last executing test programs:

1m58.433792029s ago: executing program 2 (id=3):
ioctl$UI_DEV_SETUP(0xffffffffffffffff, 0x405c5503, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000080)='./file0\x00', 0x234a047, 0x0, 0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x2)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
linkat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file1\x00', 0xffffffffffffff9c, &(0x7f00000003c0)='./file0/file2\x00', 0x0)

1m58.336335759s ago: executing program 2 (id=6):
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}, 0x9df}, 0x1c)
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x45e, 0x101701)
ioctl$USBDEVFS_FREE_STREAMS(0xffffffffffffffff, 0x802c550a, &(0x7f0000001d00)=ANY=[@ANYBLOB="3b158261b06dc1fe8d887b54871bbee9ddf2fd266226ddfdc367f95046abb0fddb1472b19617a03ff58d60d51e8848812bfc4b7fbac6d20c84d3e4e0505a9435a3a66efc34e7b7221034a91455c264af13c4dbc310cd0f690e7720649cd5a0262cc2c3f6a62bacfe74f76bad2c983c6ef8faf2a4def8b5d01b55a4535c49a12a6fe8f98b79bade9ab5f88fa37ec6eee9d37e76fdb84d0621ac60c1da38cabb1cf8677fd3b4e159cc14613a5b3a8c1e68353310bdc830c8738b027bf9055e67dc1680ace261b520e2e5953eda4b65aaac226a3b2e458ec950b177b2da8739529535e49052afdf7797f99ca19daf60bdcaff5b284ad7e61e45332f4f0b1a92e16bbf97eea7785203f4ddf2b9f458eeea9d6d2ca0e68cfbfd94d8e4201927b39afea0de1c7803efa820fd2dc9db5431defd010d573424cfed7663c130a9c44d7b4507be64c990afb80e54837fec23c743edb424a1cb624796d3c3268b5849383669278ad75988198670b8cd8e354acb080450e88c6019eb709bf8b0e850218e6bd04ffc3fbab771590aea10c28ae114899f9442906b0cd8fa821b4d4d53d90730338b4bb89e7e74b3e4bebe2e3c20ed1c676e4a07490c31796d12ca4f0429e16178e881da5d7c58dd5e4b8db5631af851bb0ef0fddd15b4988a954fd74cd9c2cc43e4fa5269fc0f058acf3c3e6bf2ae75dcf3cbfb8d267ea68cd27e38886b39677a7f7e2bdf3f6ea5711ba28755de3e21a254d0c80f71d05b0dde8cfaff30420a731d2091fc32ba9a26685bf001bececbbf79690d0f7b60db7c63878c7d9059da65f2b1a393333d26db0ecc919970dbb1c9d8d661fc4390e3444957ee90b5159e7e03378652382345245c3f7a13730721135c24b0397f661649d7b21ed5e0fbc8e318c29a2377ba2b6628588606d9691097cc9a7cf9818a7ddedecef112e4764a2d46023ec453c4fb0bb6c562a2153db643f7660ec86c8dddc25cde23ca12c11449293140ad75b930ed647d787b9c65505973db26b9553229f9b4f0e111acbb23c0a3077b7797f34e4e8324f25512c8aba0c25bf80ab60331b1ea91167635adca6e44739fb06f7f4bbbee0cd9721489a19cae8f3cf41008e23074969b8cb4461b372200b229c591b241a21d674665daef2cdd584fd78afb0b4b9d1a35783b106401a30abcbdeff2f8d41804243bdd4e23d9c11afc7b795283590a5dd8ac2c51467161c77eda4e4784c037024c477e9fb20baaa31e134d35b81d087d58a1c60e06c2f2789db42928861476a18d7306bef8c9f16ff7bef265308f2759024a5454af185530640ca93999d1615ebb14da2863fe51e7cda00ce998be31411dabda4ca6decdcebf96e1f2fe968fea136d951ac56531b6925a99e655289e4dce990a08359f56b295de2bae3c1309777bc326365bb7033473884f92766a9cd078cb5d42fb37eb7af9777e69e8ef7018ce3764521439b84bbdabe2e9ec5d853d1102547502891e89ecb84cee672dbd29f9b68505012a2820dec8dd5e1c489079694108311ed3272fc14be69086da87dc852726b0ed57cd9e98e23b957fcb53518c8f7445c9a257ecfa3ce91ec49efb91b3b6eb4df39b4129d7f0abaa54634d31027c8a8912cf2c3c9f50cde75c2078f97f166f92cd7f2bff88191404a4e99b031f1ecce024ea7b95032afc18403f5bb9f27226051d88efb72da89c8c7de22950ee702978a66736d83a05c4510df4feab5490b3fc6002037d083ffdf83cd648aebff4685efede27cbd90a14c54c7e812453a8031a9f023ad2ab1768a88d1ae2fa8960397063a1ba41f8c64c4a9e2c2ffe728e081385f39dfa4265045c2c44ce93e3e0f8789b3e6bf9f9326512d651dbfeb9ae68a5cf7664444242ea76e71b1e9f3aa671a8c6a531a39776bb2cac9f6c82cf7c09b4d2e02e203a784e1741716c9e52bad5f11f31ca6c4f076287516ed82cc4a11916e2773294e00a44cb4f3835971e67fd0685169bf4539c825decf681b577675779b5f0287b132a4cd832fa3aad71ba27d3937189e7bc780c0cd9bdeebf3efd6cefb9e50577107d7d7f724a9d33651fc46c767f4f6d917cef214db5e576976d0fdc83510b55eb873b7c6e1671564c1b9fb9bf537ba1313167830db378d621c5b36127f04e1e89cb70455474d7846fa7fcb232f4339fdf5550017aee799d0e63889d6fb58988e105b0e409cf6e4caa4ddbaff253c15d91245802f3bc2fe10078fbbeddcdf4fe539219bb3b759eaa98c3b69d442528fa226df1278af092996260dccc60c9d9a52be6093296496fe44e2cbe04ecbd5a2897b9e23607b1893ad6b70ce92bd77d871831f14fe4d7abe92f18161ba000001f4c2df8abf90d612f4da36cfe31ad367abc30fb9ea57c70ebf78099754cdc20eac6f9bad2b3bad6bfd5986b152b601022caf80d8bd82c0f7b4fb342369211d1ffb3fa9b411e6edc50ea506cb707b8a8265e3c2743859be6e8f322f622acaf8daba5b96f979ce70ff16dbcad6d39eb5204ba46350c6ca8b697f4eea6d74ca385514985e3b084b02dcaf795ad1a3a21ab60477be1cee4a43e670e38dc2e04a58dc48da656bed9077bc3dd5e4a3bb1f6d1ca9c8e1d94d93b6aefd569d6f99c0598cd0868586639bc99f2529bde559f7ff8d4118b167e426cea1cfa9cd03f6e1a0ad26c7831a75ec547e273564044f789b79d8d9b160e7bd5446d1ace2fa82796d176ba7d44c7a1bfd5649798bde6920445436137a3dfc618ac9cd6bf4c33a36350cdf1785ca83e12ff3f6700356b567bfd5a631411fc432059297aaa898a46f6cd5f292d7f5ef9b059d31c68c924adc4a5b20af8c6ea7a5405fbb7e857f1cea3acfbc3e09a133a06505e4f4a9bac13d52ba0d5f292a192d79581ab949040dec3d30f7cc6530eca5a68f59461de5fbc521b95cec70555fb22e493e9bb022499898f3cdc379c2f83c91ad6d51e155f7f0ffb794bc922c4d54b5ec8de7d18098f2d9703fb04112a4751118cb589cafee9eb24229879adadda1140099a4e4d104ad21ed729628d916cbb0af98082393ff4f8a2ecd71c5c3b76cd12f2304e053398b9e748c2e69e09caaab745e5168d0d751c952409d4397f3c40696d284e35020cbaff68b0525f2ecf59b10ffdb28cacfc7d087cb4faaaf3f1aef74d6c26052129b0a39413454b19adcd5a2fe08794b562c47ee5911a7d6436a59989ec33846925aee4f2df02a3c0f8dc83539f24e6889f041e692cbe7e3f8faaf147dfe9c0e88933bff19a8fc4465c68966a1917a9bca1efe59e088a522b3bd9d6b8a8d79770718e52cf906a0924c4d872cfe356730add42b0ed79037a21ca6ab10ef8cc41c10f0dbba033ba61bface43ccb848bea51f5e231514931117ed3fee8067a5b6016a26f3c6ea87c29325d08db379f48688732f63366530b307135ab2319315cb13ee582bd30922ddb3543f290f0507a89b729698383d6df7a774535998daebc0f2a130ee99e8c613a723bd633bb0806a4d582048f11f4c7d1a19bba76acabcef2fbc6074f74f4e6a109b938916aa4ad6bfdabe04e31302954c6eef23a75fe102fbc4c333a3963d5e21e240b093121aa19166e6bf1452a83e16ad8a4795a13eb578aebf0d20fe18966bd528fea594815551664868e2306ac8b0866b5921115a3a2f0b26e4f0fcb88e94bdb94adf22072fb453516405cc756558378c9d32ab73b4741ae8a3e73ce1316b4281bc80158947854973bad9092c55cf3964165e86015cbc915c8f1ae189d40dbd93cf37d6858bb1c68bd040b35aed22554419bc5f2a26d0211c1330f9def3ab33b5082f83746bc314ee0fc08f9b5f2b080a2ba6e6d688418e5c06c7f88e80ac2c957c14f1679baf915373082173a0f14837ce0cd0a5616eea8a1dcb87381583e5ca6b3f62ee40ee7f468f42690512218d6cb2ac1b8aae003b792291017cf331f71a637208b8b1ea5d8e158430d9c541f5f8d79317f57ad26d16ed3a29889b2b1c48ab3760c9f975407f46c87098c7d576b49dd577f4d367ec7071aa16852c539d6c1e57398a95804b43054e02a48ec1ff1751d9925a5dc21f41909205e6a164d5ffc1d724e9dc4e745ccf36b324d53a65f1a62a8eb197d0287572c4820570cb95c2dab7fff09d16db8fa66fa386ac97bb5aff49b54ffc92cabba8c95763ed296fdc7117f1b66ac4a44c2afac131811051ded5e7bc57908cc3e09812fc35b749e95bd6d3ff957ba79fa1712b5b09966dec0b15d3caa768f5c6852a6d9fe406d6c1c5fb4801673de49e4dc072fc4a3f38de97fbfe552df23f36ab19987546c86650a66bc7b3c42620a6c3a1600f0924778540b33e6dc9bb632b3c17fe5a5470f90f692498238242d2f2a607fc769692a4d6b3a365f44ff9b5e5c5768616dab953690fcb38104eb4be15f15394bcbbd19b42b1137e484c765a438ef69b8b50d67102afaa73f443fbb4b8ce65f33a340d5eff2d856315da628b0d718dcd5f4980aa5364973abbd402fe188167a33f4ac60726eee3ec122a1fa83dc070a328221b6a50f63a1150e5045fe43eb1754eccbc24a60d0f1c8ba63a75bd483367dc02acd3a20e6efb7103ecda007ec9a14f5204e0bdffaa5cd54c521cf41ecc52b53f075401ab32fc5946593f81a6d5edb87d165c2aeb724a7228375ef0a17eca51fff562fde6c78f72c0e1171d466ba933d461c0707c4d529e3c05a47cbd8ba9ee8fb5510cf165a495f9795cb69e3449620b55b930cd76054d84e13d5d10719f249c1a887f31f30644352e78fc6517ef9b28fc36c02bbbe6b2ce5ee02748826511affdc8a5a6331c370a26c3e86913276550a2cc69ea42c2796f1658db96088f8bd55f19979a54f63d1f5fb30a4439fe66171f075ef13a0f3f9f3bff6e9a3b7e285bae636345461d66a7aa6aeb431e8347b6f40a71a2dfcc7baeb723a184c0b75bf031922477e4340667e4aed28c8ee68ca13d12c54838edad08d4055f73334ba6c01d9aa388b7aa5d72633dacaa8e6fd951c6c2bef0f4f84c55e913eb3a702d41a59676389bf373f0dcfcebab1bac4ffbe3104741c3ce73e7034da4f7b56967deeb1e5b1c57503cf819d3a555ede8e6b384fd915c22d5204bfeff3fe1d10bc43d78d2178f2c05776c7b697f8b1d936dd963d4f9107b30483446746514160d8d26539f5cdd3be36faad8eef5b3d8a8816e4617731968d490d5e26d41f000576d8bd649a2358e826644bc32090ed3927f262e7a35dd3af0493626c5358870ca40c91f6a88072a295a5de44d51e0c23ef83a09e6e12476b38e69ed01fdf9d1de99d41e27f6ba2c16c41077636fe207780afb594f20bfb9dafa1e78e2e2105049de201d5b90876c72e4b1bff6ec96b71672867cc744799764c9c47d2aa0fe2d4da691e4cc17c8e91245ed40b5cd52acafbeea0dda4c8337b88f1a2b42aa33de738842a8b6b245a0cf4f77c3ed4e23b156b8b9d3cbdc5ac6a435894a26d7c422309e15cae8ff4c9f1f3e76a53e80e6b7cec43143d4fd03016677afa3da6a2109d7e55dded6c2dfe7faa309155d81bb8fbf315198141fd92a8e71abb08d6bb33f729711239724747f1d6a9a4f4f13e03449c968d19f7a6fab83cfeb35e99f197072b71b40a6f967c031448e64afc1aa90506579c5563aa3c300ec18acd464aa6327409827c29c875792ea9880b0ea670d0943ea76ea91e0fcfe902326c03f05ea96f3e05a62d6bb14a008096e2bfd365a4ebfe54f14ba81b16ba273fdaf6586d2354ece24d03a99cfb4cb717ee805e40ca0955d85ff3dca98b59de494645752236", @ANYBLOB="b9ffeb4677bbee70eca1536b2b500398fbb8bfa7e8e7c485bd94cc156fcfd78d76e7f551260f1b7ec87d372429219ffdc8d97f041975b945fc929cb56e50069d7ca0d99067567449c9f7575dd49d3c86e161896ae6bd1b646ca554724e79e1c7fe330673967769b8f55e3499c26262c0ec4e34759af5969898f20f4ec0877424af92ea67522f04b44b564acacee5c1ae049b764a808759b02d9b3e7a81d86b9092233668722bbc507a2883d52f49586bfaaec056bf878dcf5d2b0eace6a952a342920106363334c653fdf129869bd126a803011bb6de63edea3a47df0ab17df5fc72bd4bb1bc996c15f8027b5ca7f48b51", @ANYRESOCT=r0])
r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$int_in(r1, 0x40000000af01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000001400)={0x3, 0x0, [{0x1000, 0x86, &(0x7f0000000280)=""/134}, {0x1000, 0x1000, &(0x7f0000000380)=""/4096}, {0xeeee8000, 0x49, &(0x7f0000001380)=""/73}]})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x1c, 0x27, 0x21, 0x70bd29, 0x0, {0x3}, [@nested={0x8, 0x1, 0x0, 0x1, [@typed={0x4, 0x138, 0x0, 0x0, @binary}]}]}, 0x1c}}, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
r4 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'sit0\x00'})
sendmsg$nl_route(r4, &(0x7f0000000100)={0xffffffffffffffff, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[], 0x34}, 0x1, 0x0, 0x0, 0x8810}, 0x40040d0)
r5 = openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
ioctl$RTC_WKALM_SET(r5, 0x4028700f, &(0x7f0000000140)={0x2, 0x0, {0x0, 0x0, 0x0, 0x18, 0x0, 0x60}})
pread64(r5, &(0x7f0000000040)=""/35, 0x23, 0x40000000)
ioctl$F2FS_IOC_GARBAGE_COLLECT(r1, 0x4004f506, &(0x7f0000000000)=0x1)
syz_mount_image$udf(&(0x7f0000000f00), &(0x7f0000000100)='./file1\x00', 0x0, &(0x7f0000001bc0)=ANY=[@ANYRESDEC], 0xc, 0xc3c, &(0x7f0000000f40)="$eJzs3U9sHNd9B/DfGy3FlVxUTOwoThq3m7ZIZcVy9S+mYhXOqqbZBpBlIRRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BotUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcjIYzOxbcUmRFi2REmV9Pjb13Z15b+a9mdUMRfDNCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAg4vdfuXDyVHrYrQAAHqRLI187edr9HwAeK1f8+x8AAAAAAAAAAAAAAPa7FEU8GSlmL62msep9R/1iu+/mrdGh4a2rHUpVzQNV+fKrfur0mbNfemHwXDcvtqc/pP5u+2y8NnLlQuPlmRuzc5Pz85MTjdHp9vjMxOSOt3C/9Tc7Xh2Axo3Xb05cuzbfOP38mQ2rbw283//E0YHzg8+eeKZbdnRoeHhkvUi9t3ztnhvSsd0Ij4NRxIlI8dz3f/YbrYgo4v6PRf3BnvvNDlWdOF51YnRouOrIVLs1vVCuvNw9EEVEo6dSs3uMtj4XUet7oH3YXjNisWx+2eDjZfdGZltzratTk43LrbmF9kJ7Zvpy6rS27E8jijiXIpYiYqX/zs31RRG1SPHdI6vpakQc6B6HL1YDg7dvR7GHfdyBsp2Nvoil4hE4Z/tYfxTxaqT4+TvHYjxfZ6przRciXi3zhxFvlflSRCo/GGcj3tvic8SjqRZF/EV5/s+vponqetC9rlz8euOr09dmesp2rysf8f5wx5XiId0fDm3KB2OfX5vqUUSruuKvpnv/ZgcAAAAAAAAAAAAAAACA3XYoivhMpHjlP/64Glcc1bj0I+cH/2Bgw5Dxp++ynbLw8xGxWOxsTO7BPDDwcrqc0kMeS/w4q0cRf5LH/337YTcGAAAAAAAAAAAAAAAAAADgsVbETyPFi+8eS0vRO6d4e/p640rr6lRnVtju3L/dOdPX1tbWGqmTzZxjORdzLuVczrmSM4pcP2cz51jOxZxLOZdzruSMA7l+zmbOsZyLOZdyLudcyRm1XD9nM+dYzsWcSzmXc67kjH0ydy8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMdJEUV8ECm+883VFCkimhFj0cnl/ofdOgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg1J+K+EGkaPxh8/ayWkSk6v+OY+UfZ6N5sMxPRnOwzJeieSFnq8pa89sPof3cn75UxE8iRX/97dsnPJ//vs672x+DeOtb6+8+W+vkge7Kgff7nzh65Pzg8K8/vd3rtFUDjl9sT9+81RgdGh4e6Vlcy3v/ZM+ygbzfYne6TkTMv/Hm662pqcm5e39RfgTuo/oj9CLVHpeeelG9iNq+aMbD6TuPgfL+/16k+N13/7N7w+/c/+vxK513t+/w8Ys/Xb//v7h5Qzu8/9c218v3//KevtX9/8meZS/m70b6ahH1hRuzfUcj6vNvvHmifaN1ffL65PTZkye/PDj45TMn+w5G1K+1pyZ7Xu3K4QIAAAAAAAAAAAAAAAB4cFIRX4kUrZ+spkZE3KrGaw2cH3z2xDMH4kA13mrDuO3XRq5caLw8c2N2bnJ+fnKiMTrdHp+ZmNzp7urVcK/RoeE96cxdHdrj9h+qvzwz+8Zc+/ofLWy5/nD9wtX5hbnW+Nar41AUEc3eJcerBo8ODVeNnmq3pquql7ccTP/R9aUi/itSjJ9tpM/nZXn8/+YR/hvG/y9u3tAejf//RM+ycp8pFfGLSPE7f/l0fL5q5+G445jlcn8bKY6f+1wuFwfLct02dJ4r0BkZWJb9v0jxTx9sLNsdD/nketlTOz6wj4jy/B+JFD/48+/Fb+ZlG5//sPX5P7x5Qx/h/Pf31rvL+X+qZ9nhDc8r2JXuP/bK838iUrz05NvxW3nZhz3/o/vsjWO58O3nc+zR3/9P9SwbyPv97d3pOgAAAAAAAAAAwCOtLxXxd5HiR8O19EJetpPf/5vYvKE9+v2vT/csm9id+Yru+uK+DyoAAAAA7BN9qYifRorrC2/fHkO9cfx3z/jP31sf/zmUNq2tfs73q9VzA3bz53+9BvJ+x+6/2wAAAAAAAAAAAAAAAAAAALCvpFTEC3k+9bFqPP/EtvOpL0eKV/7nuVwuHS3LdeeBH6j+rF+amT5xYWpqZry10Lo6NdkYmW2NT5Z1n4oUq3/zuVy3qOZX784335njfX0u9rlIMfwP3bKdudi7c5M/tV72VFn2E5Hiv/9xY9nuPNafWi97uiz715HiG/+yddmj62XPlGW/Fyl+/I1Gt+zhsmz3+aifXi/7/PhMEX+/B+cFAAAAAAAAAAAAAAAAAACAx0tfKuLPIsX/3li6PZY/z//f1/O28ta3eub73+RWNc//QDX//3av72X+/+q5Aovb7RUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD6eUhTxZqSYvbSalvvL9x31i+3pm7dGh4a3rnYoVTUPVOXLr/qp02fOfumFwXPd/PD6u+0z8drIlQuNl2duzM5Nzs9PTjRGp9vjMxOT5cqDO9nCh9S/J8erA9C48frNiWvX5hunnz8TvW25NfB+/xNHB84PPnvimW7Z0aHh4ZGeTdT67nnvd0jbLD8YRfxVpHju+z9LP+qPKOL+j8VdPjt77VDVieNVJ0aHhquOTLVb0wvlysvdA1FENHoqNbvH6AGci/vSjFgsm182+HjZvZHZ1lzr6tRk43JrbqG90J6Zvpw6rS3704gizqWIpYhY6b9zc31RxOuR4rtHVtO/9kcc6B6HL14a+drJ09u3o9jDPu5A2c5GX8RS8Qics32sP4r450jx83eOxb/1R9Si8xVfiHi1zB9GvBWd853KD8bZiPe2+BzxaKpFEf9fnv/zq+md/vJ60L2uXPx646vT12Z6ynavK4/8/eFB2v7a9JUH2o5t1KOIH1dX/NX07/5eAwAAAAAAAAAAAAAAAOwjRfxapHjx3WOpGh+cxxQ/lddeneoM6+uO/euOmV5bW1trpE42c47lXMy5lHM550rOKHL9nM0y62trY/n9Ys6lnMs5V3LGgVw/ZzPnWM7FnEs5l3Ou5Ixarp+zmXMs52LOpZzLOVdyhnHFAAAAAAAAAAAAAAAAAADAHiiq/1J855uraa2/M7/0WHRy2XygH3u/DAAA//8V0vbk")
r6 = fcntl$dupfd(r1, 0x0, r3)
ioctl$VHOST_SET_VRING_ADDR(r6, 0x4028af11, &(0x7f0000000340)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/251, 0x0, 0x1000})
ioctl$VHOST_NET_SET_BACKEND(r6, 0x4008af30, &(0x7f0000000080))
openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$VHOST_NET_SET_BACKEND(r6, 0x4008af30, &(0x7f00000000c0))

1m57.386959274s ago: executing program 2 (id=18):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000c80)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0xd}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_FLOW_MAX_RATE={0x8, 0x7, 0x9}]}}]}, 0x38}}, 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000c80)={'lo\x00', <r5=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0x12, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}, {0xd, 0xfff2}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_BUCKETS_LOG={0x8, 0x8, 0x1}]}}]}, 0x38}}, 0x0)

1m57.219963056s ago: executing program 2 (id=9):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x8000, 0x0)
ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f0000000240)={0x66, 0x79a, 0x0, 0x7, 0xa00})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000100)={&(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x5})
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x4000, &(0x7f0000000480)={[{@test_dummy_encryption}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x84}}, {@stripe={'stripe', 0x3d, 0x7}}, {@commit={'commit', 0x3d, 0x5}}, {@orlov}, {@barrier_val={'barrier', 0x3d, 0x5}}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@quota}]}, 0xd, 0x5ed, &(0x7f0000000600)="$eJzs3c1vFVUbAPBnbm9LS3nfFmJUXEgTYyBRWlrAEOMCtoY0+BE3bqy0IFKgoTVaNKEY3JgYN8aYuHIh/hdKZMtKVy7cuDIkRA1LEq+Z2xnox9yW3n5Mw/x+yaVnzrnDOdN7n86Zc8+ZG0BlDaT/1CL2RsRUEtGXzD0oq0dWODD/vHv/fHI6fSTRaLzxVxJJlpc/P8l+9mY7d0fELz8nsadjeb3Ts1fOj01OTlzOtodmLkwNTc9eOXjuwtjZibMTF0deGjl29MjRY8OH2jquqwV5J6+//2Hf56Nvf//t/WT4h99Hkzger2ZPXHgcG2UgBpq/k2R5Ue+xja6sJB3Z+2ThS5zUS2wQa5K/fp0R8VT0RUc8fPH64rPXSm0csKkaSUQDqKhE/ENF5f2A/Np+6XVwrZReCbAV7p6YHwCYj/00J4//+vzYYHQ3xwZ23kti4bBOEhHtjcwttisibt8avX7m1uj12KRxOKDY3LWIeLro/J80478/uqO/Gf+1RfGf9gtOZT/T/NfbrH/pULH4h60zH//dK8Z/tIj/dxbE/7tt1j/wMPlez6L472n3kAAAAAAAAKCybp6IiBeLPv+vPZj/EwXzf3oj4vgG1D+wZHv55/+1OxtQDVDg7omIVwrn/9by2b/9HVnqf835AJ3JmXOTE4ci4v8RcSA6d6TbwyvUcfCLPd+0KhvI5v/lj7T+29lcwKwdd+o7Fu8zPjYztt7jBiLuXot4pt56/l96/k8Kzv/p34OpR6xjz/M3TrUqWz3+gc3S+C5if+H5/+FdK5KV788x1OwPDOW9guWe/fjLH1vV3278u8UErF96/t+5cvz3Jwvv1zO99joOz9Ybrcra7f93JW82b13SleV9NDYzc3k4ois52RHRFYvyR9beZngc5fGQx0sa/weeW3n8r6j/3xMRc0v+7+TvxWuKc0/+2/tHq/bo/0N50vgfX9P5f+2JkRv9P7Wq/9HO/0eat5c7kOUY/4N5X+dh2rU4vyAc60VFW91eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgc1CJiVyS1wQfpWm1wMKI3Ip6InbXJS9MzL5y59MHF8bSs+f3/tfybfvvmt5P8+//7F2yPLNk+HBG7I+Krjp7m9uDpS5PjZR88AAAAAAAAAAAAAAAAAAAAbBO9Ldb/p/7sKLt1wKarl90AoDQF8f9rGe0Atp7zP1SX+IfqEv9QXeIfqkv8Q3WJf6gu8Q/VJf4BAAAAAOCxsnvfzd+SiJh7uaf5SHVlZZ2ltgzYbLWyGwCUxi1+oLpM/YHqco0PJKuUd7fcabU9VzJ1eh07AwAAAAAAAAAAAEDl7N9r/T9UlfX/UF3W/0N15ev/95XcDmDrucYHYpWV/IXr/1fdCwAAAAAAAAAAAADYSNOzV86PTU5OXG4n0eiLWMfu2yzx1vZoxlYmGo3G1fRd0Mz59P4GvCUqncinwm+X9ixJ5Gv9Hm2vkv4gAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAy/wXAAD//8jfH2A=")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0xa1165a, 0x0)
mount$bind(&(0x7f0000000880)='./file0/../file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1adc11, 0x0)
mount$bind(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000000)='./file0/file0\x00', 0x0, 0x887008, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r1, &(0x7f0000006b40)={0x2020}, 0x2020)

1m56.808375108s ago: executing program 2 (id=12):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x12, 0x4, 0x4, 0x12}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x17, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='sched_process_fork\x00', r1}, 0x10)
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x80)
syz_mount_image$vfat(&(0x7f00000005c0), &(0x7f0000000100)='./bus\x00', 0x1010000, &(0x7f0000000200)=ANY=[@ANYBLOB="757466383d312c73686f72746e616d653d6d697865642c756e695f786c6174653d302c636865636b3d72656c617865642c73686f72746e616d653d77696e6e742c73686f72746e616d653d6d697865642c726f6469722c756e695f786c6174653d302c756e695f786c6174653d312c73686f72746e616d653d77696e6e742c696f636861727365743d757466382c757466383d312c73686f72746e616d653d77696e39352c696f636861727365743d69736f383835392d312c73686f72746e616d653d6d697865642c73686f72746e616d653d77696e6e742c646973636172642c00512733c8ef1654be3cad5b8bbe4f"], 0x1, 0x369, &(0x7f0000000700)="$eJzs3U1oY1UbAOA3vWnSGfi+dicKQnQnaJnOTje2SAcGu1EJ/izE4HRUkiq0WGwX09aF4lJwqSt3CrpwIS5FUMSdC7eOIKPiQmc34OCR5OYmt0naaQerFJ9nkZy+57znnPtDcntJTp5bjPal6bh8/fq1mJmpRHXxkcW4UYm5yKKwG+NqE2IAwOlwI6X4PeWOmFI54SkBACes9/7/QkQ0Yi6PvP7lYe2Td38AOPX6//+fOazNzEEVr5zIlACAEzZ2///efdW1akQtqsWf1dKnAgCA0+qJp595dGkl4vFGYyZi7c3N5mYzHhrWL12Ol6ITq3EuZuNmRH6h0H2o9B4vXFxZPtdoNHbip7loRsRUP7GZXyksZb38eizEbMz187uXGqlXzi58srK80OiJiN2d3vixVtlsTsfZ/vjfn43V4YVH0UnvKeLiyvL5Rr+D5lqRvxOxN7xv0Z3/fMzGt88Pukmp+ATjyvKVhWLSw/zNZj0uDfbCgXdAAAAAAAAAAAAAAAAAAAAAAADgtsw3BuYG6+ek7nO+Us78/IT63vo4eX5/faC9fH2gVE+R0m+vPdB8K4t96wONrs+zaSFBAAAAAAAAAAAAAAAAAAAAGNjYqkWr01ld39jabpcLO+sbW1MR0Y28/PVHX5yJ8Ta3KFTzIeoRgyEa/WG3262UFY1TFjGennUHLyIffDqYcblNfbAVE6dRP7iq0/nfPT++O4zcnRU9/zlsk8XkDcxK03h4pOe1/+dTOs6OGhTOlyP18dGvppRKkTfK6VeeHe8wKhHV4x+47fZUHNwmdQtfXXvxzmLvtz5Pufvun33y6jvv/9JudbojR+8I1tY3bqZ2q1I0Pt5u6e7qIlKJvFApnwnVw9L39kda2Xe/PnXX298cbfRUjrzaPZ9H2mT55nw8ml7LC91pjlSdGaZP9zeiszo94eS/VeE2jukd7332YUo//HzkIYamxl42Kn/Pqw8AAAAAAAAAAAAAAAAAAFBW+q54X//LvtOHZT342MnPDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+OcPf/y8V9nZjJDIo7I5FBoU/diZk1VfXNyJq//ZmAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwH/dXAAAA//+g5Vir")
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r6=>0xffffffffffffffff})
connect$unix(r6, 0x0, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a00)={&(0x7f0000000d00)='sched_switch\x00', r4}, 0x6c)
syz_open_dev$usbfs(0x0, 0x205, 0x8401)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x94)
write$binfmt_script(r3, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000004"], 0x50)
r7 = syz_genetlink_get_family_id$tipc2(&(0x7f00000005c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_SET(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="01060000000000000000090000002c0004801300010062726f6164636173742d6c696e6b000014000780080003007f000000080005"], 0x40}}, 0x0)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r0, r2, 0x5}, 0x10)

1m53.327690606s ago: executing program 2 (id=36):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r0, &(0x7f00000007c0)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x4}, 0xe)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x4714, &(0x7f0000000100)={[{@test_dummy_encryption}, {@jqfmt_vfsv0}]}, 0xff, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=")
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x40000, 0x0, 0x1, 0x0, 0x0)
syz_mount_image$fuse(0x0, 0x0, 0x4002, 0x0, 0x1, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000809, 0x0, 0x1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x4, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r6}, 0x10)
connect$can_bcm(0xffffffffffffffff, &(0x7f00000000c0), 0x10)
connect$netlink(r1, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', 0x1c0)
mount$overlay(0x0, &(0x7f0000000400)='./bus\x00', &(0x7f0000000b80), 0x200008, &(0x7f0000000380)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})

1m53.262025326s ago: executing program 32 (id=36):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r0, &(0x7f00000007c0)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x4}, 0xe)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x4714, &(0x7f0000000100)={[{@test_dummy_encryption}, {@jqfmt_vfsv0}]}, 0xff, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=")
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x40000, 0x0, 0x1, 0x0, 0x0)
syz_mount_image$fuse(0x0, 0x0, 0x4002, 0x0, 0x1, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000809, 0x0, 0x1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x4, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r6}, 0x10)
connect$can_bcm(0xffffffffffffffff, &(0x7f00000000c0), 0x10)
connect$netlink(r1, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', 0x1c0)
mount$overlay(0x0, &(0x7f0000000400)='./bus\x00', &(0x7f0000000b80), 0x200008, &(0x7f0000000380)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})

1m49.091626198s ago: executing program 4 (id=60):
sched_setscheduler(0x0, 0x1, 0x0)
pipe2$9p(0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x21af6000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18)
sched_setaffinity(0x0, 0x0, 0x0)
r4 = socket$pppl2tp(0x18, 0x1, 0x1)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r4, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r5, {0x2, 0x0, @dev}, 0x2}}, 0x2e)
r6 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r6, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @loopback}, 0x2, 0x9}}, 0x2e)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
getsockopt(r6, 0x111, 0x3, 0x0, &(0x7f0000000080))

1m46.875826489s ago: executing program 4 (id=68):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='hrtimer_init\x00', r1}, 0x10)
socketpair(0xa, 0x1, 0x0, &(0x7f0000000000))

1m46.8080402s ago: executing program 4 (id=69):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
getgroups(0x0, 0x0)

1m46.80785504s ago: executing program 4 (id=70):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1000410, &(0x7f0000000100)={[{@grpid}, {@grpquota}]}, 0x4, 0x4eb, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x2)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)

1m46.652040461s ago: executing program 4 (id=71):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000240)=ANY=[@ANYBLOB="180300000005000000000000000000001801000011af000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000d5030000020000838500000071000000180100002020752500000000806020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='kmem_cache_free\x00', r0, 0x0, 0x800000002400}, 0xc)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = dup(r2)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
write$tun(r1, &(0x7f0000000040)=ANY=[@ANYBLOB="00006003deffffffffffaaaaaaaaaa060800"], 0x3a)

1m39.787991017s ago: executing program 4 (id=92):
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x1817c1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$key(0xf, 0x3, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000440)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x75b08000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000340)=@abs={0x0, 0x0, 0x4e27}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0}, 0x18)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x0, 0x0})
r2 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r2)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
listen(r3, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000f80)={{r4}, &(0x7f0000000f00), &(0x7f0000000f40)=r2}, 0x20)
recvfrom(r3, 0x0, 0x0, 0x40, 0x0, 0x0)

1m38.973481861s ago: executing program 33 (id=92):
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x1817c1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$key(0xf, 0x3, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000440)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x75b08000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000340)=@abs={0x0, 0x0, 0x4e27}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0}, 0x18)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x0, 0x0})
r2 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r2)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
listen(r3, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000f80)={{r4}, &(0x7f0000000f00), &(0x7f0000000f40)=r2}, 0x20)
recvfrom(r3, 0x0, 0x0, 0x40, 0x0, 0x0)

1m17.869265342s ago: executing program 6 (id=220):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x8000000000002)
sched_setscheduler(r0, 0x2, &(0x7f0000000240)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f066bbee3, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000080)=0x7, 0x4)
syz_emit_ethernet(0x2a, &(0x7f0000000280)=ANY=[@ANYBLOB], 0x0)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x6, &(0x7f00000002c0)=0x3f7, 0x4)
r5 = socket$inet6_udplite(0xa, 0x2, 0x88)
connect$inet6(r5, &(0x7f00000000c0)={0xa, 0x4e31, 0x100659, @empty, 0xff}, 0x1c)
r6 = fcntl$dupfd(r5, 0x406, r5)
write$cgroup_pid(r6, 0x0, 0x0)
ioctl$EVIOCGLED(0xffffffffffffffff, 0x80404519, 0x0)

1m16.897268757s ago: executing program 6 (id=226):
r0 = socket$inet(0x2, 0x2, 0x0)
ioctl$sock_inet_SIOCSIFDSTADDR(r0, 0x8918, &(0x7f0000000040)={'gre0\x00', {0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x21}}})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r1}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x7, 0x4, 0x200, 0x21db}, 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r5}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x18)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = syz_open_procfs(0x0, &(0x7f0000000cc0)='net/netlink\x00')
read$FUSE(r7, &(0x7f00000027c0)={0x2020}, 0x2038)
lseek(r7, 0x5, 0x1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)

1m15.436009124s ago: executing program 6 (id=235):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$unix(0x1, 0x1, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r3, &(0x7f00000000c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r3, 0x0)
shutdown(r2, 0x0)
connect$unix(r2, &(0x7f0000000200)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r4 = accept(r3, 0x0, 0x0)
sendto$inet6(r4, &(0x7f0000000040)='\x00', 0x1, 0x20044000, 0x0, 0x0)

1m14.541448099s ago: executing program 6 (id=237):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x88e, &(0x7f0000000840)={[{@errors_remount}, {@mblk_io_submit}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0xb}}, {@test_dummy_encryption_v1}, {@barrier}, {@mblk_io_submit}, {@noinit_itable}]}, 0x3, 0x450, &(0x7f0000001100)="$eJzs3M1rXFUbAPDn3knapk3f5C31o2nVSBWDH0mT1tqFG0XBhYKgi7qMSVpip400EWwJGkXqUgruxaXgX+BKN6KuBLe6l0KRbFrFxciduTeZmUymSZw4kPn94Cbn3HuGc56598yce05uAuhZo9mPJGIwIn6NiKFatrHAaO3X3dXlmT9Xl2eSqFTe+COplruzujxTFC1ed6jI9EWknyRxvEW9i9euX5oul+eu5vmJpcvvTixeu/7M/OXpi3MX565MnTt35vTkc2ennu1InFlcd0Y+WDhx7JW3br42c/7m2z9+nRTxN8XRIaPtDj5eqXS4uu46XJdO+rrYELalVOum0V/t/0NRivWTNxQvf9zVxgG7qlKpVO7f/PBKBdjDkuh2C4DuKL7os/vfYms/YOjo8KPrbr9QuwHK4r6bb7UjfZHmZfqb7m87aTQizq/89UW2xe7MQwAANPg2G/883Wr8l0b9vND/8jWU4Yj4f0QciYizEXE0Iu6LqJZ9ICIe3Gb9zYskG8c/6a0dBbZF2fjv+Xxtq3H8V4z+YriU5w5XZ8v7kwvz5blT+XsyFv37s/xkmzq+e+mXzzY7Vj/+y7as/mIsmLfjVt/+xtfMTi9N/5uY693+KGKkr1X8ydpKQBIRxyJiZId1zD/51YmmXQeKxL3jb636lnRgnanyZcQTtfO/Ek3xF5L265MTB6I8d2qiuCo2+unnG69vVv9O4++U7PwfbHn9r8U/nNSv1y6uHV3Zah03fvt003uanV7/+5I3G/a9P720dHUyYl/yaq3R9funmspNrZfP4h872br/H4n1d+J4RGQX8UMR8XBEPJK3/dHseBJxsk38P7z42DsNO8YGtxH/7srin93W+V9P7IvmPa0TpUvff9NQ6XBsI/7s/J+ppsbyPVv5/NtKu9avZgAAANjb0ogYjCQdX0un6fh47W/4j8bBtLywuPTUhYX3rszWnhEYjv60mOmqzQfX5kMn89v6Ij/VlD+dzxt/Xhqo5sdnFsqz3Q4eetyhTfp/5vdSt1sH7DrPa0Hv0v+hd+n/0Lv0f+hdLfr/wMZdfzc9MgjsBa2+/z/sQjuA/15T/7fsBz3E/T/0Lv0fepf+Dz1pcSDu/ZC8hMSGRKTty6Rdb2GHEge2+G8u9lii259MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnfFPAAAA//+Uk+8S")
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x2, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
unlinkat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0)

1m14.30717956s ago: executing program 6 (id=240):
add_key$fscrypt_v1(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
r0 = add_key$fscrypt_v1(0x0, 0x0, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x48, 0xffffffffffffffff)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
keyctl$KEYCTL_MOVE(0x4, 0x0, r0, r0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
r3 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x56a, 0xc6, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x3, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0x0, 0x8, 0x1, {0x22, 0x7}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0x6, 0xa, 0x7}}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r3, 0x0, 0x0)
syz_usb_control_io$hid(r3, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x22, 0x7, {[@global=@item_4={0x3, 0x1, 0x4, "b37ca37d"}, @local=@item_012={0x1, 0x2, 0x1, 'P'}]}}, 0x0}, 0x0)

1m13.539571604s ago: executing program 6 (id=242):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r4}, 0x10)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x1805}, 0x4)
sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='`\x00\x00\x00\x00\x00\x00\x00)\x00\x00\x00'], 0x60}, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
pselect6(0x0, 0x0, &(0x7f00000000c0)={0xfffffffffffff001, 0x2, 0x8, 0x8000000000000001, 0x7, 0xbe12, 0x0, 0x4}, 0x0, &(0x7f0000000180), &(0x7f0000000200)={0x0})
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0xa5, 0xa, 0x0, 0x0, 0x18, 0x61, 0x11, 0x6c}, [@initr0]}, &(0x7f0000000000)='GPL\x00'}, 0x80)
r5 = socket$inet6(0xa, 0x400000000001, 0x0)
bind$inet6(r5, &(0x7f0000fa0fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
sendto$inet6(r5, 0x0, 0x0, 0x20000008, &(0x7f00000001c0)={0xa, 0x4e20, 0x3, @loopback, 0x7}, 0x1c)

1m13.498626034s ago: executing program 34 (id=242):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r4}, 0x10)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x1805}, 0x4)
sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='`\x00\x00\x00\x00\x00\x00\x00)\x00\x00\x00'], 0x60}, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
pselect6(0x0, 0x0, &(0x7f00000000c0)={0xfffffffffffff001, 0x2, 0x8, 0x8000000000000001, 0x7, 0xbe12, 0x0, 0x4}, 0x0, &(0x7f0000000180), &(0x7f0000000200)={0x0})
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0xa5, 0xa, 0x0, 0x0, 0x18, 0x61, 0x11, 0x6c}, [@initr0]}, &(0x7f0000000000)='GPL\x00'}, 0x80)
r5 = socket$inet6(0xa, 0x400000000001, 0x0)
bind$inet6(r5, &(0x7f0000fa0fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
sendto$inet6(r5, 0x0, 0x0, 0x20000008, &(0x7f00000001c0)={0xa, 0x4e20, 0x3, @loopback, 0x7}, 0x1c)

7.231994242s ago: executing program 7 (id=578):
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r0}, 0x10)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='attr/fscreate\x00')
write$binfmt_script(r1, &(0x7f0000002f80)={'#! ', './cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}, 0xff1)

7.172029952s ago: executing program 7 (id=580):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
bind$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x1, @none, 0x0, 0x2}, 0xe)

7.027866903s ago: executing program 7 (id=582):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xb8, 0x19, 0x1, 0x70bd2d, 0x0, {{@in6=@loopback, @in=@local, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xc, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa00, 0x407ffffffffffe, 0x800000000000002}, 0x0, 0x0, 0x1, 0x1}}, 0xb8}}, 0x0)
openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000e40), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ENABLE(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000001080)={&(0x7f0000000000)={0x6c, r2, 0x1, 0x0, 0x25dfdbfe, {}, [@TIPC_NLA_BEARER={0x58, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x0, 0x0, @loopback}}, {0x20, 0x2, @in6={0xa, 0x0, 0x0, @remote}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}]}]}, 0x6c}}, 0x0)

6.579971795s ago: executing program 7 (id=585):
openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000003c0)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b700000000fa000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_GET(r4, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000a80)={&(0x7f0000000880)={0x20, r5, 0x4f79951a91b7df8f, 0x70bd2c, 0x3, {}, [@HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x4005}, 0x40000)

6.392014946s ago: executing program 1 (id=589):
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='tracefs\x00', 0x0, &(0x7f0000000100))

6.272542277s ago: executing program 1 (id=592):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x4000366, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
ioctl$TIOCL_SETSEL(0xffffffffffffffff, 0x541c, &(0x7f0000001900)={0x2, {0xc, 0xa00, 0x0, 0x101, 0x100}})
r5 = open_tree(0xffffffffffffff9c, 0x0, 0x0)
waitid(0x1, r0, 0x0, 0x2, &(0x7f00000002c0))
renameat2(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', r5, 0x0, 0x0)

4.540795486s ago: executing program 1 (id=596):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18)
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000002180)={0x18, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
unshare(0x62040200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000002100)=0x3)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getsockopt$IPT_SO_GET_INFO(r1, 0x0, 0x40, &(0x7f00000002c0)={'filter\x00', 0x7003, [0x4, 0x40009, 0x5, 0x1, 0x200002]}, &(0x7f0000000100)=0x54)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x1, 0xc, 0x2005, 0x7, 0xc1, 0xffffffffffffffff, 0xffffffff}, 0x50)

4.491793156s ago: executing program 7 (id=599):
getpid()
socket(0x10, 0x3, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='sched_switch\x00', r0}, 0x18)
r1 = epoll_create1(0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000400)={0xa})
syz_usb_connect(0x4, 0x24, 0x0, 0x0)
epoll_pwait(r1, &(0x7f0000000080)=[{}], 0x1, 0x4c6, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

4.153507858s ago: executing program 3 (id=600):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x2)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000006840)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000600)={0x50, 0x0, r1, {0x7, 0x2b, 0x10, 0x1c20040, 0x0, 0x0, 0x1, 0x1}}, 0x50)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r2, 0x0, 0x0)
socket(0x1e, 0x80004, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3fc, 0xfffffffffffffffd, 0xfffffffffffffffe, 0xdf5a, 0x4000000000000000}, 0x0, &(0x7f00000002c0)={0x3f, 0x0, 0x8, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
connect$inet(r2, 0x0, 0x0)
sendmmsg(r2, 0x0, 0x0, 0x0)
open(&(0x7f00000001c0)='./file0/file0\x00', 0x1802, 0x40)
socket$inet6(0xa, 0x3, 0x8000000003c)

3.636428021s ago: executing program 1 (id=602):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000000f0000000000000c00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000200b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r5, 0x0, 0x0)
r6 = socket$inet6(0xa, 0x3, 0x26)
connect$inet6(r6, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmmsg(r6, &(0x7f0000000480), 0x2e9, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
inotify_init1(0x0)
sendmsg$NFC_CMD_GET_TARGET(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="05000000010000000a00000008"], 0x48)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='tracefs\x00', 0x0, &(0x7f0000000100))

3.617851651s ago: executing program 0 (id=603):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
sendmmsg$inet(r0, &(0x7f0000000900)=[{{&(0x7f0000007b00)={0x2, 0x4e21, @empty}, 0x10, &(0x7f0000000b00)=[{&(0x7f0000007b40)="fb9f", 0x2}], 0x1}}, {{&(0x7f0000000800)={0x2, 0x4e20, @rand_addr=0x64010100}, 0x10, 0x0, 0x0, &(0x7f0000001040)=[@ip_retopts={{0x10}}], 0x10}}], 0x2, 0x40000)

3.547967731s ago: executing program 0 (id=604):
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10)
listen(r0, 0x0)
r1 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r1, &(0x7f00000002c0)={&(0x7f0000000080)=@nameseq={0x1e, 0x2, 0x0, {0x41}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x480c0}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x18)
accept4(r0, 0x0, 0x0, 0x400000000000000)

3.547815701s ago: executing program 5 (id=605):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
recvmmsg(r0, &(0x7f0000000740)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000001940)=""/4097, 0x1001}, {&(0x7f0000000680)=""/96, 0x60}, {&(0x7f0000000140)=""/101, 0x13}, {&(0x7f00000001c0)=""/18, 0x12}, {&(0x7f0000000200)=""/52, 0x34}], 0x5}, 0x1}, {{&(0x7f0000000440)=@l2tp, 0x0, &(0x7f0000000700)=[{&(0x7f0000000900)=""/4096}]}, 0x1}], 0x1, 0x12000, 0x0)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="14000000", @ANYBLOB="01002d"], 0x14}, 0x1, 0x0, 0x0, 0x20000040}, 0x810)
sendmsg$nl_generic(r0, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000002b40)=ANY=[@ANYBLOB="2000000010000107000000000000000003"], 0x20}}, 0x4000084)

3.547747471s ago: executing program 0 (id=606):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0900000005000000fd0900008400000000000000", @ANYRES32, @ANYBLOB="feffffff00007163f2e052000000000d000000000000000005", @ANYRES32=0x0, @ANYRES32], 0x50)

2.714966805s ago: executing program 3 (id=607):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000010000000a"], 0x48)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
sendto(0xffffffffffffffff, &(0x7f0000000200)="dae68b04cc32ba", 0x7, 0x4000050, &(0x7f0000000440)=@pptp={0x18, 0x2, {0x3, @rand_addr=0x64010102}}, 0x80)
write$binfmt_register(0xffffffffffffffff, &(0x7f0000000340)={0x3a, 'syz0', 0x3a, 'M', 0x3a, 0x80000001, 0x3a, '\xbb\xbb\xd0\xbb\xbb\xbb', 0x3a, '/dev/kvm\x00', 0x3a, './cgroup.cpu/cpuset.cpus'}, 0x47)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="6c0000001000010400"/20, @ANYBLOB="5d580000000000001c001a8018000a801400070000000000000000000000000000000001140003006970766c616e310000000000000000001c0012800b0001006970766c616e00000c"], 0x6c}, 0x1, 0x0, 0x0, 0x840}, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000100)=0x207, 0x4)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'bridge0\x00', <r2=>0x0})
sendto$packet(r1, &(0x7f00000002c0)="05031c08d3fc140820824788031c09102c28", 0xfce0, 0x4, &(0x7f0000000140)={0x11, 0x86dd, r2, 0x1, 0x0, 0x6, @multicast}, 0x14)

2.714059816s ago: executing program 0 (id=608):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000300), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x7}, 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
sendmsg$TIPC_NL_LINK_GET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)={0x2c, r1, 0x1, 0x70bd25, 0x25dfdbfe, {}, [@TIPC_NLA_LINK={0x18, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x14}, 0x40080)

2.675019556s ago: executing program 5 (id=609):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0700000004000000800000000400000028"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000700000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000300)='kmem_cache_free\x00', r1}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
setrlimit(0xa, 0x0)

2.507994286s ago: executing program 5 (id=610):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=ANY=[@ANYBLOB="fc000000190001002dbd70000000000000000000000000000000000000000000ac1414aa00000000000000000000000000000000000000020a00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000c00000000000000000300000000000000000000000000000000000000000000ffffffffffffffff000000000000000000000000000000000000000000000000000a000000000000feffffffff7f400002000000000000080000000000000000010000000000000044000500ac1414bb000000000000000000000000000004d43c00000002000000ffffffff0000000000000000000000000600000004"], 0xfc}}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet6(r1, &(0x7f0000000200)=[{{&(0x7f00000003c0)={0xa, 0x4e24, 0x9, @mcast2}, 0x1c, 0x0}}], 0x1, 0x4000)

2.221066088s ago: executing program 3 (id=611):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
ptrace$ARCH_MAP_VDSO_X32(0x1e, r0, 0x2, 0x2001)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket(0x10, 0x3, 0x0)
r3 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r3, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x200000, 0x1000}, 0x20)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000004c0)={<r4=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'macsec0\x00', <r5=>0x0})
setsockopt$XDP_TX_RING(r3, 0x11b, 0x3, &(0x7f00000001c0)=0x2, 0x4)
setsockopt$XDP_UMEM_COMPLETION_RING(r3, 0x11b, 0x6, &(0x7f0000000180)=0x2000, 0x4)
setsockopt$XDP_UMEM_FILL_RING(r3, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4)
bind$xdp(r3, &(0x7f0000000100)={0x2c, 0x0, r5}, 0x10)
syz_clone(0x41200100, 0x0, 0x0, 0x0, 0x0, 0x0)

2.215703448s ago: executing program 1 (id=612):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18)
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000002180)={0x18, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
unshare(0x62040200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000002100)=0x3)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getsockopt$IPT_SO_GET_INFO(r1, 0x0, 0x40, &(0x7f00000002c0)={'filter\x00', 0x7003, [0x4, 0x40009, 0x5, 0x1, 0x200002]}, &(0x7f0000000100)=0x54)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x1, 0xc, 0x2005, 0x7, 0xc1, 0xffffffffffffffff, 0xffffffff}, 0x50)

2.144016918s ago: executing program 5 (id=613):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r3}, 0x10)
mount$9p_fd(0x0, 0x0, &(0x7f0000000280), 0x0, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
r4 = socket(0x8000000010, 0x2, 0x0)
write(r4, &(0x7f00000002c0)="fc0000001c000704ab5b2509b868030002ab087a0100000001481093210001c0f0030584050060100000000000039815fa2c53c28648000000b9d95662537a00bc000c00f0ff7f0000b400600033d44000040560916a0033f436313012dafd5a32e273fc83ab82d710f74cec184406f90d435ef8b29d3ef3d92c94170e5bba2e177312e081bea05d3a021e8ca062914a46ccfc510bb73c9455cdc8363ae4f5df77bc4cfd6239ec2a0f0d1bcae5fa0f5f9dcdd51af51af8502943283f4bb102b2b8f5566791cf190201ded815b2ccd243f395ed94e0ad91bd6433802e0784f2013cd1890058a10000c880ac801fe4af000049f0d4796f0000090548de", 0xfc)

1.185770273s ago: executing program 5 (id=614):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000180), 0x2)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f00000001c0)={0x2, 0x3, 0xb0, 0x267c9064f20698f8})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000003680)='sched_switch\x00', r4}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00'}, 0x10)
r5 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)

1.185568353s ago: executing program 3 (id=615):
r0 = socket$packet(0x11, 0x3, 0x300)
getsockopt$packet_int(r0, 0x107, 0x9, 0x0, &(0x7f0000000140))

1.184750163s ago: executing program 1 (id=616):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000000)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x4, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r3}, &(0x7f0000000040), &(0x7f0000000280)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r4, 0x400455c8, 0x0)
ioctl$sock_bt_hci(0xffffffffffffffff, 0x400448e3, &(0x7f00000001c0))
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000300)={0xffffffffffffffff, 0xe0, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x3, 0x5, &(0x7f0000000080)=[0x0, 0x0, 0x0], &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0], <r5=>0x0, 0x27, &(0x7f00000001c0)=[{}], 0x8, 0x10, &(0x7f0000000200), &(0x7f0000000280), 0x8, 0x72, 0x8, 0x8, &(0x7f00000002c0)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket(0x10, 0x3, 0x0)

1.179689394s ago: executing program 0 (id=617):
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x8, &(0x7f0000000a80)=ANY=[@ANYRES16=r3], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1a}, 0x94)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000480)={'wg2\x00'})
openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x2182, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/consoles\x00', 0x0, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00', r6}, 0x10)
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x2, 0x0, &(0x7f0000000140)={0x0, 0x0})
write(r7, &(0x7f0000000000)="fa", 0xfffffdef)
setsockopt$inet_tcp_int(r4, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe3}]}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(r4, &(0x7f0000004a80)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000007c0)="16ecaaaeb69ec105e9dd534f1bd77f8051db33a07055391264d230088248daa370b0bc75883a507be52e9744ca1479096e0a1d347324d779b5fe3167e722437570ee9c472c6399c49d1473a32016f512dee12a2f9dc3bd6060001c8139ae43a3cbf08d05c66712c9a0b2994264c8614da6c0251fdeb06bcb94139d6b3df7bd60ac9d53ac834c97388aa638bb50457e57f90b3e8e11975ebd2c81a2a13cb5dc9b7fae4411137ad278cf52dd8d32de5b07a396cd19a242b247d2ca16ce1a663064abfc1ba416f7b1fc251409afd53815f775ab04810637bd8c9b2606a8512ee5622829a369d77900cfc7987f950003fb657f4c17131695efdcead8816ddae634049c3dab49a0ca36b1d5d93c8dac8fa0ba2a74f55d159667e3b52ec903f439a21a023b4bc7bf4463d73f5ae46a680f138c34f0ab2e8503ce342bfb26e481f087a08d410a8886335ac1fda0df344dfbb68b6bb8fcc2bf9a85fe835f350fb281e1159b093d52c519a3d61cd4979941c87ebf52404bdb04ebce4e1980314c1b03a674a86d6cf027b9076559eecadd6cbc5daab4002468d3653a11bbcb9cf625b1e4fe49a398e63200944d4ecee2741a09daf3650edb6a8dca6dc705873b78767c0e942a766c8be2bf425eeba3c277f09332f84fe9f24272059625703661763ed5efd08af27a1b6ccc3a7ae63ff339676e5caa6447e4a0575131495bc643681ca8e18b95bc7db66366c50cd89c9a59746da83dcced2526003b48e250bb7a20eabaf34e950fd1eeb6cce37de630e51a067e786dc3ecde5d2218962d33adde6734636adcf597b93be0cc3f307127d2b0df08a75d14f41ed41237db5e7b10fdacd56231cd781566b26080a06edbd7af51e6310233f0cea9aea8fe2c08a94cdc1ae11c6bef6f0fb5d4155567b47db0c4fc61940d157fc5a1df14ff33bd638b56b200b032cd99504751cb6c29d8252e6ebd0c1ac4c3df73d335aaf060f54d6a4f1c225eaca5e3f313a1d29f940d7a9fcaa040d7cab55550954a3c4d8bd772890fff6eadf3de96a39675", 0x2e4}], 0x1}}], 0x1, 0x400c0)
setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000480)=0x1df9, 0x4)
sendto$inet(r4, &(0x7f0000000580)="17", 0x1d4c, 0x10048095, 0x0, 0x0)

1.131879264s ago: executing program 7 (id=618):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='./file0\x00', 0x2800000, &(0x7f0000000380)={[{@debug}, {@delalloc}, {@journal_ioprio}, {@test_dummy_encryption}, {@nodiscard}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}, {@acl}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x40}}]}, 0x1, 0xbb4, &(0x7f00000017c0)="$eJzs3M1rXOUaAPDnnHy2zb2TXi6X27tpLpdLC+I0raTYIthKxY0LQbdCQzopIdMPkkhNmsVE/wFR14IbQS1KF3bdjYJbN1q3FhdCkdgoiGjkzEeSJjNJ2k5yYvL7wZvzvvOcOe/z5DBzzgszE8CeNZD9SSMORcT5JKJQfzyNiO5qrzeiUttvYX525Jf52ZEkFhdf/jGJJCLuz8+ONI6V1LcH6oPeiPjquST+8ebaeSenZ8aHy+XSRH18bOrS1WOT0zNPjl0avli6WLp8/OTTQyeGTg6eGmpbrb9+d+bWz/994fvKbx/9fuOndz5I4kz01WMr66hX/dgGYmDpf7JSZ0QMt+H4O0FHvZ6VdSadGzwp3eKkAABoKV1xD/evKERHLN+8FeLzr3NNDgAAAGiLxY6IRQAAAGCXS6z/AQAAYJdrfA7g/vzsSKPl+4mE7XXvbET01+pfqLdapDMq1W1vdEXE/vtJrPxaa1J72mMbiIi73576NGvR5HvIW60yFxH/bnb+k2r9/fVvQq+uP42IwTbMP7Bq/Feq/0wb5s+7fgD2pttnaxeytde/dOn+J5pc/zqbXLseRd7Xv8b938Ka+7/l+jta3P+9tMk5rn/43rVWsaz+Z249/0mjZfNn28cq6iHcm4v4T2ez+pOl+pMW9Z/f5ByFP66VWsXyrn/x/Ygj0bz+hmT93yc6NjpWLg3W/jadY+7LoY9bzZ93/dn539+i/o3O/9UHjtT6R31ePXfuZqvYxvWnP3Qnr1R73fVHXh+empo4HtGdvLj28RPr19vYp3GMrP6j/1v/9d+s/uw9oVL/P2SVz9W32fiNVXM+e+P6Z+vVn6398jz/Fx7x/L+1yTn+/8XbR1vFVq5/s5bNfzeprYUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoCGNiL5I0mJEJNV+mhaLEQci4p+xPy1fmZx6YvTKa5cvZLGI/uhKR8fKpcGIKNTGSTY+Xu0vj0+sGj8VEQcj4t3Cvuq4OHKlfCHv4gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFhyICL6IkmLEZFGxEIhTYvFvLMCAAAA2q4/7wQAAACALWf9DwAAALuf9T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABb7ODh23eSiKic3ldtme56rCvXzICtluadAJCbjrwTAHLTmXcCQG4eco3vdgF2oWSDeG/LSE/bcwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABg5zpy6PadJCIqp/dVW6a7Hutq+ozD25gdsJXSvBMActOxXrBz+/IAtp+XOOxdzdf4wF6SbBDvXd6n8mCkZ8tyAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDn6au2JC1GRFrtp2mxGPG3iOiPrmR0rFwajIi/R8Q3ha6ebNyTd9IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC03eT0zPhwuVya0NHRybeT7Iw0ap2835kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMjD5PTM+HC5XJqYzDsTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIG+T0zPjw+VyaWITnZsPs/OKTt41AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQnz8DAAD//9b4DfQ=")
syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x4800, 0x0, 0x0, 0x0, &(0x7f0000000240))
chdir(&(0x7f00000003c0)='./bus\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x192)
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000580)='./bus\x00', 0x88, &(0x7f0000000040)=ANY=[@ANYRESOCT, @ANYRES32, @ANYRESOCT=0x0, @ANYRESDEC=0x0, @ANYRESOCT=0x0, @ANYRES8=0x0], 0x3, 0x24a, &(0x7f0000000840)="$eJzsmL9rFEEUx78zu7e5lSDapLCxCRjR3OX2UNIcJoJgJULir0oPs4Z4m5xcVjAHYoKNjWJjIaSx8B+wSGFlYec/IGihgmDhFRY2NiOzM7s7d5e9H5sy71MM35k3P968ffMODgRBHFp+fP/77fnF+eWzACYxjQk9/ssCGFOabafzv75+eOZV7dLuuy9vP24cffy+dz+5RIjugeKA820AHxYthFGPm6v/STGtO8vgib4GjtNa3wBDSes74LiutQ+GW1rfN3RTzi+V7q0FfuluM1iRYk42Fdl4sqn2+tfZYVjRfSGEYIAb2ze32o16EPgtQ9jato8pl0icaUz1xa8AB51Fjprhn4zizWdPd2Q/js2cEb8KOCr621bBsKTH57Ebx0aFxLj/CTvd3zLOV17uc1umkwEYdsmiErU/44fGHTzn+Gy+oM/I6yz0m44hz1dE96oCUpOMZObyrPQaL3UiYQ/PxQv6gyYjL0c+60rvLcST5AG4MCa/kM9mwIYT+cKrMEzAAV7dVId96jf9VIJbWfksWBCwIUew0fOnOKrP8fXzJ4mLdoOnEbMPXrC0Y5/3VP0QbxhOGfXJNupHOVx/UN7cas+urddX/VV/w/Oq5xmwfc4rR4VItX11L63PblSfjuiSLPcvdE+Jf9LgcAeP6mHYqqhW1k4XYdjyor5nPJulvebv23pZiMvAgu7IkuYkW6tK6BqHMUfN4dFcqWasTOcJgiAIgiAIgiAIgiAIgiDG4iRY9C9owqQ2dA0K72o0+D8AAP///+9MqQ==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x200000000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000300)={&(0x7f00008a0000/0x3000)=nil, &(0x7f0000000000/0xc00000)=nil, &(0x7f00006f1000/0x3000)=nil, &(0x7f00005da000/0x3000)=nil, &(0x7f0000b43000/0x4000)=nil, &(0x7f0000581000/0x2000)=nil, &(0x7f00001d1000/0x4000)=nil, &(0x7f00007e6000/0x3000)=nil, &(0x7f00006a0000/0x4000)=nil, &(0x7f00006bd000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, 0x0, 0x0, r3}, 0x68)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000640)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd020f4c0c8c56147d66527da307bf731fef97861750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3665f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc"], 0x0}, 0x94)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@index_on}]})

1.066100084s ago: executing program 3 (id=619):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b00)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
pivot_root(&(0x7f0000000040)='./file1\x00', 0x0)

1.040898144s ago: executing program 3 (id=620):
syz_mount_image$ext4(&(0x7f00000005c0)='ext4\x00', &(0x7f00000007c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000640), 0x1, 0x5c0, &(0x7f0000000c40)="$eJzs3V+IHHcdAPDv7u2m7SWYVmo11TZXq23sn73cXQmmFiSP2qbU/nkyEo9kcwm3l423G+xdLVwpQgUjofqkTwqCig8RQUF8KIj1UfBNKRUsogRCsRRFU12Z2Zmw8TZ3ud6fsTefD8zdb34ze7/v7Jfv7M4vs5sASmss+VGJ2BURr0bE7v7q1TuM9X+dn7pwMlkq0es99WYl3e/5qQsn813zx+1MflQjPpT8+nXEzvrycTsLi7PTrVZzPlsf786dGe8sLD54am56pjnTPD05NXFg/+SBiQMHN+xYf/jcy599/bnHLp+7NPr91/bs/UcS765s2+BxbJSxGMuek3p8dHBDJeLTGz1YQUYiohYRHyg6ENbsyO++/kyev3pa/7tjJF2LGJ068tbuOPdI0TECm6eXutbWkR6wnVWi6AiAYuSv9Mn1b75s1XuP2e1yEfwedulQ/wLw+Wxu5/yV/Neimu1T36Tr+71/jRiL7n0XPnPXV5MlNmkehmtbeiHSibrl9V9J58Zuzva7OyL2RcTHIuLjEXFPRNy7zrGf/kKS/z9+c7BP/rfW9eb/ExHRiIj7IuL+iHggIh5c59i3HU7yv/OLg33yXx63f67oCCjSb18qOgLS8//+Wm3Y+b+6zr991yrbe+m/Ky69Mdjn/F8eTz5VdAQU6fEDRUdAkb7zZtER8Mqh/sXc8tf/atw2sF/S/mD/UjH2JO/dI+LDEfGRiLgjIu6MiL35/UTX6SuPJvs3moN9y1//qxfXc3ys7NKhiEcG7u06P5D/zM0j2Vo9nQ+oV06cajX3R8T70jmh+g3J+sQKY3xt6VePDuv/8R1J/j/1eD7/lyzJ+PlcYBbHxdoNVz/u+HR3er3HTd+lFyJurw3LfyW7E6h/X18vIsbf5Rgv7vvJb4b1f/LJJP/3PLBy/tlMve/253GH5T9XWfn+zPH0fDCenxWWezFuPTes/4nLSf7f+IP8Fyep/9GV85+e/6/cr9tZ+xi18xe/MbR/Lsn/n3/5bs7/OypPpwHuyPqene525ycidlQeW94/ufaYt6v8+cifryT/++4e/vr//uwxyROaVPa/I+I/EfHPiPhXRFyOiHci4m8R8dYKY/7i5Yd/Pqx/6pkk/395Vf0XJ8n/8VXqv3JV/a+98e07D3552Ng/+F6S/9HG6vX/UBrMvqzH+7/VXW+Cio4TAAAAAAAAgI1RTb8Dr1JtXGlXq41G/zv8bo3Raqvd6d5/on329PHIPg9ar+Z3eu0euB90IvusaL4++T/rUxFxS0S8NHJTut441m4dL/rgoZxquyJe/+mXju3YeY36T7w2UnSYwGZI6v/Et0aWkvbb6hxKJan/H709l34uS/1Duah/KJvaO3lL/UN5qX8oL/UP5aX+obzUP5SX+ofyUv9QXoP1D5TTE4cPJ0sv/97P0+2ZU7Mnzxyc3N+YO3uscaw9f6Yx027PpJ/YmVv977Xa7TMTD8XZZ8e7zU53vLOweHSuffZ092j6vdFHm/UtOCZgdX//0+d/dsveV35fiYilh29Klxj47my1CtubS38or1rRAQCF8R4fqKyy/cZrbTiy8bEAW2O9/8c/8N517x7z/1BW5v+hvMz/Q3l5jw+Y/4fyMf8P5dWc7ywszk63WssaRUcGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFBOnYXF2elWqzmvsfmNG7Mn/f8lHo3SN/4bAAD//x/0RNY=")
socket$tipc(0x1e, 0x5, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00'}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
timer_gettime(0x0, 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0xc4)
getdents64(r0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

23.88446ms ago: executing program 5 (id=621):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x200000000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000000)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={0x0}, 0x18)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r3}, 0x0, &(0x7f0000000040)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0xce56fe61a68fc369, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = socket$pppl2tp(0x18, 0x1, 0x1)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r6, &(0x7f0000000b00)={0xa, 0xfdfb, 0x100004, @local, 0x80a}, 0x1c)
connect$pppl2tp(r5, &(0x7f0000000300)=@pppol2tpin6={0x18, 0x1, {0x0, r6, 0x8, 0x0, 0x5, 0x0, {0xa, 0x0, 0xf9d, @private2}}}, 0x32)

0s ago: executing program 0 (id=622):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000000f0000000000000c00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000200b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r5, 0x0, 0x0)
r6 = socket$inet6(0xa, 0x3, 0x26)
connect$inet6(r6, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmmsg(r6, &(0x7f0000000480), 0x2e9, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
inotify_init1(0x0)
sendmsg$NFC_CMD_GET_TARGET(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="05000000010000000a00000008"], 0x48)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='tracefs\x00', 0x0, &(0x7f0000000100))

kernel console output (not intermixed with test programs):

at=0 ip=0xffffa1d5b3a8 code=0x7ffc0000
[   33.013313][   T27] audit: type=1326 audit(33.000:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4526 comm="syz.1.22" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa1d5b3a8 code=0x7ffc0000
[   33.040035][   T27] audit: type=1326 audit(33.020:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4526 comm="syz.1.22" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa1d5b3a8 code=0x7ffc0000
[   33.043459][   T27] audit: type=1326 audit(33.020:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4526 comm="syz.1.22" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa1d5b3a8 code=0x7ffc0000
[   33.074502][   T27] audit: type=1326 audit(33.020:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4526 comm="syz.1.22" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa1d5b3a8 code=0x7ffc0000
[   33.094767][   T27] audit: type=1326 audit(33.020:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4526 comm="syz.1.22" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa1d5b3a8 code=0x7ffc0000
[   33.103513][   T27] audit: type=1326 audit(33.020:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4526 comm="syz.1.22" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa1d5b3a8 code=0x7ffc0000
[   33.107366][   T27] audit: type=1326 audit(33.020:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4526 comm="syz.1.22" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa1d5b3a8 code=0x7ffc0000
[   33.110672][   T27] audit: type=1326 audit(33.020:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4526 comm="syz.1.22" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=429 compat=0 ip=0xffffa1d5b3a8 code=0x7ffc0000
[   33.124563][   T27] audit: type=1326 audit(33.020:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4526 comm="syz.1.22" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa1d5b3a8 code=0x7ffc0000
[   33.204720][ T4532] netlink: 'syz.1.24': attribute type 12 has an invalid length.
[   33.952087][ T4540] netlink: 40 bytes leftover after parsing attributes in process `syz.4.27'.
[   33.974806][ T4542] loop4: detected capacity change from 0 to 1024
[   33.976247][ T4542] EXT4-fs: Ignoring removed oldalloc option
[   33.977333][ T4542] EXT4-fs: Ignoring removed bh option
[   33.979640][ T4542] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   34.004704][ T4542] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   34.024613][ T4329] EXT4-fs (loop4): unmounting filesystem.
[   34.072851][ T4549] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   34.076365][ T4549] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   34.146334][ T4551] loop1: detected capacity change from 0 to 256
[   34.153162][ T4551] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011f3f, chksum : 0x23ae2a4b, utbl_chksum : 0xe619d30d)
[   34.170307][ T4551] exFAT-fs (loop1): error, exfat_zeroed_cluster: out of range(sect:224 len:8)
[   34.171728][ T4551] exFAT-fs (loop1): Filesystem has been set read-only
[   34.327129][ T4321] Bluetooth: hci1: command 0x0419 tx timeout
[   34.328184][ T4321] Bluetooth: hci0: command 0x0419 tx timeout
[   34.329174][ T4321] Bluetooth: hci2: command 0x0419 tx timeout
[   34.487000][   T47] Bluetooth: hci4: command 0x0419 tx timeout
[   34.592434][ T4328] EXT4-fs (loop2): unmounting filesystem.
[   34.769306][   T47] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   34.770894][   T47] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   34.772305][   T47] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   34.774204][   T47] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   34.775723][   T47] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   34.782832][   T47] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   34.839900][ T4570] IPv6: NLM_F_REPLACE set, but no existing node found!
[   34.893117][   T39] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   35.019670][   T39] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   35.050411][ T4576] loop4: detected capacity change from 0 to 40427
[   35.162123][ T4582] loop3: detected capacity change from 0 to 512
[   35.330560][ T4576] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[   35.331111][ T4582] EXT4-fs error (device loop3): ext4_orphan_get:1400: inode #15: comm syz.3.41: inode has both inline data and extents flags
[   35.331726][ T4576] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[   35.334222][ T4582] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.41: couldn't read orphan inode 15 (err -117)
[   35.337673][ T4582] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   35.360943][ T4576] F2FS-fs (loop4): invalid crc value
[   35.368867][ T4576] F2FS-fs (loop4): Found nat_bits in checkpoint
[   35.384587][ T4576] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[   35.386609][ T4576] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   35.402274][   T39] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   35.425252][ T4566] chnl_net:caif_netlink_parms(): no params data found
[   35.471829][   T39] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   35.480583][ T4593] loop1: detected capacity change from 0 to 128
[   35.541860][ T4598] loop4: detected capacity change from 0 to 2048
[   35.584696][ T4566] bridge0: port 1(bridge_slave_0) entered blocking state
[   35.586095][ T4566] bridge0: port 1(bridge_slave_0) entered disabled state
[   35.587802][ T4566] device bridge_slave_0 entered promiscuous mode
[   35.589931][ T4566] bridge0: port 2(bridge_slave_1) entered blocking state
[   35.590988][ T4566] bridge0: port 2(bridge_slave_1) entered disabled state
[   35.592735][ T4566] device bridge_slave_1 entered promiscuous mode
[   35.601956][ T4598] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   35.613792][ T4566] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   35.617882][ T4566] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   35.983459][ T4599] syz.1.45: attempt to access beyond end of device
[   35.983459][ T4599] loop1: rw=2049, sector=138, nr_sectors = 112 limit=128
[   36.050873][ T4607] loop0: detected capacity change from 0 to 512
[   36.052340][ T4607] EXT4-fs: Ignoring removed oldalloc option
[   37.053505][ T4607] EXT4-fs warning (device loop0): dx_probe:893: inode #2: comm syz.0.46: dx entry: limit 1024 != root limit 124
[   37.055540][ T4607] EXT4-fs warning (device loop0): dx_probe:966: inode #2: comm syz.0.46: Corrupt directory, running e2fsck is recommended
[   37.061122][ T4607] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -117
[   37.062923][ T4607] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2196: inode #15: comm syz.0.46: corrupted in-inode xattr
[   37.066598][ T4607] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.46: couldn't read orphan inode 15 (err -117)
[   37.070067][ T4607] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   37.236645][    C1] sched: RT throttling activated
[   37.238633][ T4321] Bluetooth: hci3: command 0x0409 tx timeout
[   37.255410][ T4324] EXT4-fs (loop3): unmounting filesystem.
[   37.408722][ T4566] team0: Port device team_slave_0 added
[   37.410558][ T4566] team0: Port device team_slave_1 added
[   37.492328][ T4329] EXT4-fs (loop4): unmounting filesystem.
[   37.510683][ T4320] EXT4-fs (loop0): unmounting filesystem.
[   37.516497][ T4566] batman_adv: batadv0: Adding interface: batadv_slave_0
[   37.517655][ T4566] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   37.521500][ T4566] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   37.524744][ T4566] batman_adv: batadv0: Adding interface: batadv_slave_1
[   37.525825][ T4566] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   37.534368][ T4566] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   38.214830][ T4566] device hsr_slave_0 entered promiscuous mode
[   38.249953][ T4566] device hsr_slave_1 entered promiscuous mode
[   38.352678][ T4566] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   38.354409][ T4566] Cannot create hsr debugfs directory
[   38.355499][ T4634] netlink: 24 bytes leftover after parsing attributes in process `syz.0.53'.
[   38.728482][ T4654] loop1: detected capacity change from 0 to 128
[   38.731170][   T27] kauditd_printk_skb: 2 callbacks suppressed
[   38.731176][   T27] audit: type=1326 audit(38.720:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4651 comm="syz.0.56" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9615b3a8 code=0x7ffc0000
[   38.735559][   T27] audit: type=1326 audit(38.720:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4651 comm="syz.0.56" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9615b3a8 code=0x7ffc0000
[   38.744891][   T27] audit: type=1326 audit(38.720:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4651 comm="syz.0.56" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=136 compat=0 ip=0xffff9615b3a8 code=0x7ffc0000
[   38.749503][   T27] audit: type=1326 audit(38.720:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4651 comm="syz.0.56" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9615b3a8 code=0x7ffc0000
[   38.752995][   T27] audit: type=1326 audit(38.720:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4651 comm="syz.0.56" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9615b3a8 code=0x7ffc0000
[   38.765816][ T4654] FAT-fs (loop1): error, corrupted directory (invalid entries)
[   38.769330][ T4654] FAT-fs (loop1): Filesystem has been set read-only
[   38.843743][ T4566] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   38.882553][ T4566] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   39.198339][ T4566] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   39.289063][ T4321] Bluetooth: hci3: command 0x041b tx timeout
[   39.336937][ T4566] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   39.438491][ T4566] 8021q: adding VLAN 0 to HW filter on device bond0
[   39.444072][ T4613] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   39.445904][ T4613] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   39.474520][ T4566] 8021q: adding VLAN 0 to HW filter on device team0
[   39.477800][ T4613] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   39.481918][ T4613] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   39.484189][ T4613] bridge0: port 1(bridge_slave_0) entered blocking state
[   39.485431][ T4613] bridge0: port 1(bridge_slave_0) entered forwarding state
[   39.490920][ T4613] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   39.504650][ T4566] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   39.506330][ T4566] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   39.516181][ T4613] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   39.517911][ T4613] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   39.519368][ T4613] bridge0: port 2(bridge_slave_1) entered blocking state
[   39.520524][ T4613] bridge0: port 2(bridge_slave_1) entered forwarding state
[   39.521895][ T4613] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   39.523481][ T4613] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   39.525075][ T4613] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   39.535308][ T4613] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   39.539627][ T4613] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   39.541176][ T4613] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   39.545312][ T4613] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   39.547646][ T4613] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   39.551479][ T4613] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   39.552951][ T4613] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   39.611113][ T4613] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   39.612459][ T4613] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   39.665635][ T4692] loop3: detected capacity change from 0 to 1024
[   39.677508][ T4692] EXT4-fs: Ignoring removed orlov option
[   39.744259][ T4692] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   39.848432][ T4608] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   39.849738][ T4608] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   39.853155][ T4566] 8021q: adding VLAN 0 to HW filter on device batadv0
[   39.957848][ T4710] overlayfs: missing 'lowerdir'
[   40.316825][ T4492] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   40.354049][ T4608] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   40.356006][ T4608] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   40.368677][ T4608] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   40.370216][ T4608] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   40.371950][ T4608] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   40.375460][ T4608] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   40.382419][ T4566] device veth0_vlan entered promiscuous mode
[   40.385727][ T4566] device veth1_vlan entered promiscuous mode
[   40.455707][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   40.457337][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   40.461337][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   40.462876][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   40.468581][ T4566] device veth0_macvtap entered promiscuous mode
[   40.472776][ T4566] device veth1_macvtap entered promiscuous mode
[   40.480615][ T4566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   40.482243][ T4566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   40.483734][ T4566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   40.485312][ T4566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   40.492293][ T4566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   40.494940][ T4566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   40.496395][ T4566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   40.502106][ T4566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   40.505083][ T4566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   40.509316][ T4492] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   40.510832][ T4492] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[   40.513092][ T4492] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00
[   40.514495][ T4492] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   40.516557][ T4566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   40.524379][ T4492] usb 1-1: config 0 descriptor??
[   40.526154][ T4324] EXT4-fs (loop3): unmounting filesystem.
[   40.544027][ T4566] batman_adv: batadv0: Interface activated: batadv_slave_0
[   40.545623][ T4613] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   40.548208][ T4613] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   40.549652][ T4613] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   40.551176][ T4613] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   40.873636][ T4566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   40.875879][ T4566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   40.877752][ T4566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   40.880537][ T4566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   40.884229][ T4566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   40.886240][ T4566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   40.888159][ T4566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   40.889932][ T4566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   40.891720][ T4566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   40.893509][ T4566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   40.900174][ T4566] batman_adv: batadv0: Interface activated: batadv_slave_1
[   40.910787][ T4608] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   40.912608][ T4608] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   40.963259][ T4492] kovaplus 0003:1E7D:2D50.0001: unknown main item tag 0x0
[   40.964425][ T4492] kovaplus 0003:1E7D:2D50.0001: unknown main item tag 0x0
[   40.965818][ T4492] kovaplus 0003:1E7D:2D50.0001: unknown main item tag 0x0
[   40.968618][ T4492] kovaplus 0003:1E7D:2D50.0001: unknown main item tag 0x0
[   40.969630][ T4492] kovaplus 0003:1E7D:2D50.0001: unknown main item tag 0x0
[   40.980421][ T4566] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   40.981829][ T4566] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   40.983164][ T4566] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   40.984536][ T4566] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   40.988671][ T4492] kovaplus 0003:1E7D:2D50.0001: hidraw0: USB HID v0.00 Device [HID 1e7d:2d50] on usb-dummy_hcd.0-1/input0
[   41.133572][   T27] audit: type=1326 audit(41.120:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4744 comm="syz.4.69" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff93b5b3a8 code=0x7ffc0000
[   41.142307][   T27] audit: type=1326 audit(41.120:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4744 comm="syz.4.69" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff93b5b3a8 code=0x7ffc0000
[   41.145405][   T27] audit: type=1326 audit(41.120:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4744 comm="syz.4.69" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=158 compat=0 ip=0xffff93b5b3a8 code=0x7ffc0000
[   41.163416][ T4707] loop0: detected capacity change from 0 to 256
[   41.173596][   T27] audit: type=1326 audit(41.120:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4744 comm="syz.4.69" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff93b5b3a8 code=0x7ffc0000
[   41.186023][   T27] audit: type=1326 audit(41.120:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4744 comm="syz.4.69" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff93b5b3a8 code=0x7ffc0000
[   41.212477][ T4748] loop4: detected capacity change from 0 to 512
[   41.263155][  T489] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   41.264401][  T489] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   41.271195][  T489] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   41.273025][ T4748] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   41.335619][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   41.337388][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   41.343003][   T39] device hsr_slave_0 left promiscuous mode
[   41.345668][ T4329] EXT4-fs error (device loop4): ext4_empty_dir:3139: inode #12: comm syz-executor: Directory hole found for htree leaf block 0
[   41.353432][ T4329] EXT4-fs error (device loop4): ext4_empty_dir:3139: inode #12: comm syz-executor: Directory hole found for htree leaf block 0
[   41.357270][ T4329] EXT4-fs error (device loop4): ext4_empty_dir:3139: inode #12: comm syz-executor: Directory hole found for htree leaf block 0
[   41.359449][ T4329] EXT4-fs error (device loop4): ext4_empty_dir:3139: inode #12: comm syz-executor: Directory hole found for htree leaf block 0
[   41.361780][ T4329] EXT4-fs error (device loop4): ext4_empty_dir:3139: inode #12: comm syz-executor: Directory hole found for htree leaf block 0
[   41.366421][ T4329] EXT4-fs error (device loop4): ext4_empty_dir:3139: inode #12: comm syz-executor: Directory hole found for htree leaf block 0
[   41.369333][   T47] Bluetooth: hci3: command 0x040f tx timeout
[   41.374809][ T4492] kovaplus 0003:1E7D:2D50.0001: couldn't init struct kovaplus_device
[   41.376143][ T4492] kovaplus 0003:1E7D:2D50.0001: couldn't install mouse
[   41.381205][ T4492] kovaplus: probe of 0003:1E7D:2D50.0001 failed with error -71
[   41.389100][ T4492] usb 1-1: USB disconnect, device number 2
[   41.394755][   T39] device hsr_slave_1 left promiscuous mode
[   41.404983][ T4329] EXT4-fs error (device loop4): ext4_empty_dir:3139: inode #12: comm syz-executor: Directory hole found for htree leaf block 0
[   41.412620][ T4329] EXT4-fs error (device loop4): ext4_empty_dir:3139: inode #12: comm syz-executor: Directory hole found for htree leaf block 0
[   41.419225][ T4329] EXT4-fs error (device loop4): ext4_empty_dir:3139: inode #12: comm syz-executor: Directory hole found for htree leaf block 0
[   41.423143][ T4329] EXT4-fs error (device loop4): ext4_empty_dir:3139: inode #12: comm syz-executor: Directory hole found for htree leaf block 0
[   41.426334][ T4757] fido_id[4757]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory
[   41.456931][   T39] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   41.458334][   T39] batman_adv: batadv0: Removing interface: batadv_slave_0
[   41.460171][   T39] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   41.461289][   T39] batman_adv: batadv0: Removing interface: batadv_slave_1
[   41.463944][   T39] device bridge_slave_1 left promiscuous mode
[   41.465318][   T39] bridge0: port 2(bridge_slave_1) entered disabled state
[   41.510959][   T39] device bridge_slave_0 left promiscuous mode
[   41.512252][   T39] bridge0: port 1(bridge_slave_0) entered disabled state
[   41.627603][   T39] device veth1_macvtap left promiscuous mode
[   41.628757][   T39] device veth0_macvtap left promiscuous mode
[   41.629729][   T39] device veth1_vlan left promiscuous mode
[   41.630694][   T39] device veth0_vlan left promiscuous mode
[   41.934528][ T4768] loop0: detected capacity change from 0 to 256
[   41.936003][ T4768] FAT-fs (loop0): Unrecognized mount option "fs" or missing value
[   41.982796][ T4451] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   42.449045][ T4777] xt_bpf: check failed: parse error
[   42.856419][ T4781] loop3: detected capacity change from 0 to 1024
[   42.862801][ T4783] loop0: detected capacity change from 0 to 512
[   42.863095][ T4781] EXT4-fs: Ignoring removed oldalloc option
[   42.870156][ T4783] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   42.872181][ T4783] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   42.876211][ T4783] EXT4-fs (loop0): 1 truncate cleaned up
[   42.882060][ T4783] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   42.887606][ T4781] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   42.891906][ T4781] EXT4-fs error (device loop3): ext4_lookup:1858: inode #15: comm syz.3.76: inode has both inline data and extents flags
[   42.903676][ T4320] EXT4-fs (loop0): unmounting filesystem.
[   42.916781][ T4324] EXT4-fs (loop3): unmounting filesystem.
[   43.005833][ T4794] loop0: detected capacity change from 0 to 256
[   43.026171][ T4794] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x205ab87c, utbl_chksum : 0xe619d30d)
[   43.447792][ T4321] Bluetooth: hci3: command 0x0419 tx timeout
[   44.436711][    T7] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[   44.469141][   T39] team0 (unregistering): Port device team_slave_1 removed
[   44.616694][    T7] usb 1-1: Using ep0 maxpacket: 32
[   44.618817][    T7] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   44.620406][    T7] usb 1-1: New USB device found, idVendor=1b1c, idProduct=1c0b, bcdDevice= 0.00
[   44.621767][    T7] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   44.624500][    T7] usb 1-1: config 0 descriptor??
[   44.629226][   T39] team0 (unregistering): Port device team_slave_0 removed
[   44.797555][   T39] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   45.008740][   T39] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   45.030965][    T7] corsair-psu 0003:1B1C:1C0B.0002: unbalanced delimiter at end of report description
[   45.032590][    T7] corsair-psu: probe of 0003:1B1C:1C0B.0002 failed with error -22
[   45.234387][    T7] usb 1-1: USB disconnect, device number 3
[   45.791186][ T4808] loop0: detected capacity change from 0 to 4096
[   47.580204][   T39] bond0 (unregistering): Released all slaves
[   47.790903][ T4608] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   47.960732][ T4819] Bluetooth: hci2: Frame reassembly failed (-90)
[   47.962005][  T489] Bluetooth: hci2: Frame reassembly failed (-84)
[   48.025887][ T4833] loop1: detected capacity change from 0 to 128
[   48.038732][ T4329] EXT4-fs (loop4): unmounting filesystem.
[   48.147085][ T4833] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   48.180628][   T27] audit: type=1326 audit(48.170:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4836 comm="syz.3.91" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9335b3a8 code=0x7ffc0000
[   48.185559][   T27] audit: type=1326 audit(48.170:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4836 comm="syz.3.91" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9335b3a8 code=0x7ffc0000
[   48.224077][   T27] audit: type=1326 audit(48.170:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4836 comm="syz.3.91" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=213 compat=0 ip=0xffff9335b3a8 code=0x7ffc0000
[   48.254187][ T4842] loop3: detected capacity change from 0 to 512
[   48.258241][ T4842] EXT4-fs: Ignoring removed oldalloc option
[   48.269991][ T4842] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   48.401734][   T27] audit: type=1326 audit(48.170:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4836 comm="syz.3.91" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9335b3a8 code=0x7ffc0000
[   48.407168][   T27] audit: type=1326 audit(48.170:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4836 comm="syz.3.91" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9335b3a8 code=0x7ffc0000
[   48.411356][   T27] audit: type=1326 audit(48.170:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4836 comm="syz.3.91" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=243 compat=0 ip=0xffff9335b3a8 code=0x7ffc0000
[   48.469910][ T4842] EXT4-fs (loop3): 1 truncate cleaned up
[   48.470917][ T4842] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   48.965568][ T4833] Zero length message leads to an empty skb
[   49.152614][ T4330] EXT4-fs (loop1): unmounting filesystem.
[   49.157969][ T4850] loop5: detected capacity change from 0 to 16
[   49.174294][ T4850] erofs: (device loop5): mounted with root inode @ nid 36.
[   49.195519][ T4324] EXT4-fs (loop3): unmounting filesystem.
[   49.197076][ T4325] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[   49.199255][ T4325] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[   49.205216][ T4325] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[   49.207417][ T4325] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[   49.209277][ T4325] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[   49.210801][ T4325] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[   49.294944][ T4860] netlink: 224 bytes leftover after parsing attributes in process `syz.1.95'.
[   49.305476][ T4862] loop3: detected capacity change from 0 to 256
[   49.342668][ T4862] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xd67973f8, utbl_chksum : 0xe619d30d)
[   49.532077][ T4883] loop3: detected capacity change from 0 to 2048
[   49.550542][ T4883] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   49.668233][ T4891] loop1: detected capacity change from 0 to 1024
[   49.671895][ T4891] ext4: Unknown parameter 'nouser_xattr'
[   49.674786][   T27] audit: type=1326 audit(49.620:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4880 comm="syz.1.99" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa1d5b3a8 code=0x7ffc0000
[   49.755585][   T27] audit: type=1326 audit(49.620:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4880 comm="syz.1.99" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa1d5b3a8 code=0x7ffc0000
[   49.856335][   T27] audit: type=1326 audit(49.620:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4880 comm="syz.1.99" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa1d5b3a8 code=0x7ffc0000
[   50.007693][   T47] Bluetooth: hci2: command 0x1003 tx timeout
[   50.008929][ T4321] Bluetooth: hci2: Opcode 0x1003 failed: -110
[   50.062863][   T27] audit: type=1326 audit(49.620:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4880 comm="syz.1.99" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa1d5b3a8 code=0x7ffc0000
[   50.763771][ T4896] loop5: detected capacity change from 0 to 1024
[   50.816003][ T4852] chnl_net:caif_netlink_parms(): no params data found
[   50.833197][ T4896] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[   50.843256][ T4903] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.100: bg 0: block 345: padding at end of block bitmap is not set
[   50.867743][ T4903] EXT4-fs (loop3): Remounting filesystem read-only
[   50.987893][ T4852] bridge0: port 1(bridge_slave_0) entered blocking state
[   50.989105][ T4852] bridge0: port 1(bridge_slave_0) entered disabled state
[   50.990575][ T4852] device bridge_slave_0 entered promiscuous mode
[   50.996483][ T4852] bridge0: port 2(bridge_slave_1) entered blocking state
[   51.002334][ T4852] bridge0: port 2(bridge_slave_1) entered disabled state
[   51.003946][ T4852] device bridge_slave_1 entered promiscuous mode
[   51.019049][ T4852] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   51.021469][ T4852] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   51.041451][ T4852] team0: Port device team_slave_0 added
[   51.049967][ T4852] team0: Port device team_slave_1 added
[   51.083589][ T4852] batman_adv: batadv0: Adding interface: batadv_slave_0
[   51.094231][ T4852] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   51.117603][ T4852] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   51.136795][ T4852] batman_adv: batadv0: Adding interface: batadv_slave_1
[   51.143133][ T4852] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   51.154023][ T4324] EXT4-fs (loop3): unmounting filesystem.
[   51.160951][ T4852] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   51.257966][ T4852] device hsr_slave_0 entered promiscuous mode
[   51.286753][ T4325] Bluetooth: hci5: command 0x0409 tx timeout
[   51.297167][ T4852] device hsr_slave_1 entered promiscuous mode
[   51.346798][ T4852] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   51.348029][ T4852] Cannot create hsr debugfs directory
[   51.808900][   T39] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   51.894832][ T4566] EXT4-fs (loop5): unmounting filesystem.
[   51.920064][   T39] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   51.946372][ T4852] netdevsim netdevsim6 netdevsim0: renamed from eth0
[   51.968552][ T4852] netdevsim netdevsim6 netdevsim1: renamed from eth1
[   52.108011][   T39] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   52.114264][ T4852] netdevsim netdevsim6 netdevsim2: renamed from eth2
[   52.149679][ T4852] netdevsim netdevsim6 netdevsim3: renamed from eth3
[   52.318388][   T39] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   52.450428][ T4852] 8021q: adding VLAN 0 to HW filter on device bond0
[   52.513032][ T4800] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   52.517522][ T4800] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   52.522613][ T4852] 8021q: adding VLAN 0 to HW filter on device team0
[   52.536348][ T4800] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   52.539691][ T4800] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   52.545315][ T4800] bridge0: port 1(bridge_slave_0) entered blocking state
[   52.546486][ T4800] bridge0: port 1(bridge_slave_0) entered forwarding state
[   52.556428][ T4800] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   52.567788][ T4800] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   52.572261][ T4800] bridge0: port 2(bridge_slave_1) entered blocking state
[   52.573430][ T4800] bridge0: port 2(bridge_slave_1) entered forwarding state
[   52.579652][ T4800] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   52.590463][ T4800] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   52.613569][  T489] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   52.615375][  T489] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   52.619799][  T489] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   52.621619][  T489] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   52.626224][  T489] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   52.638837][  T489] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   52.642940][  T489] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   52.651157][  T489] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   52.656499][  T489] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   52.661174][  T489] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   52.665570][ T4852] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   52.981200][ T4852] 8021q: adding VLAN 0 to HW filter on device batadv0
[   52.983376][ T4608] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   52.984494][ T4608] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   53.149842][ T5049] process 'syz.5.131' launched './file1' with NULL argv: empty string added
[   53.376755][ T4325] Bluetooth: hci5: command 0x041b tx timeout
[   54.880094][ T5069] hub 8-0:1.0: USB hub found
[   54.881706][ T5069] hub 8-0:1.0: 8 ports detected
[   54.917311][ T5069] loop1: detected capacity change from 0 to 1024
[   54.998002][ T5069] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[   54.999619][ T5069] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869)
[   55.038343][ T5069] EXT4-fs error (device loop1): ext4_get_journal_inode:5730: inode #5: comm syz.1.134: unexpected bad inode w/o EXT4_IGET_BAD
[   55.061884][ T5069] EXT4-fs (loop1): no journal found
[   55.062745][ T5069] EXT4-fs (loop1): can't get journal size
[   55.248335][ T5069] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   55.429508][   T27] kauditd_printk_skb: 47 callbacks suppressed
[   55.429517][   T27] audit: type=1326 audit(55.420:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5073 comm="syz.5.136" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb655b3a8 code=0x7ffc0000
[   55.445783][   T27] audit: type=1326 audit(55.430:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5073 comm="syz.5.136" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffb655b3a8 code=0x7ffc0000
[   55.449336][ T4325] Bluetooth: hci5: command 0x040f tx timeout
[   55.453851][   T27] audit: type=1326 audit(55.440:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5073 comm="syz.5.136" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb655b3a8 code=0x7ffc0000
[   55.470082][   T27] audit: type=1326 audit(55.450:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5073 comm="syz.5.136" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb655b3a8 code=0x7ffc0000
[   55.489125][   T27] audit: type=1326 audit(55.450:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5073 comm="syz.5.136" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=3 compat=0 ip=0xffffb655b3a8 code=0x7ffc0000
[   55.507162][   T27] audit: type=1326 audit(55.450:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5073 comm="syz.5.136" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb655b3a8 code=0x7ffc0000
[   55.523688][   T27] audit: type=1326 audit(55.450:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5073 comm="syz.5.136" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb655b3a8 code=0x7ffc0000
[   55.579276][ T5077] loop5: detected capacity change from 0 to 1024
[   55.835457][ T4451] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   55.896053][ T4330] EXT4-fs (loop1): unmounting filesystem.
[   56.032393][ T5099] netlink: 16 bytes leftover after parsing attributes in process `syz.5.137'.
[   56.220774][ T5098] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   56.238965][ T5098] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   56.319799][ T4844] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   56.321524][ T4844] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   56.330416][  T574] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   56.331948][  T574] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   56.333759][  T574] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   56.335105][  T574] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   56.337673][ T4852] device veth0_vlan entered promiscuous mode
[   56.344821][ T4852] device veth1_vlan entered promiscuous mode
[   56.433970][ T4844] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   56.435526][ T4844] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   56.441648][ T4844] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   56.443626][ T4844] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   56.448228][ T5111] netlink: 12 bytes leftover after parsing attributes in process `syz.0.143'.
[   56.452501][ T4852] device veth0_macvtap entered promiscuous mode
[   56.453109][   T27] audit: type=1326 audit(56.440:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5113 comm="syz.5.144" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb655b3a8 code=0x7ffc0000
[   56.454803][ T4852] device veth1_macvtap entered promiscuous mode
[   56.467219][   T27] audit: type=1326 audit(56.440:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5113 comm="syz.5.144" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb655b3a8 code=0x7ffc0000
[   56.490546][   T27] audit: type=1326 audit(56.440:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5113 comm="syz.5.144" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffb655b3a8 code=0x7ffc0000
[   56.535547][ T4852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   56.537665][ T4852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   56.539146][ T4852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   56.540609][ T5122] xt_hashlimit: max too large, truncated to 1048576
[   56.540715][ T4852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   56.543170][ T4852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   56.544680][ T4852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   56.546132][ T4852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   56.560693][ T5120] loop0: detected capacity change from 0 to 4096
[   56.565422][ T4852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   56.572470][ T5120] EXT4-fs (loop0): Test dummy encryption mode enabled
[   56.579567][ T4852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   56.581169][ T4852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   56.584377][ T5105] loop3: detected capacity change from 0 to 40427
[   56.593146][ T5120] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003]
[   56.594414][ T5120] System zones: 0-5
[   56.602713][ T4852] batman_adv: batadv0: Interface activated: batadv_slave_0
[   56.604551][ T4404] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   56.606141][ T4404] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   56.608489][ T4404] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   56.609945][ T4404] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   56.615816][ T4852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   56.622117][ T4852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   56.623476][ T4852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   56.625078][ T4852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   56.626547][ T4852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   56.628913][ T5105] F2FS-fs (loop3): invalid crc value
[   56.630434][ T5120] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   56.636392][ T5120] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-ce"
[   56.645697][ T4852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   56.647518][ T4852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   56.649107][ T4852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   56.650562][ T4852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   56.652246][ T4852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   56.655180][ T4852] batman_adv: batadv0: Interface activated: batadv_slave_1
[   56.656339][ T4844] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   56.659048][ T4844] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   56.663081][ T4852] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   56.664651][ T4852] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   56.665977][ T4852] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   56.667464][ T4852] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   56.750879][ T5105] F2FS-fs (loop3): Found nat_bits in checkpoint
[   56.852409][ T5138] fscrypt: AES-256-XTS using implementation "xts-aes-ce"
[   57.070295][ T5105] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   57.125880][ T5142] loop1: detected capacity change from 0 to 256
[   57.299604][ T4324] syz-executor: attempt to access beyond end of device
[   57.299604][ T4324] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   57.395702][ T4320] EXT4-fs (loop0): unmounting filesystem.
[   57.526869][ T4321] Bluetooth: hci5: command 0x0419 tx timeout
[   57.565604][    T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   57.566902][    T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   57.569646][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   57.589940][  T574] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   57.591203][  T574] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   57.593573][ T4800] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   57.611139][ T5158] fuse: Unknown parameter '0x0000000000000003'
[   57.754600][ T5165] loop3: detected capacity change from 0 to 1024
[   57.777559][ T4451] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   57.964296][ T5178] netlink: 28 bytes leftover after parsing attributes in process `syz.0.151'.
[   58.066007][   T39] device hsr_slave_0 left promiscuous mode
[   58.100160][ T5190] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   58.101837][ T5190] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   58.107693][   T39] device hsr_slave_1 left promiscuous mode
[   58.166900][   T39] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   58.168075][   T39] batman_adv: batadv0: Removing interface: batadv_slave_0
[   58.169710][   T39] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   58.171335][   T39] batman_adv: batadv0: Removing interface: batadv_slave_1
[   58.172871][   T39] device bridge_slave_1 left promiscuous mode
[   58.174027][   T39] bridge0: port 2(bridge_slave_1) entered disabled state
[   58.217635][   T39] device bridge_slave_0 left promiscuous mode
[   58.218803][   T39] bridge0: port 1(bridge_slave_0) entered disabled state
[   58.336852][   T39] device veth1_macvtap left promiscuous mode
[   58.337831][   T39] device veth0_macvtap left promiscuous mode
[   58.338797][   T39] device veth1_vlan left promiscuous mode
[   58.339741][   T39] device veth0_vlan left promiscuous mode
[   61.404667][   T39] team0 (unregistering): Port device team_slave_1 removed
[   61.718214][   T39] team0 (unregistering): Port device team_slave_0 removed
[   62.047139][   T39] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   62.268623][   T39] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   64.488394][ T2060] ieee802154 phy0 wpan0: encryption failed: -22
[   64.489769][ T2060] ieee802154 phy1 wpan1: encryption failed: -22
[   64.498785][  T112] cfg80211: failed to load regulatory.db
[   64.858377][   T39] bond0 (unregistering): Released all slaves
[   65.083845][ T5222] device batadv_slave_0 entered promiscuous mode
[   65.085311][ T5216] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[   65.086867][ T5216] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[   65.156953][ T5224] device batadv_slave_0 left promiscuous mode
[   65.221749][ T5257] loop5: detected capacity change from 0 to 1024
[   65.223242][ T5257] EXT4-fs: Ignoring removed i_version option
[   65.224213][ T5257] EXT4-fs: inline encryption not supported
[   65.234356][ T5257] EXT4-fs (loop5): Test dummy encryption mode enabled
[   65.261736][ T5261] loop3: detected capacity change from 0 to 128
[   65.268126][ T5257] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[   65.288717][   T27] kauditd_printk_skb: 5 callbacks suppressed
[   65.288726][   T27] audit: type=1326 audit(65.280:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5268 comm="syz.1.178" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa1d5b3a8 code=0x7ffc0000
[   65.294825][   T27] audit: type=1326 audit(65.280:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5268 comm="syz.1.178" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa1d5b3a8 code=0x7ffc0000
[   65.303274][   T27] audit: type=1326 audit(65.290:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5268 comm="syz.1.178" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa1d5b3a8 code=0x7ffc0000
[   65.306550][   T27] audit: type=1326 audit(65.290:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5268 comm="syz.1.178" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa1d5b3a8 code=0x7ffc0000
[   65.363688][   T27] audit: type=1326 audit(65.290:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5268 comm="syz.1.178" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa1d5b3a8 code=0x7ffc0000
[   65.374493][   T27] audit: type=1326 audit(65.290:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5268 comm="syz.1.178" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa1d5b3a8 code=0x7ffc0000
[   65.381829][ T5261] syz.3.177: attempt to access beyond end of device
[   65.381829][ T5261] loop3: rw=2049, sector=138, nr_sectors = 112 limit=128
[   65.409219][   T27] audit: type=1326 audit(65.360:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5268 comm="syz.1.178" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa1d5b3a8 code=0x7ffc0000
[   65.412560][   T27] audit: type=1326 audit(65.360:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5268 comm="syz.1.178" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa1d5b3a8 code=0x7ffc0000
[   65.431588][   T27] audit: type=1326 audit(65.370:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5268 comm="syz.1.178" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=178 compat=0 ip=0xffffa1d5b3a8 code=0x7ffc0000
[   65.445918][   T27] audit: type=1326 audit(65.370:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5268 comm="syz.1.178" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa1d5b3a8 code=0x7ffc0000
[   65.455811][ T4566] EXT4-fs (loop5): unmounting filesystem.
[   65.502297][ T5291] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   65.503904][ T5291] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   65.511218][ T4423] hid-generic 0003:0004:0000.0003: unknown main item tag 0x0
[   65.512484][ T4423] hid-generic 0003:0004:0000.0003: unknown main item tag 0x0
[   65.513657][ T4423] hid-generic 0003:0004:0000.0003: unknown main item tag 0x0
[   65.514774][ T4423] hid-generic 0003:0004:0000.0003: unknown main item tag 0x0
[   65.522615][ T4423] hid-generic 0003:0004:0000.0003: unknown main item tag 0x0
[   65.523731][ T4423] hid-generic 0003:0004:0000.0003: unknown main item tag 0x0
[   65.524452][ T5292] netlink: 4 bytes leftover after parsing attributes in process `syz.0.193'.
[   65.524784][ T4423] hid-generic 0003:0004:0000.0003: unknown main item tag 0x0
[   65.529402][ T4423] hid-generic 0003:0004:0000.0003: unknown main item tag 0x0
[   65.535556][ T5292] netlink: 12 bytes leftover after parsing attributes in process `syz.0.193'.
[   65.537610][ T4423] hid-generic 0003:0004:0000.0003: unknown main item tag 0x0
[   65.538963][ T4423] hid-generic 0003:0004:0000.0003: unknown main item tag 0x0
[   65.540134][ T4423] hid-generic 0003:0004:0000.0003: unknown main item tag 0x0
[   65.541276][ T4423] hid-generic 0003:0004:0000.0003: unknown main item tag 0x0
[   65.542395][ T4423] hid-generic 0003:0004:0000.0003: unknown main item tag 0x0
[   65.549225][ T4423] hid-generic 0003:0004:0000.0003: unknown main item tag 0x0
[   65.550429][ T4423] hid-generic 0003:0004:0000.0003: unknown main item tag 0x0
[   65.551617][ T4423] hid-generic 0003:0004:0000.0003: unknown main item tag 0x0
[   65.552767][ T4423] hid-generic 0003:0004:0000.0003: unknown main item tag 0x0
[   65.553773][ T4423] hid-generic 0003:0004:0000.0003: unknown main item tag 0x0
[   65.564295][ T4423] hid-generic 0003:0004:0000.0003: hidraw0: USB HID v0.00 Device [syz0] on syz1
[   65.642724][ T5297] fido_id[5297]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   65.679426][ T5299] tipc: Started in network mode
[   65.680640][ T5299] tipc: Node identity ac14140f, cluster identity 4711
[   65.681966][ T5299] tipc: New replicast peer: 255.255.255.255
[   65.683643][ T5299] tipc: Enabled bearer <udp:syz2>, priority 10
[   66.042903][ T5333] loop1: detected capacity change from 0 to 256
[   66.065667][ T5335] loop5: detected capacity change from 0 to 256
[   66.067861][ T5335] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   66.069626][ T5335] exFAT-fs (loop5): Medium has reported failures. Some data may be lost.
[   66.074357][ T5335] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[   66.149260][ T4451] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   66.498533][ T5343] loop3: detected capacity change from 0 to 1024
[   66.569689][ T5343] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   66.575942][ T5343] EXT4-fs (loop3): INFO: recovery required on readonly filesystem
[   66.577303][ T5343] EXT4-fs (loop3): write access will be enabled during recovery
[   66.579688][ T5343] JBD2: no valid journal superblock found
[   66.580646][ T5343] EXT4-fs (loop3): error loading journal
[   66.798269][ T1965] tipc: Node number set to 2886997007
[   67.646055][ T5347] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   67.647534][ T5347] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   67.805142][ T5356] loop3: detected capacity change from 0 to 4096
[   67.817379][ T5356] EXT4-fs: Ignoring removed mblk_io_submit option
[   67.822036][ T5356] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   67.823615][ T5356] EXT4-fs (loop3): Test dummy encryption mode enabled
[   67.830226][ T5356] EXT4-fs (loop3): can't mount with data_err=abort, fs mounted w/o journal
[   68.029475][ T5373] loop6: detected capacity change from 0 to 128
[   68.179864][ T5378] loop5: detected capacity change from 0 to 16
[   68.205760][ T5378] erofs: (device loop5): mounted with root inode @ nid 36.
[   68.209112][ T5378] erofs: (device loop5): z_erofs_readahead: readahead error at page 2 @ nid 89
[   68.211456][ T5378] syz.5.205: attempt to access beyond end of device
[   68.211456][ T5378] loop5: rw=524288, sector=524296, nr_sectors = 8 limit=16
[   68.262834][ T5378] erofs: (device loop5): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[   68.264668][ T5378] erofs: (device loop5): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[   68.265765][ T5387] syz.6.204: attempt to access beyond end of device
[   68.265765][ T5387] loop6: rw=2049, sector=138, nr_sectors = 112 limit=128
[   68.266367][ T5378] erofs: (device loop5): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[   68.281612][ T5378] erofs: (device loop5): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[   68.285019][ T5391] erofs: (device loop5): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[   68.298289][ T5391] erofs: (device loop5): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[   68.588726][ T5391] erofs: (device loop5): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[   68.590389][ T5391] erofs: (device loop5): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[   68.613635][ T5378] syz.5.205: attempt to access beyond end of device
[   68.613635][ T5378] loop5: rw=0, sector=524296, nr_sectors = 8 limit=16
[   68.621641][ T5378] erofs: (device loop5): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4100]
[   68.626855][ T5378] syz.5.205: attempt to access beyond end of device
[   68.626855][ T5378] loop5: rw=0, sector=524296, nr_sectors = 8 limit=16
[   68.634528][ T5378] erofs: (device loop5): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4100]
[   68.644965][ T5378] erofs: (device loop5): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[   68.648293][ T5378] erofs: (device loop5): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[   68.657058][ T5378] erofs: (device loop5): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[   68.660777][ T5378] erofs: (device loop5): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[   68.663883][ T5378] erofs: (device loop5): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[   68.668176][ T5378] erofs: (device loop5): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[   68.675093][ T5378] erofs: (device loop5): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[   68.682279][ T5378] erofs: (device loop5): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[   68.687559][ T5378] erofs: (device loop5): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[   68.690436][ T5378] erofs: (device loop5): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[   68.699818][ T5378] erofs: (device loop5): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[   68.702693][ T5378] erofs: (device loop5): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[   68.710113][ T5378] erofs: (device loop5): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[   68.712887][ T5378] erofs: (device loop5): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[   68.721597][ T5378] erofs: (device loop5): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[   68.725873][ T5378] erofs: (device loop5): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[   68.729953][ T5378] erofs: (device loop5): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[   68.735093][ T5378] erofs: (device loop5): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[   68.739044][ T5378] erofs: (device loop5): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[   68.742887][ T5378] erofs: (device loop5): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[   69.535362][ T5430] loop1: detected capacity change from 0 to 4096
[   69.536835][ T5430] EXT4-fs: Ignoring removed mblk_io_submit option
[   69.539733][ T5430] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   69.541194][ T5430] EXT4-fs (loop1): Test dummy encryption mode enabled
[   69.542585][ T5430] EXT4-fs (loop1): can't mount with data_err=abort, fs mounted w/o journal
[   69.803378][ T5434] IPv6: ADDRCONF(NETDEV_CHANGE): vcan1: link becomes ready
[   70.594478][ T5467] tipc: Started in network mode
[   70.595319][ T5467] tipc: Node identity 2e000000000000000000007ade000001, cluster identity 4711
[   70.596670][ T5467] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[   71.064794][ T5480] loop3: detected capacity change from 0 to 128
[   71.165051][ T5279] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   71.797670][ T5511] loop1: detected capacity change from 0 to 4096
[   71.802356][ T5511] EXT4-fs: Ignoring removed mblk_io_submit option
[   71.809418][ T5511] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   71.814490][ T5511] EXT4-fs (loop1): Test dummy encryption mode enabled
[   71.818844][ T5511] EXT4-fs (loop1): can't mount with data_err=abort, fs mounted w/o journal
[   72.369376][ T5521] loop5: detected capacity change from 0 to 512
[   72.574927][ T5521] EXT4-fs: Ignoring removed oldalloc option
[   72.850240][ T5521] EXT4-fs warning (device loop5): dx_probe:893: inode #2: comm syz.5.233: dx entry: limit 1024 != root limit 124
[   72.852085][ T5521] EXT4-fs warning (device loop5): dx_probe:966: inode #2: comm syz.5.233: Corrupt directory, running e2fsck is recommended
[   72.856670][ T5521] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -117
[   72.858422][ T5521] EXT4-fs error (device loop5): ext4_xattr_ibody_find:2196: inode #15: comm syz.5.233: corrupted in-inode xattr
[   72.861078][ T5521] EXT4-fs error (device loop5): ext4_orphan_get:1405: comm syz.5.233: couldn't read orphan inode 15 (err -117)
[   72.864164][ T5521] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[   73.407104][ T5530] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   73.408717][ T5530] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   73.498945][ T5535] loop6: detected capacity change from 0 to 512
[   73.504685][ T4566] EXT4-fs (loop5): unmounting filesystem.
[   73.508383][ T5535] EXT4-fs: Ignoring removed mblk_io_submit option
[   73.509428][ T5535] EXT4-fs: Ignoring removed mblk_io_submit option
[   73.543067][ T5535] EXT4-fs (loop6): Test dummy encryption mode enabled
[   73.544143][ T5535] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[   73.558822][ T5535] EXT4-fs (loop6): 1 truncate cleaned up
[   73.559803][ T5535] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[   73.667114][ T4852] EXT4-fs error (device loop6): ext4_readdir:263: inode #11: block 54: comm syz-executor: path /13/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   73.690726][ T4852] EXT4-fs (loop6): Remounting filesystem read-only
[   73.694370][ T4852] EXT4-fs error (device loop6): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[   73.717339][ T4852] EXT4-fs (loop6): Remounting filesystem read-only
[   73.721356][ T4852] EXT4-fs error (device loop6): ext4_readdir:263: inode #11: block 54: comm syz-executor: path /13/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   73.734018][ T4852] EXT4-fs (loop6): Remounting filesystem read-only
[   73.737618][ T4852] EXT4-fs error (device loop6): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[   73.744656][ T4852] EXT4-fs (loop6): Remounting filesystem read-only
[   73.747156][ T4852] EXT4-fs error (device loop6): ext4_readdir:263: inode #11: block 54: comm syz-executor: path /13/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   73.757301][ T4852] EXT4-fs (loop6): Remounting filesystem read-only
[   73.759706][ T4852] EXT4-fs error (device loop6): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[   73.766997][ T4852] EXT4-fs (loop6): Remounting filesystem read-only
[   73.768328][ T4852] EXT4-fs error (device loop6): ext4_readdir:263: inode #11: block 54: comm syz-executor: path /13/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   73.777109][ T4852] EXT4-fs (loop6): Remounting filesystem read-only
[   73.778403][ T4852] EXT4-fs error (device loop6): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[   73.785834][ T4852] EXT4-fs (loop6): Remounting filesystem read-only
[   73.788332][ T4852] EXT4-fs error (device loop6): ext4_readdir:263: inode #11: block 54: comm syz-executor: path /13/bus/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[   73.797495][ T4852] EXT4-fs (loop6): Remounting filesystem read-only
[   73.799868][ T4852] EXT4-fs error (device loop6): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[   73.988699][ T5563] loop1: detected capacity change from 0 to 512
[   73.994771][ T5563] EXT4-fs: Ignoring removed oldalloc option
[   74.017015][ T5563] EXT4-fs (loop1): 1 truncate cleaned up
[   74.021357][ T5563] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   74.126732][ T4330] EXT4-fs (loop1): unmounting filesystem.
[   74.494889][ T5594] loop0: detected capacity change from 0 to 128
[   74.506061][ T5596] loop1: detected capacity change from 0 to 16
[   74.510703][ T5596] erofs: (device loop1): mounted with root inode @ nid 36.
[   74.594833][ T4321] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   74.602214][ T4321] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   74.608777][ T4321] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   74.614910][ T4321] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   74.617217][ T4321] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   74.618570][ T4321] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   74.634876][ T4451] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   74.650235][ T5601] syz.1.243: attempt to access beyond end of device
[   74.650235][ T5601] loop1: rw=524288, sector=34359738360, nr_sectors = 1152 limit=16
[   74.653996][ T5601] syz.1.243: attempt to access beyond end of device
[   74.653996][ T5601] loop1: rw=0, sector=34359738360, nr_sectors = 8 limit=16
[   74.854737][ T4404] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   74.943362][ T4404] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   74.966358][ T5616] netlink: 4 bytes leftover after parsing attributes in process `syz.5.247'.
[   74.967956][ T5616] device bridge_slave_1 left promiscuous mode
[   74.969090][ T5616] bridge0: port 2(bridge_slave_1) entered disabled state
[   75.022937][ T5616] device bridge_slave_0 left promiscuous mode
[   75.024129][ T5616] bridge0: port 1(bridge_slave_0) entered disabled state
[   75.284010][ T4404] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   75.386062][ T4404] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   75.420120][ T5599] chnl_net:caif_netlink_parms(): no params data found
[   75.551782][ T5599] bridge0: port 1(bridge_slave_0) entered blocking state
[   75.564175][ T5599] bridge0: port 1(bridge_slave_0) entered disabled state
[   75.572757][ T5599] device bridge_slave_0 entered promiscuous mode
[   75.617019][ T5599] bridge0: port 2(bridge_slave_1) entered blocking state
[   75.618223][ T5599] bridge0: port 2(bridge_slave_1) entered disabled state
[   75.637963][ T5599] device bridge_slave_1 entered promiscuous mode
[   75.689172][ T5599] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   75.697753][ T5599] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   75.821289][ T5631] loop3: detected capacity change from 0 to 512
[   75.825534][ T5631] EXT4-fs: Ignoring removed oldalloc option
[   76.130141][ T5631] EXT4-fs warning (device loop3): dx_probe:893: inode #2: comm syz.3.250: dx entry: limit 1024 != root limit 124
[   76.131886][ T5631] EXT4-fs warning (device loop3): dx_probe:966: inode #2: comm syz.3.250: Corrupt directory, running e2fsck is recommended
[   76.136210][ T5631] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117
[   76.138386][ T5631] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2196: inode #15: comm syz.3.250: corrupted in-inode xattr
[   76.142512][ T5631] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.250: couldn't read orphan inode 15 (err -117)
[   76.145097][ T5631] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   76.641622][ T4321] Bluetooth: hci2: command 0x0409 tx timeout
[   76.792374][ T5599] team0: Port device team_slave_0 added
[   76.794176][ T5599] team0: Port device team_slave_1 added
[   76.852074][ T4324] EXT4-fs (loop3): unmounting filesystem.
[   76.883907][ T5641] loop3: detected capacity change from 0 to 256
[   76.969933][ T5599] batman_adv: batadv0: Adding interface: batadv_slave_0
[   76.971365][ T5599] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   76.998370][ T5599] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   77.005778][ T5599] batman_adv: batadv0: Adding interface: batadv_slave_1
[   77.011187][ T5599] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   77.015060][ T5599] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   77.032904][ T5651] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   77.034450][ T5651] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   77.957994][ T5599] device hsr_slave_0 entered promiscuous mode
[   78.213193][ T5599] device hsr_slave_1 entered promiscuous mode
[   78.270628][ T5599] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   78.272003][ T5599] Cannot create hsr debugfs directory
[   78.477571][ T5680] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   78.485191][ T5680] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   78.669383][ T5599] netdevsim netdevsim7 netdevsim0: renamed from eth0
[   78.727167][ T4325] Bluetooth: hci2: command 0x041b tx timeout
[   78.752767][ T5599] netdevsim netdevsim7 netdevsim1: renamed from eth1
[   78.826111][ T5599] netdevsim netdevsim7 netdevsim2: renamed from eth2
[   78.850251][ T4494] usb 1-1: new full-speed USB device number 4 using dummy_hcd
[   78.869886][ T5599] netdevsim netdevsim7 netdevsim3: renamed from eth3
[   78.937568][ T5719] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   78.939066][ T5719] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   79.039025][ T5599] 8021q: adding VLAN 0 to HW filter on device bond0
[   79.042646][ T4494] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   79.055275][ T4802] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   79.055612][ T4802] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   79.057471][ T5599] 8021q: adding VLAN 0 to HW filter on device team0
[   79.058400][ T4494] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[   79.067703][ T4802] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   79.069345][ T4802] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   79.071737][ T4802] bridge0: port 1(bridge_slave_0) entered blocking state
[   79.072888][ T4802] bridge0: port 1(bridge_slave_0) entered forwarding state
[   79.079864][ T4494] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   79.081399][ T4494] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   79.082585][ T4494] usb 1-1: Product: syz
[   79.083162][ T4494] usb 1-1: Manufacturer: syz
[   79.083885][ T4494] usb 1-1: SerialNumber: syz
[   79.083932][ T4802] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   79.087567][ T4802] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   79.104229][ T4802] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   79.105858][ T4802] bridge0: port 2(bridge_slave_1) entered blocking state
[   79.106992][ T4802] bridge0: port 2(bridge_slave_1) entered forwarding state
[   79.108322][ T4802] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   79.109967][ T4802] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   79.118050][ T5599] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   79.119665][ T5599] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   79.412804][ T4802] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   79.417310][ T4802] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   79.419046][ T4802] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   79.436867][ T4802] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   79.438490][ T4802] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   79.457286][ T4802] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   79.479608][ T4802] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   79.488568][ T5723] loop3: detected capacity change from 0 to 131072
[   79.489618][ T4802] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   79.531057][ T5723] F2FS-fs (loop3): Test dummy encryption mode enabled
[   79.564005][ T4802] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   79.565944][ T4802] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   79.578237][ T5745] loop0: detected capacity change from 0 to 512
[   79.579736][ T5745] EXT4-fs: Ignoring removed orlov option
[   79.599971][ T5723] F2FS-fs (loop3): Found nat_bits in checkpoint
[   79.612118][ T5760] loop1: detected capacity change from 0 to 256
[   79.620238][ T5745] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   79.647597][ T5723] F2FS-fs (loop3): Mounted with checkpoint version = 753bd00b
[   79.657211][ T5745] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2196: inode #17: comm syz.0.266: corrupted in-inode xattr
[   79.674016][ T5745] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.266: couldn't read orphan inode 17 (err -117)
[   79.674792][ T5765] loop5: detected capacity change from 0 to 512
[   79.686621][ T5765] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[   79.689641][ T5745] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   79.721360][ T5765] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #16: comm syz.5.275: invalid indirect mapped block 4294967295 (level 0)
[   79.754042][ T5765] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #16: comm syz.5.275: invalid indirect mapped block 4294967295 (level 1)
[   79.783178][ T5765] EXT4-fs (loop5): 1 orphan inode deleted
[   79.786634][ T5765] EXT4-fs (loop5): 1 truncate cleaned up
[   79.790367][ T5765] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[   79.815732][ T5765] EXT4-fs error (device loop5): htree_dirblock_to_tree:1112: inode #2: block 13: comm syz.5.275: bad entry in directory: rec_len is too small for name_len - offset=12, inode=2, rec_len=12, size=1024 fake=0
[   79.902113][ T4566] EXT4-fs (loop5): unmounting filesystem.
[   79.945937][   T27] kauditd_printk_skb: 31 callbacks suppressed
[   79.945947][   T27] audit: type=1326 audit(335.995:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5779 comm="syz.5.277" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb655b3a8 code=0x7ffc0000
[   79.967958][   T27] audit: type=1326 audit(336.015:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5779 comm="syz.5.277" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=172 compat=0 ip=0xffffb655b3a8 code=0x7ffc0000
[   79.975254][ T4404] device hsr_slave_0 left promiscuous mode
[   79.990740][   T27] audit: type=1326 audit(336.025:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5779 comm="syz.5.277" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb655b3a8 code=0x7ffc0000
[   80.004186][   T27] audit: type=1326 audit(336.025:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5779 comm="syz.5.277" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=122 compat=0 ip=0xffffb655b3a8 code=0x7ffc0000
[   80.016673][   T27] audit: type=1326 audit(336.025:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5779 comm="syz.5.277" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb655b3a8 code=0x7ffc0000
[   80.034947][ T4404] device hsr_slave_1 left promiscuous mode
[   80.046362][   T27] audit: type=1326 audit(336.025:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5779 comm="syz.5.277" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=199 compat=0 ip=0xffffb655b3a8 code=0x7ffc0000
[   80.057367][   T27] audit: type=1326 audit(336.025:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5779 comm="syz.5.277" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb655b3a8 code=0x7ffc0000
[   80.062752][   T27] audit: type=1326 audit(336.025:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5779 comm="syz.5.277" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb655b3a8 code=0x7ffc0000
[   80.066239][   T27] audit: type=1326 audit(336.025:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5779 comm="syz.5.277" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb655b3a8 code=0x7ffc0000
[   80.069445][   T27] audit: type=1326 audit(336.025:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5779 comm="syz.5.277" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=56 compat=0 ip=0xffffb6559794 code=0x7ffc0000
[   80.133208][ T4404] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   80.134395][ T4404] batman_adv: batadv0: Removing interface: batadv_slave_0
[   80.136174][ T4404] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   80.137353][ T4404] batman_adv: batadv0: Removing interface: batadv_slave_1
[   80.141634][ T4404] device bridge_slave_1 left promiscuous mode
[   80.143221][ T4404] bridge0: port 2(bridge_slave_1) entered disabled state
[   80.192848][ T4404] device bridge_slave_0 left promiscuous mode
[   80.193938][ T4404] bridge0: port 1(bridge_slave_0) entered disabled state
[   80.309974][ T4404] device veth1_macvtap left promiscuous mode
[   80.310994][ T4404] device veth0_macvtap left promiscuous mode
[   80.311863][ T4404] device veth1_vlan left promiscuous mode
[   80.312777][ T4404] device veth0_vlan left promiscuous mode
[   80.648549][ T5797] loop3: detected capacity change from 0 to 40427
[   80.665450][ T5797] F2FS-fs (loop3): Invalid log_blocksize (64), supports only 12
[   80.669435][ T5797] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[   80.674571][ T5797] F2FS-fs (loop3): invalid crc value
[   80.830296][ T4321] Bluetooth: hci2: command 0x040f tx timeout
[   80.965671][ T5797] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[   80.977233][ T5797] F2FS-fs (loop3): Cannot turn on quotas: -2 on 1
[   80.978741][ T5797] F2FS-fs (loop3): Start checkpoint disabled!
[   80.984097][ T5797] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[   80.985272][ T5797] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[   81.097719][ T5806] loop3: detected capacity change from 0 to 16
[   81.103183][ T5806] erofs: (device loop3): mounted with root inode @ nid 36.
[   81.113826][ T5806] erofs: (device loop3): z_erofs_readahead: readahead error at page 2 @ nid 89
[   81.115385][ T5806] syz.3.282: attempt to access beyond end of device
[   81.115385][ T5806] loop3: rw=524288, sector=524296, nr_sectors = 8 limit=16
[   81.117805][ T5806] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[   81.125913][ T5806] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[   81.127768][ T5806] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[   81.129842][ T5806] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[   81.133315][ T5806] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[   81.134988][ T5806] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[   81.136731][ T5806] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[   81.138520][ T5806] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[   81.142031][ T5806] syz.3.282: attempt to access beyond end of device
[   81.142031][ T5806] loop3: rw=0, sector=524296, nr_sectors = 8 limit=16
[   81.145462][ T5806] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4100]
[   81.147185][ T5806] syz.3.282: attempt to access beyond end of device
[   81.147185][ T5806] loop3: rw=0, sector=524296, nr_sectors = 8 limit=16
[   81.149529][ T5806] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4100]
[   81.154082][ T5806] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[   81.155765][ T5806] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[   81.157499][ T5806] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[   81.165377][ T5806] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[   81.167046][ T5806] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[   81.168743][ T5806] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[   81.170483][ T5806] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[   81.172131][ T5806] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[   81.174960][ T5806] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[   81.176773][ T5806] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[   81.178454][ T5806] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[   81.180109][ T5806] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[   81.182634][ T5806] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[   81.184345][ T5806] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[   81.185964][ T5806] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[   81.187770][ T5806] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[   81.190172][ T5806] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[   81.191889][ T5806] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[   81.193466][ T5806] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[   81.195256][ T5806] erofs: (device loop3): z_erofs_lz4_decompress_mem: failed to decompress -5 in[4096, 0] out[4096]
[   81.773232][ T5815] capability: warning: `syz.1.285' uses 32-bit capabilities (legacy support in use)
[   82.206058][ T4494] usb 1-1: 0:2 : does not exist
[   82.207946][ T4494] usb 1-1: unit 4 not found!
[   82.226646][ T4320] EXT4-fs (loop0): unmounting filesystem.
[   82.235652][ T4494] usb 1-1: USB disconnect, device number 4
[   82.250162][ T4451] udevd[4451]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[   82.888222][ T4325] Bluetooth: hci2: command 0x0419 tx timeout
[   83.210102][ T4404] team0 (unregistering): Port device team_slave_1 removed
[   83.410004][ T4404] team0 (unregistering): Port device team_slave_0 removed
[   83.568387][ T4404] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   83.665167][ T5832] loop1: detected capacity change from 0 to 128
[   83.666867][ T5832] FAT-fs (loop1): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[   83.674558][ T5832] FAT-fs (loop1): error, corrupted file size (i_pos 548, 512)
[   83.675774][ T5832] FAT-fs (loop1): Filesystem has been set read-only
[   83.697674][ T5834] loop1: detected capacity change from 0 to 256
[   83.699569][ T5834] FAT-fs (loop1): "posix" option is obsolete, not supported now
[   83.769644][ T4404] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   84.579501][ T5841] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   84.582138][ T5841] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   84.769626][ T5843] binder: 5840:5843 Acquire 1 refcount change on invalid ref 0 ret -22
[   84.771216][ T5843] binder: 5840:5843 ioctl c0306201 200003c0 returned -14
[   84.773571][ T5843] binder: 5840:5843 BC_REQUEST_DEATH_NOTIFICATION invalid ref 0
[   84.775000][ T5843] binder: 5840:5843 BC_CLEAR_DEATH_NOTIFICATION invalid ref 0
[   84.776182][ T5843] binder: 5840:5843 got reply transaction with no transaction stack
[   84.777568][ T5843] binder: 5840:5843 transaction reply to 0:0 failed 7/29201/-71, size 0-0 line 2946
[   86.560520][ T4404] bond0 (unregistering): Released all slaves
[   86.818856][ T4802] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   86.820273][ T4802] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   86.826883][ T5599] 8021q: adding VLAN 0 to HW filter on device batadv0
[   86.991820][ T5345] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   86.993469][ T5345] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   87.003016][ T4802] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   87.004778][ T4802] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   87.007568][ T4802] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   87.009869][ T4802] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   87.291159][ T5599] device veth0_vlan entered promiscuous mode
[   87.295527][ T5599] device veth1_vlan entered promiscuous mode
[   87.305817][ T5599] device veth0_macvtap entered promiscuous mode
[   87.315641][ T5864] input: syz0 as /devices/virtual/input/input4
[   87.316676][ T5345] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   87.317052][ T5864] input: failed to attach handler leds to device input4, error: -6
[   87.318539][ T5345] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   87.320772][ T5345] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   87.328623][ T5345] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   87.330224][ T5345] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   87.333885][ T5599] device veth1_macvtap entered promiscuous mode
[   87.343169][ T5599] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   87.345221][ T5599] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   87.347237][ T5599] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   87.348967][ T5599] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   87.350528][ T5599] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   87.352181][ T5599] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   87.353771][ T5599] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   87.355392][ T5599] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   87.358490][ T5599] batman_adv: batadv0: Interface activated: batadv_slave_0
[   87.359894][ T5345] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   87.361493][ T5345] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   87.363057][ T5345] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   87.370217][ T5599] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   87.372962][ T5599] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   87.375576][ T5599] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   87.379522][ T5599] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   87.382198][ T5599] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   87.387231][ T5599] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   87.388917][ T5599] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   87.391925][ T5599] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   87.400401][ T5599] batman_adv: batadv0: Interface activated: batadv_slave_1
[   87.403294][ T4800] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   87.404961][ T4800] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   87.410530][ T5599] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   87.412019][ T5599] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   87.415444][ T5599] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   87.419813][ T5599] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   87.533253][ T5345] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   87.534645][ T5345] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   87.538739][ T4800] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   87.597796][ T5345] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   87.599357][ T5345] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   87.602329][ T5345] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   87.691310][   T27] kauditd_printk_skb: 5 callbacks suppressed
[   87.691324][   T27] audit: type=1326 audit(343.749:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5886 comm="syz.1.299" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa1d5b3a8 code=0x7ffc0000
[   87.698426][   T27] audit: type=1326 audit(343.749:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5886 comm="syz.1.299" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=270 compat=0 ip=0xffffa1d5b3a8 code=0x7ffc0000
[   87.701644][   T27] audit: type=1326 audit(343.749:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5886 comm="syz.1.299" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa1d5b3a8 code=0x7ffc0000
[   88.207161][   T27] audit: type=1326 audit(344.269:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5902 comm="syz.7.245" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8595b3a8 code=0x7ffc0000
[   88.210477][   T27] audit: type=1326 audit(344.269:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5902 comm="syz.7.245" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8595b3a8 code=0x7ffc0000
[   88.213678][   T27] audit: type=1326 audit(344.269:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5902 comm="syz.7.245" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=158 compat=0 ip=0xffff8595b3a8 code=0x7ffc0000
[   88.222217][   T27] audit: type=1326 audit(344.269:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5902 comm="syz.7.245" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8595b3a8 code=0x7ffc0000
[   88.233281][   T27] audit: type=1326 audit(344.269:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5902 comm="syz.7.245" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8595b3a8 code=0x7ffc0000
[   88.331981][ T5915] loop0: detected capacity change from 0 to 1024
[   88.407279][ T5915] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   88.413380][ T5915] EXT4-fs (loop0): INFO: recovery required on readonly filesystem
[   88.414720][ T5915] EXT4-fs (loop0): write access will be enabled during recovery
[   88.417557][ T5915] JBD2: no valid journal superblock found
[   88.418547][ T5915] EXT4-fs (loop0): error loading journal
[   89.784904][ T4451] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   90.197081][   T27] audit: type=1326 audit(346.230:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5909 comm="syz.1.302" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa1d5b3a8 code=0x7fc00000
[   90.290202][ T5935] loop3: detected capacity change from 0 to 4096
[   90.350498][ T5935] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   90.426850][ T4324] EXT4-fs (loop3): unmounting filesystem.
[   90.911669][ T5939] loop5: detected capacity change from 0 to 40427
[   90.920879][ T5939] F2FS-fs (loop5): build fault injection attr: rate: 684, type: 0x3ffff
[   90.922964][ T5939] F2FS-fs (loop5): build fault injection attr: rate: 0, type: 0x35f7
[   90.929048][ T5939] F2FS-fs (loop5): invalid crc value
[   90.939548][ T5939] F2FS-fs (loop5): Found nat_bits in checkpoint
[   90.952683][ T5939] F2FS-fs (loop5): Start checkpoint disabled!
[   90.969110][ T5939] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[   91.022641][   T39] kworker/u4:2: attempt to access beyond end of device
[   91.022641][   T39] loop5: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[   91.510084][ T5991] loop7: detected capacity change from 0 to 40427
[   92.066086][ T5991] F2FS-fs (loop7): Found nat_bits in checkpoint
[   92.205852][ T5991] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[   92.237475][ T5991] syz.7.315: attempt to access beyond end of device
[   92.237475][ T5991] loop7: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   92.508465][ T5599] syz-executor: attempt to access beyond end of device
[   92.508465][ T5599] loop7: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[   92.585302][   T27] audit: type=1326 audit(348.641:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6002 comm="syz.0.319" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9615b3a8 code=0x7ffc0000
[   93.479644][ T6027] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   93.481088][ T6027] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   93.753609][ T4379] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[   93.933466][ T4379] usb 1-1: Using ep0 maxpacket: 16
[   93.983552][ T4379] usb 1-1: config 0 has no interfaces?
[   93.984608][ T4379] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[   93.986045][ T4379] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   93.999478][ T4379] usb 1-1: config 0 descriptor??
[   94.510155][ T6075] loop3: detected capacity change from 0 to 1024
[   94.520134][ T6075] ext4: Unknown parameter 'noacl'
[   94.538792][ T6026] ipt_CLUSTERIP: Please specify destination IP
[   94.568551][   T27] kauditd_printk_skb: 4 callbacks suppressed
[   94.568564][   T27] audit: type=1326 audit(350.621:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6079 comm="syz.7.328" exe="/root/syz-executor" sig=9 arch=c00000b7 syscall=98 compat=0 ip=0xffff8595b3a8 code=0x0
[   95.975997][ T6133] binder: 6132:6133 ioctl c018620c 20000240 returned -1
[   96.426729][ T6144] xt_bpf: check failed: parse error
[   96.890710][ T6155] loop1: detected capacity change from 0 to 4096
[   96.923821][ T6155] EXT4-fs: Ignoring removed mblk_io_submit option
[   96.931972][ T6155] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   96.962382][ T6155] EXT4-fs (loop1): Test dummy encryption mode enabled
[   96.983637][ T6155] EXT4-fs (loop1): can't mount with data_err=abort, fs mounted w/o journal
[   97.476100][   T27] audit: type=1326 audit(353.531:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6167 comm="syz.3.345" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9335b3a8 code=0x7ffc0000
[   97.479801][   T27] audit: type=1326 audit(353.531:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6167 comm="syz.3.345" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9335b3a8 code=0x7ffc0000
[   97.483043][   T27] audit: type=1326 audit(353.531:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6167 comm="syz.3.345" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff9335b3a8 code=0x7ffc0000
[   97.487458][   T27] audit: type=1326 audit(353.531:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6167 comm="syz.3.345" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9335b3a8 code=0x7ffc0000
[   97.490510][   T27] audit: type=1326 audit(353.531:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6167 comm="syz.3.345" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9335b3a8 code=0x7ffc0000
[   97.493839][   T27] audit: type=1326 audit(353.531:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6167 comm="syz.3.345" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff9335b3a8 code=0x7ffc0000
[   97.497064][   T27] audit: type=1326 audit(353.531:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6167 comm="syz.3.345" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9335b3a8 code=0x7ffc0000
[   97.500037][   T27] audit: type=1326 audit(353.531:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6167 comm="syz.3.345" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9335b3a8 code=0x7ffc0000
[   97.502959][   T27] audit: type=1326 audit(353.531:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6167 comm="syz.3.345" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=229 compat=0 ip=0xffff9335b3a8 code=0x7ffc0000
[   97.887196][ T6180] device batadv_slave_1 entered promiscuous mode
[   98.206366][ T6187] loop3: detected capacity change from 0 to 40427
[   98.586369][ T6187] F2FS-fs (loop3): Found nat_bits in checkpoint
[   98.715244][ T6187] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   98.792163][ T6187] syz.3.349: attempt to access beyond end of device
[   98.792163][ T6187] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   99.264948][ T4324] syz-executor: attempt to access beyond end of device
[   99.264948][ T4324] loop3: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[   99.372062][ T6207] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   99.377775][ T6207] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   99.789975][ T6179] device batadv_slave_1 left promiscuous mode
[   99.800554][ T6196] loop5: detected capacity change from 0 to 40427
[   99.808823][ T6196] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[   99.810100][ T6196] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[   99.826705][ T6196] F2FS-fs (loop5): invalid crc_offset: 33558524
[   99.877673][ T6196] F2FS-fs (loop5): Found nat_bits in checkpoint
[   99.910693][ T6196] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[   99.911948][ T6196] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  100.395416][   T27] kauditd_printk_skb: 2 callbacks suppressed
[  100.395429][   T27] audit: type=1326 audit(356.451:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6233 comm="syz.3.356" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9335b3a8 code=0x7ffc0000
[  100.401900][   T27] audit: type=1326 audit(356.451:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6233 comm="syz.3.356" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9335b3a8 code=0x7ffc0000
[  100.408061][   T27] audit: type=1326 audit(356.451:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6233 comm="syz.3.356" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=213 compat=0 ip=0xffff9335b3a8 code=0x7ffc0000
[  100.424003][   T27] audit: type=1326 audit(356.451:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6233 comm="syz.3.356" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9335b3a8 code=0x7ffc0000
[  100.427216][   T27] audit: type=1326 audit(356.451:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6233 comm="syz.3.356" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9335b3a8 code=0x7ffc0000
[  100.430364][   T27] audit: type=1326 audit(356.451:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6233 comm="syz.3.356" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=243 compat=0 ip=0xffff9335b3a8 code=0x7ffc0000
[  100.452982][ T6236] loop3: detected capacity change from 0 to 512
[  100.454486][ T6236] EXT4-fs: Ignoring removed oldalloc option
[  100.457897][ T6236] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  100.473732][ T6236] EXT4-fs (loop3): 1 truncate cleaned up
[  100.474663][ T6236] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  101.176616][ T4324] EXT4-fs (loop3): unmounting filesystem.
[  101.312390][  T489] Bluetooth: hci5: Frame reassembly failed (-84)
[  102.212457][   T27] audit: type=1326 audit(358.261:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6279 comm="syz.5.361" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb655b3a8 code=0x7ffc0000
[  102.278821][ T4379] usb 1-1: USB disconnect, device number 5
[  103.349493][   T27] audit: type=1326 audit(358.301:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6279 comm="syz.5.361" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb655b3a8 code=0x7ffc0000
[  103.352752][   T27] audit: type=1326 audit(359.391:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6279 comm="syz.5.361" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=214 compat=0 ip=0xffffb655b3a8 code=0x7ffc0000
[  103.356328][ T4321] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  103.400330][   T27] audit: type=1326 audit(359.391:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6279 comm="syz.5.361" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb655b3a8 code=0x7ffc0000
[  103.428174][ T6291] tipc: New replicast peer: 255.255.255.255
[  103.429412][ T6291] tipc: Enabled bearer <udp:syz2>, priority 10
[  103.733450][ T4379] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  103.903695][ T6317] loop3: detected capacity change from 0 to 8192
[  104.467302][ T6323] loop5: detected capacity change from 0 to 40427
[  104.471245][   T22] tipc: Node number set to 4026531963
[  104.944420][ T6323] F2FS-fs (loop5): Found nat_bits in checkpoint
[  105.079117][ T6323] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  105.155607][ T6323] syz.5.371: attempt to access beyond end of device
[  105.155607][ T6323] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  105.613937][ T4566] syz-executor: attempt to access beyond end of device
[  105.613937][ T4566] loop5: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  105.678829][ T4379] usb 1-1: device descriptor read/all, error -71
[  105.790657][ T6342] xt_CONNSECMARK: invalid mode: 66
[  106.031702][ T6342] loop7: detected capacity change from 0 to 1024
[  106.033236][ T6342] EXT4-fs: Ignoring removed bh option
[  106.034146][ T6342] EXT4-fs: Ignoring removed nomblk_io_submit option
[  106.203178][ T6342] EXT4-fs (loop7): Test dummy encryption mode enabled
[  106.428542][ T6342] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  107.044837][ T5599] EXT4-fs (loop7): unmounting filesystem.
[  107.171725][ T6371] overlayfs: statfs failed on './file0'
[  107.289898][   T27] kauditd_printk_skb: 1 callbacks suppressed
[  107.289907][   T27] audit: type=1326 audit(363.341:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6381 comm="syz.0.385" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9615b3a8 code=0x7ffc0000
[  107.298025][   T27] audit: type=1326 audit(363.341:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6381 comm="syz.0.385" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9615b3a8 code=0x7ffc0000
[  107.301709][   T27] audit: type=1326 audit(363.341:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6381 comm="syz.0.385" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=159 compat=0 ip=0xffff9615b3a8 code=0x7ffc0000
[  107.323579][   T27] audit: type=1326 audit(363.341:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6381 comm="syz.0.385" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9615b3a8 code=0x7ffc0000
[  107.326860][   T27] audit: type=1326 audit(363.341:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6381 comm="syz.0.385" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9615b3a8 code=0x7ffc0000
[  107.919843][ T6392] loop7: detected capacity change from 0 to 40427
[  108.384059][ T6392] F2FS-fs (loop7): Found nat_bits in checkpoint
[  108.511638][ T6392] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  108.590284][ T6392] syz.7.387: attempt to access beyond end of device
[  108.590284][ T6392] loop7: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  108.895626][ T6400] loop5: detected capacity change from 0 to 16
[  108.929788][ T6400] erofs: (device loop5): mounted with root inode @ nid 36.
[  109.062366][ T5599] syz-executor: attempt to access beyond end of device
[  109.062366][ T5599] loop7: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  109.825397][ T6419] loop5: detected capacity change from 0 to 128
[  109.907674][ T6423] loop3: detected capacity change from 0 to 4096
[  109.940765][ T6433] loop0: detected capacity change from 0 to 1024
[  109.942191][ T6433] ext4: Unknown parameter 'smackfshat'
[  109.957507][ T6423] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  110.040489][ T4324] EXT4-fs (loop3): unmounting filesystem.
[  110.173846][ T5283] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  110.181351][ T6445] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  110.182790][ T6445] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  110.769667][ T6433] loop0: detected capacity change from 0 to 40427
[  110.787718][ T6433] F2FS-fs (loop0): Invalid log_blocksize (64), supports only 12
[  110.790074][ T6433] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  110.796358][ T6433] F2FS-fs (loop0): invalid crc value
[  110.805266][ T6433] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[  110.826370][ T6433] F2FS-fs (loop0): Cannot turn on quotas: -2 on 1
[  110.829744][ T6433] F2FS-fs (loop0): Start checkpoint disabled!
[  110.836563][ T6433] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  110.837843][ T6433] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  111.258881][ T6467] loop5: detected capacity change from 0 to 512
[  111.921871][ T6471] loop3: detected capacity change from 0 to 40427
[  112.378192][ T6471] F2FS-fs (loop3): Found nat_bits in checkpoint
[  112.500957][ T6471] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  112.572415][ T6471] syz.3.402: attempt to access beyond end of device
[  112.572415][ T6471] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  112.585081][ T6467] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  112.639983][ T6482] loop0: detected capacity change from 0 to 512
[  112.641543][ T6482] EXT4-fs: Ignoring removed mblk_io_submit option
[  112.642629][ T6482] EXT4-fs: inline encryption not supported
[  112.644660][ T6482] EXT4-fs (loop0): Test dummy encryption mode enabled
[  112.645772][ T6482] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  112.682951][ T6482] EXT4-fs (loop0): 1 truncate cleaned up
[  112.689946][ T6482] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  112.779441][ T4566] EXT4-fs (loop5): unmounting filesystem.
[  112.781287][ T4324] syz-executor: attempt to access beyond end of device
[  112.781287][ T4324] loop3: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  113.011896][ T6501] xt_CONNSECMARK: invalid mode: 66
[  113.876756][ T4320] EXT4-fs (loop0): unmounting filesystem.
[  114.059594][ T6513] loop0: detected capacity change from 0 to 512
[  114.162754][ T6513] EXT4-fs error (device loop0): __ext4_fill_super:5397: inode #2: comm syz.0.409: inode has both inline data and extents flags
[  114.169106][ T6513] EXT4-fs (loop0): get root inode failed
[  114.170326][ T6513] EXT4-fs (loop0): mount failed
[  114.535338][ T4451] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  114.581919][ T6531] loop0: detected capacity change from 0 to 16
[  114.589399][ T6531] erofs: (device loop0): mounted with root inode @ nid 36.
[  114.694021][ T6536] loop5: detected capacity change from 0 to 512
[  114.713980][ T6536] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=684ec018, mo2=0002]
[  114.715481][ T6536] System zones: 0-2, 18-18, 34-34
[  114.718905][ T6536] EXT4-fs (loop5): orphan cleanup on readonly fs
[  115.041706][ T6536] EXT4-fs error (device loop5): ext4_orphan_get:1426: comm syz.5.419: bad orphan inode 13
[  115.053005][ T6536] ext4_test_bit(bit=12, block=18) = 1
[  115.114099][ T6536] is_bad_inode(inode)=0
[  115.114916][ T6536] NEXT_ORPHAN(inode)=2130706432
[  115.115703][ T6536] max_ino=32
[  115.116158][ T6536] i_nlink=1
[  115.117093][ T6536] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  115.120853][ T6536] netlink: 232 bytes leftover after parsing attributes in process `syz.5.419'.
[  115.558691][ T6549] netlink: 64 bytes leftover after parsing attributes in process `syz.7.423'.
[  116.148746][ T6554] loop0: detected capacity change from 0 to 40427
[  116.658438][ T6554] F2FS-fs (loop0): Found nat_bits in checkpoint
[  116.765081][ T6554] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  116.844105][ T6554] syz.0.421: attempt to access beyond end of device
[  116.844105][ T6554] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  117.058525][ T4566] EXT4-fs (loop5): unmounting filesystem.
[  117.089264][ T6561] loop1: detected capacity change from 0 to 128
[  117.130194][ T6561] syz.1.425: attempt to access beyond end of device
[  117.130194][ T6561] loop1: rw=2049, sector=154, nr_sectors = 96 limit=128
[  117.160225][ T6561] syz.1.425: attempt to access beyond end of device
[  117.160225][ T6561] loop1: rw=2049, sector=138, nr_sectors = 16 limit=128
[  117.282226][ T4320] syz-executor: attempt to access beyond end of device
[  117.282226][ T4320] loop0: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  117.362708][ T6571] xt_CONNSECMARK: invalid mode: 66
[  117.415841][ T6571] loop3: detected capacity change from 0 to 1024
[  117.420389][ T6571] EXT4-fs: Ignoring removed bh option
[  117.421320][ T6571] EXT4-fs: Ignoring removed nomblk_io_submit option
[  117.464416][ T6571] EXT4-fs (loop3): Test dummy encryption mode enabled
[  117.839903][ T6571] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  118.990117][ T4324] EXT4-fs (loop3): unmounting filesystem.
[  119.406721][ T6604] loop7: detected capacity change from 0 to 1024
[  119.415617][ T6604] EXT4-fs: Ignoring removed orlov option
[  119.440948][ T6604] EXT4-fs error (device loop7): ext4_quota_enable:7013: comm syz.7.434: Bad quota inum: 2, type: 0
[  119.442891][ T6604] EXT4-fs warning (device loop7): ext4_enable_quotas:7061: Failed to enable quota tracking (type=0, err=-117, ino=2). Please run e2fsck to fix.
[  119.465998][ T6604] EXT4-fs (loop7): mount failed
[  120.200157][ T6621] loop0: detected capacity change from 0 to 8192
[  120.202159][ T6621] FAT-fs (loop0): Unrecognized mount option "ÿÿÿÿÿÿ" or missing value
[  120.363197][ T6637] loop0: detected capacity change from 0 to 256
[  120.372562][ T6637] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  120.375895][ T6637] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[  120.381722][ T6637] exFAT-fs (loop0): Invalid boot checksum (boot checksum : 0x110dabd0, checksum : 0x1119abd0)
[  120.383455][ T6637] exFAT-fs (loop0): invalid boot region
[  120.384225][ T6637] exFAT-fs (loop0): failed to recognize exfat type
[  120.740582][ T6652] netlink: 'syz.3.445': attribute type 12 has an invalid length.
[  121.178874][ T6658] device veth1_macvtap left promiscuous mode
[  121.268732][ T6662] loop7: detected capacity change from 0 to 256
[  121.308594][ T6668] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  121.311288][ T6668] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  121.368761][ T6671] loop0: detected capacity change from 0 to 4096
[  121.372863][ T6671] EXT4-fs: Ignoring removed mblk_io_submit option
[  121.387060][ T6671] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  121.391542][ T6671] EXT4-fs (loop0): Test dummy encryption mode enabled
[  121.405859][ T6671] EXT4-fs (loop0): can't mount with data_err=abort, fs mounted w/o journal
[  121.813516][ T6673] netlink: 12 bytes leftover after parsing attributes in process `syz.7.455'.
[  122.989720][ T6695] loop3: detected capacity change from 0 to 16
[  123.013501][ T6695] erofs: (device loop3): mounted with root inode @ nid 36.
[  123.968169][ T6712] overlayfs: statfs failed on './file0'
[  125.050707][   T27] audit: type=1326 audit(381.101:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6731 comm="syz.7.467" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8595b3a8 code=0x7ffc0000
[  125.054647][   T27] audit: type=1326 audit(381.111:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6731 comm="syz.7.467" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8595b3a8 code=0x7ffc0000
[  125.067063][ T6732] loop7: detected capacity change from 0 to 512
[  125.068830][   T27] audit: type=1326 audit(381.121:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6731 comm="syz.7.467" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=279 compat=0 ip=0xffff8595b3a8 code=0x7ffc0000
[  125.072249][   T27] audit: type=1326 audit(381.121:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6731 comm="syz.7.467" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=222 compat=0 ip=0xffff8595b3dc code=0x7ffc0000
[  125.093401][   T27] audit: type=1326 audit(381.121:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6731 comm="syz.7.467" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=64 compat=0 ip=0xffff85959a90 code=0x7ffc0000
[  125.102928][   T27] audit: type=1326 audit(381.121:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6731 comm="syz.7.467" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=215 compat=0 ip=0xffff8595b44c code=0x7ffc0000
[  125.122926][   T27] audit: type=1326 audit(381.121:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6731 comm="syz.7.467" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=56 compat=0 ip=0xffff85959794 code=0x7ffc0000
[  125.143180][   T27] audit: type=1326 audit(381.121:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6731 comm="syz.7.467" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=29 compat=0 ip=0xffff8595aed0 code=0x7ffc0000
[  125.152444][   T27] audit: type=1326 audit(381.121:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6731 comm="syz.7.467" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=57 compat=0 ip=0xffff85959ccc code=0x7ffc0000
[  125.156076][   T27] audit: type=1326 audit(381.121:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6731 comm="syz.7.467" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=57 compat=0 ip=0xffff85959ccc code=0x7ffc0000
[  125.230092][ T6732] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  125.234358][ T6745] loop0: detected capacity change from 0 to 1024
[  125.235917][ T6745] EXT4-fs: Ignoring removed orlov option
[  125.672703][ T6745] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  125.693871][ T5599] EXT4-fs (loop7): unmounting filesystem.
[  125.717680][ T4320] EXT4-fs (loop0): unmounting filesystem.
[  125.915036][ T2060] ieee802154 phy0 wpan0: encryption failed: -22
[  125.916179][ T2060] ieee802154 phy1 wpan1: encryption failed: -22
[  125.938702][ T6767] loop0: detected capacity change from 0 to 512
[  126.033248][ T6781] netlink: 'syz.7.474': attribute type 12 has an invalid length.
[  126.296232][ T6786] loop3: detected capacity change from 0 to 16
[  126.335249][ T6767] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  126.665436][ T6786] erofs: (device loop3): mounted with root inode @ nid 36.
[  127.415281][ T4320] EXT4-fs (loop0): unmounting filesystem.
[  127.539338][ T6808] loop7: detected capacity change from 0 to 16
[  127.549674][ T6808] erofs: (device loop7): mounted with root inode @ nid 36.
[  129.270320][ T6881] netlink: 'syz.1.490': attribute type 12 has an invalid length.
[  130.511571][ T6902] netlink: 'syz.1.505': attribute type 12 has an invalid length.
[  130.519843][ T6905] loop5: detected capacity change from 0 to 128
[  130.617229][ T6912] loop7: detected capacity change from 0 to 16
[  130.619118][ T6905] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  130.627057][ T6912] erofs: (device loop7): mounted with root inode @ nid 36.
[  131.205609][ T4321] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  131.272422][ T6920] netlink: 28 bytes leftover after parsing attributes in process `syz.0.499'.
[  131.550393][ T6928] ipt_CLUSTERIP: Please specify destination IP
[  131.641034][ T6905] fscrypt: Adiantum using implementation "adiantum(xchacha12-neon,aes-ce,nhpoly1305-generic)"
[  131.801386][ T4566] EXT4-fs (loop5): unmounting filesystem.
[  131.984050][ T6944] netlink: 'syz.7.508': attribute type 12 has an invalid length.
[  132.031656][ T6948] device syzkaller0 entered promiscuous mode
[  132.726951][ T6957] IPv6: sit1: Disabled Multicast RS
[  132.825800][ T6960] overlayfs: workdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[  132.931419][ T6965] loop5: detected capacity change from 0 to 16
[  132.940516][ T6965] erofs: (device loop5): mounted with root inode @ nid 36.
[  134.351392][ T6993] loop1: detected capacity change from 0 to 256
[  134.976594][ T7008] loop5: detected capacity change from 0 to 16
[  134.982000][ T7008] erofs: (device loop5): mounted with root inode @ nid 36.
[  136.078850][ T7040] xt_hashlimit: size too large, truncated to 1048576
[  136.789107][ T7057] loop0: detected capacity change from 0 to 16
[  136.846330][ T7057] erofs: (device loop0): mounted with root inode @ nid 36.
[  137.689038][ T7071] ipt_CLUSTERIP: Please specify destination IP
[  138.587847][ T7088] loop7: detected capacity change from 0 to 4096
[  138.610610][ T7088] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  138.639564][ T5599] EXT4-fs (loop7): unmounting filesystem.
[  139.129091][ T7105] loop7: detected capacity change from 0 to 16
[  139.138840][ T7105] erofs: (device loop7): mounted with root inode @ nid 36.
[  139.587915][ T7110] loop3: detected capacity change from 0 to 256
[  139.592968][ T7110] FAT-fs (loop3): Unrecognized mount option "utf	" or missing value
[  140.072007][   T27] kauditd_printk_skb: 55 callbacks suppressed
[  140.072016][   T27] audit: type=1326 audit(396.121:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7116 comm="syz.7.563" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8595b3a8 code=0x7ffc0000
[  140.106850][   T27] audit: type=1326 audit(396.151:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7116 comm="syz.7.563" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8595b3a8 code=0x7ffc0000
[  140.116656][   T27] audit: type=1326 audit(396.171:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7116 comm="syz.7.563" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=30 compat=0 ip=0xffff8595b3a8 code=0x7ffc0000
[  140.120238][   T27] audit: type=1326 audit(396.171:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7116 comm="syz.7.563" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8595b3a8 code=0x7ffc0000
[  140.452598][ T7124] loop7: detected capacity change from 0 to 40427
[  140.477107][ T7124] F2FS-fs (loop7): build fault injection attr: rate: 174, type: 0x3ffff
[  140.519019][ T4451] I/O error, dev loop7, sector 40192 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  140.528284][ T7128] loop3: detected capacity change from 0 to 40427
[  140.547461][ T7128] F2FS-fs (loop3): build fault injection attr: rate: 19, type: 0x3ffff
[  140.552347][ T7136] loop1: detected capacity change from 0 to 128
[  140.803973][   T27] audit: type=1400 audit(396.831:263): apparmor="DENIED" operation="setprocattr" info="fscreate" error=-22 profile="unconfined" pid=7147 comm="syz.7.578"
[  140.962313][ T7157] tipc: Started in network mode
[  140.963240][ T7157] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[  140.975877][ T7157] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb
[  141.102824][ T7157] tipc: Enabled bearer <udp:syz0>, priority 10
[  141.361630][ T7161] loop1: detected capacity change from 0 to 512
[  141.461551][ T7161] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  141.505128][ T7161] EXT4-fs error (device loop1): ext4_orphan_get:1400: inode #17: comm syz.1.584: inode has both inline data and extents flags
[  141.507820][ T7161] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.584: couldn't read orphan inode 17 (err -117)
[  141.510943][ T7161] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  141.520902][ T7161] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.584: bg 0: block 65: padding at end of block bitmap is not set
[  141.542865][ T4330] EXT4-fs (loop1): unmounting filesystem.
[  141.626385][ T7175] binder: 7174:7175 got transaction to invalid handle, 1
[  141.627560][ T7175] binder: 7175:7174 cannot find target node
[  141.628509][ T7175] binder: 7174:7175 transaction call to 0:0 failed 8/29201/-22, size 104-24 line 3045
[  141.630020][ T7175] binder: 7174:7175 ioctl c0306201 20000440 returned -14
[  141.631684][   T14] binder: undelivered TRANSACTION_ERROR: 29201
[  141.698674][ T7183] loop3: detected capacity change from 0 to 128
[  143.291133][ T4399] tipc: Node number set to 1
[  144.105779][ T7204] netlink: 'syz.0.598': attribute type 12 has an invalid length.
[  145.719184][   T27] audit: type=1326 audit(401.461:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7237 comm="syz.5.609" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb655b3a8 code=0x7ffc0000
[  145.737084][   T27] audit: type=1326 audit(401.461:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7237 comm="syz.5.609" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=164 compat=0 ip=0xffffb655b3a8 code=0x7ffc0000
[  145.748878][   T27] audit: type=1326 audit(401.461:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7237 comm="syz.5.609" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb655b3a8 code=0x7ffc0000
[  146.181299][ T7252] netlink: 'syz.5.613': attribute type 12 has an invalid length.
[  146.852585][ T7265] loop7: detected capacity change from 0 to 4096
[  146.869502][ T7265] EXT4-fs (loop7): Test dummy encryption mode enabled
[  146.943674][ T7265] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003]
[  146.945084][ T7265] System zones: 0-5
[  146.957026][ T7265] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  147.331065][ T5345] Bluetooth: hci5: Frame reassembly failed (-84)
[  147.348316][ T7275] loop3: detected capacity change from 0 to 512
[  148.679438][ T7289] 
[  148.679923][ T7289] ======================================================
[  148.680877][ T7289] WARNING: possible circular locking dependency detected
[  148.681869][ T7289] syzkaller #0 Not tainted
[  148.682469][ T7289] ------------------------------------------------------
[  148.683526][ T7289] syz.7.618/7289 is trying to acquire lock:
[  148.684493][ T7289] ffff0000f5a0e268 (&dquot->dq_lock){+.+.}-{3:3}, at: dquot_commit+0x50/0x1c4
[  148.685836][ T7289] 
[  148.685836][ T7289] but task is already holding lock:
[  148.686874][ T7289] ffff0000dff90288 (&ei->i_data_sem/2){++++}-{3:3}, at: ext4_map_blocks+0x7c4/0x1770
[  148.688310][ T7289] 
[  148.688310][ T7289] which lock already depends on the new lock.
[  148.688310][ T7289] 
[  148.689790][ T7289] 
[  148.689790][ T7289] the existing dependency chain (in reverse order) is:
[  148.691029][ T7289] 
[  148.691029][ T7289] -> #2 (&ei->i_data_sem/2){++++}-{3:3}:
[  148.692152][ T7289]        down_write+0x5c/0x88
[  148.692819][ T7289]        ext4_map_blocks+0x7c4/0x1770
[  148.693580][ T7289]        ext4_getblk+0x170/0x654
[  148.694315][ T7289]        ext4_bread+0x3c/0x1b0
[  148.695000][ T7289]        ext4_quota_write+0x228/0x51c
[  148.695731][ T7289]        find_free_dqentry+0x548/0xa68
[  148.696473][ T7289]        do_insert_tree+0x578/0xc38
[  148.697205][ T7289]        do_insert_tree+0x768/0xc38
[  148.697947][ T7289]        do_insert_tree+0x768/0xc38
[  148.698669][ T7289]        do_insert_tree+0x768/0xc38
[  148.699411][ T7289]        qtree_write_dquot+0x3bc/0x4c8
[  148.700175][ T7289]        v2_write_dquot+0xf0/0x180
[  148.700886][ T7289]        dquot_acquire+0x2a8/0x4e0
[  148.701620][ T7289]        ext4_acquire_dquot+0x270/0x428
[  148.702407][ T7289]        dqget+0x654/0xccc
[  148.703017][ T7289]        __dquot_initialize+0x264/0xa80
[  148.703779][ T7289]        dquot_initialize+0x24/0x34
[  148.704491][ T7289]        ext4_rmdir+0x104/0x8c8
[  148.705165][ T7289]        vfs_rmdir+0x304/0x438
[  148.705796][ T7289]        do_rmdir+0x238/0x50c
[  148.706398][ T7289]        __arm64_sys_unlinkat+0xcc/0xfc
[  148.707136][ T7289]        invoke_syscall+0x98/0x2bc
[  148.707876][ T7289]        el0_svc_common+0x138/0x258
[  148.708633][ T7289]        do_el0_svc+0x58/0x13c
[  148.709319][ T7289]        el0_svc+0x58/0x138
[  148.709956][ T7289]        el0t_64_sync_handler+0x84/0xf0
[  148.710717][ T7289]        el0t_64_sync+0x18c/0x190
[  148.711429][ T7289] 
[  148.711429][ T7289] -> #1 (&s->s_dquot.dqio_sem){++++}-{3:3}:
[  148.712613][ T7289]        down_read+0x64/0x304
[  148.713281][ T7289]        v2_read_dquot+0x4c/0x118
[  148.713488][ T4325] Bluetooth: hci1: command 0x0406 tx timeout
[  148.713966][ T7289]        dquot_acquire+0x120/0x4e0
[  148.714880][ T4325] Bluetooth: hci0: command 0x0406 tx timeout
[  148.715540][ T7289]        ext4_acquire_dquot+0x270/0x428
[  148.716383][ T4325] Bluetooth: hci4: command 0x0406 tx timeout
[  148.717083][ T7289]        dqget+0x654/0xccc
[  148.718573][ T7289]        __dquot_initialize+0x2d4/0xa80
[  148.719343][ T7289]        dquot_initialize+0x24/0x34
[  148.720065][ T7289]        ext4_rmdir+0x104/0x8c8
[  148.720750][ T7289]        vfs_rmdir+0x304/0x438
[  148.721418][ T7289]        do_rmdir+0x238/0x50c
[  148.722058][ T7289]        __arm64_sys_unlinkat+0xcc/0xfc
[  148.722820][ T7289]        invoke_syscall+0x98/0x2bc
[  148.723517][ T7289]        el0_svc_common+0x138/0x258
[  148.724286][ T7289]        do_el0_svc+0x58/0x13c
[  148.724950][ T7289]        el0_svc+0x58/0x138
[  148.725614][ T7289]        el0t_64_sync_handler+0x84/0xf0
[  148.726411][ T7289]        el0t_64_sync+0x18c/0x190
[  148.727108][ T7289] 
[  148.727108][ T7289] -> #0 (&dquot->dq_lock){+.+.}-{3:3}:
[  148.728170][ T7289]        __lock_acquire+0x293c/0x6544
[  148.728949][ T7289]        lock_acquire+0x20c/0x644
[  148.729659][ T7289]        __mutex_lock_common+0x190/0x1f38
[  148.730434][ T7289]        mutex_lock_nested+0x38/0x44
[  148.731201][ T7289]        dquot_commit+0x50/0x1c4
[  148.731877][ T7289]        ext4_write_dquot+0x1b4/0x31c
[  148.732629][ T7289]        ext4_mark_dquot_dirty+0xe8/0x140
[  148.733418][ T7289]        mark_all_dquot_dirty+0x108/0x424
[  148.734215][ T7289]        __dquot_alloc_space+0x560/0xce8
[  148.734995][ T7289]        ext4_mb_new_blocks+0xd30/0x435c
[  148.735790][ T7289]        ext4_ext_map_blocks+0x1340/0x56c8
[  148.736592][ T7289]        ext4_map_blocks+0x860/0x1770
[  148.737362][ T7289]        ext4_getblk+0x170/0x654
[  148.738043][ T7289]        ext4_bread+0x3c/0x1b0
[  148.738706][ T7289]        ext4_append+0x238/0x474
[  148.739423][ T7289]        ext4_init_new_dir+0x264/0x4f4
[  148.740184][ T7289]        ext4_mkdir+0x3c0/0xa2c
[  148.740872][ T7289]        vfs_mkdir+0x314/0x4d4
[  148.741532][ T7289]        ovl_mkdir_real+0xa8/0x200
[  148.742242][ T7289]        ovl_workdir_create+0x2a4/0x634
[  148.743021][ T7289]        ovl_get_workdir+0x2fc/0x1068
[  148.743766][ T7289]        ovl_fill_super+0x139c/0x2294
[  148.744504][ T7289]        mount_nodev+0x68/0x104
[  148.745197][ T7289]        ovl_mount+0x3c/0x50
[  148.745818][ T7289]        legacy_get_tree+0xd4/0x16c
[  148.746551][ T7289]        vfs_get_tree+0x90/0x274
[  148.747227][ T7289]        do_new_mount+0x228/0x810
[  148.747935][ T7289]        path_mount+0x5b4/0xe78
[  148.748638][ T7289]        __arm64_sys_mount+0x49c/0x584
[  148.749403][ T7289]        invoke_syscall+0x98/0x2bc
[  148.750122][ T7289]        el0_svc_common+0x138/0x258
[  148.750854][ T7289]        do_el0_svc+0x58/0x13c
[  148.751521][ T7289]        el0_svc+0x58/0x138
[  148.752162][ T7289]        el0t_64_sync_handler+0x84/0xf0
[  148.752940][ T7289]        el0t_64_sync+0x18c/0x190
[  148.753657][ T7289] 
[  148.753657][ T7289] other info that might help us debug this:
[  148.753657][ T7289] 
[  148.755024][ T7289] Chain exists of:
[  148.755024][ T7289]   &dquot->dq_lock --> &s->s_dquot.dqio_sem --> &ei->i_data_sem/2
[  148.755024][ T7289] 
[  148.756950][ T7289]  Possible unsafe locking scenario:
[  148.756950][ T7289] 
[  148.757954][ T7289]        CPU0                    CPU1
[  148.758690][ T7289]        ----                    ----
[  148.759434][ T7289]   lock(&ei->i_data_sem/2);
[  148.760087][ T7289]                                lock(&s->s_dquot.dqio_sem);
[  148.761159][ T7289]                                lock(&ei->i_data_sem/2);
[  148.762146][ T7289]   lock(&dquot->dq_lock);
[  148.762779][ T7289] 
[  148.762779][ T7289]  *** DEADLOCK ***
[  148.762779][ T7289] 
[  148.763905][ T7289] 5 locks held by syz.7.618/7289:
[  148.764627][ T7289]  #0: ffff0000f3ec20e0 (&type->s_umount_key#48/1){+.+.}-{3:3}, at: alloc_super+0x1a4/0x804
[  148.766075][ T7289]  #1: ffff0000d56b2460 (sb_writers#3){.+.+}-{0:0}, at: mnt_want_write+0x44/0x9c
[  148.767411][ T7289]  #2: ffff0000dff95e48 (&type->i_mutex_dir_key#3/1){+.+.}-{3:3}, at: ovl_workdir_create+0x128/0x634
[  148.769085][ T7289]  #3: ffff0000dff90288 (&ei->i_data_sem/2){++++}-{3:3}, at: ext4_map_blocks+0x7c4/0x1770
[  148.770673][ T7289]  #4: ffff8000153cc2a8 (dquot_srcu){....}-{0:0}, at: rcu_lock_acquire+0x10/0x4c
[  148.772178][ T7289] 
[  148.772178][ T7289] stack backtrace:
[  148.773076][ T7289] CPU: 0 PID: 7289 Comm: syz.7.618 Not tainted syzkaller #0
[  148.774213][ T7289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025
[  148.775778][ T7289] Call trace:
[  148.776284][ T7289]  dump_backtrace+0x1c8/0x1f4
[  148.777002][ T7289]  show_stack+0x2c/0x3c
[  148.777640][ T7289]  __dump_stack+0x30/0x40
[  148.778309][ T7289]  dump_stack_lvl+0xf8/0x160
[  148.779003][ T7289]  dump_stack+0x1c/0x5c
[  148.779638][ T7289]  print_circular_bug+0x148/0x1b0
[  148.780400][ T7289]  check_noncircular+0x240/0x2d4
[  148.781127][ T7289]  __lock_acquire+0x293c/0x6544
[  148.781862][ T7289]  lock_acquire+0x20c/0x644
[  148.782533][ T7289]  __mutex_lock_common+0x190/0x1f38
[  148.783265][ T7289]  mutex_lock_nested+0x38/0x44
[  148.783928][ T7289]  dquot_commit+0x50/0x1c4
[  148.784559][ T7289]  ext4_write_dquot+0x1b4/0x31c
[  148.785268][ T7289]  ext4_mark_dquot_dirty+0xe8/0x140
[  148.786038][ T7289]  mark_all_dquot_dirty+0x108/0x424
[  148.786770][ T7289]  __dquot_alloc_space+0x560/0xce8
[  148.787502][ T7289]  ext4_mb_new_blocks+0xd30/0x435c
[  148.788260][ T7289]  ext4_ext_map_blocks+0x1340/0x56c8
[  148.789091][ T7289]  ext4_map_blocks+0x860/0x1770
[  148.789770][ T7289]  ext4_getblk+0x170/0x654
[  148.790392][ T7289]  ext4_bread+0x3c/0x1b0
[  148.791000][ T7289]  ext4_append+0x238/0x474
[  148.791644][ T7289]  ext4_init_new_dir+0x264/0x4f4
[  148.792362][ T7289]  ext4_mkdir+0x3c0/0xa2c
[  148.792989][ T7289]  vfs_mkdir+0x314/0x4d4
[  148.793608][ T7289]  ovl_mkdir_real+0xa8/0x200
[  148.794277][ T7289]  ovl_workdir_create+0x2a4/0x634
[  148.795017][ T7289]  ovl_get_workdir+0x2fc/0x1068
[  148.795705][ T7289]  ovl_fill_super+0x139c/0x2294
[  148.796419][ T7289]  mount_nodev+0x68/0x104
[  148.797062][ T7289]  ovl_mount+0x3c/0x50
[  148.797667][ T7289]  legacy_get_tree+0xd4/0x16c
[  148.798349][ T7289]  vfs_get_tree+0x90/0x274
[  148.798992][ T7289]  do_new_mount+0x228/0x810
[  148.799657][ T7289]  path_mount+0x5b4/0xe78
[  148.800298][ T7289]  __arm64_sys_mount+0x49c/0x584
[  148.800997][ T7289]  invoke_syscall+0x98/0x2bc
[  148.801649][ T7289]  el0_svc_common+0x138/0x258
[  148.802343][ T7289]  do_el0_svc+0x58/0x13c
[  148.802935][ T7289]  el0_svc+0x58/0x138
[  148.803491][ T7289]  el0t_64_sync_handler+0x84/0xf0
[  148.804212][ T7289]  el0t_64_sync+0x18c/0x190
[  148.814357][ T7275] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  148.854192][ T7275] EXT4-fs warning (device loop3): ext4_dirblock_csum_verify:406: inode #2: comm syz.3.620: No space for directory leaf checksum. Please run e2fsck -D.
[  149.353390][   T47] Bluetooth: hci5: command 0x1003 tx timeout
[  149.393393][ T4321] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  149.453522][ T7275] EXT4-fs error (device loop3): ext4_readdir:223: inode #2: comm syz.3.620: path (unknown): directory fails checksum at offset 0
[  149.472570][ T4324] EXT4-fs (loop3): unmounting filesystem.
[  149.568948][ T5599] EXT4-fs (loop7): unmounting filesystem.