bb20d1e10e72239afc9769344590cf48902aba5405b7d4baa31a912ab398a2f2d3f037614bb56a89244ece50f3a1e058d274f1e70f944eb8a305be91e561e5eb843d057a81f4deb84a6335ec81ca964cdae5f318d4e9aaea2c477cc279c00c698bcfe4b8e04c09079d8f3f5438d9d45a00f50d2f9b245c8c68eebf247e25ba8d26f8b95b21ac9ceb50c0aa2e4bdc032024db216b92f9350a90ac79341af14d3fa8ba908096e1b503341aed667bb184c672dac85fc4f335b3871c3b4e55ea219a857d2d2e135358f6b45a20b3e7de8e09b2041eb7c5084a80258fb524a983752659298a251e178b56f96bc67ae0a78ec92f92d92c9cf0edb5dcb11e739d69410ad44c8df00caa030d7d89f2ec38bd7698115c423cf3e6048793aca08ffbcdac766f1553773fa00031c1d75246e4e1eddf8948d02a3de6d67fd7329e45070f29044587f1e0db50d04e673191a63e30f96ee0d8d52738fab36a7fe2c6ab9301d401e7ca5b1f039193a580e40abbdf40c2d7e27809dec80815d37adae9fe7fb9d3a974c9fc03944d7338d000b81170be4c6792ed6b3b827194b3ae11e2acfca48498d1126aacf80f3d574256ef7f75552ff087a819e", 0xffa0}, {&(0x7f0000001040)="9d7fcf3efc63f4a6a555ba8b4726d7ccaf8a207100e69cfac4377876021d7131b838059f96bd206d4776368ed2a92432e5af71", 0x33}], 0x2, &(0x7f00000010c0)=[@ip_tos_int={{0x18, 0x29, 0x3b, 0xc9000000}}, @ip_tos_u8={{0x38, 0x29, 0x3b}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @empty, @loopback}}}], 0x50}, 0x0)

9.655390056s ago: executing program 8 (id=1318):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00'})
r1 = syz_open_dev$loop(&(0x7f0000000000), 0x7, 0x4)
ioctl$BLKROGET(r1, 0x125e, &(0x7f0000000040))
socket(0x10, 0x80002, 0x0)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x87}, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x22, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SET_MM(0x23, 0x6, &(0x7f0000ffc000/0x4000)=nil)
prctl$PR_SET_MM(0x23, 0x7, &(0x7f0000ffd000/0x3000)=nil)

9.606766412s ago: executing program 8 (id=1320):
sendmsg$RDMA_NLDEV_CMD_NEWLINK(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000c00)=ANY=[@ANYBLOB="24000000031401002dbd7000ffdbdf250900020073797a3200000000080041"], 0x38}, 0x1, 0x0, 0x0, 0x4040111}, 0x20000010)

9.46297273s ago: executing program 6 (id=1321):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x141301)
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000c80)={0x14, 0x0, 0x2, 0x301, 0x0, 0x0, {0x7, 0x0, 0x2}}, 0x14}, 0x1, 0x0, 0x0, 0x40010}, 0x4008000)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x4)
r3 = dup(r2)
setsockopt$MRT_INIT(r3, 0x0, 0xc8, &(0x7f0000000340), 0x4)
ioctl$TIOCL_SETSEL(r3, 0x541c, &(0x7f0000000100)={0x2, {0x2, 0x103, 0x100, 0x551}})
r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000440), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_MESH(r3, &(0x7f0000000780)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000700)={&(0x7f00000006c0)={0x24, r4, 0x800, 0x70bd2b, 0x25dfdbfe, {}, [@BATADV_ATTR_VLANID={0x6, 0x28, 0x2}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000802}, 0x8000)
r5 = socket(0x10, 0x803, 0x0)
mbind(&(0x7f0000400000/0xc00000)=nil, 0xc01100, 0x0, 0x0, 0x0, 0x2)
sendto(r5, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r5, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x321}, {&(0x7f0000000280)=""/85, 0x21}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000580)=""/106, 0x659}, {&(0x7f0000000980)=""/73, 0xd}, {&(0x7f0000000200)=""/77, 0x69}, {&(0x7f00000007c0)=""/141, 0xc4}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}, 0x5}], 0x4000000000003b4, 0x2000, &(0x7f0000003700)={0x77359400})
ioctl$USBDEVFS_CONTROL(r1, 0xc0105500, &(0x7f00000000c0)={0x80, 0xa, 0x303, 0x0, 0x0, 0x6e9, 0x0})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000c80)={'lo\x00'})
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r6, &(0x7f0000000140)={&(0x7f0000000000), 0xc, 0x0, 0x1, 0x0, 0x0, 0xa7e4a71329317a60}, 0x20000000)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)={0x54, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x2c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @rand_addr=0x64010100}}, @IPSET_ATTR_PROTO={0x5, 0x7, 0x84}, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e22}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @dev={0xac, 0x14, 0x14, 0x21}}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)

9.361170299s ago: executing program 8 (id=1322):
r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$SIOCX25GSUBSCRIP(r0, 0x89e0, &(0x7f00000000c0)={'dummy0\x00', 0x7, 0x1})

9.071687008s ago: executing program 8 (id=1324):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000380)=0x3)
r4 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000940)=ANY=[@ANYBLOB, @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000000080850000000c000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000300)={r5, 0xe0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000040)=[0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0xfb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000180), 0x8, 0xcc, 0x8, 0x8, &(0x7f00000001c0)}}, 0x10)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000007c0)={r4, &(0x7f0000000780)}, 0x20)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=@newsa={0x158, 0x10, 0x713, 0x70bd26, 0x0, {{@in6=@ipv4={'\x00', '\xff\xff', @multicast2}, @in=@dev={0xac, 0x14, 0x14, 0x13}, 0x4e22, 0x1, 0x0, 0x3, 0x2, 0x0, 0x0, 0x3a, 0x0, 0xffffffffffffffff}, {@in6=@remote, 0x0, 0x32}, @in6=@local, {0x0, 0x0, 0x8, 0xa, 0x6, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x2, 0xfffffffffffffff8}, {0xc, 0x0, 0x2}, 0x70bd29, 0x0, 0x2, 0x1, 0x0, 0x28}, [@algo_aead={0x68, 0x12, {{'rfc4543(gcm(aes))\x00'}, 0xe0, 0x80, "316f74eeac053deb73fc018493cc121927a9bca207141b9a451c00aa"}}]}, 0x158}, 0x1, 0x0, 0x0, 0xc0}, 0x0)
syz_usb_connect(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="120110014a696d4003041060410100f602010902240001000000820904"], 0x0)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000010000000a00000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
ioctl$FS_IOC_GETFLAGS(r7, 0x800452d2, 0x0)
r8 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000340), 0x92000, 0x0)
sendmsg$nl_generic(r8, &(0x7f0000000440)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000400)={&(0x7f0000000640)={0xd8, 0x2b, 0x4, 0x70bd2c, 0x25dfdbfd, {0x2}, [@nested={0x34, 0xf6, 0x0, 0x1, [@typed={0x8, 0xe9, 0x0, 0x0, @u32=0xd5e}, @nested={0x4, 0x5b}, @typed={0x8, 0xd1, 0x0, 0x0, @fd}, @typed={0x8, 0x2e, 0x0, 0x0, @pid=r1}, @typed={0x8, 0x67, 0x0, 0x0, @ipv4=@local}, @typed={0x5, 0xf, 0x0, 0x0, @str='\x00'}, @nested={0x4, 0xbf}]}, @typed={0x7, 0xfd, 0x0, 0x0, @str='@!\x00'}, @generic="b0b4c871b001494556c471178915121a901f21947fa69b01d4b40ad41ca6719a19c47024c9ec035217d3aceb941c47cc89fb5526f627054c8b62cb", @nested={0x49, 0xd5, 0x0, 0x1, [@generic="17d9a841be83da1756e6a1ab817f584e735d5f283f6bba039e4d9ec39555e2f02e1c95570a669809b2da24a27c", @typed={0x14, 0xeb, 0x0, 0x0, @ipv6=@mcast1}, @typed={0x4, 0xf7}]}]}, 0xd8}, 0x1, 0x0, 0x0, 0x831}, 0x4000000)
setsockopt$IPT_SO_SET_REPLACE(r6, 0x0, 0x40, &(0x7f0000000fc0)=@raw={'raw\x00', 0x8, 0x3, 0x4e8, 0x0, 0x11, 0x148, 0x340, 0x0, 0x450, 0x2a8, 0x2a8, 0x450, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'ip_vti0\x00', {0x0, 0x0, 0x3f, 0x0, 0x88000000, 0x3, 0x7}}}, @common=@unspec=@bpf1={{0x230}, @pinned={0x1, 0x0, 0x0, './file0\x00'}}]}, @unspec=@CT0={0x48}}, {{@ip={@multicast2, @empty, 0x0, 0x0, 'vlan0\x00', 'netdevsim0\x00'}, 0x0, 0xd0, 0x110, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@unspec=@quota={{0x38}, {0x0, 0x0, 0x81}}]}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0x4f, 0x7, "72f6daeff0a9c6294e211d2d88fe6dcff5d0e552201da3b7a1fdb30dcb59"}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x548)

7.391780431s ago: executing program 5 (id=1326):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000300)={0xa, 0x200000000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000000)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f00000003c0)='net/mcfilter6\x00')
read$char_usb(r3, &(0x7f0000001080)=""/160, 0xa0)

5.945859972s ago: executing program 1 (id=1328):
prctl$PR_SET_MM_MAP(0x23, 0xe, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
keyctl$restrict_keyring(0xa, 0x0, &(0x7f0000000140)='keyring\x00', &(0x7f0000000880)='\x00\x00\x00\b\x00\xf2?60\xac\x14\b\x00\x00\x00\x00\x00\x00\x00\xde\x00\x00\xd4\x98\xfb\x0e-\\\x82D\xb2\xdeT%9\xab\x1f\xbe\xb0\xe1\xef\x9du\x1a\xd9\xc6@e\xdb\xa4m2\xc8\x85!\xeew2\xa9w\x1fx\xbf\xc5.\be\xb2\x94\xf6\xa4\xd6&\xe5\xd4\x9c\xfc\x85\xbc\xb3(l\xe1B\xbf7-\x04\xf5M\x88\xdaM\x94\xc7e\xbc\xa8!\x82\xab\xfc\x8fX\xc0I%C\x9e\xdd\xe7l\xa7\x9e3\xf4\x04\xaf\xa3\xc5')

5.571021421s ago: executing program 8 (id=1330):
syslog(0xb8de7dae, 0x0, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, 0x0, 0x290)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$IPVS_CMD_NEW_SERVICE(0xffffffffffffffff, 0x0, 0x800)
sendmsg$NL80211_CMD_CHANNEL_SWITCH(0xffffffffffffffff, 0x0, 0x4000001)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
timer_create(0xb, 0x0, &(0x7f0000000380))
timer_gettime(0x0, 0x0)
shmdt(0x0)
bind$bt_sco(0xffffffffffffffff, 0x0, 0x0)
setsockopt$bt_BT_VOICE(0xffffffffffffffff, 0x112, 0xb, 0x0, 0x0)
bind$bt_hci(r0, &(0x7f0000000400)={0x1f, 0xffff, 0x3}, 0x6)
write(r0, &(0x7f00000006c0)="3b0000000100", 0x6)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB], 0x0)

5.205989578s ago: executing program 4 (id=1332):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa8442, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = syz_io_uring_setup(0x70ca, &(0x7f0000000080)={0x0, 0x0, 0x10100, 0x3, 0x179}, &(0x7f0000000100)=<r2=>0x0, &(0x7f00000007c0)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x40, 0x0, @fd_index=0x3, 0x0, 0x0})
io_uring_enter(r1, 0x4d10, 0x2, 0x2, 0x0, 0x0)

4.876808613s ago: executing program 5 (id=1333):
sendmsg$RDMA_NLDEV_CMD_NEWLINK(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000c00)=ANY=[@ANYBLOB="24000000031401002dbd7000ffdbdf250900020073797a3200000000080041"], 0x38}, 0x1, 0x0, 0x0, 0x4040111}, 0x20000010)

4.447083s ago: executing program 6 (id=1334):
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0xc40a, &(0x7f0000000200)={[{@noblock_validity}, {@dioread_lock}, {@nobh}, {@nouid32}, {@errors_continue}, {@usrjquota, 0x2e}, {@noacl}, {@nodiscard}, {@jqfmt_vfsv0}, {@delalloc}], [], 0x2c}, 0x1, 0x45e, &(0x7f0000000480)="$eJzs20tvG0UcAPD/2nHfJaGUR0sBQ3lEPJImLdADlyKQekFCgkM5hjStSt0GNUGiVUUDh3JE/QTAEYlPwIleEHACcYU7QqpQLxQOaNHaa2Ps2DhOXLf17ydtPLM7653/7k48O2MHMLLK2Z8kYkdE/BwR4xFRbC1Qrr3cuH5x/s/rF+eTSNM3fk+y3eKP6xfn60WT/HV7npksNFa1WTp/4fRcpbJwLs9PL595d3rp/IXnTp2ZO7lwcuHs7OHDhw7OvPjC7PMbEufOrK57P1jct+foW1demz925e3vvswqtyPf3hxHzcS6j1mOcscT8MS63/3WsjN/7XjBuSVlbX0sIkrV9j8exWquZjxe/WiolQMGKk3TdHPb2kYPYCUF7mBJDLsGwHDUP+iz59/6chO7H0N37UjtASiL+0a+1LaMRSEvU2p6vt1o5Yg4tvLXp9kSq45DAABsrK+z/s+zq/X/CnFfU7m78rmhiYi4OyJ2RcQ9EbE7Iu6NqJa9PyIeWOPxyy359v7Pj1v7CqxH145E8lI+t/Xf/l+99xcTxTy3sxp/KTlxqrJwID8nk1HanOVnuhzj6is/fdJpW3P/L1uy49f7gnk9fhtrGaA7Prc8t56Ym137sDoGeKk9/qQxE5BExJ6I2NvH+2+JiFNPf7GvbUPTRFH3+LsY66NCLdLPI56qXf+VaIm/uapd5ient0Rl4cB0/a5o9/0Pl1/vdPz/v/6DlV3/bave/434J5Lm+dqltR/j8i8fd3ym6ff+35S8WU1vyte9P7e8fG4mYlOy0r5+9t996/l6+Sz+yf2rt/9dEX9/lu/3YERkN/FDEfFwRDyS1/3RiHgsIvZ3if/blx9/p//4ByuL//iarv/aE8XT33zV6fi9Xf9D1dRkvqaX/3+9VnA95w4AAABuF4Xqd+CTwlQjXShMTdW+w787thUqi0vLz5xYfO/s8dp35SeiVKiPdI03jYfO5GPD9fxsS/5gddw4TdN0azU/Nb9YGdScOtCb7R3af+bX4rBrBwzcmubR/MIL7igbMI8O3Ka0fxhd2j+MLu0fRtdq7f9SxI0hVAW4yXz+w+jS/mF0af8wurR/GEnr+V1/t8Suo4N659sxcTUiOpUpDrWGT27vd/coDPus9p4o5Xd7Y03hFqlYNbE5InotfCluVsWG/I8JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgg/wTAAD//7CF5k8=")
chdir(0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=ANY=[], &(0x7f0000000180), 0x0)
unlink(&(0x7f00000001c0)='./file0\x00')
open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x0)

4.176315991s ago: executing program 5 (id=1335):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, 0x7, 0x6, 0x5, 0x0, 0x0, {0x1, 0x0, 0x2}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20004080}, 0x48810)
recvmsg(r0, &(0x7f000000c1c0)={0x0, 0x4000, &(0x7f000000c080)=[{&(0x7f000000acc0)=""/4089, 0xff9}, {&(0x7f000000bcc0)=""/63, 0x3f}], 0x2}, 0x20)

3.880602961s ago: executing program 5 (id=1336):
r0 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="48000000140081fb7059ae08060c04000aff0f11000000040011018701546fabca1b4e7d06a6bd7c493872f750375ed08a562af5745e17b8c119418f0f000000d6e74703c48f93b8", 0x48}], 0x1}, 0x0)

3.677153999s ago: executing program 4 (id=1337):
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
preadv2(r0, &(0x7f0000000600)=[{&(0x7f0000000100)=""/14, 0xe}, {0x0}], 0x2, 0x65, 0x80000000, 0x0)

3.6751706s ago: executing program 5 (id=1338):
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="1813000007000000eab4040000000000001000000000", @ANYRES32, @ANYBLOB="827400"/19, @ANYRES32], 0x50)
r0 = syz_create_resource$binfmt(&(0x7f0000000400)='./file0\x00')
openat$binfmt(0xffffffffffffff9c, r0, 0x42, 0x1ff)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
truncate(&(0x7f0000000180)='./file0\x00', 0x8fff5)
r2 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r1, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000240)=[0x4], 0x0, 0x0, 0x1, 0x1}}, 0x40)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000340)={r2, 0x58, &(0x7f00000002c0)}, 0x10)

3.572194938s ago: executing program 6 (id=1339):
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000240)={'batadv_slave_1\x00', <r1=>0x0})
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000000)={r1, 0x1, 0x6, @random}, 0x10)
setsockopt$packet_add_memb(r0, 0x107, 0x1, 0x0, 0x0)
setsockopt$packet_drop_memb(r0, 0x107, 0x2, &(0x7f0000000140)={0x0, 0x1, 0x6, @link_local}, 0x10)

3.365331722s ago: executing program 4 (id=1340):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000108000a40fffffffc880000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a31000000005c0003805800008008000340000000024c000b802c0001800a0001006c696d69740000001c0002800c00024000000000000000030c00014000000000000100001c000180090001006c617374000000000c0002800800014000000005"], 0xec}, 0x1, 0x0, 0x0, 0x40000}, 0x40)

3.274868604s ago: executing program 5 (id=1341):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000380)=0x3)
r4 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000940)=ANY=[@ANYBLOB, @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000000080850000000c000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000300)={r5, 0xe0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000040)=[0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0], 0x0, 0x0, 0xfb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000180), 0x8, 0xcc, 0x8, 0x8, &(0x7f00000001c0)}}, 0x10)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000007c0)={r4, &(0x7f0000000780)}, 0x20)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=@newsa={0x158, 0x10, 0x713, 0x70bd26, 0x0, {{@in6=@ipv4={'\x00', '\xff\xff', @multicast2}, @in=@dev={0xac, 0x14, 0x14, 0x13}, 0x4e22, 0x1, 0x0, 0x3, 0x2, 0x0, 0x0, 0x3a, 0x0, 0xffffffffffffffff}, {@in6=@remote, 0x0, 0x32}, @in6=@local, {0x0, 0x0, 0x8, 0xa, 0x6, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x2, 0xfffffffffffffff8}, {0xc, 0x0, 0x2}, 0x70bd29, 0x0, 0x2, 0x1, 0x0, 0x28}, [@algo_aead={0x68, 0x12, {{'rfc4543(gcm(aes))\x00'}, 0xe0, 0x80, "316f74eeac053deb73fc018493cc121927a9bca207141b9a451c00aa"}}]}, 0x158}, 0x1, 0x0, 0x0, 0xc0}, 0x0)
syz_usb_connect(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="120110014a696d4003041060410100f602010902240001000000820904"], 0x0)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000010000000a00000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
ioctl$FS_IOC_GETFLAGS(r7, 0x800452d2, 0x0)
r8 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000340), 0x92000, 0x0)
sendmsg$nl_generic(r8, &(0x7f0000000440)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000400)={&(0x7f0000000640)={0xd8, 0x2b, 0x4, 0x70bd2c, 0x25dfdbfd, {0x2}, [@nested={0x34, 0xf6, 0x0, 0x1, [@typed={0x8, 0xe9, 0x0, 0x0, @u32=0xd5e}, @nested={0x4, 0x5b}, @typed={0x8, 0xd1, 0x0, 0x0, @fd}, @typed={0x8, 0x2e, 0x0, 0x0, @pid=r1}, @typed={0x8, 0x67, 0x0, 0x0, @ipv4=@local}, @typed={0x5, 0xf, 0x0, 0x0, @str='\x00'}, @nested={0x4, 0xbf}]}, @typed={0x7, 0xfd, 0x0, 0x0, @str='@!\x00'}, @generic="b0b4c871b001494556c471178915121a901f21947fa69b01d4b40ad41ca6719a19c47024c9ec035217d3aceb941c47cc89fb5526f627054c8b62cb", @nested={0x49, 0xd5, 0x0, 0x1, [@generic="17d9a841be83da1756e6a1ab817f584e735d5f283f6bba039e4d9ec39555e2f02e1c95570a669809b2da24a27c", @typed={0x14, 0xeb, 0x0, 0x0, @ipv6=@mcast1}, @typed={0x4, 0xf7}]}]}, 0xd8}, 0x1, 0x0, 0x0, 0x831}, 0x4000000)
setsockopt$IPT_SO_SET_REPLACE(r6, 0x0, 0x40, &(0x7f0000000fc0)=@raw={'raw\x00', 0x8, 0x3, 0x4e8, 0x0, 0x11, 0x148, 0x340, 0x0, 0x450, 0x2a8, 0x2a8, 0x450, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'ip_vti0\x00', {0x0, 0x0, 0x3f, 0x0, 0x88000000, 0x3, 0x7}}}, @common=@unspec=@bpf1={{0x230}, @pinned={0x1, 0x0, 0x0, './file0\x00'}}]}, @unspec=@CT0={0x48}}, {{@ip={@multicast2, @empty, 0x0, 0x0, 'vlan0\x00', 'netdevsim0\x00'}, 0x0, 0xd0, 0x110, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@unspec=@quota={{0x38}, {0x0, 0x0, 0x81}}]}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0x4f, 0x7, "72f6daeff0a9c6294e211d2d88fe6dcff5d0e552201da3b7a1fdb30dcb59"}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x548)

3.160770149s ago: executing program 4 (id=1342):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2, 0x0, 0xfffe}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x5}}}, 0x78}, 0x1, 0x0, 0x0, 0x840}, 0x0)

2.875262731s ago: executing program 4 (id=1343):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00'})
r1 = syz_open_dev$loop(&(0x7f0000000000), 0x7, 0x4)
ioctl$BLKROGET(r1, 0x125e, &(0x7f0000000040))
socket(0x10, 0x80002, 0x0)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x87}, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x22, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SET_MM(0x23, 0x6, &(0x7f0000ffc000/0x4000)=nil)
prctl$PR_SET_MM(0x23, 0x7, &(0x7f0000ffd000/0x3000)=nil)

2.174635466s ago: executing program 8 (id=1344):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f00000007c0)={[{@nodioread_nolock}, {@nodiscard}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5a}}, {@nouid32}, {@resgid}, {@acl}, {@data_err_ignore}]}, 0x1, 0x46f, &(0x7f0000000bc0)="$eJzs281rHOUfAPDvTF7a/vqS/Gp9aa0aLUJQTJq0ag9eFAWRioIe6jEm2xK6baSJYmuxqYgnQQp6Fo+if4E3EUQ9CV49eZJC0V7aeorM7Ey72WYTYzadmP18YHafZ+bZnee7z7w8+zy7AXStoewhidgREb9GxEAju7jAUOPp+tXzkzeunp9MYmHhtT+SvNy1q+cny6Ll67YXmeE0Iv0wKXay2OzZcycn6vXamSI/OnfqrdHZs+eeeOfUxInaidrp8SNHDh8ae/qp8Sc7EmcW17V978/s3/viG5denjx26c0fv87qu6PY3hxHpwxlgf+5kGvd9mind1axnU3ppLfCirAqPRGRNVdffv4PRE/caryBeOGDSisHrKvs3rSl/eb5BWATS6LqGgDVKG/02fffcrlDXY8N4cqzjS9AWdzXi6WxpTfSokxfy/fbThqKiGPzf32eLbFO4xAAAM0+nvzsaH9EvHfjq5eyvsdARJTjQffkj7/lj7uKOZTBiPh/ROyOiLsiYk9E3F2UvTci7ltjfW7v/6SX1/iWy8r6f88Uc1uL+39l7y8Ge4rczjz+vuT4dL12sPhMhqNvS5YfW2Yf3z7/yyfttjX3/7Il23/ZFyzqcbm3ZYBuamJuIu+UdsCVixH7epeKP7k5E5BExN6I2Le6t95VJqYf+3J/u0Irx7+MDswzLXyRhTefxT8fLfGXkub5yenb5idHt0a9dnC0PCpu99PPH73abv9rir8DrtQaz03t31pkMGmer53t7P7/5fGf9iev5/PM/cW6dyfm5s6MRfQnR/P8ovXjt15b5svy2fE/fGDp83938Zos/vsjIjuIH4iIByPioaLuD0fEIxFxYJkYf3hu5fgjraj9L0ZMLXn9u3n8t7T/6hM9J7//pt3+/1n7H85Tw8Wa/Pq3gqWqk10uWiu4ls8OAAAA/ivS/DfwSTpyM52mIyON3/Dvif+l9ZnZucePz7x9eqrxW/nB6EvLka6BYjy0Pl2vjSXzxTs2xkfHi7Hicrz0UDFu/GnPtjw/MjlTn6o4duh229uc/5nfe6quHbDOti25drz/jlcEqEDrPHq6OHvhlXAxgM3K/7Whe61w/jf/DwbYZNz/oXstdf5faMmbC4DNyf0fupfzH7pU+l3VNQAq5P4PXWkt/+tfx8TWjVGNahIbtVHyRESZSDdEfSTWKVH1lQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKAz/g4AAP//K2Lmiw==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='.\x00', 0x0, 0x0)
open_by_handle_at(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="08000000020003000b"], 0x0)

0s ago: executing program 4 (id=1345):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x141301)
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000c80)={0x14, 0x0, 0x2, 0x301, 0x0, 0x0, {0x7, 0x0, 0x2}}, 0x14}, 0x1, 0x0, 0x0, 0x40010}, 0x4008000)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x4)
r3 = dup(r2)
setsockopt$MRT_INIT(r3, 0x0, 0xc8, &(0x7f0000000340), 0x4)
ioctl$TIOCL_SETSEL(r3, 0x541c, &(0x7f0000000100)={0x2, {0x2, 0x103, 0x100, 0x551}})
r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000440), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_MESH(r3, &(0x7f0000000780)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000700)={&(0x7f00000006c0)={0x24, r4, 0x800, 0x70bd2b, 0x25dfdbfe, {}, [@BATADV_ATTR_VLANID={0x6, 0x28, 0x2}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000802}, 0x8000)
r5 = socket(0x10, 0x803, 0x0)
mbind(&(0x7f0000400000/0xc00000)=nil, 0xc01100, 0x0, 0x0, 0x0, 0x2)
sendto(r5, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r5, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x321}, {&(0x7f0000000280)=""/85, 0x21}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000580)=""/106, 0x659}, {&(0x7f0000000980)=""/73, 0xd}, {&(0x7f0000000200)=""/77, 0x69}, {&(0x7f00000007c0)=""/141, 0xc4}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}, 0x5}], 0x4000000000003b4, 0x2000, &(0x7f0000003700)={0x77359400})
ioctl$USBDEVFS_CONTROL(r1, 0xc0105500, &(0x7f00000000c0)={0x80, 0xa, 0x303, 0x0, 0x0, 0x6e9, 0x0})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000c80)={'lo\x00'})
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001580)=ANY=[@ANYBLOB="600000000206030000000000b8791fa80000000014000780080012400000000005001500010000000500010006000000050005000200000005000400000000000900020073797a310000000012000300686173683a6e65742c706f7274"], 0x60}}, 0x0)
sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000), 0xc, 0x0, 0x1, 0x0, 0x0, 0xa7e4a71329317a60}, 0x20000000)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)={0x54, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x2c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @rand_addr=0x64010100}}, @IPSET_ATTR_PROTO={0x5, 0x7, 0x84}, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e22}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @dev={0xac, 0x14, 0x14, 0x21}}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)

kernel console output (not intermixed with test programs):

ew USB device strings: Mfr=1, Product=2, SerialNumber=3
[  361.601279][ T5937] usb 3-1: Product: syz
[  361.605643][ T5937] usb 3-1: Manufacturer: syz
[  361.614600][ T8161] tipc: Started in network mode
[  361.620067][ T8161] tipc: Node identity 7f000001, cluster identity 4711
[  361.630377][ T5937] usb 3-1: SerialNumber: syz
[  361.681676][ T5937] usb 3-1: config 0 descriptor??
[  361.690216][ T8161] tipc: Enabled bearer <udp:syz2>, priority 10
[  361.900572][ T5937] usbtouchscreen 3-1:0.214: Failed to read FW rev: -32
[  361.930298][ T5937] usbtouchscreen 3-1:0.214: probe with driver usbtouchscreen failed with error -32
[  363.019589][ T6088] tipc: Node number set to 2130706433
[  363.027124][ T5844] Bluetooth: hci3: command tx timeout
[  363.048302][ T8103] chnl_net:caif_netlink_parms(): no params data found
[  363.725625][ T5965] usb 3-1: USB disconnect, device number 16
[  363.920306][ T7193] hsr_slave_0: left promiscuous mode
[  363.954327][ T7193] hsr_slave_1: left promiscuous mode
[  363.985023][ T7193] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  364.011789][ T7193] batman_adv: batadv0: Removing interface: batadv_slave_0
[  364.050463][ T7193] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  364.187393][ T7193] batman_adv: batadv0: Removing interface: batadv_slave_1
[  364.866972][ T7193] veth1_macvtap: left promiscuous mode
[  364.891735][ T7193] veth0_macvtap: left promiscuous mode
[  364.953199][ T7193] veth1_vlan: left promiscuous mode
[  364.994018][ T7193] veth0_vlan: left promiscuous mode
[  365.123391][ T5844] Bluetooth: hci3: command tx timeout
[  368.222985][ T8219] loop2: detected capacity change from 0 to 256
[  368.350982][ T8219] FAT-fs (loop2): Directory bread(block 64) failed
[  368.379568][ T8219] FAT-fs (loop2): Directory bread(block 65) failed
[  368.404053][ T8219] FAT-fs (loop2): Directory bread(block 66) failed
[  368.436048][ T8219] FAT-fs (loop2): Directory bread(block 67) failed
[  368.483423][ T8219] FAT-fs (loop2): Directory bread(block 68) failed
[  368.510561][ T8219] FAT-fs (loop2): Directory bread(block 69) failed
[  368.517364][ T8219] FAT-fs (loop2): Directory bread(block 70) failed
[  368.567663][ T8219] FAT-fs (loop2): Directory bread(block 71) failed
[  368.579745][ T8219] FAT-fs (loop2): Directory bread(block 72) failed
[  368.586335][ T8219] FAT-fs (loop2): Directory bread(block 73) failed
[  369.138161][ T8224] loop2: detected capacity change from 0 to 512
[  369.270003][ T8224] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  369.360629][ T8224] ext4 filesystem being mounted at /113/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  369.676917][ T5829] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  370.436685][ T7193] team0 (unregistering): Port device team_slave_1 removed
[  370.508651][ T7193] team0 (unregistering): Port device team_slave_0 removed
[  370.845146][ T5937] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  371.024000][ T5937] usb 7-1: Using ep0 maxpacket: 8
[  371.032070][ T5937] usb 7-1: config index 0 descriptor too short (expected 5924, got 36)
[  371.040668][ T5937] usb 7-1: config 250 has an invalid interface number: 228 but max is -1
[  371.049130][ T5937] usb 7-1: config 250 has 1 interface, different from the descriptor's value: 0
[  371.078526][ T5937] usb 7-1: config 250 has no interface number 0
[  371.089438][ T5937] usb 7-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  371.122335][ T5937] usb 7-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[  371.141010][ T5937] usb 7-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[  371.171581][ T5937] usb 7-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[  371.185384][ T5937] usb 7-1: config 250 interface 228 has no altsetting 0
[  371.226479][ T5937] usb 7-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  371.248698][ T5937] usb 7-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  371.271324][ T5937] usb 7-1: Product: syz
[  371.275562][ T5937] usb 7-1: SerialNumber: syz
[  371.312145][ T5937] hub 7-1:250.228: bad descriptor, ignoring hub
[  371.321875][ T5937] hub 7-1:250.228: probe with driver hub failed with error -5
[  371.548034][ T8238] bridge_slave_1: left allmulticast mode
[  371.567207][ T8238] bridge_slave_1: left promiscuous mode
[  371.581141][ T8238] bridge0: port 2(bridge_slave_1) entered disabled state
[  371.721329][ T5937] usb 7-1: USB disconnect, device number 3
[  371.912828][ T8103] bridge0: port 1(bridge_slave_0) entered blocking state
[  371.936102][ T8103] bridge0: port 1(bridge_slave_0) entered disabled state
[  372.899776][ T8103] bridge_slave_0: entered allmulticast mode
[  372.914536][ T8103] bridge_slave_0: entered promiscuous mode
[  372.935556][ T8103] bridge0: port 2(bridge_slave_1) entered blocking state
[  374.229591][ T8103] bridge0: port 2(bridge_slave_1) entered disabled state
[  374.236929][ T8103] bridge_slave_1: entered allmulticast mode
[  374.426230][ T8253] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  374.704351][ T8103] bridge_slave_1: entered promiscuous mode
[  374.988268][ T8103] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  375.028590][ T8103] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  376.969436][ T8103] team0: Port device team_slave_0 added
[  376.983656][ T8103] team0: Port device team_slave_1 added
[  377.101141][ T8261] overlayfs: failed to resolve './file0': -2
[  377.267886][ T8103] batman_adv: batadv0: Adding interface: batadv_slave_0
[  377.313195][ T8103] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  378.351027][ T8103] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  378.371463][ T8103] batman_adv: batadv0: Adding interface: batadv_slave_1
[  378.378480][ T8103] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  378.919980][ T8103] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  380.377928][ T8103] hsr_slave_0: entered promiscuous mode
[  380.402115][ T8103] hsr_slave_1: entered promiscuous mode
[  380.440119][ T8103] debugfs: 'hsr0' already exists in 'hsr'
[  380.446010][ T8103] Cannot create hsr debugfs directory
[  380.515005][ T8295] netlink: 4 bytes leftover after parsing attributes in process `syz.1.662'.
[  381.654111][ T5992] usb 2-1: new full-speed USB device number 14 using dummy_hcd
[  381.828549][ T5992] usb 2-1: not running at top speed; connect to a high speed hub
[  381.870177][ T5992] usb 2-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  381.892119][ T5992] usb 2-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  381.919586][ T5849] Bluetooth: hci4: command 0x1003 tx timeout
[  381.929638][ T5844] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  381.969198][ T5992] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  382.001337][ T5992] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  382.129527][ T6522] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  382.137386][ T5992] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  382.174721][ T5992] usb 2-1: Product: syz
[  382.217386][ T5992] usb 2-1: Manufacturer: syz
[  382.229486][ T5992] usb 2-1: SerialNumber: syz
[  382.313941][ T6522] usb 3-1: Using ep0 maxpacket: 8
[  382.342068][ T6522] usb 3-1: config index 0 descriptor too short (expected 5924, got 36)
[  382.381917][ T6522] usb 3-1: config 250 has an invalid interface number: 228 but max is -1
[  382.425951][ T6522] usb 3-1: config 250 has 1 interface, different from the descriptor's value: 0
[  382.448584][ T6522] usb 3-1: config 250 has no interface number 0
[  382.473849][ T6522] usb 3-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  382.498470][ T8103] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  382.506942][ T6522] usb 3-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[  382.510624][ T5992] usb 2-1: 0:2 : does not exist
[  382.538254][ T6522] usb 3-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[  382.590701][ T8103] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  382.618704][ T6522] usb 3-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0
[  382.643010][ T6522] usb 3-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[  382.645704][ T5992] usb 2-1: USB disconnect, device number 14
[  382.656965][ T6522] usb 3-1: config 250 interface 228 has no altsetting 0
[  384.483974][ T8103] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  384.583573][ T6522] usb 3-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  384.615475][ T8103] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  384.644643][ T6522] usb 3-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  384.685710][   T31] audit: type=1326 audit(1769121798.513:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8319 comm="syz.5.656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73a959acb9 code=0x7ffc0000
[  385.539478][ T6522] usb 3-1: Product: syz
[  385.543796][ T6522] usb 3-1: SerialNumber: syz
[  385.657828][   T31] audit: type=1326 audit(1769121798.523:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8319 comm="syz.5.656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73a959acb9 code=0x7ffc0000
[  385.793897][   T31] audit: type=1326 audit(1769121798.523:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8319 comm="syz.5.656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7f73a959acb9 code=0x7ffc0000
[  385.839805][ T6522] usb 3-1: can't set config #250, error -71
[  385.852320][ T8331] loop5: detected capacity change from 0 to 256
[  385.899863][ T6522] usb 3-1: USB disconnect, device number 17
[  385.964454][   T31] audit: type=1326 audit(1769121798.523:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8319 comm="syz.5.656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73a959acb9 code=0x7ffc0000
[  386.033930][ T8331] exFAT-fs (loop5): failed to load upcase table (idx : 0x00011a39, chksum : 0xd7c18d7b, utbl_chksum : 0xe619d30d)
[  386.120714][   T31] audit: type=1326 audit(1769121798.523:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8319 comm="syz.5.656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73a959acb9 code=0x7ffc0000
[  386.246418][   T31] audit: type=1326 audit(1769121798.523:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8319 comm="syz.5.656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=269 compat=0 ip=0x7f73a959acb9 code=0x7ffc0000
[  386.296468][ T8103] 8021q: adding VLAN 0 to HW filter on device bond0
[  386.371968][   T31] audit: type=1326 audit(1769121798.523:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8319 comm="syz.5.656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73a959acb9 code=0x7ffc0000
[  386.417093][ T8339] loop1: detected capacity change from 0 to 128
[  386.427600][ T8103] 8021q: adding VLAN 0 to HW filter on device team0
[  386.492361][ T4268] bridge0: port 1(bridge_slave_0) entered blocking state
[  386.499460][   T31] audit: type=1326 audit(1769121798.523:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8319 comm="syz.5.656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73a959acb9 code=0x7ffc0000
[  386.499607][ T4268] bridge0: port 1(bridge_slave_0) entered forwarding state
[  386.557668][ T8339] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  386.577413][ T8345] loop2: detected capacity change from 0 to 512
[  386.609643][   T31] audit: type=1326 audit(1769121798.523:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8319 comm="syz.5.656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7f73a959acb9 code=0x7ffc0000
[  386.642368][   T31] audit: type=1326 audit(1769121799.333:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8319 comm="syz.5.656" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73a959acb9 code=0x7ffc0000
[  386.653886][ T8339] ext4 filesystem being mounted at /120/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  386.668116][ T8345] EXT4-fs: Ignoring removed bh option
[  386.740794][ T8345] EXT4-fs: Ignoring removed mblk_io_submit option
[  386.837222][ T8345] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  386.854414][ T4268] bridge0: port 2(bridge_slave_1) entered blocking state
[  386.861643][ T4268] bridge0: port 2(bridge_slave_1) entered forwarding state
[  386.875806][ T8339] EXT4-fs warning (device loop1): ext4_dirblock_csum_verify:375: inode #2: comm syz.1.672: No space for directory leaf checksum. Please run e2fsck -D.
[  386.905511][ T8345] EXT4-fs (loop2): 1 truncate cleaned up
[  386.917260][ T8345] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  386.931378][ T8339] EXT4-fs error (device loop1): __ext4_find_entry:1624: inode #2: comm syz.1.672: checksumming directory block 0
[  387.176467][ T5828] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  387.254172][ T5829] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  388.324891][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  388.364401][ T8363] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  388.387719][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  388.908265][ T8103] 8021q: adding VLAN 0 to HW filter on device batadv0
[  388.917109][ T8376] netlink: 47 bytes leftover after parsing attributes in process `syz.1.680'.
[  388.949754][ T8376] netlink: 20 bytes leftover after parsing attributes in process `syz.1.680'.
[  390.881176][ T5844] Bluetooth: hci6: command 0x0406 tx timeout
[  391.384038][ T8385] binder: 8384:8385 ioctl c0306201 0 returned -14
[  391.828430][ T8396] overlayfs: missing 'lowerdir'
[  393.320747][ T5992] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  394.272418][ T5992] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  394.320782][ T5992] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[  394.354786][ T8103] veth0_vlan: entered promiscuous mode
[  394.372692][ T5992] usb 7-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  394.403431][ T5992] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  394.413399][ T8429] loop1: detected capacity change from 0 to 512
[  394.423903][ T8103] veth1_vlan: entered promiscuous mode
[  394.445817][ T5992] usb 7-1: SerialNumber: syz
[  394.471096][ T8429] EXT4-fs: Ignoring removed mblk_io_submit option
[  394.557502][ T8429] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -13
[  394.583518][ T8429] EXT4-fs error (device loop1): ext4_clear_blocks:874: inode #13: comm syz.1.690: attempt to clear invalid blocks 2 len 1
[  394.641932][ T8103] veth0_macvtap: entered promiscuous mode
[  394.670945][ T8103] veth1_macvtap: entered promiscuous mode
[  394.693114][ T8429] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1303: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  394.705242][ T8103] batman_adv: batadv0: Interface activated: batadv_slave_0
[  394.763202][ T5992] usb 7-1: 0:2 : does not exist
[  394.779515][ T8429] EXT4-fs error (device loop1): ext4_free_branches:1020: inode #13: comm syz.1.690: invalid indirect mapped block 1819239214 (level 0)
[  394.801582][ T8103] batman_adv: batadv0: Interface activated: batadv_slave_1
[  394.844660][ T8429] EXT4-fs error (device loop1): ext4_free_branches:1020: inode #13: comm syz.1.690: invalid indirect mapped block 1819239214 (level 1)
[  394.923872][ T8429] EXT4-fs (loop1): 1 truncate cleaned up
[  394.950868][ T4268] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  394.952219][ T5992] usb 7-1: USB disconnect, device number 4
[  394.952721][ T8429] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  395.044329][ T4268] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  395.303258][ T5851] udevd[5851]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  395.904899][ T4268] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  395.959623][ T5828] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  395.978870][ T4268] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  398.171215][ T3575] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  398.229420][ T3575] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  398.568609][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  398.637789][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  401.842591][ T8468] loop7: detected capacity change from 0 to 256
[  401.877016][ T8467] binder: 8465:8467 ioctl c0306201 0 returned -14
[  401.907238][ T8468] exfat: Bad value for 'uid'
[  401.925322][ T8468] exfat: Bad value for 'uid'
[  402.549249][ T8476] overlayfs: missing 'workdir'
[  407.958650][ T8508] netlink: 32 bytes leftover after parsing attributes in process `syz.0.707'.
[  409.755998][ T8533] loop5: detected capacity change from 0 to 256
[  409.884175][ T8533] FAT-fs (loop5): Directory bread(block 64) failed
[  409.939469][ T8533] FAT-fs (loop5): Directory bread(block 65) failed
[  409.976838][ T8533] FAT-fs (loop5): Directory bread(block 66) failed
[  410.844338][ T8533] FAT-fs (loop5): Directory bread(block 67) failed
[  412.740474][ T8538] tun0: tun_chr_ioctl cmd 1074025681
[  412.780505][ T8533] FAT-fs (loop5): Directory bread(block 68) failed
[  412.829584][ T8533] FAT-fs (loop5): Directory bread(block 69) failed
[  412.883302][ T8533] FAT-fs (loop5): Directory bread(block 70) failed
[  412.929198][ T8533] FAT-fs (loop5): Directory bread(block 71) failed
[  413.039601][ T8533] FAT-fs (loop5): Directory bread(block 72) failed
[  413.046299][ T8533] FAT-fs (loop5): Directory bread(block 73) failed
[  413.421440][ T8553] bond0: (slave bridge0): Releasing backup interface
[  413.488699][ T8553] bridge_slave_0: left allmulticast mode
[  413.524465][ T8553] bridge_slave_0: left promiscuous mode
[  413.550739][ T8553] bridge0: port 1(bridge_slave_0) entered disabled state
[  413.587602][ T8553] bridge_slave_1: left allmulticast mode
[  414.449335][ T8553] bridge_slave_1: left promiscuous mode
[  414.473126][ T8553] bridge0: port 2(bridge_slave_1) entered disabled state
[  414.582464][ T8553] bond0: (slave bond_slave_0): Releasing backup interface
[  414.644230][ T8553] bond0: (slave bond_slave_1): Releasing backup interface
[  414.723834][ T8553] team0: Port device team_slave_0 removed
[  414.795678][ T8553] team0: Port device team_slave_1 removed
[  414.840618][ T8553] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  414.868743][ T8553] batman_adv: batadv0: Removing interface: batadv_slave_0
[  416.800509][ T8553] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  416.808101][ T8553] batman_adv: batadv0: Removing interface: batadv_slave_1
[  416.941675][ T8565] netlink: 'syz.6.706': attribute type 10 has an invalid length.
[  417.006805][ T8553] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  417.033000][    C0] IPv4: Oversized IP packet from 172.20.20.24
[  417.508738][ T8565] bridge0: port 2(bridge_slave_1) entered disabled state
[  417.516377][ T8565] bridge0: port 1(bridge_slave_0) entered disabled state
[  417.639590][ T8565] bridge0: port 2(bridge_slave_1) entered blocking state
[  417.646803][ T8565] bridge0: port 2(bridge_slave_1) entered forwarding state
[  417.654712][ T8565] bridge0: port 1(bridge_slave_0) entered blocking state
[  417.662136][ T8565] bridge0: port 1(bridge_slave_0) entered forwarding state
[  417.803403][ T8565] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  417.816938][ T8569] loop1: detected capacity change from 0 to 512
[  417.875827][ T8569] EXT4-fs (loop1): Test dummy encryption mode enabled
[  417.989226][ T8569] EXT4-fs (loop1): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  418.357381][ T5828] EXT4-fs (loop1): unmounting filesystem 00000005-0000-0000-0000-000000000000.
[  419.003112][ T8586] netlink: 136 bytes leftover after parsing attributes in process `syz.6.729'.
[  419.611133][ T8586] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  422.825291][ T8612] loop2: detected capacity change from 0 to 512
[  422.878477][ T8612] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  422.964606][ T8612] EXT4-fs error (device loop2): ext4_get_journal_inode:5849: comm syz.2.734: inode #1792: comm syz.2.734: iget: illegal inode #
[  423.011670][ T8612] EXT4-fs (loop2): Remounting filesystem read-only
[  423.018335][ T8612] EXT4-fs (loop2): no journal found
[  423.108737][ T8612] EXT4-fs (loop2): can't get journal size
[  423.139266][ T8612] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[  423.233610][ T8612] EXT4-fs (loop2): Errors on filesystem, clearing orphan list.
[  423.319599][ T8612] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  423.672267][ T8621] netlink: 'syz.6.736': attribute type 4 has an invalid length.
[  426.673314][ T5829] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  427.029497][ T5872] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  427.233636][ T5872] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  427.249354][ T5872] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  427.300657][ T5872] usb 7-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00
[  427.332496][ T5872] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  427.379261][ T5872] usb 7-1: config 0 descriptor??
[  427.971240][ T5872] kovaplus 0003:1E7D:2D50.0004: hidraw0: USB HID v0.00 Device [HID 1e7d:2d50] on usb-dummy_hcd.6-1/input0
[  428.840019][ T5872] kovaplus 0003:1E7D:2D50.0004: couldn't init struct kovaplus_device
[  428.888579][ T5872] kovaplus 0003:1E7D:2D50.0004: couldn't install mouse
[  428.934917][ T5872] kovaplus 0003:1E7D:2D50.0004: probe with driver kovaplus failed with error -71
[  429.065541][ T5872] usb 7-1: USB disconnect, device number 5
[  429.207518][ T8648] fido_id[8648]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.6/usb7/report_descriptor': No such file or directory
[  430.217889][ T8663] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  431.083144][ T5844] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  431.094784][ T5844] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  431.122747][ T5844] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  431.131717][ T5844] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  431.176536][ T5844] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  431.216471][ T8668] loop5: detected capacity change from 0 to 2048
[  431.224193][ T8668] EXT4-fs: Ignoring removed oldalloc option
[  431.310208][ T8668] [EXT4 FS bs=2048, gc=1, bpg=262144, ipg=32, mo=a802c028, mo2=0002]
[  431.381709][ T8674] loop6: detected capacity change from 0 to 512
[  431.406070][ T8668] System zones: 0-7
[  431.426871][ T8674] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  431.464613][ T8668] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  431.563114][ T8674] EXT4-fs warning (device loop6): ext4_expand_extra_isize_ea:2857: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  431.598406][ T8668] EXT4-fs error (device loop5): ext4_find_extent:939: inode #2: comm syz.5.735: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  431.692021][ T8674] EXT4-fs (loop6): 1 truncate cleaned up
[  431.750808][ T8668] EXT4-fs (loop5): Remounting filesystem read-only
[  431.786348][ T8674] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  432.057741][ T5832] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  432.336809][ T7297] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  433.644049][ T5849] Bluetooth: hci4: command tx timeout
[  435.673306][ T8704] loop1: detected capacity change from 0 to 128
[  435.679998][ T5849] Bluetooth: hci4: command tx timeout
[  437.584658][ T8704] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  437.751260][ T8704] ext4 filesystem being mounted at /136/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  437.761864][ T5849] Bluetooth: hci4: command tx timeout
[  437.863657][ T8704] EXT4-fs (loop1): re-mounted 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  438.006697][ T5828] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  438.302961][   T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  438.557132][ T8665] chnl_net:caif_netlink_parms(): no params data found
[  438.726793][   T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  439.053919][   T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  439.234551][ T8665] bridge0: port 1(bridge_slave_0) entered blocking state
[  439.243739][ T8665] bridge0: port 1(bridge_slave_0) entered disabled state
[  439.252765][ T8665] bridge_slave_0: entered allmulticast mode
[  439.261865][ T8665] bridge_slave_0: entered promiscuous mode
[  439.279743][ T8665] bridge0: port 2(bridge_slave_1) entered blocking state
[  439.294245][ T8665] bridge0: port 2(bridge_slave_1) entered disabled state
[  439.302085][ T8665] bridge_slave_1: entered allmulticast mode
[  439.313937][ T8665] bridge_slave_1: entered promiscuous mode
[  439.482066][   T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  439.597188][ T8665] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  439.683980][ T8747] netlink: 24 bytes leftover after parsing attributes in process `syz.7.761'.
[  439.846809][ T5849] Bluetooth: hci4: command tx timeout
[  440.432296][ T8665] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  440.647587][ T8665] team0: Port device team_slave_0 added
[  440.682701][ T8665] team0: Port device team_slave_1 added
[  440.768123][ T8753] loop7: detected capacity change from 0 to 16
[  440.856681][ T8753] erofs (device loop7): mounted with root inode @ nid 36.
[  440.885908][ T8665] batman_adv: batadv0: Adding interface: batadv_slave_0
[  440.915315][ T8665] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  440.987735][ T8665] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  441.044991][ T8665] batman_adv: batadv0: Adding interface: batadv_slave_1
[  441.067005][ T8665] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  441.122477][ T8665] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  441.352658][ T8665] hsr_slave_0: entered promiscuous mode
[  441.554423][ T8665] hsr_slave_1: entered promiscuous mode
[  441.595338][ T8665] debugfs: 'hsr0' already exists in 'hsr'
[  441.639742][ T8762] loop5: detected capacity change from 0 to 256
[  441.655786][ T8665] Cannot create hsr debugfs directory
[  444.692032][   T12] bridge_slave_1: left allmulticast mode
[  444.697752][   T12] bridge_slave_1: left promiscuous mode
[  444.721201][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  444.803042][   T12] bridge_slave_0: left allmulticast mode
[  444.808796][   T12] bridge_slave_0: left promiscuous mode
[  444.909076][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  445.079532][ T8771] loop5: detected capacity change from 0 to 512
[  445.215286][ T8771] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  445.340682][ T6037] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  445.696041][ T6037] usb 3-1: Using ep0 maxpacket: 16
[  445.765952][ T8771] ext4 filesystem being mounted at /135/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  445.973629][ T6037] usb 3-1: config 1 has an invalid interface number: 105 but max is 0
[  446.079597][ T6037] usb 3-1: config 1 has no interface number 0
[  446.090152][ T6037] usb 3-1: config 1 interface 105 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  446.110484][ T6037] usb 3-1: config 1 interface 105 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  446.120715][ T6037] usb 3-1: config 1 interface 105 has no altsetting 0
[  446.152575][ T6037] usb 3-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d
[  446.162039][ T6037] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  446.170130][ T6037] usb 3-1: Product: syz
[  446.174562][ T6037] usb 3-1: Manufacturer: syz
[  446.179176][ T6037] usb 3-1: SerialNumber: syz
[  446.189160][ T8769] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  446.196642][ T8769] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  446.263583][ T5832] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  446.560139][ T8785] loop5: detected capacity change from 0 to 512
[  446.568031][ T8785] EXT4-fs: Ignoring removed nobh option
[  446.574168][ T8785] EXT4-fs: Ignoring removed mblk_io_submit option
[  446.580796][ T8785] EXT4-fs: Ignoring removed i_version option
[  446.615455][ T8785] EXT4-fs (loop5): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  447.120243][ T8785] EXT4-fs error (device loop5): ext4_add_entry:2415: inode #2: comm syz.5.773: Directory hole found for htree leaf block 0
[  447.139226][ T8769] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  447.149704][ T8785] EXT4-fs (loop5): Remounting filesystem read-only
[  447.209754][ T8769] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  447.224356][ T5832] EXT4-fs (loop5): unmounting filesystem 00000005-0000-0000-0000-000000000000.
[  447.408200][ T8792] netlink: 24 bytes leftover after parsing attributes in process `syz.6.774'.
[  447.687076][ T6037] aqc111 3-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -32
[  448.142632][ T8796] loop5: detected capacity change from 0 to 512
[  448.157413][ T8794] loop2: detected capacity change from 0 to 1024
[  448.189566][ T8796] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  448.244061][ T8794] EXT4-fs: Ignoring removed nobh option
[  448.273752][ T8796] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  448.369884][ T8796] ext4 filesystem being mounted at /137/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  448.446095][ T8794] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  448.601235][ T8794] mmap: syz.2.768 (8794) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  448.690905][ T5832] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  448.715108][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  448.779292][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  448.822523][   T12] bond0 (unregistering): Released all slaves
[  448.899127][ T8769] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4214: comm syz.2.768: Allocating blocks 497-513 which overlap fs metadata
[  449.022102][   T12] tipc: Disabling bearer <udp:syz2>
[  449.047367][   T12] tipc: Left network mode
[  449.204995][ T8769] EXT4-fs (loop2): pa ffff888078670828: logic 256, phys. 385, len 8
[  449.213720][ T8769] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5465: group 0, free 0, pa_free 1
[  449.774085][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  449.830327][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  450.465876][ T6037] aqc111 3-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71
[  450.476367][ T6036] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  450.521856][ T5829] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  450.532801][ T6036] hid-generic 0000:0000:0000.0005: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  450.586672][ T8815] loop1: detected capacity change from 0 to 2048
[  450.688133][ T6037] aqc111 3-1:1.105 eth13: register 'aqc111' at usb-dummy_hcd.2-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter, 8a:32:a0:4e:0e:5e
[  450.762169][ T6037] usb 3-1: USB disconnect, device number 18
[  450.786330][ T6037] aqc111 3-1:1.105 eth13: unregister 'aqc111' usb-dummy_hcd.2-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter
[  450.868610][ T8818] fido_id[8818]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  451.170696][ T6037] aqc111 3-1:1.105 eth13 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[  451.205064][ T6037] aqc111 3-1:1.105 eth13 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[  451.250780][ T6037] aqc111 3-1:1.105 eth13 (unregistered): Failed to write(0x61) reg index 0x0000: -19
[  451.375205][   T12] hsr_slave_0: left promiscuous mode
[  451.405239][   T12] hsr_slave_1: left promiscuous mode
[  451.432940][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  451.454255][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  451.495548][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  451.524002][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  451.796676][ T8836] loop7: detected capacity change from 0 to 256
[  452.549842][ T8836] FAT-fs (loop7): Directory bread(block 64) failed
[  452.556628][ T8836] FAT-fs (loop7): Directory bread(block 65) failed
[  452.569610][ T8836] FAT-fs (loop7): Directory bread(block 66) failed
[  452.595687][ T8836] FAT-fs (loop7): Directory bread(block 67) failed
[  452.950030][ T8836] FAT-fs (loop7): Directory bread(block 68) failed
[  452.956803][ T8836] FAT-fs (loop7): Directory bread(block 69) failed
[  452.968355][ T8836] FAT-fs (loop7): Directory bread(block 70) failed
[  452.975129][ T8836] FAT-fs (loop7): Directory bread(block 71) failed
[  452.981903][ T8836] FAT-fs (loop7): Directory bread(block 72) failed
[  452.988462][ T8836] FAT-fs (loop7): Directory bread(block 73) failed
[  453.460454][ T8836] syz.7.784: attempt to access beyond end of device
[  453.460454][ T8836] loop7: rw=2049, sector=1224, nr_sectors = 16 limit=256
[  454.037132][   T12] veth1_macvtap: left promiscuous mode
[  454.063197][   T12] veth0_macvtap: left promiscuous mode
[  454.099619][   T12] veth1_vlan: left promiscuous mode
[  454.135661][   T12] veth0_vlan: left promiscuous mode
[  456.013171][ T3000] kworker/u8:11: attempt to access beyond end of device
[  456.013171][ T3000] loop7: rw=1, sector=1240, nr_sectors = 116 limit=256
[  456.125439][ T8857] netlink: 24 bytes leftover after parsing attributes in process `syz.5.789'.
[  456.767721][ T8863] loop7: detected capacity change from 0 to 128
[  456.823078][ T8863] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  456.919179][ T8860] loop1: detected capacity change from 0 to 4096
[  456.940050][ T8863] ext4 filesystem being mounted at /21/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  457.006377][ T8869] netlink: 104 bytes leftover after parsing attributes in process `syz.2.794'.
[  457.022604][ T8860] EXT4-fs: Ignoring removed mblk_io_submit option
[  457.041212][ T8860] EXT4-fs (loop1): Test dummy encryption mode enabled
[  457.095468][ T8860] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  457.303048][ T8103] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  458.030733][ T5828] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  461.257410][   T12] team0 (unregistering): Port device team_slave_1 removed
[  461.486316][   T12] team0 (unregistering): Port device team_slave_0 removed
[  462.694746][ T6088] infiniband syz1: ib_query_port failed (-19)
[  463.217110][ T8913] loop5: detected capacity change from 0 to 256
[  463.251613][ T8913] exfat: Deprecated parameter 'utf8'
[  463.317211][ T8913] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xbe649ead, utbl_chksum : 0xe619d30d)
[  463.468750][ T8665] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  463.504263][ T8906] loop2: detected capacity change from 0 to 40427
[  463.532515][ T8665] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  464.225133][ T8906] F2FS-fs (loop2): invalid crc value
[  464.312172][ T8665] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  464.425693][ T8665] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  464.449918][ T6093] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  464.671580][ T6093] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  464.755185][ T8906] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  464.769823][ T6093] usb 7-1: New USB device found, idVendor=0c12, idProduct=0005, bcdDevice= 0.00
[  464.817404][ T6093] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  464.880371][ T8906] F2FS-fs (loop2): Start checkpoint disabled!
[  464.891792][ T6093] usb 7-1: config 0 descriptor??
[  464.976238][ T8906] F2FS-fs (loop2): f2fs_disable_checkpoint() finish, err:0
[  465.147559][ T8665] 8021q: adding VLAN 0 to HW filter on device bond0
[  465.256324][ T8665] 8021q: adding VLAN 0 to HW filter on device team0
[  465.322825][ T6054] bridge0: port 1(bridge_slave_0) entered blocking state
[  465.330083][ T6054] bridge0: port 1(bridge_slave_0) entered forwarding state
[  465.345079][ T6093] zeroplus 0003:0C12:0005.0006: item fetching failed at offset 0/3
[  465.411227][ T6093] zeroplus 0003:0C12:0005.0006: parse failed
[  465.438759][   T60] bridge0: port 2(bridge_slave_1) entered blocking state
[  465.446024][   T60] bridge0: port 2(bridge_slave_1) entered forwarding state
[  465.465128][ T6093] zeroplus 0003:0C12:0005.0006: probe with driver zeroplus failed with error -22
[  465.951479][ T8948] loop7: detected capacity change from 0 to 256
[  465.974651][ T8948] exfat: Deprecated parameter 'utf8'
[  466.036211][ T8948] exfat: Deprecated parameter 'utf8'
[  466.086880][ T8948] exfat: Deprecated parameter 'utf8'
[  466.274294][ T8948] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d)
[  467.253248][   T30] usb 7-1: USB disconnect, device number 6
[  467.520230][ T8665] 8021q: adding VLAN 0 to HW filter on device batadv0
[  467.799483][ T8972] netlink: 'syz.2.811': attribute type 4 has an invalid length.
[  469.203215][ T8983] loop6: detected capacity change from 0 to 128
[  469.311490][ T8983] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  469.430097][ T8983] ext4 filesystem being mounted at /53/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  469.647507][ T7297] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  470.782035][ T9008] netlink: 20 bytes leftover after parsing attributes in process `syz.2.823'.
[  471.286156][ T9008] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  471.294230][ T9008] IPv6: NLM_F_CREATE should be set when creating new route
[  471.301669][ T9008] IPv6: NLM_F_CREATE should be set when creating new route
[  471.493937][ T8665] veth0_vlan: entered promiscuous mode
[  471.576394][ T8665] veth1_vlan: entered promiscuous mode
[  471.777504][ T8665] veth0_macvtap: entered promiscuous mode
[  471.832547][ T9019] loop2: detected capacity change from 0 to 256
[  471.851418][ T8665] veth1_macvtap: entered promiscuous mode
[  471.874098][ T9019] vfat: Bad value for 'dmask'
[  472.018996][ T8665] batman_adv: batadv0: Interface activated: batadv_slave_0
[  472.125391][ T8665] batman_adv: batadv0: Interface activated: batadv_slave_1
[  472.422559][ T6390] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  473.107072][ T3000] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  473.222260][ T3000] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  473.351999][ T3000] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  473.526210][ T9031] loop6: detected capacity change from 0 to 1024
[  473.551826][ T9031] EXT4-fs: Ignoring removed nomblk_io_submit option
[  473.677204][ T9031] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[  473.770229][ T9031] System zones: 0-1, 3-36
[  473.834639][ T9031] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  474.141782][ T3468] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  474.256054][ T9039] netlink: 'syz.2.829': attribute type 4 has an invalid length.
[  474.879755][ T3468] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  476.234311][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  476.271738][ T7297] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  476.598188][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  477.520710][ T5844] Bluetooth: hci3: command 0x0406 tx timeout
[  478.258289][ T9073] netlink: 'syz.8.742': attribute type 10 has an invalid length.
[  478.272057][ T9073] bridge0: port 2(bridge_slave_1) entered disabled state
[  478.280609][ T9073] bridge0: port 1(bridge_slave_0) entered disabled state
[  479.782542][    C0] IPv4: Oversized IP packet from 172.20.20.24
[  479.881744][ T9073] bridge0: port 2(bridge_slave_1) entered blocking state
[  479.889042][ T9073] bridge0: port 2(bridge_slave_1) entered forwarding state
[  479.896777][ T9073] bridge0: port 1(bridge_slave_0) entered blocking state
[  479.904068][ T9073] bridge0: port 1(bridge_slave_0) entered forwarding state
[  480.674315][ T9073] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  486.310059][  T791] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  486.717598][  T791] usb 8-1: Using ep0 maxpacket: 32
[  486.732761][  T791] usb 8-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  486.756641][  T791] usb 8-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  486.893226][  T791] usb 8-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  486.904674][  T791] usb 8-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  486.913455][  T791] usb 8-1: Product: syz
[  486.918034][  T791] usb 8-1: Manufacturer: syz
[  486.946058][  T791] hub 8-1:4.0: USB hub found
[  487.330438][  T791] hub 8-1:4.0: 2 ports detected
[  487.806261][ T9145] loop1: detected capacity change from 0 to 256
[  488.841321][ T9145] FAT-fs (loop1): Directory bread(block 64) failed
[  488.849245][ T9145] FAT-fs (loop1): Directory bread(block 65) failed
[  488.857472][ T9145] FAT-fs (loop1): Directory bread(block 66) failed
[  488.864437][ T9145] FAT-fs (loop1): Directory bread(block 67) failed
[  488.871686][ T9145] FAT-fs (loop1): Directory bread(block 68) failed
[  488.878273][ T9145] FAT-fs (loop1): Directory bread(block 69) failed
[  488.885544][ T9145] FAT-fs (loop1): Directory bread(block 70) failed
[  488.892264][ T9145] FAT-fs (loop1): Directory bread(block 71) failed
[  488.899616][ T9145] FAT-fs (loop1): Directory bread(block 72) failed
[  488.906344][ T9145] FAT-fs (loop1): Directory bread(block 73) failed
[  489.609539][ T6655] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  490.589785][  T791] hub 8-1:4.0: hub_hub_status failed (err = -71)
[  490.619876][  T791] hub 8-1:4.0: config failed, can't get hub status (err -71)
[  491.539597][ T6655] usb 7-1: Using ep0 maxpacket: 16
[  491.570648][  T791] usb 8-1: USB disconnect, device number 2
[  491.715202][ T6655] usb 7-1: device descriptor read/all, error -71
[  496.453390][ T9185] netlink: 92 bytes leftover after parsing attributes in process `syz.8.864'.
[  498.777382][   T30] IPVS: starting estimator thread 0...
[  499.207303][ T9215] IPVS: using max 22 ests per chain, 52800 per kthread
[  502.812989][ T9253] loop5: detected capacity change from 0 to 512
[  502.861035][ T9253] EXT4-fs: Ignoring removed nobh option
[  503.381566][ T9253] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -2
[  503.456738][ T9253] EXT4-fs error (device loop5): ext4_free_branches:1020: inode #13: comm syz.5.883: invalid indirect mapped block 256 (level 1)
[  503.520215][ T9253] EXT4-fs error (device loop5): ext4_free_branches:1020: inode #13: comm syz.5.883: invalid indirect mapped block 2683928664 (level 1)
[  503.586015][ T9253] EXT4-fs (loop5): 1 truncate cleaned up
[  503.642049][ T9253] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  504.012298][ T9253] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:482: comm syz.5.883: Invalid block bitmap block 3 in block_group 0
[  504.116210][ T9253] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6689: Corrupt filesystem
[  504.148304][ T9253] EXT4-fs error (device loop5): ext4_free_branches:1020: inode #13: comm syz.5.883: invalid indirect mapped block 2683928664 (level 1)
[  504.420527][ T5937] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  505.507333][ T5832] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  505.539454][ T5937] usb 2-1: Using ep0 maxpacket: 16
[  505.581539][ T5937] usb 2-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  505.613797][ T5937] usb 2-1: config 0 interface 0 has no altsetting 0
[  505.668611][ T5937] usb 2-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  506.478894][ T5937] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  506.572989][ T5937] usb 2-1: config 0 descriptor??
[  507.825280][ T5937] nzxt-smart2 0003:1E71:2009.0007: hidraw0: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.1-1/input0
[  507.888872][ T9293] xt_CT: You must specify a L4 protocol and not use inversions on it
[  509.337079][ T6655] usb 2-1: USB disconnect, device number 15
[  511.217521][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  511.229116][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  511.384500][ T9330] loop1: detected capacity change from 0 to 512
[  511.436829][ T9330] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  511.498327][ T9330] EXT4-fs (loop1): invalid journal inode
[  511.529628][ T9330] EXT4-fs (loop1): can't get journal size
[  511.627171][ T9323] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  511.656752][ T9330] EXT4-fs (loop1): 1 truncate cleaned up
[  511.692175][ T9323] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  511.722071][ T9330] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  511.830524][ T9323] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  511.836642][ T9323] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  512.006220][ T9323] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  512.048201][ T5828] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  512.058686][ T9323] Bluetooth: hci6: Opcode 0x0406 failed: -4
[  512.242665][ T9323] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  512.248763][ T9323] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  512.277593][ T9340] netlink: 40 bytes leftover after parsing attributes in process `syz.7.907'.
[  512.324471][ T9323] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  512.361773][ T9323] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  512.432176][ T9323] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  513.486142][ T5849] Bluetooth: hci2: command 0x0406 tx timeout
[  513.497435][ T9348] batadv_slave_1: entered promiscuous mode
[  513.507932][ T9345] batadv_slave_1: left promiscuous mode
[  513.788854][ T9356] loop5: detected capacity change from 0 to 128
[  513.821711][ T9360] netlink: 'syz.7.913': attribute type 29 has an invalid length.
[  513.839571][ T5849] Bluetooth: hci5: command 0x0406 tx timeout
[  513.948432][ T9360] netlink: 'syz.7.913': attribute type 29 has an invalid length.
[  513.994860][ T9361] loop1: detected capacity change from 0 to 2048
[  514.010656][ T6007] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  514.011491][ T9363] netlink: 500 bytes leftover after parsing attributes in process `syz.7.913'.
[  514.079467][ T5849] Bluetooth: hci6: command 0x0406 tx timeout
[  514.146384][ T9361] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  514.179622][ T6007] usb 9-1: Using ep0 maxpacket: 16
[  514.200979][ T9361] ext4 filesystem being mounted at /163/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  514.222707][ T6007] usb 9-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  514.296262][ T6007] usb 9-1: config 0 interface 0 has no altsetting 0
[  514.333478][ T5849] Bluetooth: hci3: command 0x0406 tx timeout
[  514.340795][ T6007] usb 9-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  514.382839][ T6007] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  514.402426][ T5849] Bluetooth: hci4: command 0x0c1a tx timeout
[  514.413301][ T6007] usb 9-1: config 0 descriptor??
[  514.708679][ T5828] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  514.890818][ T6007] nzxt-smart2 0003:1E71:2009.0008: hidraw0: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.8-1/input0
[  515.523999][ T5849] Bluetooth: hci2: command 0x0406 tx timeout
[  515.891359][ T5909] usb 9-1: USB disconnect, device number 2
[  515.920338][ T5849] Bluetooth: hci5: command 0x0406 tx timeout
[  515.926420][   T31] kauditd_printk_skb: 1 callbacks suppressed
[  515.926446][   T31] audit: type=1326 audit(1769121929.763:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9379 comm="syz.6.918" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fdc39acb9 code=0x7ffc0000
[  515.955235][   T31] audit: type=1326 audit(1769121929.763:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9379 comm="syz.6.918" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f2fdc39acb9 code=0x7ffc0000
[  515.978139][   T31] audit: type=1326 audit(1769121929.763:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9379 comm="syz.6.918" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fdc39acb9 code=0x7ffc0000
[  516.163841][ T5849] Bluetooth: hci6: command 0x0406 tx timeout
[  516.173997][   T31] audit: type=1326 audit(1769121929.763:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9379 comm="syz.6.918" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f2fdc39acb9 code=0x7ffc0000
[  516.217670][ T9382] fido_id[9382]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.8/usb9/report_descriptor': No such file or directory
[  516.311748][   T31] audit: type=1326 audit(1769121929.763:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9379 comm="syz.6.918" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fdc39acb9 code=0x7ffc0000
[  516.419571][ T5849] Bluetooth: hci3: command 0x0406 tx timeout
[  516.459574][   T31] audit: type=1326 audit(1769121929.773:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9379 comm="syz.6.918" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2fdc35b58e code=0x7ffc0000
[  516.482004][ T5849] Bluetooth: hci4: command 0x0c1a tx timeout
[  516.489680][   T31] audit: type=1326 audit(1769121929.773:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9379 comm="syz.6.918" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f2fdc39bfd7 code=0x7ffc0000
[  516.516390][   T31] audit: type=1326 audit(1769121929.773:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9379 comm="syz.6.918" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2fdc39acb9 code=0x7ffc0000
[  516.569145][   T31] audit: type=1326 audit(1769121929.773:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9379 comm="syz.6.918" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f2fdc39bfd7 code=0x7ffc0000
[  516.749556][   T31] audit: type=1326 audit(1769121929.773:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9379 comm="syz.6.918" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f2fdc35b58e code=0x7ffc0000
[  518.425561][ T9408] pim6reg: entered allmulticast mode
[  518.482218][ T9409] pim6reg: left allmulticast mode
[  518.559739][ T5849] Bluetooth: hci4: command 0x0c1a tx timeout
[  519.052679][ T5844] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  519.102754][ T5844] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  519.111875][ T5844] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  519.124543][ T5844] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  519.133826][ T5844] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  519.197595][ T9423] netlink: 92 bytes leftover after parsing attributes in process `syz.1.931'.
[  520.039615][ T9428] loop7: detected capacity change from 0 to 512
[  520.104706][ T9428] EXT4-fs: Ignoring removed nobh option
[  520.288008][ T9435] loop8: detected capacity change from 0 to 128
[  520.288693][ T9428] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  520.409096][ T9428] ext4 filesystem being mounted at /45/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  521.213576][ T5849] Bluetooth: hci1: command tx timeout
[  521.592836][ T9446] netlink: 12 bytes leftover after parsing attributes in process `syz.6.937'.
[  521.695838][ T8103] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  521.776180][ T9449] loop5: detected capacity change from 0 to 512
[  521.829512][ T6037] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  521.863273][ T9449] EXT4-fs: Ignoring removed nomblk_io_submit option
[  521.921185][ T9449] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  521.959825][ T9449] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  522.030423][ T6037] usb 2-1: Using ep0 maxpacket: 16
[  522.033670][ T9449] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4214: comm syz.5.938: Allocating blocks 41-42 which overlap fs metadata
[  522.094541][ T9417] chnl_net:caif_netlink_parms(): no params data found
[  522.117382][ T6037] usb 2-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  522.145819][ T9449] EXT4-fs (loop5): Remounting filesystem read-only
[  522.174417][ T9449] __quota_error: 25 callbacks suppressed
[  522.174444][ T9449] Quota error (device loop5): write_blk: dquota write failed
[  522.210073][ T6037] usb 2-1: config 0 interface 0 has no altsetting 0
[  522.216924][ T6037] usb 2-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  522.244684][ T9449] Quota error (device loop5): find_free_dqentry: Can't write quota data block 5
[  522.289636][ T6037] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  522.290056][ T9449] Quota error (device loop5): write_blk: dquota write failed
[  522.358356][ T6037] usb 2-1: config 0 descriptor??
[  522.359102][ T9449] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[  522.456664][ T9449] EXT4-fs (loop5): 1 truncate cleaned up
[  522.488391][ T9462] loop6: detected capacity change from 0 to 512
[  522.514871][ T9449] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  522.534095][ T9462] EXT4-fs: Ignoring removed bh option
[  522.603240][ T9462] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem
[  522.736602][ T9462] EXT4-fs (loop6): 1 truncate cleaned up
[  522.779012][ T9462] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  522.856927][ T6037] nzxt-smart2 0003:1E71:2009.0009: hidraw0: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.1-1/input0
[  522.914507][ T5832] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  523.044133][ T9417] bridge0: port 1(bridge_slave_0) entered blocking state
[  523.087722][ T9417] bridge0: port 1(bridge_slave_0) entered disabled state
[  523.117076][ T9417] bridge_slave_0: entered allmulticast mode
[  523.170481][ T9417] bridge_slave_0: entered promiscuous mode
[  523.211096][ T9417] bridge0: port 2(bridge_slave_1) entered blocking state
[  523.246173][ T5937] usb 2-1: USB disconnect, device number 16
[  523.279721][ T5849] Bluetooth: hci1: command tx timeout
[  523.417881][ T9417] bridge0: port 2(bridge_slave_1) entered disabled state
[  523.477685][ T9417] bridge_slave_1: entered allmulticast mode
[  523.531358][ T9417] bridge_slave_1: entered promiscuous mode
[  523.703413][ T9417] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  523.738504][ T9417] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  523.955802][ T7297] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  524.077354][ T9417] team0: Port device team_slave_0 added
[  524.097143][ T9482] loop1: detected capacity change from 0 to 512
[  524.117457][ T9417] team0: Port device team_slave_1 added
[  524.242945][ T9482] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  524.311575][ T9482] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  524.353403][ T9417] batman_adv: batadv0: Adding interface: batadv_slave_0
[  524.405118][ T9417] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  524.622046][ T9417] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  524.635840][ T9417] batman_adv: batadv0: Adding interface: batadv_slave_1
[  524.645134][ T9417] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  524.796797][ T9417] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  524.877734][ T9482] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4214: comm syz.1.948: Allocating blocks 41-42 which overlap fs metadata
[  525.220580][ T9482] Quota error (device loop1): write_blk: dquota write failed
[  525.270398][ T9482] Quota error (device loop1): find_free_dqentry: Can't write quota data block 5
[  525.323020][ T9482] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  525.362636][ T5849] Bluetooth: hci1: command tx timeout
[  525.389010][ T9482] EXT4-fs error (device loop1): ext4_acquire_dquot:6984: comm syz.1.948: Failed to acquire dquot type 1
[  525.417587][ T9482] EXT4-fs error (device loop1): mb_free_blocks:2034: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[  525.446531][ T9482] EXT4-fs error (device loop1): ext4_do_update_inode:5617: inode #12: comm syz.1.948: corrupted inode contents
[  525.459483][ T9482] EXT4-fs error (device loop1): ext4_dirty_inode:6502: inode #12: comm syz.1.948: mark_inode_dirty error
[  525.510687][ T9482] EXT4-fs error (device loop1): ext4_do_update_inode:5617: inode #12: comm syz.1.948: corrupted inode contents
[  525.523279][ T9417] hsr_slave_0: entered promiscuous mode
[  525.570716][ T9417] hsr_slave_1: entered promiscuous mode
[  525.603766][ T9417] debugfs: 'hsr0' already exists in 'hsr'
[  525.633533][ T9482] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #12: comm syz.1.948: mark_inode_dirty error
[  525.653968][ T9417] Cannot create hsr debugfs directory
[  525.855166][ T9482] EXT4-fs error (device loop1): ext4_do_update_inode:5617: inode #12: comm syz.1.948: corrupted inode contents
[  526.035650][ T9482] EXT4-fs error (device loop1) in ext4_orphan_del:303: Corrupt filesystem
[  526.128129][ T9504] Bluetooth: MGMT ver 1.23
[  526.531727][ T7232] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  526.813317][ T9482] EXT4-fs error (device loop1): ext4_do_update_inode:5617: inode #12: comm syz.1.948: corrupted inode contents
[  527.049601][ T7232] usb 6-1: device descriptor read/64, error -71
[  527.062833][ T9482] EXT4-fs error (device loop1): ext4_truncate:4635: inode #12: comm syz.1.948: mark_inode_dirty error
[  527.227816][ T9482] EXT4-fs error (device loop1) in ext4_process_orphan:345: Corrupt filesystem
[  527.295923][ T9482] EXT4-fs (loop1): 1 truncate cleaned up
[  527.345554][ T9482] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  527.361045][ T7232] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  527.439615][ T5849] Bluetooth: hci1: command tx timeout
[  527.539529][ T7232] usb 6-1: device descriptor read/64, error -71
[  527.614242][ T5828] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  527.650298][ T7232] usb usb6-port1: attempt power cycle
[  528.030027][ T7232] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  528.090776][ T7232] usb 6-1: device descriptor read/8, error -71
[  529.256307][ T9417] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  529.396522][ T9417] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  529.501598][ T9519] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  529.705977][ T9417] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  529.778682][ T9417] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  531.303844][ T9417] 8021q: adding VLAN 0 to HW filter on device bond0
[  531.457205][ T9417] 8021q: adding VLAN 0 to HW filter on device team0
[  531.583296][ T1151] bridge0: port 1(bridge_slave_0) entered blocking state
[  531.590556][ T1151] bridge0: port 1(bridge_slave_0) entered forwarding state
[  531.705428][ T9397] bridge0: port 2(bridge_slave_1) entered blocking state
[  531.712699][ T9397] bridge0: port 2(bridge_slave_1) entered forwarding state
[  531.733479][ T9551] loop5: detected capacity change from 0 to 512
[  531.845841][ T9551] EXT4-fs error (device loop5): ext4_iget_extra_inode:5072: inode #15: comm syz.5.957: corrupted in-inode xattr: e_value size too large
[  531.931269][ T9551] EXT4-fs error (device loop5): ext4_orphan_get:1394: comm syz.5.957: couldn't read orphan inode 15 (err -117)
[  531.974397][ T9551] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  532.033559][ T9551] netlink: 4 bytes leftover after parsing attributes in process `syz.5.957'.
[  532.429616][ T7232] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  532.619570][ T7232] usb 2-1: Using ep0 maxpacket: 16
[  532.654681][ T7232] usb 2-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  532.734932][ T5832] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  532.744428][ T7232] usb 2-1: config 0 interface 0 has no altsetting 0
[  532.744491][ T7232] usb 2-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  532.744531][ T7232] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  532.771883][ T7232] usb 2-1: config 0 descriptor??
[  533.330027][ T7232] nzxt-smart2 0003:1E71:2009.000A: hidraw0: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.1-1/input0
[  533.330722][ T9571] loop5: detected capacity change from 0 to 512
[  533.588781][ T9571] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  533.707129][ T6007] usb 2-1: USB disconnect, device number 17
[  533.756079][ T9571] ext4 filesystem being mounted at /170/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  533.789777][   T31] audit: type=1326 audit(1769121947.623:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9563 comm="syz.6.962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fdc39acb9 code=0x7fc00000
[  533.947444][ T9576] fido_id[9576]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory
[  534.148538][ T9417] 8021q: adding VLAN 0 to HW filter on device batadv0
[  534.673260][ T5832] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  534.732253][ T9592] binder: 9590:9592 ioctl c0306201 0 returned -14
[  535.200336][ T9602] netem: change failed
[  537.413729][ T9417] veth0_vlan: entered promiscuous mode
[  537.514516][ T9417] veth1_vlan: entered promiscuous mode
[  537.754778][ T9632] netlink: 20 bytes leftover after parsing attributes in process `syz.5.977'.
[  540.310495][   T30] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  540.515690][   T30] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  541.232570][   T30] usb 2-1: string descriptor 0 read error: -71
[  541.238967][   T30] usb 2-1: New USB device found, idVendor=0403, idProduct=6010, bcdDevice= 1.41
[  541.370240][   T30] usb 2-1: New USB device strings: Mfr=0, Product=246, SerialNumber=2
[  541.447668][   T30] usb 2-1: config 0 descriptor??
[  541.509513][   T30] usb 2-1: can't set config #0, error -71
[  541.517208][   T30] usb 2-1: USB disconnect, device number 18
[  541.584351][ T9417] veth0_macvtap: entered promiscuous mode
[  541.961057][ T9654] loop6: detected capacity change from 0 to 1024
[  541.989874][ T9656] Illegal XDP return value 780488984 on prog  (id 54) dev N/A, expect packet loss!
[  542.213226][ T9654] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  542.356397][   T12] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  542.406520][ T5844] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  542.417320][ T5844] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  542.426631][ T5844] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  542.437649][ T5844] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  542.446552][ T5844] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  542.884044][ T9417] veth1_macvtap: entered promiscuous mode
[  544.565888][ T5844] Bluetooth: hci2: command tx timeout
[  544.602535][ T9673] netlink: 'syz.5.986': attribute type 10 has an invalid length.
[  545.179479][   T31] audit: type=1800 audit(1769121959.003:120): pid=9654 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.983" name="file1" dev="loop6" ino=15 res=0 errno=0
[  545.572980][   T12] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  546.403792][ T7297] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  546.496224][ T9417] batman_adv: batadv0: Interface activated: batadv_slave_0
[  546.639900][ T5844] Bluetooth: hci2: command tx timeout
[  546.673518][ T9684] netlink: 'syz.1.989': attribute type 1 has an invalid length.
[  547.111322][   T12] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  547.357278][ T9696] loop6: detected capacity change from 0 to 1024
[  547.371330][ T9688] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address
[  547.403095][ T9696] EXT4-fs: Ignoring removed mblk_io_submit option
[  547.422769][ T9696] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  547.455474][ T9696] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  547.476047][ T9688] bond1: (slave vxcan3): Error -95 calling set_mac_address
[  547.571689][ T9696] EXT4-fs error (device loop6): ext4_ext_check_inode:523: inode #11: comm syz.6.991: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  547.669962][ T9696] EXT4-fs error (device loop6): ext4_orphan_get:1394: comm syz.6.991: couldn't read orphan inode 11 (err -117)
[  547.772608][ T9696] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  547.846951][ T9689] bond1: (slave gretap1): making interface the new active one
[  547.901535][ T9689] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  547.912978][ T9696] EXT4-fs error (device loop6): ext4_read_block_bitmap_nowait:482: comm syz.6.991: Invalid block bitmap block 0 in block_group 0
[  547.988936][ T9696] Quota error (device loop6): write_blk: dquota write failed
[  548.008367][ T9690] macvlan2: entered promiscuous mode
[  548.030607][ T9696] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota
[  548.046030][ T9690] macvlan2: entered allmulticast mode
[  548.056565][ T9696] EXT4-fs error (device loop6): ext4_acquire_dquot:6984: comm syz.6.991: Failed to acquire dquot type 0
[  548.071356][ T9690] bond1: entered promiscuous mode
[  548.077459][ T9690] gretap1: entered promiscuous mode
[  548.084815][ T9690] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  548.119137][ T9690] bond1: (slave macvlan2): the slave hw address is in use by the bond; giving it the hw address of gretap1
[  548.153161][ T9690] bond1: left promiscuous mode
[  548.157995][ T9690] gretap1: left promiscuous mode
[  548.173107][ T1306] EXT4-fs error (device loop6): __ext4_get_inode_loc:4829: comm kworker/u8:10: Invalid inode table block 8589934593 in block_group 0
[  548.218612][ T7297] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  548.253394][ T9692] batadv_slave_1: entered promiscuous mode
[  548.294378][ T9417] batman_adv: batadv0: Interface activated: batadv_slave_1
[  548.337205][ T9692] batadv_slave_1: left promiscuous mode
[  548.509147][ T9710] loop6: detected capacity change from 0 to 4096
[  548.598387][   T12] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  548.615501][ T9710] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  548.719874][ T5844] Bluetooth: hci2: command tx timeout
[  549.020824][ T9717] xt_CT: You must specify a L4 protocol and not use inversions on it
[  549.426444][ T6090] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  550.682217][ T7297] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  550.718915][ T6090] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  550.808121][ T5844] Bluetooth: hci2: command tx timeout
[  551.679721][ T6090] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  552.052235][ T9736] loop1: detected capacity change from 0 to 1024
[  552.120973][ T9736] EXT4-fs: Ignoring removed bh option
[  552.168505][ T9738] loop6: detected capacity change from 0 to 512
[  552.242767][ T9736] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  552.420667][ T9736] EXT4-fs error (device loop1): ext4_read_inline_dir:1485: inode #12: block 7: comm syz.1.1002: path /189/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0
[  552.522177][ T9736] EXT4-fs (loop1): Remounting filesystem read-only
[  552.559832][ T9738] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem
[  552.633130][ T6090] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  552.669865][ T9738] EXT4-fs (loop6): 1 truncate cleaned up
[  552.742727][ T9738] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  552.824172][ T5828] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  552.852235][   T31] audit: type=1800 audit(1769121966.693:121): pid=9738 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.998" name="bus" dev="loop6" ino=18 res=0 errno=0
[  553.439759][ T9757] loop1: detected capacity change from 0 to 256
[  553.504401][ T7297] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  554.973457][   T12] bridge_slave_0: left allmulticast mode
[  555.286851][   T12] bridge_slave_0: left promiscuous mode
[  555.378461][ T9757] FAT-fs (loop1): Directory bread(block 64) failed
[  555.385435][ T9757] FAT-fs (loop1): Directory bread(block 65) failed
[  555.392708][ T9757] FAT-fs (loop1): Directory bread(block 66) failed
[  555.399460][ T9757] FAT-fs (loop1): Directory bread(block 67) failed
[  555.407662][ T9757] FAT-fs (loop1): Directory bread(block 68) failed
[  555.415413][ T9757] FAT-fs (loop1): Directory bread(block 69) failed
[  555.423328][ T9757] FAT-fs (loop1): Directory bread(block 70) failed
[  555.430270][ T9757] FAT-fs (loop1): Directory bread(block 71) failed
[  555.437559][ T9757] FAT-fs (loop1): Directory bread(block 72) failed
[  555.444442][ T9757] FAT-fs (loop1): Directory bread(block 73) failed
[  555.761236][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  556.315421][ T9765] usb usb1: usbfs: process 9765 (syz.6.1007) did not claim interface 0 before use
[  560.041230][   T12] bond0 (unregistering): (slave bridge0): Releasing backup interface
[  560.291546][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  560.394344][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  560.440853][   T12] bond0 (unregistering): Released all slaves
[  560.521002][ T9761] batadv_slave_1: entered promiscuous mode
[  560.575890][ T9788] syzkaller1: entered promiscuous mode
[  560.583080][ T9788] syzkaller1: entered allmulticast mode
[  560.593843][ T9763] batadv_slave_1: left promiscuous mode
[  560.825914][ T3449] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  560.875413][ T3449] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  561.003742][ T9805] loop8: detected capacity change from 0 to 512
[  561.095920][ T9805] EXT4-fs: Ignoring removed nobh option
[  561.155853][ T9805] EXT4-fs (loop8): Cannot turn on journaled quota: type 0: error -2
[  561.239869][ T9661] chnl_net:caif_netlink_parms(): no params data found
[  561.240857][ T9805] EXT4-fs error (device loop8): ext4_free_branches:1020: inode #13: comm syz.8.1018: invalid indirect mapped block 256 (level 1)
[  561.332838][ T9805] EXT4-fs error (device loop8): ext4_free_branches:1020: inode #13: comm syz.8.1018: invalid indirect mapped block 2683928664 (level 1)
[  561.446804][ T9805] EXT4-fs (loop8): 1 truncate cleaned up
[  561.474467][ T9805] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  561.581310][ T9805] EXT4-fs error (device loop8): ext4_read_block_bitmap_nowait:482: comm syz.8.1018: Invalid block bitmap block 3 in block_group 0
[  561.630442][ T9805] EXT4-fs error (device loop8) in ext4_mb_clear_bb:6689: Corrupt filesystem
[  561.672850][ T9805] EXT4-fs error (device loop8): ext4_free_branches:1020: inode #13: comm syz.8.1018: invalid indirect mapped block 2683928664 (level 1)
[  561.712981][ T9813] netlink: 228 bytes leftover after parsing attributes in process `syz.1.1020'.
[  561.754939][ T9814] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1021'.
[  562.035048][ T8665] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  562.089612][   T12] hsr_slave_0: left promiscuous mode
[  562.215135][   T12] hsr_slave_1: left promiscuous mode
[  562.242525][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  562.273506][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  562.322266][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  562.349546][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  562.496071][   T12] veth1_macvtap: left promiscuous mode
[  562.518453][   T12] veth0_macvtap: left promiscuous mode
[  562.535357][   T12] veth1_vlan: left promiscuous mode
[  562.552290][   T12] veth0_vlan: left promiscuous mode
[  565.097577][   T12] team0 (unregistering): Port device team_slave_1 removed
[  565.177149][   T12] team0 (unregistering): Port device team_slave_0 removed
[  565.821222][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  565.829266][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  566.021137][ T9846] batadv_slave_1: entered promiscuous mode
[  566.078062][ T9847] batadv_slave_1: left promiscuous mode
[  566.106730][ T9853] loop5: detected capacity change from 0 to 1024
[  566.115274][ T9661] bridge0: port 1(bridge_slave_0) entered blocking state
[  566.132853][ T9661] bridge0: port 1(bridge_slave_0) entered disabled state
[  566.145603][ T9661] bridge_slave_0: entered allmulticast mode
[  566.156778][ T9661] bridge_slave_0: entered promiscuous mode
[  566.173678][ T9661] bridge0: port 2(bridge_slave_1) entered blocking state
[  566.184835][ T9853] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  566.198219][ T9661] bridge0: port 2(bridge_slave_1) entered disabled state
[  566.222261][ T9661] bridge_slave_1: entered allmulticast mode
[  566.243636][ T9661] bridge_slave_1: entered promiscuous mode
[  566.306108][ T9661] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  566.395061][ T9661] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  566.432778][ T9853] EXT4-fs error (device loop5): ext4_xattr_inode_iget:441: inode #11: comm syz.5.1030: missing EA_INODE flag
[  566.603445][ T9853] EXT4-fs error (device loop5): ext4_xattr_inode_iget:444: comm syz.5.1030: error while reading EA inode 11 err=-117
[  566.658940][ T9661] team0: Port device team_slave_0 added
[  566.705928][ T9661] team0: Port device team_slave_1 added
[  566.747851][ T9853] EXT4-fs error (device loop5): ext4_xattr_inode_iget:441: inode #11: comm syz.5.1030: missing EA_INODE flag
[  566.770463][ T9864] loop1: detected capacity change from 0 to 512
[  566.799341][ T9864] EXT4-fs: Ignoring removed nobh option
[  566.840107][ T9853] EXT4-fs error (device loop5): ext4_xattr_inode_iget:444: comm syz.5.1030: error while reading EA inode 11 err=-117
[  566.878755][ T9661] batman_adv: batadv0: Adding interface: batadv_slave_0
[  566.910680][ T9661] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  566.918609][ T9864] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2
[  566.937654][ T9661] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  566.962243][   T12] IPVS: stop unused estimator thread 0...
[  567.004579][ T9864] EXT4-fs error (device loop1): ext4_free_branches:1020: inode #13: comm syz.1.1032: invalid indirect mapped block 256 (level 1)
[  567.087417][ T9864] EXT4-fs error (device loop1): ext4_free_branches:1020: inode #13: comm syz.1.1032: invalid indirect mapped block 2683928664 (level 1)
[  567.154916][ T5832] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  567.176548][ T9661] batman_adv: batadv0: Adding interface: batadv_slave_1
[  567.202337][ T9864] EXT4-fs (loop1): 1 truncate cleaned up
[  567.211991][ T9661] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  567.242298][ T9864] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  567.422432][ T9661] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  567.456567][ T9864] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:482: comm syz.1.1032: Invalid block bitmap block 3 in block_group 0
[  567.609559][ T9864] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6689: Corrupt filesystem
[  567.640983][ T9864] EXT4-fs error (device loop1): ext4_free_branches:1020: inode #13: comm syz.1.1032: invalid indirect mapped block 2683928664 (level 1)
[  567.762842][ T9856] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:482: comm ext4lazyinit: Invalid block bitmap block 3 in block_group 0
[  567.819808][ T9856] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:482: comm ext4lazyinit: Invalid block bitmap block 3 in block_group 0
[  567.914489][ T5828] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  567.934483][ T9871] syzkaller0: entered promiscuous mode
[  567.994606][ T9871] syzkaller0: entered allmulticast mode
[  570.677893][ T9919] netlink: 548 bytes leftover after parsing attributes in process `syz.8.1042'.
[  571.334800][ T9927] loop5: detected capacity change from 0 to 164
[  571.517529][ T9661] hsr_slave_0: entered promiscuous mode
[  571.529200][ T9661] hsr_slave_1: entered promiscuous mode
[  571.536875][ T9910] batadv_slave_1: entered promiscuous mode
[  571.583160][ T9917] netlink: 'syz.8.1042': attribute type 29 has an invalid length.
[  571.804310][ T9933] loop9: detected capacity change from 0 to 512
[  571.812161][ T9933] EXT4-fs: Ignoring removed nobh option
[  571.835561][ T1131] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  571.961359][ T9938] loop5: detected capacity change from 0 to 256
[  572.114147][ T9910] batadv_slave_1: left promiscuous mode
[  572.292369][ T9938] FAT-fs (loop5): Directory bread(block 64) failed
[  572.299297][ T9938] FAT-fs (loop5): Directory bread(block 65) failed
[  572.309787][ T9938] FAT-fs (loop5): Directory bread(block 66) failed
[  572.316577][ T9938] FAT-fs (loop5): Directory bread(block 67) failed
[  572.324010][ T9938] FAT-fs (loop5): Directory bread(block 68) failed
[  572.330847][ T9938] FAT-fs (loop5): Directory bread(block 69) failed
[  572.338153][ T9938] FAT-fs (loop5): Directory bread(block 70) failed
[  572.345098][ T9938] FAT-fs (loop5): Directory bread(block 71) failed
[  572.352371][ T9938] FAT-fs (loop5): Directory bread(block 72) failed
[  572.359350][ T9938] FAT-fs (loop5): Directory bread(block 73) failed
[  572.654284][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  572.804557][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  572.811893][ T9933] EXT4-fs (loop9): Cannot turn on journaled quota: type 0: error -2
[  572.832447][ T9933] EXT4-fs error (device loop9): ext4_free_branches:1020: inode #13: comm syz.9.1049: invalid indirect mapped block 256 (level 1)
[  572.855636][ T9933] EXT4-fs error (device loop9): ext4_free_branches:1020: inode #13: comm syz.9.1049: invalid indirect mapped block 2683928664 (level 1)
[  573.349263][ T9933] EXT4-fs (loop9): 1 truncate cleaned up
[  573.464439][ T9933] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  573.770624][   T31] audit: type=1326 audit(1769121987.603:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9944 comm="syz.6.1051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fdc39acb9 code=0x7ffc0000
[  573.806444][ T1131] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  573.872589][ T9933] EXT4-fs error (device loop9): ext4_read_block_bitmap_nowait:482: comm syz.9.1049: Invalid block bitmap block 3 in block_group 0
[  574.004673][   T31] audit: type=1326 audit(1769121987.653:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9944 comm="syz.6.1051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fdc39acb9 code=0x7ffc0000
[  574.050506][ T9933] EXT4-fs error (device loop9) in ext4_mb_clear_bb:6689: Corrupt filesystem
[  574.105233][   T31] audit: type=1326 audit(1769121987.663:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9944 comm="syz.6.1051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fdc39acb9 code=0x7ffc0000
[  574.127992][   T31] audit: type=1326 audit(1769121987.663:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9944 comm="syz.6.1051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fdc39acb9 code=0x7ffc0000
[  574.186638][ T9933] EXT4-fs error (device loop9): ext4_free_branches:1020: inode #13: comm syz.9.1049: invalid indirect mapped block 2683928664 (level 1)
[  574.448913][   T31] audit: type=1326 audit(1769121987.673:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9944 comm="syz.6.1051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f2fdc39acb9 code=0x7ffc0000
[  574.477204][   T31] audit: type=1326 audit(1769121987.673:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9944 comm="syz.6.1051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fdc39acb9 code=0x7ffc0000
[  574.499807][   T31] audit: type=1326 audit(1769121987.683:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9944 comm="syz.6.1051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fdc39acb9 code=0x7ffc0000
[  574.522429][   T31] audit: type=1326 audit(1769121987.683:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9944 comm="syz.6.1051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fdc39acb9 code=0x7ffc0000
[  574.545441][   T31] audit: type=1326 audit(1769121987.733:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9944 comm="syz.6.1051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fdc39acb9 code=0x7ffc0000
[  574.571296][   T31] audit: type=1326 audit(1769121987.733:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9944 comm="syz.6.1051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fdc39acb9 code=0x7ffc0000
[  575.303675][ T9417] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  575.528871][ T9968] new mount options do not match the existing superblock, will be ignored
[  575.543536][ T1131] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  575.696554][ T9971] loop9: detected capacity change from 0 to 2048
[  575.778037][ T9971] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  575.873655][ T9978] loop8: detected capacity change from 0 to 512
[  575.896027][ T9978] EXT4-fs warning (device loop8): ext4_init_metadata_csum:4636: metadata_csum and uninit_bg are redundant flags; please run fsck.
[  575.909787][ T9978] EXT4-fs (loop8): VFS: Found ext4 filesystem with unknown checksum algorithm.
[  576.002381][ T5833] udevd[5833]: incorrect ext4 checksum on /dev/loop8
[  576.438877][ T9417] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  576.535892][ T9987] batadv_slave_1: entered promiscuous mode
[  576.628042][ T9986] batadv_slave_1: left promiscuous mode
[  576.932131][ T1131] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  577.020728][T10003] loop1: detected capacity change from 0 to 512
[  577.049133][T10003] EXT4-fs: Ignoring removed nobh option
[  577.121242][T10003] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2
[  577.199956][T10003] EXT4-fs error (device loop1): ext4_free_branches:1020: inode #13: comm syz.1.1067: invalid indirect mapped block 256 (level 1)
[  577.296301][T10003] EXT4-fs error (device loop1): ext4_free_branches:1020: inode #13: comm syz.1.1067: invalid indirect mapped block 2683928664 (level 1)
[  577.391923][T10003] EXT4-fs (loop1): 1 truncate cleaned up
[  577.401725][T10003] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  577.434121][T10011] loop9: detected capacity change from 0 to 128
[  577.479110][T10003] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:482: comm syz.1.1067: Invalid block bitmap block 3 in block_group 0
[  577.703350][T10003] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6689: Corrupt filesystem
[  577.865659][T10011] FAT-fs (loop9): error, fat_get_cluster: invalid start cluster (i_pos 1, start 04000002)
[  578.579545][T10011] FAT-fs (loop9): Filesystem has been set read-only
[  578.596254][T10003] EXT4-fs error (device loop1): ext4_free_branches:1020: inode #13: comm syz.1.1067: invalid indirect mapped block 2683928664 (level 1)
[  578.817077][T10022] netlink: 16 bytes leftover after parsing attributes in process `syz.8.1072'.
[  578.873139][ T5828] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  579.185165][T10028] loop8: detected capacity change from 0 to 512
[  579.229960][T10028] FAT-fs (loop8): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  579.356741][ T1131] bridge_slave_1: left allmulticast mode
[  579.494514][ T1131] bridge_slave_1: left promiscuous mode
[  579.547274][ T1131] bridge0: port 2(bridge_slave_1) entered disabled state
[  579.856217][ T1131] bridge_slave_0: left allmulticast mode
[  579.883429][ T1131] bridge_slave_0: left promiscuous mode
[  579.949779][ T1131] bridge0: port 1(bridge_slave_0) entered disabled state
[  580.500162][T10044] netlink: 68 bytes leftover after parsing attributes in process `syz.8.1081'.
[  581.696141][T10053] loop8: detected capacity change from 0 to 512
[  581.733602][T10053] EXT4-fs: Ignoring removed nobh option
[  581.832517][T10053] EXT4-fs (loop8): Cannot turn on journaled quota: type 0: error -2
[  581.875865][T10053] EXT4-fs error (device loop8): ext4_free_branches:1020: inode #13: comm syz.8.1084: invalid indirect mapped block 256 (level 1)
[  581.942370][T10053] EXT4-fs error (device loop8): ext4_free_branches:1020: inode #13: comm syz.8.1084: invalid indirect mapped block 2683928664 (level 1)
[  581.983488][T10053] EXT4-fs (loop8): 1 truncate cleaned up
[  582.003790][T10053] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  582.152140][T10053] EXT4-fs error (device loop8): ext4_read_block_bitmap_nowait:482: comm syz.8.1084: Invalid block bitmap block 3 in block_group 0
[  582.205796][T10053] EXT4-fs error (device loop8) in ext4_mb_clear_bb:6689: Corrupt filesystem
[  582.421532][T10053] EXT4-fs error (device loop8): ext4_free_branches:1020: inode #13: comm syz.8.1084: invalid indirect mapped block 2683928664 (level 1)
[  582.638033][ T8665] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  582.661946][ T1131] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  582.715572][ T1131] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  582.767255][ T1131] bond0 (unregistering): Released all slaves
[  582.814621][T10035] batadv_slave_1: entered promiscuous mode
[  582.828017][T10063] netlink: 24 bytes leftover after parsing attributes in process `syz.8.1087'.
[  583.060782][T10035] batadv_slave_1: left promiscuous mode
[  583.751448][T10073] team0: No ports can be present during mode change
[  583.856325][T10082] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1095'.
[  584.152719][T10086] loop6: detected capacity change from 0 to 1024
[  584.239341][T10092] netlink: 24 bytes leftover after parsing attributes in process `syz.8.1097'.
[  584.549162][T10086] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  585.156226][T10086] EXT4-fs error (device loop6): ext4_xattr_inode_iget:441: comm syz.6.1096: inode #1768843564: comm syz.6.1096: iget: illegal inode #
[  585.487529][T10104] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1099'.
[  585.527153][T10086] EXT4-fs (loop6): Remounting filesystem read-only
[  585.541111][T10086] EXT4-fs warning (device loop6): ext4_xattr_inode_inc_ref_all:1134: inode #19: comm syz.6.1096: cleanup dec ref error -30
[  585.558834][T10086] EXT4-fs warning (device loop6): ext4_xattr_block_set:2199: inode #19: comm syz.6.1096: dec ref error=-30
[  586.765308][ T7297] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  586.808682][ T1131] hsr_slave_0: left promiscuous mode
[  586.858122][ T1131] hsr_slave_1: left promiscuous mode
[  586.870691][ T1131] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  586.898635][ T1131] batman_adv: batadv0: Removing interface: batadv_slave_0
[  586.957156][ T1131] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  586.971564][ T1131] batman_adv: batadv0: Removing interface: batadv_slave_1
[  587.163148][ T1131] veth1_macvtap: left promiscuous mode
[  587.209273][ T1131] veth0_macvtap: left promiscuous mode
[  587.242242][ T1131] veth1_vlan: left promiscuous mode
[  587.281341][ T1131] veth0_vlan: left promiscuous mode
[  589.531379][T10130] netlink: 68 bytes leftover after parsing attributes in process `syz.5.1109'.
[  589.858863][ T1131] team0 (unregistering): Port device team_slave_1 removed
[  589.941243][ T1131] team0 (unregistering): Port device team_slave_0 removed
[  591.912128][T10124] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[  592.432996][ T9661] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  592.669566][T10170] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1119'.
[  592.724443][ T9661] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  592.822354][ T9661] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  592.931388][ T9661] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  593.312911][T10189] netlink: 68 bytes leftover after parsing attributes in process `syz.8.1123'.
[  593.812609][ T9661] 8021q: adding VLAN 0 to HW filter on device bond0
[  593.985642][ T9661] 8021q: adding VLAN 0 to HW filter on device team0
[  594.113407][ T6835] bridge0: port 1(bridge_slave_0) entered blocking state
[  594.120702][ T6835] bridge0: port 1(bridge_slave_0) entered forwarding state
[  594.263190][  T994] bridge0: port 2(bridge_slave_1) entered blocking state
[  594.270461][  T994] bridge0: port 2(bridge_slave_1) entered forwarding state
[  596.098175][ T9661] 8021q: adding VLAN 0 to HW filter on device batadv0
[  596.562512][T10228] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1134'.
[  596.920218][T10242] netlink: 68 bytes leftover after parsing attributes in process `syz.8.1137'.
[  596.939028][   T31] kauditd_printk_skb: 61 callbacks suppressed
[  596.939054][   T31] audit: type=1326 audit(1769122010.773:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10241 comm="syz.5.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73a959acb9 code=0x7ffc0000
[  597.062177][   T31] audit: type=1326 audit(1769122010.773:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10241 comm="syz.5.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73a959acb9 code=0x7ffc0000
[  597.205989][   T31] audit: type=1326 audit(1769122010.773:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10241 comm="syz.5.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73a959acb9 code=0x7ffc0000
[  597.325240][   T31] audit: type=1326 audit(1769122010.783:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10241 comm="syz.5.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73a959acb9 code=0x7ffc0000
[  597.452405][   T31] audit: type=1326 audit(1769122010.783:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10241 comm="syz.5.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f73a959acb9 code=0x7ffc0000
[  597.560961][ T9661] veth0_vlan: entered promiscuous mode
[  597.566626][   T31] audit: type=1326 audit(1769122010.783:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10241 comm="syz.5.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73a959acb9 code=0x7ffc0000
[  597.804071][   T31] audit: type=1326 audit(1769122010.783:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10241 comm="syz.5.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73a959acb9 code=0x7ffc0000
[  597.827732][   T31] audit: type=1326 audit(1769122010.783:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10241 comm="syz.5.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73a959acb9 code=0x7ffc0000
[  597.853681][ T9661] veth1_vlan: entered promiscuous mode
[  597.873027][T10260] loop1: detected capacity change from 0 to 512
[  597.891763][   T31] audit: type=1326 audit(1769122010.793:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10241 comm="syz.5.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73a959acb9 code=0x7ffc0000
[  597.947678][T10260] EXT4-fs: Ignoring removed nobh option
[  597.967214][T10262] overlayfs: failed to resolve './file0': -2
[  597.999754][   T31] audit: type=1326 audit(1769122010.793:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10241 comm="syz.5.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f73a959acb9 code=0x7ffc0000
[  598.059225][ T9661] veth0_macvtap: entered promiscuous mode
[  598.125503][T10260] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2
[  598.133050][ T9661] veth1_macvtap: entered promiscuous mode
[  598.191157][ T9661] batman_adv: batadv0: Interface activated: batadv_slave_0
[  598.206407][ T9661] batman_adv: batadv0: Interface activated: batadv_slave_1
[  598.221283][T10260] EXT4-fs error (device loop1): ext4_free_branches:1020: inode #13: comm syz.1.1143: invalid indirect mapped block 256 (level 1)
[  598.228175][ T1131] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  598.234953][ T5872] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  598.306323][ T1131] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  598.346176][T10260] EXT4-fs error (device loop1): ext4_free_branches:1020: inode #13: comm syz.1.1143: invalid indirect mapped block 2683928664 (level 1)
[  598.384325][ T1131] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  598.401865][T10260] EXT4-fs (loop1): 1 truncate cleaned up
[  598.470509][T10260] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  598.507229][ T1131] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  598.543758][ T5872] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  598.649077][ T5872] usb 9-1: New USB device found, idVendor=0c12, idProduct=0005, bcdDevice= 0.00
[  598.662326][T10260] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:482: comm syz.1.1143: Invalid block bitmap block 3 in block_group 0
[  598.693648][ T5872] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  598.732286][T10260] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6689: Corrupt filesystem
[  598.750841][ T5872] usb 9-1: config 0 descriptor??
[  598.801556][T10260] EXT4-fs error (device loop1): ext4_free_branches:1020: inode #13: comm syz.1.1143: invalid indirect mapped block 2683928664 (level 1)
[  598.880342][T10268] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:482: comm ext4lazyinit: Invalid block bitmap block 3 in block_group 0
[  598.965709][T10268] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:482: comm ext4lazyinit: Invalid block bitmap block 3 in block_group 0
[  599.057002][ T3000] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  599.076350][ T3000] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  599.093962][ T5828] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  599.192429][ T5872] zeroplus 0003:0C12:0005.000B: item fetching failed at offset 0/3
[  599.275493][ T9150] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  599.305636][ T5872] zeroplus 0003:0C12:0005.000B: parse failed
[  599.328896][ T9150] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  599.360620][ T5872] zeroplus 0003:0C12:0005.000B: probe with driver zeroplus failed with error -22
[  599.984193][T10287] binder: 10286:10287 ioctl c0306201 0 returned -14
[  601.187160][T10292] loop1: detected capacity change from 0 to 2048
[  601.311725][T10292] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  601.356144][T10299] loop5: detected capacity change from 0 to 1024
[  601.380391][T10299] EXT4-fs: Ignoring removed nobh option
[  601.414123][T10299] EXT4-fs: Ignoring removed bh option
[  601.444949][T10292] EXT4-fs error (device loop1): ext4_iget_extra_inode:5072: inode #12: comm syz.1.1150: corrupted in-inode xattr: e_value size too large
[  601.478571][T10299] EXT4-fs (loop5): stripe (8) is not aligned with cluster size (16), stripe is disabled
[  601.685124][T10299] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  601.767856][ T5828] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[  602.274628][T10310] loop9: detected capacity change from 0 to 256
[  602.516395][T10313] loop1: detected capacity change from 0 to 512
[  602.535758][T10313] EXT4-fs: Ignoring removed bh option
[  602.611762][T10313] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  602.687304][T10313] EXT4-fs (loop1): 1 truncate cleaned up
[  602.755442][T10313] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  602.944516][ T5832] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  603.357106][T10329] loop5: detected capacity change from 0 to 512
[  603.427131][  T791] usb 9-1: USB disconnect, device number 3
[  603.462041][T10329] EXT4-fs: Ignoring removed nobh option
[  603.496477][T10333] loop9: detected capacity change from 0 to 512
[  603.526792][T10329] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -2
[  603.546776][T10333] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  603.596283][T10329] EXT4-fs error (device loop5): ext4_free_branches:1020: inode #13: comm syz.5.1159: invalid indirect mapped block 256 (level 1)
[  603.695647][T10333] EXT4-fs (loop9): 1 truncate cleaned up
[  603.753575][T10329] EXT4-fs error (device loop5): ext4_free_branches:1020: inode #13: comm syz.5.1159: invalid indirect mapped block 2683928664 (level 1)
[  603.788805][T10329] EXT4-fs (loop5): 1 truncate cleaned up
[  603.805895][T10329] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  603.880046][T10333] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  603.900214][ T5828] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  604.147514][T10346] netlink: 'syz.4.1166': attribute type 21 has an invalid length.
[  604.219791][T10346] IPv6: NLM_F_CREATE should be specified when creating new route
[  604.363502][ T5832] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  604.391724][ T9417] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  606.113930][T10379] loop1: detected capacity change from 0 to 512
[  606.132592][T10379] EXT4-fs: Ignoring removed bh option
[  606.212675][T10379] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  606.355448][T10379] EXT4-fs (loop1): 1 truncate cleaned up
[  607.020828][T10379] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  607.992107][ T6093] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  608.197051][ T6093] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  608.264166][ T6093] usb 5-1: New USB device found, idVendor=0c12, idProduct=0005, bcdDevice= 0.00
[  608.288067][ T6093] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  608.318592][ T5828] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  608.342851][ T6093] usb 5-1: config 0 descriptor??
[  608.446149][T10399] loop5: detected capacity change from 0 to 512
[  608.447607][T10399] EXT4-fs: Ignoring removed nobh option
[  608.639941][T10399] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -2
[  608.730799][T10399] EXT4-fs error (device loop5): ext4_free_branches:1020: inode #13: comm syz.5.1181: invalid indirect mapped block 256 (level 1)
[  608.763402][ T6093] zeroplus 0003:0C12:0005.000C: item fetching failed at offset 0/3
[  608.821268][ T6093] zeroplus 0003:0C12:0005.000C: parse failed
[  608.827427][ T6093] zeroplus 0003:0C12:0005.000C: probe with driver zeroplus failed with error -22
[  608.839314][T10399] EXT4-fs error (device loop5): ext4_free_branches:1020: inode #13: comm syz.5.1181: invalid indirect mapped block 2683928664 (level 1)
[  608.903804][T10399] EXT4-fs (loop5): 1 truncate cleaned up
[  609.086068][T10399] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  609.183774][T10414] loop6: detected capacity change from 0 to 1024
[  609.911058][T10414] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  610.110016][ T5872] usb 5-1: USB disconnect, device number 7
[  610.232731][ T5832] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  610.838598][T10443] loop9: detected capacity change from 0 to 512
[  610.872012][T10443] EXT4-fs: Ignoring removed bh option
[  610.933673][T10443] EXT4-fs (loop9): mounting ext3 file system using the ext4 subsystem
[  611.755018][T10443] EXT4-fs (loop9): 1 truncate cleaned up
[  611.798370][T10443] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  611.874242][ T7297] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  611.977034][T10454] loop8: detected capacity change from 0 to 256
[  612.016119][T10454] FAT-fs (loop8): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  612.413309][ T9417] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  612.606427][T10465] loop5: detected capacity change from 0 to 512
[  612.872100][T10465] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  613.402826][T10465] ext4 filesystem being mounted at /225/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  614.144749][T10465] EXT4-fs error (device loop5): ext4_xattr_block_get:597: inode #12: comm syz.5.1200: corrupted xattr block 6: invalid header
[  614.484560][T10483] loop4: detected capacity change from 0 to 512
[  614.547521][T10483] EXT4-fs: Ignoring removed nobh option
[  614.617331][ T5832] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  614.650696][T10483] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[  614.680610][T10483] EXT4-fs error (device loop4): ext4_free_branches:1020: inode #13: comm syz.4.1203: invalid indirect mapped block 256 (level 1)
[  614.721160][T10488] loop6: detected capacity change from 0 to 128
[  614.782936][T10488] EXT4-fs: Ignoring removed nobh option
[  614.790102][T10483] EXT4-fs error (device loop4): ext4_free_branches:1020: inode #13: comm syz.4.1203: invalid indirect mapped block 2683928664 (level 1)
[  614.835703][T10488] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  614.869301][T10483] EXT4-fs (loop4): 1 truncate cleaned up
[  614.933717][T10483] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  614.949821][T10488] ext4 filesystem being mounted at /132/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  614.995792][T10493] netlink: 256 bytes leftover after parsing attributes in process `syz.8.1207'.
[  615.007808][T10488] EXT4-fs warning (device loop6): __ext4_ioctl:1554: Setting inode version is not supported with metadata_csum enabled.
[  615.180762][T10498] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  615.188159][T10498] IPv6: NLM_F_CREATE should be set when creating new route
[  615.275935][ T7297] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  615.383706][ T9661] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  616.646673][T10516] loop4: detected capacity change from 0 to 128
[  616.750372][T10516] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  616.853134][T10516] ext4 filesystem being mounted at /11/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  618.966884][ T9638] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  619.011437][ T9638] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  619.059993][ T9150] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  619.105879][ T9150] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  620.424563][T10573] loop1: detected capacity change from 0 to 1024
[  620.512403][T10573] EXT4-fs: Ignoring removed oldalloc option
[  620.512458][T10573] EXT4-fs: Ignoring removed bh option
[  620.550261][T10573] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  620.900122][ T5828] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  622.620317][T10610] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1238'.
[  622.711642][T10614] loop5: detected capacity change from 0 to 128
[  622.741287][ T9661] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  622.784386][T10614] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  622.950136][T10614] ext4 filesystem being mounted at /234/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  623.022319][   T31] kauditd_printk_skb: 5 callbacks suppressed
[  623.022344][   T31] audit: type=1800 audit(1769122036.863:208): pid=10614 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1240" name="file1" dev="loop5" ino=12 res=0 errno=0
[  623.323285][ T5832] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  623.401381][   T31] audit: type=1800 audit(1769122036.863:209): pid=10614 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1240" name="file1" dev="loop5" ino=12 res=0 errno=0
[  624.336933][T10637] loop1: detected capacity change from 0 to 512
[  624.674814][T10646] netlink: 12 bytes leftover after parsing attributes in process `syz.8.1248'.
[  624.747087][T10637] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  624.771080][T10637] ext4 filesystem being mounted at /237/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  625.465986][T10637] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1303: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  625.513548][T10637] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 2 with error 28
[  625.649701][T10637] EXT4-fs (loop1): This should not happen!! Data will be lost
[  625.649701][T10637] 
[  625.729992][T10656] batadv_slave_1: entered promiscuous mode
[  625.751231][T10637] EXT4-fs (loop1): Total free blocks count 0
[  625.753374][T10655] batadv_slave_1: left promiscuous mode
[  625.808930][T10637] EXT4-fs (loop1): Free/Dirty block details
[  625.845607][T10637] EXT4-fs (loop1): free_blocks=65280
[  625.879673][T10637] EXT4-fs (loop1): dirty_blocks=2
[  625.897592][T10637] EXT4-fs (loop1): Block reservation details
[  626.047102][T10637] EXT4-fs (loop1): i_reserved_data_blocks=2
[  626.811282][T10665] netlink: 'syz.8.1252': attribute type 10 has an invalid length.
[  626.919132][ T5828] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  628.454344][T10685] veth0: entered promiscuous mode
[  628.490703][T10684] veth0: left promiscuous mode
[  628.633273][T10690] syz.8.1262 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  628.985138][T10693] loop1: detected capacity change from 0 to 512
[  629.329417][ T5849] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  629.349887][ T5849] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  629.369885][ T5849] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  629.559970][T10693] EXT4-fs: Ignoring removed oldalloc option
[  629.620673][ T5849] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  629.630642][ T5849] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  629.711652][T10693] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  629.846138][T10693] EXT4-fs (loop1): 1 truncate cleaned up
[  629.931430][T10693] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  630.133511][T10710] batadv_slave_1: entered promiscuous mode
[  630.199930][T10709] batadv_slave_1: left promiscuous mode
[  630.695525][ T5828] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  631.578791][T10692] chnl_net:caif_netlink_parms(): no params data found
[  631.684325][ T5844] Bluetooth: hci3: command tx timeout
[  632.030007][ T5872] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  632.686803][ T5872] usb 7-1: device descriptor read/64, error -71
[  632.988515][ T5872] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  633.477204][ T5872] usb 7-1: device descriptor read/64, error -71
[  633.779610][ T5844] Bluetooth: hci3: command tx timeout
[  633.810173][ T5872] usb usb7-port1: attempt power cycle
[  634.090445][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  634.097097][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  635.816440][T10692] bridge0: port 1(bridge_slave_0) entered blocking state
[  635.849888][ T5844] Bluetooth: hci3: command tx timeout
[  635.850732][T10692] bridge0: port 1(bridge_slave_0) entered disabled state
[  635.899274][T10692] bridge_slave_0: entered allmulticast mode
[  635.907913][T10692] bridge_slave_0: entered promiscuous mode
[  635.926964][T10774] batadv_slave_1: entered promiscuous mode
[  635.956713][T10778] batadv_slave_1: left promiscuous mode
[  635.975562][T10692] bridge0: port 2(bridge_slave_1) entered blocking state
[  636.009835][T10692] bridge0: port 2(bridge_slave_1) entered disabled state
[  636.040963][T10692] bridge_slave_1: entered allmulticast mode
[  636.089620][T10692] bridge_slave_1: entered promiscuous mode
[  636.327262][T10795] loop4: detected capacity change from 0 to 128
[  636.359172][ T6090] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  636.422284][T10795] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  636.479938][T10795] ext4 filesystem being mounted at /25/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  636.618359][T10692] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  636.639156][T10802] loop1: detected capacity change from 0 to 512
[  636.683212][T10802] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  636.848592][T10802] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 0, start 22000003)
[  636.859775][T10802] FAT-fs (loop1): Filesystem has been set read-only
[  636.876826][ T9661] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  636.894901][ T6090] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  637.113278][T10692] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  637.295013][ T6090] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  637.930084][ T5844] Bluetooth: hci3: command tx timeout
[  638.634954][ T6090] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  638.753798][T10836] batadv_slave_1: entered promiscuous mode
[  638.785492][T10692] team0: Port device team_slave_0 added
[  638.789528][ T6093] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  638.797105][T10835] batadv_slave_1: left promiscuous mode
[  638.854943][T10692] team0: Port device team_slave_1 added
[  638.949693][ T6093] usb 5-1: device descriptor read/64, error -71
[  639.010683][T10692] batman_adv: batadv0: Adding interface: batadv_slave_0
[  639.061759][T10692] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  639.122317][T10692] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  639.229467][ T6093] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  639.244069][T10692] batman_adv: batadv0: Adding interface: batadv_slave_1
[  639.259413][T10692] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  639.369654][T10692] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  639.409997][ T6093] usb 5-1: device descriptor read/64, error -71
[  639.523429][ T6093] usb usb5-port1: attempt power cycle
[  639.890001][ T6093] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  639.897165][T10692] hsr_slave_0: entered promiscuous mode
[  639.931146][T10692] hsr_slave_1: entered promiscuous mode
[  639.937779][T10692] debugfs: 'hsr0' already exists in 'hsr'
[  639.941658][ T6093] usb 5-1: device descriptor read/8, error -71
[  639.977509][T10692] Cannot create hsr debugfs directory
[  639.986957][ T6090] bridge_slave_1: left allmulticast mode
[  640.019616][ T6090] bridge_slave_1: left promiscuous mode
[  640.030835][ T6090] bridge0: port 2(bridge_slave_1) entered disabled state
[  640.084009][ T6090] bridge_slave_0: left allmulticast mode
[  640.094621][ T6090] bridge_slave_0: left promiscuous mode
[  640.133536][ T6090] bridge0: port 1(bridge_slave_0) entered disabled state
[  640.213901][ T6093] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  640.387923][ T6093] usb 5-1: device descriptor read/8, error -71
[  640.624783][ T6093] usb usb5-port1: unable to enumerate USB device
[  642.475259][T10890] loop4: detected capacity change from 0 to 512
[  642.506310][T10890] EXT4-fs: Ignoring removed nobh option
[  642.589877][T10890] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[  642.616586][T10890] EXT4-fs error (device loop4): ext4_free_branches:1020: inode #13: comm syz.4.1319: invalid indirect mapped block 256 (level 1)
[  642.633547][T10890] EXT4-fs error (device loop4): ext4_free_branches:1020: inode #13: comm syz.4.1319: invalid indirect mapped block 2683928664 (level 1)
[  642.649323][T10890] EXT4-fs (loop4): 1 truncate cleaned up
[  642.659756][T10890] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  642.761882][ T9661] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  643.069718][ T6090] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  643.113679][ T6090] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  643.162100][ T6090] bond0 (unregistering): Released all slaves
[  643.182320][T10858] geneve2: entered promiscuous mode
[  644.015770][ T6035] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[  644.412799][ T6035] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  644.590224][T10877] batadv_slave_1: entered promiscuous mode
[  644.759973][ T6035] usb 9-1: New USB device found, idVendor=0403, idProduct=6010, bcdDevice= 1.41
[  644.933096][T10878] batadv_slave_1: left promiscuous mode
[  645.150309][ T6035] usb 9-1: New USB device strings: Mfr=0, Product=246, SerialNumber=2
[  645.491955][ T6035] usb 9-1: Product: syz
[  645.657485][ T6035] usb 9-1: SerialNumber: syz
[  645.722361][ T6035] usb 9-1: config 0 descriptor??
[  646.278310][ T6035] ftdi_sio 9-1:0.0: FTDI USB Serial Device converter detected
[  646.307382][ T6035] usb 9-1: Detected SIO
[  646.342467][ T6035] usb 9-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  646.375587][ T6035] usb 9-1: USB disconnect, device number 4
[  646.410782][ T6035] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  646.478629][ T6035] ftdi_sio 9-1:0.0: device disconnected
[  647.410980][ T5917] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[  647.603035][ T5917] usb 9-1: device descriptor read/64, error -71
[  647.637636][T10936] loop6: detected capacity change from 0 to 512
[  647.675595][T10936] EXT4-fs: Ignoring removed nobh option
[  647.786512][T10936] EXT4-fs (loop6): Cannot turn on journaled quota: type 0: error -2
[  647.846950][T10936] EXT4-fs error (device loop6): ext4_free_branches:1020: inode #13: comm syz.6.1334: invalid indirect mapped block 256 (level 1)
[  647.869791][ T5917] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[  647.925733][T10936] EXT4-fs error (device loop6): ext4_free_branches:1020: inode #13: comm syz.6.1334: invalid indirect mapped block 2683928664 (level 1)
[  647.996137][T10936] EXT4-fs (loop6): 1 truncate cleaned up
[  648.033772][T10936] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  648.046706][ T5917] usb 9-1: device descriptor read/64, error -71
[  648.170001][ T5917] usb usb9-port1: attempt power cycle
[  648.338184][ T7297] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  648.502085][ T6090] hsr_slave_0: left promiscuous mode
[  648.523221][ T5917] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[  648.539689][ T6090] hsr_slave_1: left promiscuous mode
[  648.546000][ T6090] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  648.562326][ T5917] usb 9-1: device descriptor read/8, error -71
[  648.606395][ T6090] batman_adv: batadv0: Removing interface: batadv_slave_0
[  648.654726][ T6090] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  648.680868][ T6090] batman_adv: batadv0: Removing interface: batadv_slave_1
[  648.850234][ T5917] usb 9-1: new high-speed USB device number 8 using dummy_hcd
[  648.862021][ T6090] veth1_macvtap: left promiscuous mode
[  648.887273][ T6090] veth0_macvtap: left promiscuous mode
[  648.913470][ T5917] usb 9-1: device descriptor read/8, error -71
[  648.924874][ T6090] veth1_vlan: left promiscuous mode
[  648.949843][ T6090] veth0_vlan: left promiscuous mode
[  649.877173][ T6093] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  650.007908][ T5917] usb usb9-port1: unable to enumerate USB device
[  650.416223][ T6093] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  650.828929][ T6093] usb 6-1: New USB device found, idVendor=0403, idProduct=6010, bcdDevice= 1.41
[  651.034026][ T6093] usb 6-1: New USB device strings: Mfr=0, Product=246, SerialNumber=2
[  651.102463][ T6093] usb 6-1: Product: syz
[  651.140159][ T6093] usb 6-1: SerialNumber: syz
[  651.292603][ T6093] usb 6-1: config 0 descriptor??
[  651.424339][T10968] loop8: detected capacity change from 0 to 512
[  651.624006][ T6093] ftdi_sio 6-1:0.0: FTDI USB Serial Device converter detected
[  651.720302][T10964] xt_hashlimit: max too large, truncated to 1048576
[  651.897383][ T6093] usb 6-1: Detected SIO
[  651.936447][T10968] 
[  651.938818][T10968] ======================================================
[  651.945846][T10968] WARNING: possible circular locking dependency detected
[  651.952920][T10968] syzkaller #0 Not tainted
[  651.957334][T10968] ------------------------------------------------------
[  651.964471][T10968] syz.8.1344/10968 is trying to acquire lock:
[  651.970540][T10968] ffff888031b88b98 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: do_writepages+0x278/0x600
[  651.980526][T10968] 
[  651.980526][T10968] but task is already holding lock:
[  651.987897][T10968] ffff8880651e9408 (&ei->xattr_sem){++++}-{4:4}, at: __ext4_mark_inode_dirty+0x5ad/0x840
[  651.997891][T10968] 
[  651.997891][T10968] which lock already depends on the new lock.
[  651.997891][T10968] 
[  652.008309][T10968] 
[  652.008309][T10968] the existing dependency chain (in reverse order) is:
[  652.017331][T10968] 
[  652.017331][T10968] -> #2 (&ei->xattr_sem){++++}-{4:4}:
[  652.024944][T10968]        down_write+0x8b/0x1f0
[  652.029753][T10968]        ext4_inline_data_truncate+0x1b5/0xc90
[  652.035955][T10968]        ext4_truncate+0xae6/0x11c0
[  652.041188][T10968]        ext4_evict_inode+0x86d/0x1760
[  652.046676][T10968]        evict+0x3c2/0xad0
[  652.051114][T10968]        iput.part.0+0x624/0x1150
[  652.056167][T10968]        iput+0x35/0x40
[  652.060351][T10968]        ext4_orphan_cleanup+0x71e/0x11e0
[  652.066109][T10968]        ext4_fill_super+0x90b8/0xb3f0
[  652.071619][T10968]        get_tree_bdev_flags+0x38c/0x620
[  652.077310][T10968]        vfs_get_tree+0x92/0x320
[  652.082299][T10968]        path_mount+0x7d0/0x23c0
[  652.087269][T10968]        __x64_sys_mount+0x293/0x310
[  652.092590][T10968]        do_syscall_64+0xc9/0xf80
[  652.098366][T10968]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  652.104827][T10968] 
[  652.104827][T10968] -> #1 (sb_internal){++++}-{0:0}:
[  652.112189][T10968]        ext4_evict_inode+0xcef/0x1760
[  652.117688][T10968]        evict+0x3c2/0xad0
[  652.122136][T10968]        iput.part.0+0x624/0x1150
[  652.127189][T10968]        iput+0x35/0x40
[  652.131372][T10968]        ext4_ext_migrate+0xd4d/0x1ff0
[  652.136948][T10968]        __ext4_ioctl+0xd7e/0x4230
[  652.142091][T10968]        __x64_sys_ioctl+0x18e/0x210
[  652.147483][T10968]        do_syscall_64+0xc9/0xf80
[  652.152528][T10968]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  652.158959][T10968] 
[  652.158959][T10968] -> #0 (&sbi->s_writepages_rwsem){++++}-{0:0}:
[  652.167499][T10968]        __lock_acquire+0x14b8/0x2630
[  652.172902][T10968]        lock_acquire+0x17c/0x330
[  652.177963][T10968]        ext4_writepages+0x21d/0x790
[  652.183699][T10968]        do_writepages+0x278/0x600
[  652.188829][T10968]        __writeback_single_inode+0x164/0x13c0
[  652.195007][T10968]        writeback_single_inode+0x4d3/0xf30
[  652.200953][T10968]        write_inode_now+0x174/0x1f0
[  652.206260][T10968]        iput.part.0+0x818/0x1150
[  652.211296][T10968]        iput+0x35/0x40
[  652.215459][T10968]        ext4_xattr_block_set+0x6f7/0x3660
[  652.221291][T10968]        ext4_expand_extra_isize_ea+0x17c6/0x1d70
[  652.227713][T10968]        __ext4_expand_extra_isize+0x346/0x480
[  652.233906][T10968]        __ext4_mark_inode_dirty+0x63a/0x840
[  652.239911][T10968]        ext4_evict_inode+0x813/0x1760
[  652.245403][T10968]        evict+0x3c2/0xad0
[  652.249834][T10968]        iput.part.0+0x624/0x1150
[  652.254871][T10968]        iput+0x35/0x40
[  652.259082][T10968]        ext4_orphan_cleanup+0x71e/0x11e0
[  652.264998][T10968]        ext4_fill_super+0x90b8/0xb3f0
[  652.270482][T10968]        get_tree_bdev_flags+0x38c/0x620
[  652.276144][T10968]        vfs_get_tree+0x92/0x320
[  652.281100][T10968]        path_mount+0x7d0/0x23c0
[  652.286055][T10968]        __x64_sys_mount+0x293/0x310
[  652.291438][T10968]        do_syscall_64+0xc9/0xf80
[  652.296478][T10968]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  652.302899][T10968] 
[  652.302899][T10968] other info that might help us debug this:
[  652.302899][T10968] 
[  652.313215][T10968] Chain exists of:
[  652.313215][T10968]   &sbi->s_writepages_rwsem --> sb_internal --> &ei->xattr_sem
[  652.313215][T10968] 
[  652.326745][T10968]  Possible unsafe locking scenario:
[  652.326745][T10968] 
[  652.334386][T10968]        CPU0                    CPU1
[  652.339921][T10968]        ----                    ----
[  652.345372][T10968]   lock(&ei->xattr_sem);
[  652.349709][T10968]                                lock(sb_internal);
[  652.356315][T10968]                                lock(&ei->xattr_sem);
[  652.363259][T10968]   rlock(&sbi->s_writepages_rwsem);
[  652.368549][T10968] 
[  652.368549][T10968]  *** DEADLOCK ***
[  652.368549][T10968] 
[  652.376680][T10968] 3 locks held by syz.8.1344/10968:
[  652.381878][T10968]  #0: ffff888031b8c0e0 (&type->s_umount_key#28/1){+.+.}-{4:4}, at: alloc_super+0x244/0xd20
[  652.392068][T10968]  #1: ffff888031b8c610 (sb_internal){++++}-{0:0}, at: evict+0x3c2/0xad0
[  652.400570][T10968]  #2: ffff8880651e9408 (&ei->xattr_sem){++++}-{4:4}, at: __ext4_mark_inode_dirty+0x5ad/0x840
[  652.411001][T10968] 
[  652.411001][T10968] stack backtrace:
[  652.416996][T10968] CPU: 1 UID: 0 PID: 10968 Comm: syz.8.1344 Not tainted syzkaller #0 PREEMPT(full) 
[  652.417040][T10968] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  652.417061][T10968] Call Trace:
[  652.417074][T10968]  <TASK>
[  652.417087][T10968]  dump_stack_lvl+0x100/0x190
[  652.417132][T10968]  print_circular_bug.cold+0x178/0x1c7
[  652.417187][T10968]  check_noncircular+0x146/0x160
[  652.417244][T10968]  __lock_acquire+0x14b8/0x2630
[  652.417304][T10968]  lock_acquire+0x17c/0x330
[  652.417354][T10968]  ? do_writepages+0x278/0x600
[  652.417398][T10968]  ? __pfx___might_resched+0x10/0x10
[  652.417439][T10968]  ext4_writepages+0x21d/0x790
[  652.417483][T10968]  ? do_writepages+0x278/0x600
[  652.417527][T10968]  ? __pfx_ext4_writepages+0x10/0x10
[  652.417565][T10968]  ? is_bpf_text_address+0x8a/0x1a0
[  652.417614][T10968]  ? do_writepages+0x4b5/0x600
[  652.417653][T10968]  ? do_writepages+0x4b5/0x600
[  652.417692][T10968]  ? srso_alias_return_thunk+0x5/0xfbef5
[  652.417735][T10968]  ? __pfx_ext4_writepages+0x10/0x10
[  652.417775][T10968]  do_writepages+0x278/0x600
[  652.417818][T10968]  ? __pfx_do_writepages+0x10/0x10
[  652.417858][T10968]  ? mark_held_locks+0x40/0x70
[  652.417912][T10968]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  652.417952][T10968]  __writeback_single_inode+0x164/0x13c0
[  652.417998][T10968]  ? find_held_lock+0x2b/0x80
[  652.418039][T10968]  ? srso_alias_return_thunk+0x5/0xfbef5
[  652.418080][T10968]  ? __pfx___writeback_single_inode+0x10/0x10
[  652.418126][T10968]  ? srso_alias_return_thunk+0x5/0xfbef5
[  652.418165][T10968]  ? do_raw_spin_unlock+0x145/0x1e0
[  652.418201][T10968]  ? srso_alias_return_thunk+0x5/0xfbef5
[  652.418243][T10968]  writeback_single_inode+0x4d3/0xf30
[  652.418291][T10968]  ? ext4_orphan_cleanup+0x71e/0x11e0
[  652.418335][T10968]  write_inode_now+0x174/0x1f0
[  652.418382][T10968]  ? __pfx_write_inode_now+0x10/0x10
[  652.418452][T10968]  ? srso_alias_return_thunk+0x5/0xfbef5
[  652.418491][T10968]  ? find_held_lock+0x2b/0x80
[  652.418530][T10968]  ? iput.part.0+0x80b/0x1150
[  652.418568][T10968]  ? iput.part.0+0x80b/0x1150
[  652.418606][T10968]  ? srso_alias_return_thunk+0x5/0xfbef5
[  652.418651][T10968]  iput.part.0+0x818/0x1150
[  652.418693][T10968]  iput+0x35/0x40
[  652.418729][T10968]  ext4_xattr_block_set+0x6f7/0x3660
[  652.418784][T10968]  ? srso_alias_return_thunk+0x5/0xfbef5
[  652.418826][T10968]  ? srso_alias_return_thunk+0x5/0xfbef5
[  652.418870][T10968]  ? __pfx_ext4_xattr_block_set+0x10/0x10
[  652.418931][T10968]  ? srso_alias_return_thunk+0x5/0xfbef5
[  652.418971][T10968]  ? xattr_find_entry+0x240/0x2e0
[  652.419022][T10968]  ? srso_alias_return_thunk+0x5/0xfbef5
[  652.419062][T10968]  ? ext4_xattr_block_find+0x59/0x430
[  652.419115][T10968]  ext4_expand_extra_isize_ea+0x17c6/0x1d70
[  652.419164][T10968]  ? __pfx_ext4_expand_extra_isize_ea+0x10/0x10
[  652.419203][T10968]  ? srso_alias_return_thunk+0x5/0xfbef5
[  652.419242][T10968]  ? dquot_initialize_needed+0x183/0x2a0
[  652.419285][T10968]  __ext4_expand_extra_isize+0x346/0x480
[  652.419340][T10968]  __ext4_mark_inode_dirty+0x63a/0x840
[  652.419384][T10968]  ? __pfx___ext4_mark_inode_dirty+0x10/0x10
[  652.419425][T10968]  ? srso_alias_return_thunk+0x5/0xfbef5
[  652.419467][T10968]  ? __pfx___might_resched+0x10/0x10
[  652.419508][T10968]  ? ext4_journal_check_start+0x224/0x340
[  652.419547][T10968]  ? srso_alias_return_thunk+0x5/0xfbef5
[  652.419591][T10968]  ? __ext4_journal_start_sb+0x1ce/0x5c0
[  652.419631][T10968]  ? ext4_evict_inode+0x695/0x1760
[  652.419674][T10968]  ext4_evict_inode+0x813/0x1760
[  652.419718][T10968]  ? __pfx_ext4_evict_inode+0x10/0x10
[  652.419757][T10968]  ? evict+0x37e/0xad0
[  652.419793][T10968]  ? evict+0x37e/0xad0
[  652.419828][T10968]  ? srso_alias_return_thunk+0x5/0xfbef5
[  652.419872][T10968]  ? __pfx_ext4_evict_inode+0x10/0x10
[  652.419917][T10968]  evict+0x3c2/0xad0
[  652.419956][T10968]  ? __pfx_evict+0x10/0x10
[  652.419992][T10968]  ? srso_alias_return_thunk+0x5/0xfbef5
[  652.420037][T10968]  ? iput.part.0+0x61c/0x1150
[  652.420074][T10968]  ? srso_alias_return_thunk+0x5/0xfbef5
[  652.420119][T10968]  iput.part.0+0x624/0x1150
[  652.420161][T10968]  iput+0x35/0x40
[  652.420196][T10968]  ext4_orphan_cleanup+0x71e/0x11e0
[  652.420246][T10968]  ? __pfx_ext4_orphan_cleanup+0x10/0x10
[  652.420295][T10968]  ? srso_alias_return_thunk+0x5/0xfbef5
[  652.420335][T10968]  ? ext4_register_li_request+0xef/0xa00
[  652.420386][T10968]  ext4_fill_super+0x90b8/0xb3f0
[  652.420448][T10968]  ? __pfx_ext4_fill_super+0x10/0x10
[  652.420493][T10968]  ? srso_alias_return_thunk+0x5/0xfbef5
[  652.420536][T10968]  ? srso_alias_return_thunk+0x5/0xfbef5
[  652.420576][T10968]  ? sb_set_blocksize+0x1fe/0x290
[  652.420612][T10968]  ? srso_alias_return_thunk+0x5/0xfbef5
[  652.420651][T10968]  ? setup_bdev_super+0x425/0x730
[  652.420696][T10968]  get_tree_bdev_flags+0x38c/0x620
[  652.420744][T10968]  ? __pfx_ext4_fill_super+0x10/0x10
[  652.420791][T10968]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  652.420840][T10968]  ? srso_alias_return_thunk+0x5/0xfbef5
[  652.420882][T10968]  ? srso_alias_return_thunk+0x5/0xfbef5
[  652.420933][T10968]  ? srso_alias_return_thunk+0x5/0xfbef5
[  652.420972][T10968]  ? security_capable+0x80/0x260
[  652.421013][T10968]  vfs_get_tree+0x92/0x320
[  652.421067][T10968]  ? srso_alias_return_thunk+0x5/0xfbef5
[  652.421110][T10968]  path_mount+0x7d0/0x23c0
[  652.421150][T10968]  ? __pfx_path_mount+0x10/0x10
[  652.421186][T10968]  ? kmem_cache_free+0x143/0x720
[  652.421232][T10968]  ? strncpy_from_user+0x19d/0x2d0
[  652.421276][T10968]  ? putname+0xf5/0x1a0
[  652.421312][T10968]  ? srso_alias_return_thunk+0x5/0xfbef5
[  652.421351][T10968]  ? putname+0xfa/0x1a0
[  652.421386][T10968]  ? __x64_sys_mount+0x293/0x310
[  652.421422][T10968]  ? srso_alias_return_thunk+0x5/0xfbef5
[  652.421461][T10968]  __x64_sys_mount+0x293/0x310
[  652.421498][T10968]  ? __pfx___x64_sys_mount+0x10/0x10
[  652.421536][T10968]  ? trace_irq_enable.constprop.0+0x2d/0x110
[  652.421591][T10968]  do_syscall_64+0xc9/0xf80
[  652.421633][T10968]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  652.421668][T10968] RIP: 0033:0x7feadcd9bf4a
[  652.421695][T10968] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  652.421729][T10968] RSP: 002b:00007feaddc31e58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  652.421761][T10968] RAX: ffffffffffffffda RBX: 00007feaddc31ee0 RCX: 00007feadcd9bf4a
[  652.421784][T10968] RDX: 0000200000000080 RSI: 00002000000001c0 RDI: 00007feaddc31ea0
[  652.421805][T10968] RBP: 0000200000000080 R08: 00007feaddc31ee0 R09: 0000000000800700
[  652.421827][T10968] R10: 0000000000800700 R11: 0000000000000246 R12: 00002000000001c0
[  652.421848][T10968] R13: 00007feaddc31ea0 R14: 000000000000046f R15: 00002000000007c0
[  652.421882][T10968]  </TASK>
[  653.071828][ T6093] usb 6-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  653.119607][T10968] EXT4-fs error (device loop8): ext4_xattr_inode_iget:441: inode #11: comm syz.8.1344: iget: bad extra_isize 90 (inode size 256)
[  653.147995][T10968] EXT4-fs error (device loop8): ext4_xattr_inode_iget:444: comm syz.8.1344: error while reading EA inode 11 err=-117
[  653.163911][T10968] EXT4-fs error (device loop8): ext4_xattr_inode_iget:441: inode #11: comm syz.8.1344: iget: bad extra_isize 90 (inode size 256)
[  653.178293][T10968] EXT4-fs error (device loop8): ext4_xattr_inode_iget:444: comm syz.8.1344: error while reading EA inode 11 err=-117
[  653.199834][ T6093] usb 6-1: USB disconnect, device number 13
[  653.207497][T10968] EXT4-fs error (device loop8): ext4_xattr_inode_iget:441: inode #18: comm syz.8.1344: iget: bad extra_isize 90 (inode size 256)
[  653.313210][T10968] EXT4-fs error (device loop8): ext4_xattr_inode_iget:444: comm syz.8.1344: error while reading EA inode 18 err=-117
[  653.318987][ T6093] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  653.335950][ T6093] ftdi_sio 6-1:0.0: device disconnected
[  653.399245][T10968] EXT4-fs error (device loop8): ext4_xattr_inode_iget:441: inode #18: comm syz.8.1344: iget: bad extra_isize 90 (inode size 256)
[  653.421245][T10968] EXT4-fs error (device loop8): ext4_xattr_inode_iget:444: comm syz.8.1344: error while reading EA inode 18 err=-117
[  653.435805][T10968] EXT4-fs (loop8): 1 orphan inode deleted
[  653.450654][T10968] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  653.492931][T10968] EXT4-fs error (device loop8): ext4_nfs_get_inode:1542: inode #11: comm syz.8.1344: iget: bad extra_isize 90 (inode size 256)
[  653.548392][ T8665] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  653.765281][ T6090] team0 (unregistering): Port device team_slave_1 removed
[  653.797129][ T6090] team0 (unregistering): Port device team_slave_0 removed
[  654.175669][T10955] batadv_slave_1: entered promiscuous mode
[  654.182255][T10958] batadv_slave_1: left promiscuous mode
[  654.438061][T10692] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  654.449090][T10692] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  654.461054][T10692] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  654.471767][T10692] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  654.574896][T10692] 8021q: adding VLAN 0 to HW filter on device bond0
[  654.597222][T10692] 8021q: adding VLAN 0 to HW filter on device team0
[  654.609156][ T9397] bridge0: port 1(bridge_slave_0) entered blocking state
[  654.616330][ T9397] bridge0: port 1(bridge_slave_0) entered forwarding state
[  654.637769][ T9397] bridge0: port 2(bridge_slave_1) entered blocking state
[  654.644948][ T9397] bridge0: port 2(bridge_slave_1) entered forwarding state
[  654.857744][T10692] 8021q: adding VLAN 0 to HW filter on device batadv0
[  654.906677][T10692] veth0_vlan: entered promiscuous mode
[  654.918592][T10692] veth1_vlan: entered promiscuous mode
[  654.951177][T10692] veth0_macvtap: entered promiscuous mode
[  654.960836][T10692] veth1_macvtap: entered promiscuous mode
[  654.979306][T10692] batman_adv: batadv0: Interface activated: batadv_slave_0
[  654.994234][T10692] batman_adv: batadv0: Interface activated: batadv_slave_1
[  655.011339][ T6835] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  655.034983][ T6835] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  655.053284][ T6835] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  655.071000][ T6835] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  655.089101][T10692] ieee80211 phy25: Selected rate control algorithm 'minstrel_ht'
[  655.122877][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  655.128633][T10692] ieee80211 phy26: Selected rate control algorithm 'minstrel_ht'
[  655.144884][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  655.174368][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  655.189441][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50