last executing test programs:

3m27.950901244s ago: executing program 2 (id=284):
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = syz_open_dev$mouse(0x0, 0x0, 0x2)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz0\x00', {0x7, 0x4, 0x6, 0xfffa}, 0x3d, [0x6, 0xc95a, 0xfffffff3, 0x8, 0x80, 0x200, 0x0, 0x7f, 0x6, 0x1, 0xfffffff2, 0x5f, 0x0, 0x8, 0xffff2d37, 0x1dd2, 0x5, 0x7, 0x0, 0x80000001, 0x7, 0x7, 0x3, 0x3c5b, 0x1, 0x24, 0xffffffff, 0xfffffffe, 0x2, 0x4, 0xe661, 0x4, 0x9, 0x3, 0x8001, 0x4c74, 0x8f00, 0x642, 0x5, 0xa, 0x0, 0x71, 0x7, 0x7, 0x101, 0x0, 0x5, 0x3d, 0x8f, 0x8b, 0x1, 0x4, 0x9, 0x4, 0x5, 0x0, 0x80, 0x0, 0x5, 0x6, 0x8, 0x4, 0x1, 0x40], [0x10000007, 0x10002, 0x12b, 0x8000, 0x10, 0xfffffff3, 0x129432e6, 0x3, 0xf9, 0x400000d, 0x7fff, 0x3, 0x1ff, 0xfffffffe, 0x3, 0x6, 0x7, 0x10000008, 0x2f, 0xe, 0x1, 0x78, 0xea4, 0xa, 0x4, 0x5, 0x80, 0x2, 0x400, 0x1, 0x7, 0x400001, 0xff, 0x1005, 0x1, 0x5f31, 0x4, 0x9, 0x6, 0x9, 0x9, 0x2, 0x9, 0x8, 0x4, 0x7, 0xfffffff9, 0x0, 0x3, 0x8000, 0xffff, 0x2, 0x7f, 0x9, 0x8, 0x3, 0x4, 0x1, 0x800007, 0x6, 0x8, 0x48c93690, 0x2, 0x5], [0x7, 0x10, 0xfffffffd, 0x64e, 0xfffffdfe, 0x7fffffff, 0x8d2, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x5, 0x2, 0x0, 0x1ef, 0x5, 0x8, 0x86, 0x3, 0x10000009, 0x3e7, 0xd7, 0x5, 0x2, 0x4, 0xf, 0x40008, 0x83, 0x6d01, 0x5, 0x3b, 0x3, 0x200, 0x80, 0x3, 0x4, 0x2, 0x0, 0xa2, 0x6, 0x53cf697b, 0x5, 0x4, 0x60e, 0xbf, 0x5, 0x3, 0x400000, 0xfffffff9, 0x0, 0x1, 0x5, 0x0, 0x6, 0xfffffffb, 0x120000, 0x3, 0x101, 0x9, 0x4, 0x6], [0x7, 0xbb31, 0xfffffffc, 0xfffffffc, 0x5, 0x938, 0x6, 0xd36b, 0x0, 0x9, 0xce7, 0x1ff, 0x6, 0x7, 0x5, 0x3, 0x10000104, 0x80000000, 0x6, 0x7fff, 0x8ffff, 0xa620, 0x2, 0x1, 0x1, 0xfffff801, 0x8400014e, 0x60a3, 0x1249, 0x5, 0x20002, 0x80000003, 0x9, 0x8, 0xff, 0x3, 0x3, 0xffff, 0x9ff, 0x8, 0x100, 0x1, 0x6, 0x2, 0x4, 0x80, 0x1, 0x10004, 0x20000005, 0xfff, 0x2b91, 0xa1f, 0x8, 0x9, 0x1, 0x6c0b, 0x0, 0x2, 0x10000, 0xb1c, 0x1, 0x1ff, 0x8fff, 0x8]}, 0x45c)
syz_open_dev$loop(&(0x7f00000000c0), 0x5, 0x200)
socket(0x28, 0x5, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000480)={0x2, 0x4e24, @local}, 0x10)
r1 = syz_usb_connect(0x2, 0x239, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000e388d640697a01006ba8010203010902270201020010000904"], 0x0)
syz_usb_control_io$printer(r1, 0x0, 0x0)
syz_usb_connect(0x5, 0x24, &(0x7f0000000240)=ANY=[], 0x0)
r2 = syz_open_dev$I2C(&(0x7f0000000040), 0x1, 0x2003)
ioctl$I2C_SMBUS(r2, 0x720, &(0x7f0000000700)={0x1, 0x40, 0x3, &(0x7f00000006c0)={0x6, "0fd62f5244b23de763cfb137449ccf18ea4ee9f23bc4e6acba8d11e8daa6c4ee99"}})

3m25.57961833s ago: executing program 2 (id=290):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000003, 0x4031, 0xffffffffffffffff, 0x0)
mmap$KVM_VCPU(&(0x7f00002db000/0x4000)=nil, 0x930, 0x0, 0x20031, 0xffffffffffffffff, 0x0)
mremap(&(0x7f00005a7000/0x2000)=nil, 0x2000, 0x2000, 0x3, &(0x7f000045e000/0x2000)=nil)
mremap(&(0x7f00006bd000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000ffb000/0x4000)=nil)
madvise(&(0x7f00000ea000/0x4000)=nil, 0x4000, 0xe)
mremap(&(0x7f00007b2000/0x4000)=nil, 0x4000, 0x3000, 0x3, &(0x7f0000968000/0x3000)=nil)
mremap(&(0x7f000046b000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000769000/0x1000)=nil)
mremap(&(0x7f0000b89000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f00006e6000/0x3000)=nil)
mlock2(&(0x7f0000627000/0x3000)=nil, 0x3000, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='maps\x00')
read$FUSE(r0, &(0x7f0000005200)={0x2020}, 0x2020)

3m25.506070618s ago: executing program 2 (id=291):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = dup(r0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x4, @loopback, 0x25d}], 0x1c)
sendmsg$inet6(r0, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x4048043)
r2 = dup(r0)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000200)={0x0, @in6={{0xa, 0xce20, 0x6, @empty, 0x2d}}, 0x7, 0x1, 0xf06, 0x3, 0xb4, 0x7f, 0x9}, 0x9c)
pipe2$9p(&(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
write$P9_RSETATTR(r4, &(0x7f0000000000)={0x7, 0x1b, 0x2}, 0xffffff9a)
splice(r3, 0x0, r0, 0x0, 0x20000000000002, 0x2)
read$eventfd(r1, &(0x7f0000000100), 0x8)
read$FUSE(r2, &(0x7f00000048c0)={0x2020}, 0x2020)

3m24.547983543s ago: executing program 2 (id=294):
r0 = syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x2a0471a, &(0x7f00000000c0)={[{@quota}, {@bsdgroups}, {@nouid32}, {@errors_remount}, {@jqfmt_vfsv1}, {@oldalloc}, {@stripe={'stripe', 0x3d, 0x5}}]}, 0x2, 0x46b, &(0x7f0000000580)="$eJzs3M1vFOUfAPDvzLbw+/HWivgColaJsfGlpQWVgxeNJh4wmugB9VTbQgiFGloTIUSqMXgxMSR6Vo8m/gXevBj1ZGLiSe+GhCgX0FPNzM5Ad9ltt3TZrd3PJxl4nn2e7TzfPvPMPDPPbgPoWUPZP0nEtoj4LSIGqtnaCkPV/65dOTf595Vzk0ksLr72Z5LXu3rl3GRZtXzf1iIznEakHyXFTmrNnTl7YmJmZvp0kR+dP/nO6NyZs08ePzlxbPrY9KnxQ4cOHhh75unxp9oSZxbX1T3vz+7d/dIbF1+ePHLx7R+/ydq7rShfGsct2XTzS0NZ4H8t5urLHon/r2l36832Jemkr4sNYVUqEZF1V38+/geiEjc6byBe/LCrjQNuq+zatLl58cIisIEl0e0WAN1RXuiz+99y69DUY124/Fz1BiiL+1qxVUv6Ii3q9Nfd37bTUEQcWfjni2yLdjyHAABYwSeTnx+OJxrN/9K4e0m9HcUaymBE3BEROyPizojYFRF3ReR174mIe1e5//qloZvnP+mlWwqsRdn879libat2/lfO/mKwUuS25/H3J0ePz0zvL34nw9G/OcuPLbOP71745dNmZUvnf9mW7b+cCxbtuNRX94BuamJ+Ip+UtsHlDyL29DWKP7m+EpBExO6I2LO6H72jTBx/7Ou9zSqtHP8y2rDOtPhVxKPV/l+IuvhLyfLrk6P/i5np/aPlUXGzn36+8Gqz/a8p/jbI+n9L7fFflHx5pkgMvrV0vXYuVr1yeeH3j5ve09zq8b8peT0/H5XLru9NzM+fHovYlBzO8zWvj994b5kv62fxD+9rPP53Fu/J+v++iMgO4vsj4oGIeLBo+0MR8XBE7Fsm/h+eb162Hvp/quH57/rxP5jU9P/qE5UT33/bbP+t9f/BPDVcvJKf/1bQagPX8rsDAACA/4o0/wx8ko5cT6fpyEj1M/y7Yks6Mzs3//jR2XdPTVU/Kz8Y/Wn5pGtgyfPQsWSh+InV/HjxrLgsP1A8N/6sEnl+ZHJ2ZqrLsUOv29pk/Gf+qHS7dcBt12gdbbzBF9qAjad+/Ke12fOvdLIxQEf5vjb0rhXGf9qpdgCd5/oPvavR+D9fl7cWABuT6z/0LuMfepfxD72rbvxX4tdutQTooLV8r1+ilxORrotmtJRo/e9B3O7Em+ujGS0kun1mAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaI9/AwAA//9sbvBf")
chdir(&(0x7f0000000400)='./file0\x00')
r1 = creat(&(0x7f0000000140)='./bus\x00', 0x80)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000180)='./bus\x00', 0x0, 0x63d014, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2, 0x28011, r2, 0x0)
mount$9p_fd(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x10000, 0x0)
syz_mount_image$squashfs(&(0x7f00000000c0), &(0x7f00000001c0)='./file1\x00', 0x8000, &(0x7f0000000a00)=ANY=[@ANYRESOCT, @ANYBLOB="322d6825fe8cf7050cedffff3c57c86c0b18fa14eb854c5c2e26da314f1cae655aa13f05abe701b22a5d7801c560ffcaa7a9dd43edce1570072b0ef862679690e41a47e87f451affc318d2e01fa6e062186de79664ac21bb4786923b19c25c8a11b176a7a3ef1425b6d5e0c9ef15bd14e3c9d30fb24d50b512afb6ab04794571f1b53ae1a1d0f87c76239c9f6700ed8f08cbdb137cad2901209b2c77c46608d398435233cdf13d5d7a7f68304cc8956bda78a62e3872bcee78cfeee8c6051bbe2470c9646cfe9343a022b0618ce422f210c275b35df1507d54b51f86f9f3290a0ff8bd1ba812836252179d3656536b3a23ac27bb810f78ecba4a277ad5540a767bb07151ed892973dfd0eb7ba7f8f7ec0821927a58787096a95b010ebc1df715150bfa78e63eed7e8eb33f0ea0277fb3eb31c9cd233c14ab7fc9c7957dfbb865082a", @ANYRES64, @ANYBLOB="a92fe8de136908e852768595aa546296821087e5b1bbc32156ada61f7c8a700880fe17c721514fd66f6d073702603f43f39d10ed62b784f0ea603a459b42f61a2174a30374bec0296612104179832730d5741398231d9ffd1e9995a06bb5ada99b9f2d4a71c580fe19a6dea2485a8ef6042e0d96839465522c03ac9b1e3e4be07bd09a1568add843860228063e6e4a59adc27ad98e26260605e1df1bd5e5dcc1735af362ce57237d4455a267daeea0b2368f8c69ed577f4849d608dcd60b0dabe1d6dada51feb6b1751dfa136da4ab1a73a25bcfba9ba846676558290f27b2a256c2257003da000000", @ANYRES16=r1, @ANYRESHEX, @ANYRESDEC=r0, @ANYRES64, @ANYRESHEX, @ANYRES32=r2, @ANYRESOCT, @ANYRESOCT], 0x10, 0x1da, &(0x7f0000000440)="$eJzslb1uE0EQx39zXscOICW0tEQkDdg+Gl4AkQfgAbCcI0Rc+MhZAlspDpo0FIiXiMRTUCBBT4EQEk0oQIIilJFQ0O7OHpvEBR+OINL9JWv+85+d2Q/vzd4q7hct4Pvu5oB5HIQzvBfBAIvitb0Zb7+p3Vd8Mt7vqf5c7Ue1xWj85omn49v9PM82itEEQj8f+FHkIjBpjJK5I8rEin9OXj8+qAiHyfTm+jsybOiRHQk9PaC0Jo3RXP75LqZHGoe3k4Q79XnaczWvHvd2oFLkF7LePfNb/V/+i2MiyW9lFWj7Kq49SvjqnLe7mwNLbmgXs9qK/4VPwo2xzstozDkDJUiD/aqOcd0SFoHOcP1epxiNL66t91ez1exOmlJ2X53WG5h1OzfX8qwr0TLc9TRUsN/pbBRvAh9+xksiSLQ0i1Mgca7tv6E5L52PEmchiXLjGr7ui6pGSzV7FNe5QBt4UNpwquoCtprBbW0Z4ewczumZaJ2wR0LbBS4N7uYrWwgS0rYxVY3eDk3rSAlZqo6LXL7SDkvcUrugdlntttodteHtCm+ScQf4Rb2lEmZ42B8ON9zj5VmlpZWWzlcHn+is4TWUsJIWNWrUqFGjRo0aJwQ/AgAA//+/e0w4")
clock_nanosleep(0xfffffff2, 0x0, &(0x7f0000000400), 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0xc0a00, 0x4)

3m23.311826556s ago: executing program 2 (id=296):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2, 0x100000000000000, &(0x7f0000000980)="b318"})

3m21.26126998s ago: executing program 2 (id=302):
r0 = socket$inet6(0xa, 0x2, 0x0)
syz_emit_ethernet(0x12, 0x0, 0x0)
shutdown(r0, 0x0)
setsockopt$sock_int(r0, 0x1, 0x2a, &(0x7f0000000000)=0x59cc, 0x4)
epoll_create1(0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180))
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
ppoll(&(0x7f0000000500)=[{r1}], 0x1, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x2, 0x7, 0xfffffffffffffffd}, 0x0, &(0x7f0000000240)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff, 0xc}, 0x0, 0x0)

3m21.086731707s ago: executing program 32 (id=302):
r0 = socket$inet6(0xa, 0x2, 0x0)
syz_emit_ethernet(0x12, 0x0, 0x0)
shutdown(r0, 0x0)
setsockopt$sock_int(r0, 0x1, 0x2a, &(0x7f0000000000)=0x59cc, 0x4)
epoll_create1(0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180))
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
ppoll(&(0x7f0000000500)=[{r1}], 0x1, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x2, 0x7, 0xfffffffffffffffd}, 0x0, &(0x7f0000000240)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff, 0xc}, 0x0, 0x0)

2m9.996949872s ago: executing program 5 (id=635):
r0 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r0, 0x0, 0x100)
syz_genetlink_get_family_id$ipvs(0x0, 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
syz_open_procfs$namespace(0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'bond0\x00', <r2=>0x0})
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=@newlink={0x3c, 0x10, 0xffffffffffffffff, 0x70bd27, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0xec37}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r2}]}, 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r4 = socket(0x11, 0x2, 0x10001)
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f0000000000)={'bond0\x00', &(0x7f0000000180)=@ethtool_sfeatures={0x3b, 0x2, [{0xae9, 0x8}, {0x11, 0x30000080}]}})

2m8.754490126s ago: executing program 5 (id=638):
open(&(0x7f00000000c0)='./file0\x00', 0x108843, 0x98)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0b0000000700000002"], 0x50)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f00000012c0)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000280)=ANY=[@ANYBLOB="10"], 0x10)
write$FUSE_NOTIFY_RESEND(r2, &(0x7f00000000c0)={0x14}, 0x14)
getresuid(&(0x7f0000000440), &(0x7f0000000400), &(0x7f00000004c0))
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])

2m7.340090557s ago: executing program 5 (id=642):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, 0x0, 0x0)
mkdir(0x0, 0x83)
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x2}}, 0x2e)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
r3 = inotify_init1(0x800)
r4 = fcntl$dupfd(r2, 0x406, r3)
connect$pppl2tp(r4, &(0x7f0000000340)=@pppol2tpv3in6={0x18, 0x1, {0x0, r4, 0x2, 0x2, 0x4, 0x3, {0xa, 0x4e22, 0x4, @private2={0xfc, 0x2, '\x00', 0x1}, 0x2b9d}}}, 0x3a)
setsockopt$inet_mtu(r4, 0x111, 0xa, &(0x7f0000000000)=0x3, 0x4)

2m7.196749161s ago: executing program 5 (id=643):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000280)='./bus\x00', 0x2000414, &(0x7f0000000d00)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000", @ANYRES64, @ANYRESHEX, @ANYBLOB="b5aeb8ee41283894d3a92a5f2e938d001e75134a6c84b5af394f7acfd82e32c798c8b845b9669f24699212cd02e80152f05442f604af4273f7da7d6056123abc53d651b4bca585c211a7", @ANYRESDEC], 0x0, 0x2ba, &(0x7f0000000e00)="$eJzs3MFqE10UwPHzNf2aNKVNBBEU1INudBPa+AAapAUxoNSmqAthaicaMiZlJlQiYrMRtz5HcelOUF+gG3Hj3l0RBDddiFc6k7STNm3TNmli+/9BuSdz7mFuZ6blzEBm9f7bZ8W8l8pbFRmIqQyI1GRNJLke1f1XHwf8eEjCanJ15Ne38/cePLydyWYnp1WnMjPX0qo6dvHj85fvLn2ujMy+H/sQlZXko9Wf6e8rQytnV//MPC14WvC0VK6opXPlcsWac2ydL3jFlOpdx7Y8Wwslz3ab8nmnvLBQVas0PxpfcG3PU6tU1aJd1UpZK25VrSdWoaSpVEpH43KyDbYxJ7c8PW1ldkybSEdXhK4bbrXRdTO11snc8hGsCQAA9Jnd+/+g19+5/8/OBuN++v8ze/f/IvT/XVJr+rRH/49jwXUzVrz+99uM/h8AAAAAAAAAAAAAAAAAAAAAgH/BmjEJY0xifaxv8j9HRSQmIqae7/Ey0SXh829CP3uc/+s9Wi46LPTFvZiI82Yxt5gLxiCfyUtBHLFlXBLy278e6oJ46lZ2clx9SfnkLNXrlxZzEYk26huSreovnJoI6rW5/n+Jh/efloScbr3/dMv6IblyOVSfkoR8eSxlcWTev643619NqN68k91SP+zPAwAAAADgOEjphm33737enxCT7fngfYKh5wPGmKXdng9sub8elHPtvKISAAAAAAAcmld9UbQcx3YPEERF5BDlnQ+MEen9MiLSH0ejObghIn2wjKMKYiISbNGDlP/YKG+ryrQxZ1BEen5Y9hH0+j8TAAAAgE7bbPr3UfT1dRdXBAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAydPu+8Aa87elGoldykO7ixz5LwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0kb8BAAD//8JfHKg=")
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, 0x0, 0x0)
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
setns(r1, 0x24020000)
r2 = syz_clone(0xb21e0000, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = syz_pidfd_open(r2, 0x0)
setns(r3, 0x24020000)
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
mount_setattr(r4, &(0x7f0000000100)='.\x00', 0x9000, &(0x7f0000001dc0)={0x0, 0x85, 0x20000}, 0x20)

2m6.688174982s ago: executing program 5 (id=649):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000140)={0x28, 0x0, 0x2710, @local}, 0x10)
listen(r0, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000080)={0x28, 0x0, 0x2710}, 0x10)
r2 = accept4(r0, 0x0, 0x0, 0x0)
sendto(r2, &(0x7f0000000200)="3996", 0x2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f0000005cc0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000004400)=""/211, 0xd3}}, {{0x0, 0x0, &(0x7f0000004600), 0x2}}, {{0x0, 0x0, &(0x7f0000005c40)=[{0x0, 0x7}], 0x1}}], 0x3, 0x0, &(0x7f0000005ec0)={0x0, 0x3938700})
r3 = memfd_create(&(0x7f0000000540)='\x02A\xbb\xcc\x96\x0eo\x1f\xe2@\xcc\xb1Yg\x00\x00\x00\x00\x00\x00', 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x200000c, 0x13, r3, 0x0)
recvfrom(r1, &(0x7f0000000000)=""/44, 0x2c, 0x0, 0x0, 0x0)

2m5.193390661s ago: executing program 0 (id=652):
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x10, &(0x7f0000000000)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {}, {0x4}}, @printk]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$vsock_stream(0x28, 0x1, 0x0)
mmap$usbfs(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x200000c, 0x10, 0xffffffffffffffff, 0xba2)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, 0x0, 0x20000100)
sendmsg$nl_xfrm(r1, 0x0, 0x0)
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)

2m5.010278159s ago: executing program 0 (id=657):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff000000000200000009"], 0x7c}}, 0x0)
sendmsg$NFT_MSG_GETRULE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x2c, 0x7, 0xa, 0x101, 0x0, 0x0, {0x0, 0x0, 0x8}, [@NFTA_RULE_HANDLE={0xc, 0x3, 0x1, 0x0, 0x3}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz1\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40090}, 0x40000)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000020040edffffff000008082295"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x29, 0x0, 0x40f00}, 0x94)
r1 = fsopen(&(0x7f0000000180)='proc\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x0, 0xa)
fchdir(r2)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x8880, 0xa5)
lseek(r3, 0x101, 0x1)
getdents64(r3, 0x0, 0x4f)

2m4.619198768s ago: executing program 0 (id=658):
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="09000000070000000080000001"], 0x48)
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x40980, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$packet(0x11, 0x2, 0x300)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1802, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r1=>0x0], 0x40000012})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000180)={0x300, 0x1, &(0x7f0000000340)=[r1], &(0x7f0000000040)=[0x18], &(0x7f0000000200), &(0x7f0000000240), 0x0, 0x7f})

2m3.908074538s ago: executing program 0 (id=660):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000280)='./bus\x00', 0x2000414, &(0x7f0000000d00)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000", @ANYRES64, @ANYRESHEX, @ANYBLOB="b5aeb8ee41283894d3a92a5f2e938d001e75134a6c84b5af394f7acfd82e32c798c8b845b9669f24699212cd02e80152f05442f604af4273f7da7d6056123abc53d651b4bca585c211a7", @ANYRESDEC], 0x0, 0x2ba, &(0x7f0000000e00)="$eJzs3MFqE10UwPHzNf2aNKVNBBEU1INudBPa+AAapAUxoNSmqAthaicaMiZlJlQiYrMRtz5HcelOUF+gG3Hj3l0RBDddiFc6k7STNm3TNmli+/9BuSdz7mFuZ6blzEBm9f7bZ8W8l8pbFRmIqQyI1GRNJLke1f1XHwf8eEjCanJ15Ne38/cePLydyWYnp1WnMjPX0qo6dvHj85fvLn2ujMy+H/sQlZXko9Wf6e8rQytnV//MPC14WvC0VK6opXPlcsWac2ydL3jFlOpdx7Y8Wwslz3ab8nmnvLBQVas0PxpfcG3PU6tU1aJd1UpZK25VrSdWoaSpVEpH43KyDbYxJ7c8PW1ldkybSEdXhK4bbrXRdTO11snc8hGsCQAA9Jnd+/+g19+5/8/OBuN++v8ze/f/IvT/XVJr+rRH/49jwXUzVrz+99uM/h8AAAAAAAAAAAAAAAAAAAAAgH/BmjEJY0xifaxv8j9HRSQmIqae7/Ey0SXh829CP3uc/+s9Wi46LPTFvZiI82Yxt5gLxiCfyUtBHLFlXBLy278e6oJ46lZ2clx9SfnkLNXrlxZzEYk26huSreovnJoI6rW5/n+Jh/efloScbr3/dMv6IblyOVSfkoR8eSxlcWTev643619NqN68k91SP+zPAwAAAADgOEjphm33737enxCT7fngfYKh5wPGmKXdng9sub8elHPtvKISAAAAAAAcmld9UbQcx3YPEERF5BDlnQ+MEen9MiLSH0ejObghIn2wjKMKYiISbNGDlP/YKG+ryrQxZ1BEen5Y9hH0+j8TAAAAgE7bbPr3UfT1dRdXBAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAydPu+8Aa87elGoldykO7ixz5LwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0kb8BAAD//8JfHKg=")
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, 0x0, 0x0)
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
setns(r1, 0x24020000)
r2 = syz_clone(0xb21e0000, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = syz_pidfd_open(r2, 0x0)
setns(r3, 0x24020000)
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
mount_setattr(r4, &(0x7f0000000100)='.\x00', 0x9000, &(0x7f0000001dc0)={0x0, 0x85, 0x20000}, 0x20)

2m3.757804284s ago: executing program 5 (id=662):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@gettclass={0x24, 0x2a, 0x400, 0x70bd28, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x0, 0x9}, {0xfff3, 0xe}, {0xd, 0x6}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x20008000)
utimes(0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000440)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000400)=0x8)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000200)=@newlink={0x44, 0x10, 0x437, 0x0, 0xffffffef, {0x0, 0x0, 0x0, r2, 0x50487, 0x80c4}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @gretap={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GRE_ENCAP_SPORT={0x6, 0x10, 0x4e21}, @IFLA_GRE_LINK={0x8, 0x1, r2}]}}}]}, 0x44}}, 0x20008884)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f00000001c0)=[{{&(0x7f0000000240)={0xa, 0x4e22, 0x6, @local, 0xa}, 0x1c, 0x0}}], 0x1, 0x2008c0c0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=@newtclass={0x24, 0x28, 0x10, 0x70bd29, 0x25dfdbfe, {0x0, 0x0, 0x0, r2, {0xfff1, 0xffff}, {0x6, 0xfff3}, {0x6, 0x8}}}, 0x24}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)

2m3.515307607s ago: executing program 33 (id=662):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@gettclass={0x24, 0x2a, 0x400, 0x70bd28, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x0, 0x9}, {0xfff3, 0xe}, {0xd, 0x6}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x20008000)
utimes(0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000440)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000400)=0x8)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000200)=@newlink={0x44, 0x10, 0x437, 0x0, 0xffffffef, {0x0, 0x0, 0x0, r2, 0x50487, 0x80c4}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @gretap={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GRE_ENCAP_SPORT={0x6, 0x10, 0x4e21}, @IFLA_GRE_LINK={0x8, 0x1, r2}]}}}]}, 0x44}}, 0x20008884)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f00000001c0)=[{{&(0x7f0000000240)={0xa, 0x4e22, 0x6, @local, 0xa}, 0x1c, 0x0}}], 0x1, 0x2008c0c0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=@newtclass={0x24, 0x28, 0x10, 0x70bd29, 0x25dfdbfe, {0x0, 0x0, 0x0, r2, {0xfff1, 0xffff}, {0x6, 0xfff3}, {0x6, 0x8}}}, 0x24}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)

2m3.399185379s ago: executing program 0 (id=666):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
capset(&(0x7f0000000040)={0x20071026}, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x2})
chroot(0x0)
r2 = dup(r1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
recvfrom$unix(r2, &(0x7f00000000c0)=""/38, 0x26, 0x40, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000000)="f30f09b80a0000000f23c00f21f835030004000f23f8b9800000c00f3235000400000f30b9800000c00f32670f01d10f302e660f38824eec66b805008ee8b9800000c00f3235001000000f30f22680b5c9b80be206c7442400e94bef7ac744240203000000c7442406000000000f011c240f20d3", 0x74}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

1m58.724791934s ago: executing program 0 (id=679):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="0a000000010000004200000040"], 0x48)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, 0x0)
syz_usb_connect(0x0, 0x24, 0x0, 0x0)
ioctl$EVIOCRMFF(0xffffffffffffffff, 0x40044581, &(0x7f0000000280))
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'bridge0\x00', <r2=>0x0})
sendto$packet(0xffffffffffffffff, &(0x7f00000007c0), 0x0, 0x24000044, &(0x7f0000000000)={0x11, 0x3, r2, 0x1, 0xc0, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x14)
bpf$PROG_LOAD(0x2, &(0x7f0000000680)={0x3, 0x3, &(0x7f0000000740)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000208500000001000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000080)='mm_page_free_batched\x00', r3}, 0x18)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xee776000)

1m58.456292961s ago: executing program 34 (id=679):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="0a000000010000004200000040"], 0x48)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, 0x0)
syz_usb_connect(0x0, 0x24, 0x0, 0x0)
ioctl$EVIOCRMFF(0xffffffffffffffff, 0x40044581, &(0x7f0000000280))
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'bridge0\x00', <r2=>0x0})
sendto$packet(0xffffffffffffffff, &(0x7f00000007c0), 0x0, 0x24000044, &(0x7f0000000000)={0x11, 0x3, r2, 0x1, 0xc0, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x14)
bpf$PROG_LOAD(0x2, &(0x7f0000000680)={0x3, 0x3, &(0x7f0000000740)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000208500000001000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000080)='mm_page_free_batched\x00', r3}, 0x18)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xee776000)

1m56.692793857s ago: executing program 4 (id=691):
r0 = socket(0x10, 0x803, 0x0)
write(r0, &(0x7f0000000040)="2600000022004701050007108980e8ff06006d20002b1ffec0e90101c7bb0000b00000000000", 0x26)
setsockopt$sock_int(r0, 0x1, 0x3, &(0x7f0000000080)=0xd462, 0x4)
sendto(r0, &(0x7f00000005c0)="120000001200e7ef006bbad110521256d686", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f00000000c0)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
recvmmsg(r1, &(0x7f0000005200)=[{{0x0, 0x0, 0x0}, 0x88b1}], 0x1, 0x40000120, 0x0)
setsockopt$SO_TIMESTAMP(r1, 0x1, 0x40, &(0x7f0000000200)=0x4, 0x4)
write$bt_hci(r1, &(0x7f0000000200)=ANY=[], 0x6)
recvmmsg(r0, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0xfffffffb}], 0x41, 0x40002100, 0x0)

1m56.15829745s ago: executing program 4 (id=694):
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000000050005000200000c12000300686173683a6e65742c706f7274"], 0x4c}}, 0x2)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=ANY=[@ANYBLOB="50000000090601020000000000000000020000000900020073797a31000000000500010007000000280007800c00018008000140ffffffff0500070011000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)

1m54.239861s ago: executing program 4 (id=700):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000002540)=ANY=[@ANYBLOB="611534000000000061134c0000000000bfa000000000000007000000080000002d0301000000000095000000000000006916000000000000bf67000000000000350607000fff07206706000002000000160300000ee60060bf050000000000000f650000000000006507f9ff01000000070700004ddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f674629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5480a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff139604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081383409ed2912c811ae63f03212a5331c2a4ead000000000000000000005574d074fa7e93447a88c0fbab48660aae7cdf367ef0e4538279b6113de5b94e1056f443305145c9"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb=0x1000000}, 0x48)

1m53.136839351s ago: executing program 4 (id=702):
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000001c0)='./file0\x00', 0x2048c5, &(0x7f0000000b00)={[{@fat=@uid={'uid', 0x3d, 0xee00}}, {@shortname_winnt}, {@numtail}, {@fat=@nfs_nostale_ro}, {@uni_xlate}, {@uni_xlateno}, {@fat=@sys_immutable}, {@fat=@nfs_stale_rw}, {@fat=@debug}, {@shortname_mixed}, {@fat=@quiet}, {@utf8no}]}, 0x0, 0x29f, &(0x7f0000000840)="$eJzs3UFrE1sYxvGnSdukKW2yKBfuhct9uW50M7TxEwRpQQwotRF1IUztREPGpGRiJCK2O7d+juLSlYL6Bbpx517cFEFw04UYaZKxaRswra1Tzf8HYU7OOe/MmZyZ8M5AJlvXn94rFwOn6NYVS5pi0rq2pcxOqWuku4y1y+Pqta5zk5/f/Xv1xs1LuXx+ftFsIbd0Pmtm0/+9evDo2f9v6pPXnk+/TGgzc2vrU/b95l+bf299XQrXXpVcW65W6+6y79lKKSg7Zld8zw08K1UCr1a3nvaiX11dbZpbWZlKrda8IDC30rSy17R61eq1prl33FLFHMexqZSGTfzQEYWNxUU3dyKDQRQm+lXWajk33rexsPErBgUAAE6XqPL/u6XASoFVqnvy+4P5f0yHyP+loc7/D4/8fxjs5P+p7vm7F/k/AAAAAAAAAAAAAAAAAAAAAAC/g+1WK91qtdLhMnwlJCUlhe+jHidOBvM/3Hp+uJeU/CeNQqPQWXbac0WV5MvT7Jj0pX08dHXKCxfz87PWltFrf60bv9YoxJUI40OZ/vFznXjrjV/TmFK9288qrZn+8dk+8Y3CuM6eaSW6W/bkKK23t1WVr5X2cb0b/3jO7MLl/L74iXY/AAAAAAD+BI59d+D6vd3uWPjYkH3tncrd+wNK/+D+wL7r61H9MxrdfgMAAAAAMEyC5sOy6/tebQgK4f8fHMsKo//okoN2HpXUrXlxWuZikEJM0lHD4z83yx8l7amZiXy6j6Pw4X7nDBikc5TfSgAAAABOQpj0j0Q9EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAhtigDw8L+x/l2WM9m4tHs5cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA6fAtAAD//2kbF4o=")
r0 = syz_open_procfs(0x0, &(0x7f0000000540)='mounts\x00')
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000500)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x1333404, 0x0)
mount$bind(&(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x11080, 0x0)
mount$bind(&(0x7f0000000240)='.\x00', &(0x7f0000000280)='./file0\x00', 0x0, 0x1005848, 0x0)
r1 = openat$vcsu(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = epoll_create1(0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
mount$9p_fd(0x0, &(0x7f0000000080)='./file1\x00', 0x0, 0x800000, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@aname={'aname', 0x3d, '\xbe{!'}}], [{@obj_type={'obj_type', 0x3d, '+'}}, {@dont_measure}, {@subj_user={'subj_user', 0x3d, '+\xd9/#}\\'}}, {@fsname={'fsname', 0x3d, '{.]](\xe6@-(&-'}}]}})
read$FUSE(r0, &(0x7f0000002c00)={0x2020}, 0x2020)

1m52.261038667s ago: executing program 4 (id=707):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@empty, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x10000}}, {{@in=@multicast1, 0x0, 0x2b}, 0x0, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x3, 0x0, 0x0, 0x0, 0xfffffffd}}, 0xe8)
r1 = socket$key(0xf, 0x3, 0x2)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f00000001c0), 0x4)
sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="020b000102"], 0x10}}, 0x0)
sendmsg$key(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0xcb23c9c9931e99e9, 0x0, 0x25dfdbfe, {{@in6=@private0={0xfc, 0x0, '\x00', 0x40}, @in6=@ipv4={'\x00', '\xff\xff', @loopback}, 0x0, 0x400, 0x0, 0x0, 0xa, 0x60, 0x80, 0x0, 0x0, 0xee01}, {}, {}, 0x1}}, 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[], 0xb8}}, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x1d, 0xcb23c9c9931e99e9, 0x0, 0x0, {{@in6=@private0, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x40, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0xaa3, 0xfffffffffffffff8}, {0x0, 0x8}}}, 0xb8}}, 0x0)

1m49.035897439s ago: executing program 4 (id=713):
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000200)={0x2c, 0x0, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_RINGS_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan1\x00'}]}]}, 0x2c}}, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
setsockopt$netlink_NETLINK_PKTINFO(0xffffffffffffffff, 0x10e, 0x3, 0x0, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000140)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001000390429bd7000fbdbdf2500000000", @ANYRES32=r3, @ANYBLOB="0198f9ffffff0000180012800b000100697036677265000008000280040012"], 0x38}, 0x1, 0x0, 0x0, 0x20048001}, 0x4000004)
sendto$packet(r0, &(0x7f0000000640)="e8b77052a9", 0x28, 0x40, &(0x7f0000000200)={0x11, 0x86dd, r3, 0x1, 0x0, 0x6, @local}, 0x14)

1m48.232628569s ago: executing program 35 (id=713):
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
sendmsg$ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000200)={0x2c, 0x0, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_RINGS_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan1\x00'}]}]}, 0x2c}}, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
setsockopt$netlink_NETLINK_PKTINFO(0xffffffffffffffff, 0x10e, 0x3, 0x0, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000140)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="380000001000390429bd7000fbdbdf2500000000", @ANYRES32=r3, @ANYBLOB="0198f9ffffff0000180012800b000100697036677265000008000280040012"], 0x38}, 0x1, 0x0, 0x0, 0x20048001}, 0x4000004)
sendto$packet(r0, &(0x7f0000000640)="e8b77052a9", 0x28, 0x40, &(0x7f0000000200)={0x11, 0x86dd, r3, 0x1, 0x0, 0x6, @local}, 0x14)

26.786141344s ago: executing program 7 (id=1042):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'hmac(poly1305)\x00'}, 0x58)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_route_sched(r1, 0x0, 0x24000004)
r2 = syz_open_procfs(0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000100)='./bus\x00', 0x20080ca, &(0x7f0000000040), 0x1, 0x582, &(0x7f0000000280)="$eJzs3c9vHFcdAPDvjH82SesEeoAKSIBCQFHW8aa1ql5aLlSoqoSoOCAOqbE3lsk6G7x2qU2kun8DSCBxgj+BAxIHpJ44cOOIxAEQ5YBUIAIlSBwGzex4vXF20413s0u8n4802Tf73sz3vbVn3tu3zr4AJtaFiNiPiNmIeCsiFsrnk3KLV1tbXu7undur9+7cXk0iy978R1Lk589FxzG50+U55yPiG69FfCd5MG5zd+/GSr1e2yr3F7c3by02d/cub2yurNfWazer1eWl5SsvXX2xOrS2nt/8xYdf3Xj9m7/+1ac/+N3+l3+QV+tMmdfZjmFqNX2mHSc3HRGvP45gYzBVPs6OuR4cTxoRH4uIzxXX/0JMFb+dAMBJlmULkS107gMAJ11azIElaSUi0rQcBFRac3jPxqm03mhuX7re2Lm51porOxsz6fWNeu3Kubk/fK8oPJPk+0tFXpFf7FeP7F+NiHMR8aO5p4r9ymqjvjaeIQ8ATLzTnf1/RPx7Lk0rlb4O7fKpHgDwxJgfdwUAgJHT/wPA5NH/A8Dk6aP/Lz/s33/sdQEARsP7fwCYPPp/AJg8+n8AmChff+ONfMvuld9/vfb27s6NxtuX12rNG5XNndXKamPrVmW90VgvvrNn86POV280bi29EDvvLG7XmtuLzd29a5uNnZvb14rv9b5WmxlJqwCAhzl3/v3fJxGx//JTxRYdaznoq+FkS4dYCniyTA1ysAECPNGs9gWTq68uvBgk/Pax1wUYj65f5j3fNXm/nzxCEH9nBP9XLn6y//l/azzDyWJmHybX8eb/Xxl6PYDRO/b8/5+GWw9g9LIsObrm/2w7CwA4kQb4E77s3WENQoCxmW5//n+2Z5mhfP4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ8yZiPhuJGmlWAs8zf9NK5WIp4vVQGaS6xv12pWIeCbOR8TMXL6/NO5KAwADSv+WlOt/XVx4/szR3NnkP3PFY0R8/6dv/vidle3traX8+X+2n587WD6senjcAOsKAgD9+0s/hYr+u1o+dryRv3vn9urB9hjr+IAPv9JefHT13p3bxdbKmY4sy7KI+WIscepfSbFOaZRrkT4XEVNDiL//XkR8olv7k2Ju5Gy58mln/ChjPz3S+Ol98dNytda0fPk+PoS6wKR5P7//vHr0+psqrqwLRYnu1/98uW7yoIr733xE69732vJhzsH1Pl/U5mj8/Jq/0G+MF37ztQeezBZaee9FPDd9EL/z/pu04yc94j/fZ/w/fuozP3ylR172s4iL0T1+Z6zF7c1bi83dvcsbmyvrtfXazWp1eWn5yktXX6wuFnPUiwcz1Q/6+8uXnulVt7z9p3rEb/3kTx9p/2z72C/02f6f//etb3/2cHfuaPwvfb5b/DSeLR67v/55n/jFPuOvnPplz+W78/hrPdr/UT//S33G/+Cve2t9FgUARqC5u3djpV6vbR0rkQ9l8kT+LvTRD8+y7N28Dg8pk2f3d8KD4eIgzdlq/rloTu3wZUkiiUFO2C2RD8b6KTwzcHPuSxxMlwy7OV0S0+2x4nDP/K2H/7b0SswOEjQdeiuOk4izZeLuqIKO5XYEjNDhRT/umgAAAAAAAAAAAAAAAL2M4v8wjbuNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnFz/CwAA//8bz7lH")
setxattr$system_posix_acl(0x0, 0x0, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000200)="be26b54ba53ed1a550c490bd13f407fe46e14d3193f6e28aae923b83b0a06ec7", 0x20)
pread64(r2, 0x0, 0x0, 0x5f)

22.274074493s ago: executing program 7 (id=1050):
inotify_init1(0x80800)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x400080000100008b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0)
r1 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_int(r1, 0x1, 0x2c, &(0x7f0000000040)=0x80000001, 0x4)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x2c, &(0x7f0000000000)={0x0, 0x0}, 0x10)

18.851443244s ago: executing program 7 (id=1061):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x13, 0xe, &(0x7f0000000c00)=ANY=[@ANYBLOB="b702000004000080bfa30000000000000703000000ffffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000001e6400000000000045040400010000001704000001000a00b7040000000100006a0af2fe00000000850000004a000000b70000000000000095000000000000008e17f199a68b061b93d83298a8cdda1ce784909b849d5550ad855dab54d8ff07000000000000caa10350e11cb97ce8df1bc9a0c4eeceb9971e43405d621ffbc9b0d8ca56b50f0c010ddb03cf1c62d57c08a90b189d190c341035de53a9a53608c10556e5734eb84049761451ce540c772e069f80cb201b2de17dfdb4b60939d5d6aed4062049b87e03e2cd18a77dda613e0c64497fcc059c062234d5595f6fbaa187b81d1106000000000f0000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7480884d88000000000000000b91c61bd99dc89f12907af7dccd106cb937b450f859ce8292a79c3e40000b5ffffff7f000000000a882add4e1179bd4a44f231a2d73148be428ba953df4aece69311687f4122073a236c3a32efa04137d46f0247d2638da3261c8162bb7c7824be6195a66d2e17e122040e11001131ce319045e5b3334e68475ac3f46aa2837f9004600daded9b19b35eebe52613c346e255421b23a278fd00004270b1cd5fc9aa2286cb0cf127e2a46cfbdf63eea190d86a4d1b75ae98480100bd5828954a7d093a54f7e75b3753508ca3c41685d1e407315e59d626c23b3f89a926e9382966853774e7dd1f1a2177cdf2802237c177d543e8da47a01f05e113e53518270239b69c117e2637c31085f4d8a596b6edab26afaf6605b231199f38a6dc7eb83714387450ea18eafbace8eec18a4b2c442e7b88a7611c1283bec84e1715fb9f4fcaf52c08058fc4f21c0ad71adabdd850aed3eeec6eaab347bdf474e17b9aa345d1e6e3bb83f90230bdf53e7d0e5c3f914d905422b83f30936674ba8f0bffaf2305c0972df71fe5f4e01506471e897bced7798509e64df360d95f9a4099f86438ac2bbcbdbd1d9db21a1d5c065567fd70aae68096827fa5c2d9bd20292344c7dcf6241447cfbb05b5d0fdb4e08afbac5397b64aa369922ed7ed8918f97294b6854210d2b93aaf92159dbaa2f186d4a420c68d6baf1c31de4f0bf478bfd51bb1e96ea849a80ae5a89be7e38474c7aade344d68324f9e12a6b9770e6bd12ae69efffaee58040753701af84c2924c1b5aea1650f42c9ae9820a33095f062fb88313d035ea405515a61a4be64f9fa0985c5be592090cc48291004609fdac2ab6100000000000000a84570c7c00d647daf8af334050b61e9b2d3f0adad1d1ff47be19b8da2799e9ecef8efabe73f92dbd0760f8bbd9c710bd1371e2b5d9a2ea2190f5e4f5cd641cdfe5d89f84a368ef7e6ff1eacdc0ec9e97b8f9c9e314661ea0aa8a104008d188b66b3a4aedeed9df4238a08fc2fb1007233cc2c87fcaa0cccd8ec03444471c1dd660c73acc17bff740d199a7c0c52c63c0408b5158e0000000c275eedb02f141113cf2c55b2c08c2c68cc99d2bb5840fba332e1c82862ec9b90106248f81d32a47ac94ddee815dba8aeb5d3121cf247a81aef7805b020e9eec44cbe3055be69fe066824ba2292b9cdce41635fc00df96fb10a3a8cc60c4a76c65ebbb0640e0a29de94edf5cbefac1c5fa96e7080af804b22cabce10ea52f1018527f4aa39cdafa3eff63de2a7f50d042667820f6f8301e031351ee13013137e9d5cec0c84d7e3f82c6fd12eb98f9ea654bcb9ce59a2015183c6e65bb0537e611b830d74c30fb8207fca0990acdbb51e4e234026e00000000b3ebae3eb52c140953a350fcf0124b1a30b1afc29ea56f8413686d912eb8118d73ef9c6d3843ebcb555301c0205dd3bd9b1d742e334319c8979c322e92fbc2c400"/1423], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x49, 0x10, &(0x7f0000000340)}, 0x42)

14.156684461s ago: executing program 7 (id=1083):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x9c5c2000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs={0x0, 0x0, 0xb}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x11, 0x4, 0x4, 0x9}, 0x50)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x2, 0x4, 0x1, 0x0, r3}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000008c0)={{r4}, &(0x7f0000000840), &(0x7f0000000880)=r3, 0x2000000}, 0x20)

11.801779286s ago: executing program 7 (id=1085):
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r2 = syz_io_uring_setup(0x10d, &(0x7f0000000140), &(0x7f0000000340)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_SEND={0x1a, 0xc, 0x0, r1, 0x0, 0x0, 0x0, 0x20008018, 0x1})
io_uring_enter(r2, 0x47f9, 0x0, 0x0, 0x0, 0x0)
clock_nanosleep(0xfffffff2, 0x0, &(0x7f0000000140)={0x77359400}, 0x0)

7.008505252s ago: executing program 3 (id=1096):
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$int_in(r0, 0x40000000af01, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x2})
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000000)={'syzkaller1\x00', @link_local})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000b80))
r3 = socket$packet(0x11, 0x3, 0x300)
r4 = dup(r1)
r5 = fcntl$dupfd(r0, 0x406, r3)
ioctl$VHOST_SET_VRING_ADDR(r5, 0x4028af11, &(0x7f0000000340)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/251, 0x0})
ioctl$VHOST_NET_SET_BACKEND(r5, 0x4008af30, &(0x7f0000000080)={0x0, r4})

5.698986113s ago: executing program 1 (id=1099):
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
ioctl$IOCTL_VMCI_VERSION2(0xffffffffffffffff, 0x7a7, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x34, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xc}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x4}}]}, 0x34}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@newtfilter={0x4c, 0x2c, 0xd27, 0x70bd24, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0xfff3, 0xa}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_bpf={{0x8}, {0x20, 0x2, [@TCA_BPF_OPS={{0x6, 0x4, 0x1}, {0xc, 0x5, [{0x6, 0xd, 0x5, 0x4}]}}, @TCA_BPF_CLASSID={0x8, 0x3, {0x3, 0x6}}]}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804)
ioctl$IOCTL_VMCI_INIT_CONTEXT(0xffffffffffffffff, 0x7a0, 0x0)

4.871358645s ago: executing program 3 (id=1100):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000180)=0x7fd, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r0)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
socket$netlink(0x10, 0x3, 0xe)
connect$pppl2tp(r1, &(0x7f0000000340)=@pppol2tpv3={0x18, 0x1, {0x3, r2, {0x2, 0xfffe, @dev={0xac, 0x14, 0x14, 0x34}}, 0x2, 0x0, 0x1}}, 0x2e)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$l2tp(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$L2TP_CMD_SESSION_GET(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="0100000000000000000006000000140008"], 0x28}}, 0x8000)

3.675792914s ago: executing program 3 (id=1102):
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
write$nci(0xffffffffffffffff, 0x0, 0xfffffeea)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0026}]})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000000050005000200000c12000300686173683a6e65742c706f7274"], 0x4c}}, 0x2)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB="50000000090601020000000000000000020000000900020073797a31000000000500010007000000280007800c00018008000140ffffffff0500070084000000060004404e220000060005"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="1c000000070601080000001e000000000a0000040500010007"], 0x1c}, 0x1, 0x0, 0x0, 0x20000005}, 0x80)
syz_usb_connect(0x6, 0x0, 0x0, 0x0)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000000000040961b0900000000000001090224000100004000090400d1813ca40b998629fd020300000009210000000122070009058103ff03"], 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

3.503998261s ago: executing program 1 (id=1105):
r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f00000003c0)={0x2c, 0xa, 0x3, "4a6535dffaa9779c16cc07f4e70156e42a022ece000000005000"})
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c00000015000103"], 0x1c}, 0x1, 0x0, 0x0, 0xc001}, 0x4000000)
socket$kcm(0x2c, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x400000000000004)
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r2, 0x11b, 0x3, &(0x7f00000001c0)=0x100000, 0x4)
writev(r1, &(0x7f0000000000)=[{&(0x7f0000000200)="480000001400190d7ebdeb75fd0d8c562c84d8c033ed7a80fae0090f000000000000a2bc5603ca00000f7f89000000200000004a2471083ec6811778581acb6c0101ff0000000309", 0x48}], 0x1)
syz_usb_connect(0x0, 0x57, &(0x7f0000000300)=ANY=[@ANYBLOB="12010102882333404f17318af4390102030109024500013f06400409044207000e0100010a240107000105ff0103020707240501"], &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0})
ioctl$sock_SIOCGIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(r2, 0x8982, &(0x7f00000000c0)={0x3, 'gretap0\x00', {0x4}, 0xc})
setsockopt$XDP_TX_RING(r2, 0x11b, 0x3, &(0x7f0000000040), 0x4)
syz_usb_connect(0x3, 0x5d, &(0x7f0000000080)=ANY=[@ANYRESOCT], 0x0)

2.405895041s ago: executing program 1 (id=1107):
syz_mount_image$ext4(&(0x7f0000000500)='ext4\x00', &(0x7f0000000940)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000580), 0x1, 0x4ee, &(0x7f0000000d40)="$eJzs3U9oFN8dAPDvbP5YY2LSUrHVFgItVrHdmESjQinmVBAtbS300D8Sk5iISTaYDagUahCLFCo99GDx1Is99BJ6K9IiFAo99eChPYhCT63USqUePKXMZlbXuCZNsmZ+v/XzgXFn3pp939kvM/Pe8OZtAB+s3og4EREtEVGMiO6svJAtcW15Sf/fucHFyXRJYmnpzLMkkog4Obg4Wf2sJHvdkX3AZ9KXGxEHW9+ud+7K1YsjU1Pjl7LtvvL0bN/clatfuTA9MjE+MT4zdPTo8WNHho4cb9y+bt99++5nf3nqwa0/LXx+147R6TTezuy92v1olN7ozb6TtuiqfSOJONfoynL2ibwDYN3+Vdh7L+8YAICtV8ja/q2V9n93tMRyY/3xw+8/744fd+QdHwAAALB5S0st2SsAAADQvBJ9fwAAAGhy1XEAJwcXJ6vLVo09ePL1raqJd3k6HBE9y/mvPt+9/E7rq2d6297T870/ehnRG10v/vG1T/0xXeI9PYfNR9Pi3/OOgDy1H847AhqhZYN/t+dbDQ6Ej5W/3Mw7Aq4tRMT9E3Xa/8km2nzbK/92rihNVmyfHk7bfz+bqy3T/vtwfPtM3hGQp28M5R0BebrzLO8IuD8cEYfq3f8rVObvq0qv6B3Vuf0a5Fhnev3/7ePasrev/4UnDaySFZ4OR3y1Zm7HczX5z/S0ZFtdlVuFbcn5C1PjhyJiZ0Tsj7Zt6Xb/KnX0D935eb3yz71I8//rpHr/L13S+qv3ArM4nrRue/PvxkbKI5vdb5Y9XYjY01ov/6/b/0mW6436fenWT+uVDx2ozCu6b/X88z4t/SpiX93j/3VvLVl1fta+yumgr3pSqOM3f/vPjXrlX/xhmv+LB+Q/P+nx37F6/ivn/1fz9c6tv47rf7j7ol75y3tp/n9xbSPn//bkO5UA27OyyyPl8qX+iPbk1NvlA+uPuVlVv4/q95Xmf/8X6l//q+2/JJsXuiciPrmBOhcezT6oV367kOb/zg8c//lJ8z+2xvGfvHH8r39l8a9f/lK9uvfeTPPf8921j//DlWD2ZyXaf2v7fxOUd5wAAAAAAAAANEah8pxOUii+Wi8UisXlcb6fjo7CVGmufPB8aX5mbPl5np5oK1SHenXXjAftz8aHVLcHVmwPZmNHbnZvr2wXR0tTY3nvPAAAADS5zohH37v+u9073tH/Tz3szjtKAAAAYDPS/n/Xo47KdF7/1c8HAACAppT2/5//5N9/Dv1/AAAAaFq1/X8AAACguX3z9Ol0War+7t9MaeLCxcnZ4wOHitPzo8XR0qXZ4kSpNFGZsW967c+bKpVm+wdi/nJfeXyu3Dd35erZ6dL8TPls5Xdjz463bcE+AWsr7vznrrxjAAAAts5mftffihUrzbqS95kJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDN+F8AAAD//4bu/XI=")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.stat\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
sendmmsg$inet(r1, &(0x7f00000002c0)=[{{&(0x7f0000000000)={0x2, 0x4e20, @multicast2}, 0x10, 0x0, 0x0, &(0x7f00000001c0)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0x8}}], 0x18}}], 0x1, 0x20006400)
write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x2b, 'rdma'}, {0x2d, 'cpuset'}, {0x2d, 'freezer'}]}, 0x17)
fdatasync(r0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0)

2.405047141s ago: executing program 3 (id=1108):
r0 = socket$igmp6(0xa, 0x3, 0x2)
poll(&(0x7f0000000000)=[{r0, 0x2000}], 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, 0x0, 0x0)
r1 = fsopen(0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000880), 0x88000, 0x0)
preadv(r3, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0x18ff2}], 0x1, 0xffff0080, 0x7e)

2.335581218s ago: executing program 6 (id=1109):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0xe22}, 0x1c)
listen(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r1, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f00000002c0)=0x7, 0x4)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
bind$inet6(r2, &(0x7f0000000100)={0xa, 0x4e20, 0x3, @local, 0x1}, 0x1c)
bind$inet6(r2, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r2, 0x0)

2.265276065s ago: executing program 8 (id=1110):
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$inet6(0xa, 0x2, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$netlink(0x10, 0x3, 0x0)
socket(0x10, 0x803, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r4, @ANYBLOB="1f003300d000000008021100000108021100000050505050505000001502", @ANYRES8=r2], 0x3c}, 0x1, 0x0, 0x0, 0x801}, 0x0)
sendmsg$nl_route(r0, 0x0, 0x0)

2.234154588s ago: executing program 3 (id=1111):
socket$nl_route(0x10, 0x3, 0x0)
socket$rxrpc(0x21, 0x2, 0xa)
r0 = socket$inet(0x2, 0x6, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x42)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
socket$phonet(0x23, 0x2, 0x1)
openat$ppp(0xffffffffffffff9c, 0x0, 0xc0802, 0x0)
unshare(0x22020600)
pselect6(0x40, &(0x7f0000000680)={0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x400}, 0x0, &(0x7f0000000140)={0x1ff, 0x0, 0x80000, 0x0, 0xfffffffffffffffc}, 0x0, 0x0)
setsockopt$inet_opts(r0, 0x0, 0x4, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
connect$inet(r0, &(0x7f0000000380)={0x2, 0x4e23, @remote}, 0x10)

2.167908024s ago: executing program 6 (id=1112):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x5, &(0x7f0000000080)=0x80000001, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[], 0x50)
close(0x3)
socket(0x21, 0x2, 0x9)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000000)=@framed={{}, [@ringbuf_output={{0x18, 0x5, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x1d}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x0, 0xe, 0xfeff, &(0x7f0000000100)="e0857f9f582f0300000000000000", 0x0, 0x2f00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

2.127323458s ago: executing program 8 (id=1113):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
close(0x3)
r1 = socket(0x2, 0x80805, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet_sctp(0xffffffffffffffff, &(0x7f0000000800)=[{&(0x7f0000000000)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x20, 0x0}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4}], 0x1, 0x4001)
shutdown(r2, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000200)={<r3=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e21, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x7a, &(0x7f0000000340)={r3, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84)
sendmmsg$inet_sctp(r1, &(0x7f00000032c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="30000000000000008400000001000000000000017c"], 0x30, 0x180}], 0x1, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r4=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r1, 0x84, 0x19, &(0x7f0000000080)={r4, 0x3ff}, 0x8)

1.935145807s ago: executing program 7 (id=1114):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
openat(0xffffffffffffff9c, &(0x7f0000000440)='./file2\x00', 0x42, 0x113)
shutdown(0xffffffffffffffff, 0x0)
quotactl$Q_SETQUOTA(0xffffffff80000800, 0x0, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
openat$tun(0xffffffffffffff9c, 0x0, 0x2241, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x0)
write$P9_RREADLINK(r0, &(0x7f0000000000)={0x10, 0x17, 0x2, {0x7, './file0'}}, 0xfffffdab)
syz_clone(0x500, 0x0, 0x0, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)

1.934752327s ago: executing program 6 (id=1115):
read$eventfd(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$inet6(0xa, 0x800, 0x7fff)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
setsockopt$inet6_IPV6_PKTINFO(0xffffffffffffffff, 0x29, 0x32, 0x0, 0x0)
read$msr(0xffffffffffffffff, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=@ipv4_delroute={0x4c, 0x19, 0x901, 0x70bd29, 0x25dfdbfb, {0x2, 0x18, 0x10, 0x0, 0x0, 0x0, 0xff, 0x1}, [@RTA_DST={0x8, 0x1, @dev}, @RTA_GATEWAY={0x8, 0x5, @private=0xa010102}, @RTA_ENCAP={0x18, 0x16, 0x0, 0x1, @LWTUNNEL_IP6_SRC={0x14, 0x3, @private0}}, @RTA_ENCAP_TYPE={0x6, 0x15, 0x2}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4}, 0x0)

1.934552707s ago: executing program 8 (id=1116):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0xfe, 0x7fff0006}]})
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0)
mknod$loop(0x0, 0x2000, 0x1)
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
poll(&(0x7f0000000040)=[{0xffffffffffffffff, 0x80cd}], 0x1, 0x7)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$UHID_CREATE2(r2, &(0x7f0000000040)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x12, r2, 0x0)
ioctl$KVM_X86_SETUP_MCE(r2, 0x4008ae9c, &(0x7f0000000000)={0x14, 0xb, 0x4})
sendmmsg$inet6(r1, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)

1.743955676s ago: executing program 8 (id=1117):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000060000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
socket$can_bcm(0x1d, 0x2, 0x2)
socket$kcm(0x10, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
connect$inet(r2, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000040)='cdg', 0x3)
setsockopt$inet_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f00000002c0)='bbr', 0x3)

1.657407325s ago: executing program 6 (id=1118):
r0 = socket$kcm(0xa, 0x6, 0x0)
setsockopt$sock_attach_bpf(r0, 0x10d, 0xd, &(0x7f0000000000), 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[], 0x48)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f00000002c0), 0x0, 0xa000000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r1 = socket$kcm(0xa, 0x1, 0x106)
setsockopt$sock_attach_bpf(r1, 0x1, 0x7, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x3, 0x0, &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x94)
r2 = socket$kcm(0x2, 0x6, 0x0)
setsockopt$sock_attach_bpf(r2, 0x1, 0x3e, &(0x7f00000002c0), 0x4)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)

1.647676056s ago: executing program 1 (id=1119):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
poll(&(0x7f0000000040)=[{0xffffffffffffffff, 0x80cd}], 0x1, 0x7)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='blkio.bfq.io_serviced_recursive\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f0000000040)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r3, 0x0)
ioctl$KVM_X86_SETUP_MCE(r3, 0x4008ae9c, &(0x7f0000000000)={0x14, 0x984995b43da11a7e, 0x4})
sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)

1.619251609s ago: executing program 8 (id=1120):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x0, &(0x7f0000000100), 0x2, 0x4fd, &(0x7f0000000b00)="$eJzs3ctvW1kZAPDv3jycyWQmGZgFoAHKMFBQVTtxZ6LRbBhWI4RGQsySRSckThTFiaPYGZrQRbpkj0QlVrDiHwCJBVJX7JFYwI5NWSDxqEANEgsjX19nnIcbq03sNv79pCufe47t75xa9xzrc3NPACPrWkQcRMRkRHwcEbN5fZIf8X77aD3v8aO7y4eP7i4n0Wx+9M8ka2/VRddrWl7O33MqIr7/QcQPkxNB/xhR39vfWKpWKzt5VamxuV2q7+3fXN9cWqusVbbK5cWFxfl3b71TvqCR/vqo9LvffvHhHw6++eNWt2byuu5xXKT20CeO4rSMR8R3LyPYEIzl45l8mhc/1Yu4SGlEfCYi3syu/9kYyz7N445/TN+K/NIGAF5QzeZsNGe7zwGAqy7NcmBJWsxzATORpsViO4f3ekyn1Vq9cWO1tru10s6VzcVEurpercznucK5mEhW18crC1m5c16tlE+c34qI1yLip4WXsvPicq26MswvPgAwwl4+sf7/p9Be/wGAK67r1/zCMPsBAAyO/80HAKPH+g8Ao8f6DwCjx/oPAKPH+g8Ao8f6DwAj5Xsfftg6mof5/a9XPtnb3ah9cnOlUt8obu4uF5drO9vFtVptLbtnz+Z571et1bYX3o7dO6VGpd4o1ff2b2/Wdrcat7P7et+uTAxkVADAk7z25Qd/TiLi4L2XsiO67vd/7lr9xmX3DrhM6bA7AAzN2LA7AAzN6d2+gFEhHw90bdF7r6t66lThpPt9vX2a7xsKPEeuf/4Z8v/AC03+H0bX0+X/fZeHq0D+H0ZXs5nY8x8ARowcP5Cc0979+/98s+ukv9//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4EqayY4kLeZ7gc9EmhaLEa9ExFxMJKvr1cp8RLwaEX8qTBRa5wsRYd8gAHiRpX9L8v2/rs++NXOydbLw30L2GBE/+vlHP7uz1GjsLERMJv86qm/cz+vLw+g/AHCezjrdWcc7Hj+6u9w5Btmfv3+7vbloK+5hfrRbxmM8e5zKcg3T/07y87bW95WxC4h/cC8iPnfW+JMsNzKX73x6Mn4r9isDjZ8ei59mbe3H1r/FZy+gLzBqHrTmn/fPuv7SuJY9nn39T2Uz1LPrzH+Hp+a/9Gj+G+sx/13rN8bbv//OqcrmbLvtXsQXxiMOO2/eNf904ic94r/VZ/y/vPGlN3u1NX8RcT3OGn9yLFapsbldqu/t31zfXFqrrFW2yuXFhcX5d2+9Uy5lOepSJ1N92j/eu/Fqr/it8U/3iD91zvi/1uf4f/m/j3/wlSfE/8ZXz/78X39C/Naa+PU+4y9N/2aqV1sr/kqP8Z/3+d/oM/7Dv+6v9PlUAGAA6nv7G0vVamXnsgvp5YfICknEwQCG0y4UfvWTDwYV6xIL8Xx0Q+F5Kgx7ZgIu26cX/bB7AgAAAAAAAAAAAAAA9DKIPyca9hgBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4uv4fAAD//2KH0wQ=")
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x3, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
pipe2$9p(&(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x800)
write$P9_RVERSION(r3, &(0x7f0000000180)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r4 = dup(r3)
write$FUSE_BMAP(r4, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r4, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000780)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@access_any}]}})
openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0/file1\x00', 0xe42, 0x1ff)

1.396000491s ago: executing program 1 (id=1121):
r0 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r0, 0x0, 0x30004001)
r1 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r1, 0x0, 0x0)
shutdown(0xffffffffffffffff, 0x0)
recvmsg(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)=[{0x0}], 0x1}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x4b, &(0x7f00000001c0)={&(0x7f00000004c0)=@deltclass={0x24, 0x29, 0x20, 0x70bd29, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {}, {0x4, 0xfff3}, {0x10, 0xffe0}}}, 0x24}}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'lo\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000005c0)=@newqdisc={0x6c, 0x24, 0xd0f, 0x70bd2c, 0x0, {0x60, 0x0, 0x0, r4, {0x0, 0xf}, {0xffff, 0xffff}, {0x0, 0xa}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x40, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x4, 0x0, 0x8, 0x1, 0x73a0, 0x2}, {0x6, 0x1, 0x3, 0x2, 0x7, 0x9}, 0xdd, 0x5, 0x1e8c}}, @TCA_TBF_PRATE64={0xc, 0x5, 0xa668cd67f58edc68}, @TCA_TBF_BURST={0x8, 0x6, 0x2}]}}]}, 0x6c}, 0x1, 0x0, 0x0, 0x4000000}, 0x3000c81c)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)

1.395480031s ago: executing program 6 (id=1122):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001000)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000002100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
io_uring_setup(0x6e62, &(0x7f00000005c0)={0x0, 0x769d, 0x4, 0x3, 0x3d8})

1.231946757s ago: executing program 3 (id=1123):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1000410, &(0x7f0000000100)={[{@grpid}, {@grpquota}]}, 0x4, 0x4eb, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=")
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
umount2(&(0x7f0000000280)='./file0\x00', 0x8)

392.577971ms ago: executing program 6 (id=1124):
r0 = socket(0x10, 0x80002, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r4)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r5, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newlink={0x3c, 0x10, 0xffffff1f, 0x0, 0x1, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @veth={{0x9}, {0x4, 0x2, 0x0, 0x1, @void}}}, @IFLA_MASTER={0x8, 0xa, r6}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0x0)

167.859723ms ago: executing program 1 (id=1125):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059"], 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0], 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xe, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='block_plug\x00', r2}, 0x10)
quotactl$Q_SYNC(0xffffffff80000102, 0x0, 0x0, 0x0)

0s ago: executing program 8 (id=1126):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50265a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3590], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe2(&(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
splice(r4, 0x0, r3, 0x0, 0x6, 0x0)
read$FUSE(r2, &(0x7f00000042c0)={0x2020}, 0x2020)
write$binfmt_script(r3, &(0x7f0000000800)={'#! ', './file0'}, 0xb)

kernel console output (not intermixed with test programs):

: Port device team_slave_1 removed
[  160.755937][  T144] team0 (unregistering): Port device team_slave_0 removed
[  160.799410][  T144] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  160.876244][  T144] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  161.205184][  T144] bond0 (unregistering): Released all slaves
[  162.175587][ T5581] device veth0_vlan entered promiscuous mode
[  162.240878][ T1279] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  162.275000][ T5730] loop3: detected capacity change from 0 to 256
[  162.289105][ T1279] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  162.317369][ T5581] device veth1_vlan entered promiscuous mode
[  162.353589][ T1279] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  162.370952][ T1279] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  162.408784][ T5730] exFAT-fs (loop3): bogus allocation bitmap size(need : 2, cur : 256)
[  162.434379][ T1279] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  162.446132][ T5730] exFAT-fs (loop3): failed to load alloc-bitmap
[  162.489889][ T5730] exFAT-fs (loop3): failed to recognize exfat type
[  162.497749][ T5735] netlink: 8 bytes leftover after parsing attributes in process `syz.0.334'.
[  162.519909][ T5735] netlink: 8 bytes leftover after parsing attributes in process `syz.0.334'.
[  162.530323][ T1279] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  162.619025][ T1279] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  162.660702][ T1279] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  162.682946][ T5581] device veth0_macvtap entered promiscuous mode
[  162.710698][ T5581] device veth1_macvtap entered promiscuous mode
[  162.822820][ T5581] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  162.930250][ T5581] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  162.958103][ T5581] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  163.012647][ T5581] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  163.054457][ T5581] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  163.071256][ T5581] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  163.090145][ T5581] batman_adv: batadv0: Interface activated: batadv_slave_0
[  163.111573][ T5581] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  163.127862][ T5581] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  163.139564][ T5581] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  163.159063][ T5581] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  163.219772][ T5581] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  163.240576][ T5581] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  163.454411][ T5581] batman_adv: batadv0: Interface activated: batadv_slave_1
[  164.004332][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  164.042843][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  164.156888][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  164.196444][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  164.217009][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  164.248146][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  164.269822][ T5728] loop1: detected capacity change from 0 to 32768
[  164.297470][ T5581] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  164.320509][ T5581] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  164.334296][ T5581] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  164.351548][ T5581] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  164.694434][ T5774] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  164.735085][ T5774] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  164.743040][ T5774] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  164.753233][ T5774] device bridge_slave_0 left promiscuous mode
[  164.763060][ T5774] bridge0: port 1(bridge_slave_0) entered disabled state
[  164.828919][ T5728] XFS (loop1): Mounting V5 Filesystem
[  164.860837][ T5774] device bridge_slave_1 left promiscuous mode
[  164.867166][ T5774] bridge0: port 2(bridge_slave_1) entered disabled state
[  164.929123][ T5774] bond0: (slave bond_slave_0): Releasing backup interface
[  164.991325][ T5774] bond0: (slave bond_slave_1): Releasing backup interface
[  165.075178][ T5728] XFS (loop1): Ending clean mount
[  165.114312][ T5728] XFS (loop1): Quotacheck needed: Please wait.
[  165.121346][ T5774] team0: Port device team_slave_0 removed
[  165.180917][ T5774] team0: Port device team_slave_1 removed
[  165.203929][ T5774] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  165.223206][ T5774] batman_adv: batadv0: Removing interface: batadv_slave_0
[  165.277251][ T5728] XFS (loop1): Quotacheck: Done.
[  165.287942][ T5774] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  165.324682][ T5774] batman_adv: batadv0: Removing interface: batadv_slave_1
[  165.348655][ T4187] XFS (loop1): Unmounting Filesystem
[  165.497015][ T5792] device syzkaller0 entered promiscuous mode
[  165.559902][  T154] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  165.601324][  T154] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  165.751737][ T4370] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  165.835043][ T1237] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  165.854884][ T1237] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  165.922502][ T4370] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  166.207181][ T5817] loop0: detected capacity change from 0 to 128
[  166.288175][ T4770] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  166.420882][ T5825] loop1: detected capacity change from 0 to 128
[  166.509132][ T5825] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  166.538342][ T4770] usb 5-1: Using ep0 maxpacket: 16
[  166.549447][ T5825] ext4 filesystem being mounted at /89/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  166.634007][ T5831] netlink: 8 bytes leftover after parsing attributes in process `syz.0.353'.
[  166.658615][ T4770] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  166.676463][ T5825] syz.1.352 (pid 5825) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[  166.685240][ T4770] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  166.725753][ T5825] EXT4-fs (loop1): shut down requested (1)
[  166.779487][ T5835] fscrypt (loop1, inode 12): Error -5 getting encryption context
[  166.828678][ T5825] fscrypt (loop1, inode 12): Error -5 getting encryption context
[  166.860391][ T5836] loop5: detected capacity change from 0 to 2048
[  166.889187][ T4770] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  166.912064][ T4770] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  166.943784][ T4770] usb 5-1: Product: syz
[  166.947999][ T4770] usb 5-1: Manufacturer: syz
[  166.955926][ T4770] usb 5-1: SerialNumber: syz
[  167.043001][   T26] audit: type=1326 audit(1762978771.426:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5844 comm="syz.3.356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f801f69c6c9 code=0x7ffc0000
[  167.102604][ T5836] EXT4-fs (loop5): mounted filesystem without journal. Opts: bsdgroups,jqfmt=vfsv1,,errors=continue. Quota mode: none.
[  167.117541][   T26] audit: type=1326 audit(1762978771.466:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5844 comm="syz.3.356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f801f69c6c9 code=0x7ffc0000
[  167.195010][   T26] audit: type=1326 audit(1762978771.466:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5844 comm="syz.3.356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f801f69c6c9 code=0x7ffc0000
[  167.228128][   T26] audit: type=1326 audit(1762978771.466:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5844 comm="syz.3.356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7f801f69c6c9 code=0x7ffc0000
[  167.288244][ T4770] usb 5-1: 0:2 : does not exist
[  167.365237][   T26] audit: type=1326 audit(1762978771.476:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5844 comm="syz.3.356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f801f69c6c9 code=0x7ffc0000
[  167.377613][ T4770] usb 5-1: USB disconnect, device number 7
[  167.497360][   T26] audit: type=1326 audit(1762978771.476:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5844 comm="syz.3.356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f801f69c6c9 code=0x7ffc0000
[  167.554676][   T26] audit: type=1326 audit(1762978771.476:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5844 comm="syz.3.356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f801f69c6c9 code=0x7ffc0000
[  167.651729][   T26] audit: type=1326 audit(1762978771.476:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5844 comm="syz.3.356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f801f69c6c9 code=0x7ffc0000
[  167.685815][ T4296] udevd[4296]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  167.758087][   T26] audit: type=1326 audit(1762978771.476:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5844 comm="syz.3.356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f801f69c6c9 code=0x7ffc0000
[  167.848197][   T26] audit: type=1326 audit(1762978771.476:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5844 comm="syz.3.356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f801f69c6c9 code=0x7ffc0000
[  167.898850][ T5871] netlink: 12 bytes leftover after parsing attributes in process `syz.4.361'.
[  167.976985][ T5871] 8021q: adding VLAN 0 to HW filter on device bond0
[  168.015543][ T5871] bond0: (slave rose0): Enslaving as an active interface with an up link
[  168.044718][ T1279] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[  168.215392][ T5877] netlink: 24 bytes leftover after parsing attributes in process `syz.4.363'.
[  168.472335][ T5885] VFS: Mount too revealing
[  169.458692][ T5906] kvm: pic: non byte write
[  169.463618][ T5906] kvm: pic: non byte write
[  169.518292][ T5906] kvm: pic: single mode not supported
[  169.518312][ T5906] kvm: pic: level sensitive irq not supported
[  169.535652][ T5906] kvm: pic: non byte write
[  169.577041][ T5906] kvm: pic: non byte write
[  169.587180][ T5906] kvm: pic: level sensitive irq not supported
[  169.587563][ T5906] kvm: pic: non byte write
[  169.624068][ T5906] kvm: pic: non byte write
[  169.718354][ T1111] usb 5-1: new full-speed USB device number 8 using dummy_hcd
[  171.018363][ T1111] usb 5-1: config 0 interface 0 altsetting 8 endpoint 0x81 has invalid wMaxPacketSize 0
[  171.039761][ T1111] usb 5-1: config 0 interface 0 has no altsetting 0
[  171.216501][ T1111] usb 5-1: New USB device found, idVendor=046d, idProduct=c71b, bcdDevice= 0.00
[  171.225761][ T1111] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  171.244444][ T1111] usb 5-1: config 0 descriptor??
[  173.163944][ T1111] usbhid 5-1:0.0: can't add hid device: -71
[  173.181505][ T5955] loop0: detected capacity change from 0 to 64
[  173.188541][ T1111] usbhid: probe of 5-1:0.0 failed with error -71
[  173.234774][ T1111] usb 5-1: USB disconnect, device number 8
[  173.313038][ T5955] BFS-fs: bfs_fill_super(): loop0 is unclean, continuing
[  173.645588][ T5967] 8021q: adding VLAN 0 to HW filter on device bond1
[  173.926544][ T5968] loop4: detected capacity change from 0 to 4096
[  174.121552][ T5988] loop5: detected capacity change from 0 to 128
[  174.327340][ T5992] attempt to access beyond end of device
[  174.327340][ T5992] loop5: rw=2049, want=393, limit=128
[  174.412423][ T5993] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  174.747358][ T5975] infiniband syz1: set active
[  174.832604][ T5975] infiniband syz1: added syz_tun
[  174.837329][ T6003] netlink: 'syz.5.389': attribute type 10 has an invalid length.
[  174.881287][ T6003] 8021q: adding VLAN 0 to HW filter on device team0
[  174.941107][ T6003] bond0: (slave team0): Enslaving as an active interface with an up link
[  175.223946][   T26] kauditd_printk_skb: 8 callbacks suppressed
[  175.223961][   T26] audit: type=1326 audit(1762978779.616:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6009 comm="syz.5.391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff0821866c9 code=0x7ffc0000
[  175.329949][ T5975] RDS/IB: syz1: added
[  175.345320][   T26] audit: type=1326 audit(1762978779.636:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6009 comm="syz.5.391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff0821866c9 code=0x7ffc0000
[  175.359389][ T5975] smc: adding ib device syz1 with port count 1
[  175.455906][   T26] audit: type=1326 audit(1762978779.646:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6009 comm="syz.5.391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7ff0821866c9 code=0x7ffc0000
[  175.476926][ T5975] smc:    ib device syz1 port 1 has pnetid 
[  175.553526][   T26] audit: type=1326 audit(1762978779.646:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6009 comm="syz.5.391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff0821866c9 code=0x7ffc0000
[  175.664004][   T26] audit: type=1326 audit(1762978779.646:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6009 comm="syz.5.391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff0821866c9 code=0x7ffc0000
[  175.783787][   T26] audit: type=1326 audit(1762978779.646:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6009 comm="syz.5.391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7ff0821866c9 code=0x7ffc0000
[  175.876328][   T26] audit: type=1326 audit(1762978779.646:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6009 comm="syz.5.391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff0821866c9 code=0x7ffc0000
[  176.003871][   T26] audit: type=1326 audit(1762978779.646:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6009 comm="syz.5.391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff0821866c9 code=0x7ffc0000
[  176.122112][   T26] audit: type=1326 audit(1762978779.646:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6009 comm="syz.5.391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff0821866c9 code=0x7ffc0000
[  176.672617][   T26] audit: type=1326 audit(1762978779.646:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6009 comm="syz.5.391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff0821866c9 code=0x7ffc0000
[  177.662745][ T5861] Set syz1 is full, maxelem 65536 reached
[  177.685790][ T6070] bridge0: port 3(wlan1) entered blocking state
[  177.719278][ T6070] bridge0: port 3(wlan1) entered disabled state
[  177.743030][ T6070] device wlan1 entered promiscuous mode
[  177.786673][ T6070] bridge0: port 3(wlan1) entered blocking state
[  177.793703][ T6070] bridge0: port 3(wlan1) entered forwarding state
[  177.891903][ T6079] netlink: 'syz.3.405': attribute type 1 has an invalid length.
[  177.929249][ T6079] netlink: 'syz.3.405': attribute type 4 has an invalid length.
[  177.965990][ T6079] netlink: 15294 bytes leftover after parsing attributes in process `syz.3.405'.
[  178.087548][ T6089] loop4: detected capacity change from 0 to 1024
[  178.201147][ T6089] EXT4-fs (loop4): test_dummy_encryption requires encrypt feature
[  178.453814][ T6099] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  178.484397][ T6099] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  178.676623][ T6073] loop1: detected capacity change from 0 to 512
[  178.688161][ T4773] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  178.696149][  T154] bridge0: port 3(wlan1) entered disabled state
[  178.853958][ T6073] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  178.882348][ T6073] ext4 filesystem being mounted at /92/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  178.968183][ T4773] usb 5-1: Using ep0 maxpacket: 16
[  179.055962][ T6121] 8021q: adding VLAN 0 to HW filter on device bond1
[  179.152755][ T6126] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  179.171755][ T4773] usb 5-1: unable to get BOS descriptor or descriptor too short
[  179.229001][ T6121] device bond_slave_0 entered promiscuous mode
[  179.235989][ T6121] device bond_slave_1 entered promiscuous mode
[  179.288443][ T4773] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  179.302653][ T6121] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  179.310448][ T4773] usb 5-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  179.321555][ T4773] usb 5-1: config 1 has no interface number 1
[  179.327739][ T4773] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x5 has an invalid bInterval 0, changing to 7
[  179.340205][ T6121] bond1: (slave macvlan2): making interface the new active one
[  179.366177][ T6121] bond1: (slave macvlan2): Enslaving as an active interface with an up link
[  179.395618][ T6134] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  179.421366][ T4359] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[  179.513561][ T4773] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  179.528128][ T4773] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  179.557516][ T4773] usb 5-1: Product: ช㘦鸚䭊敫倵嚀蓉㢩챵�瓌�霹燜⶜�但�楨굨෺ឈ抟ꂨ곥ﶡ谵�㹛膺′䵪┵ᄦ৴ﯕ茸워㋘
[  179.625234][ T4773] usb 5-1: Manufacturer: 孟檠믭�﷼畸䭋⩙莢㟄�ࣃ㔙ꊊ붔堓镀皒슉맒繆慬몬β튺ٜꦑ��巕ⴘ⠜�
[  181.066352][ T4773] usb 5-1: SerialNumber: 㩠�랔紀圙䶨迪䟊ᑦ�袶ﻜ�힓관驖�ᬾ⽣襵ⳮ䙈믄ʸ�统
[  181.358274][ T4773] usb 5-1: can't set config #1, error -71
[  181.379084][ T4773] usb 5-1: USB disconnect, device number 9
[  181.623170][ T1111] libceph: connect (1)[c::]:6789 error -101
[  181.630590][ T1111] libceph: mon0 (1)[c::]:6789 connect error
[  181.682336][ T6166] ceph: No mds server is up or the cluster is laggy
[  181.784605][ T6181] netlink: 'syz.0.423': attribute type 1 has an invalid length.
[  181.903418][ T6188] loop4: detected capacity change from 0 to 1024
[  181.951899][ T6184] 8021q: adding VLAN 0 to HW filter on device batadv1
[  182.094355][ T6184] bond1: (slave batadv1): making interface the new active one
[  182.188584][ T6184] bond1: (slave batadv1): Enslaving as an active interface with an up link
[  182.212934][ T6191] netlink: 4 bytes leftover after parsing attributes in process `syz.0.423'.
[  182.512962][ T6191] bond1 (unregistering): (slave batadv1): Releasing active interface
[  182.903773][ T6191] bond1 (unregistering): Released all slaves
[  183.518308][   T21] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  183.848179][   T21] usb 2-1: Using ep0 maxpacket: 32
[  184.388772][   T21] usb 2-1: config index 0 descriptor too short (expected 29220, got 36)
[  184.705016][   T21] usb 2-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  184.724244][   T21] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 81
[  184.742795][   T21] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  184.754281][   T21] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  184.772044][   T21] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  184.897436][   T21] usb 2-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  184.939101][   T21] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  184.995432][   T21] usb 2-1: config 0 descriptor??
[  185.395822][   T21] usblp 2-1:0.0: usblp0: USB Bidirectional printer dev 4 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  185.448257][   T21] usb 2-1: USB disconnect, device number 4
[  185.751957][   T21] usblp0: removed
[  186.250703][ T6276] kvm: pic: level sensitive irq not supported
[  186.250783][ T6276] kvm: pic: non byte read
[  186.261620][   T21] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  186.299436][ T6276] kvm: pic: level sensitive irq not supported
[  186.299509][ T6276] kvm: pic: non byte read
[  186.477600][ T6290] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  186.508163][   T21] usb 2-1: Using ep0 maxpacket: 32
[  186.688278][   T21] usb 2-1: config index 0 descriptor too short (expected 29220, got 36)
[  186.733182][   T21] usb 2-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  187.021476][   T21] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 81
[  187.278187][   T21] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  187.297677][   T21] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  187.308062][   T21] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  187.321405][   T21] usb 2-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  187.330898][   T21] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  187.342008][   T21] usb 2-1: config 0 descriptor??
[  187.410930][   T21] usb 2-1: can't set config #0, error -71
[  187.430821][ T6304] loop0: detected capacity change from 0 to 128
[  187.460373][   T21] usb 2-1: USB disconnect, device number 5
[  187.470610][   T26] kauditd_printk_skb: 35 callbacks suppressed
[  187.470627][   T26] audit: type=1326 audit(1762978791.856:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6298 comm="syz.3.455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f801f69c6c9 code=0x7ffc0000
[  187.538341][ T6304] EXT4-fs (loop0): Ignoring removed nobh option
[  187.632038][   T26] audit: type=1326 audit(1762978791.856:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6298 comm="syz.3.455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f801f69c6c9 code=0x7ffc0000
[  187.655798][   T26] audit: type=1326 audit(1762978791.886:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6298 comm="syz.3.455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7f801f69c6c9 code=0x7ffc0000
[  187.673471][ T6304] EXT4-fs (loop0): mounted filesystem without journal. Opts: nobh,usrjquota=,,errors=continue. Quota mode: none.
[  187.816744][   T26] audit: type=1326 audit(1762978791.896:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6298 comm="syz.3.455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f801f69c6c9 code=0x7ffc0000
[  187.915451][ T6304] ext4 filesystem being mounted at /105/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  188.414271][   T26] audit: type=1326 audit(1762978791.896:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6298 comm="syz.3.455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f801f69c6c9 code=0x7ffc0000
[  188.443305][ T4777] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  188.460584][   T26] audit: type=1326 audit(1762978791.896:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6298 comm="syz.3.455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f801f69c6c9 code=0x7ffc0000
[  188.498357][   T26] audit: type=1326 audit(1762978791.896:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6298 comm="syz.3.455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f801f69c6c9 code=0x7ffc0000
[  188.591282][   T26] audit: type=1326 audit(1762978791.896:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6298 comm="syz.3.455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f801f69c6c9 code=0x7ffc0000
[  188.678547][   T26] audit: type=1326 audit(1762978791.896:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6298 comm="syz.3.455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f801f69c6c9 code=0x7ffc0000
[  188.728699][   T26] audit: type=1326 audit(1762978791.896:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6298 comm="syz.3.455" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f801f69c6c9 code=0x7ffc0000
[  188.798258][ T4777] usb 6-1: Using ep0 maxpacket: 16
[  188.939737][ T4777] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  188.968393][ T4770] usb 1-1: new full-speed USB device number 5 using dummy_hcd
[  189.094402][ T6336] netlink: 12 bytes leftover after parsing attributes in process `syz.3.463'.
[  189.128429][ T4777] usb 6-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  189.158165][ T4777] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  189.166229][ T4777] usb 6-1: Product: syz
[  189.202160][ T4777] usb 6-1: Manufacturer: syz
[  189.206831][ T4777] usb 6-1: SerialNumber: syz
[  189.248067][ T4777] usb 6-1: config 0 descriptor??
[  189.320912][ T4777] em28xx 6-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  189.360949][ T4777] em28xx 6-1:0.0: DVB interface 0 found: bulk
[  189.372467][ T6355] loop1: detected capacity change from 0 to 512
[  189.418248][ T4770] usb 1-1: unable to read config index 0 descriptor/start: -61
[  189.437255][ T4770] usb 1-1: can't read configurations, error -61
[  189.519978][ T6355] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  189.538492][ T6355] ext4 filesystem being mounted at /103/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  189.609053][ T4770] usb 1-1: new full-speed USB device number 6 using dummy_hcd
[  189.904024][ T6355] EXT4-fs (loop1): re-mounted. Opts: (null). Quota mode: writeback.
[  189.968444][ T4777] em28xx 6-1:0.0: unknown em28xx chip ID (0)
[  190.089632][ T4770] usb 1-1: unable to read config index 0 descriptor/start: -61
[  190.098440][ T4770] usb 1-1: can't read configurations, error -61
[  190.105283][ T4770] usb usb1-port1: attempt power cycle
[  190.455359][ T6386] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  190.455359][ T6386] The task syz.4.474 (6386) triggered the difference, watch for misbehavior.
[  190.523347][ T6389] loop2: detected capacity change from 0 to 7
[  190.541121][ T4777] em28xx 6-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  190.582467][ T4768]  loop2:
[  190.585527][ T4768] loop2: partition table partially beyond EOD, truncated
[  190.598172][ T4777] em28xx 6-1:0.0: board has no eeprom
[  190.660750][ T6389]  loop2:
[  190.667147][ T6389] loop2: partition table partially beyond EOD, truncated
[  191.798292][ T6396] em28xx 6-1:0.0: writing to i2c device at 0x0 failed (error=-5)
[  191.828261][ T4777] em28xx 6-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  191.839151][ T4777] em28xx 6-1:0.0: dvb set to bulk mode.
[  191.846264][ T6405] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  191.879529][ T4771] em28xx 6-1:0.0: Binding DVB extension
[  191.909944][ T4777] usb 6-1: USB disconnect, device number 2
[  191.922874][ T4777] em28xx 6-1:0.0: Disconnecting em28xx
[  191.987738][ T6408] kvm: pic: level sensitive irq not supported
[  191.987828][ T6408] kvm: pic: non byte read
[  192.042365][ T6408] kvm: pic: level sensitive irq not supported
[  192.042439][ T6408] kvm: pic: non byte read
[  192.067550][ T4771] em28xx 6-1:0.0: Registering input extension
[  192.078495][ T6408] kvm: pic: level sensitive irq not supported
[  192.078567][ T6408] kvm: pic: non byte read
[  192.090431][ T4777] em28xx 6-1:0.0: Closing input extension
[  192.118489][ T6408] kvm: pic: level sensitive irq not supported
[  192.118554][ T6408] kvm: pic: non byte read
[  192.192298][ T6408] kvm: pic: level sensitive irq not supported
[  192.192369][ T6408] kvm: pic: non byte read
[  192.237677][ T4777] em28xx 6-1:0.0: Freeing device
[  192.715805][   T26] kauditd_printk_skb: 29 callbacks suppressed
[  192.715822][   T26] audit: type=1326 audit(1762978797.086:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6434 comm="syz.0.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f74eea576c9 code=0x7ffc0000
[  193.562125][   T26] audit: type=1326 audit(1762978797.126:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6434 comm="syz.0.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f74eea576c9 code=0x7ffc0000
[  193.590239][   T26] audit: type=1326 audit(1762978797.126:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6434 comm="syz.0.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f74eea576c9 code=0x7ffc0000
[  193.613205][   T26] audit: type=1326 audit(1762978797.126:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6434 comm="syz.0.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f74eea576c9 code=0x7ffc0000
[  193.636031][   T26] audit: type=1326 audit(1762978797.126:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6434 comm="syz.0.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f74eea576c9 code=0x7ffc0000
[  193.678141][   T26] audit: type=1326 audit(1762978797.126:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6434 comm="syz.0.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f74eea576c9 code=0x7ffc0000
[  193.776570][ T6445] loop5: detected capacity change from 0 to 16
[  193.809511][ T6447] netlink: 12 bytes leftover after parsing attributes in process `syz.0.492'.
[  193.819968][   T26] audit: type=1326 audit(1762978797.356:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6434 comm="syz.0.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f74eea576c9 code=0x7ffc0000
[  193.892222][   T26] audit: type=1326 audit(1762978797.366:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6434 comm="syz.0.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f74eea576c9 code=0x7ffc0000
[  193.921723][ T6445] cramfs: Error -3 while decompressing!
[  193.942062][ T6445] cramfs: ffffffff961ed0a8(27)->ffff888043845000(4096)
[  193.980508][ T6445] cramfs: Error -3 while decompressing!
[  194.020038][ T6445] cramfs: ffffffff961ed0c3(16)->ffff888043cf7000(4096)
[  194.048084][   T26] audit: type=1326 audit(1762978797.426:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6434 comm="syz.0.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f74eea576c9 code=0x7ffc0000
[  194.076876][ T6445] cramfs: Error -3 while decompressing!
[  194.093166][ T6445] cramfs: ffffffff961ed0a8(27)->ffff888043845000(4096)
[  194.121814][   T26] audit: type=1326 audit(1762978797.426:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6434 comm="syz.0.490" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f74eea576c9 code=0x7ffc0000
[  194.211418][ T6465] binder_alloc: 6464: pid 6464 spamming oneway? 1 buffers allocated for a total size of 4096
[  194.294954][ T1424] ieee802154 phy0 wpan0: encryption failed: -22
[  194.309359][ T1424] ieee802154 phy1 wpan1: encryption failed: -22
[  195.421150][ T6491] netlink: 24 bytes leftover after parsing attributes in process `syz.1.508'.
[  195.875987][ T6508] infiniband syz1: set active
[  196.032397][ T6508] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  196.055937][ T6508] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  196.065248][ T6508] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  196.618617][ T4977] Bluetooth: hci0: command 0x0406 tx timeout
[  196.624732][ T4977] Bluetooth: hci1: command 0x0406 tx timeout
[  196.720439][ T6520] netlink: 24 bytes leftover after parsing attributes in process `syz.4.516'.
[  196.751994][ T6508] netlink: 'syz.0.512': attribute type 10 has an invalid length.
[  196.796823][ T6508] 8021q: adding VLAN 0 to HW filter on device bond0
[  196.809664][ T6508] team0: Port device bond0 added
[  196.830973][ T6513] netlink: 4 bytes leftover after parsing attributes in process `syz.0.512'.
[  197.037048][ T6541] loop4: detected capacity change from 0 to 1024
[  197.206001][ T6541] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  198.769066][ T6537] loop5: detected capacity change from 0 to 32768
[  198.826581][ T6537] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 scanned by syz.5.518 (6537)
[  198.951292][ T6537] BTRFS info (device loop5): using sha256 (sha256-avx2) checksum algorithm
[  198.992093][ T6537] BTRFS info (device loop5): enabling auto defrag
[  199.037816][ T6537] BTRFS info (device loop5): turning on sync discard
[  199.079255][ T6537] BTRFS info (device loop5): force clearing of disk cache
[  199.112285][ T6537] BTRFS info (device loop5): using default commit interval 30s
[  199.138361][ T6537] BTRFS info (device loop5): max_inline at 0
[  199.168150][ T6537] BTRFS info (device loop5): disabling free space tree
[  199.175080][ T6537] BTRFS info (device loop5): has skinny extents
[  199.285210][ T6597] rdma_rxe: already configured on syz_tun
[  199.546017][ T6537] BTRFS info (device loop5): enabling ssd optimizations
[  199.558628][ T6537] BTRFS info (device loop5): clearing free space tree
[  199.565666][ T6537] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  199.568222][ T6618] netlink: 4 bytes leftover after parsing attributes in process `syz.1.532'.
[  199.578394][ T6537] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  199.664117][ T6625] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  199.715653][ T6625] 8021q: adding VLAN 0 to HW filter on device macvlan3
[  199.796967][ T6625] loop1: detected capacity change from 0 to 64
[  199.988507][ T6597] smc: ib device syz1 ibport 1 applied user defined pnetid SYZ0
[  202.584372][   T26] kauditd_printk_skb: 10 callbacks suppressed
[  202.584389][   T26] audit: type=1326 audit(1762978806.969:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6677 comm="syz.0.544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f74eea576c9 code=0x7ffc0000
[  202.629732][ T6675] netlink: 24 bytes leftover after parsing attributes in process `syz.3.543'.
[  202.716994][   T26] audit: type=1326 audit(1762978806.969:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6677 comm="syz.0.544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f74eea576c9 code=0x7ffc0000
[  202.799922][   T26] audit: type=1326 audit(1762978806.969:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6677 comm="syz.0.544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f74eea576c9 code=0x7ffc0000
[  202.874280][   T26] audit: type=1326 audit(1762978806.969:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6677 comm="syz.0.544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f74eea576c9 code=0x7ffc0000
[  202.946091][   T26] audit: type=1326 audit(1762978806.969:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6677 comm="syz.0.544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f74eea576c9 code=0x7ffc0000
[  203.007593][   T26] audit: type=1326 audit(1762978806.969:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6677 comm="syz.0.544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f74eea576c9 code=0x7ffc0000
[  203.580159][   T26] audit: type=1326 audit(1762978806.969:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6677 comm="syz.0.544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f74eea576c9 code=0x7ffc0000
[  203.879581][   T26] audit: type=1326 audit(1762978806.969:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6677 comm="syz.0.544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f74eea576c9 code=0x7ffc0000
[  203.925655][   T26] audit: type=1326 audit(1762978806.969:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6677 comm="syz.0.544" exe="/root/syz-executor" sig=0 arch=40000003 syscall=132 compat=1 ip=0x200000000006 code=0x7ffc0000
[  203.948234][   T26] audit: type=1326 audit(1762978806.969:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6677 comm="syz.0.544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f74eea576c9 code=0x7ffc0000
[  204.236197][ T6719] loop0: detected capacity change from 0 to 1024
[  204.395911][ T6722] 8021q: adding VLAN 0 to HW filter on device bond1
[  204.403155][ T6719] EXT4-fs (loop0): Ignoring removed orlov option
[  204.464139][ T6695] loop5: detected capacity change from 0 to 32768
[  204.577340][ T6724] device veth0 entered promiscuous mode
[  204.660143][ T6719] EXT4-fs (loop0): Ignoring removed nomblk_io_submit option
[  204.670202][ T6724] bond1: (slave macvlan2): making interface the new active one
[  204.932191][ T6724] bond1: (slave macvlan2): Enslaving as an active interface with an up link
[  205.165448][ T6719] EXT4-fs (loop0): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,errors=remount-ro,debug_want_extra_isize=0x0000000000000080,orlov,nolazytime,quota,nomblk_io_submit,. Quota mode: writeback.
[  205.277392][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[  205.285327][ T6695] JBD2: Ignoring recovery information on journal
[  205.486295][ T6695] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  205.806763][ T6744] loop0: detected capacity change from 0 to 2048
[  205.933667][ T6744] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  205.968278][ T5581] ocfs2: Unmounting device (7,5) on (node local)
[  207.313753][ T4771] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  208.472243][ T4771] usb 2-1: Using ep0 maxpacket: 32
[  208.587506][ T6796] SET target dimension over the limit!
[  208.595473][ T4771] usb 2-1: config 0 has no interfaces?
[  208.774822][ T4771] usb 2-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[  208.844395][ T4771] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  208.905914][ T6797] netlink: 12 bytes leftover after parsing attributes in process `syz.5.574'.
[  208.992111][ T4771] usb 2-1: Product: syz
[  209.061825][ T4771] usb 2-1: Manufacturer: syz
[  209.151161][ T4771] usb 2-1: SerialNumber: syz
[  209.367825][ T4771] usb 2-1: config 0 descriptor??
[  209.462670][ T6800] lo speed is unknown, defaulting to 1000
[  209.488739][ T6800] lo speed is unknown, defaulting to 1000
[  209.525223][ T6800] lo speed is unknown, defaulting to 1000
[  209.564164][ T6800] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  209.578510][ T6800] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  209.634215][ T6800] lo speed is unknown, defaulting to 1000
[  209.654291][ T6800] lo speed is unknown, defaulting to 1000
[  209.664361][ T6800] lo speed is unknown, defaulting to 1000
[  209.676471][ T6800] lo speed is unknown, defaulting to 1000
[  209.689088][   T21] usb 2-1: USB disconnect, device number 6
[  209.709554][ T6800] lo speed is unknown, defaulting to 1000
[  210.765546][ T6829] loop5: detected capacity change from 0 to 512
[  211.815679][ T6829] EXT4-fs (loop5): orphan cleanup on readonly fs
[  211.879986][ T6829] EXT4-fs error (device loop5): ext4_orphan_get:1427: comm syz.5.583: bad orphan inode 13
[  212.008734][ T6829] ext4_test_bit(bit=12, block=18) = 1
[  212.038734][ T6829] is_bad_inode(inode)=0
[  212.051521][ T6829] NEXT_ORPHAN(inode)=2130706432
[  212.056649][ T6829] max_ino=32
[  212.096541][ T6829] i_nlink=1
[  212.118357][ T6829] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  213.025851][ T6829] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended
[  213.123277][ T6829] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm syz.5.583: bg 0: block 248: padding at end of block bitmap is not set
[  213.155444][ T6829] __quota_error: 29 callbacks suppressed
[  213.155462][ T6829] Quota error (device loop5): write_blk: dquota write failed
[  213.183534][ T6866] netlink: 12 bytes leftover after parsing attributes in process `syz.4.592'.
[  213.203355][ T6829] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[  213.269509][ T6870] device bond2 entered promiscuous mode
[  213.294579][ T6829] EXT4-fs error (device loop5): ext4_acquire_dquot:6209: comm syz.5.583: Failed to acquire dquot type 1
[  213.370359][ T6866] device macvlan3 entered promiscuous mode
[  213.384228][ T6829] EXT4-fs warning (device loop5): ext4_enable_quotas:6461: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  213.406027][ T6866] 8021q: adding VLAN 0 to HW filter on device macvlan3
[  213.531191][ T6863] device bond2 left promiscuous mode
[  213.675976][ T6877] overlayfs: failed to clone upperpath
[  215.420958][ T6890] sched: RT throttling activated
[  216.184491][ T6909] loop5: detected capacity change from 0 to 512
[  216.250857][ T6909] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  216.335175][ T6886] loop1: detected capacity change from 0 to 32768
[  216.401938][ T6886] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.600 (6886)
[  216.434781][ T6886] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  216.473087][ T6886] BTRFS info (device loop1): use zlib compression, level 3
[  216.495710][ T6886] BTRFS info (device loop1): using free space tree
[  216.546718][ T6886] BTRFS info (device loop1): has skinny extents
[  217.307020][ T6886] BTRFS error (device loop1): open_ctree failed: -12
[  217.632491][ T6951] netlink: 'syz.3.620': attribute type 7 has an invalid length.
[  217.651446][ T6951] netlink: 'syz.3.620': attribute type 8 has an invalid length.
[  217.831758][ T6957] xt_CT: You must specify a L4 protocol and not use inversions on it
[  218.419128][ T6959] netlink: 'syz.1.618': attribute type 12 has an invalid length.
[  219.499644][ T6961] overlayfs: failed to get index nlink (file1/file0, err=-61)
[  219.922150][ T6971] netlink: 44 bytes leftover after parsing attributes in process `syz.3.626'.
[  219.936532][ T6971] bridge0: port 2(bridge_slave_1) entered disabled state
[  219.944023][ T6971] bridge0: port 1(bridge_slave_0) entered disabled state
[  219.965377][ T6969] device syzkaller1 entered promiscuous mode
[  220.088613][ T4315] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  220.116613][ T6977] bond1: option mode: unable to set because the bond device has slaves
[  220.154937][ T6977] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link
[  220.350112][ T4315] usb 5-1: Using ep0 maxpacket: 8
[  220.491087][ T4315] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  220.510641][ T4315] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  220.543523][ T4315] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  220.576169][ T4315] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  220.619386][ T4315] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  220.650399][ T4315] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  220.977397][ T4315] usb 5-1: GET_CAPABILITIES returned 0
[  220.983100][ T4315] usbtmc 5-1:16.0: can't read capabilities
[  221.263911][ T6974] loop1: detected capacity change from 0 to 32768
[  221.324919][ T6974] JFS: continuò is an invalid error handler
[  222.407070][   T26] audit: type=1326 audit(1762978826.655:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6994 comm="syz.1.634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f015298c6c9 code=0x7ffc0000
[  222.439219][   T26] audit: type=1326 audit(1762978826.655:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6994 comm="syz.1.634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f015298c6c9 code=0x7ffc0000
[  222.498682][   T26] audit: type=1326 audit(1762978826.665:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6994 comm="syz.1.634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f015298c6c9 code=0x7ffc0000
[  222.620883][   T26] audit: type=1326 audit(1762978826.665:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6994 comm="syz.1.634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f015298c6c9 code=0x7ffc0000
[  222.763883][   T26] audit: type=1326 audit(1762978826.665:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6994 comm="syz.1.634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f015298c6c9 code=0x7ffc0000
[  222.796806][   T26] audit: type=1326 audit(1762978826.665:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6994 comm="syz.1.634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7f015298c6c9 code=0x7ffc0000
[  222.822391][ T6997] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  223.564260][   T26] audit: type=1326 audit(1762978826.665:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6994 comm="syz.1.634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f015298c6c9 code=0x7ffc0000
[  223.592403][   T26] audit: type=1326 audit(1762978826.675:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6994 comm="syz.1.634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f015298c6c9 code=0x7ffc0000
[  223.626184][   T21] usb 5-1: USB disconnect, device number 10
[  223.676206][   T26] audit: type=1326 audit(1762978826.675:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6994 comm="syz.1.634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f015298c6c9 code=0x7ffc0000
[  223.703627][   T26] audit: type=1326 audit(1762978826.675:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6994 comm="syz.1.634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f015298c6c9 code=0x7ffc0000
[  225.305242][ T7026] loop5: detected capacity change from 0 to 128
[  225.370061][ T7026] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  225.487230][ T7026] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  225.568604][ T7033] capability: warning: `syz.3.647' uses deprecated v2 capabilities in a way that may be insecure
[  225.738925][ T5581] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  225.815867][ T5581] FAT-fs (loop5): Filesystem has been set read-only
[  225.892728][ T5581] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  227.332848][ T7053] loop4: detected capacity change from 0 to 256
[  227.419968][ T7053] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  227.952165][  T144] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  228.395130][ T4975] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  228.509721][  T144] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  228.554043][ T7066] sch_tbf: burst 274 is lower than device lo mtu (65550) !
[  228.577148][ T7070] loop0: detected capacity change from 0 to 128
[  228.602514][  T144] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  228.620946][ T7070] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  228.661768][ T7070] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  228.727245][  T144] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  228.812189][ T4975] usb 2-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  228.831881][ T4975] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  228.865270][ T4975] usb 2-1: config 0 descriptor??
[  229.024265][ T4183] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  229.095374][ T4183] FAT-fs (loop0): Filesystem has been set read-only
[  229.175568][ T4183] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  229.209627][ T4975] [drm] vendor descriptor length:6 data:06 5f 61 6e 00 00 00 00 00 00 00
[  229.223530][ T4975] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor
[  229.462322][ T4975] [drm] Initialized udl 0.0.1 20120220 for 2-1:0.0 on minor 2
[  229.469909][ T4975] [drm] Initialized udl on minor 2
[  229.621108][ T7074] rdma_rxe: ignoring netdev event = 10 for syz_tun
[  229.631194][ T7055] zonefs (nullb0) ERROR: Not a zoned block device
[  229.652045][ T7074] infiniband syz1: set down
[  229.875892][ T4977] infiniband syz1: ib_query_port failed (-19)
[  230.656936][ T4975] [drm:udl_get_edid_block] *ERROR* Read EDID byte 1 failed err ffffffb9
[  230.690228][ T7093] lo speed is unknown, defaulting to 1000
[  230.701174][ T4975] udl 2-1:0.0: [drm] Cannot find any crtc or sizes
[  230.740728][ T4370] smc: removing ib device syz1
[  230.748018][ T4977] [drm:udl_get_edid_block] *ERROR* Read EDID byte 0 failed err ffffffb9
[  230.809475][ T4975] usb 2-1: USB disconnect, device number 7
[  230.817711][ T4977] [drm:udl_get_edid_block] *ERROR* Read EDID byte 0 failed err ffffffb9
[  230.881933][ T4977] udl 2-1:0.0: [drm] Cannot find any crtc or sizes
[  231.501265][ T4975] Bluetooth: hci4: command 0x0409 tx timeout
[  231.532778][  T144] bridge0: port 3(wlan1) entered disabled state
[  231.614129][  T144] device wlan1 left promiscuous mode
[  231.640873][  T144] bridge0: port 3(wlan1) entered disabled state
[  231.716575][ T7129] netlink: 12 bytes leftover after parsing attributes in process `syz.1.673'.
[  231.998544][ T7093] chnl_net:caif_netlink_parms(): no params data found
[  232.189894][ T7143] loop1: detected capacity change from 0 to 256
[  232.408648][ T7143] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  232.498797][ T7093] bridge0: port 1(bridge_slave_0) entered blocking state
[  232.506457][ T7093] bridge0: port 1(bridge_slave_0) entered disabled state
[  232.558981][ T7093] device bridge_slave_0 entered promiscuous mode
[  232.599247][ T7093] bridge0: port 2(bridge_slave_1) entered blocking state
[  232.627277][ T7093] bridge0: port 2(bridge_slave_1) entered disabled state
[  232.667780][ T7093] device bridge_slave_1 entered promiscuous mode
[  232.830809][ T7093] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  232.897622][ T7093] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  233.049714][ T7093] team0: Port device team_slave_0 added
[  233.110307][ T7093] team0: Port device team_slave_1 added
[  233.309457][ T7093] batman_adv: batadv0: Adding interface: batadv_slave_0
[  233.330968][ T7093] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  233.379688][ T7093] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  233.458906][ T7093] batman_adv: batadv0: Adding interface: batadv_slave_1
[  233.480919][ T7093] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  233.557323][ T7093] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  233.666164][ T4975] Bluetooth: hci4: command 0x041b tx timeout
[  233.682940][  T144] device hsr_slave_0 left promiscuous mode
[  233.703786][  T144] device hsr_slave_1 left promiscuous mode
[  233.742432][  T144] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  233.749934][  T144] batman_adv: batadv0: Removing interface: batadv_slave_0
[  233.801104][  T144] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  233.832538][  T144] batman_adv: batadv0: Removing interface: batadv_slave_1
[  233.893570][  T144] device bridge_slave_1 left promiscuous mode
[  233.899873][  T144] bridge0: port 2(bridge_slave_1) entered disabled state
[  233.947176][  T144] device bridge_slave_0 left promiscuous mode
[  233.974155][  T144] bridge0: port 1(bridge_slave_0) entered disabled state
[  234.042036][   T26] kauditd_printk_skb: 11 callbacks suppressed
[  234.042052][   T26] audit: type=1326 audit(1762978838.233:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7174 comm="syz.1.681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f015298c6c9 code=0x7ffc0000
[  234.074237][  T144] device veth1_macvtap left promiscuous mode
[  234.080371][  T144] device veth0_macvtap left promiscuous mode
[  234.117326][  T144] device veth1_vlan left promiscuous mode
[  234.123201][  T144] device veth0_vlan left promiscuous mode
[  234.159968][   T26] audit: type=1326 audit(1762978838.233:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7174 comm="syz.1.681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f015298c6c9 code=0x7ffc0000
[  234.256230][   T26] audit: type=1326 audit(1762978838.233:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7174 comm="syz.1.681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f015298c6c9 code=0x7ffc0000
[  234.325651][   T26] audit: type=1326 audit(1762978838.233:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7174 comm="syz.1.681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7f015298c6c9 code=0x7ffc0000
[  234.394249][   T26] audit: type=1326 audit(1762978838.243:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7174 comm="syz.1.681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f015298c6c9 code=0x7ffc0000
[  234.449849][   T26] audit: type=1326 audit(1762978838.243:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7174 comm="syz.1.681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f015298c6c9 code=0x7ffc0000
[  234.501689][   T26] audit: type=1326 audit(1762978838.243:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7174 comm="syz.1.681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f015298c6c9 code=0x7ffc0000
[  234.536897][   T26] audit: type=1326 audit(1762978838.243:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7174 comm="syz.1.681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f015298c6c9 code=0x7ffc0000
[  234.606029][ T7188] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=3897524436 (7795048872 ns) > initial count (2759807172 ns). Using initial count to start timer.
[  234.634180][  T144] bond1 (unregistering): Released all slaves
[  234.683172][ T7196] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=3996681224 (15986724896 ns) > initial count (3709615788 ns). Using initial count to start timer.
[  234.687728][   T26] audit: type=1326 audit(1762978838.243:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7174 comm="syz.1.681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f015298c6c9 code=0x7ffc0000
[  234.782330][   T26] audit: type=1326 audit(1762978838.243:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7174 comm="syz.1.681" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f015298c6c9 code=0x7ffc0000
[  234.925327][  T144] team0 (unregistering): Port device team_slave_1 removed
[  234.959032][  T144] team0 (unregistering): Port device team_slave_0 removed
[  234.980637][  T144] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  235.023911][  T144] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  235.198244][  T144] bond0 (unregistering): (slave team0): Releasing backup interface
[  235.199784][ T7205] loop1: detected capacity change from 0 to 512
[  235.246703][  T144] bond0 (unregistering): Released all slaves
[  235.297967][ T7205] EXT4-fs (loop1): Test dummy encryption mode enabled
[  235.340061][ T7205] EXT4-fs (loop1): warning: mounting unchecked fs, running e2fsck is recommended
[  235.365460][ T7205] EXT4-fs (loop1): Errors on filesystem, clearing orphan list.
[  235.373446][ T7205] EXT4-fs (loop1): mounted filesystem without journal. Opts: jqfmt=vfsold,errors=continue,delalloc,prjquota,usrquota,resuid=0x000000000000ee00,usrjquota=min_batch_time=0x00000000fffffffc,nodiscard,test_dummy_encryption,,errors=continue. Quota mode: writeback.
[  235.425230][ T7093] device hsr_slave_0 entered promiscuous mode
[  235.461016][ T7093] device hsr_slave_1 entered promiscuous mode
[  235.553024][ T7205] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1147: group 0, block bitmap and bg descriptor inconsistent: 212 vs 220 free clusters
[  235.584202][ T7205] EXT4-fs error (device loop1): ext4_add_entry:2486: inode #2: comm syz.1.689: Directory hole found for htree leaf block 0
[  235.589722][ T7186] lo speed is unknown, defaulting to 1000
[  235.616992][ T7205] EXT4-fs (loop1): Unrecognized mount option "./file0/../file0" or missing value
[  235.776811][ T1111] Bluetooth: hci4: command 0x040f tx timeout
[  236.093708][ T7221] netlink: 168 bytes leftover after parsing attributes in process `syz.3.692'.
[  236.190006][ T7093] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  236.242401][ T7093] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  236.327823][ T7186] chnl_net:caif_netlink_parms(): no params data found
[  236.351544][ T7093] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  236.380209][ T7093] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  236.658211][ T4315] Bluetooth: hci0: command 0x0409 tx timeout
[  236.771470][ T7186] bridge0: port 1(bridge_slave_0) entered blocking state
[  236.803372][ T7186] bridge0: port 1(bridge_slave_0) entered disabled state
[  236.830538][ T7186] device bridge_slave_0 entered promiscuous mode
[  236.859632][ T7186] bridge0: port 2(bridge_slave_1) entered blocking state
[  236.874646][ T7186] bridge0: port 2(bridge_slave_1) entered disabled state
[  236.894826][ T7186] device bridge_slave_1 entered promiscuous mode
[  237.011980][ T7186] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  237.053598][ T7186] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  237.116912][ T7093] 8021q: adding VLAN 0 to HW filter on device bond0
[  237.296229][ T7186] team0: Port device team_slave_0 added
[  237.334300][ T7186] team0: Port device team_slave_1 added
[  237.498027][ T7186] batman_adv: batadv0: Adding interface: batadv_slave_0
[  237.536180][ T7186] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  237.607006][ T7186] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  237.647204][ T7265] team0: Device gtp0 is of different type
[  237.695391][ T7186] batman_adv: batadv0: Adding interface: batadv_slave_1
[  237.710761][ T7186] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  237.798399][ T7186] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  237.835912][ T7093] 8021q: adding VLAN 0 to HW filter on device team0
[  237.851353][ T4975] Bluetooth: hci4: command 0x0419 tx timeout
[  237.893288][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  237.919346][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  238.014367][ T4359] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  238.042835][ T4359] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  238.061821][ T4359] bridge0: port 1(bridge_slave_0) entered blocking state
[  238.069016][ T4359] bridge0: port 1(bridge_slave_0) entered forwarding state
[  238.098253][ T4359] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  238.141055][ T7186] device hsr_slave_0 entered promiscuous mode
[  238.163782][ T7186] device hsr_slave_1 entered promiscuous mode
[  238.174779][ T7186] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  238.210728][ T7186] Cannot create hsr debugfs directory
[  238.382129][ T4359] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  238.400907][ T4359] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  238.428609][ T4359] bridge0: port 2(bridge_slave_1) entered blocking state
[  238.435792][ T4359] bridge0: port 2(bridge_slave_1) entered forwarding state
[  238.447194][ T4359] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  238.469293][ T4359] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  238.485626][ T4359] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  239.187615][   T21] Bluetooth: hci0: command 0x041b tx timeout
[  239.218767][ T4359] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  239.343998][ T4359] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  239.360478][ T7284] loop4: detected capacity change from 0 to 128
[  239.397176][ T4359] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  239.429456][ T4359] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  239.461286][ T4359] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  239.489920][ T4359] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  239.500340][ T7288] loop1: detected capacity change from 0 to 512
[  239.543455][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  239.569952][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  239.585355][ T7288] EXT4-fs (loop1): inline encryption not supported
[  239.636415][ T7093] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  239.645630][ T7288] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2
[  239.670770][ T7288] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.704: invalid indirect mapped block 2683928664 (level 1)
[  239.724327][ T7293] netlink: 'syz.3.705': attribute type 13 has an invalid length.
[  239.740651][ T7288] EXT4-fs (loop1): 1 truncate cleaned up
[  239.746410][ T7288] EXT4-fs (loop1): mounted filesystem without journal. Opts: noblock_validity,dioread_lock,init_itable=0x0000000000000b8f,nodiscard,inlinecrypt,usrjquota=.sb=0x0000000000000007,nodiscard,jqfmt=vfsv0,noload,debug_want_extra_isize=0x0000000000000006,noload,,,errors=continue. Quota mode: writeback.
[  239.953712][ T7288] EXT4-fs (loop1): shut down requested (1)
[  240.455277][ T7311] loop1: detected capacity change from 0 to 8
[  240.513615][ T7311] unable to read id index table
[  241.226457][ T4399] Bluetooth: hci0: command 0x040f tx timeout
[  241.274489][ T7293] device bond_slave_0 left promiscuous mode
[  241.302691][ T7293] device bond_slave_1 left promiscuous mode
[  241.627520][ T7293] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  241.681004][ T7293] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  241.791350][ T7293] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  241.801481][ T7293] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  241.811236][ T7293] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  241.822050][ T7293] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  242.078976][ T4777] lo speed is unknown, defaulting to 1000
[  242.118461][ T7323] loop1: detected capacity change from 0 to 64
[  242.247117][ T7323] hfs: get root inode failed
[  242.307929][ T7186] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  242.326540][ T7186] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  242.366513][ T7186] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  242.429900][ T7186] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  242.470294][ T1279] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  242.480285][ T1279] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  242.545888][ T7093] 8021q: adding VLAN 0 to HW filter on device batadv0
[  242.775324][ T7186] 8021q: adding VLAN 0 to HW filter on device bond0
[  242.822479][ T1237] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  242.847308][ T1237] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  242.889842][ T7186] 8021q: adding VLAN 0 to HW filter on device team0
[  242.947819][ T1237] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  242.978130][ T1237] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  243.054718][ T1237] bridge0: port 1(bridge_slave_0) entered blocking state
[  243.061940][ T1237] bridge0: port 1(bridge_slave_0) entered forwarding state
[  243.087829][ T1237] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  243.135439][ T1237] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  243.144143][ T1237] bridge0: port 2(bridge_slave_1) entered blocking state
[  243.151492][ T1237] bridge0: port 2(bridge_slave_1) entered forwarding state
[  243.206406][ T1237] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  243.315302][  T144] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  243.326139][ T4190] Bluetooth: hci0: command 0x0419 tx timeout
[  243.405663][ T4261] usb 2-1: new full-speed USB device number 8 using dummy_hcd
[  244.104962][ T7186] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  244.134781][ T7186] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  244.151729][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  244.168437][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  244.184010][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  244.196075][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  244.207574][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  244.225089][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  244.236464][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  244.251511][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  244.266630][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  244.277683][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  244.303595][  T144] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  244.395614][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  244.414534][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  244.436302][  T144] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  244.450142][ T4261] usb 2-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config
[  244.505321][ T1279] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  244.519275][ T1279] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  244.534731][ T7364] lo speed is unknown, defaulting to 1000
[  244.549440][  T144] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  244.565862][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  244.575057][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  244.586793][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  244.594924][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  244.606870][ T7093] device veth0_vlan entered promiscuous mode
[  244.635703][ T1237] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  244.644046][ T1237] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  244.656196][ T7093] device veth1_vlan entered promiscuous mode
[  244.665493][ T4261] usb 2-1: New USB device found, idVendor=7a69, idProduct=0001, bcdDevice=a8.6b
[  244.669472][ T7186] 8021q: adding VLAN 0 to HW filter on device batadv0
[  244.685783][ T4261] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  244.700944][ T4261] usb 2-1: Product: syz
[  244.732843][ T4261] usb 2-1: Manufacturer: syz
[  244.737618][ T4261] usb 2-1: SerialNumber: syz
[  244.782810][ T7093] device veth0_macvtap entered promiscuous mode
[  244.802654][ T1279] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  244.812403][ T1279] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  244.821097][ T1279] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  244.830685][ T1279] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  244.843603][ T4261] usb 2-1: dvb_usb_v2: found a '774 Friio White ISDB-T USB2.0' in warm state
[  244.888437][ T7093] device veth1_macvtap entered promiscuous mode
[  244.908078][ T1279] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  244.922289][ T1279] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  244.966158][  T144] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  245.025892][ T7093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  245.045513][ T7093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  245.069173][ T7093] batman_adv: batadv0: Interface activated: batadv_slave_0
[  245.112297][  T144] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  245.139277][ T1279] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  245.157114][ T1279] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  245.175971][ T7093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  245.196102][ T7093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  245.223848][ T7093] batman_adv: batadv0: Interface activated: batadv_slave_1
[  245.239490][ T7093] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  245.253081][ T7093] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  245.261837][ T7093] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  245.271117][ T7093] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  245.281910][ T4370] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  245.294507][ T7354] udc-core: couldn't find an available UDC or it's busy
[  245.302310][ T4370] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  245.312509][ T7354] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  245.332739][  T144] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  245.347637][ T4261] usb 2-1: dvb_usb_v2: this USB2.0 device cannot be run on a USB1.1 port (it lacks a hardware PID filter)
[  245.421584][ T4261] usb 2-1: USB disconnect, device number 8
[  245.436563][  T144] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  245.465433][ T7364] chnl_net:caif_netlink_parms(): no params data found
[  245.476225][ T4370] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  245.487119][ T4370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  245.579884][ T1279] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  245.594079][ T1279] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  245.644812][ T1279] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  245.655493][ T1279] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  245.698207][ T7186] device veth0_vlan entered promiscuous mode
[  245.742727][ T1237] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  245.751600][ T1237] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  245.762526][ T7186] device veth1_vlan entered promiscuous mode
[  245.846715][ T4370] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  245.858996][ T4370] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  245.874899][ T4370] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  245.906448][ T5605] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  245.914980][ T5605] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  245.939092][ T7364] bridge0: port 1(bridge_slave_0) entered blocking state
[  245.963551][ T7364] bridge0: port 1(bridge_slave_0) entered disabled state
[  246.082145][ T7364] device bridge_slave_0 entered promiscuous mode
[  246.118068][ T7364] bridge0: port 2(bridge_slave_1) entered blocking state
[  246.157796][ T7364] bridge0: port 2(bridge_slave_1) entered disabled state
[  246.166087][ T7364] device bridge_slave_1 entered promiscuous mode
[  246.182577][ T7186] device veth0_macvtap entered promiscuous mode
[  246.194310][ T7186] device veth1_macvtap entered promiscuous mode
[  246.203154][ T1237] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  246.227912][ T1237] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  246.396053][ T1237] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  246.449623][ T4190] Bluetooth: hci2: command 0x0409 tx timeout
[  246.595491][ T1237] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  246.785473][ T1237] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  247.180550][  T144] tipc: Left network mode
[  248.146196][ T7186] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  248.164677][ T7186] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  248.207360][ T7186] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  248.243689][ T7186] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  248.256139][ T7186] batman_adv: batadv0: Interface activated: batadv_slave_0
[  248.272062][ T4359] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  248.324444][ T4359] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  248.496349][ T7364] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  248.529862][ T7186] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  248.541744][ T4975] Bluetooth: hci2: command 0x041b tx timeout
[  248.592136][ T7186] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  248.606275][ T7186] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  248.626308][ T7186] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  248.649292][ T7186] batman_adv: batadv0: Interface activated: batadv_slave_1
[  248.667247][ T4359] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  248.685962][ T4359] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  248.718625][ T7364] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  248.777291][ T4773] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  248.791921][ T7186] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  248.812360][ T7186] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  248.827109][ T7186] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  248.844760][ T7186] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  249.001210][ T7364] team0: Port device team_slave_0 added
[  249.021706][ T7364] team0: Port device team_slave_1 added
[  249.160352][ T4773] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  249.191793][ T4773] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  249.213324][ T7364] batman_adv: batadv0: Adding interface: batadv_slave_0
[  249.220762][ T4773] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  249.222508][ T7364] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  249.261447][ T4773] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  249.335093][ T7364] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  249.359380][ T4773] usb 2-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  249.368687][ T4773] usb 2-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  249.395932][ T7364] batman_adv: batadv0: Adding interface: batadv_slave_1
[  249.413464][ T4773] usb 2-1: Manufacturer: syz
[  249.419062][ T7364] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  249.459553][ T4773] usb 2-1: config 0 descriptor??
[  249.488294][ T7364] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  249.780497][ T7364] device hsr_slave_0 entered promiscuous mode
[  249.811230][ T7364] device hsr_slave_1 entered promiscuous mode
[  249.834137][ T7364] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  249.865302][ T7364] Cannot create hsr debugfs directory
[  249.875086][ T5605] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  249.900154][ T5605] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  249.953200][ T4773] appleir 0003:05AC:8243.0003: unknown main item tag 0x0
[  249.960883][ T4773] appleir 0003:05AC:8243.0003: No inputs registered, leaving
[  250.013186][ T4773] appleir 0003:05AC:8243.0003: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0
[  250.130024][ T1237] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  250.173521][ T4370] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  250.181969][ T4370] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  250.287739][ T4370] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  250.634186][ T4975] Bluetooth: hci2: command 0x040f tx timeout
[  250.674993][ T7364] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  250.714775][ T7364] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  250.795599][ T7364] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  250.821976][ T7364] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  250.849016][ T7457] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3821099475 (7642198950 ns) > initial count (2842047336 ns). Using initial count to start timer.
[  250.940670][ T7460] kvm: pic: single mode not supported
[  250.940688][ T7460] kvm: pic: level sensitive irq not supported
[  250.966441][ T7460] kvm: pic: non byte read
[  251.034576][ T7460] kvm: pic: level sensitive irq not supported
[  251.034652][ T7460] kvm: pic: non byte read
[  251.117813][ T7460] kvm: pic: single mode not supported
[  251.117833][ T7460] kvm: pic: level sensitive irq not supported
[  251.131052][ T7460] kvm: pic: non byte read
[  251.171922][ T7364] 8021q: adding VLAN 0 to HW filter on device bond0
[  251.204592][ T7460] kvm: pic: non byte read
[  251.220883][ T5605] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  251.233465][ T7460] kvm: pic: single mode not supported
[  251.233541][ T7460] kvm: pic: non byte read
[  251.235207][ T5605] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  251.269548][ T7460] kvm: pic: non byte read
[  251.284127][ T7460] kvm: pic: single mode not supported
[  251.284202][ T7460] kvm: pic: non byte read
[  251.320104][ T7364] 8021q: adding VLAN 0 to HW filter on device team0
[  251.351998][ T7460] kvm: pic: non byte read
[  251.358948][ T7460] kvm: pic: level sensitive irq not supported
[  251.359002][ T7460] kvm: pic: non byte read
[  251.370911][  T144] device hsr_slave_0 left promiscuous mode
[  251.379891][  T144] device hsr_slave_1 left promiscuous mode
[  251.388512][  T144] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  251.408906][  T144] batman_adv: batadv0: Removing interface: batadv_slave_0
[  251.445700][  T144] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  251.466462][  T144] batman_adv: batadv0: Removing interface: batadv_slave_1
[  251.524970][  T144] device bridge_slave_1 left promiscuous mode
[  251.544565][  T144] bridge0: port 2(bridge_slave_1) entered disabled state
[  251.579747][  T144] device bridge_slave_0 left promiscuous mode
[  251.620636][  T144] bridge0: port 1(bridge_slave_0) entered disabled state
[  251.683512][  T144] device hsr_slave_0 left promiscuous mode
[  251.728421][  T144] device hsr_slave_1 left promiscuous mode
[  251.974739][  T144] device veth0 left promiscuous mode
[  252.780292][ T4973] Bluetooth: hci2: command 0x0419 tx timeout
[  252.791452][  T144] device veth1_macvtap left promiscuous mode
[  252.853467][  T144] device veth0_macvtap left promiscuous mode
[  252.859545][  T144] device veth1_vlan left promiscuous mode
[  252.952883][  T144] device veth0_vlan left promiscuous mode
[  253.083830][  T144] device veth1_macvtap left promiscuous mode
[  253.089883][  T144] device veth0_macvtap left promiscuous mode
[  253.115739][ T7493] loop1: detected capacity change from 0 to 256
[  253.146339][  T144] device veth1_vlan left promiscuous mode
[  253.152188][  T144] device veth0_vlan left promiscuous mode
[  253.161918][ T4190] usb 2-1: USB disconnect, device number 9
[  253.245190][ T7493] exFAT-fs (loop1): bogus allocation bitmap size(need : 2, cur : 256)
[  253.333160][ T7493] exFAT-fs (loop1): failed to load alloc-bitmap
[  253.366885][ T7493] exFAT-fs (loop1): failed to recognize exfat type
[  253.709579][ T7504] netlink: 8 bytes leftover after parsing attributes in process `syz.6.734'.
[  253.765709][ T7504] netlink: 8 bytes leftover after parsing attributes in process `syz.6.734'.
[  255.308457][  T144] bond2 (unregistering): Released all slaves
[  255.327548][  T144] bond1 (unregistering): (slave macvlan2): Releasing active interface
[  255.372229][  T144] bond1 (unregistering): Released all slaves
[  255.847131][  T144] team0 (unregistering): Port device team_slave_1 removed
[  255.868497][  T144] team0 (unregistering): Port device team_slave_0 removed
[  255.929111][  T144] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  255.988636][  T144] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  256.013710][ T1424] ieee802154 phy0 wpan0: encryption failed: -22
[  256.020078][ T1424] ieee802154 phy1 wpan1: encryption failed: -22
[  256.211848][  T144] bond0 (unregistering): Released all slaves
[  256.710485][  T144] team0 (unregistering): Port device bond0 removed
[  256.774143][  T144] bond0 (unregistering): Released all slaves
[  256.871901][ T4370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  256.881588][ T4370] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  256.890343][ T4370] bridge0: port 1(bridge_slave_0) entered blocking state
[  256.897497][ T4370] bridge0: port 1(bridge_slave_0) entered forwarding state
[  256.905699][ T4370] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  256.915365][ T4370] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  256.924435][ T4370] bridge0: port 2(bridge_slave_1) entered blocking state
[  256.931598][ T4370] bridge0: port 2(bridge_slave_1) entered forwarding state
[  256.939977][ T4370] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  256.990254][ T4359] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  257.055117][ T4359] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  257.097952][ T4359] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  257.164268][ T4359] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  257.211164][ T4359] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  257.226558][ T4359] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  257.236147][ T4359] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  257.258541][ T7520] netlink: 24 bytes leftover after parsing attributes in process `syz.3.748'.
[  257.285263][ T7524] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3821099475 (7642198950 ns) > initial count (2842047336 ns). Using initial count to start timer.
[  257.319149][ T7524] kvm: pic: single mode not supported
[  257.319170][ T7524] kvm: pic: level sensitive irq not supported
[  257.325123][ T7524] kvm: pic: non byte read
[  257.343871][ T7364] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  257.374281][ T7524] kvm: pic: level sensitive irq not supported
[  257.374357][ T7524] kvm: pic: non byte read
[  257.394951][ T7364] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  257.416932][ T7524] kvm: pic: single mode not supported
[  257.416956][ T7524] kvm: pic: level sensitive irq not supported
[  257.430793][ T1279] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  257.445208][ T7524] kvm: pic: non byte read
[  257.465163][ T7524] kvm: pic: non byte read
[  257.930225][ T7524] kvm: pic: single mode not supported
[  257.930326][ T7524] kvm: pic: non byte read
[  258.024061][ T1279] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  258.357431][ T4973] Bluetooth: hci3: command 0x0406 tx timeout
[  258.409205][ T1279] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  258.468127][ T1279] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  258.477833][ T1279] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  258.717715][ T7549] kvm: pic: non byte write
[  258.730852][ T7549] kvm: pic: non byte write
[  258.736405][ T7549] kvm: pic: single mode not supported
[  258.736425][ T7549] kvm: pic: level sensitive irq not supported
[  258.742470][ T7549] kvm: pic: non byte write
[  258.763324][ T7549] kvm: pic: non byte write
[  258.768153][ T7549] kvm: pic: level sensitive irq not supported
[  258.768530][ T7549] kvm: pic: non byte write
[  258.826636][ T7549] kvm: pic: non byte write
[  259.806951][ T7565] loop6: detected capacity change from 0 to 128
[  260.194344][ T7565] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  260.335105][ T7565] ext4 filesystem being mounted at /4/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  260.725414][ T7364] 8021q: adding VLAN 0 to HW filter on device batadv0
[  260.778195][ T7565] EXT4-fs (loop6): shut down requested (1)
[  260.792394][ T4370] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  260.812964][ T4370] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  260.829524][ T7565] fscrypt (loop6, inode 12): Error -5 getting encryption context
[  260.848579][ T7565] fscrypt (loop6, inode 12): Error -5 getting encryption context
[  261.192711][   T26] kauditd_printk_skb: 9 callbacks suppressed
[  261.192727][   T26] audit: type=1326 audit(1762978865.277:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7587 comm="syz.6.751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb62cd606c9 code=0x7ffc0000
[  261.300656][   T26] audit: type=1326 audit(1762978865.277:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7587 comm="syz.6.751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb62cd606c9 code=0x7ffc0000
[  261.420801][   T26] audit: type=1326 audit(1762978865.277:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7587 comm="syz.6.751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7fb62cd606c9 code=0x7ffc0000
[  261.509560][   T26] audit: type=1326 audit(1762978865.277:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7587 comm="syz.6.751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb62cd606c9 code=0x7ffc0000
[  261.570492][   T26] audit: type=1326 audit(1762978865.277:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7587 comm="syz.6.751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb62cd606c9 code=0x7ffc0000
[  261.698947][   T26] audit: type=1326 audit(1762978865.277:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7587 comm="syz.6.751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7fb62cd606c9 code=0x7ffc0000
[  261.711797][  T404] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  261.800171][   T26] audit: type=1326 audit(1762978865.307:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7587 comm="syz.6.751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb62cd606c9 code=0x7ffc0000
[  261.812032][  T404] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  261.882227][   T26] audit: type=1326 audit(1762978865.307:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7587 comm="syz.6.751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb62cd606c9 code=0x7ffc0000
[  261.904500][ T7364] device veth0_vlan entered promiscuous mode
[  261.932531][ T4370] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  261.941616][ T4370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  261.987776][ T7364] device veth1_vlan entered promiscuous mode
[  262.002657][   T26] audit: type=1326 audit(1762978865.307:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7587 comm="syz.6.751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb62cd606c9 code=0x7ffc0000
[  262.015955][ T4370] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  262.044579][ T4370] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  262.084031][   T26] audit: type=1326 audit(1762978865.307:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7587 comm="syz.6.751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb62cd606c9 code=0x7ffc0000
[  262.151662][ T4370] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  262.163594][ T7613] loop6: detected capacity change from 0 to 8192
[  262.181250][ T4370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  262.226574][ T7364] device veth0_macvtap entered promiscuous mode
[  262.238489][ T7613] FAT-fs (loop6): bogus number of directory entries (9)
[  262.291415][ T7613] FAT-fs (loop6): Can't find a valid FAT filesystem
[  262.306810][ T7364] device veth1_macvtap entered promiscuous mode
[  262.367837][ T7364] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  262.393408][ T7364] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  262.430858][ T7364] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  262.453955][ T7364] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  262.491134][ T7364] batman_adv: batadv0: Interface activated: batadv_slave_0
[  262.530976][ T1279] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  262.540042][ T1279] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  262.571027][ T1279] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  262.600070][ T1279] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  262.656834][ T7364] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  262.671992][ T7364] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  262.682555][ T7364] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  262.693288][ T7364] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  262.738139][ T7364] batman_adv: batadv0: Interface activated: batadv_slave_1
[  262.756664][ T5605] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  262.766881][ T5605] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  262.779396][ T7364] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  262.790017][ T7364] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  262.799658][ T7364] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  262.819277][ T7364] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  263.009700][ T5605] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  263.041405][ T5605] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  263.063009][ T1279] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  263.083110][ T5605] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  263.111088][ T5605] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  263.135555][ T5605] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  263.388213][ T7646] loop8: detected capacity change from 0 to 512
[  263.897545][ T7646] EXT4-fs (loop8): Test dummy encryption mode enabled
[  264.332143][ T7646] EXT4-fs (loop8): warning: mounting unchecked fs, running e2fsck is recommended
[  264.403088][ T7646] EXT4-fs (loop8): Errors on filesystem, clearing orphan list.
[  264.420485][ T7646] EXT4-fs (loop8): mounted filesystem without journal. Opts: jqfmt=vfsold,errors=continue,delalloc,prjquota,usrquota,resuid=0x000000000000ee00,usrjquota=min_batch_time=0x00000000fffffffc,nodiscard,test_dummy_encryption,,errors=continue. Quota mode: writeback.
[  264.481135][ T7646] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1147: group 0, block bitmap and bg descriptor inconsistent: 212 vs 220 free clusters
[  264.499277][ T7646] EXT4-fs error (device loop8): ext4_add_entry:2486: inode #2: comm syz.8.714: Directory hole found for htree leaf block 0
[  264.534973][ T7646] EXT4-fs (loop8): Unrecognized mount option "./file0/../file0" or missing value
[  264.557734][ T7648] loop1: detected capacity change from 0 to 8192
[  273.618712][   T26] kauditd_printk_skb: 13 callbacks suppressed
[  273.618729][   T26] audit: type=1326 audit(1762978877.671:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7765 comm="syz.8.777" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d964156c9 code=0x7ffc0000
[  273.712116][   T26] audit: type=1326 audit(1762978877.711:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7765 comm="syz.8.777" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d964156c9 code=0x7ffc0000
[  273.734498][   T26] audit: type=1326 audit(1762978877.721:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7765 comm="syz.8.777" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f3d964156c9 code=0x7ffc0000
[  273.763672][   T26] audit: type=1326 audit(1762978877.721:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7765 comm="syz.8.777" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d964156c9 code=0x7ffc0000
[  273.786422][   T26] audit: type=1326 audit(1762978877.721:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7765 comm="syz.8.777" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d964156c9 code=0x7ffc0000
[  273.809435][   T26] audit: type=1326 audit(1762978877.721:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7765 comm="syz.8.777" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7f3d964156c9 code=0x7ffc0000
[  273.831926][   T26] audit: type=1326 audit(1762978877.731:278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7765 comm="syz.8.777" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d964156c9 code=0x7ffc0000
[  273.854346][   T26] audit: type=1326 audit(1762978877.731:279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7765 comm="syz.8.777" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d964156c9 code=0x7ffc0000
[  273.873424][ T7775] 8021q: adding VLAN 0 to HW filter on device bond1
[  273.879905][   T26] audit: type=1326 audit(1762978877.731:280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7765 comm="syz.8.777" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3d964156c9 code=0x7ffc0000
[  273.910039][   T26] audit: type=1326 audit(1762978877.731:281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7765 comm="syz.8.777" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d964156c9 code=0x7ffc0000
[  274.962203][ T7775] bond1: (slave ip6gretap1): making interface the new active one
[  274.991223][ T7775] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link
[  275.130232][ T7799] bridge0: port 3(wlan1) entered blocking state
[  275.160461][ T7799] bridge0: port 3(wlan1) entered disabled state
[  275.178346][ T7799] device wlan1 entered promiscuous mode
[  275.208525][ T7799] bridge0: port 3(wlan1) entered blocking state
[  275.214927][ T7799] bridge0: port 3(wlan1) entered forwarding state
[  276.157277][ T4370] bridge0: port 3(wlan1) entered disabled state
[  276.772592][ T7833] loop1: detected capacity change from 0 to 128
[  276.867945][ T7806] loop6: detected capacity change from 0 to 512
[  276.976835][ T7841] attempt to access beyond end of device
[  276.976835][ T7841] loop1: rw=2049, want=561, limit=128
[  277.441488][ T7806] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  277.712799][ T7806] ext4 filesystem being mounted at /14/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  278.185881][ T7860] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  278.264638][ T7860] 8021q: adding VLAN 0 to HW filter on device bond0
[  278.286456][ T7860] 8021q: adding VLAN 0 to HW filter on device team0
[  278.347646][ T7860] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  278.377824][    T7] lo speed is unknown, defaulting to 1000
[  278.549025][ T7879] loop1: detected capacity change from 0 to 2048
[  278.562294][ T7878] bridge0: port 3(wlan1) entered blocking state
[  278.593525][ T7878] bridge0: port 3(wlan1) entered disabled state
[  278.604049][ T7878] device wlan1 entered promiscuous mode
[  278.613203][ T7878] bridge0: port 3(wlan1) entered blocking state
[  278.619595][ T7878] bridge0: port 3(wlan1) entered forwarding state
[  278.627772][ T1237] bridge0: port 3(wlan1) entered disabled state
[  278.645378][ T7879]  loop1: p1 < > p4
[  278.697887][ T7879] loop1: p4 size 8388608 extends beyond EOD, truncated
[  278.764272][ T7888] blk_update_request: I/O error, dev loop3, sector 2 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 0
[  278.849000][ T7888] EXT4-fs (loop3): unable to read superblock
[  279.217031][ T4296] udevd[4296]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[  279.234403][ T4768] udevd[4768]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[  279.420111][ T7883] infiniband syz1: set active
[  279.434585][ T7883] infiniband syz1: added syz_tun
[  279.473044][ T7913] netlink: 'syz.7.814': attribute type 4 has an invalid length.
[  279.510222][ T7883] RDS/IB: syz1: added
[  279.514661][ T7883] smc: adding ib device syz1 with port count 1
[  279.521471][ T7883] smc:    ib device syz1 port 1 has pnetid SYZ0 (user defined)
[  279.795461][ T7921] netlink: 'syz.7.814': attribute type 4 has an invalid length.
[  279.863309][    C1] rdma_rxe: no route to ff02:0000:0000:0000:0000:0000:0000:0001
[  279.871223][    C1] rdma_rxe: Host not reachable
[  280.288284][ T7939] lo speed is unknown, defaulting to 1000
[  281.822053][ T7969] netlink: 8 bytes leftover after parsing attributes in process `syz.1.825'.
[  281.889829][ T7969] IPv6: ADDRCONF(NETDEV_CHANGE): gre1: link becomes ready
[  281.940170][ T7969] netlink: 4 bytes leftover after parsing attributes in process `syz.1.825'.
[  281.973395][ T7976] overlayfs: failed to clone upperpath
[  282.230513][ T7985] netlink: 'syz.1.830': attribute type 11 has an invalid length.
[  282.534696][   T26] kauditd_printk_skb: 41 callbacks suppressed
[  282.534718][   T26] audit: type=1326 audit(1762978886.560:323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7996 comm="syz.7.834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97c288a6c9 code=0x7ffc0000
[  282.636539][   T26] audit: type=1326 audit(1762978886.600:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7996 comm="syz.7.834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97c288a6c9 code=0x7ffc0000
[  282.767301][   T26] audit: type=1326 audit(1762978886.600:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7996 comm="syz.7.834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7f97c288a6c9 code=0x7ffc0000
[  282.830444][   T26] audit: type=1326 audit(1762978886.610:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7996 comm="syz.7.834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97c288a6c9 code=0x7ffc0000
[  283.663824][   T26] audit: type=1326 audit(1762978886.610:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7996 comm="syz.7.834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97c288a6c9 code=0x7ffc0000
[  283.686933][   T26] audit: type=1326 audit(1762978886.610:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7996 comm="syz.7.834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f97c288a6c9 code=0x7ffc0000
[  283.836783][   T26] audit: type=1326 audit(1762978886.610:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7996 comm="syz.7.834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97c288a6c9 code=0x7ffc0000
[  283.876657][ T8029] netlink: 12 bytes leftover after parsing attributes in process `syz.1.841'.
[  283.931894][   T26] audit: type=1326 audit(1762978886.610:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7996 comm="syz.7.834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97c288a6c9 code=0x7ffc0000
[  284.058150][   T26] audit: type=1326 audit(1762978886.610:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7996 comm="syz.7.834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f97c288a6c9 code=0x7ffc0000
[  284.155465][   T26] audit: type=1326 audit(1762978886.610:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7996 comm="syz.7.834" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97c288a6c9 code=0x7ffc0000
[  284.776128][ T8052] device gretap0 entered promiscuous mode
[  285.383784][ T4975] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  285.760205][ T4975] usb 2-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  285.773537][ T4975] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  285.816860][ T4975] usb 2-1: config 0 descriptor??
[  285.879299][ T4975] gspca_main: STV06xx-2.14.0 probing 046d:0870
[  286.659983][ T8110] netlink: 12 bytes leftover after parsing attributes in process `syz.6.858'.
[  288.172956][ T8135] netlink: 'syz.7.864': attribute type 10 has an invalid length.
[  288.252860][ T4975] usb 2-1: USB disconnect, device number 10
[  288.479752][ T8135] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  288.645535][ T8135] team0: Failed to send options change via netlink (err -105)
[  288.756911][ T8135] team0: Port device dummy0 added
[  289.170800][ T8150] netlink: 24 bytes leftover after parsing attributes in process `syz.7.870'.
[  289.558487][ T8164] netlink: 24 bytes leftover after parsing attributes in process `syz.1.884'.
[  289.653495][ T8167] device team_slave_0 entered promiscuous mode
[  289.660620][ T8167] device team_slave_1 entered promiscuous mode
[  289.666891][ T8167] device dummy0 entered promiscuous mode
[  289.701565][ T8167] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  289.759544][ T8169] 8021q: adding VLAN 0 to HW filter on device macvlan3
[  292.730691][   T26] kauditd_printk_skb: 34 callbacks suppressed
[  292.730715][   T26] audit: type=1326 audit(1762978896.727:367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8222 comm="syz.3.891" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f801f69c6c9 code=0x7ffc0000
[  292.837453][   T26] audit: type=1326 audit(1762978896.767:368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8222 comm="syz.3.891" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f801f69c6c9 code=0x7ffc0000
[  292.906535][   T26] audit: type=1326 audit(1762978896.767:369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8222 comm="syz.3.891" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f801f69c6c9 code=0x7ffc0000
[  293.006588][   T26] audit: type=1326 audit(1762978896.767:370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8222 comm="syz.3.891" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f801f69c6c9 code=0x7ffc0000
[  293.082284][   T26] audit: type=1326 audit(1762978896.767:371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8222 comm="syz.3.891" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f801f69c6c9 code=0x7ffc0000
[  293.150556][   T26] audit: type=1326 audit(1762978896.767:372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8222 comm="syz.3.891" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f801f69c6c9 code=0x7ffc0000
[  293.233970][   T26] audit: type=1326 audit(1762978896.767:373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8222 comm="syz.3.891" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f801f69c6c9 code=0x7ffc0000
[  293.327998][   T26] audit: type=1326 audit(1762978896.767:374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8222 comm="syz.3.891" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f801f69c6c9 code=0x7ffc0000
[  293.431454][   T26] audit: type=1326 audit(1762978896.777:375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8222 comm="syz.3.891" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f801f69c6c9 code=0x7ffc0000
[  293.529286][   T26] audit: type=1326 audit(1762978896.777:376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8222 comm="syz.3.891" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f801f69c6c9 code=0x7ffc0000
[  295.457394][ T8278] netlink: 12 bytes leftover after parsing attributes in process `syz.7.906'.
[  297.219902][ T8306] netlink: 4 bytes leftover after parsing attributes in process `syz.3.914'.
[  298.342847][ T8314] loop6: detected capacity change from 0 to 512
[  298.462539][ T8318] loop8: detected capacity change from 0 to 128
[  298.528469][ T8314] EXT4-fs (loop6): orphan cleanup on readonly fs
[  298.584512][ T8314] EXT4-fs error (device loop6): ext4_orphan_get:1427: comm syz.6.916: bad orphan inode 13
[  298.691117][ T8314] ext4_test_bit(bit=12, block=18) = 1
[  298.726211][ T8314] is_bad_inode(inode)=0
[  298.794333][ T8314] NEXT_ORPHAN(inode)=2130706432
[  298.802287][ T8314] max_ino=32
[  298.827075][ T8314] i_nlink=1
[  298.840816][ T8314] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  299.019060][ T8314] EXT4-fs (loop6): warning: mounting fs with errors, running e2fsck is recommended
[  299.174833][ T8314] EXT4-fs warning (device loop6): ext4_multi_mount_protect:403: Unable to create kmmpd thread for loop6.
[  301.595581][ T8382] overlayfs: failed to clone upperpath
[  302.535574][ T8389] device syzkaller1 entered promiscuous mode
[  302.631812][ T8389] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  304.657530][ T8433] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  304.677912][ T8433] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  305.820638][ T8468] kvm: pic: non byte write
[  305.830580][ T8468] kvm: pic: non byte write
[  305.836775][ T8468] kvm: pic: non byte write
[  305.842329][ T8468] kvm: pic: non byte write
[  305.853652][ T8468] kvm: pic: non byte write
[  305.858450][ T8468] kvm: pic: non byte write
[  305.863269][ T8468] kvm: pic: non byte write
[  305.874234][ T8468] kvm: pic: non byte write
[  305.904101][ T8468] kvm: pic: non byte write
[  305.913396][ T8468] kvm: pic: non byte write
[  306.110819][ T8480] IPVS: wrr: UDP 224.0.0.2:0 - no destination available
[  308.262107][ T8558] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  308.432743][   T26] kauditd_printk_skb: 27 callbacks suppressed
[  308.432758][   T26] audit: type=1326 audit(1762978912.329:404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8566 comm="syz.7.980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97c288a6c9 code=0x7ffc0000
[  308.540656][   T26] audit: type=1326 audit(1762978912.358:405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8566 comm="syz.7.980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97c288a6c9 code=0x7ffc0000
[  308.605055][   T26] audit: type=1326 audit(1762978912.358:406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8566 comm="syz.7.980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f97c288a6c9 code=0x7ffc0000
[  308.678007][   T26] audit: type=1326 audit(1762978912.358:407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8566 comm="syz.7.980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97c288a6c9 code=0x7ffc0000
[  308.706653][   T26] audit: type=1326 audit(1762978912.358:408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8566 comm="syz.7.980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97c288a6c9 code=0x7ffc0000
[  308.785367][   T26] audit: type=1326 audit(1762978912.358:409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8566 comm="syz.7.980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f97c288a6c9 code=0x7ffc0000
[  308.807617][   T26] audit: type=1326 audit(1762978912.358:410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8566 comm="syz.7.980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97c288a6c9 code=0x7ffc0000
[  309.928525][   T26] audit: type=1326 audit(1762978912.358:411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8566 comm="syz.7.980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97c288a6c9 code=0x7ffc0000
[  310.037813][   T26] audit: type=1326 audit(1762978912.358:412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8566 comm="syz.7.980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7f97c288a6c9 code=0x7ffc0000
[  310.062281][ T8588] netlink: 4 bytes leftover after parsing attributes in process `syz.3.985'.
[  310.110479][   T26] audit: type=1326 audit(1762978912.368:413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8566 comm="syz.7.980" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97c288a6c9 code=0x7ffc0000
[  310.175294][ T8588] team0 (unregistering): Port device team_slave_0 removed
[  310.217922][ T8588] team0 (unregistering): Port device team_slave_1 removed
[  311.484539][ T8608] netlink: 8 bytes leftover after parsing attributes in process `syz.1.990'.
[  312.594568][ T8629] device macsec0 entered promiscuous mode
[  313.316776][ T8634] netlink: 'syz.3.999': attribute type 1 has an invalid length.
[  313.417571][ T8639] 8021q: adding VLAN 0 to HW filter on device batadv1
[  313.467114][ T8639] bond2: (slave batadv1): making interface the new active one
[  313.504802][ T8639] bond2: (slave batadv1): Enslaving as an active interface with an up link
[  313.609812][ T8634] netlink: 4 bytes leftover after parsing attributes in process `syz.3.999'.
[  313.660819][ T8638] xt_bpf: check failed: parse error
[  313.723996][ T8634] bond2 (unregistering): (slave batadv1): Releasing active interface
[  313.759000][ T8634] bond2 (unregistering): Released all slaves
[  313.811484][ T8642] netlink: 'syz.1.998': attribute type 1 has an invalid length.
[  314.039248][ T8642] 8021q: adding VLAN 0 to HW filter on device bond2
[  314.116191][ T8645] netlink: 4 bytes leftover after parsing attributes in process `syz.1.998'.
[  314.431871][ T8665] bridge0: port 2(bridge_slave_1) entered disabled state
[  314.439429][ T8665] bridge0: port 1(bridge_slave_0) entered disabled state
[  314.969049][ T8681] netem: change failed
[  315.652371][ T8705] device geneve2 entered promiscuous mode
[  317.706356][ T1424] ieee802154 phy0 wpan0: encryption failed: -22
[  317.712750][ T1424] ieee802154 phy1 wpan1: encryption failed: -22
[  318.048813][ T8747] Cannot find set identified by id 3 to match
[  318.595289][ T8754] binder_alloc: 8753: pid 8753 spamming oneway? 1 buffers allocated for a total size of 4096
[  318.820247][ T8760] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1021'.
[  319.362797][   T26] kauditd_printk_skb: 15 callbacks suppressed
[  319.362833][   T26] audit: type=1326 audit(1762978923.197:429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8749 comm="syz.7.1020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97c288a6c9 code=0x7fc00000
[  319.960279][   T26] audit: type=1326 audit(1762978923.237:430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8749 comm="syz.7.1020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f97c288a6c9 code=0x7fc00000
[  319.983049][   T26] audit: type=1326 audit(1762978923.237:431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8749 comm="syz.7.1020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97c288a6c9 code=0x7fc00000
[  320.091959][   T26] audit: type=1326 audit(1762978923.237:432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8749 comm="syz.7.1020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97c288a6c9 code=0x7fc00000
[  320.149112][ T8786] loop6: detected capacity change from 0 to 512
[  320.326040][   T26] audit: type=1326 audit(1762978923.237:433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8749 comm="syz.7.1020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97c288a6c9 code=0x7fc00000
[  320.348877][   T26] audit: type=1326 audit(1762978923.237:434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8749 comm="syz.7.1020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97c288a6c9 code=0x7fc00000
[  320.372776][   T26] audit: type=1326 audit(1762978923.237:435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8749 comm="syz.7.1020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97c288a6c9 code=0x7fc00000
[  320.417060][   T26] audit: type=1326 audit(1762978923.237:436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8749 comm="syz.7.1020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97c288a6c9 code=0x7fc00000
[  320.548264][   T26] audit: type=1326 audit(1762978923.247:437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8749 comm="syz.7.1020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97c288a6c9 code=0x7fc00000
[  320.948016][   T26] audit: type=1326 audit(1762978923.247:438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8749 comm="syz.7.1020" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f97c288a6c9 code=0x7fc00000
[  321.706134][ T8786] EXT4-fs error (device loop6): ext4_orphan_get:1401: inode #15: comm syz.6.1026: inode has both inline data and extents flags
[  321.790660][ T8786] EXT4-fs error (device loop6): ext4_orphan_get:1406: comm syz.6.1026: couldn't read orphan inode 15 (err -117)
[  321.959436][ T8786] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  325.445595][ T8854] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1041'.
[  327.230630][ T8854] team0 (unregistering): Port device team_slave_0 removed
[  327.285905][ T8854] team0 (unregistering): Port device team_slave_1 removed
[  328.658001][ T4190] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  328.977184][ T4190] usb 7-1: Using ep0 maxpacket: 32
[  329.214025][ T8893] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1059'.
[  330.704495][ T4190] usb 7-1: unable to read config index 0 descriptor/start: -71
[  330.712150][ T4190] usb 7-1: can't read configurations, error -71
[  330.726622][   T26] kauditd_printk_skb: 14 callbacks suppressed
[  330.726638][   T26] audit: type=1326 audit(1762978934.514:453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8907 comm="syz.8.1052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d964156c9 code=0x7ffc0000
[  330.772229][ T8893] team0 (unregistering): Port device team_slave_0 removed
[  331.080956][ T8893] team0 (unregistering): Port device team_slave_1 removed
[  331.301687][   T26] audit: type=1326 audit(1762978934.544:454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8907 comm="syz.8.1052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d964156c9 code=0x7ffc0000
[  331.352701][   T26] audit: type=1326 audit(1762978934.544:455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8907 comm="syz.8.1052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f3d964156c9 code=0x7ffc0000
[  331.375113][   T26] audit: type=1326 audit(1762978934.544:456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8907 comm="syz.8.1052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d964156c9 code=0x7ffc0000
[  331.431661][   T26] audit: type=1326 audit(1762978934.544:457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8907 comm="syz.8.1052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d964156c9 code=0x7ffc0000
[  333.052625][   T26] audit: type=1326 audit(1762978934.544:458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8907 comm="syz.8.1052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7f3d964156c9 code=0x7ffc0000
[  333.144296][   T26] audit: type=1326 audit(1762978934.554:459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8907 comm="syz.8.1052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d964156c9 code=0x7ffc0000
[  333.259715][   T26] audit: type=1326 audit(1762978934.554:460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8907 comm="syz.8.1052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d964156c9 code=0x7ffc0000
[  333.341894][   T26] audit: type=1326 audit(1762978934.554:461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8907 comm="syz.8.1052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3d964156c9 code=0x7ffc0000
[  333.430386][   T26] audit: type=1326 audit(1762978934.554:462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8907 comm="syz.8.1052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d964156c9 code=0x7ffc0000
[  334.994184][ T8954] device macsec0 entered promiscuous mode
[  335.751344][ T8960] netlink: 'syz.1.1067': attribute type 4 has an invalid length.
[  335.797874][ T8960] netlink: 'syz.1.1067': attribute type 4 has an invalid length.
[  339.487945][ T8973] Set syz0 is full, maxelem 0 reached
[  340.578442][ T8913] Set syz1 is full, maxelem 65536 reached
[  340.653371][ T9055] tipc: Failed to remove unknown binding: 66,1,1/0:1959296323/1959296325
[  341.587880][ T9055] tipc: Failed to remove unknown binding: 66,1,1/0:1959296323/1959296325
[  341.596381][ T9055] tipc: Failed to remove unknown binding: 66,1,1/0:1959296323/1959296325
[  346.467253][ T4190] Bluetooth: hci2: command 0x0405 tx timeout
[  348.993897][ T9174] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  349.048744][ T9174] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  350.505169][ T9208] netlink: 'syz.6.1115': attribute type 3 has an invalid length.
[  350.529164][ T9208] netlink: 'syz.6.1115': attribute type 3 has an invalid length.
[  350.554391][ T9208] netlink: 'syz.6.1115': attribute type 3 has an invalid length.
[  350.572493][ T9208] netlink: 'syz.6.1115': attribute type 3 has an invalid length.
[  350.590079][ T9208] netlink: 'syz.6.1115': attribute type 3 has an invalid length.
[  350.605673][ T9208] netlink: 'syz.6.1115': attribute type 3 has an invalid length.
[  350.622578][ T9208] netlink: 'syz.6.1115': attribute type 3 has an invalid length.
[  350.633273][ T9208] netlink: 'syz.6.1115': attribute type 3 has an invalid length.
[  350.647525][ T9208] netlink: 'syz.6.1115': attribute type 3 has an invalid length.
[  350.668086][ T9208] netlink: 'syz.6.1115': attribute type 3 has an invalid length.
[  350.836454][   T26] kauditd_printk_skb: 16 callbacks suppressed
[  350.836469][   T26] audit: type=1326 audit(1762978954.540:479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9217 comm="syz.1.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f015298c6c9 code=0x7ffc0000
[  350.877683][ T9222] loop8: detected capacity change from 0 to 512
[  350.900523][   T26] audit: type=1326 audit(1762978954.540:480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9217 comm="syz.1.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f015298c6c9 code=0x7ffc0000
[  350.963018][ T9222] EXT4-fs error (device loop8): ext4_orphan_get:1427: comm syz.8.1120: bad orphan inode 11862016
[  350.983719][   T26] audit: type=1326 audit(1762978954.540:481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9217 comm="syz.1.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7f015298c6c9 code=0x7ffc0000
[  351.007624][   T26] audit: type=1326 audit(1762978954.550:482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9217 comm="syz.1.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f015298c6c9 code=0x7ffc0000
[  351.030448][   T26] audit: type=1326 audit(1762978954.550:483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9217 comm="syz.1.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f015298c6c9 code=0x7ffc0000
[  351.043109][ T9222] EXT4-fs (loop8): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  351.115221][ T9235] sch_tbf: burst 2 is lower than device lo mtu (11337746) !
[  351.124194][ T9222] ext4 filesystem being mounted at /85/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  351.158809][   T26] audit: type=1326 audit(1762978954.550:484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9217 comm="syz.1.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f015298c6c9 code=0x7ffc0000
[  351.182102][ T9238] sch_tbf: burst 2 is lower than device lo mtu (11337746) !
[  351.352803][ T9238] sch_tbf: burst 2 is lower than device lo mtu (11337746) !
[  351.682205][   T26] audit: type=1326 audit(1762978954.550:485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9217 comm="syz.1.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f015298c6c9 code=0x7ffc0000
[  351.930291][   T26] audit: type=1326 audit(1762978954.550:486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9217 comm="syz.1.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f015298c6c9 code=0x7ffc0000
[  352.025134][   T26] audit: type=1326 audit(1762978954.550:487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9217 comm="syz.1.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f015298c6c9 code=0x7ffc0000
[  352.377896][ T9249] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1124'.
[  352.452047][ T7364] 
[  352.454424][ T7364] ======================================================
[  352.461447][ T7364] WARNING: possible circular locking dependency detected
[  352.468478][ T7364] syzkaller #0 Not tainted
[  352.472900][ T7364] ------------------------------------------------------
[  352.479969][ T7364] syz-executor/7364 is trying to acquire lock:
[  352.486135][ T7364] ffff88805f6b80a8 (&dquot->dq_lock){+.+.}-{3:3}, at: dquot_commit+0x5a/0x410
[  352.495048][ T7364] 
[  352.495048][ T7364] but task is already holding lock:
[  352.502437][ T7364] ffff88805f6eaa58 (&ei->i_data_sem/2){++++}-{3:3}, at: ext4_truncate+0x96d/0x10d0
[  352.511776][ T7364] 
[  352.511776][ T7364] which lock already depends on the new lock.
[  352.511776][ T7364] 
[  352.522196][ T7364] 
[  352.522196][ T7364] the existing dependency chain (in reverse order) is:
[  352.531355][ T7364] 
[  352.531355][ T7364] -> #2 (&ei->i_data_sem/2){++++}-{3:3}:
[  352.539212][ T7364]        down_read+0x44/0x2e0
[  352.543917][ T7364]        ext4_map_blocks+0x32f/0x1b30
[  352.549310][ T7364]        ext4_getblk+0x16d/0x630
[  352.554274][ T7364]        ext4_bread+0x26/0x180
[  352.559052][ T7364]        ext4_quota_write+0x230/0x570
[  352.564438][ T7364]        get_free_dqblk+0x387/0x7d0
[  352.569652][ T7364]        do_insert_tree+0x214/0x1970
[  352.574958][ T7364]        do_insert_tree+0x5b1/0x1970
[  352.580262][ T7364]        do_insert_tree+0x5b1/0x1970
[  352.585648][ T7364]        do_insert_tree+0x5b1/0x1970
[  352.590950][ T7364]        qtree_write_dquot+0x361/0x4b0
[  352.596438][ T7364]        v2_write_dquot+0x108/0x190
[  352.601654][ T7364]        dquot_acquire+0x2d5/0x520
[  352.606784][ T7364]        ext4_acquire_dquot+0x2d9/0x4a0
[  352.612345][ T7364]        dqget+0x778/0xeb0
[  352.616784][ T7364]        __dquot_initialize+0x328/0xcb0
[  352.622347][ T7364]        add_dquot_ref+0x2b4/0x380
[  352.627553][ T7364]        dquot_load_quota_sb+0x875/0xac0
[  352.633196][ T7364]        dquot_load_quota_inode+0x2d8/0x5d0
[  352.639098][ T7364]        ext4_enable_quotas+0x4ab/0xb50
[  352.644643][ T7364]        ext4_remount+0x1a10/0x2690
[  352.649845][ T7364]        reconfigure_super+0x219/0x880
[  352.655306][ T7364]        vfs_fsconfig_locked+0x18d/0x3f0
[  352.660946][ T7364]        __se_sys_fsconfig+0x61b/0x750
[  352.666413][ T7364]        do_syscall_64+0x4c/0xa0
[  352.671369][ T7364]        entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  352.677788][ T7364] 
[  352.677788][ T7364] -> #1 (&s->s_dquot.dqio_sem){++++}-{3:3}:
[  352.685871][ T7364]        down_read+0x44/0x2e0
[  352.690555][ T7364]        v2_read_dquot+0x4a/0x110
[  352.695601][ T7364]        dquot_acquire+0x152/0x520
[  352.700802][ T7364]        ext4_acquire_dquot+0x2d9/0x4a0
[  352.706372][ T7364]        dqget+0x778/0xeb0
[  352.710793][ T7364]        __dquot_initialize+0x328/0xcb0
[  352.716345][ T7364]        add_dquot_ref+0x2b4/0x380
[  352.721483][ T7364]        dquot_load_quota_sb+0x875/0xac0
[  352.727119][ T7364]        dquot_load_quota_inode+0x2d8/0x5d0
[  352.733014][ T7364]        ext4_enable_quotas+0x4ab/0xb50
[  352.738689][ T7364]        ext4_remount+0x1a10/0x2690
[  352.743887][ T7364]        reconfigure_super+0x219/0x880
[  352.749351][ T7364]        vfs_fsconfig_locked+0x18d/0x3f0
[  352.754985][ T7364]        __se_sys_fsconfig+0x61b/0x750
[  352.760451][ T7364]        do_syscall_64+0x4c/0xa0
[  352.765390][ T7364]        entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  352.771806][ T7364] 
[  352.771806][ T7364] -> #0 (&dquot->dq_lock){+.+.}-{3:3}:
[  352.779453][ T7364]        __lock_acquire+0x2c33/0x7c60
[  352.784832][ T7364]        lock_acquire+0x197/0x3f0
[  352.789859][ T7364]        __mutex_lock_common+0x1eb/0x2390
[  352.795585][ T7364]        mutex_lock_nested+0x17/0x20
[  352.800888][ T7364]        dquot_commit+0x5a/0x410
[  352.805836][ T7364]        ext4_write_dquot+0x1f0/0x360
[  352.811242][ T7364]        mark_all_dquot_dirty+0xf9/0x400
[  352.816886][ T7364]        __dquot_free_space+0x7ca/0xb90
[  352.822436][ T7364]        ext4_free_blocks+0x1af5/0x2480
[  352.827986][ T7364]        ext4_ext_remove_space+0x1eaa/0x43a0
[  352.833970][ T7364]        ext4_ext_truncate+0x192/0x240
[  352.839518][ T7364]        ext4_truncate+0x9f1/0x10d0
[  352.844723][ T7364]        ext4_evict_inode+0xb43/0x1080
[  352.850181][ T7364]        evict+0x485/0x870
[  352.854602][ T7364]        vfs_rmdir+0x3b4/0x430
[  352.859551][ T7364]        do_rmdir+0x295/0x710
[  352.864230][ T7364]        __x64_sys_unlinkat+0xc0/0xe0
[  352.869609][ T7364]        do_syscall_64+0x4c/0xa0
[  352.874553][ T7364]        entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  352.880979][ T7364] 
[  352.880979][ T7364] other info that might help us debug this:
[  352.880979][ T7364] 
[  352.891261][ T7364] Chain exists of:
[  352.891261][ T7364]   &dquot->dq_lock --> &s->s_dquot.dqio_sem --> &ei->i_data_sem/2
[  352.891261][ T7364] 
[  352.904917][ T7364]  Possible unsafe locking scenario:
[  352.904917][ T7364] 
[  352.912367][ T7364]        CPU0                    CPU1
[  352.917732][ T7364]        ----                    ----
[  352.923104][ T7364]   lock(&ei->i_data_sem/2);
[  352.927716][ T7364]                                lock(&s->s_dquot.dqio_sem);
[  352.935097][ T7364]                                lock(&ei->i_data_sem/2);
[  352.942213][ T7364]   lock(&dquot->dq_lock);
[  352.946652][ T7364] 
[  352.946652][ T7364]  *** DEADLOCK ***
[  352.946652][ T7364] 
[  352.954792][ T7364] 5 locks held by syz-executor/7364:
[  352.960944][ T7364]  #0: ffff888021e1e460 (sb_writers#5){.+.+}-{0:0}, at: mnt_want_write+0x3d/0x90
[  352.970226][ T7364]  #1: ffff88805f6e97e0 (&type->i_mutex_dir_key#4/1){+.+.}-{3:3}, at: do_rmdir+0x1b2/0x710
[  352.980268][ T7364]  #2: ffff888021e1e650 (sb_internal){.+.+}-{0:0}, at: ext4_evict_inode+0x444/0x1080
[  352.989771][ T7364]  #3: ffff88805f6eaa58 (&ei->i_data_sem/2){++++}-{3:3}, at: ext4_truncate+0x96d/0x10d0
[  352.999525][ T7364]  #4: ffffffff8c23f118 (dquot_srcu){....}-{0:0}, at: rcu_lock_acquire+0x5/0x30
[  353.008579][ T7364] 
[  353.008579][ T7364] stack backtrace:
[  353.014469][ T7364] CPU: 1 PID: 7364 Comm: syz-executor Not tainted syzkaller #0
[  353.022031][ T7364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  353.032104][ T7364] Call Trace:
[  353.035516][ T7364]  <TASK>
[  353.038467][ T7364]  dump_stack_lvl+0x168/0x230
[  353.043168][ T7364]  ? load_image+0x3b0/0x3b0
[  353.047685][ T7364]  ? show_regs_print_info+0x20/0x20
[  353.052892][ T7364]  ? print_circular_bug+0x12b/0x1a0
[  353.058093][ T7364]  check_noncircular+0x274/0x310
[  353.063040][ T7364]  ? add_chain_block+0x940/0x940
[  353.067980][ T7364]  ? lockdep_lock+0xdc/0x1e0
[  353.072580][ T7364]  ? deref_stack_reg+0xd0/0x120
[  353.077443][ T7364]  ? mark_lock+0x94/0x320
[  353.081783][ T7364]  __lock_acquire+0x2c33/0x7c60
[  353.086654][ T7364]  ? stack_trace_save+0x98/0xe0
[  353.091507][ T7364]  ? verify_lock_unused+0x140/0x140
[  353.096718][ T7364]  ? check_noncircular+0x16f/0x310
[  353.101878][ T7364]  ? add_chain_block+0x940/0x940
[  353.106825][ T7364]  ? lockdep_unlock+0x134/0x2d0
[  353.111768][ T7364]  ? lockdep_lock+0x1e0/0x1e0
[  353.116462][ T7364]  lock_acquire+0x197/0x3f0
[  353.121066][ T7364]  ? dquot_commit+0x5a/0x410
[  353.125669][ T7364]  ? __might_sleep+0xf0/0xf0
[  353.130276][ T7364]  ? read_lock_is_recursive+0x10/0x10
[  353.135664][ T7364]  ? dquot_commit+0x5a/0x410
[  353.140351][ T7364]  __mutex_lock_common+0x1eb/0x2390
[  353.145558][ T7364]  ? dquot_commit+0x5a/0x410
[  353.150166][ T7364]  ? __might_sleep+0xf0/0xf0
[  353.154763][ T7364]  ? mutex_lock_io_nested+0x60/0x60
[  353.159974][ T7364]  mutex_lock_nested+0x17/0x20
[  353.164749][ T7364]  dquot_commit+0x5a/0x410
[  353.169204][ T7364]  ? __ext4_journal_start_sb+0x1bd/0x360
[  353.174941][ T7364]  ext4_write_dquot+0x1f0/0x360
[  353.179808][ T7364]  mark_all_dquot_dirty+0xf9/0x400
[  353.184927][ T7364]  __dquot_free_space+0x7ca/0xb90
[  353.189970][ T7364]  ext4_free_blocks+0x1af5/0x2480
[  353.195011][ T7364]  ? ext4_mb_discard_preallocations_should_retry+0x690/0x690
[  353.202394][ T7364]  ? __ext4_journal_ensure_credits+0x2c/0x450
[  353.208468][ T7364]  ext4_ext_remove_space+0x1eaa/0x43a0
[  353.213939][ T7364]  ? rcu_is_watching+0x11/0xa0
[  353.218751][ T7364]  ? ext4_ext_index_trans_blocks+0xf0/0xf0
[  353.224575][ T7364]  ? ext4_es_remove_extent+0x24f/0x3e0
[  353.230062][ T7364]  ext4_ext_truncate+0x192/0x240
[  353.235023][ T7364]  ext4_truncate+0x9f1/0x10d0
[  353.239851][ T7364]  ? __ext4_mark_inode_dirty+0x700/0x700
[  353.245515][ T7364]  ext4_evict_inode+0xb43/0x1080
[  353.250472][ T7364]  ? _raw_spin_unlock+0x24/0x40
[  353.255338][ T7364]  ? ext4_inode_is_fast_symlink+0x390/0x390
[  353.261240][ T7364]  ? do_raw_spin_unlock+0x11d/0x230
[  353.266442][ T7364]  ? ext4_inode_is_fast_symlink+0x390/0x390
[  353.272338][ T7364]  evict+0x485/0x870
[  353.276243][ T7364]  ? __lock_acquire+0x7c60/0x7c60
[  353.281276][ T7364]  ? proc_nr_inodes+0x320/0x320
[  353.286132][ T7364]  ? do_raw_spin_unlock+0x11d/0x230
[  353.291340][ T7364]  ? _raw_spin_unlock+0x24/0x40
[  353.296197][ T7364]  ? iput+0x706/0x8a0
[  353.300192][ T7364]  vfs_rmdir+0x3b4/0x430
[  353.304440][ T7364]  do_rmdir+0x295/0x710
[  353.308598][ T7364]  ? __phys_addr_symbol+0x2b/0x70
[  353.313623][ T7364]  ? d_delete_notify+0x150/0x150
[  353.318564][ T7364]  ? strncpy_from_user+0x1fb/0x360
[  353.323686][ T7364]  ? getname_flags+0x1fe/0x500
[  353.328455][ T7364]  __x64_sys_unlinkat+0xc0/0xe0
[  353.333337][ T7364]  do_syscall_64+0x4c/0xa0
[  353.337761][ T7364]  ? clear_bhb_loop+0x30/0x80
[  353.342442][ T7364]  ? clear_bhb_loop+0x30/0x80
[  353.347124][ T7364]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  353.353039][ T7364] RIP: 0033:0x7f3d96414ca7
[  353.357460][ T7364] Code: 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 07 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  353.377080][ T7364] RSP: 002b:00007ffe5dcee698 EFLAGS: 00000207 ORIG_RAX: 0000000000000107
[  353.385501][ T7364] RAX: ffffffffffffffda RBX: 0000000000000065 RCX: 00007f3d96414ca7
[  353.393568][ T7364] RDX: 0000000000000200 RSI: 00007ffe5dcef840 RDI: 00000000ffffff9c
[  353.401577][ T7364] RBP: 00007f3d96497d7d R08: 0000555574d6e66b R09: 0000000000000000
[  353.409552][ T7364] R10: 0000000000001000 R11: 0000000000000207 R12: 00007ffe5dcef840
[  353.417530][ T7364] R13: 00007f3d96497d7d R14: 0000000000055d31 R15: 00007ffe5dcf1a00
[  353.425518][ T7364]  </TASK>
[  353.432970][   T26] audit: type=1326 audit(1762978954.550:488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9217 comm="syz.1.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f015298c6c9 code=0x7ffc0000
[  355.773480][ T4233] Bluetooth: hci4: command 0x0406 tx timeout
[  360.907762][ T4233] Bluetooth: hci0: command 0x0406 tx timeout