last executing test programs:

2.285834533s ago: executing program 1 (id=59):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="12000000d00000000800000002"], 0x50)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000900)={r0, &(0x7f00000007c0), 0x0}, 0x20)

2.232135408s ago: executing program 1 (id=63):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$PPPIOCGFLAGS(r0, 0x8004745a, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
lsm_set_self_attr(0x0, 0x0, 0x65, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000a00)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000008500000070000000954fee905307caa581c1fa7f7af91390953a7b3d3bfe00976fed35d8a3f17b8e98e9fe9e145096c310e712acd098da13a3295212af717cdc652e367767330acbce4410c11087fe99f2785006aeffb4ad2fa97322d0f48262dda5d6082176c287"], &(0x7f0000000400)='GPL\x00', 0x100000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000040)='kfree\x00', r4}, 0x18)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nfc(&(0x7f0000000000), r5)
sendmsg$NFC_CMD_DEP_LINK_UP(r5, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000700)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0x26040041}, 0x40)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x3c}}, 0x0)
r6 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f00000007c0)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa1f54f0e23e331ee7d695994699600000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES8=r6, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000780)={0x0, &(0x7f00000000c0)})
bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sigaltstack(0x0, 0x0)
write$P9_RXATTRCREATE(r6, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mount(&(0x7f0000000100), &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x9d, &(0x7f0000000300)='trans=rdma,')
getpid()
r7 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RELOAD(r7, 0x0, 0x30)

2.136108588s ago: executing program 1 (id=67):
socket$netlink(0x10, 0x3, 0x0)
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, 0x0, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f00000001c0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000240)={'ip_vti0\x00', 0x0})
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r1, &(0x7f0000000000)={&(0x7f0000000080)=@rxrpc=@in4={0x21, 0x3, 0x2, 0x10, {0x2, 0x4e22, @empty}}, 0x80, &(0x7f0000000140)=[{&(0x7f0000000ac0)="ee", 0xfffffe5e}], 0x1, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000000040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b57000000860f5878c37ffe36e1165814d435be5b317c6c8189587d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988ab013f40afe403041323110f62055394412158e7a3adb148d641aa40d4ab077fe34232aa8b31851466d0998a61d7da0c86d70000001010"], 0x10b8}, 0x8000)

2.13048212s ago: executing program 1 (id=69):
r0 = socket(0x10, 0x3, 0x9)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kmem_cache_free\x00', r2, 0x0, 0x200000000000006}, 0x18)
sendmsg$NFT_BATCH(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000005304"], 0x28}, 0x1, 0x0, 0x0, 0x64049}, 0x40000)

2.087747553s ago: executing program 1 (id=70):
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x1b, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb702000008"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3c010000190001000000000000000000e0000001000000000000000000000000fe8000000000000000000000000000aa4e220000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000104000000000000feffffffffffffff030000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000008400050020010000000000000000000000000000000000002b00"], 0x13c}}, 0x20040880)

2.004152286s ago: executing program 1 (id=71):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000400000000dfffff1918120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r1}, 0x61)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000080)=0xf)
ioctl$TCFLSH(r2, 0x400455c8, 0x0)

1.584136219s ago: executing program 0 (id=95):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000000100)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x90)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000040900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7902009875f37538e486dd6317ce62667f2c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa88"], 0xfdef)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fed007907001175f37538e486dd6317ce2200"], 0xcfa4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

1.457796327s ago: executing program 0 (id=96):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="070000000400000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x21, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r1}, 0x18)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000016c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x840e, &(0x7f0000001080)={[{@init_itable_val}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@jqfmt_vfsold}, {@bsdgroups}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000e00)='./file0\x00', 0x9001)
renameat2(r2, &(0x7f0000000140)='./file0\x00', r2, &(0x7f0000000040)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x4)

1.286013798s ago: executing program 0 (id=97):
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x21c0, 0x103)
renameat2(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000480)='./file7\x00', 0x5)
socket$netlink(0x10, 0x3, 0xf)
r0 = socket$netlink(0x10, 0x3, 0xf)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000100)='./file1\x00', 0x800000, &(0x7f0000000440)={[{@iocharset={'iocharset', 0x3d, 'maccenteuro'}}, {@shortname_winnt}]}, 0x1, 0x34c, &(0x7f0000001740)="$eJzs3T9oJGUUAPC3mU12EziTQji0Wu0EOS4RC21MOE44TKEni/8aFy7nn+wqZHEhFtlLo1gqNoJWdldoebVYiNhZ2HqCnIqN1x3c4cjuTHY3mcn9EbOn3u9XhJf3fW++byZDdhKSt6+uxua52Th/9eqVqNcrUV09tRrXKrEUM5FE5kIAAP8n19I0/kgzw8RTN5v90ULMZtHcVHYHAByF4ev/a8fGidrd3A0AMA2Fn//LPVuaffvItgUAHKHC6//D+4YP/Jq/OvqbAADgv+v5l15+Zm094myjUY/ovN9r9prx5Hh87Xy8Ee3YiJOxGDcisgeF7Glh8PHpM+unTzYGflmK5qCi14zo9HvN7ElhLRnW12I5FmMpr09H9cmgfnlY34iIC/3h+tGp9JqzsZCv/+NCbMRKLMb9hfqIM+unVxr5AZqdvfp+xG7U905isP8TsRjfzww/OReD2uxYg8zOcqNxKl3fV9+7WBvOAwAAAAAAAAAAAAAAAAAAAACAo3BiPvLuOY2lUf+btNPvvXc2n9Aojg/7+2TDeX+g3aw/UFrb687zQXKwP9D+/jy9ZjVm7uqZAwAAAAAAAAAAAAAAAAAAwL9Hd3suWu32xlZ3+93NcTDX7k9k3vr2i6/n4+CcN5NxJqrZ4fbNyXMxUZXEqDwdlafJvjl5kETkkyvRunhptOPJObXRWRTKB0GtMFTJ99Rqt4899POnZVV/jjNJjIbqpUtU8vUnhjr3Zamy/dw8qHS3V24x53KapoeV73xSrIp6RLXwhfsngm+uvP7AY93jj3cr1c3WV3nTh0ceXXzh8sef/7bZakd+adrtua3ujfRvr5VM3D+V/DpXSu6E8mB3nNnd6m63kh9+f/HBD787MDkpv3/Sycw7h6/15cHMXBYMtnk7ZzpbcvOXB69cH929d34xj3+22rq089OvexfzVlUT3yQ06gAAAAAAAAAAAAAAAAAAgKmY+F/xO/DEc0e3IwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYvvH7/08Eu4XM7QTX+1Ecqm1sdQ9dfH6qpwoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwD3srwAAAP//JT9zjQ==")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={0xffffffffffffffff, 0x0, &(0x7f00000005c0)=""/155}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sync()
bind$netlink(r0, &(0x7f0000000a40)={0x10, 0x0, 0x25dfdbfb, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
pipe2$9p(&(0x7f00000005c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x800)
mount$9p_fd(0x0, &(0x7f0000002500)='./file7\x00', &(0x7f0000002540), 0x2, &(0x7f0000000200)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB])

977.030302ms ago: executing program 0 (id=101):
unshare(0x20000600)
r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x2, 0x40)
ioctl$MON_IOCG_STATS(r0, 0x80089203, 0x0)

903.877393ms ago: executing program 0 (id=104):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000400)='kfree\x00', r0}, 0x18)
r1 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000f80)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10)

852.016359ms ago: executing program 0 (id=107):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000180)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x38e38e38e38e4ed, [{{0x9, 0x2, 0x48}}]}}, 0x0)
syz_usb_disconnect(r0)
r1 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r1, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
sendmsg$rds(r1, &(0x7f0000000300)={&(0x7f0000000040)={0x2, 0x4e24, @local}, 0x10, 0x0, 0x0, &(0x7f0000000280)=[@fadd={0x58, 0x114, 0x6, {{0x0, 0x6}, &(0x7f0000000200)=0x7fffffff, 0x0, 0x10000, 0x7, 0x8, 0xcebc, 0x11, 0x9}}], 0x58, 0x40845}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$TUNGETVNETBE(0xffffffffffffffff, 0x800454df, &(0x7f0000000080)=0x1)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000500)='./bus\x00', 0x1000c40, &(0x7f00000002c0), 0x5, 0x51c, &(0x7f0000000700)="$eJzs3cFvI1cZAPBvZjebNE2bFCoVENClFBa0WjvxtlHVU7mAUFUJUXHikIbEG0Vx4ih2ShNWavI/IFGJA4ITZyQQHCr1xBHBDW69lANSgRWoQeJgNONx1t3YG3c3awv795NGM29mMt97Y8178RfHL4CJdTUijiLiSkS8ERHzxf6kWOKV9pKd99Gd22snd26vJdFqvf6PJD+e7Yuun8k8XlxzJiK++62IHyRn4zYODrdWa7XqXlEuN7d3y42Dwxub26sb1Y3qTqWyvLS8+NLNFysDtWNmgHOe3f7Vh9/cfPV77/7uCx/86ejrP8qqNVcc627HRWo3feo0TuZyRLz6KIKNwKWiPVdGXREeSBoRn4qI5/Lnfz4u5a/mYHo81gDA/4FWaz5a891lAGDcpXkOLElLRS5gLtK0VGrn8J6O2bRWbzSv36rv76y3c2ULMZXe2qxVF4tc4UJMJVl56e1s+265Eh8v34yIpyLix9OP5eXS2uB5BgDgYj1+z/j/7+n2+A8AjLmeH57pfn++Mry6AADDMciHZwGA8WL8B4DJc3f8nx1pPQCA4fH+HwAmj/EfACbN+53x/9KoawIADMV3XnstW1onxfdfr795sL9Vf/PGerWxVdreXyut1fd2Sxv1+katWlqrb593vVq9vrv0Quy/VW5WG81y4+BwZbu+v9Ncyb/Xe6U6NZRWAQD389Sz7/0liYijlx/Ll+iay8FYDeMtHXUFgJGR84fJ5Vu4YXJ5jw+T69fFf/yeN5dn348Iv/MAQVtvP8APARft2mfl/2FSyf/D5JL/h8kl/w+Tq9VK+s35n56eAgCMlU+Y4/cnARhDQ/37PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIyJuXxZ6CqnaakU8URELMRUcmuzVl2MiCcj4s/TU9NZeWmkNQYAHl76t6SY/+va/PNz9x69kvxnOl9HxA9/+vpP3lptNveWsv3/PN3ffKfYXxlF/QGA83TG6c443vHRndtrnWWY9fnwG+3JRbO4J8XSPnI5LmerP87kkw7P/itplwvZ7yuXLiD+0XFEfKZX+5M8N7JQzHx6b/ws9hNDjZ9+LH6aH2uvs3vx6TNXnu4b87y5XmFSvJf1P6/0ev7SuJqvZ3pOfjyT91APr9P/nZzp/zrP+0ze1/Tq/64OGuOF33+777HjiM9d7hU/OY2f9In//IDx3//8F5/rd6z184hr0Tt+d6xyc3u33Dg4vJHd+OpGdadSWV5aXnzp5ouVcp6jLncy1d3aI8TfX77+ZN/2//K3RUd5Nv7MOe3/yn1b3TrtgH/x3ze+/6V+8Y8jvvbl3q//0/eJn42JXy22+/f0bauzv+k7fXcWf719/48/6et//Zy4HR/89XB9wFMBgCFoHBxurdZq1b0L3ZiKC75g10byiOpsYwQbMcRY2a/JD3udZ4qU2Wrn+ek+5w8/e/eZbN/I7+qFbIyuTwKG4+5DP+qaAAAAAAAAAAAAAAAA/TzyfydKR91CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAxtn/AgAA//8LKMVX")
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000002c0)={[{@acl}, {@nomblk_io_submit}, {@inlinecrypt}, {@i_version}, {@data_err_ignore}, {@max_batch_time={'max_batch_time', 0x3d, 0x3ff}}, {@data_err_ignore}, {@grpquota}, {@noblock_validity}, {@user_xattr}, {@resuid}, {@quota}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r5 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x441, 0x0)
ioctl$FS_IOC_FIEMAP(r5, 0xc020660b, 0x0)
ioctl$FS_IOC_GETFSMAP(r4, 0xc0c0583b, &(0x7f0000000d40)=ANY=[@ANYBLOB])
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00'}, 0x10)
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)

851.228924ms ago: executing program 2 (id=109):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000380)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000280)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='GPL\x00', 0x6, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000012c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_DEAUTHENTICATE(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)={0x1c, r3, 0xfc5, 0x70bd29, 0x4000, {{0x11}, {@val={0x8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x0)

800.120032ms ago: executing program 2 (id=111):
r0 = memfd_create(&(0x7f0000000bc0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85Q\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~Mx\x02\x00(v\xe6`\x026\xfcgC\xb5\xf0\x13.zb\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{\'\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x80\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af\v\xbcv\x83\xf3j\xaf\xd0F91 ^x\x85\x80[\xa3B\n#!\xc2R\xdd\xf4)\xba\x1e\xfb6U\xabc\xda\x9a)\xc3\x9a\x06\xc5\xccP)\xdf.\xa7-\x84\xdf8\xbf\xfc1^}B\xee\xccR/z\x1e\xe8\x1e\x99\x99\n\xf4u\xd4\xbd^L\xb2j\xda\xff\x1d\x10\xc8\xad\xbd_OI\xb1\xe8y\x003\a\x06\x92\x8e\n\x8b\xf3\xd4G\x85\xbd\x1a\x81+3\x99jq\xd1\xacK^\xef\xb6!8\xcd?\x1e\\\x16W2\xbd4$zn\xa9\x7f\x9dE\xaf\x0f\xdb\xe0\xfa\x10\xc3\xb2\xf8\x80\x8c\xec$\xda\xc0\x94y1\t\xc5`\xda\xca\xd1\xab:\x18\x10\x9b\xd0w', 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
write$binfmt_misc(r0, &(0x7f0000000180)="e502", 0x2)
syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000800)='./file0\x00', 0x0, &(0x7f0000001140)=ANY=[@ANYBLOB="757466382c626c6f636b3d307830303030303030303030303030323030006e6f726f636b2c63727566742c6d61703d6f66662c646d6f64653d3078303430303030303030303030303063664173657373696f6e3d3078303030303030303030303030303033382c756e686964652c756e686964652c6769643d29e0cd5c372ab078c28fb05c6421428d066455368833565fd726743513f4466efa8d4fba06d57341875f5775ab343c0f6bc59fbde784ec3597e0e286d8d0dbf360afa3bc5c145b6e4f8b0305932fb55ff13f9fcb5035769f5fca33ac02bdeacb24c58103edc3d8b46df7614aa493952584ee662174309b11a4ad19e64dcdeeca1c148170b8d1aaf26082364b0d90d63d8502ffa63dde945e4612ac134315f389af667a04931ad25ff10b9b5107e517dbbcf5dcb60f564f54b344218d9325b53e829c38c96c69adc9e745202923a1b8124333cce0a8f1c748d42a272eb3e5502051090f1ac34fe5e8f038", @ANYRES8, @ANYRESHEX], 0x2, 0x699, &(0x7f0000000140)="$eJzs3V9rG9n9x/HPyLIte3+E5dcSQsifk6QLDk2VkbxxMCl01dHInlbSiBm52FBY0o29hMjZNkmh8c3WN/0D2yfQu970og+i0Ot9Fr0pLSztXaE3KnNmJEvRv3ijOLvN+2V2NTrznTnfmaPoy9iaIwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADle1XVLjupBc2fXTOZVo7AxZX26t0XdTBduzuxXcpL/VCjoQtp04Zsnq88n/7uuS+mzSyokDwUdvXP+3XvfyOd6209J6MvQaXf49PnRo/udzv6Tl4hd0Kl3/yYp11taycZkTNCW3wziMGhUtnwTxKHZ3Nhwb2/XYlML6n68F7f9hvEiP9cOI7Pm3TSlzc114xf3wp3mVrVS93uNd79Tdt0N84PldKAlFWNvO6jXg+aWjUlWJzF3zWc/TgP8SsOYg4ed/fVZR5IElV4mqDwrqOyWy6VSuVzauLN5567r5kca3ITj9mkkYu4vWnzNzOeNG5iDXFL//+pIdRXU1I52Zcb+eKoqUqjGhPWZXv1/77Y/td/B+t+r8hek72WrL8rW/yvpsyuT6v+EXIyM3WDcGmdC++l+Fm1GRk/1XEd6pPvqqKN9PZnDvo3M1bns5Qx+tuSrqUCxQgVqqGJbTNZitKkNbcjVh9pWTbGMagpUl69Ye4rVlm9fUZ4i+aqorVCRjNbk6aaMStrUptZl5KuoPYXaUVNbqqqif3e73QM9tOd9fUqO6gWVJgQsDwaVp+xpUv3/yafp6zSr/y71/22Vvg6W04fPp8UAXwHd7Pp/UG72ZldfX0YAAAAAAGDeHPvbd8f+7f6ypK5qQd1333RaAAAAAABgjhx1l3VJTnL9L+myHK7/AQAAAAD4X+PYe+wcSav2Q/3OyZ1QL/NLgIUzSBEAAAAAALwie+f/lSWpayetuCrnVNf/AAAAAADga+A3A3Ps53tz7HZ7f9bPSYpby86f/7msaNE5bu1+yzmsJGsqh1nMyCcA2rWLzrlsol77sCTJPvP8S07WWzYJZn/ewS8OZs3170QvJLC0MLiDCQk4Sc8b+eyZPtO1dJNr2TzzD45ysmvSXlZrQd0vemH9XkmVyrlc299t//zxw19IUf84Dx529osffdJ5YHM5TpqOD5OdfjqUTm78yTjJ5Zmdb8HeczHuiFdU63X522Zj1bH9ur3jX1DlMDfY0bQBOOnzV7qejtn11TR29ag/435y/IXk+EtFO2RDRx8tOidZlF488nEDMSGLgs3iRhpzY+2Gyn9Ll/ujkHMK316QysXRMRjKojyYxexz4fxr5FwMZGEfemsGzsV6ksVfkh1NyGL9dFmMjAgAvCkHuiz7LnRZdhLzfhUqZHW3Vx56b2pfqu7Mru4fDFf3Z7/vdu0GC1I++9vE1F4KSt7R1xxbh5bSQ8pfHPOO7mZ1paAJ7+juK1S3pK8/nXwHUpb2SBb/6Xa790q239+9UFX/MNTdSL9xvbyQnMLbzw5/aifAT3y8//H+43J5fcN933XvlLVoDyN7WBC1BwAwYvZ37MyMcN7XtTTi2oN/vJcuDVW8/+9/pKCoj/SJOnqgW72vELg6fq+rAx9DuJVetWrgqtWcf/ee/V664diSbk28qrO1dCC23I9dVG+T4Up9Erv+mkcBAICzdX1GHR5f/wtD9f+W1tKItYtjr7uHa3l2ddy/pJ8UW5qd/AfzPhsAALwd/OgLZ7X9ayeKgtaHpc3NUqW97Zso9H5ooqC65Zug2fYjb7vS3PJNKwrboRfWTSvSclD1YxPvtFph1Da1MDKtMA527Te/m+yr32O/UWm2Ay9u1f1K7BsvbLYrXttUg9gzrZ3v14N424/sxnHL94Ja4FXaQdg0cbgTeX7RmNj3BwKDqt9sB7UgWWyaVhQ0KtGe+VFY32n4purHXhS02mG6w15fQbMWRg2722K+O+7zAgAAvHWePj96dL/T2X/y4sJKcmmethxrQszowpKePk+uypOWfLaKOYIAAPiKOSngp9io8BoTAgAAAAAAAAAAAAAAAAAAAAAAI2bf0nfKhcVxNwtK/Zafncta9Eud3GI4sh9H807sNAu5027VuyXi6NHnU4JX+i290z8Yc3xmB/j3/5PesS1KW/Lz72tlyuC+joXvHqRndGJMsnLsquX+WOTn/88hWXj8xwmrut1ud/rmy8PncGnaAQ4v5CU9WXqFITj79yIAZ+u/AQAA//9b5DOa")
execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

761.228549ms ago: executing program 2 (id=112):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000640)=[{0x200000000006, 0x1, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r0}, &(0x7f0000000800), &(0x7f0000000840)=r1}, 0x20)
shmat(0xffffffffffffffff, &(0x7f0000ffa000/0x4000)=nil, 0x0)

759.595228ms ago: executing program 3 (id=113):
r0 = socket$key(0xf, 0x3, 0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x4, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000100)=ANY=[@ANYBLOB="020300030f0000002cbd7000fbdbdf2503000900800000001cdc0dca1d9f68846960e56de42944af03000600000000000200010000000000000000000000000002000100000000000000070c01000000030005000000000002004e21ac1e010100000000000000000200130003"], 0x78}, 0x1, 0x7}, 0x0)

719.193346ms ago: executing program 2 (id=114):
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f00000001c0), 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
openat$ptmx(0xffffffffffffff9c, 0x0, 0x41, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4)
syz_io_uring_submit(0x0, 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x47fa, 0x0, 0x0, 0x0, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000300), &(0x7f00000002c0)}, 0x20)
bpf$TOKEN_CREATE(0x24, &(0x7f00000008c0), 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000001f00)={0x18, 0xd, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000018110000", @ANYRES32=r0, @ANYRES8=r2], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000100)=ANY=[@ANYBLOB="020300030f0000002cbd7000fbdbdf2503000900800000001cdc0dca1d9f68846960e56de42944af03000600000000000200010000000000000000000000000002000100000000000000070c01000000030005000000000002004e21ac1e010100000000000000000200130003"], 0x78}, 0x1, 0x7}, 0x0)

600.022594ms ago: executing program 3 (id=116):
r0 = epoll_create1(0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000300)='/sys/power/wakeup_count', 0x80800, 0x8)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f00000000c0)={0xe000001a})
read$char_usb(r1, &(0x7f0000001980)=""/179, 0xb3)
epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000000))
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0xe, 0x8, &(0x7f00000000c0)=ANY=[], &(0x7f0000000800)='GPL\x00', 0x1, 0xffffffffffffff1a, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$caif_stream(0x25, 0x1, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={0x0}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, 0x0, 0x4c080)
capget(0x0, 0x0)
socket(0x10, 0x80003, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000280)='./bus\x00', 0x4000, &(0x7f0000000500)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000", @ANYRES64, @ANYRES32, @ANYRESHEX, @ANYRESDEC], 0x1, 0x2cb, &(0x7f0000000ac0)="$eJzs3U9LW1kYx/GfJmNiHE0Ww8AMDHOY2cxsgpN5ATNhUBgmMMUaabsoXOtNG3KbyL3BEik1m9JtX4d02V2h7RtwU7rpvjspFLpxUXqL9yaaaJLGkD9avx+Q8yTPeXKO5ihPLiTuX3t8t1Tw0gWrqum40bRU14GUOowaphrjdBDPqFVdv899ePPT1es3/svmcksrxixnV//MGGMWfn5+7/6TX15W59aeLjyLaS91c/995u3ezN4P+59W7xQ9U/RMuVI1llmvVKrWumObjaJXShtzxbEtzzbFsme7bfmCU9ncrBmrvDGf2HRtzzNWuWZKds1UK6bq1ox12yqWTTqdNvMJXW7RPubkd1dWrGzXtB8Z6o4wcrOd7nTdbL1zMr87hj0BAIBzpnf/H/b63fv/3Fo4nqX///7L/b9E/z8i9bZbXfr/b8e4IYyc62atROP3tx39PwAAAAAAAAAAAAAAAAAAAAAAF8GB7yd9308ejo27gtsxSXFJfiN/VNDP28pxYbQ+/37LV9fnP/TXhLaLIWt5415cch5t5bfy4RjmswUV5cjWopL6GJyHhjBe/je3tGgCKb1wdhr1O1v5iGLN+qZUp/qpqBQ+QHv9N0q0rp9RUt91Xj9jOtXP6LdfW+rTSurVLVXkaCM418f1D/4w5p//cyfqZ4N5AAAAAAB8DdLmyKnX70E+mBDX6XxY33J9wPf9nV7XB068vo7qR64lAgAAAAAwFl5tu2Q5ju0OEMQkDVYuDbxor8D3paE+4EBBRJNcvVvwt6RzsI1xBXE1z5gZpPydznRE/T7mRCVN/MdyhmDSf5kAAAAADJtX2z7+Bz/9ev1wRLsBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBy6vfzwJrzT6WaiZ6f9nckMvZvEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADhHPgcAAP//ps0YVA==")

599.733246ms ago: executing program 2 (id=117):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETOFFLOAD(r0, 0x400454c9, 0xba98575a95aeb70d)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r2)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140))
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
write$cgroup_devices(r1, &(0x7f0000000840)=ANY=[@ANYBLOB="1e0308004d6b71ef288563"], 0xffdd)

545.291369ms ago: executing program 4 (id=119):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000008500000072000000850000000f00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='sys_enter\x00', r0}, 0x18)
setgroups(0x0, 0x0)

513.035319ms ago: executing program 4 (id=120):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="12000000d00000000800000002"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r0}, &(0x7f0000000040), &(0x7f0000001d40)}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000900)={r0, &(0x7f00000007c0), 0x0}, 0x20)

512.113121ms ago: executing program 4 (id=121):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$tmpfs(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x84022, &(0x7f0000000240)={[{@size={'size', 0x3d, [0x34]}}]})

482.737789ms ago: executing program 4 (id=122):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000cc0)=@delchain={0xa0, 0x65, 0x20, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2, 0x2}, {0x0, 0xe}, {0x0, 0xb}}, [@filter_kind_options=@f_flow={{0x9}, {0x70, 0x2, [@TCA_FLOW_MODE={0x8, 0x2, 0x8065738cbab9bcb1}, @TCA_FLOW_EMATCHES={0x4c, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x30, 0x2, 0x0, 0x1, [@TCF_EM_NBYTE={0x10, 0x3, 0x0, 0x0, {{0x7, 0x2, 0x3}, {0x4, 0x0, 0x6}}}, @TCF_EM_U32={0x1c, 0x1, 0x0, 0x0, {{0x1, 0x3, 0x81}, {0x10, 0xe, 0x6, 0xd4c}}}]}, @TCA_EMATCH_TREE_LIST={0x10, 0x2, 0x0, 0x1, [@TCF_EM_CONTAINER={0xc, 0x3, 0x0, 0x0, {{0x3, 0x0, 0x7}}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x40}}]}, @TCA_FLOW_XOR={0x8, 0x7, 0xffffff7b}, @TCA_FLOW_DIVISOR={0x8, 0x8, 0x7fff}, @TCA_FLOW_MODE={0x8, 0x2, 0x1}]}}]}, 0xa0}, 0x1, 0x0, 0x0, 0x80}, 0x20000080)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x1e2}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000880)=""/199, 0xffffffffffffff2f, 0xa1}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400})

367.664848ms ago: executing program 3 (id=123):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0xfffffffe}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$inet6(0xa, 0x2, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

367.517336ms ago: executing program 3 (id=124):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000008c0)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='workqueue_queue_work\x00', r0, 0x0, 0x1}, 0x18)
syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x82)

367.3611ms ago: executing program 3 (id=125):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x4efa609b8395cb6f, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000500)=[{0x0}, {0xffffffffffffffff}, {0xffffffffffffffff}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9, 0x0, 0x0, 0x0)

350.936728ms ago: executing program 3 (id=126):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0x0, 0x0, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r3, &(0x7f0000000080), &(0x7f0000000300)=""/180}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={0x14, 0x1, 0x1, 0x201, 0x0, 0x0, {0x2, 0x0, 0x8}}, 0x14}, 0x1, 0x0, 0x0, 0x40094}, 0x20000804)

60.596804ms ago: executing program 4 (id=127):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000004180)=ANY=[@ANYBLOB="020000000400000007000000020000000010"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
r2 = syz_open_procfs(0x0, &(0x7f0000000480)='task\x00')
fchdir(r2)

304.462µs ago: executing program 4 (id=128):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='sys_enter\x00', r1}, 0x10)
setfsgid(0xffffffffffffffff)

0s ago: executing program 2 (id=129):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000580)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f00000007c0)={[{@nodioread_nolock}, {@journal_dev={'journal_dev', 0x3d, 0xff}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5a}}, {@nouid32}, {@resgid}, {@acl}, {@init_itable_val={'init_itable', 0x3d, 0x3}}]}, 0x1, 0x46f, &(0x7f0000000bc0)="$eJzs281rHOUfAPDvTF7a/vqS/Gp9aa0aLUJQTJq0ag9eFAWRioIe6jEm2xK6baSJYmuxqYgnQQp6Fo+if4E3EUQ9CV49eZJC0V7aeorM7Ey62WYTazaZ2P18YLPPM/PszvebeXv2eXYD6FpD2Z8kYkdE/BoRA43q0gZDjafrV89P3rh6fjKJhYXX/kjydteunp8sm5av215UhtOI9MOk2MhSs2fPnZyo12tnivro3Km3RmfPnnvinVMTJ2onaqfHjxw5fGjs6afGn+xInlle1/a9P7N/74tvXHp58tilN3/8Oot3R7G+OY9OGcoS/3Mh17ru0U5vrGI7m8pJb4WBcFt6IiLbXX35+T8QPXFz5w3ECx9UGhywrrJ705b2q+cXgDtYElVHAFSjvNFnn3/LxwZ1PTaFK882PgBleV8vHo01vZEWbfpaPt920lBEHJv/6/PsEes0DgEA0Ozjyc+O9kfEeze+einrewwsrknjnvz5t/zvrmIOZTAi/h8RuyPirojYExF3R+Rt742I+9YYz639n/TyGt9yRVn/75libmtp/6/s/cVgT1HbmefflxyfrtcOFv+T4ejbktXHVtjGt8//8km7dc39v+yRbb/sCxZxXO5tGaCbmpibyDulHXDlYsS+3uXyTxZnApKI2BsR+27vrXeVhenHvtzfrtHq+a+gA/NMC19k6c1n+c9HS/6lpHl+cvqW+cnRrVGvHRwtj4pb/fTzR6+22/6a8u+AK7XGc9P+b20ymDTP1852dvv/8vhP+5PX83nm/mLZuxNzc2fGIvqTo3l9yfLxm68t62X77PgfPrD8+b+7eE2W//0RkR3ED0TEgxHxUBH7wxHxSEQcWCHHH55bPf9IK9r/FyOmlr3+LR7/Lfv/9gs9J7//pt32/9n+P5yXhosl+fVvFcuFk10uWgNcy/8OAAAA/ivS/DvwSTqyWE7TkZHGd/j3xP/S+szs3OPHZ94+PdX4rvxg9KXlSNdAMR5an67XxpL54h0b46PjxVhxOV56qBg3/rRnW14fmZypT1WcO3S77W3O/8zvPVVHB6yzbcsuHe/f8ECACrTOo6dLqxdeCRcDuFP5vTZ0r1XO/3Sj4gA2nvs/dK/lzv8LLXVzAXBncv+H7uX8hy6Vfld1BECF3P+hK63ld/3rWNi6OcKoprBZd0peiCgL6aaIR2GdClVfmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADrj7wAAAP//KFzmgQ==")

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.1.32' (ED25519) to the list of known hosts.
[   30.553864][ T6531] cgroup: Unknown subsys name 'net'
[   30.652835][ T6531] cgroup: Unknown subsys name 'cpuset'
[   30.654744][ T6531] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   30.811744][ T6531] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k SS
[   31.923009][ T6546] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   31.923288][ T6546] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   31.923545][ T6546] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   31.923721][ T6546] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   31.924022][ T6546] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   31.924244][ T6546] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   31.932094][ T6135] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   31.935131][ T6135] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   31.936786][ T6135] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   31.938560][ T6135] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   31.951925][ T6544] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   31.953610][ T6544] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   31.955222][ T6544] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   31.960734][ T6551] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   31.960931][ T6551] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   31.964079][ T6546] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   31.965503][ T6546] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   31.967022][ T6551] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   31.970599][   T52] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   31.972631][   T52] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   31.973094][   T52] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   31.977062][   T52] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   31.977752][   T52] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   31.978103][   T52] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   31.978300][   T52] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   32.117032][ T6541] chnl_net:caif_netlink_parms(): no params data found
[   32.127001][ T6545] chnl_net:caif_netlink_parms(): no params data found
[   32.157438][ T6550] chnl_net:caif_netlink_parms(): no params data found
[   32.182341][ T6545] bridge0: port 1(bridge_slave_0) entered blocking state
[   32.183864][ T6545] bridge0: port 1(bridge_slave_0) entered disabled state
[   32.185232][ T6545] bridge_slave_0: entered allmulticast mode
[   32.186724][ T6545] bridge_slave_0: entered promiscuous mode
[   32.207539][ T6545] bridge0: port 2(bridge_slave_1) entered blocking state
[   32.208742][ T6545] bridge0: port 2(bridge_slave_1) entered disabled state
[   32.209913][ T6545] bridge_slave_1: entered allmulticast mode
[   32.210361][ T6545] bridge_slave_1: entered promiscuous mode
[   32.220614][ T6541] bridge0: port 1(bridge_slave_0) entered blocking state
[   32.220665][ T6541] bridge0: port 1(bridge_slave_0) entered disabled state
[   32.220720][ T6541] bridge_slave_0: entered allmulticast mode
[   32.221311][ T6541] bridge_slave_0: entered promiscuous mode
[   32.222908][ T6541] bridge0: port 2(bridge_slave_1) entered blocking state
[   32.222924][ T6541] bridge0: port 2(bridge_slave_1) entered disabled state
[   32.222982][ T6541] bridge_slave_1: entered allmulticast mode
[   32.223430][ T6541] bridge_slave_1: entered promiscuous mode
[   32.230265][ T6548] chnl_net:caif_netlink_parms(): no params data found
[   32.234055][ T6545] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   32.246863][ T6541] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   32.248154][ T6549] chnl_net:caif_netlink_parms(): no params data found
[   32.254195][ T6545] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   32.264320][ T6541] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   32.274839][ T6550] bridge0: port 1(bridge_slave_0) entered blocking state
[   32.276104][ T6550] bridge0: port 1(bridge_slave_0) entered disabled state
[   32.277548][ T6550] bridge_slave_0: entered allmulticast mode
[   32.279385][ T6550] bridge_slave_0: entered promiscuous mode
[   32.288227][ T6545] team0: Port device team_slave_0 added
[   32.288980][ T6545] team0: Port device team_slave_1 added
[   32.295451][ T6550] bridge0: port 2(bridge_slave_1) entered blocking state
[   32.296762][ T6550] bridge0: port 2(bridge_slave_1) entered disabled state
[   32.296858][ T6550] bridge_slave_1: entered allmulticast mode
[   32.297278][ T6550] bridge_slave_1: entered promiscuous mode
[   32.305234][ T6541] team0: Port device team_slave_0 added
[   32.314477][ T6545] batman_adv: batadv0: Adding interface: batadv_slave_0
[   32.315693][ T6545] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   32.319853][ T6545] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   32.326586][ T6550] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   32.329039][ T6541] team0: Port device team_slave_1 added
[   32.336609][ T6545] batman_adv: batadv0: Adding interface: batadv_slave_1
[   32.336631][ T6545] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   32.336647][ T6545] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   32.345437][ T6550] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   32.354646][ T6541] batman_adv: batadv0: Adding interface: batadv_slave_0
[   32.354671][ T6541] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   32.354699][ T6541] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   32.355046][ T6549] bridge0: port 1(bridge_slave_0) entered blocking state
[   32.355141][ T6549] bridge0: port 1(bridge_slave_0) entered disabled state
[   32.355226][ T6549] bridge_slave_0: entered allmulticast mode
[   32.355676][ T6549] bridge_slave_0: entered promiscuous mode
[   32.356391][ T6549] bridge0: port 2(bridge_slave_1) entered blocking state
[   32.356409][ T6549] bridge0: port 2(bridge_slave_1) entered disabled state
[   32.356453][ T6549] bridge_slave_1: entered allmulticast mode
[   32.356900][ T6549] bridge_slave_1: entered promiscuous mode
[   32.366592][ T6545] hsr_slave_0: entered promiscuous mode
[   32.366952][ T6545] hsr_slave_1: entered promiscuous mode
[   32.376631][ T6541] batman_adv: batadv0: Adding interface: batadv_slave_1
[   32.377771][ T6541] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   32.381704][ T6541] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   32.386461][ T6550] team0: Port device team_slave_0 added
[   32.399982][ T6550] team0: Port device team_slave_1 added
[   32.401329][ T6548] bridge0: port 1(bridge_slave_0) entered blocking state
[   32.401397][ T6548] bridge0: port 1(bridge_slave_0) entered disabled state
[   32.401858][ T6548] bridge_slave_0: entered allmulticast mode
[   32.402321][ T6548] bridge_slave_0: entered promiscuous mode
[   32.403322][ T6548] bridge0: port 2(bridge_slave_1) entered blocking state
[   32.403344][ T6548] bridge0: port 2(bridge_slave_1) entered disabled state
[   32.403390][ T6548] bridge_slave_1: entered allmulticast mode
[   32.403777][ T6548] bridge_slave_1: entered promiscuous mode
[   32.416268][ T6549] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   32.425535][ T6541] hsr_slave_0: entered promiscuous mode
[   32.426840][ T6541] hsr_slave_1: entered promiscuous mode
[   32.428360][ T6541] debugfs: 'hsr0' already exists in 'hsr'
[   32.429343][ T6541] Cannot create hsr debugfs directory
[   32.434949][ T6549] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   32.444183][ T6548] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   32.445451][ T6548] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   32.457662][ T6550] batman_adv: batadv0: Adding interface: batadv_slave_0
[   32.458824][ T6550] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   32.461483][ T6550] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   32.462157][ T6550] batman_adv: batadv0: Adding interface: batadv_slave_1
[   32.462165][ T6550] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   32.462177][ T6550] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   32.477704][ T6548] team0: Port device team_slave_0 added
[   32.490636][ T6548] team0: Port device team_slave_1 added
[   32.494373][ T6549] team0: Port device team_slave_0 added
[   32.495381][ T6549] team0: Port device team_slave_1 added
[   32.520335][ T6550] hsr_slave_0: entered promiscuous mode
[   32.520646][ T6550] hsr_slave_1: entered promiscuous mode
[   32.520830][ T6550] debugfs: 'hsr0' already exists in 'hsr'
[   32.520840][ T6550] Cannot create hsr debugfs directory
[   32.526799][ T6548] batman_adv: batadv0: Adding interface: batadv_slave_0
[   32.526821][ T6548] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   32.526834][ T6548] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   32.527401][ T6548] batman_adv: batadv0: Adding interface: batadv_slave_1
[   32.527408][ T6548] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   32.527418][ T6548] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   32.541043][ T6549] batman_adv: batadv0: Adding interface: batadv_slave_0
[   32.541060][ T6549] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   32.541075][ T6549] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   32.542490][ T6549] batman_adv: batadv0: Adding interface: batadv_slave_1
[   32.542498][ T6549] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   32.542510][ T6549] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   32.567891][ T6548] hsr_slave_0: entered promiscuous mode
[   32.568187][ T6548] hsr_slave_1: entered promiscuous mode
[   32.568368][ T6548] debugfs: 'hsr0' already exists in 'hsr'
[   32.568379][ T6548] Cannot create hsr debugfs directory
[   32.596864][ T6549] hsr_slave_0: entered promiscuous mode
[   32.598228][ T6549] hsr_slave_1: entered promiscuous mode
[   32.599730][ T6549] debugfs: 'hsr0' already exists in 'hsr'
[   32.600922][ T6549] Cannot create hsr debugfs directory
[   32.643115][ T6545] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   32.656991][ T6545] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   32.670466][ T6545] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   32.685018][ T6545] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   32.705575][ T6541] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   32.711389][ T6545] bridge0: port 2(bridge_slave_1) entered blocking state
[   32.711472][ T6545] bridge0: port 2(bridge_slave_1) entered forwarding state
[   32.711633][ T6545] bridge0: port 1(bridge_slave_0) entered blocking state
[   32.711657][ T6545] bridge0: port 1(bridge_slave_0) entered forwarding state
[   32.721099][ T6541] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   32.723643][ T6541] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   32.727762][ T6541] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   32.733605][ T6550] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   32.736283][ T6550] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   32.738488][ T6550] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   32.748111][ T6550] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   32.767791][ T6541] bridge0: port 2(bridge_slave_1) entered blocking state
[   32.767832][ T6541] bridge0: port 2(bridge_slave_1) entered forwarding state
[   32.767892][ T6541] bridge0: port 1(bridge_slave_0) entered blocking state
[   32.767917][ T6541] bridge0: port 1(bridge_slave_0) entered forwarding state
[   32.775137][ T6550] bridge0: port 2(bridge_slave_1) entered blocking state
[   32.775171][ T6550] bridge0: port 2(bridge_slave_1) entered forwarding state
[   32.775229][ T6550] bridge0: port 1(bridge_slave_0) entered blocking state
[   32.775253][ T6550] bridge0: port 1(bridge_slave_0) entered forwarding state
[   32.787199][ T6548] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   32.789435][ T6548] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   32.799191][ T6548] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   32.806064][ T6548] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   32.828460][ T6550] 8021q: adding VLAN 0 to HW filter on device bond0
[   32.833445][ T6548] bridge0: port 2(bridge_slave_1) entered blocking state
[   32.833480][ T6548] bridge0: port 2(bridge_slave_1) entered forwarding state
[   32.833560][ T6548] bridge0: port 1(bridge_slave_0) entered blocking state
[   32.833587][ T6548] bridge0: port 1(bridge_slave_0) entered forwarding state
[   32.839969][ T6549] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   32.844309][ T6545] 8021q: adding VLAN 0 to HW filter on device bond0
[   32.847405][ T6549] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   32.849386][ T6549] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   32.857899][ T6545] 8021q: adding VLAN 0 to HW filter on device team0
[   32.862520][ T6550] 8021q: adding VLAN 0 to HW filter on device team0
[   32.863858][ T6549] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   32.869725][  T250] bridge0: port 2(bridge_slave_1) entered disabled state
[   32.871067][  T250] bridge0: port 1(bridge_slave_0) entered disabled state
[   32.872716][  T250] bridge0: port 2(bridge_slave_1) entered disabled state
[   32.875857][  T250] bridge0: port 2(bridge_slave_1) entered disabled state
[   32.880264][  T250] bridge0: port 1(bridge_slave_0) entered disabled state
[   32.883133][  T250] bridge0: port 2(bridge_slave_1) entered disabled state
[   32.892718][  T250] bridge0: port 2(bridge_slave_1) entered blocking state
[   32.892761][  T250] bridge0: port 2(bridge_slave_1) entered forwarding state
[   32.900472][ T6545] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   32.901486][ T6545] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   32.916152][ T6541] 8021q: adding VLAN 0 to HW filter on device bond0
[   32.920094][  T250] bridge0: port 2(bridge_slave_1) entered blocking state
[   32.920206][  T250] bridge0: port 2(bridge_slave_1) entered forwarding state
[   32.944864][ T6541] 8021q: adding VLAN 0 to HW filter on device team0
[   32.956532][   T41] bridge0: port 1(bridge_slave_0) entered blocking state
[   32.956569][   T41] bridge0: port 1(bridge_slave_0) entered forwarding state
[   32.957962][   T42] bridge0: port 2(bridge_slave_1) entered blocking state
[   32.957988][   T42] bridge0: port 2(bridge_slave_1) entered forwarding state
[   32.963108][ T6549] 8021q: adding VLAN 0 to HW filter on device bond0
[   32.978631][ T6549] 8021q: adding VLAN 0 to HW filter on device team0
[   32.988275][   T42] bridge0: port 1(bridge_slave_0) entered blocking state
[   32.988312][   T42] bridge0: port 1(bridge_slave_0) entered forwarding state
[   32.988600][   T42] bridge0: port 2(bridge_slave_1) entered blocking state
[   32.988614][   T42] bridge0: port 2(bridge_slave_1) entered forwarding state
[   33.005435][ T6548] 8021q: adding VLAN 0 to HW filter on device bond0
[   33.008133][ T6545] 8021q: adding VLAN 0 to HW filter on device batadv0
[   33.027872][ T6548] 8021q: adding VLAN 0 to HW filter on device team0
[   33.048631][   T42] bridge0: port 1(bridge_slave_0) entered blocking state
[   33.048666][   T42] bridge0: port 1(bridge_slave_0) entered forwarding state
[   33.049099][   T42] bridge0: port 2(bridge_slave_1) entered blocking state
[   33.049122][   T42] bridge0: port 2(bridge_slave_1) entered forwarding state
[   33.058545][ T6548] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   33.058585][ T6548] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   33.100337][ T6545] veth0_vlan: entered promiscuous mode
[   33.102123][ T6545] veth1_vlan: entered promiscuous mode
[   33.126902][ T6545] veth0_macvtap: entered promiscuous mode
[   33.127856][ T6545] veth1_macvtap: entered promiscuous mode
[   33.138370][ T6545] batman_adv: batadv0: Interface activated: batadv_slave_0
[   33.140315][ T6545] batman_adv: batadv0: Interface activated: batadv_slave_1
[   33.155769][  T250] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   33.156124][  T250] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   33.156557][  T250] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   33.156590][  T250] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   33.159194][ T6550] 8021q: adding VLAN 0 to HW filter on device batadv0
[   33.164293][ T6541] 8021q: adding VLAN 0 to HW filter on device batadv0
[   33.176507][ T6549] 8021q: adding VLAN 0 to HW filter on device batadv0
[   33.204496][ T6548] 8021q: adding VLAN 0 to HW filter on device batadv0
[   33.209884][ T6541] veth0_vlan: entered promiscuous mode
[   33.220032][ T6550] veth0_vlan: entered promiscuous mode
[   33.232907][ T6541] veth1_vlan: entered promiscuous mode
[   33.244978][ T2213] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   33.245006][ T2213] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   33.246818][ T6550] veth1_vlan: entered promiscuous mode
[   33.270165][ T6550] veth0_macvtap: entered promiscuous mode
[   33.276594][ T6549] veth0_vlan: entered promiscuous mode
[   33.278152][ T6550] veth1_macvtap: entered promiscuous mode
[   33.286651][   T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   33.286692][   T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   33.290736][ T6541] veth0_macvtap: entered promiscuous mode
[   33.294570][ T6550] batman_adv: batadv0: Interface activated: batadv_slave_0
[   33.298383][ T6550] batman_adv: batadv0: Interface activated: batadv_slave_1
[   33.309295][ T6541] veth1_macvtap: entered promiscuous mode
[   33.310068][ T6549] veth1_vlan: entered promiscuous mode
[   33.313100][  T250] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   33.313143][  T250] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   33.313163][  T250] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   33.313177][  T250] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   33.319303][ T6548] veth0_vlan: entered promiscuous mode
[   33.327297][ T6549] veth0_macvtap: entered promiscuous mode
[   33.330690][ T6548] veth1_vlan: entered promiscuous mode
[   33.332601][ T6545] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   33.335521][ T6549] veth1_macvtap: entered promiscuous mode
[   33.357118][ T6549] batman_adv: batadv0: Interface activated: batadv_slave_0
[   33.363274][ T6541] batman_adv: batadv0: Interface activated: batadv_slave_0
[   33.365542][ T6541] batman_adv: batadv0: Interface activated: batadv_slave_1
[   33.378552][ T6651] 8021q: VLANs not supported on ip6tnl0
[   33.380987][ T6549] batman_adv: batadv0: Interface activated: batadv_slave_1
[   33.383860][ T6548] veth0_macvtap: entered promiscuous mode
[   33.388190][ T2213] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   33.388264][ T2213] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   33.400093][ T6548] veth1_macvtap: entered promiscuous mode
[   33.405629][ T6651] loop3: detected capacity change from 0 to 512
[   33.418561][ T2213] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   33.418623][ T2213] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   33.418652][ T2213] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   33.418666][ T2213] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   33.418680][ T2213] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   33.418693][ T2213] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   33.434831][ T6548] batman_adv: batadv0: Interface activated: batadv_slave_0
[   33.459431][  T250] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   33.460938][  T250] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   33.463466][   T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   33.463488][   T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   33.487823][   T41] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   33.489241][   T41] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   33.508781][ T6548] batman_adv: batadv0: Interface activated: batadv_slave_1
[   33.510997][   T41] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   33.519677][   T41] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   33.519739][   T41] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   33.519768][   T41] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   33.526949][ T2213] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   33.526977][ T2213] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   33.808933][   T41] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   33.809065][   T41] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   33.828306][  T250] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   33.828337][  T250] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   33.851019][   T41] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   33.851053][   T41] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   33.944323][ T6660] loop4: detected capacity change from 0 to 4096
[   33.944713][ T6660] EXT4-fs: Ignoring removed mblk_io_submit option
[   33.976296][ T6660] EXT4-fs (loop4): Test dummy encryption mode enabled
[   34.012023][   T52] Bluetooth: hci3: command tx timeout
[   34.012237][   T52] Bluetooth: hci4: command tx timeout
[   34.012426][   T52] Bluetooth: hci2: command tx timeout
[   34.012600][   T52] Bluetooth: hci1: command tx timeout
[   34.012772][   T52] Bluetooth: hci0: command tx timeout
[   34.053497][ T6660] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   34.111244][ T6660] fscrypt: AES-256-XTS using implementation "xts-aes-ce"
[   34.825614][ T6662] loop2: detected capacity change from 0 to 164
[   34.835085][ T1878] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   34.841835][ T1878] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   34.940234][ T6549] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   35.036067][ T6671] netlink: 8 bytes leftover after parsing attributes in process `syz.3.8'.
[   35.049080][ T6652] IPVS: starting estimator thread 0...
[   35.109581][ T6673] loop0: detected capacity change from 0 to 8192
[   35.112014][ T6673] =======================================================
[   35.112014][ T6673] WARNING: The mand mount option has been deprecated and
[   35.112014][ T6673]          and is ignored by this kernel. Remove the mand
[   35.112014][ T6673]          option from the mount to silence this warning.
[   35.112014][ T6673] =======================================================
[   35.474535][ T6674] IPVS: using max 69 ests per chain, 165600 per kthread
[   35.487240][ T6675] loop2: detected capacity change from 0 to 32768
[   35.793009][ T6675] bcachefs (loop2): starting version 1.13: inode_has_child_snapshots opts=compression=gzip
[   35.793045][ T6675]   features: new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[   35.793068][ T6675] bcachefs (loop2): Using encoding defined by superblock: utf8-12.1.0
[   35.793130][ T6675] bcachefs (loop2): recovering from clean shutdown, journal seq 8
[   35.793297][ T6675] bcachefs (loop2): Doing compatible version upgrade from 1.13: inode_has_child_snapshots to 1.28: inode_has_case_insensitive
[   35.793297][ T6675]   running recovery passes: check_allocations,check_extents_to_backpointers,check_inodes
[   35.811935][ T6675] bcachefs (loop2): error reading btree root btree=accounting level=0: btree_node_read_error, fixing
[   35.812111][ T6675] bcachefs (loop2): check_topology... done
[   35.815037][ T6675] bcachefs (loop2): accounting_read...
[   35.846507][ T6691] pim6reg: entered allmulticast mode
[   35.848544][ T6676] loop4: detected capacity change from 0 to 32768
[   35.849025][ T6676] xfs: Unknown parameter 'biosize'
[   35.860692][ T6691] pim6reg: left allmulticast mode
[   35.875870][ T6693] loop3: detected capacity change from 0 to 128
[   35.877332][ T6693] vfat: Unexpected value for 'dos1xfloppy'
[   35.885370][ T6675]  done
[   35.885416][ T6675] bcachefs (loop2): alloc_read... done
[   35.887077][ T6675] bcachefs (loop2): snapshots_read... done
[   35.888457][ T6675] bcachefs (loop2): check_allocations...
[   35.890841][ T6675] bcachefs (loop2): bucket 0:78 gen 0 has wrong data_type: got btree, should be need_discard, fixing
[   35.890919][ T6675] bcachefs (loop2): bucket 0:78 gen 0 data type need_discard has wrong dirty_sectors: got 64, should be 0, fixing
[   35.904096][ T6675]  done
[   35.906918][ T6675] bcachefs (loop2): going read-write
[   35.910959][ T6675] bcachefs (loop2): journal_replay... done
[   35.990104][ T6675] bcachefs (loop2): check_lrus... done
[   35.990722][ T6675] bcachefs (loop2): check_backpointers_to_extents... done
[   35.999147][ T6675] bcachefs (loop2): check_extents_to_backpointers... done
[   36.002695][ T6675] bcachefs (loop2): check_inodes... done
[   36.003381][ T6675] bcachefs (loop2): resume_logged_ops... done
[   36.003902][ T6675] bcachefs (loop2): delete_dead_inodes... done
[   36.008976][ T6675] bcachefs (loop2): Fixed errors, running fsck a second time to verify fs is clean
[   36.009004][ T6675] bcachefs (loop2): check_extents_to_backpointers...
[   36.009472][ T6675] bcachefs (loop2): scanning for missing backpointers in 1/512 buckets
[   36.010234][ T6675]  done
[   36.020080][ T6675] bcachefs (loop2): check_inodes... done
[   36.020832][ T6675] bcachefs (loop2): resume_logged_ops... done
[   36.021344][ T6675] bcachefs (loop2): delete_dead_inodes... done
[   36.026381][ T6675] bcachefs (loop2): done starting filesystem
[   36.034695][ T6698] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   36.049755][ T6698] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   36.059217][ T6698] loop1: detected capacity change from 0 to 128
[   36.100960][ T6135] Bluetooth: hci0: command tx timeout
[   36.101009][ T6135] Bluetooth: hci1: command tx timeout
[   36.101045][ T6135] Bluetooth: hci2: command tx timeout
[   36.101067][ T6135] Bluetooth: hci4: command tx timeout
[   36.101087][ T6135] Bluetooth: hci3: command tx timeout
[   36.112025][ T6700] sp0: Synchronizing with TNC
[   36.127059][ T6698] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[   36.211796][ T6698] hpfs: filesystem error: improperly stopped
[   36.211859][ T6698] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[   36.211890][ T6698] hpfs: You really don't want any checks? You are crazy...
[   36.211993][ T6698] hpfs: hpfs_map_sector(): read error
[   36.212003][ T6698] hpfs: code page support is disabled
[   36.220553][ T6698] hpfs: hpfs_map_4sectors(): unaligned read
[   36.220764][ T6698] hpfs: hpfs_map_4sectors(): unaligned read
[   36.223527][ T6698] hpfs: filesystem error: unable to find root dir
[   36.377012][ T6706] pimreg: entered allmulticast mode
[   36.387569][ T6706] pimreg: left allmulticast mode
[   36.394241][ T6550] bcachefs (loop2): shutting down
[   36.394286][ T6550] bcachefs (loop2): going read-only
[   36.394373][ T6550] bcachefs (loop2): finished waiting for writes to stop
[   36.425305][ T6550] bcachefs (loop2): flushing journal and stopping allocators, journal seq 18
[   36.425461][ T6550] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 18
[   36.431639][ T6550] bcachefs (loop2): clean shutdown complete, journal seq 19
[   36.432166][ T6550] bcachefs (loop2): marking filesystem clean
[   36.447461][ T6550] bcachefs (loop2): shutdown complete
[   36.536257][ T6676] loop4: detected capacity change from 0 to 65536
[   36.554916][ T6676] XFS (loop4): Mounting V5 Filesystem 6653b971-41ab-480a-bd7b-5ff79b9409b5
[   36.582251][ T6676] XFS (loop4): Ending clean mount
[   36.629197][ T6676] netlink: 12 bytes leftover after parsing attributes in process `syz.4.7'.
[   36.647605][ T6676] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7'.
[   36.651758][ T6698] hpfs: hpfs_map_4sectors(): unaligned read
[   36.658004][ T6718] (unnamed net_device) (uninitialized): option resend_igmp: invalid value (1024)
[   36.659789][ T6718] (unnamed net_device) (uninitialized): option resend_igmp: allowed values 0 - 255
[   36.670675][ T6676] evm: overlay not supported
[   36.734265][ T6549] XFS (loop4): Unmounting Filesystem 6653b971-41ab-480a-bd7b-5ff79b9409b5
[   36.857813][ T6727] netlink: 168 bytes leftover after parsing attributes in process `wÞ£ÿ'.
[   36.859519][ T6727] C: renamed from team_slave_0 (while UP)
[   36.951925][   T31] audit: type=1326 audit(36.920:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6732 comm="syz.4.20" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbbf5b3a8 code=0x7ffc0000
[   36.951962][   T31] audit: type=1326 audit(36.920:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6732 comm="syz.4.20" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbbf5b3a8 code=0x7ffc0000
[   36.952849][   T31] audit: type=1326 audit(36.920:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6732 comm="syz.4.20" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffbbf5b3a8 code=0x7ffc0000
[   36.952976][   T31] audit: type=1326 audit(36.920:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6732 comm="syz.4.20" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbbf5b3a8 code=0x7ffc0000
[   36.953081][   T31] audit: type=1326 audit(36.920:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6732 comm="syz.4.20" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbbf5b3a8 code=0x7ffc0000
[   36.953178][   T31] audit: type=1326 audit(36.920:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6732 comm="syz.4.20" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffbbf5b3a8 code=0x7ffc0000
[   36.953260][   T31] audit: type=1326 audit(36.920:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6732 comm="syz.4.20" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbbf5b3a8 code=0x7ffc0000
[   36.953546][   T31] audit: type=1326 audit(36.920:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6732 comm="syz.4.20" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbbf5b3a8 code=0x7ffc0000
[   36.953770][   T31] audit: type=1326 audit(36.920:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6732 comm="syz.4.20" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffbbf5b3a8 code=0x7ffc0000
[   36.953932][   T31] audit: type=1326 audit(36.930:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6732 comm="syz.4.20" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbbf5b3a8 code=0x7ffc0000
[   37.192263][ T6742] binder: 6737:6742 ioctl 4018620d 0 returned -22
[   37.194057][ T6742] binder: 6737:6742 BC_REQUEST_FREEZE_NOTIFICATION invalid ref 0
[   37.195436][ T6742] binder: 6737:6742 ioctl c0306201 20000040 returned -22
[   37.492632][ T6751] loop0: detected capacity change from 0 to 512
[   37.493063][ T6751] EXT4-fs: Ignoring removed mblk_io_submit option
[   37.504070][ T6751] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -13
[   37.505958][ T6751] EXT4-fs error (device loop0): ext4_clear_blocks:876: inode #13: comm syz.0.27: attempt to clear invalid blocks 2 len 1
[   37.508699][ T6751] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[   37.509548][ T6751] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.27: invalid indirect mapped block 1819239214 (level 0)
[   37.517302][ T6751] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.27: invalid indirect mapped block 1819239214 (level 1)
[   37.525699][ T6751] EXT4-fs (loop0): 1 truncate cleaned up
[   37.526164][ T6751] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   37.554156][ T6541] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   37.720265][ T6769] tmpfs: Too small a size for current use
[   37.776939][ T6773] loop0: detected capacity change from 0 to 512
[   37.778712][ T6773] EXT4-fs: Ignoring removed nobh option
[   37.796133][ T6773] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   37.810032][ T6773] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #3: comm syz.0.36: corrupted inode contents
[   37.810763][ T6773] EXT4-fs (loop0): Remounting filesystem read-only
[   37.813511][ T6773] EXT4-fs (loop0): 1 truncate cleaned up
[   37.814458][ T6773] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   37.831114][ T6541] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   37.926643][ T6780] syz.0.37 uses obsolete (PF_INET,SOCK_PACKET)
[   37.951318][ T6782] netlink: 4 bytes leftover after parsing attributes in process `syz.4.39'.
[   37.957264][ T6782] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   37.957319][ T6782] batman_adv: batadv0: Removing interface: batadv_slave_0
[   37.968101][ T6782] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   37.969324][ T6782] batman_adv: batadv0: Removing interface: batadv_slave_1
[   38.036991][ T6791] netlink: 8 bytes leftover after parsing attributes in process `syz.2.40'.
[   38.037042][ T6791] netlink: 8 bytes leftover after parsing attributes in process `syz.2.40'.
[   38.039475][ T6792] loop3: detected capacity change from 0 to 512
[   38.173068][ T6135] Bluetooth: hci3: command tx timeout
[   38.173103][ T6135] Bluetooth: hci4: command tx timeout
[   38.173134][ T6135] Bluetooth: hci2: command tx timeout
[   38.173152][ T6135] Bluetooth: hci1: command tx timeout
[   38.173167][ T6135] Bluetooth: hci0: command tx timeout
[   38.299996][ T6812] loop2: detected capacity change from 0 to 512
[   38.301915][ T6812] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   38.321293][ T6812] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 214 vs 220 free clusters
[   38.321857][ T6812] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   38.335285][ T6812] EXT4-fs (loop2): 1 truncate cleaned up
[   38.335774][ T6812] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   38.369881][ T6550] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.578815][ T6840] Zero length message leads to an empty skb
[   38.581167][ T6840] netlink: 4 bytes leftover after parsing attributes in process `syz.0.64'.
[   38.583808][ T6840] bridge_slave_1: left allmulticast mode
[   38.584906][ T6840] bridge_slave_1: left promiscuous mode
[   38.586064][ T6840] bridge0: port 2(bridge_slave_1) entered disabled state
[   38.590542][ T6840] bridge_slave_0: left allmulticast mode
[   38.592763][ T6840] bridge_slave_0: left promiscuous mode
[   38.594076][ T6840] bridge0: port 1(bridge_slave_0) entered disabled state
[   38.651005][ T6850] loop0: detected capacity change from 0 to 1024
[   38.657726][ T6851] xt_l2tp: v2 tid > 0xffff: 37482740
[   38.687493][ T6850] EXT4-fs error (device loop0): ext4_acquire_dquot:6937: comm syz.0.64: Failed to acquire dquot type 0
[   38.688448][ T6850] EXT4-fs error (device loop0): mb_free_blocks:2017: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[   38.688496][ T6850] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #13: comm syz.0.64: corrupted inode contents
[   38.688721][ T6850] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #13: comm syz.0.64: mark_inode_dirty error
[   38.688840][ T6850] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #13: comm syz.0.64: corrupted inode contents
[   38.689145][ T6850] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #13: comm syz.0.64: mark_inode_dirty error
[   38.689338][ T6850] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #13: comm syz.0.64: corrupted inode contents
[   38.689462][ T6850] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem
[   38.689565][ T6850] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #13: comm syz.0.64: corrupted inode contents
[   38.689681][ T6850] EXT4-fs error (device loop0): ext4_truncate:4666: inode #13: comm syz.0.64: mark_inode_dirty error
[   38.689778][ T6850] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem
[   38.698868][ T6850] EXT4-fs (loop0): 1 truncate cleaned up
[   38.699331][ T6850] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   38.742712][ T6850] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[   38.766030][ T6862] loop2: detected capacity change from 0 to 512
[   38.779281][ T6862] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   38.786104][ T6541] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.820831][ T6862] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[   38.843156][ T6550] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[   38.869789][ T6874] loop4: detected capacity change from 0 to 1024
[   38.886634][ T6874] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   38.913578][ T6874] capability: warning: `syz.4.77' uses deprecated v2 capabilities in a way that may be insecure
[   38.949381][ T6549] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.080340][ T6899] netlink: 56 bytes leftover after parsing attributes in process `syz.3.88'.
[   39.130464][ T6908] netlink: 12 bytes leftover after parsing attributes in process `syz.0.91'.
[   39.398643][ T6920] loop0: detected capacity change from 0 to 512
[   39.413468][ T6920] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   39.456952][ T6920] EXT4-fs (loop0): 1 truncate cleaned up
[   39.459756][ T6920] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   39.499370][ T6541] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.624293][ T6928] loop0: detected capacity change from 0 to 256
[   39.653291][ T6928] FAT-fs (loop0): Directory bread(block 64) failed
[   39.653326][ T6928] FAT-fs (loop0): Directory bread(block 65) failed
[   39.653367][ T6928] FAT-fs (loop0): Directory bread(block 66) failed
[   39.653384][ T6928] FAT-fs (loop0): Directory bread(block 67) failed
[   39.653427][ T6928] FAT-fs (loop0): Directory bread(block 68) failed
[   39.653443][ T6928] FAT-fs (loop0): Directory bread(block 69) failed
[   39.653469][ T6928] FAT-fs (loop0): Directory bread(block 70) failed
[   39.653483][ T6928] FAT-fs (loop0): Directory bread(block 71) failed
[   39.653518][ T6928] FAT-fs (loop0): Directory bread(block 72) failed
[   39.653531][ T6928] FAT-fs (loop0): Directory bread(block 73) failed
[   39.954671][ T6953] loop4: detected capacity change from 0 to 164
[   39.958456][ T6953] ISOFS: unable to read i-node block
[   39.959409][ T6953] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[   39.995973][ T6956] loop2: detected capacity change from 0 to 164
[   40.002304][ T6956] process 'syz.2.111' launched '/dev/fd/3' with NULL argv: empty string added
[   40.006945][ T6956] syz.2.111: attempt to access beyond end of device
[   40.006945][ T6956] loop2: rw=524288, sector=263328, nr_sectors = 4 limit=164
[   40.007085][ T6956] syz.2.111: attempt to access beyond end of device
[   40.007085][ T6956] loop2: rw=0, sector=263328, nr_sectors = 4 limit=164
[   40.110550][ T6967] loop2: detected capacity change from 0 to 512
[   40.125013][ T6967] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   40.176335][ T6550] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.211642][ T6617] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   40.232177][  T250] syzkaller0: tun_net_xmit 76
[   40.233637][  T250] syzkaller0: tun_net_xmit 48
[   40.236963][ T6976] syzkaller0: create flow: hash 1550946284 index 1
[   40.252186][ T6975] syzkaller0: delete flow: hash 1550946284 index 1
[   40.262551][ T6135] Bluetooth: hci0: command tx timeout
[   40.262842][ T6135] Bluetooth: hci1: command tx timeout
[   40.262860][ T6135] Bluetooth: hci2: command tx timeout
[   40.262878][ T6135] Bluetooth: hci4: command tx timeout
[   40.262895][ T6135] Bluetooth: hci3: command tx timeout
[   40.323940][ T6989] loop3: detected capacity change from 0 to 128
[   40.324693][ T6989] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   40.324935][ T6989] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   40.373561][ T6617] usb 1-1: too many configurations: 237, using maximum allowed: 8
[   40.390452][ T6617] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[   40.392122][ T6617] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   40.393840][ T6617] usb 1-1: Product: syz
[   40.393869][ T6617] usb 1-1: Manufacturer: syz
[   40.393888][ T6617] usb 1-1: SerialNumber: syz
[   40.409090][ T6617] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[   40.425281][ T6617] usb 1-1: Direct firmware load for ath9k_htc/htc_9271-1.4.0.fw failed with error -2
[   40.427064][ T6617] usb 1-1: Falling back to sysfs fallback for: ath9k_htc/htc_9271-1.4.0.fw
[   40.795617][ T7006] loop2: detected capacity change from 0 to 512
[   40.811171][ T7006] 
[   40.811572][ T7006] ======================================================
[   40.812762][ T7006] WARNING: possible circular locking dependency detected
[   40.813991][ T7006] syzkaller #0 Not tainted
[   40.814766][ T7006] ------------------------------------------------------
[   40.815912][ T7006] syz.2.129/7006 is trying to acquire lock:
[   40.816789][ T7006] ffff0000fda96b98 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: ext4_writepages+0x150/0x2a0
[   40.818414][ T7006] 
[   40.818414][ T7006] but task is already holding lock:
[   40.819563][ T7006] ffff0000f57f3a28 (&ei->xattr_sem){++++}-{4:4}, at: __ext4_mark_inode_dirty+0x358/0x6fc
[   40.821313][ T7006] 
[   40.821313][ T7006] which lock already depends on the new lock.
[   40.821313][ T7006] 
[   40.822944][ T7006] 
[   40.822944][ T7006] the existing dependency chain (in reverse order) is:
[   40.824484][ T7006] 
[   40.824484][ T7006] -> #2 (&ei->xattr_sem){++++}-{4:4}:
[   40.825678][ T7006]        down_write+0x50/0xc0
[   40.826416][ T7006]        ext4_xattr_set_handle+0x11c/0x1260
[   40.827369][ T7006]        ext4_initxattrs+0xa4/0x11c
[   40.828201][ T7006]        security_inode_init_security+0x6dc/0x7f4
[   40.829151][ T7006]        ext4_init_security+0x44/0x58
[   40.829998][ T7006]        __ext4_new_inode+0x27f4/0x3190
[   40.830895][ T7006]        ext4_create+0x1f8/0x3fc
[   40.831666][ T7006]        path_openat+0x12d8/0x2c40
[   40.832490][ T7006]        do_filp_open+0x18c/0x36c
[   40.833367][ T7006]        do_sys_openat2+0x11c/0x1b4
[   40.834247][ T7006]        __arm64_sys_openat+0x120/0x158
[   40.835176][ T7006]        invoke_syscall+0x98/0x254
[   40.835969][ T7006]        el0_svc_common+0x130/0x23c
[   40.836829][ T7006]        do_el0_svc+0x48/0x58
[   40.837603][ T7006]        el0_svc+0x5c/0x254
[   40.838334][ T7006]        el0t_64_sync_handler+0x84/0x12c
[   40.839277][ T7006]        el0t_64_sync+0x198/0x19c
[   40.840106][ T7006] 
[   40.840106][ T7006] -> #1 (jbd2_handle){++++}-{0:0}:
[   40.841180][ T7006]        start_this_handle+0xe74/0x10dc
[   40.842019][ T7006]        jbd2__journal_start+0x288/0x51c
[   40.842892][ T7006]        __ext4_journal_start_sb+0x378/0x88c
[   40.843812][ T7006]        ext4_do_writepages+0xb94/0x39b4
[   40.844653][ T7006]        ext4_writepages+0x178/0x2a0
[   40.845489][ T7006]        do_writepages+0x270/0x468
[   40.846330][ T7006]        file_write_and_wait_range+0x1d0/0x2c4
[   40.847318][ T7006]        ext4_sync_file+0x274/0xb44
[   40.848154][ T7006]        __arm64_sys_fsync+0x170/0x1d4
[   40.849014][ T7006]        invoke_syscall+0x98/0x254
[   40.849797][ T7006]        el0_svc_common+0x130/0x23c
[   40.850637][ T7006]        do_el0_svc+0x48/0x58
[   40.851372][ T7006]        el0_svc+0x5c/0x254
[   40.852058][ T7006]        el0t_64_sync_handler+0x84/0x12c
[   40.852969][ T7006]        el0t_64_sync+0x198/0x19c
[   40.853777][ T7006] 
[   40.853777][ T7006] -> #0 (&sbi->s_writepages_rwsem){++++}-{0:0}:
[   40.855162][ T7006]        __lock_acquire+0x1774/0x30a4
[   40.856016][ T7006]        lock_acquire+0x14c/0x2e0
[   40.856811][ T7006]        percpu_down_read_internal+0x5c/0x298
[   40.857788][ T7006]        ext4_writepages+0x150/0x2a0
[   40.858595][ T7006]        do_writepages+0x270/0x468
[   40.859377][ T7006]        __writeback_single_inode+0x15c/0x13e8
[   40.860325][ T7006]        writeback_single_inode+0x18c/0x54c
[   40.861293][ T7006]        write_inode_now+0x13c/0x1a4
[   40.862093][ T7006]        iput+0x570/0x83c
[   40.862842][ T7006]        ext4_xattr_block_set+0x13dc/0x24bc
[   40.863897][ T7006]        ext4_expand_extra_isize_ea+0xeb4/0x182c
[   40.864879][ T7006]        __ext4_expand_extra_isize+0x2a0/0x37c
[   40.865779][ T7006]        __ext4_mark_inode_dirty+0x3c0/0x6fc
[   40.866763][ T7006]        ext4_evict_inode+0x930/0x1084
[   40.867627][ T7006]        evict+0x414/0x928
[   40.868279][ T7006]        iput+0x6e4/0x83c
[   40.869004][ T7006]        ext4_process_orphan+0x240/0x2b4
[   40.869986][ T7006]        ext4_orphan_cleanup+0x930/0x107c
[   40.870939][ T7006]        ext4_fill_super+0x4724/0x4ea4
[   40.871815][ T7006]        get_tree_bdev_flags+0x360/0x414
[   40.872741][ T7006]        get_tree_bdev+0x2c/0x3c
[   40.873598][ T7006]        ext4_get_tree+0x28/0x38
[   40.874467][ T7006]        vfs_get_tree+0x90/0x28c
[   40.875319][ T7006]        do_new_mount+0x278/0x7f4
[   40.876148][ T7006]        path_mount+0x5b4/0xde0
[   40.876940][ T7006]        __arm64_sys_mount+0x3e8/0x468
[   40.877754][ T7006]        invoke_syscall+0x98/0x254
[   40.878551][ T7006]        el0_svc_common+0x130/0x23c
[   40.879422][ T7006]        do_el0_svc+0x48/0x58
[   40.880199][ T7006]        el0_svc+0x5c/0x254
[   40.880897][ T7006]        el0t_64_sync_handler+0x84/0x12c
[   40.881850][ T7006]        el0t_64_sync+0x198/0x19c
[   40.882707][ T7006] 
[   40.882707][ T7006] other info that might help us debug this:
[   40.882707][ T7006] 
[   40.884334][ T7006] Chain exists of:
[   40.884334][ T7006]   &sbi->s_writepages_rwsem --> jbd2_handle --> &ei->xattr_sem
[   40.884334][ T7006] 
[   40.886458][ T7006]  Possible unsafe locking scenario:
[   40.886458][ T7006] 
[   40.887668][ T7006]        CPU0                    CPU1
[   40.888553][ T7006]        ----                    ----
[   40.889364][ T7006]   lock(&ei->xattr_sem);
[   40.890011][ T7006]                                lock(jbd2_handle);
[   40.891064][ T7006]                                lock(&ei->xattr_sem);
[   40.892167][ T7006]   rlock(&sbi->s_writepages_rwsem);
[   40.893078][ T7006] 
[   40.893078][ T7006]  *** DEADLOCK ***
[   40.893078][ T7006] 
[   40.894382][ T7006] 3 locks held by syz.2.129/7006:
[   40.895198][ T7006]  #0: ffff0000fda940e0 (&type->s_umount_key#26/1){+.+.}-{4:4}, at: alloc_super+0x1a0/0x80c
[   40.896781][ T7006]  #1: ffff0000fda94618 (sb_internal){.+.+}-{0:0}, at: ext4_evict_inode+0x2b0/0x1084
[   40.898265][ T7006]  #2: ffff0000f57f3a28 (&ei->xattr_sem){++++}-{4:4}, at: __ext4_mark_inode_dirty+0x358/0x6fc
[   40.899793][ T7006] 
[   40.899793][ T7006] stack backtrace:
[   40.900771][ T7006] CPU: 0 UID: 0 PID: 7006 Comm: syz.2.129 Not tainted syzkaller #0 PREEMPT 
[   40.902223][ T7006] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025
[   40.903812][ T7006] Call trace:
[   40.904261][ T7006]  show_stack+0x2c/0x3c (C)
[   40.904931][ T7006]  __dump_stack+0x30/0x40
[   40.905585][ T7006]  dump_stack_lvl+0xd8/0x12c
[   40.906269][ T7006]  dump_stack+0x1c/0x28
[   40.906890][ T7006]  print_circular_bug+0x324/0x32c
[   40.907620][ T7006]  check_noncircular+0x154/0x174
[   40.908345][ T7006]  __lock_acquire+0x1774/0x30a4
[   40.909076][ T7006]  lock_acquire+0x14c/0x2e0
[   40.909815][ T7006]  percpu_down_read_internal+0x5c/0x298
[   40.910689][ T7006]  ext4_writepages+0x150/0x2a0
[   40.911423][ T7006]  do_writepages+0x270/0x468
[   40.912168][ T7006]  __writeback_single_inode+0x15c/0x13e8
[   40.913141][ T7006]  writeback_single_inode+0x18c/0x54c
[   40.914055][ T7006]  write_inode_now+0x13c/0x1a4
[   40.914842][ T7006]  iput+0x570/0x83c
[   40.915457][ T7006]  ext4_xattr_block_set+0x13dc/0x24bc
[   40.916256][ T7006]  ext4_expand_extra_isize_ea+0xeb4/0x182c
[   40.917122][ T7006]  __ext4_expand_extra_isize+0x2a0/0x37c
[   40.918001][ T7006]  __ext4_mark_inode_dirty+0x3c0/0x6fc
[   40.918871][ T7006]  ext4_evict_inode+0x930/0x1084
[   40.919651][ T7006]  evict+0x414/0x928
[   40.920266][ T7006]  iput+0x6e4/0x83c
[   40.920899][ T7006]  ext4_process_orphan+0x240/0x2b4
[   40.921619][ T7006]  ext4_orphan_cleanup+0x930/0x107c
[   40.922405][ T7006]  ext4_fill_super+0x4724/0x4ea4
[   40.923214][ T7006]  get_tree_bdev_flags+0x360/0x414
[   40.924062][ T7006]  get_tree_bdev+0x2c/0x3c
[   40.924810][ T7006]  ext4_get_tree+0x28/0x38
[   40.925566][ T7006]  vfs_get_tree+0x90/0x28c
[   40.926256][ T7006]  do_new_mount+0x278/0x7f4
[   40.926991][ T7006]  path_mount+0x5b4/0xde0
[   40.927740][ T7006]  __arm64_sys_mount+0x3e8/0x468
[   40.928568][ T7006]  invoke_syscall+0x98/0x254
[   40.929314][ T7006]  el0_svc_common+0x130/0x23c
[   40.930040][ T7006]  do_el0_svc+0x48/0x58
[   40.930715][ T7006]  el0_svc+0x5c/0x254
[   40.931376][ T7006]  el0t_64_sync_handler+0x84/0x12c
[   40.932242][ T7006]  el0t_64_sync+0x198/0x19c
[   40.941996][   T52] Bluetooth: hci5: command 0x1003 tx timeout
[   40.942041][ T6544] Bluetooth: hci5: Opcode 0x1003 failed: -110
[   40.953239][ T7006] ------------[ cut here ]------------
[   40.953256][ T7006] EA inode 11 i_nlink=2
[   40.954433][ T7006] WARNING: CPU: 0 PID: 7006 at fs/ext4/xattr.c:1053 ext4_xattr_inode_update_ref+0x444/0x488
[   40.956596][ T7006] Modules linked in:
[   40.957156][ T7006] CPU: 0 UID: 0 PID: 7006 Comm: syz.2.129 Not tainted syzkaller #0 PREEMPT 
[   40.958471][ T7006] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025
[   40.960142][ T7006] pstate: 63400005 (nZCv daif +PAN -UAO +TCO +DIT -SSBS BTYPE=--)
[   40.961398][ T7006] pc : ext4_xattr_inode_update_ref+0x444/0x488
[   40.962430][ T7006] lr : ext4_xattr_inode_update_ref+0x444/0x488
[   40.963402][ T7006] sp : ffff8000a5db6dc0
[   40.964032][ T7006] x29: ffff8000a5db6e50 x28: 0000000000000000 x27: 1fffe0001eafe2f5
[   40.965328][ T7006] x26: dfff800000000000 x25: ffff8000a5db6dc0 x24: ffff700014bb6db8
[   40.966597][ T7006] x23: ffff800092ef2000 x22: ffff0000f57f15f8 x21: 0000000000000002
[   40.967871][ T7006] x20: 0000000000000001 x19: ffff0000f57f15b8 x18: 1fffe00033771c88
[   40.969155][ T7006] x17: ffff80008f85e000 x16: ffff80008b065bd0 x15: 0000000000000001
[   40.970379][ T7006] x14: 1fffe0001b36ca68 x13: 0000000000000000 x12: 0000000000000000
[   40.971701][ T7006] x11: 0000000000080000 x10: 0000000000000003 x9 : 0b001ac56fccef00
[   40.972955][ T7006] x8 : 0b001ac56fccef00 x7 : 0000000000000000 x6 : ffff800080493890
[   40.974193][ T7006] x5 : 0000000000000000 x4 : 0000000000000001 x3 : ffff800080485e24
[   40.975436][ T7006] x2 : 0000000000000001 x1 : ffff80008b6b38c0 x0 : 0000000000000001
[   40.976747][ T7006] Call trace:
[   40.977348][ T7006]  ext4_xattr_inode_update_ref+0x444/0x488 (P)
[   40.978420][ T7006]  ext4_xattr_set_entry+0x928/0x15c0
[   40.979291][ T7006]  ext4_xattr_ibody_set+0x204/0x5fc
[   40.980197][ T7006]  ext4_expand_extra_isize_ea+0xefc/0x182c
[   40.981137][ T7006]  __ext4_expand_extra_isize+0x2a0/0x37c
[   40.981999][ T7006]  __ext4_mark_inode_dirty+0x3c0/0x6fc
[   40.982833][ T7006]  ext4_evict_inode+0x930/0x1084
[   40.983597][ T7006]  evict+0x414/0x928
[   40.984199][ T7006]  iput+0x6e4/0x83c
[   40.984813][ T7006]  ext4_process_orphan+0x240/0x2b4
[   40.985613][ T7006]  ext4_orphan_cleanup+0x930/0x107c
[   40.986395][ T7006]  ext4_fill_super+0x4724/0x4ea4
[   40.987166][ T7006]  get_tree_bdev_flags+0x360/0x414
[   40.987898][ T7006]  get_tree_bdev+0x2c/0x3c
[   40.988501][ T7006]  ext4_get_tree+0x28/0x38
[   40.989210][ T7006]  vfs_get_tree+0x90/0x28c
[   40.989928][ T7006]  do_new_mount+0x278/0x7f4
[   40.990628][ T7006]  path_mount+0x5b4/0xde0
[   40.991308][ T7006]  __arm64_sys_mount+0x3e8/0x468
[   40.992110][ T7006]  invoke_syscall+0x98/0x254
[   40.992826][ T7006]  el0_svc_common+0x130/0x23c
[   40.993561][ T7006]  do_el0_svc+0x48/0x58
[   40.994206][ T7006]  el0_svc+0x5c/0x254
[   40.994835][ T7006]  el0t_64_sync_handler+0x84/0x12c
[   40.995615][ T7006]  el0t_64_sync+0x198/0x19c
[   40.996315][ T7006] irq event stamp: 1975
[   40.996972][ T7006] hardirqs last  enabled at (1975): [<ffff80008b0878f8>] _raw_spin_unlock_irqrestore+0x38/0x98
[   40.998580][ T7006] hardirqs last disabled at (1974): [<ffff80008b087728>] _raw_spin_lock_irqsave+0x2c/0x7c
[   41.000167][ T7006] softirqs last  enabled at (1578): [<ffff8000803db160>] handle_softirqs+0xaf8/0xc88
[   41.001627][ T7006] softirqs last disabled at (1555): [<ffff800080022028>] __do_softirq+0x14/0x20
[   41.002949][ T7006] ---[ end trace 0000000000000000 ]---
[   41.007284][ T7006] EXT4-fs error (device loop2): ext4_xattr_inode_iget:437: inode #18: comm syz.2.129: iget: bad extra_isize 90 (inode size 256)
[   41.009706][ T7006] EXT4-fs error (device loop2): ext4_xattr_inode_iget:442: comm syz.2.129: error while reading EA inode 18 err=-117
[   41.012836][ T7006] EXT4-fs error (device loop2): ext4_xattr_inode_iget:437: inode #18: comm syz.2.129: iget: bad extra_isize 90 (inode size 256)
[   41.015298][ T7006] EXT4-fs error (device loop2): ext4_xattr_inode_iget:442: comm syz.2.129: error while reading EA inode 18 err=-117
[   41.017590][ T7006] EXT4-fs (loop2): 1 orphan inode deleted
[   41.018887][ T7006] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   41.027285][ T6550] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.934446][ T2312] usb 1-1: USB disconnect, device number 2