last executing test programs:

24m46.667071783s ago: executing program 32 (id=7):
gettid()
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000040)={0x28, 0x0, 0x2710, @local}, 0x10)
listen(r0, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000640)={0x28, 0x0, 0x2710, @local}, 0x10)
recvmmsg(r1, &(0x7f0000000100)=[{{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f00000005c0)=""/77, 0x4d}], 0x1}, 0x5}], 0x40000, 0x0, 0x0)
shutdown(r1, 0x0)

22m57.996639926s ago: executing program 33 (id=217):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0xfffffffffffffff8}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x6, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r2 = syz_init_net_socket$ax25(0x3, 0x3, 0x0)
getsockopt$ax25_int(r2, 0x101, 0x8, &(0x7f0000000080), 0x0)

16m53.711881846s ago: executing program 34 (id=881):
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
r0 = syz_io_uring_setup(0x23a, &(0x7f0000000480)={0x0, 0xa101, 0x0, 0x0, 0x2cf}, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000600)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000002280)=0xfffffffc, 0x0, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_SEND={0x1a, 0x20, 0x0, r5, 0x0, 0x0, 0x0, 0x4000100, 0x1})
io_uring_enter(r0, 0x47ba, 0x0, 0x0, 0x0, 0x0)

16m50.410103393s ago: executing program 35 (id=887):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
r3 = socket(0x10, 0x3, 0x0)
write(r3, &(0x7f0000000080)="1400000052004f030e789e7ee2ce2fa4ff612d27", 0x14)

14m50.254223721s ago: executing program 36 (id=1063):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000400)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x6, 0xa, 0x4)
mprotect(&(0x7f0000ff6000/0x8000)=nil, 0x8000, 0xb3d8aa3f318c3958)
r2 = syz_open_dev$vim2m(0x0, 0x0, 0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
setxattr$trusted_overlay_opaque(&(0x7f0000000280)='./file0\x00', &(0x7f00000003c0), &(0x7f0000000440), 0x2, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r2, 0xc0405602, &(0x7f0000000140)={0x814, 0x2, 0x0, "11010000001400000100b64c0000000f4cb85200000400", 0x49323159})
r3 = socket(0x1d, 0x2, 0x6)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045532, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps_rollup\x00')
r4 = openat$sysfs(0xffffff9c, &(0x7f0000000100)='/sys/power/pm_trace_dev_match', 0x0, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$sock_int(r3, 0x1, 0x28, &(0x7f00000000c0)=0x4, 0x4)
socket$key(0xf, 0x3, 0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
r6 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r6}, 0x2c, {'rootmode', 0x3d, 0x4000}})
write$FUSE_NOTIFY_RETRIEVE(r6, &(0x7f0000000100)={0x30, 0x5, 0x0, {0x0, 0x1, 0x0, 0x5}}, 0x30)
sendmsg$nl_route(r5, 0x0, 0x40000)
readv(r4, &(0x7f0000000780)=[{&(0x7f00000002c0)=""/255, 0xff}, {0x0}], 0x2)

11m35.251291111s ago: executing program 8 (id=1439):
r0 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000280), 0x4a0281, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x2000800001000088}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
sched_setaffinity(0x0, 0x66, &(0x7f0000000180)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_clone3(&(0x7f0000000380)={0x10f100, 0x0, 0x0, 0x0, {0x4000000}, &(0x7f0000000280)=""/200, 0xffffffffffffffee, 0x0, 0x0, 0xffffffffffffff50}, 0x58)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r0, 0x0)
r1 = syz_clone(0x19080, 0x0, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$IOC_WATCH_QUEUE_SET_SIZE(0xffffffffffffffff, 0x5760, 0x5e)

11m29.61851234s ago: executing program 8 (id=1445):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x38, &(0x7f0000000280)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, 0x0, 0x0)
r1 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r1, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10)
sendmsg$tipc(r1, &(0x7f0000000400)={&(0x7f00000008c0), 0x58, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x20)
socket$netlink(0x10, 0x3, 0xc)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, 0x0, 0x844)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000400850000003300000095"], &(0x7f0000000800)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r4, 0x5, 0xe, 0x0, &(0x7f0000000080)="0000000000040000000002015370", 0x0, 0xff, 0x0, 0xfffffd0a, 0x0, 0x0, 0x0, 0x3, 0x0, 0x401}, 0x1a)
r5 = syz_open_dev$dri(&(0x7f0000000000), 0x15, 0x1114c1)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
ioctl$F2FS_IOC_GARBAGE_COLLECT(r5, 0x4004f506, &(0x7f00000000c0)=0x4)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="440000001000370410008000ffdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="8345050001000000240012800b000100001400028008000b4080000000060005004e210000"], 0x44}, 0x1, 0x0, 0x0, 0x1}, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x1}, 0x6e)
close(r2)
r9 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='net\x00')
fsconfig$FSCONFIG_CMD_RECONFIGURE(r9, 0x7, 0x0, 0x0, 0x0)
sendmmsg$unix(r8, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mremap(&(0x7f000000d000/0x2000)=nil, 0xfffffffffffffe74, 0x1000, 0x3, &(0x7f0000007000/0x1000)=nil)

11m28.099287159s ago: executing program 8 (id=1450):
ioctl$COMEDI_DEVCONFIG(0xffffffffffffffff, 0x40946400, &(0x7f00000000c0)={'pcl726\x00', [0x3, 0x6, 0x1, 0x2, 0x2, 0xcc7, 0x8, 0x7, 0x654, 0x8, 0x2, 0x1, 0x6, 0x4, 0x6, 0xffffffff, 0x1, 0x1a449, 0x3, 0x40000002, 0x89, 0x3, 0xf23, 0x6, 0xb, 0x8, 0x3, 0x8, 0x4, 0x10000, 0xfffffff8]})

11m27.455154816s ago: executing program 8 (id=1452):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000340)={0xa, 0x4e22, 0x0, @dev={0xfe, 0x80, '\x00', 0x15}, 0xf}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, 0x0, 0x0)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000080)=@gcm_256={{0x303}, "000200", "e123c5876ff425b1ebe250a8486be34705f4f827ae60ecb65e528248d5552bff", "1b25837b", "15d0db2c77179e1a"}, 0x38)

11m26.7379733s ago: executing program 8 (id=1454):
socket$kcm(0x10, 0x2, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)
ioctl$AUTOFS_IOC_PROTOVER(r0, 0x80049363, &(0x7f0000000040))
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000180)=0x10000000005)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x400000000001, 0x0, 0x1, 0x0)
r2 = getpid()
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB], 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000300)={r3}, 0xc)
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffd000)
r4 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r4, 0x1, 0x0)
r5 = syz_open_dev$MSR(0x0, 0x0, 0x0)
ioprio_set$pid(0x0, r4, 0x4007)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000240)={{&(0x7f0000400000/0x1000)=nil, 0x20400000}, 0x1})
r6 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_CREATE_BUFS(r6, 0xc100565c, &(0x7f00000013c0)={0x0, 0x2, 0x2, {0x5, @vbi={0x0, 0x0, 0x4, 0x0, [], [0x8200], 0x1}}})
ioctl$BTRFS_IOC_INO_PATHS(r3, 0xc0389423, &(0x7f00000002c0)={0x8, 0x50, [0x2, 0x80000000, 0x0, 0x7], &(0x7f0000000340)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
write$sequencer(0xffffffffffffffff, 0x0, 0x10)
ioctl$VIDIOC_QBUF(r6, 0xc058565d, &(0x7f0000000200)=@fd={0x0, 0x5, 0x4, 0x0, 0x0, {}, {0x2, 0x0, 0x0, 0x0, 0x0, 0x75, "804000"}, 0x0, 0x2, {}, 0x20800})
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x22, 0x0, 0x0)

11m24.584118501s ago: executing program 8 (id=1457):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000900)=ANY=[@ANYBLOB="5c0800002c0007012bbd700000000000077c00000c00018006000600843b000009000280040071008c0000000800e400", @ANYRES32, @ANYBLOB="2d0529800c00f800030000000000000004006080fa003b800400df00c1becb03dbe55b6c782cebd6a7bc78a21d1bc9f3c1bd441ada5266780599eaf18965bbfcc07c2037129672275c399e1e03f8a0664d807385cc4d566f230400db800400498096d9641e8b1887b25501b11ecd71313a47df368b078d7b825bff33b9eab3964d7b2394b1950c7aeaba6014fe2cd33c89fd070ce0f1f306494a44adf6609d8ad55a5080b36b05cb0b9a57833b14fcd62c0aba0ac67f03b20e87ba6f3610a5bd1d3369ae014c8036c1e596b800991698810ff706e98871c17ad581b0695476273ac6c33a7a51d4a44a5b95684befe95ef49b03458bce89d87355f35b766b242b9f98b661269bb9255d836fb4e30d0000c72ec5561adf6112ca278273b4af42597e7bfa1f5c228f13161b34517c92bc352c017afac22d14047e6fbdc61536f9e51738ea935cb2a577ec2b788433bc13a9e976cfee267f36d988b766a29632c84c94d4cf31d780ef683293d7eacfc93f248d137affcae7cffa699237ea9c74919850dc164f1483f3f352bf7dd787191705b26936e1d090526b6ac5765df318f160cc84b15b94c662cf92611c9eb0b92bfbd3512bffed96a4150d653e130625b6ae5a78da2c4b9c70c736a224b18d89222095fbc4c61bcad1eb73be9c6efaaae48f871223694999b2a925a37138be8220008180cc20e57a92076b2308003200", @ANYRES32], 0x85c}, 0x1, 0x0, 0x0, 0x24048055}, 0xc000)
r3 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000240)='/dev/comedi1\x00', 0x20200, 0x0)
ioctl$COMEDI_DEVCONFIG(r3, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r3, 0x40946400, &(0x7f0000000300)={'aio_iiro_16\x00', [0x4f23, 0x7f, 0x1, 0x6, 0x1, 0xdea7, 0xc, 0x3, 0xa, 0xa6, 0xfffffffa, 0xffffffff, 0x401, 0x8000001, 0x6, 0x101, 0xf7fffffe, 0x5, 0x0, 0x40000001, 0x8c, 0xca9f, 0x0, 0x20001e58, 0xb, 0xc3, 0x3, 0x5, 0x800081, 0x0, 0x4]})

11m8.655802535s ago: executing program 37 (id=1457):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000900)=ANY=[@ANYBLOB="5c0800002c0007012bbd700000000000077c00000c00018006000600843b000009000280040071008c0000000800e400", @ANYRES32, @ANYBLOB="2d0529800c00f800030000000000000004006080fa003b800400df00c1becb03dbe55b6c782cebd6a7bc78a21d1bc9f3c1bd441ada5266780599eaf18965bbfcc07c2037129672275c399e1e03f8a0664d807385cc4d566f230400db800400498096d9641e8b1887b25501b11ecd71313a47df368b078d7b825bff33b9eab3964d7b2394b1950c7aeaba6014fe2cd33c89fd070ce0f1f306494a44adf6609d8ad55a5080b36b05cb0b9a57833b14fcd62c0aba0ac67f03b20e87ba6f3610a5bd1d3369ae014c8036c1e596b800991698810ff706e98871c17ad581b0695476273ac6c33a7a51d4a44a5b95684befe95ef49b03458bce89d87355f35b766b242b9f98b661269bb9255d836fb4e30d0000c72ec5561adf6112ca278273b4af42597e7bfa1f5c228f13161b34517c92bc352c017afac22d14047e6fbdc61536f9e51738ea935cb2a577ec2b788433bc13a9e976cfee267f36d988b766a29632c84c94d4cf31d780ef683293d7eacfc93f248d137affcae7cffa699237ea9c74919850dc164f1483f3f352bf7dd787191705b26936e1d090526b6ac5765df318f160cc84b15b94c662cf92611c9eb0b92bfbd3512bffed96a4150d653e130625b6ae5a78da2c4b9c70c736a224b18d89222095fbc4c61bcad1eb73be9c6efaaae48f871223694999b2a925a37138be8220008180cc20e57a92076b2308003200", @ANYRES32], 0x85c}, 0x1, 0x0, 0x0, 0x24048055}, 0xc000)
r3 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000240)='/dev/comedi1\x00', 0x20200, 0x0)
ioctl$COMEDI_DEVCONFIG(r3, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r3, 0x40946400, &(0x7f0000000300)={'aio_iiro_16\x00', [0x4f23, 0x7f, 0x1, 0x6, 0x1, 0xdea7, 0xc, 0x3, 0xa, 0xa6, 0xfffffffa, 0xffffffff, 0x401, 0x8000001, 0x6, 0x101, 0xf7fffffe, 0x5, 0x0, 0x40000001, 0x8c, 0xca9f, 0x0, 0x20001e58, 0xb, 0xc3, 0x3, 0x5, 0x800081, 0x0, 0x4]})

7m40.441720282s ago: executing program 0 (id=1951):
r0 = socket$kcm(0x10, 0x400000002, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0)
close(0xffffffffffffffff)
ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0xc004743e, 0x110e22fff6)
ioctl$TUNGETVNETLE(0xffffffffffffffff, 0x4010744d, &(0x7f0000000180))
r1 = creat(&(0x7f000001b000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0x94)
connect$bt_rfcomm(r1, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000780)={0x5, 0x98}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x5)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
getsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, 0x0, &(0x7f00000000c0))
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000002000)=""/102400, 0x19000)
signalfd4(r0, &(0x7f0000000000)={[0x3]}, 0x8, 0x80000)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
r4 = dup(r3)
sendmsg$nl_route_sched(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000dc0), 0x6df8}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x1}, 0x20040040)
setsockopt$inet6_tcp_TLS_TX(0xffffffffffffffff, 0x11a, 0x1, &(0x7f00000001c0)=@gcm_256={{0x304}, "6ae04425ace3f60c", "acba84f0a6731f234db1cc7f3f382ad796bd667cb12ea99509873931d2873103", "0f9dafb4", "ec3fff9afd96e6c0"}, 0x38)
ioctl$int_in(0xffffffffffffffff, 0x5452, &(0x7f00000002c0)=0x400000002)
sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000001080)="1c0000005e007f029ea69801d76ab0a272a2a788bab6c95f79725074", 0x1c}], 0x1}, 0x0)

7m39.31663686s ago: executing program 0 (id=1960):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[], 0x20}}, 0x40011)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x1c, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
setsockopt$inet6_buf(r0, 0x29, 0x39, 0x0, 0x0)
connect$inet6(r0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prlimit64(0x0, 0x1, 0x0, 0x0)
add_key(&(0x7f00000018c0)='big_key\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffe)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$key(0xf, 0x3, 0x2)
getsockopt$IP6T_SO_GET_REVISION_TARGET(r0, 0x29, 0x45, &(0x7f0000000040)={'IDLETIMER\x00'}, &(0x7f0000000780)=0x1e)

7m38.312810996s ago: executing program 0 (id=1963):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
syz_open_dev$sg(&(0x7f0000001bc0), 0x208, 0x2c41)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1e000000fe01000002000000020000004422e100", @ANYRES32, @ANYBLOB="06000000000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0300000085000000020000000200"], 0x50)
r1 = syz_open_dev$media(&(0x7f00000006c0), 0x2, 0x129081)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, r1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
ioctl$MEDIA_IOC_REQUEST_ALLOC(r1, 0x80047c05, &(0x7f0000000940)=<r5=>0xffffffffffffffff)
ioctl$BTRFS_IOC_INO_LOOKUP_USER(r5, 0x7c80, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e24, 0x2, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x40}}, 0xfffd}, 0x1c)
getsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x3d, &(0x7f00000000c0)=""/36, &(0x7f0000000140)=0x24)
r6 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r6, 0x107, 0xa, 0x0, 0x0)
getsockopt$packet_buf(r6, 0x107, 0x6, 0x0, &(0x7f0000000000))
setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000000)={0x6, @multicast2, 0x0, 0x2, 'dh\x00', 0x10, 0x5, 0x2d}, 0x2c)

7m35.404124893s ago: executing program 0 (id=1969):
r0 = socket$inet6_icmp(0xa, 0x2, 0x3a)
bind$inet6(r0, 0x0, 0x0)

7m34.024478905s ago: executing program 0 (id=1973):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
openat$nullb(0xffffffffffffff9c, 0x0, 0x4000000486c02, 0x0)
mkdir(&(0x7f0000000300)='./file0\x00', 0xfffffffffffffffe)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file2\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f00000000c0)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
chdir(&(0x7f0000000140)='./file0\x00')
ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0xc0189436, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x5f, 0x3})

7m31.755749121s ago: executing program 0 (id=1976):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000080))
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
r3 = openat$iommufd(0xffffffffffffff9c, 0x0, 0xccc80, 0x0)
ioctl$IOMMU_IOAS_ALLOW_IOVAS(r3, 0x3b82, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r5, 0x0, 0x4000000)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r1)
sendmsg$NL80211_CMD_LEAVE_OCB(r1, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x20, r6, 0x100, 0x70bd2c, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0xbf4, 0x24}}}}, ["", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x40}, 0x8801)
io_uring_setup(0x664c, &(0x7f0000000500)={0x0, 0xfffffffd, 0x4})
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x8, 0x8, 0x88}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xd, &(0x7f0000000f80)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000085000000a000000095"], &(0x7f0000000240)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x1, 0x0, 0xfffffffffffffffe, 0x2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001000)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000300000000000c00095000000000000002ba728041598d6fbd30cb599e83d24bd8137a3aa81e0ed139a85d36bb3019d13bd2321af3c2bd67ce68f15c0ec71d0e6adfefcf1d8f7faf75e0f226bd917060000007142fa9ea4318123751c0a0e168c1886d0d4d35379bd223ec839bc16ee988e6e0dc8cedf3ceb9fbfbf9b0a49ef42d430f6296b72a83438810720a159cda90363db3d221e152dfca64057ff3c4744aeaccd3641110bec4e9027a0c8055bbfc3a96d2e8910c2c39e4babe802f5ab3e89cf6c662ed40000000022278d00031e5388ee5c867ddd58211d6ece3ccb0cd2b6d3cffd962867a3a2f624f992daa94a6a556f3218ce740068725c37074e468ee207d2f73902ebcfcf49822775985bf31b715f5888b24efa190000000000000000000000000000ddffffff020000000000000000ddffffff0000b27cf3d1848a54d7132be1bfb0adf9deab3323aa9fdfb52faf9cb09c3bfd09000000b91ab219ef00bb7b3de8f67ffcad3f6c3c2b1f03550000000000001cf41ab11f12fb1e0a494034007de7c6592df1a6c64d8f20a67745409e011f1264d43f153b3d34889f40159e800ea2474b540500a30b23bcee46762e2093bcc9eae5ee3e980026c96f80ee1a00000000740750fa4d9aaa705989b8e673e3296e52d337c56abf112874ec51d6fe048ba6866adebab53168770a71ad901ace383e41d277b103923a9d961f7a2591dbe4a912ffaf6f658f3f9cd16286744f83a83f138f8f92efd92239eafcc5c1b3f97a297c9e49a0c3300ef7b7fb5f09e0c8a868a353409e34d3e82279637599f35ad3f7ffffff3cac394c7bbdcd0e0eb52162e0c410ade7000026a4e739c60f03cc4146a77af02c1d4cefd4a2b94c0aed8477dfa8ceefb467f05c6977c78cdbf3f704ec73754910fe050038ec9e47de89298b7bf4d769ccc18eedd9068ca1457870eb30d219e23ccc8e06dddeb61799257ab5000013c86ba99523d61a00000000c270246c878d01160e6c07bf6cf8809c3a0d062357ba2515567230a6f8b2ad1e1f4933545fc3c741374211663f6b63b1dd044dd0a2768e825972fc4300001467c89fa0f82e8440105051e5510a33dcda5e4e202bd622549c4cffffff501d3a5dd7143fbf221fff161c12ca389cbe0000000000000fff2ecf631c6c5fd9c26a54d43fa050b88d1d43a8645bd9109b7e07869bba7131421c0f397073943330baafd243c0c6ffe673bab4113be7664e08bdd7115c61afcb718cf3c4680b2f6c7a8400e378a9b15bc20f49e298727340e87cdefb40e56e9cfad9931b8c552b2c7c503f3d0e7a"], 0x0}, 0x94)
unshare(0x28000600)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000005c0)={&(0x7f00000002c0), 0x0, 0x0, 0x0, 0x3}, 0x38)
ioctl$RTC_ALM_SET(0xffffffffffffffff, 0x40247007, &(0x7f0000000000)={0x1, 0x2e, 0xf, 0x3, 0x7, 0x10, 0x6, 0xa0, 0x1})
getpriority(0x2, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000080)={'netdevsim0\x00', &(0x7f0000000000)=@ethtool_sfeatures={0x33}})
connect$nfc_llcp(r2, &(0x7f0000000180)={0x27, 0x0, 0xffffffffffffffff, 0x4, 0xf, 0xbd, "4aa2940d2d313d8d264b584544b7862882233de393f57bb194a744e0bf6a373e9e4716b84800ec2b6f8ab865c3aac026c3060100", 0x29}, 0x5f)
sendmsg$nl_generic(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)={0x20, 0x2e, 0x9, 0x70bd27, 0x0, {0x4}, [@nested={0xc, 0x16, 0x0, 0x1, [@typed={0x6, 0x2a, 0x0, 0x0, @binary="f4f7"}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x42804}, 0x80000)

7m16.662325116s ago: executing program 38 (id=1976):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000080))
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
r3 = openat$iommufd(0xffffffffffffff9c, 0x0, 0xccc80, 0x0)
ioctl$IOMMU_IOAS_ALLOW_IOVAS(r3, 0x3b82, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r5, 0x0, 0x4000000)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r1)
sendmsg$NL80211_CMD_LEAVE_OCB(r1, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x20, r6, 0x100, 0x70bd2c, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0xbf4, 0x24}}}}, ["", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x40}, 0x8801)
io_uring_setup(0x664c, &(0x7f0000000500)={0x0, 0xfffffffd, 0x4})
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x8, 0x8, 0x88}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xd, &(0x7f0000000f80)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000085000000a000000095"], &(0x7f0000000240)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x1, 0x0, 0xfffffffffffffffe, 0x2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001000)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000300000000000c00095000000000000002ba728041598d6fbd30cb599e83d24bd8137a3aa81e0ed139a85d36bb3019d13bd2321af3c2bd67ce68f15c0ec71d0e6adfefcf1d8f7faf75e0f226bd917060000007142fa9ea4318123751c0a0e168c1886d0d4d35379bd223ec839bc16ee988e6e0dc8cedf3ceb9fbfbf9b0a49ef42d430f6296b72a83438810720a159cda90363db3d221e152dfca64057ff3c4744aeaccd3641110bec4e9027a0c8055bbfc3a96d2e8910c2c39e4babe802f5ab3e89cf6c662ed40000000022278d00031e5388ee5c867ddd58211d6ece3ccb0cd2b6d3cffd962867a3a2f624f992daa94a6a556f3218ce740068725c37074e468ee207d2f73902ebcfcf49822775985bf31b715f5888b24efa190000000000000000000000000000ddffffff020000000000000000ddffffff0000b27cf3d1848a54d7132be1bfb0adf9deab3323aa9fdfb52faf9cb09c3bfd09000000b91ab219ef00bb7b3de8f67ffcad3f6c3c2b1f03550000000000001cf41ab11f12fb1e0a494034007de7c6592df1a6c64d8f20a67745409e011f1264d43f153b3d34889f40159e800ea2474b540500a30b23bcee46762e2093bcc9eae5ee3e980026c96f80ee1a00000000740750fa4d9aaa705989b8e673e3296e52d337c56abf112874ec51d6fe048ba6866adebab53168770a71ad901ace383e41d277b103923a9d961f7a2591dbe4a912ffaf6f658f3f9cd16286744f83a83f138f8f92efd92239eafcc5c1b3f97a297c9e49a0c3300ef7b7fb5f09e0c8a868a353409e34d3e82279637599f35ad3f7ffffff3cac394c7bbdcd0e0eb52162e0c410ade7000026a4e739c60f03cc4146a77af02c1d4cefd4a2b94c0aed8477dfa8ceefb467f05c6977c78cdbf3f704ec73754910fe050038ec9e47de89298b7bf4d769ccc18eedd9068ca1457870eb30d219e23ccc8e06dddeb61799257ab5000013c86ba99523d61a00000000c270246c878d01160e6c07bf6cf8809c3a0d062357ba2515567230a6f8b2ad1e1f4933545fc3c741374211663f6b63b1dd044dd0a2768e825972fc4300001467c89fa0f82e8440105051e5510a33dcda5e4e202bd622549c4cffffff501d3a5dd7143fbf221fff161c12ca389cbe0000000000000fff2ecf631c6c5fd9c26a54d43fa050b88d1d43a8645bd9109b7e07869bba7131421c0f397073943330baafd243c0c6ffe673bab4113be7664e08bdd7115c61afcb718cf3c4680b2f6c7a8400e378a9b15bc20f49e298727340e87cdefb40e56e9cfad9931b8c552b2c7c503f3d0e7a"], 0x0}, 0x94)
unshare(0x28000600)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000005c0)={&(0x7f00000002c0), 0x0, 0x0, 0x0, 0x3}, 0x38)
ioctl$RTC_ALM_SET(0xffffffffffffffff, 0x40247007, &(0x7f0000000000)={0x1, 0x2e, 0xf, 0x3, 0x7, 0x10, 0x6, 0xa0, 0x1})
getpriority(0x2, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000080)={'netdevsim0\x00', &(0x7f0000000000)=@ethtool_sfeatures={0x33}})
connect$nfc_llcp(r2, &(0x7f0000000180)={0x27, 0x0, 0xffffffffffffffff, 0x4, 0xf, 0xbd, "4aa2940d2d313d8d264b584544b7862882233de393f57bb194a744e0bf6a373e9e4716b84800ec2b6f8ab865c3aac026c3060100", 0x29}, 0x5f)
sendmsg$nl_generic(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)={0x20, 0x2e, 0x9, 0x70bd27, 0x0, {0x4}, [@nested={0xc, 0x16, 0x0, 0x1, [@typed={0x6, 0x2a, 0x0, 0x0, @binary="f4f7"}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x42804}, 0x80000)

6m39.688887313s ago: executing program 1 (id=2085):
socket$kcm(0x2d, 0x2, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_GET(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000000)=ANY=[@ANYRES64=0x0], 0x10}, 0x1, 0x0, 0x0, 0xa0f0d2ee7e986339}, 0x81)
prlimit64(0x0, 0x6, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000700)='mounts\x00')
socket$nl_route(0x10, 0x3, 0x0)
socket(0x1, 0x80000, 0x3a)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x6, 0x8, 0x8001, 0x0, 0x9, 0x4, 0xfffffe0000000001, 0xfa14, 0xffffffff}, 0x0)
r4 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000100), 0x800, 0x0)
ioctl$IMDELTIMER(r4, 0x80044941, &(0x7f00000000c0)=0x2)
openat$vimc2(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = syz_open_dev$evdev(&(0x7f0000000080), 0xa, 0x300)
ioctl$EVIOCGEFFECTS(r6, 0x80044584, &(0x7f0000000200)=""/238)
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000f40)=@raw={'raw\x00', 0x8, 0x3, 0x478, 0x1c0, 0xffffffff, 0xffffffff, 0x1c0, 0xffffffff, 0x3a8, 0xffffffff, 0xffffffff, 0x3a8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@remote, @loopback, [0xff, 0x0, 0xff, 0xff], [0xffffffff, 0xff, 0xff], 'team_slave_0\x00', 'netdevsim0\x00', {}, {0xff}, 0x29, 0x3, 0x0, 0x60}, 0x0, 0x1a0, 0x1c0, 0x60030000, {0x0, 0xff000000}, [@common=@inet=@recent0={{0xf8}, {0x9, 0x2, 0x24, 0x0, 'syz0\x00'}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0x1c8, 0x1e8, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x1, 0x1, 'syz0\x00', 0xfe}}, @common=@mh={{0x28}, {"b11c", 0x1}}]}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4d8)
quotactl_fd$Q_GETFMT(0xffffffffffffffff, 0xffffffff80000402, 0xffffffffffffffff, 0x0)
ioprio_set$pid(0x3, 0x0, 0x0)
ioprio_get$uid(0x3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r0, 0x8983, &(0x7f0000003640)={0x0, 'hsr0\x00', {0x1}, 0x7})
r7 = open(&(0x7f00000003c0)='./file0\x00', 0x48040, 0x0)
finit_module(r7, 0x0, 0x2)
socket$kcm(0x2, 0xa, 0x2)

6m37.665192943s ago: executing program 1 (id=2088):
timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000300))
fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
symlink(&(0x7f0000000040)='.\x00', &(0x7f0000000100)='./file0\x00')
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x41, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x800, 0x5, 0xc000, 0xe, "0062ba7d8200000016001b000200f705096604"})
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
ioctl$FS_IOC_RESVSP(r1, 0xc0189436, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x5f, 0x3})

6m36.199253422s ago: executing program 1 (id=2090):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0)
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, &(0x7f0000000080), 0x4a)
epoll_pwait2(0xffffffffffffffff, &(0x7f0000000040)=[{}], 0x1, 0x0, 0x0, 0x0)
sendmmsg$inet(r1, &(0x7f0000001540)=[{{0x0, 0xfffffffffffffda1, 0x0}}], 0x40001b6, 0x0)
close(r2)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
timerfd_settime(0xffffffffffffffff, 0x3, 0x0, 0x0)
r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f000068c000/0xc000)=nil, &(0x7f0000817000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r4 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0x30bd, 0xc000, 0x8, 0x40000183})
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x12, 0x3, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x80000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="16"], 0x50)
io_uring_enter(r4, 0x2219, 0x7721, 0x16, 0x0, 0x0)
ioctl$VHOST_SET_OWNER(r3, 0xaf01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r3, 0x4008af03, &(0x7f0000003a00))
ioctl$VHOST_SET_FEATURES(r3, 0x4008af00, &(0x7f0000000000)=0x200000000)
ioctl$VHOST_VSOCK_SET_RUNNING(r3, 0x4004af61, &(0x7f0000000100)=0x1)

6m34.746990978s ago: executing program 1 (id=2094):
r0 = syz_open_dev$vim2m(&(0x7f0000000240), 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000780)={0x1, @pix_mp={0x0, 0x7, 0x32315659, 0xa, 0x1, [{0x0, 0x3}, {0xe12, 0xffff}, {0x0, 0x8000}, {0x9, 0x9}, {0x9, 0x9}, {0xc}, {0x4, 0x2}, {0xdf70, 0x8}], 0x3, 0x7, 0x3, 0x1, 0x3}})
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000080)={0xf5ca, 0x2, 0x2, 0x0, 0x6})
syz_init_net_socket$nl_generic(0x9, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, 0x0, 0x0)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
timer_create(0x9, 0x0, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_BLANKSCREEN(0xffffffffffffffff, 0x541c, &(0x7f0000000040))
syz_emit_ethernet(0x3a, &(0x7f0000000000)={@local, @remote, @void, {@ipv4={0x800, @tcp={{0x6, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local, {[@timestamp_addr={0x44, 0x4, 0x79, 0x1, 0xc}]}}, {{0x4e22, 0x4001, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}, 0x0)
r4 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$ARPT_SO_SET_REPLACE(r4, 0x0, 0x60, &(0x7f0000000440)={'filter\x00', 0xb001, 0x4, 0x3f0, 0x0, 0xe8, 0x0, 0x308, 0x308, 0x308, 0x7fffffe, 0x0, {[{{@arp={@multicast1, @broadcast, 0xff000000, 0xff, 0x9, 0x12, {@empty, {[0x0, 0x0, 0x0, 0xff, 0xff]}}, {@empty, {[0xff, 0xff, 0x0, 0xff, 0xff]}}, 0x0, 0x3, 0x3, 0xa90a, 0x6, 0x3ff, 'veth0_vlan\x00', 'wg2\x00', {0xff}, {0xff}, 0x0, 0x71}, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0x1f8}}, {{@arp={@empty, @loopback, 0x0, 0xffffffff, 0xe, 0x2, {@mac=@local, {[0xff, 0xff, 0x0, 0xff, 0xff]}}, {@mac=@random="8e932bc3db22", {[0x0, 0xff, 0x0, 0xff]}}, 0x0, 0x0, 0x400, 0x4fd9, 0x0, 0x98dc, 'team_slave_1\x00', 'macsec0\x00', {0xff}, {0xff}, 0x0, 0x280}, 0xc0, 0x110, 0x0, {0x0, 0x1e03}}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @multicast2, @loopback, 0xf, 0x1}}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@dev={'\xaa\xaa\xaa\xaa\xaa', 0x35}, @loopback, @multicast1, 0xf}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x440)
r5 = socket(0xa, 0x3, 0xff)
setsockopt$inet6_int(r5, 0x29, 0x5, &(0x7f0000000040)=0xfffffff9, 0x4)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000c80)={'lo\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newqdisc={0x9c, 0x24, 0x4ee4e6a52ff56541, 0x2000000, 0x0, {0x0, 0x0, 0x0, r8, {}, {0xffff, 0xffff}, {0x0, 0xa}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x6c, 0x2, {{}, [@TCA_NETEM_LOSS={0x30, 0x5, 0x0, 0x1, [@NETEM_LOSS_GE={0x14}, @NETEM_LOSS_GI={0x18}]}, @TCA_NETEM_RATE={0x14, 0xd}, @TCA_NETEM_CORRUPT={0xc}]}}}]}, 0x9c}}, 0x0)

6m33.041100725s ago: executing program 1 (id=2098):
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
setsockopt$bt_BT_VOICE(0xffffffffffffffff, 0x112, 0x13, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000240), 0x10)
r0 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0x10, &(0x7f0000000340)=ANY=[@ANYBLOB, @ANYBLOB], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000003f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x20}, 0x15)
read$msr(r0, &(0x7f0000001a40)=""/102392, 0x18ff8)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
mremap(&(0x7f00007ff000/0x4000)=nil, 0x4000, 0x4000, 0x7, &(0x7f0000580000/0x4000)=nil)
socket(0x2, 0x80805, 0x0)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000040)={0x84, @loopback, 0x4e20, 0x3, 'wrr\x00', 0x1, 0x2, 0x6a}, 0x2c)
syz_open_dev$tty20(0xc, 0x4, 0x1)
sendmsg$sock(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000440)=@rxrpc=@in4={0x21, 0xffff, 0x2, 0x10, {0x2, 0x4e21, @loopback}}, 0x80, 0x0, 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB], 0x10b8}, 0x20000000)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)

6m29.849555224s ago: executing program 1 (id=2105):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0)
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, &(0x7f0000000080), 0x4a)
epoll_pwait2(0xffffffffffffffff, &(0x7f0000000040)=[{}], 0x1, 0x0, 0x0, 0x0)
sendmmsg$inet(r1, &(0x7f0000001540)=[{{0x0, 0xfffffffffffffda1, 0x0}}], 0x40001b6, 0x0)
close(r2)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
timerfd_settime(0xffffffffffffffff, 0x3, 0x0, 0x0)
r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f000068c000/0xc000)=nil, &(0x7f0000817000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r4 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0x30bd, 0xc000, 0x8, 0x40000183})
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x12, 0x3, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x80000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="16"], 0x50)
io_uring_enter(r4, 0x2219, 0x7721, 0x16, 0x0, 0x0)
ioctl$VHOST_SET_OWNER(r3, 0xaf01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r3, 0x4008af03, &(0x7f0000003a00))
ioctl$VHOST_SET_FEATURES(r3, 0x4008af00, &(0x7f0000000000)=0x200000000)
ioctl$VHOST_VSOCK_SET_RUNNING(r3, 0x4004af61, &(0x7f0000000100)=0x1)

6m14.709102934s ago: executing program 39 (id=2105):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0)
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, &(0x7f0000000080), 0x4a)
epoll_pwait2(0xffffffffffffffff, &(0x7f0000000040)=[{}], 0x1, 0x0, 0x0, 0x0)
sendmmsg$inet(r1, &(0x7f0000001540)=[{{0x0, 0xfffffffffffffda1, 0x0}}], 0x40001b6, 0x0)
close(r2)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
timerfd_settime(0xffffffffffffffff, 0x3, 0x0, 0x0)
r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f000068c000/0xc000)=nil, &(0x7f0000817000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r4 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0x30bd, 0xc000, 0x8, 0x40000183})
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x12, 0x3, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x80000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="16"], 0x50)
io_uring_enter(r4, 0x2219, 0x7721, 0x16, 0x0, 0x0)
ioctl$VHOST_SET_OWNER(r3, 0xaf01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r3, 0x4008af03, &(0x7f0000003a00))
ioctl$VHOST_SET_FEATURES(r3, 0x4008af00, &(0x7f0000000000)=0x200000000)
ioctl$VHOST_VSOCK_SET_RUNNING(r3, 0x4004af61, &(0x7f0000000100)=0x1)

3m3.686970283s ago: executing program 2 (id=2609):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$uinput_user_dev(r1, &(0x7f0000000a00)={'syz1\x00', {0x9, 0x7, 0x3, 0x5}, 0x3f, [0x9, 0x2, 0x18, 0x2, 0x2, 0x400, 0x80400000, 0x0, 0x8, 0x0, 0x6, 0x2, 0xfffffffb, 0x39, 0x747d5e13, 0x800, 0xfffffb9a, 0xfffffffe, 0x0, 0xfffffffb, 0x2004, 0x3, 0x0, 0xf250, 0x80, 0x4800, 0x300000, 0x7, 0xe, 0x4623f, 0x0, 0x10001, 0x1ff, 0x8003, 0x0, 0x3, 0xd, 0x3, 0xba55, 0x8da8, 0x4, 0x200, 0x2, 0x4, 0xe, 0x4, 0x2, 0x6f, 0x8, 0x9, 0x1, 0x8001, 0x6, 0x2, 0x9, 0xfffbffff, 0x4, 0x6, 0x1000, 0x5, 0x3d, 0x8, 0xa, 0x5], [0x1, 0x1e, 0x3, 0x8000, 0xfffffffd, 0x3, 0x0, 0x25, 0x7, 0xfffffffc, 0x8, 0x7fff, 0x72c, 0x1c32, 0x3, 0x6, 0x10000, 0x400, 0x7ffd, 0x3, 0x1, 0xf, 0x5, 0x0, 0x981, 0x4, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x1000001, 0x10, 0xfffffff9, 0xfffffffd, 0x7, 0x1, 0xffffffff, 0x6, 0x8, 0x800, 0x7, 0x6, 0x96, 0xfffffff9, 0x2, 0x0, 0x2, 0x411, 0xc, 0x3, 0x379, 0x9, 0xe, 0x5, 0x7, 0x6, 0x2, 0x1, 0x1, 0x8, 0x7, 0x200, 0x3], [0x401, 0x4d, 0xffff, 0xcd3, 0x7, 0x1f, 0x404, 0x4, 0x4008, 0xc, 0x7, 0x9, 0xe8b, 0x5, 0x80000001, 0x8, 0x3f92, 0x1000, 0x0, 0x10, 0x1, 0xfffffff9, 0x0, 0x1000, 0x80040101, 0x5, 0x4, 0x5, 0x200003, 0x2, 0x5, 0x80, 0x9, 0x8001, 0x10000, 0x0, 0x7, 0x400004, 0x3, 0x6d7e, 0x3, 0x8, 0x3, 0xbf23, 0x6, 0x9, 0x956, 0x0, 0x3ff, 0xe, 0x6, 0x100fffd, 0x2005, 0x400, 0x4, 0xea, 0x9, 0x20000005, 0x3, 0xd9, 0x0, 0x7d, 0x5d7, 0x7], [0x108e, 0xffff, 0x7, 0x3, 0x88, 0x2, 0x4000000, 0x4, 0x4c, 0x2, 0x763, 0xb, 0x402, 0x1, 0x9, 0x4001000, 0x7f, 0x5, 0x3fa6, 0x4, 0x0, 0x5, 0x6, 0x4, 0xe47, 0x4, 0x3, 0x4, 0x2, 0x2851, 0x3b, 0x20000001, 0x5, 0x5, 0xa80a, 0x65f413f9, 0x4, 0x20006, 0x8a5, 0x86, 0x44, 0x409, 0x3, 0x4, 0x4, 0x10, 0xe, 0xffffffff, 0x7fff, 0xffff8a33, 0xfffffff9, 0x401, 0x3, 0x200, 0x7, 0x4edf, 0xfffffffd, 0xa, 0xe, 0x2, 0xf, 0xf, 0x136, 0x7fffffff]}, 0x45c)
ioctl$UI_DEV_CREATE(r1, 0x5501)
readv(r1, &(0x7f0000001240)=[{&(0x7f00000012c0)=""/41, 0x29}], 0x1)
ioctl$UI_DEV_DESTROY(r1, 0x5502)

3m2.558626561s ago: executing program 2 (id=2613):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000280), 0x3000c11, &(0x7f00000000c0)={[{@mpol={'mpol', 0x3d, {'interleave', '', @val={0x3a, [0x33, 0x4e, 0x3a, 0x36, 0x2f, 0x34]}}}, 0x4e}]})

3m1.762398273s ago: executing program 2 (id=2614):
socket$kcm(0x2d, 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_GET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000000)=ANY=[@ANYRES64=0x0], 0x10}, 0x1, 0x0, 0x0, 0xa0f0d2ee7e986339}, 0x81)
prlimit64(0x0, 0x6, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000700)='mounts\x00')
socket$nl_route(0x10, 0x3, 0x0)
socket(0x1, 0x80000, 0x3a)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x6, 0x8, 0x8001, 0x0, 0x9, 0x4, 0xfffffe0000000001, 0xfa14, 0xffffffff}, 0x0)
r3 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000100), 0x800, 0x0)
ioctl$IMDELTIMER(r3, 0x80044941, &(0x7f00000000c0)=0x2)
openat$vimc2(0xffffffffffffff9c, 0x0, 0x2, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$EVIOCGEFFECTS(0xffffffffffffffff, 0x80044584, &(0x7f0000000200)=""/238)
ioprio_get$uid(0x3, 0x0)

2m53.903090059s ago: executing program 2 (id=2627):
socket$inet6_sctp(0xa, 0x1, 0x84)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000a50000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7050000080000a8c5000000a5000000180100002020640500000000002020207b1af8fe00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b300000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x35, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000140), 0x0, 0x1000, 0x2)

2m52.575773572s ago: executing program 2 (id=2630):
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x8041, 0x0)
write$dsp(r0, &(0x7f00000001c0), 0x0)
ioctl$SNDCTL_DSP_SYNC(r0, 0x5001, 0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000440)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$SNDCTL_DSP_SUBDIVIDE(r0, 0xc0045009, &(0x7f0000000040)=0x2fff)

2m51.701362127s ago: executing program 2 (id=2633):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r0, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
mkdir(&(0x7f0000000300)='./file0\x00', 0xfffffffffffffffe)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file2\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f00000000c0)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
chdir(&(0x7f0000000140)='./file0\x00')
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpu.stat\x00', 0x275a, 0x0)
ioctl$FS_IOC_RESVSP(r2, 0xc0189436, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x5f, 0x3})

2m35.651385177s ago: executing program 40 (id=2633):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r0, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
mkdir(&(0x7f0000000300)='./file0\x00', 0xfffffffffffffffe)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file2\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f00000000c0)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
chdir(&(0x7f0000000140)='./file0\x00')
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpu.stat\x00', 0x275a, 0x0)
ioctl$FS_IOC_RESVSP(r2, 0xc0189436, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x5f, 0x3})

17.685503051s ago: executing program 3 (id=3086):
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x0, &(0x7f0000000a00)={[{@init_itable_val={'init_itable', 0x3d, 0x1}}, {@errors_remount}, {@resgid}, {@barrier}, {@quota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x400}}]}, 0x1, 0x783, &(0x7f0000001340)="$eJzs3M9rXOUaAOD3nGaa/si9kwt3ce+mCi20UDpJmk27Mm7ETaFQcFtDMgkhJ5mSmdQkFpq6E4TabFQE0b1Lt0Kpf4A7KSi4F0RrXKibkTOZTNt0Zjptk04bnwdO5vvOfN9533dm8uUcyJkA/rFezX8kEUMRcTEiis39aUQcbLQORaxvjdu8d20q35Ko1y/9kuTTYrNebB0raT4ejcaU+F9E3ClEnH7v0bjV1bX5ySwrLzX7I7WFKyPV1bUzcwuTs+XZ8uLY+PnRc+Pj50bHd63WE2+dP3zr2zc2Nr77qnbz2MCZJCYadUeztl0L9ICt16QQEzv2L+5FsD5Kehgz8BzyAACgu/w8/0Dz3KwQxTjQ7SzNCRwAAAC8lOqD9V792fNIAAAA4AWTRL8zAAAAAPbW9v8BbN/bu1f3wXby8+sRMdwu/kDjHuKIQ1GIiCObyUO3HyRb0+CZrN+IiNsTbT5/vdzR3N3o/ebh3Tkiu+12vv5MtFt/0tb6E23Wn4Ht7054Rp3Xv/vxD3RY/y72GOPrz/5f6Bj/RnXl/WPt4iet+EmH+G/3GP/mxge3Oj1X/yLiZNu/P8lDsbp8P8TIzFzW7lerle6dv07d7Vx/xJFH4idJI2rSvf4rPdb/7uZv8+td4p863v3934o/+NC8/DPxYTOPNCJuNR/z/saOGMcXvv/m0cjJ+nb86Q6vf/v3/81W/Z/3WP+PXw6u9DgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGtKIGIokLbXaaVoqRRyNiP/GkTSrVGunZyrLi9P5cxHDUUhn5rLyaEQUt/pJ3h9rtO/3z+7oj0fEf344vBV0LiuXpirZdL+LBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoOVoRAxFkpYiIo2I34tpWir1OysAAABg1w33OwEAAABgz7n+BwAAgP3vaa//k13OAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjXLl64kG/1zXvXpvL+9NXV5fnK1TPT5ep8aWF5qjRVWbpSmq1UZrNyaaqy8LjjpRExdj6WV0Zq5WptpLq6dnmhsrxYuzy3MDlbvlwuPJeqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFJDjS1JSxGRNtppWipF/CsihqOQzMxl5dGI+HdE3C0WBvP+WL+TBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNdVV9fmJ7OsvPRyN+r7q5yeG5FEvABpdGh80nxXuo1J1iP6nmraTPRZjhPxJLOuP+Zl6XfjlT6tRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9Fd1dW1+MsvKS9V+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEB/pT8lEZFvJ4snhnY+ezD5o9h4jIh3Pr300cpkrbY0lu//tbW/9nFz/9kHJl5/njUAAADAvvfakwzevk7fvo4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoVXV1bX4yy8pLe9iIG/2uEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBp/BwAA//9Js7nR")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x0)
write$P9_RREADLINK(r0, &(0x7f0000000000)={0xffffffffffffff23, 0x17, 0x2, {0x7, './file0'}}, 0xfffffdab)
openat$ptp0(0xffffffffffffff9c, 0x0, 0x40, 0x0)
fadvise64(r0, 0x7f, 0x0, 0x4)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x8042, 0x60)
r2 = open(&(0x7f0000000240)='./file1\x00', 0xcd042, 0x0)
sendfile(r2, r1, 0x0, 0x80000000c)

16.982590343s ago: executing program 6 (id=3089):
openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0)
write$cgroup_devices(r0, &(0x7f0000000000)=ANY=[], 0x9)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x94)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
getdents(r1, &(0x7f0000000640)=""/210, 0xd2)

15.398217876s ago: executing program 3 (id=3098):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r2, &(0x7f0000000100)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r3 = socket$unix(0x1, 0x2, 0x0)
connect$unix(r3, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
writev(r3, &(0x7f0000000240)=[{&(0x7f0000000000)="f1", 0x1}], 0x1)
setsockopt$SO_TIMESTAMP(r2, 0x1, 0x23, &(0x7f0000000080)=0x6, 0x26)
recvmmsg(r2, &(0x7f0000000300), 0x40000000000049e, 0x1000000000fe, 0x0)

13.950665074s ago: executing program 4 (id=3100):
r0 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, 0x0, 0x0)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @loopback, 0x4a}, 0x1c)

13.284584948s ago: executing program 4 (id=3103):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc0241, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, 0x0)
socket$packet(0x11, 0x3, 0x300)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$TUNDETACHFILTER(r2, 0x401054d6, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0xffffffff)
openat$cuse(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
syz_open_dev$sndctrl(&(0x7f0000000440), 0x1, 0x103000)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000002340), 0x40800)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r3, 0xc058534f, &(0x7f0000002380)={{0x0, 0x1}, 0x0, 0x0, 0x2, {0x4}, 0x3, 0x100800})
add_key$keyring(&(0x7f0000000140), &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffc)
getsockopt$IP_VS_SO_GET_INFO(r1, 0x0, 0x481, &(0x7f0000000240), &(0x7f00000002c0)=0xa)
bind$alg(0xffffffffffffffff, &(0x7f00000003c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(serpent)\x00'}, 0x58)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETFLOWTABLE(r4, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xf, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000750000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000"], 0x0, 0xfffffffe, 0x0, 0x0, 0x40f00, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1c, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000940)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe26}, 0x94)
bind$alg(0xffffffffffffffff, &(0x7f0000000140)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_sha256\x00'}, 0x58)
socket$nl_route(0x10, 0x3, 0x0)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r5, &(0x7f0000000040), 0x6)
ioctl$sock_bt_hci(r5, 0x400448e6, &(0x7f0000000500)="d7")

13.121983386s ago: executing program 6 (id=3104):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, 0x0, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000007c0)=@newchain={0x24, 0x64, 0x1, 0x70bd27, 0x25dfdbfb, {0x0, 0x0, 0x0, r2, {0xfff1, 0xc}, {0x2, 0xc}, {0xfff2, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x24044801}, 0x20040000)

12.964151959s ago: executing program 9 (id=3106):
bind$alg(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000032680)=""/102392, 0x18ff8)
capset(&(0x7f0000000040)={0x20071026}, &(0x7f00000002c0)={0x6, 0x6, 0x1000002, 0x87, 0xffffffff, 0x3fe})
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000480)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x4000000}, 0x50)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000340)={0x1b, 0x0, 0x0, 0x40000, 0x0, r4, 0xfff}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x15, 0x1c, &(0x7f0000000100)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xbda}, {{0x18, 0x1, 0x1, 0x0, r5}, {}, {0x7, 0x0, 0xb, 0x6}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x0, 0x2}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x6, 0x1, 0xa, 0x9, 0x8}, {0x7, 0x0, 0x0, 0x8}, {0x7, 0x1, 0xb, 0x4, 0x8}, {}, {0x7, 0x0, 0xc}, {0x18, 0x6, 0x2, 0x0, r4}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_reuseport=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x4000840)

12.625026499s ago: executing program 6 (id=3107):
creat(&(0x7f0000000040)='./bus\x00', 0x100)
r0 = syz_open_dev$dmmidi(&(0x7f0000000300), 0x2, 0x181083)
ioctl$SNDRV_RAWMIDI_IOCTL_PVERSION(r0, 0x40045702, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[], 0x48)
openat$audio(0xffffffffffffff9c, 0x0, 0x109842, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0xffffffffffffff15, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r0, 0xc0305710, &(0x7f0000000000)={0x0, 0x3, 0x2, 0x1, 0x5})

11.599873213s ago: executing program 6 (id=3109):
symlink(0x0, &(0x7f0000000000)='./file1\x00')
symlink(&(0x7f0000000280)='./file1/file0\x00', &(0x7f00000002c0)='./file0\x00')
sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000200)=[{0x0}, {0x0}, {&(0x7f0000001840)="d2c8bbfdd70c78f2e73169b327647cc00e84f9feec700ee7746238b2cca03528c1abf42af8e97979d1fd47b7278b23f58aa28da5e3921f1eec6e4d907ece75185ad88e2651cfacec3758eae123fee72680a98bb57665de5d2b88b93c256bfefc97388108ca6c9b9a6ed30d881058e54558d3fe8f0f975ee4d4b2909699e97f9fda0ee13a9a1f86b0110517e8541097a8c5232bbe0a3a350d473fa904d9b47be441fdde1c38b1fd6403a5e2ddeef7b08c5692aadc626055b0ae5a0a662207318d086def92676b611ca79e62c689f1446f68e1ad373c953d01c828a35ddf56fa446e2fbf184ff6be4e07b0ce0a69727f6b267f1c4794b587780aae2e818d1fe00374fdea4fdd8bdf464988d5a3d42963344c0e29260b9bdd6cd9004d5dd89837f6a3a8086b0b3492f078fac15757038b57b11212acff742d2738602ae0c2d0a914541b6005dbb33902183a71964e4f191f5f98e9a2f8080e619ccc8b0af3bc55e117093278f322774608ecdb7508124567abd0b6bb48d742f4ca82eb53b0582f3744ea65be7565b36799c6ebfc0c20a8b2ead1c1ad70fef50081f056eba8e55bedb445eb800c8f66d86d7eee70cbff19dc79d0affa7682bf7f4a2fbc3956f1332c293c079945928f86062c4f53bae77aa699259eba375ad88c0a9379dbe4a723887de29a67e9ec14d13e0e06be7275c0860aeb2cbda0cfd450044de76f9d52f882aa13c2a85fea0f767bea97a3d8f4bc5cefc33bdf9e0e3e8957127e29d4d27953bbf4578919edec232c1a8c807b6b5fd507db91e31016f745b3ba71501b872e4a9c7f6a1f559b5417b063c965d0cce9b049e5c17c34b3738db08f4b33fcf5b3ebe81a96c0af70fbf6920680b36f6f7c636510081ee80109eba9419ea8153e3b0613a0faaea5c15113f2113a13dfd34db9d9d29048519484a0d6e75769cb8138038a79f8127d1deb2d596cd179e9900cdb963ffa62e5eaed926026ba14dccafcb115fad87966111d2e5358b7cd913b378c0028cc1630a477643997c3e93c398655b47b6038dabd0ae991217bcdec7b50e9aba8a1a4a21ffa5b10e813e072ee5a0284e808646e9d33d8f5e72ad5664ddf4e1454f02509b59abdd18550baab0981c4cadf56a24bff2ae627b9d8071b1941e234682c941e56efb54cd0786bd775afce04c6f3e1d9cf64fff582c4dbc29bf255cab9c6fed4dc135fc5dee45684b1cf5dad34349f0813f9bd1685321f5c6029fffa1240a15c8dddd4f6e063584ba765200c6e7c14537bf281e66a98f6aca095ec19254dfa23d2e98a741cf1fce488e8a1d43ad86cfc8b979cda487da5b9e4a1979c741bf01b8b7e88f9e576c4353e7123e5c9b8ed845d30f67e3c9bc3272131a781ccb62151a806e7b03fab6825c0727b7665e6417ce40b102a2493cf09e4eb70277628d137cfbe8cd9e70d24b34768042e9629ae3409f867d9ff58dee08ccbd3d234e37ee72e1d7e07b22080c79a7a098b1bee35b8983ba1ea20d80aa126b01bea689a8dfc238b357aa195bdaf3ea1bfc5cecf158133272dc3538eeae197fcb9b9318394b0ad1f694cdcf1622eba1d9d688c6226e9e3528f4a5c82bd4b410dbf21e814d3ad469d51cf94af06f2d6b3e5f4519b598f49b009ef8360dec3aa7d6dfb9d518c2a4bc0a63c58bab47edaeb326c8345a29577e999ed3e82c1c8cd38318695b70c1f6f19472b257b7a9a6cd08ab23234cb611681118e7998e634b2a2d734ede7a1ef8d48da371de4b101622744477c7b5be2a3bcf8f8ea528a3c73794c4e07ae38d60184e1f8818e5e5141e776e91f88a6ee22fd18f8ab61f6b4bf23ff4429f90e98219c598e941434a8dc3ee0ceabae4990055c71d6bf80b1bcfe267a3157321fd92ffc7538ad0a1444287b65964ba0744b070d1d57f56e8238ff274c68677372357b8e3815d63301d93b9980a2c295f231e485155077b258af0e0931f259b16bdb84a124149a162dc7cd06d79e778a5fd3d82dc40ba89cca1f33b8e74d20e6baaf7ffefcda67ef375473798234ef7f2a5b8f4ab62801337d4f702fb5eb3282197ea9d7ae77d2950773972be566bb35bf20192c2fcd5e44d8dac46bca9cf3d491583feb78f1f1d2e48e99d2af45b0013b1de10f2f45d0149052974f406a95779e2ecb2d3115eae7361224154e862673aac36e9d5f2975274743f3d983ea050fa3316caaf6fd6f6f973526e308c8fd177d6cc9171b9529583c56da84c0ac85ccfff296ec0cb08128a5722f7a9ddf1899ae03e5402799cc7d13f92f99a2dbbf1cd8440993e704641a22c9a10456e39115a87b2ee268376eb4138ea40f6bb485407d204e628dc870f87af22917944de08e690417258b45eda5b85478e8f040380587835f0da765a0654b09c1f37eb61d3667edd7acc14f6852d0ce502d33b3b8832fd87bf897931a6361386c0e98424d596bfcd138210bfa90e04881574dce7b8fe206bd6afcc47c6536af8da9601c384d64da0949dafb51d0958e0b07ce4d973c2b86de874b870084936b3dc9bbc4af370d1617651a6f98acaf044a56", 0x70f}, {&(0x7f0000000600)="405261a12517dbe05afbe2c6509cbff47f04700aa1686eb9fd2c575a850d77bf8dbe3d55eaf012ed4850b88b4686833e244a678b3602d25ebf07b709ad7efe5b7511955cfbba127b528619195535d740ad72aed31d7a738b4bf05346719723b15d4e82", 0x63}], 0x4}, 0x44004)
ioctl$USBDEVFS_REAPURB(0xffffffffffffffff, 0x4004550c, &(0x7f0000000000))
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="6000000002060108000000000000000005000003050005000a000000050001000700000005000400000000000900020073797a310000000014000300686173683a69702c706f72742c69700014000780080006400000020008000840"], 0x60}, 0x1, 0x0, 0x0, 0x90}, 0x40c0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB="74000000090601020000000000000000030000000900020073797a310000000005000100070000004c0007801800018014000240fe8000000000000000000300000000aa1800148014000240fc000000000000000000000000000000060004404e1f0000050007008400000006000540"], 0x74}, 0x1, 0x0, 0x0, 0x10040003}, 0x0)

9.241266436s ago: executing program 5 (id=3115):
r0 = syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x0, &(0x7f00000002c0), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=")
ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40e8662e, &(0x7f0000000000)={0x5, 0x40000000000001, 0x0, 0xb, 0x209, 0x905})

8.105727673s ago: executing program 4 (id=3116):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TIOCGICOUNT(r0, 0x5409, 0x0)
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x80082, 0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')

7.734503698s ago: executing program 3 (id=3118):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r2=>0x0})
bind$can_j1939(r1, &(0x7f0000000340)={0x1d, r2, 0x1000, {0x2, 0xff, 0x4}, 0xfe}, 0x18)
setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
connect$can_j1939(r1, &(0x7f0000000000)={0x1d, r2, 0x0, {0x0, 0xf0, 0x2}, 0xff}, 0x18)
r3 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r4=>0x0})
bind$can_j1939(r3, &(0x7f0000000340)={0x1d, r4, 0x0, {0x0, 0x0, 0x4}, 0xfe}, 0x18)
setsockopt$sock_int(r3, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
sendmsg$inet(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000540)="81b641f1f3843704b6", 0x9}], 0x1}, 0x4048081)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0xf0ffffffffffff, 0x0, 0x2400c840}, 0x4000850)

7.396105044s ago: executing program 5 (id=3120):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0x2a, &(0x7f0000000000)=0xb6, 0x4)
setsockopt$sock_int(r0, 0x1, 0x2e, &(0x7f0000000100)=0x6, 0x4)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r1 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x8, 0xc1})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="16000000"], 0x50)
io_uring_enter(r1, 0x2219, 0x7721, 0x16, 0x0, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
recvfrom(r0, 0x0, 0x0, 0x32, 0x0, 0x0)
syz_emit_ethernet(0x2e, &(0x7f0000000380)={@multicast, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x40, 0x100, @void}}}}}}}, 0x0)

7.08651558s ago: executing program 4 (id=3122):
r0 = fsopen(0x0, 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x1)
fchdir(r1)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r2)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
shutdown(r3, 0x0)
recvmmsg(r3, &(0x7f0000005000)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=""/19, 0x13}, 0x3}], 0x4000169, 0x60, 0x0)
listen(r2, 0x40000000)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r4 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_CONN_TIMEOUT(r4, 0x10f, 0x82, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000005c0)={0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x2000081, &(0x7f0000000480)=ANY=[@ANYRESHEX, @ANYRES8, @ANYRES64, @ANYRES8, @ANYRESDEC, @ANYRES64], 0x2, 0x245, &(0x7f00000007c0)="$eJzs3b9qU2EYB+A3/9pUh2RwEsEDOjiVtleQIhXETkoGddBiW5AkFCwEWsXQySvwSrwOF+/ACxC66VA4cnJS00JqG0yaUp9n6Qvn+/V9T/KFTOfL6zud1ubO7vbBh+9RrRai2IhG4TCiHsXIzAcAcN38StM4THPjJcvFac0EAEzXBb//Fy5xJABgyp49f/FkdX197WmSVCM6n7rNQuR/8+ur2/E22rEVS1GLo4j0j7x+9Hh9LcpJph73O71uM0t2Xn2NSp7/EdHPL0ct6qPzy0nuRL7XbVbixqB/I8uvRC1ujc6vjMhHcy4e3Dsx/2LU4tub2Il2bEaWHeY/LifJw/Tzz/cvs4mzfKHXbc731w2lpRm8PQAAAAAAAAAAAAAAAAAAAAAAXFOLSZIkafolTdO0d+r8ndJR//picqx++nyePH/W+UC9E+frLCVJcnxY8DBfjtvlKM/w1gEAAAAAAAAAAAAAAAAAAODK2N3bb22021vvJlocP9Y/+f/8r0WUBqO1CxFXYJ5+sZDNczm97saYvRpjtoji3n4ra5LtgdZGIc5JVae0SdIR2690ZmpuQt3nbl5scem8l2VQFCKiMtixf19cjMqEPykAAAAAAAAAAAAAAAAAAMAlGz70O+LiwQwGAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAZGP7+/xhFbxC+YGrGtwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMB/4HcAAAD//+xqeWQ=")
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0xa02000000000000, 0x60, &(0x7f0000000000)={'filter\x00', 0xb001, 0x4, 0x3e8, 0x0, 0x0, 0x130, 0x300, 0x300, 0x300, 0x7fffffe, 0x0, {[{{@arp={@local, @empty, 0x0, 0x0, 0x0, 0x0, {}, {@mac=@local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'pimreg\x00', 'veth0_to_bridge\x00'}, 0xc0, 0x130}, @unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "f67b23ffdfa27f907a03732da3acbc6518e62a77ca06f258762e88c0d9f9d2f413b94a105f4bdf01425ce81c5d000000000000000500ffffffff00"}}}, {{@arp={@multicast2, @empty, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0_to_team\x00', 'ip6tnl0\x00'}, 0xc0, 0xe8}, @unspec=@CLASSIFY={0x28}}, {{@uncond, 0xc0, 0xe8}, @unspec=@NFQUEUE3={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x438)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
socket$inet6(0xa, 0x5, 0x7)

6.809930316s ago: executing program 9 (id=3123):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[], 0x20}}, 0x40011)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x1c, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prlimit64(0x0, 0x1, 0x0, 0x0)
add_key(&(0x7f00000018c0)='big_key\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffe)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff)
r2 = socket$key(0xf, 0x3, 0x2)
getsockopt$IP6T_SO_GET_REVISION_TARGET(r0, 0x29, 0x45, &(0x7f0000000040)={'IDLETIMER\x00'}, &(0x7f0000000780)=0x1e)
r3 = socket$pptp(0x18, 0x1, 0x2)
sendmsg$key(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0}}, 0x24008054)
sendmmsg(r0, 0x0, 0xffffffffffffff58, 0x496d)
r4 = socket$pptp(0x18, 0x1, 0x2)
bind$pptp(r4, &(0x7f0000000000)={0x18, 0x2, {0x0, @dev}}, 0x1e)
connect$pptp(r4, &(0x7f0000000280)={0x18, 0x2, {0x0, @private=0xa010102}}, 0x1e)
connect$pptp(r4, &(0x7f0000000a80)={0x18, 0x2, {0x1, @loopback}}, 0x1e)
ioctl$USBDEVFS_CLEAR_HALT(0xffffffffffffffff, 0xc0105502, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet(0x2, 0x2, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYRESDEC=r3], 0x48)

6.140250607s ago: executing program 3 (id=3124):
syz_mount_image$iso9660(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x1a00805, &(0x7f0000000900)=ANY=[@ANYBLOB='iocharset=iso8859-5,check=strict,session=0x0000000000000033,overriderockperm,map=off,iocharset=cp850,nocompress,nojoliet,dmode=0x0000000000000008,norock,mode=0x0000000000000f10,gid=', @ANYRESHEX=0x0, @ANYBLOB="2c626c6f636b3d3078303030303030303030303430302c000000008ad60ce8c41ca9f494b20105d3ae6466cc4101ddc2559fb0938c3a0dfbb6438e671e9a4cfe00a9ba486787f448f7303a1ddacecb68bcffea138db3704c5f2574848177675e440e7b3c3eec741f1ca7b78b79f2a38246fdda4cc5935630004caa753e60f9685e8d949c7402bb88f243f42bdf53fd8731913427c4f57af403a6"], 0x0, 0x431, &(0x7f0000000a80)="$eJzs3E1vG8UfwPHZxM7f/yBFSBXNQ3OYUpDCoe56QxxFPS3rsTPtene1u66SE6pIUkUkKSJFIrnQXApI8Ao49YTEO+DCy+BVUMGRW9A+ODixHUd5coDvR4pm7PntzG9Wqx2to1kBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACE4dRMs2IIV3utFdmfUwv9Zq+G93fSot3fu8eKU8YVwkj+RKkkprKvpm793fxO1slk9mlSlJKiJPbfuv32w1uFkfbxpyR8LXb39p//nOV4pvjCH4epK0/smjSUpyNfN+2Gkjry5VK1aj5Yrkeyrl0VrUaxakonVHbsh3LO+UBWlpbmpSqv+i2vUbNd1f5y8b5lmlX5qBwoO4x878GjcuQsa9fVXiONSZqTmMXkQnysYxkruynlxubW+vygJJOgyinthhAv0yBrUE+WaVmVimVVqgtLC4umWbBMSx77wjxBdB2SXrTFs14w+Of64cfed4ZLu3cDF3WYr/+dSkPLBgAAAAAAXAUj/Y09ef4vpr/DG6KuXWUOOy0AAAAAAHCJ0v/8TyZFMalNCYPnfwAAAAAA/m2+6dxj9/9ee+yi4H/GL7+LMCwaB8HKe8a2nYTb26KQHjd6sse4PmNM5J2kRbWQf3LUrDGdBU23o9/kxcagvX5GVwL5yCcTyHbYHX7VIwHxnZgRQvx5KGbWsuC1dks2ynhdu6rs+O7DirDtiZFYrcRf7Gx+KdLpf+s1Jwyxsbm1Xv7k+dZamstB0svBdr6Bwjj7yRAvjvY99p7xWN5FOu54Nq7ZOf+RrH2ke8xp0WfMV+JOFnNnPCvHj8+/lMy/Uu43+zyLygVn/krMZjGzc/eS4t5cjyysQVlYnVn0PxfnzKKYd3CUxajoyOK3oyzmL5gFAAzLxoBVyOhe+M9xl7u81f30O/rdLObuTHpjLcz0WFfMQeuKecbVrZ3ZySx+6noHQtZS6lpjk3G/95rlMSGOVtXXyQGv+44buZaRnMLRF9ufidu7e/v3N7efPlt/tr5jWfNV80PTXLBEMZ1GXvQ5X+zxBID/NhW+Mcbjr40w1MHHlbGlih0vKxn6zmMZ6lpDSe3FKnSWba+hZBD6se/4blJ5omsqklErCPwwlnU/lIEf6ZX0zS8yf/VLpJq2F2snClxlR0o6vhfbTixrOnJk0PrI1dGyCtODo0A5uq4dO9a+JyO/FTqqLGWkVEegrikv1nWdVD0ZhLpph6vyie+2mkrWVOSEWv+av2GnPZb26n7YTLstD/tkAwBwQ+zu7X/6dGtr/fMrrKTPsS+HPVMAANDWuUoDAAAAAAAAAAAAAAAAAAAAAICb6Tr2/11uxRBC3IA0LlopCiFuQBpUblBl7LwX9mFWMS7zihr2nQnAVfsrAAD//+agq5M=")

6.083735733s ago: executing program 5 (id=3125):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

5.986270559s ago: executing program 7 (id=3126):
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r1, &(0x7f0000000300)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r1, 0x0)
connect$unix(r0, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r2 = socket$unix(0x1, 0x1, 0x0)
connect$unix(r2, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
accept$unix(r1, 0x0, 0x0)

5.222541756s ago: executing program 5 (id=3127):
r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$sock_x25_SIOCDELRT(r0, 0x890c, &(0x7f0000002900)={@null, 0x2, 'tunl0\x00'})

5.176321396s ago: executing program 4 (id=3128):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc0241, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, 0x0)
socket$packet(0x11, 0x3, 0x300)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$TUNDETACHFILTER(r2, 0x401054d6, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0xffffffff)
openat$cuse(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
syz_open_dev$sndctrl(&(0x7f0000000440), 0x1, 0x103000)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000002340), 0x40800)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r3, 0xc058534f, &(0x7f0000002380)={{0x0, 0x1}, 0x0, 0x0, 0x2, {0x4}, 0x3, 0x100800})
add_key$keyring(&(0x7f0000000140), &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffc)
getsockopt$IP_VS_SO_GET_INFO(r1, 0x0, 0x481, &(0x7f0000000240), &(0x7f00000002c0)=0xa)
bind$alg(0xffffffffffffffff, &(0x7f00000003c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(serpent)\x00'}, 0x58)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETFLOWTABLE(r4, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xf, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000750000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000"], 0x0, 0xfffffffe, 0x0, 0x0, 0x40f00, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1c, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000940)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe26}, 0x94)
bind$alg(0xffffffffffffffff, &(0x7f0000000140)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_sha256\x00'}, 0x58)
socket$nl_route(0x10, 0x3, 0x0)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r5, &(0x7f0000000040), 0x6)
ioctl$sock_bt_hci(r5, 0x400448e6, &(0x7f0000000500)="d7")

5.13622815s ago: executing program 3 (id=3129):
syz_usb_connect(0x1, 0x3d, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000bdce4208110f80106afc0000000109022b00010000000009043700022ee5cd0009058010ff037f7902"], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
close(0x3)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
socket(0xa, 0x1, 0x0)
ioctl$UI_SET_ABSBIT(0xffffffffffffffff, 0x40045567, 0x0)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000ec0)={'syz0\x00', {}, 0x0, [0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x3, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0xfffffffc, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d52c0], [0x0, 0x0, 0x2, 0xb16, 0x0, 0xffffffcb, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0xf, 0x1, 0x2, 0x0, 0x0, 0x0, 0xfffffffe, 0x20000000, 0x1, 0x0, 0x0, 0x0, 0x0, 0xfefffffd, 0x0, 0x8, 0x0, 0x0, 0x0, 0x1, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf], [0x88000001, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x20000, 0xfffffffd, 0x2, 0xe, 0x1, 0x0, 0x0, 0x3c63, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x2, 0x0, 0x0, 0xd12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x4], [0x0, 0xfffffffc, 0xfffffffc, 0xc, 0x6, 0x0, 0x7, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x7e, 0x0, 0x3, 0x2, 0x0, 0xe, 0x4000000, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xfffffffd, 0x2, 0x0, 0x0, 0x0, 0x0, 0x5]}, 0x45c)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, &(0x7f00006dbffc), 0x4)

5.069789436s ago: executing program 9 (id=3130):
openat$vicodec0(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x6)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0x401c5820, &(0x7f0000000040)={0x100f8, 0x0, 0x601, 0xffffffff})
r5 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00'})
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="20000000130001000000000000000000070000002e86e4a630b400bf5e869b3444cf3b26d94521b7a4995947eb680490ce6227cc35c9ec5542ebf529cf5c205b7fe401c1bacf4b15a64c6804a6cedd63ffca8ede2a6ea1d1bf0c59cdcdab726224d11135ed2b79543e64ff3370ab2a0af57000bf26a1fc5ed4fb2a9245aac8bc20f234fd5515152d6bcfe668dd8a71ff6becad995ef95da00895890cae8d688c04219fdacac9e867660d54f96988a93be72dd47a94c7d1f1d4da1d2fcfc8e8084ed26446c399b0fc6dd2784752b65d816ad1", @ANYBLOB='\x00\x00\x00\x00\x00\x00'], 0x20}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000940)=ANY=[@ANYBLOB="61158800000000006113500000000000bfa000000000000007000000ee0016055e15010000000000160500000000000069163e0000000000bf07000000000000260507000fff07206706000020000000150600000ee60060bf500000000000002f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05002000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ace0600006e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc0da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44e2a2235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d00c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932fb3bba54b3a6aa57f1ad2e99e0e67ab9ff16d20000009f0f53acbb40b4f8e2738270001562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000007b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000815266b2c9e1bfadc7498e9dda5d000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631822a11dc3c693962895496d4f6e9cc54db6c7205a6b26f92121ef53e553acdf42068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710eec53f1b11cced7bc3c8da0c44d2fbf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db80300c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f8709d87b27f8a5d9121fdc058447b728f134f72062fc4b1ca0780b1a7af137ff7b4ff139604faf0453b65586f65c7943d56b52f06c870edf0c5d744b5272b44c23480b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca871073f6bd61940aabc86b94f8cbde4d47060400e722a6a2af483ad0d3415ed0f9db009acaba9eaea93f811d434e00000000000000000000d154672fea96aedf346279ec00000000000000000000d535d41b0067f01e2e54b9154d876020b669640ead4ca44631fadf7c4ac39a1b331dbdcd52b36df021b731ef1f92330d347f88ced5c1aaadbcdd8d2257e3a9a7c7494fadf9be36f7a2334ee6e9446fa1fd486f85d672a77dc5bd21463994d49f12016305a1e394d292b66840fe32b40ad665d241a8b8a32b3100450c32832789aa8a096f41201b585cd76631c88cf958e9e9047f5af1730c5e83db12460a0768fd4b62be6c41eed307048bac8d1f7f164574241e06027654b248dcc38749eee0c1ee7c61b3f6411a559c3d45637b11e440ed5a99109b8e71d28c3d677af5f0499c6d3fc6a129"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000026c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x94)
sendmsg$nl_xfrm(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000190001000000000000000000dc020078000000000000000000000000ff02000000000000e26ea7250000000100000000000000000a"], 0xb8}, 0x1, 0x0, 0x0, 0x4048000}, 0x14)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="760100001b"], 0x188}, 0x1, 0x0, 0x0, 0x40004}, 0x0)

5.06690755s ago: executing program 6 (id=3131):
r0 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f0000000180)=0x1, 0x23)
connect$inet6(r0, 0x0, 0x0)

4.881867295s ago: executing program 7 (id=3132):
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000000)={@remote, 0x300}, 0x20)

4.816077371s ago: executing program 5 (id=3133):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, 0x0, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000007c0)=@newchain={0x24, 0x64, 0x1, 0x70bd27, 0x25dfdbfb, {0x0, 0x0, 0x0, r2, {0xfff1, 0xc}, {0x2, 0xc}, {0xfff2, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x24044801}, 0x20040000)

4.589651374s ago: executing program 7 (id=3134):
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCBRDELBR(r0, 0x89a2, &(0x7f0000000000)='bridge0\x00')
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0xfffffffe, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480d0000005e140604000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)

4.518487032s ago: executing program 6 (id=3135):
bind$alg(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000032680)=""/102392, 0x18ff8)
capset(&(0x7f0000000040)={0x20071026}, &(0x7f00000002c0)={0x6, 0x6, 0x1000002, 0x87, 0xffffffff, 0x3fe})
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000480)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x4000000}, 0x50)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000340)={0x1b, 0x0, 0x0, 0x40000, 0x0, r4, 0xfff}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x15, 0x1c, &(0x7f0000000100)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xbda}, {{0x18, 0x1, 0x1, 0x0, r5}, {}, {0x7, 0x0, 0xb, 0x6}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x0, 0x2}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x6, 0x1, 0xa, 0x9, 0x8}, {0x7, 0x0, 0x0, 0x8}, {0x7, 0x1, 0xb, 0x4, 0x8}, {}, {0x7, 0x0, 0xc}, {0x18, 0x6, 0x2, 0x0, r4}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_reuseport=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x4000840)

3.647213416s ago: executing program 9 (id=3136):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r2=>0x0})
bind$can_j1939(r1, &(0x7f0000000340)={0x1d, r2, 0x1000, {0x2, 0xff, 0x4}, 0xfe}, 0x18)
setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
connect$can_j1939(r1, &(0x7f0000000000)={0x1d, r2, 0x0, {0x0, 0xf0, 0x2}, 0xff}, 0x18)
r3 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r4=>0x0})
bind$can_j1939(r3, &(0x7f0000000340)={0x1d, r4, 0x0, {0x0, 0x0, 0x4}, 0xfe}, 0x18)
setsockopt$sock_int(r3, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
sendmsg$inet(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000540)="81b641f1f3843704b6", 0x9}], 0x1}, 0x4048081)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0xf0ffffffffffff, 0x0, 0x2400c840}, 0x4000850)

3.434214618s ago: executing program 5 (id=3137):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000008c0)={'bridge_slave_1\x00'})
socket(0x11, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
sched_setattr(0x0, &(0x7f00000013c0)={0x38, 0x5, 0x8, 0x8801, 0x0, 0xd, 0x8000, 0xfffffe0000000000, 0xfa11, 0xfffffffe}, 0x0)
r2 = add_key$user(&(0x7f0000000040), &(0x7f0000000180)={'syz', 0x1}, &(0x7f0000000080)='\x00', 0x1, 0xfffffffffffffffb)
pipe2$watch_queue(&(0x7f00000002c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x80)
ioctl$IOC_WATCH_QUEUE_SET_SIZE(r3, 0x5760, 0x14)
keyctl$KEYCTL_WATCH_KEY(0x20, r2, r3, 0x100000000000f7)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000080)=0xf)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
r5 = openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000100)='cgroup.clone_children\x00', 0x2, 0x0)
write$cgroup_subtree(r5, &(0x7f00000000c0)=ANY=[@ANYRESOCT, @ANYRESDEC=r5], 0x31)
ioctl$TCFLSH(r4, 0x400455c8, 0x4)
r6 = add_key(&(0x7f0000000340)='logon\x00', &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb)
r7 = gettid()
sched_setattr(r7, &(0x7f0000000140)={0x38, 0x5, 0x3, 0x5, 0x6, 0x3, 0x2, 0xa1, 0x7, 0xe}, 0x0)
add_key$keyring(&(0x7f00000000c0), &(0x7f0000000280)={'syz', 0x3}, 0x0, 0x0, r6)
ioctl$TIOCVHANGUP(r4, 0x5437, 0x0)
ioctl$UFFDIO_WRITEPROTECT(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000800000/0x800000)=nil, 0x802000}, 0x2})
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000180)=0x3ad3, 0x4)
sendmmsg(0xffffffffffffffff, &(0x7f0000000c80)=[{{&(0x7f0000000000)=@qipcrtr={0x2a, 0x4, 0x7fff}, 0x80, 0x0}}], 0x1, 0x4008840)

2.753640764s ago: executing program 7 (id=3138):
socket$kcm(0x10, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
setsockopt$inet_sctp6_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, 0x0, 0x0)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0)
r2 = getpgid(0x0)
r3 = syz_pidfd_open(r2, 0x0)
r4 = openat$pidfd(0xffffffffffffff9c, 0x0, 0xac63094eb3328933, 0x0)
process_vm_readv(r2, &(0x7f00000005c0), 0x0, &(0x7f0000000680), 0x0, 0x0)
r5 = pidfd_getfd(r3, r4, 0x0)
readlinkat(r5, &(0x7f0000000100)='\x00', &(0x7f0000000140)=""/189, 0xbd)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f00000020c0)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000002100), 0x13f, 0x9}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, 0x0, 0x0)
writev(r1, &(0x7f0000000040)=[{&(0x7f0000000100), 0x86}], 0x2)
ioctl$UI_DEV_CREATE(0xffffffffffffffff, 0x5501)

2.240335865s ago: executing program 9 (id=3139):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

1.629589256s ago: executing program 7 (id=3140):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
move_mount(0xffffffffffffffff, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, 0x0, 0x262)
sched_setscheduler(0x0, 0x5, &(0x7f0000000200))
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
ioctl$BTRFS_IOC_GET_DEV_STATS(0xffffffffffffffff, 0xc4089434, &(0x7f0000000780)={0x0, 0x1, 0x0, [0x806f, 0x0, 0x2d5, 0x2, 0x6], [0x6, 0x7, 0x1, 0x9, 0x8002, 0x0, 0x5, 0x2, 0x0, 0x802, 0x2, 0x200000100, 0x3, 0xfffffffffffffff4, 0x4a, 0x1000000000005, 0x100, 0xd, 0xd9, 0x5, 0x1, 0x2a9, 0x3, 0xc39, 0x8, 0x8, 0x100000000, 0x2, 0xa51, 0x4000000000008, 0x401, 0x800000000000003, 0x7, 0xfffffffffffffffa, 0x81, 0x100, 0x5, 0x931, 0x101, 0x3, 0x8001, 0x8000000000000000, 0x7, 0x1, 0x8, 0x8, 0x6aa, 0x102, 0x1, 0x83, 0x538a, 0x9, 0xfffffffffffffff7, 0x4, 0x0, 0x4, 0x5, 0x8, 0x80008000, 0x8000000000000000, 0x4, 0xfffffffffffffffc, 0xfffffffffffffffd, 0x5bc, 0x1, 0x7fffffff, 0x4, 0x8000, 0xc9, 0x7, 0x6, 0x9, 0x82c, 0x8000, 0xe000000000000, 0x4000000e4, 0x11, 0x0, 0x8, 0x22, 0xffffffffffffffff, 0x7, 0x1, 0x8000000000000000, 0x200000000c, 0x8, 0x0, 0x4, 0x6, 0x7, 0x100000002, 0x4, 0x4, 0x8, 0x7, 0x7, 0x2000000000000009, 0x1, 0x16d, 0x6, 0x68d, 0xffffffffffff43b0, 0x8, 0x50000000000000, 0xe, 0x0, 0x0, 0x1000100000003, 0x4, 0x7, 0x406, 0x3, 0x6, 0x5, 0x0, 0x3, 0x40, 0x7fffffff, 0x8, 0x3, 0x1]})
ioprio_set$uid(0x3, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r0 = io_uring_setup(0x899, &(0x7f0000000040)={0x0, 0x3cb1, 0x1c080, 0xa, 0x20002f7})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x1c, 0x3, &(0x7f0000000000)=@framed={{0xdb, 0xa, 0xa, 0xfe00, 0xa0, 0x71, 0x10, 0x1d}}, 0x0, 0xb, 0x0, 0x0, 0x0, 0x6f, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)

1.417827855s ago: executing program 9 (id=3141):
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x8000)
r0 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r0, &(0x7f0000000200)={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0xc)
r1 = syz_io_uring_setup(0x497, &(0x7f0000000440)={0x0, 0x465d, 0x400, 0x3, 0x285}, &(0x7f00000004c0)=<r2=>0x0, &(0x7f0000000240)=<r3=>0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x6000, @fd=r0, 0x0, 0x0, 0x0, 0x0, 0x1, {0xffff}})
io_uring_enter(r1, 0x40f9, 0x217, 0xa5, 0x0, 0xf5)

840.796054ms ago: executing program 7 (id=3142):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[], 0x20}}, 0x40011)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x1c, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x802, 0x0)
connect$inet6(r0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prlimit64(0x0, 0x1, 0x0, 0x0)
add_key(&(0x7f00000018c0)='big_key\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffe)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff)
r2 = socket$key(0xf, 0x3, 0x2)
getsockopt$IP6T_SO_GET_REVISION_TARGET(r0, 0x29, 0x45, &(0x7f0000000040)={'IDLETIMER\x00'}, &(0x7f0000000780)=0x1e)
r3 = socket$pptp(0x18, 0x1, 0x2)
sendmsg$key(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0}}, 0x24008054)
sendmmsg(r0, 0x0, 0xffffffffffffff58, 0x496d)
r4 = socket$pptp(0x18, 0x1, 0x2)
bind$pptp(r4, &(0x7f0000000000)={0x18, 0x2, {0x0, @dev}}, 0x1e)
connect$pptp(r4, &(0x7f0000000280)={0x18, 0x2, {0x0, @private=0xa010102}}, 0x1e)
connect$pptp(r4, &(0x7f0000000a80)={0x18, 0x2, {0x1, @loopback}}, 0x1e)
ioctl$USBDEVFS_CLEAR_HALT(0xffffffffffffffff, 0xc0105502, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet(0x2, 0x2, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYRESDEC=r3], 0x48)

766.197191ms ago: executing program 3 (id=3143):
close(0xffffffffffffffff)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x800718, &(0x7f00000003c0)={[{@delalloc}, {@journal_dev={'journal_dev', 0x3d, 0x40000ff}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x60}}, {@nobh}, {@resgid}, {@resuid}, {@nombcache}, {@noblock_validity}, {@usrquota}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x4}}]}, 0x2, 0x4a3, &(0x7f00000004c0)="$eJzs281rXFUbAPDn3nz2M3n79v1orRotQlBMmrRqF24UBZGKgi7qMk6mJXTaSBPBfmCjiCtBCroWl6J/gbgRQdSV4Epw5UoKRbNp6ypyZ+5NMpNM2iSTTO38fjCZc+aemXueOffce+45kwA61lD2J4nYHRG/RsRALVtfYKj2dHP+cunW/OVSEgsLr/6RVMvdmL9cKooW79uVZ4bTiPT9JN9JvZkLF89MVCrl83l+dPZsX56cOF0+XT43fvz4saNjTz05/kRL4sziunHwnelDB154/epLpZNX3/jhy6y+u/Pty+NYp19Gm2wYygL/c6GqcdsjG9zZ3WrPsnTS3caKsC5dEZE1V0+1/w9EVyw13kA8/15bKwdsqeza1Nd889wCcA9Lot01ANqjuNDvnO8qZffAK++DB7Zy+NF215+p3QBlcd/MH7Ut3ZHmZXoa7m9baSgiTs799Wn2iM3NQwAA3JEPS5+c6I2IS7e+eDEbeyyN9tLu/1aff6v+3ZuPBAcj4l8RsS8i/h0R+yPiPxGRlf1fRPx/k/VZOf5Jr23yI9eUjf+ezte26sd/xegvBrvy3J5q/D3JqalK+Uj+nQxHT1+WH1tjH9889/NHzbYtH/9lj2z/xVgwr8e17oYJusmJ2YnqoLQFrr8bcbA7SVbGnyyuBCQRcSAiDq7vo/cWialHPz/UrNDt419DC9aZFj7LwpvL2n8uGuIvJLX1yTdHZy5cfHzqbOP65Gh/VMpHRoujYqUff/rglWb7r8Xfn+dWj3/H5sNs6nq59rys/ZdtXewDS+u1M63d/waP/7Q3ea26ztybv/b2xOzs+bGI3uRENV/3+vjSe4t8UT47/ocPr97/9+Xvydr/vojIDuL7I+KBiHgwr/tDEfFwRBxeI8bvn719/JFu4PhvgSz+yVXPf4vH/2BS1/7rT3Sd+e6rZvu/s/Y/Vk0N569Uz38Nkob8atXpjuhrrOBmvz8AAAD4J0irv4FP0pHFdJqOjNR+w78/dqaV6ZnZx05Nv3VusvZb+cHoSYuZroF8PrQyVSmPJXP5J9bmR8fzueJivvRoPm/8cdeOan6kNF2ZbHPs0Ol2Nen/md+72l07YIvVLy8VC8DjvW2pDLDNGtfR0/rslZfDyQDuVf5fGzrXbfp/ul31ALaf6z90rtX6/5WGvLUAuDe5/kPn0v+hQ6Xfrvry19teEaAdXP+hI23m//q3MNF/d1SjPYntbpRYV+EoEmnbv6hWJfrjrqjGxhOX8t7cyk9u84kJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgRf4OAAD//+Nr2uw=")
chdir(&(0x7f0000000140)='./file0\x00')
symlink(&(0x7f0000000dc0)='./file0\x00', &(0x7f0000000cc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
execve(&(0x7f0000000bc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0)

0s ago: executing program 4 (id=3144):
sched_setaffinity(0x0, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="4c000000020601080000000000000000000000400500010006200000050005000a00000005000400000000000900020073797a310000000011000300686173"], 0x4c}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000002500)=ANY=[@ANYBLOB="4c0000000906010200000000000000000500ffff240007801800018014000240fe8000000000000000000000000000aa08000a40000000020900020073797a31000000000500010007"], 0x4c}}, 0x4000080)

kernel console output (not intermixed with test programs):

][    C1] ldusb 10-1:0.55: usb_submit_urb failed (-19)
[ 1127.927717][T13919] ldusb 10-1:0.55: Couldn't submit interrupt_out_urb -19
[ 1127.971213][T10016] ldusb 10-1:0.55: LD USB Device #0 now disconnected
[ 1137.010980][T14021] netlink: 182 bytes leftover after parsing attributes in process `syz.7.1962'.
[ 1137.455969][T10016] IPVS: starting estimator thread 0...
[ 1138.229923][T14024] IPVS: using max 23 ests per chain, 55200 per kthread
[ 1144.135904][T14087] netlink: 182 bytes leftover after parsing attributes in process `syz.9.1979'.
[ 1144.839358][T14073] netlink: 'syz.0.1976': attribute type 11 has an invalid length.
[ 1145.706211][ T5981] IPVS: starting estimator thread 0...
[ 1145.820676][T14093] IPVS: using max 22 ests per chain, 52800 per kthread
[ 1146.443903][T14098] overlayfs: missing 'lowerdir'
[ 1153.321102][T14137] netlink: 182 bytes leftover after parsing attributes in process `syz.9.1995'.
[ 1155.527327][T14162] overlayfs: missing 'lowerdir'
[ 1157.933894][ T9556] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1157.943855][ T9556] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1157.952874][ T9556] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1157.983686][ T9556] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1158.002246][ T9556] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1160.462805][ T9556] Bluetooth: hci4: command tx timeout
[ 1161.667774][T14185] chnl_net:caif_netlink_parms(): no params data found
[ 1162.372226][T14229] netlink: 182 bytes leftover after parsing attributes in process `syz.5.2015'.
[ 1162.507845][ T9556] Bluetooth: hci4: command tx timeout
[ 1163.340665][T13567] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1164.577255][T14251] fuse: Bad value for 'fd'
[ 1164.587138][ T9556] Bluetooth: hci4: command tx timeout
[ 1165.424046][T13567] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1166.607580][T13567] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1166.655759][   T30] audit: type=1326 audit(1773275371.351:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14260 comm="syz.5.2023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb6c19c799 code=0x7ffc0000
[ 1166.709343][ T9556] Bluetooth: hci4: command tx timeout
[ 1166.721944][   T30] audit: type=1326 audit(1773275371.351:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14260 comm="syz.5.2023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb6c19c799 code=0x7ffc0000
[ 1166.830435][T14185] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1166.845935][   T30] audit: type=1326 audit(1773275371.351:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14260 comm="syz.5.2023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7fdb6c19c799 code=0x7ffc0000
[ 1166.875820][T14185] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1166.881524][   T30] audit: type=1326 audit(1773275371.351:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14260 comm="syz.5.2023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb6c19c799 code=0x7ffc0000
[ 1166.883102][T14185] bridge_slave_0: entered allmulticast mode
[ 1167.060731][T14185] bridge_slave_0: entered promiscuous mode
[ 1167.070494][T14185] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1167.073038][   T30] audit: type=1326 audit(1773275371.351:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14260 comm="syz.5.2023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=248 compat=0 ip=0x7fdb6c19c799 code=0x7ffc0000
[ 1167.238367][T14185] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1167.251915][T14185] bridge_slave_1: entered allmulticast mode
[ 1167.259626][   T30] audit: type=1326 audit(1773275371.351:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14260 comm="syz.5.2023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb6c19c799 code=0x7ffc0000
[ 1167.267810][T14185] bridge_slave_1: entered promiscuous mode
[ 1167.676814][T13567] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1167.840032][T14294] netlink: 182 bytes leftover after parsing attributes in process `syz.9.2029'.
[ 1168.334944][   T30] audit: type=1326 audit(1773275371.351:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14260 comm="syz.5.2023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7fdb6c19c799 code=0x7ffc0000
[ 1168.444850][   T30] audit: type=1326 audit(1773275371.351:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14260 comm="syz.5.2023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb6c19c799 code=0x7ffc0000
[ 1168.622885][   T30] audit: type=1326 audit(1773275371.361:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14260 comm="syz.5.2023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fdb6c19c799 code=0x7ffc0000
[ 1168.684702][   T30] audit: type=1326 audit(1773275371.361:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14260 comm="syz.5.2023" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb6c19c799 code=0x7ffc0000
[ 1168.826185][T14185] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1169.418971][T14304] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 1169.428502][T14304] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1170.527455][ T5824] Bluetooth: hci1: command 0x1003 tx timeout
[ 1170.533871][ T9556] Bluetooth: hci1: Opcode 0x1003 failed: -110
[ 1170.589776][T14185] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1171.372679][T14185] team0: Port device team_slave_0 added
[ 1171.407172][T14185] team0: Port device team_slave_1 added
[ 1171.633710][T14185] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1171.674056][T14185] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1172.152716][T14185] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1172.297607][T14185] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1172.635789][T14185] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1172.772554][T14185] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1173.328156][T13567] bridge_slave_1: left allmulticast mode
[ 1173.361083][T13567] bridge_slave_1: left promiscuous mode
[ 1173.384516][T13567] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1173.465906][T13567] bridge_slave_0: left allmulticast mode
[ 1173.494650][T13567] bridge_slave_0: left promiscuous mode
[ 1173.508953][T13567] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1173.570180][T13567] batman_adv: batadv0: Interface deactivated: gretap1
[ 1173.778310][T10016] IPVS: starting estimator thread 0...
[ 1173.881788][ T1159] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1173.962722][T14338] IPVS: using max 24 ests per chain, 57600 per kthread
[ 1174.756904][T13567] batman_adv: batadv0: Removing interface: gretap1
[ 1174.879500][T13567] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1174.904833][T13567] bond_slave_0: left allmulticast mode
[ 1174.928202][T13567] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1174.948253][T13567] bond_slave_1: left allmulticast mode
[ 1174.964811][T13567] bond0 (unregistering): Released all slaves
[ 1175.017115][T14185] hsr_slave_0: entered promiscuous mode
[ 1175.056086][T14185] hsr_slave_1: entered promiscuous mode
[ 1175.076458][T14185] debugfs: 'hsr0' already exists in 'hsr'
[ 1175.094845][T14185] Cannot create hsr debugfs directory
[ 1175.142719][T14341] batman_adv: batadv0: Adding interface: gretap1
[ 1175.159449][T14341] batman_adv: batadv0: The MTU of interface gretap1 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1175.222273][T14341] batman_adv: batadv0: Interface activated: gretap1
[ 1175.862406][T14362] netlink: 182 bytes leftover after parsing attributes in process `syz.7.2045'.
[ 1176.552389][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[ 1176.558794][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[ 1177.764811][T14367] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 1177.773951][T14367] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1179.119753][T14373] 9pnet_fd: Insufficient options for proto=fd
[ 1183.612962][T14413] input: syz1 as /devices/virtual/input/input34
[ 1184.009617][T13567] hsr_slave_0: left promiscuous mode
[ 1184.033977][T13567] hsr_slave_1: left promiscuous mode
[ 1184.044904][T13567] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1184.066935][T13567] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1184.084198][T13567] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1184.112941][T13567] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1184.413884][T13567] veth1_macvtap: left promiscuous mode
[ 1184.466947][T13567] veth0_macvtap: left promiscuous mode
[ 1184.514495][T13567] veth1_vlan: left promiscuous mode
[ 1184.556572][T13567] veth0_vlan: left promiscuous mode
[ 1186.173925][T13567] team0 (unregistering): Port device batadv1 removed
[ 1186.661199][T14446] 9pnet_fd: Insufficient options for proto=fd
[ 1186.722438][T13567] team0 (unregistering): Port device team_slave_1 removed
[ 1186.749888][T13567] team0 (unregistering): Port device team_slave_0 removed
[ 1186.912528][T14431] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1186.920694][T14431] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1187.669204][T14456] comedi comedi3: pcl724: I/O port conflict (0xcf7,4)
[ 1189.497049][T14185] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 1189.737640][T14185] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 1189.919132][T14185] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 1189.948543][T14185] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 1190.325083][T13567] IPVS: stop unused estimator thread 0...
[ 1190.606998][T14185] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1190.732426][T14185] 8021q: adding VLAN 0 to HW filter on device team0
[ 1190.786406][ T6226] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1190.793670][ T6226] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1190.985198][ T9902] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1190.992424][ T9902] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1191.802067][T14515] 9pnet_fd: Insufficient options for proto=fd
[ 1194.394420][T14542] x_tables: ip6_tables: mh match: only valid for protocol 135
[ 1196.352496][T14185] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1199.173416][T14589] 9pnet_fd: Insufficient options for proto=fd
[ 1200.618775][T14185] veth0_vlan: entered promiscuous mode
[ 1200.657494][T14185] veth1_vlan: entered promiscuous mode
[ 1201.344627][T14185] veth0_macvtap: entered promiscuous mode
[ 1201.392022][T14185] veth1_macvtap: entered promiscuous mode
[ 1201.566358][T14185] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1201.742612][T14185] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1202.799550][ T1159] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1202.800849][   T12] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1202.800945][   T12] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1202.801030][   T12] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1203.766171][   T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1203.847630][   T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1203.961402][ T1139] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1204.012184][ T1139] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1208.908796][T14665] 9pnet_fd: Insufficient options for proto=fd
[ 1210.793682][  T848] IPVS: starting estimator thread 0...
[ 1210.907072][T14681] IPVS: using max 30 ests per chain, 72000 per kthread
[ 1216.323986][T14717] overlayfs: failed to resolve './file1': -2
[ 1218.812211][T14737] 9pnet_fd: Insufficient options for proto=fd
[ 1222.271706][ T5824] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1222.281561][ T5824] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1222.291392][ T5824] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1222.338194][ T5824] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1222.345903][ T5824] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1223.255675][T14769] chnl_net:caif_netlink_parms(): no params data found
[ 1224.396793][ T5824] Bluetooth: hci1: command tx timeout
[ 1224.420019][ T9902] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1224.862591][ T9902] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1225.043498][T14769] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1225.069006][T14769] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1225.076266][T14769] bridge_slave_0: entered allmulticast mode
[ 1225.185747][T14769] bridge_slave_0: entered promiscuous mode
[ 1225.461287][ T9902] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1226.132449][T14781] overlayfs: failed to resolve './file1': -2
[ 1226.160558][T14799] syzkaller0: entered promiscuous mode
[ 1226.183184][T14799] syzkaller0: entered allmulticast mode
[ 1226.215076][T14769] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1226.235980][T14769] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1226.253483][T14769] bridge_slave_1: entered allmulticast mode
[ 1226.275926][T14769] bridge_slave_1: entered promiscuous mode
[ 1226.486147][ T5824] Bluetooth: hci1: command tx timeout
[ 1226.508529][ T9902] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1227.194353][T14822] xt_hashlimit: size too large, truncated to 1048576
[ 1228.564878][ T5824] Bluetooth: hci1: command tx timeout
[ 1230.633862][ T5824] Bluetooth: hci1: command tx timeout
[ 1234.007511][T14769] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1234.072723][T14769] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1234.571790][T14874] overlayfs: failed to resolve './file1': -2
[ 1234.641869][T14769] team0: Port device team_slave_0 added
[ 1234.723665][T14769] team0: Port device team_slave_1 added
[ 1235.560504][T14769] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1235.597896][T14769] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1235.700668][T14769] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1235.779525][T14769] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1235.812277][T14769] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1235.906289][T14769] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1236.646548][ T9902] bridge_slave_1: left allmulticast mode
[ 1236.653395][ T9902] bridge_slave_1: left promiscuous mode
[ 1236.659258][ T9902] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1236.675897][ T9902] bridge_slave_0: left allmulticast mode
[ 1236.682144][ T9902] bridge_slave_0: left promiscuous mode
[ 1236.727029][ T9902] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1236.790180][ T9902] batman_adv: batadv0: Interface deactivated: gretap1
[ 1237.835751][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[ 1237.843251][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[ 1237.989836][ T9902] batman_adv: batadv0: Removing interface: gretap1
[ 1238.131545][ T9902] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1238.164819][ T9902] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1238.190819][ T9902] bond0 (unregistering): Released all slaves
[ 1238.219814][T14909] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1238.227162][T14909] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1238.537735][T14769] hsr_slave_0: entered promiscuous mode
[ 1238.544827][T14769] hsr_slave_1: entered promiscuous mode
[ 1238.551585][T14769] debugfs: 'hsr0' already exists in 'hsr'
[ 1238.557367][T14769] Cannot create hsr debugfs directory
[ 1240.490391][ T9902] hsr_slave_0: left promiscuous mode
[ 1240.595194][ T9902] hsr_slave_1: left promiscuous mode
[ 1240.616689][ T9902] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1240.634782][ T9902] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1240.690185][ T9902] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1240.726316][ T9902] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1240.819795][ T9902] veth1_macvtap: left promiscuous mode
[ 1240.846743][ T9902] veth0_macvtap: left promiscuous mode
[ 1240.857277][ T9902] veth1_vlan: left promiscuous mode
[ 1240.877157][ T9902] veth0_vlan: left promiscuous mode
[ 1241.089100][T14543] usb 8-1: new low-speed USB device number 15 using dummy_hcd
[ 1241.731142][T14543] usb 8-1: config 0 has an invalid interface number: 55 but max is 0
[ 1241.777614][T14543] usb 8-1: config 0 has no interface number 0
[ 1241.834279][T14543] usb 8-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1242.068188][T14543] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[ 1242.082970][T14543] usb 8-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1242.098929][T14543] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[ 1242.117915][T14543] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[ 1242.139659][T14543] usb 8-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1242.158264][T14543] usb 8-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1242.182326][ T9902] team0 (unregistering): Port device batadv1 removed
[ 1242.236131][T14543] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1242.299800][T14543] usb 8-1: config 0 descriptor??
[ 1242.321343][T14976] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[ 1242.335601][T14976] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[ 1242.377653][T14543] ldusb 8-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[ 1242.596286][ T5981] usb 8-1: USB disconnect, device number 15
[ 1242.602305][    C0] ldusb 8-1:0.55: usb_submit_urb failed (-19)
[ 1242.611300][T14976] ldusb 8-1:0.55: Couldn't submit interrupt_out_urb -19
[ 1242.707044][ T5981] ldusb 8-1:0.55: LD USB Device #0 now disconnected
[ 1243.058597][ T9902] team0 (unregistering): Port device team_slave_1 removed
[ 1244.298550][ T9902] team0 (unregistering): Port device team_slave_0 removed
[ 1247.287962][   T30] kauditd_printk_skb: 7 callbacks suppressed
[ 1247.287989][   T30] audit: type=1326 audit(1773275451.981:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15039 comm="syz.2.2201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e89b9c799 code=0x7ffc0000
[ 1247.335559][   T30] audit: type=1326 audit(1773275451.981:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15039 comm="syz.2.2201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e89b9c799 code=0x7ffc0000
[ 1247.400621][   T30] audit: type=1326 audit(1773275451.981:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15039 comm="syz.2.2201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7f2e89b9c799 code=0x7ffc0000
[ 1247.635330][ T1139] Bluetooth: hci2: Frame reassembly failed (-84)
[ 1247.643675][   T30] audit: type=1326 audit(1773275451.991:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15039 comm="syz.2.2201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e89b9c799 code=0x7ffc0000
[ 1247.678622][   T30] audit: type=1326 audit(1773275451.991:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15039 comm="syz.2.2201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=248 compat=0 ip=0x7f2e89b9c799 code=0x7ffc0000
[ 1247.731897][   T30] audit: type=1326 audit(1773275451.991:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15039 comm="syz.2.2201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e89b9c799 code=0x7ffc0000
[ 1247.764196][   T30] audit: type=1326 audit(1773275451.991:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15039 comm="syz.2.2201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7f2e89b9c799 code=0x7ffc0000
[ 1248.275962][   T30] audit: type=1326 audit(1773275451.991:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15039 comm="syz.2.2201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e89b9c799 code=0x7ffc0000
[ 1249.235008][   T30] audit: type=1326 audit(1773275451.991:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15039 comm="syz.2.2201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f2e89b9c799 code=0x7ffc0000
[ 1249.488205][   T30] audit: type=1326 audit(1773275451.991:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15039 comm="syz.2.2201" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e89b9c799 code=0x7ffc0000
[ 1249.694292][ T5824] Bluetooth: hci2: Opcode 0x1003 failed: -110
[ 1250.387592][ T9902] IPVS: stop unused estimator thread 0...
[ 1251.283316][T14769] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1253.135241][T14769] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1253.246860][T14769] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1253.563243][T14769] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1254.483722][T15092] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1254.491057][T15092] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1254.756877][T14769] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1254.883056][T14769] 8021q: adding VLAN 0 to HW filter on device team0
[ 1254.975234][ T9839] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1254.982430][ T9839] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1255.103900][ T9839] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1255.111078][ T9839] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1255.121530][ T9556] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201'
[ 1255.132521][ T9556] CPU: 1 UID: 0 PID: 9556 Comm: kworker/u9:0 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1255.132578][ T9556] Tainted: [L]=SOFTLOCKUP
[ 1255.132592][ T9556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[ 1255.132617][ T9556] Workqueue: hci3 hci_rx_work
[ 1255.132659][ T9556] Call Trace:
[ 1255.132671][ T9556]  <TASK>
[ 1255.132684][ T9556]  dump_stack_lvl+0x100/0x190
[ 1255.132745][ T9556]  sysfs_warn_dup.cold+0x1c/0x28
[ 1255.132801][ T9556]  sysfs_create_dir_ns+0x24b/0x2b0
[ 1255.132851][ T9556]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 1255.132898][ T9556]  ? find_held_lock+0x2b/0x80
[ 1255.132949][ T9556]  ? kobject_add_internal+0x25f/0x930
[ 1255.133008][ T9556]  ? kobject_add_internal+0x25f/0x930
[ 1255.133069][ T9556]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1255.133117][ T9556]  ? do_raw_spin_unlock+0x145/0x1e0
[ 1255.133161][ T9556]  kobject_add_internal+0x2c8/0x930
[ 1255.133227][ T9556]  kobject_add+0x16a/0x1e0
[ 1255.133283][ T9556]  ? __pfx_kobject_add+0x10/0x10
[ 1255.133339][ T9556]  ? class_to_subsys+0x10f/0x150
[ 1255.133380][ T9556]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1255.133429][ T9556]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1255.133476][ T9556]  ? kobject_put+0xb9/0x640
[ 1255.133526][ T9556]  ? _raw_spin_unlock+0x28/0x50
[ 1255.133580][ T9556]  device_add+0x294/0x1950
[ 1255.133643][ T9556]  ? __pfx_dev_set_name+0x10/0x10
[ 1255.133689][ T9556]  ? __pfx_device_add+0x10/0x10
[ 1255.133751][ T9556]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1255.133799][ T9556]  ? mgmt_send_event_skb+0x2fb/0x460
[ 1255.133852][ T9556]  hci_conn_add_sysfs+0x1a3/0x260
[ 1255.133902][ T9556]  le_conn_complete_evt+0x11cb/0x1f40
[ 1255.133963][ T9556]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1255.134017][ T9556]  hci_le_conn_complete_evt+0x23c/0x3a0
[ 1255.134060][ T9556]  ? skb_pull_data+0x15f/0x1e0
[ 1255.134127][ T9556]  hci_le_meta_evt+0x34a/0x5f0
[ 1255.134171][ T9556]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[ 1255.134220][ T9556]  hci_event_packet+0x682/0x11c0
[ 1255.134261][ T9556]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1255.134308][ T9556]  ? __pfx_hci_event_packet+0x10/0x10
[ 1255.134349][ T9556]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1255.134400][ T9556]  ? kcov_remote_start+0x374/0x660
[ 1255.134450][ T9556]  ? lockdep_hardirqs_on+0x78/0x100
[ 1255.134497][ T9556]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1255.134555][ T9556]  hci_rx_work+0x451/0xfc0
[ 1255.134603][ T9556]  process_one_work+0x9d7/0x1920
[ 1255.134661][ T9556]  ? __pfx_process_one_work+0x10/0x10
[ 1255.134696][ T9556]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1255.134758][ T9556]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1255.134812][ T9556]  worker_thread+0x5da/0xe40
[ 1255.134866][ T9556]  ? kthread+0x13a/0x450
[ 1255.134929][ T9556]  ? __pfx_worker_thread+0x10/0x10
[ 1255.134963][ T9556]  kthread+0x370/0x450
[ 1255.135021][ T9556]  ? __pfx_kthread+0x10/0x10
[ 1255.135084][ T9556]  ret_from_fork+0x754/0xd80
[ 1255.135149][ T9556]  ? __pfx_ret_from_fork+0x10/0x10
[ 1255.135214][ T9556]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1255.135261][ T9556]  ? __switch_to+0x7b4/0x1120
[ 1255.135306][ T9556]  ? __pfx_kthread+0x10/0x10
[ 1255.135369][ T9556]  ret_from_fork_asm+0x1a/0x30
[ 1255.135435][ T9556]  </TASK>
[ 1255.135469][ T9556] kobject: kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory.
[ 1255.461287][ T9556] Bluetooth: hci3: failed to register connection device
[ 1256.212566][T14769] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1256.286479][T14769] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1261.468758][ T9556] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201'
[ 1261.481430][ T9556] CPU: 0 UID: 0 PID: 9556 Comm: kworker/u9:0 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1261.481488][ T9556] Tainted: [L]=SOFTLOCKUP
[ 1261.481502][ T9556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[ 1261.481528][ T9556] Workqueue: hci0 hci_rx_work
[ 1261.481569][ T9556] Call Trace:
[ 1261.481580][ T9556]  <TASK>
[ 1261.481594][ T9556]  dump_stack_lvl+0x100/0x190
[ 1261.481654][ T9556]  sysfs_warn_dup.cold+0x1c/0x28
[ 1261.481710][ T9556]  sysfs_create_dir_ns+0x24b/0x2b0
[ 1261.481764][ T9556]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 1261.481810][ T9556]  ? find_held_lock+0x2b/0x80
[ 1261.481855][ T9556]  ? kobject_add_internal+0x25f/0x930
[ 1261.481913][ T9556]  ? kobject_add_internal+0x25f/0x930
[ 1261.481978][ T9556]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1261.482026][ T9556]  ? do_raw_spin_unlock+0x145/0x1e0
[ 1261.482070][ T9556]  kobject_add_internal+0x2c8/0x930
[ 1261.482134][ T9556]  kobject_add+0x16a/0x1e0
[ 1261.482191][ T9556]  ? __pfx_kobject_add+0x10/0x10
[ 1261.482245][ T9556]  ? class_to_subsys+0x10f/0x150
[ 1261.482287][ T9556]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1261.482337][ T9556]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1261.482383][ T9556]  ? kobject_put+0xb9/0x640
[ 1261.482434][ T9556]  ? _raw_spin_unlock+0x28/0x50
[ 1261.482489][ T9556]  device_add+0x294/0x1950
[ 1261.482553][ T9556]  ? __pfx_dev_set_name+0x10/0x10
[ 1261.482598][ T9556]  ? __pfx_device_add+0x10/0x10
[ 1261.482661][ T9556]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1261.482708][ T9556]  ? mgmt_send_event_skb+0x2fb/0x460
[ 1261.482762][ T9556]  hci_conn_add_sysfs+0x1a3/0x260
[ 1261.482832][ T9556]  le_conn_complete_evt+0x11cb/0x1f40
[ 1261.482886][ T9556]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1261.482945][ T9556]  hci_le_conn_complete_evt+0x23c/0x3a0
[ 1261.482989][ T9556]  ? skb_pull_data+0x15f/0x1e0
[ 1261.483055][ T9556]  hci_le_meta_evt+0x34a/0x5f0
[ 1261.483101][ T9556]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[ 1261.483150][ T9556]  hci_event_packet+0x682/0x11c0
[ 1261.483191][ T9556]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1261.483239][ T9556]  ? __pfx_hci_event_packet+0x10/0x10
[ 1261.483281][ T9556]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1261.483331][ T9556]  ? kcov_remote_start+0x374/0x660
[ 1261.483381][ T9556]  ? lockdep_hardirqs_on+0x78/0x100
[ 1261.483428][ T9556]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1261.483487][ T9556]  hci_rx_work+0x451/0xfc0
[ 1261.483535][ T9556]  process_one_work+0x9d7/0x1920
[ 1261.483592][ T9556]  ? __pfx_process_one_work+0x10/0x10
[ 1261.483627][ T9556]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1261.483689][ T9556]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1261.483744][ T9556]  worker_thread+0x5da/0xe40
[ 1261.483798][ T9556]  ? kthread+0x13a/0x450
[ 1261.483856][ T9556]  ? __pfx_worker_thread+0x10/0x10
[ 1261.483891][ T9556]  kthread+0x370/0x450
[ 1261.483955][ T9556]  ? __pfx_kthread+0x10/0x10
[ 1261.484019][ T9556]  ret_from_fork+0x754/0xd80
[ 1261.484083][ T9556]  ? __pfx_ret_from_fork+0x10/0x10
[ 1261.484149][ T9556]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1261.484196][ T9556]  ? __switch_to+0x7b4/0x1120
[ 1261.484240][ T9556]  ? __pfx_kthread+0x10/0x10
[ 1261.484303][ T9556]  ret_from_fork_asm+0x1a/0x30
[ 1261.484370][ T9556]  </TASK>
[ 1261.484402][ T9556] kobject: kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory.
[ 1261.818387][ T9556] Bluetooth: hci0: failed to register connection device
[ 1261.846642][T14769] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1262.055143][T14769] veth0_vlan: entered promiscuous mode
[ 1262.314965][T15154] misc userio: No port type given on /dev/userio
[ 1262.763432][T14769] veth1_vlan: entered promiscuous mode
[ 1263.015192][T14769] veth0_macvtap: entered promiscuous mode
[ 1263.145209][T14769] veth1_macvtap: entered promiscuous mode
[ 1263.300015][T14769] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1263.372844][T14769] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1263.452402][ T6226] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1263.490386][ T6226] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1263.537539][ T6226] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1263.594718][ T6226] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1264.028003][ T9902] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1264.035878][ T9902] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1264.728888][ T9902] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1264.818542][ T9902] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1265.679402][T15183] binder: 15179:15183 ioctl 80286722 2000000194c0 returned -22
[ 1268.093798][T15216] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2238'.
[ 1268.164996][T15216] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2238'.
[ 1268.173996][T15216] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2238'.
[ 1270.009811][T15231] loop7: detected capacity change from 0 to 512
[ 1270.091932][T15231] EXT4-fs: Ignoring removed oldalloc option
[ 1270.758487][T15231] EXT4-fs (loop7): 1 truncate cleaned up
[ 1270.808910][T15238] overlayfs: failed to resolve './file0': -2
[ 1270.865177][T15231] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1270.991678][T15231] EXT4-fs error (device loop7): ext4_add_entry:2415: inode #2: comm syz.7.2243: Directory hole found for htree leaf block 0
[ 1271.078689][T15231] EXT4-fs (loop7): Remounting filesystem read-only
[ 1273.460626][ T7004] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1281.880715][ T9556] Bluetooth: hci4: command 0x0406 tx timeout
[ 1282.662432][ T5824] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci6/hci6:201'
[ 1282.672270][ T5824] CPU: 1 UID: 0 PID: 5824 Comm: kworker/u9:2 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1282.672324][ T5824] Tainted: [L]=SOFTLOCKUP
[ 1282.672337][ T5824] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[ 1282.672362][ T5824] Workqueue: hci6 hci_rx_work
[ 1282.672399][ T5824] Call Trace:
[ 1282.672411][ T5824]  <TASK>
[ 1282.672423][ T5824]  dump_stack_lvl+0x100/0x190
[ 1282.672488][ T5824]  sysfs_warn_dup.cold+0x1c/0x28
[ 1282.672543][ T5824]  sysfs_create_dir_ns+0x24b/0x2b0
[ 1282.672591][ T5824]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 1282.672636][ T5824]  ? find_held_lock+0x2b/0x80
[ 1282.672681][ T5824]  ? kobject_add_internal+0x25f/0x930
[ 1282.672737][ T5824]  ? kobject_add_internal+0x25f/0x930
[ 1282.672798][ T5824]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1282.672845][ T5824]  ? do_raw_spin_unlock+0x145/0x1e0
[ 1282.672888][ T5824]  kobject_add_internal+0x2c8/0x930
[ 1282.672953][ T5824]  kobject_add+0x16a/0x1e0
[ 1282.673009][ T5824]  ? __pfx_kobject_add+0x10/0x10
[ 1282.673064][ T5824]  ? class_to_subsys+0x10f/0x150
[ 1282.673104][ T5824]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1282.673153][ T5824]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1282.673199][ T5824]  ? kobject_put+0xb9/0x640
[ 1282.673249][ T5824]  ? _raw_spin_unlock+0x28/0x50
[ 1282.673301][ T5824]  device_add+0x294/0x1950
[ 1282.673365][ T5824]  ? __pfx_dev_set_name+0x10/0x10
[ 1282.673408][ T5824]  ? __pfx_device_add+0x10/0x10
[ 1282.673473][ T5824]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1282.673512][ T5824]  ? mgmt_send_event_skb+0x2fb/0x460
[ 1282.673557][ T5824]  hci_conn_add_sysfs+0x1a3/0x260
[ 1282.673599][ T5824]  le_conn_complete_evt+0x11cb/0x1f40
[ 1282.673643][ T5824]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1282.673688][ T5824]  hci_le_conn_complete_evt+0x23c/0x3a0
[ 1282.673723][ T5824]  ? skb_pull_data+0x15f/0x1e0
[ 1282.673781][ T5824]  hci_le_meta_evt+0x34a/0x5f0
[ 1282.673818][ T5824]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[ 1282.673858][ T5824]  hci_event_packet+0x682/0x11c0
[ 1282.673891][ T5824]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1282.673931][ T5824]  ? __pfx_hci_event_packet+0x10/0x10
[ 1282.673966][ T5824]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1282.674008][ T5824]  ? kcov_remote_start+0x374/0x660
[ 1282.674050][ T5824]  ? lockdep_hardirqs_on+0x78/0x100
[ 1282.674090][ T5824]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1282.674139][ T5824]  hci_rx_work+0x451/0xfc0
[ 1282.674179][ T5824]  process_one_work+0x9d7/0x1920
[ 1282.674226][ T5824]  ? __pfx_process_one_work+0x10/0x10
[ 1282.674255][ T5824]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1282.674307][ T5824]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1282.674353][ T5824]  worker_thread+0x5da/0xe40
[ 1282.674398][ T5824]  ? kthread+0x13a/0x450
[ 1282.674451][ T5824]  ? __pfx_worker_thread+0x10/0x10
[ 1282.674479][ T5824]  kthread+0x370/0x450
[ 1282.674528][ T5824]  ? __pfx_kthread+0x10/0x10
[ 1282.674582][ T5824]  ret_from_fork+0x754/0xd80
[ 1282.674637][ T5824]  ? __pfx_ret_from_fork+0x10/0x10
[ 1282.674690][ T5824]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1282.674730][ T5824]  ? rcu_is_watching+0x12/0xc0
[ 1282.674764][ T5824]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1282.674804][ T5824]  ? __switch_to+0x7b4/0x1120
[ 1282.674841][ T5824]  ? __pfx_kthread+0x10/0x10
[ 1282.674895][ T5824]  ret_from_fork_asm+0x1a/0x30
[ 1282.674950][ T5824]  </TASK>
[ 1282.674977][ T5824] kobject: kobject_add_internal failed for hci6:201 with -EEXIST, don't try to register things with the same name in the same directory.
[ 1283.006391][ T5824] Bluetooth: hci6: failed to register connection device
[ 1285.901098][T15358] loop9: detected capacity change from 0 to 512
[ 1286.547009][T15364] xt_hashlimit: size too large, truncated to 1048576
[ 1288.939675][T15376] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2268'.
[ 1289.446026][T15379] batman_adv: batadv0: Adding interface: gretap1
[ 1289.452501][T15379] batman_adv: batadv0: The MTU of interface gretap1 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1289.478092][T15379] batman_adv: batadv0: Interface activated: gretap1
[ 1289.874925][ T5824] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci5/hci5:201'
[ 1289.884805][ T5824] CPU: 0 UID: 0 PID: 5824 Comm: kworker/u9:2 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1289.884850][ T5824] Tainted: [L]=SOFTLOCKUP
[ 1289.884861][ T5824] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[ 1289.884882][ T5824] Workqueue: hci5 hci_rx_work
[ 1289.884914][ T5824] Call Trace:
[ 1289.884924][ T5824]  <TASK>
[ 1289.884935][ T5824]  dump_stack_lvl+0x100/0x190
[ 1289.884994][ T5824]  sysfs_warn_dup.cold+0x1c/0x28
[ 1289.885040][ T5824]  sysfs_create_dir_ns+0x24b/0x2b0
[ 1289.885080][ T5824]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 1289.885118][ T5824]  ? find_held_lock+0x2b/0x80
[ 1289.885155][ T5824]  ? kobject_add_internal+0x25f/0x930
[ 1289.885203][ T5824]  ? kobject_add_internal+0x25f/0x930
[ 1289.885254][ T5824]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1289.885294][ T5824]  ? do_raw_spin_unlock+0x145/0x1e0
[ 1289.885329][ T5824]  kobject_add_internal+0x2c8/0x930
[ 1289.885384][ T5824]  kobject_add+0x16a/0x1e0
[ 1289.885432][ T5824]  ? __pfx_kobject_add+0x10/0x10
[ 1289.885480][ T5824]  ? class_to_subsys+0x10f/0x150
[ 1289.885514][ T5824]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1289.885553][ T5824]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1289.885588][ T5824]  ? kobject_put+0xb9/0x640
[ 1289.885625][ T5824]  ? _raw_spin_unlock+0x28/0x50
[ 1289.885665][ T5824]  device_add+0x294/0x1950
[ 1289.885713][ T5824]  ? __pfx_dev_set_name+0x10/0x10
[ 1289.885746][ T5824]  ? __pfx_device_add+0x10/0x10
[ 1289.885794][ T5824]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1289.885828][ T5824]  ? mgmt_send_event_skb+0x2fb/0x460
[ 1289.885873][ T5824]  hci_conn_add_sysfs+0x1a3/0x260
[ 1289.885911][ T5824]  le_conn_complete_evt+0x11cb/0x1f40
[ 1289.885951][ T5824]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1289.885997][ T5824]  hci_le_conn_complete_evt+0x23c/0x3a0
[ 1289.886029][ T5824]  ? skb_pull_data+0x15f/0x1e0
[ 1289.886080][ T5824]  hci_le_meta_evt+0x34a/0x5f0
[ 1289.886113][ T5824]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[ 1289.886150][ T5824]  hci_event_packet+0x682/0x11c0
[ 1289.886180][ T5824]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1289.886216][ T5824]  ? __pfx_hci_event_packet+0x10/0x10
[ 1289.886247][ T5824]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1289.886285][ T5824]  ? kcov_remote_start+0x374/0x660
[ 1289.886322][ T5824]  ? lockdep_hardirqs_on+0x78/0x100
[ 1289.886358][ T5824]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1289.886402][ T5824]  hci_rx_work+0x451/0xfc0
[ 1289.886438][ T5824]  process_one_work+0x9d7/0x1920
[ 1289.886482][ T5824]  ? __pfx_process_one_work+0x10/0x10
[ 1289.886508][ T5824]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1289.886555][ T5824]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1289.886596][ T5824]  worker_thread+0x5da/0xe40
[ 1289.886637][ T5824]  ? kthread+0x13a/0x450
[ 1289.886679][ T5824]  ? __pfx_worker_thread+0x10/0x10
[ 1289.886705][ T5824]  kthread+0x370/0x450
[ 1289.886749][ T5824]  ? __pfx_kthread+0x10/0x10
[ 1289.886796][ T5824]  ret_from_fork+0x754/0xd80
[ 1289.886844][ T5824]  ? __pfx_ret_from_fork+0x10/0x10
[ 1289.886890][ T5824]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1289.886926][ T5824]  ? rcu_is_watching+0x12/0xc0
[ 1289.886956][ T5824]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1289.886996][ T5824]  ? __switch_to+0x7b4/0x1120
[ 1289.887030][ T5824]  ? __pfx_kthread+0x10/0x10
[ 1289.887077][ T5824]  ret_from_fork_asm+0x1a/0x30
[ 1289.887127][ T5824]  </TASK>
[ 1289.887203][ T5824] kobject: kobject_add_internal failed for hci5:201 with -EEXIST, don't try to register things with the same name in the same directory.
[ 1290.221352][ T5824] Bluetooth: hci5: failed to register connection device
[ 1293.354920][T15433] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2298'.
[ 1294.162303][T14190] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[ 1294.631104][T15452] x_tables: ip6_tables: mh match: only valid for protocol 135
[ 1294.850436][T15454] overlayfs: failed to resolve './file0': -2
[ 1299.270009][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[ 1299.306912][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[ 1307.890329][T15587] loop6: detected capacity change from 0 to 512
[ 1308.033017][T15587] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1308.116409][T15587] EXT4-fs (loop6): warning: checktime reached, running e2fsck is recommended
[ 1308.156975][T15587] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c01c, mo2=0002]
[ 1308.256297][T15587] System zones: 0-2, 18-18, 34-34
[ 1308.305386][T15587] EXT4-fs error (device loop6): ext4_orphan_get:1417: comm syz.6.2339: bad orphan inode 15
[ 1308.393763][T15587] loop6: lost filesystem error report for type 5 error -117
[ 1308.395383][    C1] EXT4-fs (loop6): initial error at time 1773275513: ext4_orphan_get:1417
[ 1308.411533][    C1] EXT4-fs (loop6): last error at time 1773275513: ext4_orphan_get:1417
[ 1308.465595][T15587] ext4_test_bit(bit=14, block=18) = 1
[ 1308.544748][T15587] is_bad_inode(inode)=0
[ 1308.555138][T15587] NEXT_ORPHAN(inode)=2264924160
[ 1308.570301][T15587] max_ino=32
[ 1308.573550][T15587] i_nlink=0
[ 1308.807654][T15587] EXT4-fs error (device loop6): ext4_do_update_inode:5569: inode #15: comm syz.6.2339: corrupted inode contents
[ 1308.916718][T15587] loop6: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[ 1308.935284][T15587] EXT4-fs error (device loop6): ext4_dirty_inode:6450: inode #15: comm syz.6.2339: mark_inode_dirty error
[ 1309.426589][T15587] loop6: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[ 1309.431446][T15587] EXT4-fs error (device loop6): ext4_do_update_inode:5569: inode #15: comm syz.6.2339: corrupted inode contents
[ 1309.724267][T15587] loop6: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[ 1309.740962][T15587] EXT4-fs error (device loop6): ext4_xattr_delete_inode:2999: inode #15: comm syz.6.2339: mark_inode_dirty error
[ 1310.753610][T15587] loop6: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[ 1310.760505][T15587] EXT4-fs error (device loop6): ext4_xattr_delete_inode:3001: inode #15: comm syz.6.2339: mark inode dirty (error -117)
[ 1310.840379][T15587] loop6: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[ 1310.858169][T15587] EXT4-fs warning (device loop6): ext4_evict_inode:275: xattr delete (err -117)
[ 1310.975200][T15587] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1311.383493][T15633] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1311.391297][T15633] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1312.213659][T14185] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1317.262717][T15689] 9pnet_fd: Insufficient options for proto=fd
[ 1319.869438][T15722] tmpfs: Bad value for 'mpol'
[ 1322.818387][   T30] kauditd_printk_skb: 9 callbacks suppressed
[ 1322.818413][   T30] audit: type=1326 audit(1773275527.619:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15744 comm="syz.2.2381" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e89b9c799 code=0x7ffc0000
[ 1323.647270][   T30] audit: type=1326 audit(1773275527.619:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15744 comm="syz.2.2381" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e89b9c799 code=0x7ffc0000
[ 1323.767211][   T30] audit: type=1326 audit(1773275527.839:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15744 comm="syz.2.2381" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f2e89b9c799 code=0x7ffc0000
[ 1324.247192][   T30] audit: type=1326 audit(1773275527.839:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15744 comm="syz.2.2381" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e89b9c799 code=0x7ffc0000
[ 1324.270934][   T30] audit: type=1326 audit(1773275527.839:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15744 comm="syz.2.2381" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e89b9c799 code=0x7ffc0000
[ 1326.355382][T15793] tmpfs: Bad value for 'mpol'
[ 1328.943345][T15812] batman_adv: batadv0: Adding interface: gretap1
[ 1328.949749][T15812] batman_adv: batadv0: The MTU of interface gretap1 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1328.975356][T15812] batman_adv: batadv0: Interface activated: gretap1
[ 1329.244690][T14543] usb 8-1: new low-speed USB device number 16 using dummy_hcd
[ 1329.665933][T14543] usb 8-1: config 0 has an invalid interface number: 55 but max is 0
[ 1330.907420][T14543] usb 8-1: config 0 has no interface number 0
[ 1330.954645][T14543] usb 8-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1331.027398][T14543] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[ 1331.064083][T14543] usb 8-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1331.136802][T14543] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[ 1331.220839][T14543] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[ 1331.282345][T14543] usb 8-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1331.349232][T14543] usb 8-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1331.503212][T14543] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1331.534281][T14543] usb 8-1: config 0 descriptor??
[ 1331.794797][T15815] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[ 1331.802202][T15815] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[ 1332.175698][T14543] usb 8-1: can't set config #0, error -71
[ 1332.214991][T14543] usb 8-1: USB disconnect, device number 16
[ 1332.266037][T15849] tmpfs: Bad value for 'mpol'
[ 1333.908421][   T30] audit: type=1326 audit(1773275538.675:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15856 comm="syz.5.2410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb6c19c799 code=0x7ffc0000
[ 1334.034798][   T30] audit: type=1326 audit(1773275538.675:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15856 comm="syz.5.2410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7fdb6c19c799 code=0x7ffc0000
[ 1334.159937][   T30] audit: type=1326 audit(1773275538.675:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15856 comm="syz.5.2410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb6c19c799 code=0x7ffc0000
[ 1334.477736][   T30] audit: type=1326 audit(1773275538.685:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15856 comm="syz.5.2410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb6c19c799 code=0x7ffc0000
[ 1334.919778][   T30] audit: type=1326 audit(1773275538.685:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15856 comm="syz.5.2410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=248 compat=0 ip=0x7fdb6c19c799 code=0x7ffc0000
[ 1335.059933][   T30] audit: type=1326 audit(1773275538.685:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15856 comm="syz.5.2410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb6c19c799 code=0x7ffc0000
[ 1335.210605][   T30] audit: type=1326 audit(1773275538.685:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15856 comm="syz.5.2410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7fdb6c19c799 code=0x7ffc0000
[ 1335.380138][   T30] audit: type=1326 audit(1773275538.685:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15856 comm="syz.5.2410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb6c19c799 code=0x7ffc0000
[ 1335.522786][   T30] audit: type=1326 audit(1773275538.685:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15856 comm="syz.5.2410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fdb6c19c799 code=0x7ffc0000
[ 1335.771836][   T30] audit: type=1326 audit(1773275538.685:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15856 comm="syz.5.2410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb6c19c799 code=0x7ffc0000
[ 1336.461020][T14190] Bluetooth: hci2: command 0x1003 tx timeout
[ 1336.476656][ T5824] Bluetooth: hci2: Opcode 0x1003 failed: -110
[ 1338.411828][T15902] netlink: 182 bytes leftover after parsing attributes in process `syz.7.2419'.
[ 1338.640219][  T848] usb 4-1: new low-speed USB device number 8 using dummy_hcd
[ 1338.801817][  T848] usb 4-1: config 0 has an invalid interface number: 55 but max is 0
[ 1338.857889][  T848] usb 4-1: config 0 has no interface number 0
[ 1338.991715][  T848] usb 4-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1339.069903][  T848] usb 4-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[ 1339.138640][  T848] usb 4-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1339.184641][  T848] usb 4-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[ 1339.379044][  T848] usb 4-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[ 1339.394437][  T848] usb 4-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1339.471527][  T848] usb 4-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1339.511409][  T848] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1339.763795][  T848] usb 4-1: config 0 descriptor??
[ 1339.805521][T15901] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1339.851023][T15901] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1339.898570][  T848] ldusb 4-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[ 1340.241858][ T9927] usb 4-1: USB disconnect, device number 8
[ 1340.247744][    C0] ldusb 4-1:0.55: usb_submit_urb failed (-19)
[ 1340.367133][ T9927] ldusb 4-1:0.55: LD USB Device #0 now disconnected
[ 1344.567482][ T5959] IPVS: starting estimator thread 0...
[ 1345.069788][T15960] IPVS: using max 23 ests per chain, 55200 per kthread
[ 1345.878816][T14543] IPVS: starting estimator thread 0...
[ 1345.986086][T15976] IPVS: using max 22 ests per chain, 52800 per kthread
[ 1347.491970][ T5824] Bluetooth: hci1: command 0x0406 tx timeout
[ 1349.127706][   T30] kauditd_printk_skb: 25 callbacks suppressed
[ 1349.127733][   T30] audit: type=1326 audit(1773275553.932:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15991 comm="syz.7.2443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f162b59c799 code=0x7ffc0000
[ 1349.444246][   T30] audit: type=1326 audit(1773275553.942:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15991 comm="syz.7.2443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7f162b59c799 code=0x7ffc0000
[ 1349.701237][   T30] audit: type=1326 audit(1773275553.942:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15991 comm="syz.7.2443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f162b59c799 code=0x7ffc0000
[ 1350.453790][   T30] audit: type=1326 audit(1773275554.032:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15991 comm="syz.7.2443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=248 compat=0 ip=0x7f162b59c799 code=0x7ffc0000
[ 1350.584235][   T30] audit: type=1326 audit(1773275554.032:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15991 comm="syz.7.2443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f162b59c799 code=0x7ffc0000
[ 1350.692497][   T30] audit: type=1326 audit(1773275554.032:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15991 comm="syz.7.2443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f162b59c799 code=0x7ffc0000
[ 1351.207364][   T30] audit: type=1326 audit(1773275554.092:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15991 comm="syz.7.2443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f162b59c799 code=0x7ffc0000
[ 1351.375127][T14190] Bluetooth: hci2: Opcode 0x1003 failed: -110
[ 1352.361707][   T30] audit: type=1326 audit(1773275554.092:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15991 comm="syz.7.2443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f162b59c799 code=0x7ffc0000
[ 1352.393833][   T30] audit: type=1326 audit(1773275554.092:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15991 comm="syz.7.2443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=250 compat=0 ip=0x7f162b59c799 code=0x7ffc0000
[ 1352.416708][   T30] audit: type=1326 audit(1773275554.092:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15991 comm="syz.7.2443" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f162b59c799 code=0x7ffc0000
[ 1356.738888][T16063] loop9: detected capacity change from 0 to 512
[ 1356.740924][T16066] tmpfs: Bad value for 'mpol'
[ 1356.933061][T16063] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1356.945840][T16063] ext4 filesystem being mounted at /255/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1358.522066][ T9977] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1360.237739][T16105] netlink: 182 bytes leftover after parsing attributes in process `syz.2.2469'.
[ 1360.655010][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[ 1360.661857][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[ 1361.734380][T16117] tmpfs: Bad value for 'mpol'
[ 1364.377154][T16149] loop5: detected capacity change from 0 to 512
[ 1365.022127][T16159] netlink: 182 bytes leftover after parsing attributes in process `syz.2.2485'.
[ 1366.393426][T16176] tmpfs: Bad value for 'mpol'
[ 1371.550637][T16209] loop3: detected capacity change from 0 to 512
[ 1372.390233][T16218] netlink: 182 bytes leftover after parsing attributes in process `syz.3.2501'.
[ 1373.941231][T16246] loop7: detected capacity change from 0 to 512
[ 1374.042082][T16246] EXT4-fs error (device loop7): ext4_orphan_get:1391: inode #15: comm syz.7.2509: inode has both inline data and extents flags
[ 1374.244649][T16246] loop7: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[ 1374.251814][    C1] EXT4-fs (loop7): error count since last fsck: 1
[ 1374.267509][    C1] EXT4-fs (loop7): initial error at time 1773275579: ext4_orphan_get:1391: inode 15
[ 1374.276950][    C1] EXT4-fs (loop7): last error at time 1773275579: ext4_orphan_get:1391: inode 15
[ 1374.289913][T16246] EXT4-fs error (device loop7): ext4_orphan_get:1394: comm syz.7.2509: couldn't read orphan inode 15 (err -117)
[ 1374.309584][T16246] loop7: lost filesystem error report for type 5 error -117
[ 1374.314727][T16246] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1375.032582][ T7004] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1375.258396][T16272] loop2: detected capacity change from 0 to 128
[ 1375.833067][T16272] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1375.873108][T16272] ext4 filesystem being mounted at /160/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1376.849262][T12112] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1377.235126][T16284] netlink: 182 bytes leftover after parsing attributes in process `syz.7.2517'.
[ 1379.939578][T13882] usb 6-1: new low-speed USB device number 15 using dummy_hcd
[ 1380.860434][T13882] usb 6-1: config 0 has an invalid interface number: 55 but max is 0
[ 1380.868922][T13882] usb 6-1: config 0 has no interface number 0
[ 1380.875255][T13882] usb 6-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1380.908662][T13882] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[ 1380.919876][T13882] usb 6-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1382.028149][T13882] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[ 1382.041097][T13882] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[ 1382.052272][T13882] usb 6-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1382.065753][T13882] usb 6-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1382.075126][T13882] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1382.666865][T13882] usb 6-1: config 0 descriptor??
[ 1382.708343][T16313] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 1384.187094][T13882] usb 6-1: can't set config #0, error -71
[ 1384.195266][T13882] usb 6-1: USB disconnect, device number 15
[ 1384.347124][T16344] tmpfs: Bad value for 'mpol'
[ 1385.063190][T16365] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2542'.
[ 1389.744708][ T5981] usb 8-1: new low-speed USB device number 17 using dummy_hcd
[ 1390.030880][ T5981] usb 8-1: config 0 has an invalid interface number: 55 but max is 0
[ 1390.377291][ T5981] usb 8-1: config 0 has no interface number 0
[ 1390.383469][ T5981] usb 8-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1390.443890][ T5981] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[ 1390.534159][ T5981] usb 8-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1390.590769][ T5981] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[ 1390.630059][ T5981] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[ 1390.727607][ T5981] usb 8-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1390.789861][ T5981] usb 8-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1390.840152][ T5981] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1390.913934][T16403] tmpfs: Bad value for 'mpol'
[ 1390.934756][ T5981] usb 8-1: config 0 descriptor??
[ 1390.995279][T16391] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[ 1391.002528][T16391] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[ 1391.075737][ T5981] ldusb 8-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[ 1391.297529][ T5959] usb 8-1: USB disconnect, device number 17
[ 1391.297638][    C1] ldusb 8-1:0.55: usb_submit_urb failed (-19)
[ 1391.314601][T16391] ldusb 8-1:0.55: Couldn't submit interrupt_out_urb -19
[ 1391.365132][ T5959] ldusb 8-1:0.55: LD USB Device #0 now disconnected
[ 1391.740278][T16426] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2557'.
[ 1392.197137][T16435] fuse: Unknown parameter 'grou00000000000000000000'
[ 1394.194194][T16450] loop7: detected capacity change from 0 to 2048
[ 1394.354510][T16450] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1394.441934][T16450] ext4 filesystem being mounted at /391/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1394.751896][T16463] EXT4-fs error (device loop7): ext4_validate_block_bitmap:440: comm syz.7.2563: bg 0: block 345: padding at end of block bitmap is not set
[ 1394.784202][T16463] EXT4-fs (loop7): Remounting filesystem read-only
[ 1394.926900][ T6226] EXT4-fs warning (device loop7): ext4_convert_unwritten_extents:5033: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[ 1396.136447][T16450] syz.7.2563 (16450) used greatest stack depth: 20168 bytes left
[ 1396.406776][ T7004] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1396.740767][T14190] Bluetooth: hci1: command 0x0406 tx timeout
[ 1398.565622][T16503] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2573'.
[ 1398.790708][ T5824] Bluetooth: hci1: command 0x0406 tx timeout
[ 1399.815255][T16518] loop7: detected capacity change from 0 to 1024
[ 1399.876051][T16518] EXT4-fs: Ignoring removed bh option
[ 1400.400946][T16518] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a055c01c, mo2=0002]
[ 1400.442746][T16518] System zones: 0-1, 3-36
[ 1400.551496][T16518] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1400.912528][ T7004] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1401.366455][T16554] loop6: detected capacity change from 0 to 512
[ 1401.814918][T16554] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1401.938274][T16554] ext4 filesystem being mounted at /88/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1402.478656][T16566] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2590'.
[ 1404.798535][T14185] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1405.335374][T16581] input: syz1 as /devices/virtual/input/input53
[ 1406.715679][T13882] usb 7-1: new low-speed USB device number 9 using dummy_hcd
[ 1406.891866][T13882] usb 7-1: config 0 has an invalid interface number: 55 but max is 0
[ 1406.935534][T13882] usb 7-1: config 0 has no interface number 0
[ 1406.987480][T13882] usb 7-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1407.173802][T13882] usb 7-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[ 1407.461351][T13882] usb 7-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1407.507142][T13882] usb 7-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[ 1407.546290][T13882] usb 7-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[ 1407.592138][T13882] usb 7-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1407.648512][T13882] usb 7-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1407.679802][T13882] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1408.680202][T13882] usb 7-1: config 0 descriptor??
[ 1408.686023][T16594] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1408.693307][T16594] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1408.705626][ T5824] Bluetooth: hci1: command 0x0406 tx timeout
[ 1409.402889][T13882] ldusb 7-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[ 1409.685992][T13882] usb 7-1: USB disconnect, device number 9
[ 1409.713963][T13882] ldusb 7-1:0.55: LD USB Device #0 now disconnected
[ 1410.181801][T16629] input: syz1 as /devices/virtual/input/input54
[ 1410.785741][T14190] Bluetooth: hci1: command 0x0406 tx timeout
[ 1411.614322][T16648] tmpfs: Bad value for 'mpol'
[ 1411.997692][T14190] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201'
[ 1412.007283][T14190] CPU: 1 UID: 0 PID: 14190 Comm: kworker/u9:1 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1412.007325][T14190] Tainted: [L]=SOFTLOCKUP
[ 1412.007335][T14190] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[ 1412.007355][T14190] Workqueue: hci0 hci_rx_work
[ 1412.007386][T14190] Call Trace:
[ 1412.007395][T14190]  <TASK>
[ 1412.007406][T14190]  dump_stack_lvl+0x100/0x190
[ 1412.007453][T14190]  sysfs_warn_dup.cold+0x1c/0x28
[ 1412.007496][T14190]  sysfs_create_dir_ns+0x24b/0x2b0
[ 1412.007533][T14190]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 1412.007573][T14190]  ? find_held_lock+0x2b/0x80
[ 1412.007607][T14190]  ? kobject_add_internal+0x25f/0x930
[ 1412.007651][T14190]  ? kobject_add_internal+0x25f/0x930
[ 1412.007696][T14190]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1412.007732][T14190]  ? do_raw_spin_unlock+0x145/0x1e0
[ 1412.007765][T14190]  kobject_add_internal+0x2c8/0x930
[ 1412.007814][T14190]  kobject_add+0x16a/0x1e0
[ 1412.007856][T14190]  ? __pfx_kobject_add+0x10/0x10
[ 1412.007897][T14190]  ? class_to_subsys+0x10f/0x150
[ 1412.007929][T14190]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1412.007965][T14190]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1412.008000][T14190]  ? kobject_put+0xb9/0x640
[ 1412.008037][T14190]  ? _raw_spin_unlock+0x28/0x50
[ 1412.008078][T14190]  device_add+0x294/0x1950
[ 1412.008126][T14190]  ? __pfx_dev_set_name+0x10/0x10
[ 1412.008159][T14190]  ? __pfx_device_add+0x10/0x10
[ 1412.008206][T14190]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1412.008241][T14190]  ? mgmt_send_event_skb+0x2fb/0x460
[ 1412.008282][T14190]  hci_conn_add_sysfs+0x1a3/0x260
[ 1412.008320][T14190]  le_conn_complete_evt+0x11cb/0x1f40
[ 1412.008359][T14190]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1412.008400][T14190]  hci_le_conn_complete_evt+0x23c/0x3a0
[ 1412.008432][T14190]  ? skb_pull_data+0x15f/0x1e0
[ 1412.008482][T14190]  hci_le_meta_evt+0x34a/0x5f0
[ 1412.008516][T14190]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[ 1412.008557][T14190]  hci_event_packet+0x682/0x11c0
[ 1412.008587][T14190]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1412.008622][T14190]  ? __pfx_hci_event_packet+0x10/0x10
[ 1412.008653][T14190]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1412.008690][T14190]  ? kcov_remote_start+0x374/0x660
[ 1412.008727][T14190]  ? lockdep_hardirqs_on+0x78/0x100
[ 1412.008762][T14190]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1412.008806][T14190]  hci_rx_work+0x451/0xfc0
[ 1412.008842][T14190]  process_one_work+0x9d7/0x1920
[ 1412.008885][T14190]  ? __pfx_process_one_work+0x10/0x10
[ 1412.008911][T14190]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1412.008958][T14190]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1412.008999][T14190]  worker_thread+0x5da/0xe40
[ 1412.009036][T14190]  ? __pfx_worker_thread+0x10/0x10
[ 1412.009065][T14190]  ? kthread+0x13a/0x450
[ 1412.009108][T14190]  ? __pfx_worker_thread+0x10/0x10
[ 1412.009133][T14190]  kthread+0x370/0x450
[ 1412.009176][T14190]  ? __pfx_kthread+0x10/0x10
[ 1412.009223][T14190]  ret_from_fork+0x754/0xd80
[ 1412.009271][T14190]  ? __pfx_ret_from_fork+0x10/0x10
[ 1412.009324][T14190]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1412.009358][T14190]  ? __switch_to+0x7b4/0x1120
[ 1412.009391][T14190]  ? __pfx_kthread+0x10/0x10
[ 1412.009438][T14190]  ret_from_fork_asm+0x1a/0x30
[ 1412.009488][T14190]  </TASK>
[ 1412.009512][T14190] kobject: kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory.
[ 1412.406437][T14190] Bluetooth: hci0: failed to register connection device
[ 1415.031604][T14190] Bluetooth: hci0: command 0x0406 tx timeout
[ 1415.467049][T16673] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2617'.
[ 1417.241205][ T5824] Bluetooth: hci0: command 0x0406 tx timeout
[ 1418.203086][   T30] kauditd_printk_skb: 23 callbacks suppressed
[ 1418.203112][   T30] audit: type=1804 audit(1773275623.047:156): pid=16682 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.2621" name="bus" dev="ramfs" ino=45664 res=1 errno=0
[ 1418.224407][T13882] IPVS: starting estimator thread 0...
[ 1418.333339][   T30] audit: type=1804 audit(1773275623.107:157): pid=16682 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.2621" name="bus" dev="ramfs" ino=45664 res=1 errno=0
[ 1418.419840][T16690] IPVS: using max 24 ests per chain, 57600 per kthread
[ 1418.453903][T13882] usb 8-1: new low-speed USB device number 18 using dummy_hcd
[ 1418.673105][T13882] usb 8-1: config 0 has an invalid interface number: 55 but max is 0
[ 1418.697595][T13882] usb 8-1: config 0 has no interface number 0
[ 1418.702368][T16698] input: syz1 as /devices/virtual/input/input55
[ 1418.735720][T13882] usb 8-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1418.798435][T13882] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[ 1418.853490][T13882] usb 8-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1418.911719][T13882] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[ 1418.950941][T13882] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[ 1419.001031][T13882] usb 8-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1419.056625][T13882] usb 8-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1419.099532][T13882] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1419.156849][T13882] usb 8-1: config 0 descriptor??
[ 1419.190537][T16688] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[ 1419.216687][T16688] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[ 1419.276575][T13882] ldusb 8-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[ 1419.497631][  T848] usb 8-1: USB disconnect, device number 18
[ 1419.504019][    C0] ldusb 8-1:0.55: usb_submit_urb failed (-19)
[ 1419.677613][  T848] ldusb 8-1:0.55: LD USB Device #0 now disconnected
[ 1419.940543][T16710] tmpfs: Bad value for 'mpol'
[ 1422.065344][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[ 1422.071874][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[ 1422.977575][   T30] audit: type=1326 audit(1773275627.599:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16742 comm="syz.5.2634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb6c19c799 code=0x7ffc0000
[ 1423.078964][ T6226] Bluetooth: hci2: Frame reassembly failed (-84)
[ 1423.159606][   T30] audit: type=1326 audit(1773275627.739:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16742 comm="syz.5.2634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7fdb6c19c799 code=0x7ffc0000
[ 1423.298547][   T30] audit: type=1326 audit(1773275627.739:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16742 comm="syz.5.2634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb6c19c799 code=0x7ffc0000
[ 1423.457611][   T30] audit: type=1326 audit(1773275627.739:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16742 comm="syz.5.2634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb6c19c799 code=0x7ffc0000
[ 1423.506135][T16753] loop3: detected capacity change from 0 to 1024
[ 1423.556923][T16753] EXT4-fs: Ignoring removed orlov option
[ 1423.567347][   T30] audit: type=1326 audit(1773275627.739:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16742 comm="syz.5.2634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=248 compat=0 ip=0x7fdb6c19c799 code=0x7ffc0000
[ 1423.655323][   T30] audit: type=1326 audit(1773275627.739:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16742 comm="syz.5.2634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb6c19c799 code=0x7ffc0000
[ 1423.655476][T16753] EXT4-fs: Ignoring removed bh option
[ 1423.832046][   T30] audit: type=1326 audit(1773275627.739:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16742 comm="syz.5.2634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7fdb6c19c799 code=0x7ffc0000
[ 1423.919821][   T30] audit: type=1326 audit(1773275627.739:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16742 comm="syz.5.2634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb6c19c799 code=0x7ffc0000
[ 1424.023541][   T30] audit: type=1326 audit(1773275627.739:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16742 comm="syz.5.2634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fdb6c19c799 code=0x7ffc0000
[ 1424.078606][T16753] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1424.126935][   T30] audit: type=1326 audit(1773275627.739:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16742 comm="syz.5.2634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb6c19c799 code=0x7ffc0000
[ 1424.157235][   T30] audit: type=1326 audit(1773275627.739:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16742 comm="syz.5.2634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=250 compat=0 ip=0x7fdb6c19c799 code=0x7ffc0000
[ 1424.180890][   T30] audit: type=1326 audit(1773275627.739:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16742 comm="syz.5.2634" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb6c19c799 code=0x7ffc0000
[ 1425.016476][ T9556] Bluetooth: hci2: Opcode 0x1003 failed: -110
[ 1425.587586][T16760] workqueue: Failed to create a rescuer kthread for wq "dio/loop3": -EINTR
[ 1426.122174][T14769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1427.536839][T16789] capability: warning: `syz.7.2643' uses 32-bit capabilities (legacy support in use)
[ 1427.985110][T14543] usb 10-1: new low-speed USB device number 7 using dummy_hcd
[ 1428.218321][T14543] usb 10-1: config 0 has an invalid interface number: 55 but max is 0
[ 1428.749521][T14543] usb 10-1: config 0 has no interface number 0
[ 1429.213363][T14543] usb 10-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1429.404360][T14543] usb 10-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[ 1429.544193][T14543] usb 10-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1429.584166][T14543] usb 10-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[ 1429.654213][T14543] usb 10-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[ 1429.709944][T14543] usb 10-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1429.780931][T14543] usb 10-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1429.829971][T14543] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1429.842753][T16810] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2647'.
[ 1429.883390][T14543] usb 10-1: config 0 descriptor??
[ 1429.920681][T16793] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22
[ 1429.942292][T16793] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22
[ 1430.031456][T14543] ldusb 10-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[ 1431.767217][T14543] usb 10-1: USB disconnect, device number 7
[ 1431.828436][T14543] ldusb 10-1:0.55: LD USB Device #0 now disconnected
[ 1435.134485][ T5931] usb 10-1: new low-speed USB device number 8 using dummy_hcd
[ 1435.329891][ T5931] usb 10-1: config 0 has an invalid interface number: 55 but max is 0
[ 1435.350973][ T5931] usb 10-1: config 0 has no interface number 0
[ 1435.395498][ T5931] usb 10-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1435.444270][ T5931] usb 10-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[ 1435.476303][ T5931] usb 10-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1435.551185][ T5931] usb 10-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[ 1435.701081][ T5931] usb 10-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[ 1435.965033][ T5931] usb 10-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1436.641326][ T5931] usb 10-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1436.650518][ T5931] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1436.720221][ T5931] usb 10-1: config 0 descriptor??
[ 1436.727044][T16879] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22
[ 1436.743580][T16879] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22
[ 1436.842063][ T5931] ldusb 10-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[ 1438.809638][T14543] usb 10-1: USB disconnect, device number 8
[ 1438.856106][T14543] ldusb 10-1:0.55: LD USB Device #0 now disconnected
[ 1439.625664][ T9556] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1439.639505][ T9556] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1439.650151][ T9556] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1439.658870][ T9556] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1439.689233][ T9556] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1439.763898][T16919] loop7: detected capacity change from 0 to 1024
[ 1439.860094][T16919] EXT4-fs: Ignoring removed orlov option
[ 1439.954021][T16919] EXT4-fs (loop7): stripe (8) is not aligned with cluster size (16), stripe is disabled
[ 1440.061166][T16919] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1441.542578][T16919] EXT4-fs error (device loop7): ext4_mb_mark_diskspace_used:4221: comm syz.7.2677: Allocating blocks 497-513 which overlap fs metadata
[ 1441.776322][T16919] EXT4-fs (loop7): pa ffff88804967b488: logic 131328, phys. 401, len 7
[ 1441.785188][T16919] EXT4-fs error (device loop7): ext4_mb_release_inode_pa:5464: group 0, free 0, pa_free 1
[ 1441.808673][ T5824] Bluetooth: hci2: command tx timeout
[ 1442.939631][ T7004] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1443.888497][ T5824] Bluetooth: hci2: command tx timeout
[ 1443.890995][ T6161] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1445.211664][ T6161] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1445.584559][T16918] chnl_net:caif_netlink_parms(): no params data found
[ 1445.966627][ T5824] Bluetooth: hci2: command tx timeout
[ 1446.561832][ T6161] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1447.084446][T17002] overlayfs: failed to resolve './file0': -2
[ 1447.173624][ T6161] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1448.305526][ T5824] Bluetooth: hci2: command tx timeout
[ 1448.834997][T16918] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1448.842165][T16918] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1448.879774][T16918] bridge_slave_0: entered allmulticast mode
[ 1448.923356][T16918] bridge_slave_0: entered promiscuous mode
[ 1449.474425][T16918] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1449.482510][T16918] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1449.565633][T16918] bridge_slave_1: entered allmulticast mode
[ 1449.573669][T16918] bridge_slave_1: entered promiscuous mode
[ 1451.016876][ T6161] bridge_slave_1: left allmulticast mode
[ 1451.019649][T17048] xt_hashlimit: size too large, truncated to 1048576
[ 1451.022558][ T6161] bridge_slave_1: left promiscuous mode
[ 1451.127056][ T6161] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1451.215333][ T6161] bridge_slave_0: left allmulticast mode
[ 1451.238329][ T6161] bridge_slave_0: left promiscuous mode
[ 1451.513418][ T6161] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1452.411289][ T6161] batman_adv: batadv0: Interface deactivated: gretap1
[ 1452.524850][ T9927] usb 8-1: new low-speed USB device number 19 using dummy_hcd
[ 1452.757790][ T9927] usb 8-1: config 0 has an invalid interface number: 55 but max is 0
[ 1452.777762][ T9927] usb 8-1: config 0 has no interface number 0
[ 1452.828400][ T9927] usb 8-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1452.893817][ T9927] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[ 1452.950623][ T9927] usb 8-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1452.975967][ T9927] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[ 1452.987430][ T9927] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[ 1453.041599][ T9927] usb 8-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1453.072269][ T9927] usb 8-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1453.101379][ T9927] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1453.136816][ T6161] batman_adv: batadv0: Removing interface: gretap1
[ 1453.613520][ T9927] usb 8-1: config 0 descriptor??
[ 1453.625402][T17059] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[ 1453.638179][T17059] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[ 1453.656442][ T9927] ldusb 8-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[ 1453.748040][ T6161] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1453.780092][ T6161] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1453.801636][ T6161] bond0 (unregistering): Released all slaves
[ 1453.844119][T16918] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1453.973414][ T9927] usb 8-1: USB disconnect, device number 19
[ 1453.993522][ T9927] ldusb 8-1:0.55: LD USB Device #0 now disconnected
[ 1454.027667][T16918] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1454.448706][T16918] team0: Port device team_slave_0 added
[ 1454.504258][T16918] team0: Port device team_slave_1 added
[ 1456.896978][T17094] loop5: detected capacity change from 0 to 512
[ 1456.998502][T16918] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1457.039008][T17094] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1457.050463][T16918] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1457.109256][T16918] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1457.127318][T16918] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1457.130712][T17094] ext4 filesystem being mounted at /493/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1457.135976][T16918] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1457.192218][T16918] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1457.821424][ T6161] hsr_slave_0: left promiscuous mode
[ 1457.863270][ T6161] hsr_slave_1: left promiscuous mode
[ 1457.891264][ T6161] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1457.898659][ T6161] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1458.010937][ T6161] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1458.018369][ T6161] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1458.105762][ T6161] veth1_macvtap: left promiscuous mode
[ 1458.122757][T17117] loop3: detected capacity change from 0 to 512
[ 1458.129459][ T6161] veth0_macvtap: left promiscuous mode
[ 1458.139354][ T6161] veth1_vlan: left promiscuous mode
[ 1458.155353][ T6161] veth0_vlan: left promiscuous mode
[ 1458.165419][T17117] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1458.243771][T17117] __quota_error: 30 callbacks suppressed
[ 1458.243796][T17117] Quota error (device loop3): v2_read_file_info: Block with free entry 5 out of range (1, 5).
[ 1458.391815][T17117] EXT4-fs warning (device loop3): ext4_enable_quotas:7232: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[ 1458.512548][T17117] EXT4-fs (loop3): mount failed
[ 1460.537344][ T6161] team0 (unregistering): Port device team_slave_1 removed
[ 1460.582468][ T6161] team0 (unregistering): Port device team_slave_0 removed
[ 1460.623237][T17118] overlayfs: failed to resolve './file0': -2
[ 1460.738367][ T5819] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1461.791841][T17133] batman_adv: batadv0: Adding interface: gretap1
[ 1461.830754][T17133] batman_adv: batadv0: The MTU of interface gretap1 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1461.858057][T17133] batman_adv: batadv0: Interface activated: gretap1
[ 1462.194458][T16918] hsr_slave_0: entered promiscuous mode
[ 1462.210391][T16918] hsr_slave_1: entered promiscuous mode
[ 1462.286853][T16918] debugfs: 'hsr0' already exists in 'hsr'
[ 1462.581457][T17157] nvme_fabrics: unknown parameter or missing value 'syz0' in ctrl creation request
[ 1462.948816][T16918] Cannot create hsr debugfs directory
[ 1463.423233][T17167] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[ 1464.594026][T17184] loop9: detected capacity change from 0 to 512
[ 1464.625223][ T6161] IPVS: stop unused estimator thread 0...
[ 1466.602011][T17198] loop6: detected capacity change from 0 to 1024
[ 1466.648534][T17198] EXT4-fs: Ignoring removed oldalloc option
[ 1466.654506][T17198] ext2: Unknown parameter 'smackfsdef'
[ 1467.499410][T17210] nvme_fabrics: unknown parameter or missing value 'syz0' in ctrl creation request
[ 1468.479154][T17192] overlayfs: failed to resolve './file0': -2
[ 1469.867944][T17146] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[ 1470.266800][T17146] usb 7-1: Using ep0 maxpacket: 16
[ 1470.395330][T17146] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1470.420465][T17146] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1470.454448][T17146] usb 7-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[ 1470.480590][T17146] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1470.514760][T17146] usb 7-1: Product: syz
[ 1470.518944][T17146] usb 7-1: Manufacturer: syz
[ 1470.523547][T17146] usb 7-1: SerialNumber: syz
[ 1470.582181][T16918] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1470.607127][T17146] r8152-cfgselector 7-1: Unknown version 0x0000
[ 1470.613407][T17146] r8152-cfgselector 7-1: config 0 descriptor??
[ 1470.666776][T16918] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1470.732501][T16918] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1470.780730][T17241] loop9: detected capacity change from 0 to 1024
[ 1470.798872][T16918] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1470.848565][T17241] EXT4-fs (loop9): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[ 1470.913345][T17241] JBD2: no valid journal superblock found
[ 1470.942534][T17241] EXT4-fs (loop9): Could not load journal inode
[ 1471.252910][T16918] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1472.323971][T16918] 8021q: adding VLAN 0 to HW filter on device team0
[ 1472.396517][ T1139] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1472.403700][ T1139] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1472.950653][ T6161] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1472.957903][ T6161] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1473.278900][ T9927] r8152-cfgselector 7-1: USB disconnect, device number 10
[ 1474.049477][T17284] nvme_fabrics: unknown parameter or missing value 'syz0' in ctrl creation request
[ 1476.097716][T16918] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1476.287796][T17316] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2764'.
[ 1476.524214][T17325] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1476.531561][T17325] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1477.170447][   T30] audit: type=1326 audit(1773275681.336:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17313 comm="syz.6.2767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f494b39c799 code=0x7ffc0000
[ 1477.200749][   T30] audit: type=1326 audit(1773275681.336:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17313 comm="syz.6.2767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f494b39c799 code=0x7ffc0000
[ 1477.497212][   T30] audit: type=1326 audit(1773275682.346:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17313 comm="syz.6.2767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f494b39c799 code=0x7ffc0000
[ 1477.740942][   T30] audit: type=1326 audit(1773275682.356:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17313 comm="syz.6.2767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f494b39c799 code=0x7ffc0000
[ 1477.751295][T17331] loop5: detected capacity change from 0 to 1024
[ 1477.777447][   T30] audit: type=1326 audit(1773275682.396:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17313 comm="syz.6.2767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f494b39c799 code=0x7ffc0000
[ 1477.898093][   T30] audit: type=1326 audit(1773275682.396:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17313 comm="syz.6.2767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f494b39c799 code=0x7ffc0000
[ 1477.911053][T17331] EXT4-fs: inline encryption not supported
[ 1478.000119][T17331] EXT4-fs: Ignoring removed bh option
[ 1478.055825][T17339] loop9: detected capacity change from 0 to 256
[ 1478.064548][   T30] audit: type=1326 audit(1773275682.396:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17313 comm="syz.6.2767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f494b39c799 code=0x7ffc0000
[ 1478.112389][T17339] vfat: Bad value for 'shortname'
[ 1478.171925][T17331] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1478.175066][   T30] audit: type=1326 audit(1773275682.396:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17313 comm="syz.6.2767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f494b39c799 code=0x7ffc0000
[ 1478.218515][   T30] audit: type=1326 audit(1773275682.396:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17313 comm="syz.6.2767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f494b39c799 code=0x7ffc0000
[ 1479.517543][ T9556] Bluetooth: hci3: Opcode 0x1003 failed: -110
[ 1479.521571][ T5824] Bluetooth: hci3: command 0x1003 tx timeout
[ 1479.791566][ T5819] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1479.815034][T16918] veth0_vlan: entered promiscuous mode
[ 1479.878747][T17360] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2774'.
[ 1479.887071][T16918] veth1_vlan: entered promiscuous mode
[ 1479.939059][T17360] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2774'.
[ 1480.047968][T17360] bridge0: entered promiscuous mode
[ 1480.230813][T17360] ip6gretap0: entered promiscuous mode
[ 1482.070044][T17360] hsr1: Slave A (bridge0) is not up; please bring it up to get a fully working HSR network
[ 1482.292435][T16918] veth0_macvtap: entered promiscuous mode
[ 1482.352803][T16918] veth1_macvtap: entered promiscuous mode
[ 1482.459378][T16918] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1482.513256][T16918] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1483.072865][ T9903] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1483.149389][ T9903] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1483.200438][ T9839] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1483.332469][ T9839] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1483.474306][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[ 1483.480973][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[ 1483.820883][T13567] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1483.872660][T13567] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1484.163701][ T1106] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1484.208654][ T1106] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1485.758199][T17412] bridge0: port 3(syz_tun) entered blocking state
[ 1485.776288][T17412] bridge0: port 3(syz_tun) entered disabled state
[ 1485.783163][T17412] syz_tun: entered allmulticast mode
[ 1485.922121][T17417] netlink: 'syz.6.2787': attribute type 10 has an invalid length.
[ 1486.260511][T17412] syz_tun: entered promiscuous mode
[ 1486.276835][T17412] bridge0: port 3(syz_tun) entered blocking state
[ 1486.283584][T17412] bridge0: port 3(syz_tun) entered forwarding state
[ 1486.381011][T17417] bridge0: port 3(syz_tun) entered disabled state
[ 1486.387723][T17417] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1486.395029][T17417] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1486.635871][T17417] bridge0: port 3(syz_tun) entered blocking state
[ 1486.642466][T17417] bridge0: port 3(syz_tun) entered forwarding state
[ 1486.650570][T17417] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1486.657728][T17417] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1486.665207][T17417] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1486.672403][T17417] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1487.550147][T17417] bond0: (slave bridge0): Enslaving as an active interface with an up link
[ 1488.227393][T17428] overlayfs: failed to resolve './file0': -2
[ 1489.000843][T17445] loop5: detected capacity change from 0 to 2048
[ 1489.036633][T17445] EXT4-fs: Ignoring removed i_version option
[ 1489.138987][T17445] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1489.196251][T17445] ext4 filesystem being mounted at /507/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1489.365625][T17445] EXT4-fs (loop5): shut down requested (0)
[ 1489.926039][   T30] audit: type=1326 audit(1773275694.703:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17454 comm="syz.3.2795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e0c99c799 code=0x7ffc0000
[ 1490.272501][   T30] audit: type=1326 audit(1773275694.713:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17454 comm="syz.3.2795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e0c99c799 code=0x7ffc0000
[ 1490.350402][   T30] audit: type=1326 audit(1773275695.093:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17454 comm="syz.3.2795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f1e0c99c799 code=0x7ffc0000
[ 1490.396782][T17465] loop9: detected capacity change from 0 to 764
[ 1490.426149][   T30] audit: type=1326 audit(1773275695.093:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17454 comm="syz.3.2795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e0c99c799 code=0x7ffc0000
[ 1490.545677][   T30] audit: type=1326 audit(1773275695.093:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17454 comm="syz.3.2795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e0c99c799 code=0x7ffc0000
[ 1490.685952][   T30] audit: type=1326 audit(1773275695.093:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17454 comm="syz.3.2795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f1e0c99c799 code=0x7ffc0000
[ 1490.760449][ T5819] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1490.799743][   T30] audit: type=1326 audit(1773275695.093:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17454 comm="syz.3.2795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e0c99c799 code=0x7ffc0000
[ 1490.823423][T17471] loop4: detected capacity change from 0 to 512
[ 1490.844656][T17471] EXT4-fs: Ignoring removed nobh option
[ 1490.911844][T17471] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[ 1490.933360][   T30] audit: type=1326 audit(1773275695.093:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17454 comm="syz.3.2795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f1e0c99c799 code=0x7ffc0000
[ 1490.983074][T17471] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[ 1491.055356][   T30] audit: type=1326 audit(1773275695.093:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17454 comm="syz.3.2795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e0c99c799 code=0x7ffc0000
[ 1491.959563][   T30] audit: type=1326 audit(1773275695.093:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17454 comm="syz.3.2795" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e0c99c799 code=0x7ffc0000
[ 1492.035285][T17471] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2857: Unable to expand inode 15. Delete some EAs or run e2fsck.
[ 1492.265653][ T9556] Bluetooth: hci3: Opcode 0x1003 failed: -110
[ 1492.265803][ T5824] Bluetooth: hci3: command 0x1003 tx timeout
[ 1492.425886][T17471] EXT4-fs (loop4): 1 truncate cleaned up
[ 1492.534749][T17471] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1493.347959][T17471] Invalid option length (255) for dns_resolver key
[ 1494.374975][T16918] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1495.693127][T17530] bridge0: port 3(syz_tun) entered disabled state
[ 1495.699779][T17530] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1495.707007][T17530] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1495.910360][T17533] loop9: detected capacity change from 0 to 128
[ 1495.989317][T17533] EXT4-fs (loop9): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1496.051824][T17509] overlayfs: failed to resolve './file0': -2
[ 1496.073167][T17533] ext4 filesystem being mounted at /314/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1496.470011][T17539] process 'syz.9.2812' launched './file1' with NULL argv: empty string added
[ 1497.129270][ T9977] EXT4-fs (loop9): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1498.086862][T17551] nvme_fabrics: missing parameter 'transport=%s'
[ 1498.093326][T17551] nvme_fabrics: missing parameter 'nqn=%s'
[ 1498.513651][T17558] loop4: detected capacity change from 0 to 1024
[ 1498.558581][T17558] EXT4-fs: inline encryption not supported
[ 1498.640857][T17558] EXT4-fs: Ignoring removed bh option
[ 1498.737936][T17558] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1498.909544][   T30] audit: type=1326 audit(1773275703.737:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17561 comm="syz.3.2818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e0c99c799 code=0x7ffc0000
[ 1499.609258][   T30] audit: type=1326 audit(1773275703.737:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17561 comm="syz.3.2818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e0c99c799 code=0x7ffc0000
[ 1499.910731][T16918] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1499.971011][   T30] audit: type=1326 audit(1773275703.737:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17561 comm="syz.3.2818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7f1e0c99c799 code=0x7ffc0000
[ 1500.269315][   T30] audit: type=1326 audit(1773275703.737:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17561 comm="syz.3.2818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e0c99c799 code=0x7ffc0000
[ 1500.691043][   T30] audit: type=1326 audit(1773275703.737:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17561 comm="syz.3.2818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=248 compat=0 ip=0x7f1e0c99c799 code=0x7ffc0000
[ 1500.847914][   T30] audit: type=1326 audit(1773275703.737:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17561 comm="syz.3.2818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e0c99c799 code=0x7ffc0000
[ 1500.992292][ T9556] Bluetooth: hci3: Opcode 0x1003 failed: -110
[ 1501.021309][   T30] audit: type=1326 audit(1773275703.737:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17561 comm="syz.3.2818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7f1e0c99c799 code=0x7ffc0000
[ 1501.248442][   T30] audit: type=1326 audit(1773275703.737:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17561 comm="syz.3.2818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e0c99c799 code=0x7ffc0000
[ 1501.403386][   T30] audit: type=1326 audit(1773275703.737:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17561 comm="syz.3.2818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f1e0c99c799 code=0x7ffc0000
[ 1501.618527][   T30] audit: type=1326 audit(1773275703.737:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17561 comm="syz.3.2818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e0c99c799 code=0x7ffc0000
[ 1505.065527][T17617] nvme_fabrics: missing parameter 'transport=%s'
[ 1505.072081][T17617] nvme_fabrics: missing parameter 'nqn=%s'
[ 1506.639797][T17634] loop9: detected capacity change from 0 to 1024
[ 1506.706681][T17634] EXT4-fs: inline encryption not supported
[ 1506.741694][T17634] EXT4-fs: Ignoring removed bh option
[ 1507.239630][T17634] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1507.489581][T17650] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[ 1507.678903][ T9977] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1509.103082][T17677] loop7: detected capacity change from 0 to 1024
[ 1509.231743][T17677] EXT4-fs: Ignoring removed orlov option
[ 1509.331803][T17677] EXT4-fs (loop7): stripe (9) is not aligned with cluster size (16), stripe is disabled
[ 1509.428725][T17677] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1510.123794][ T7004] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1513.064119][T17704] nvme_fabrics: missing parameter 'transport=%s'
[ 1513.070502][T17704] nvme_fabrics: missing parameter 'nqn=%s'
[ 1514.927473][T17719] loop7: detected capacity change from 0 to 1024
[ 1515.028323][T17719] EXT4-fs: inline encryption not supported
[ 1515.081269][T17719] EXT4-fs: Ignoring removed bh option
[ 1515.219969][T17719] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1515.508671][ T7004] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1517.151890][T17761] loop5: detected capacity change from 0 to 1024
[ 1517.653616][T17761] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1517.835311][T17761] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1312: group 0, block bitmap and bg descriptor inconsistent: 25 vs 161808409 free clusters
[ 1517.866183][   T30] kauditd_printk_skb: 24 callbacks suppressed
[ 1517.866213][   T30] audit: type=1800 audit(1773275722.727:253): pid=17761 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2863" name="file1" dev="loop5" ino=15 res=0 errno=0
[ 1518.281443][T17777] xt_hashlimit: size too large, truncated to 1048576
[ 1518.350081][T17761] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[ 1518.418171][T17761] EXT4-fs (loop5): This should not happen!! Data will be lost
[ 1518.418171][T17761] 
[ 1518.515473][T17761] EXT4-fs (loop5): Total free blocks count 0
[ 1518.587122][T17761] EXT4-fs (loop5): Free/Dirty block details
[ 1518.707071][T17761] EXT4-fs (loop5): free_blocks=2588934144
[ 1518.794556][T17761] EXT4-fs (loop5): dirty_blocks=80
[ 1518.841643][T17761] EXT4-fs (loop5): Block reservation details
[ 1518.881004][T17761] EXT4-fs (loop5): i_reserved_data_blocks=5
[ 1519.422777][ T1021] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 4 with max blocks 64 with error 28
[ 1522.496516][T17837] l2tp_ppp: sess 2/0: no socket in recv
[ 1522.865815][T17846] xt_hashlimit: size too large, truncated to 1048576
[ 1522.958172][T17848] loop3: detected capacity change from 0 to 1024
[ 1522.985952][T17848] EXT4-fs: inline encryption not supported
[ 1523.013611][T17848] EXT4-fs: Ignoring removed bh option
[ 1523.120181][T17848] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1523.495160][T14769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1524.007256][ T9927] usb 10-1: new low-speed USB device number 9 using dummy_hcd
[ 1524.162241][ T9927] usb 10-1: device descriptor read/64, error -71
[ 1524.200791][T17839] overlayfs: failed to resolve './file1': -2
[ 1524.416800][ T9927] usb 10-1: new low-speed USB device number 10 using dummy_hcd
[ 1524.546760][ T9927] usb 10-1: device descriptor read/64, error -71
[ 1524.677903][ T9927] usb usb10-port1: attempt power cycle
[ 1525.056505][ T9927] usb 10-1: new low-speed USB device number 11 using dummy_hcd
[ 1525.171213][ T9927] usb 10-1: device descriptor read/8, error -71
[ 1525.426338][ T9927] usb 10-1: new low-speed USB device number 12 using dummy_hcd
[ 1525.750496][ T9927] usb 10-1: device descriptor read/8, error -71
[ 1525.893121][ T9927] usb usb10-port1: unable to enumerate USB device
[ 1528.595408][T17915] loop9: detected capacity change from 0 to 1024
[ 1528.603760][T17915] EXT4-fs: inline encryption not supported
[ 1528.797452][T17915] EXT4-fs: Ignoring removed bh option
[ 1528.876970][T17920] xt_hashlimit: size too large, truncated to 1048576
[ 1529.001885][T17915] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1529.506076][ T9977] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1530.701743][   T30] audit: type=1326 audit(1773275735.553:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17954 comm="syz.4.2916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0cd19c799 code=0x7ffc0000
[ 1530.773976][   T30] audit: type=1326 audit(1773275735.553:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17954 comm="syz.4.2916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7fc0cd19c799 code=0x7ffc0000
[ 1530.833693][   T30] audit: type=1326 audit(1773275735.553:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17954 comm="syz.4.2916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0cd19c799 code=0x7ffc0000
[ 1530.858420][   T30] audit: type=1326 audit(1773275735.553:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17954 comm="syz.4.2916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=248 compat=0 ip=0x7fc0cd19c799 code=0x7ffc0000
[ 1530.883914][ T5959] usb 6-1: new low-speed USB device number 16 using dummy_hcd
[ 1530.917898][   T30] audit: type=1326 audit(1773275735.553:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17954 comm="syz.4.2916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0cd19c799 code=0x7ffc0000
[ 1531.023474][ T5959] usb 6-1: device descriptor read/64, error -71
[ 1531.050074][   T30] audit: type=1326 audit(1773275735.553:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17954 comm="syz.4.2916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7fc0cd19c799 code=0x7ffc0000
[ 1532.083049][   T30] audit: type=1326 audit(1773275735.553:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17954 comm="syz.4.2916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0cd19c799 code=0x7ffc0000
[ 1532.218618][ T5959] usb 6-1: new low-speed USB device number 17 using dummy_hcd
[ 1532.281342][   T30] audit: type=1326 audit(1773275735.553:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17954 comm="syz.4.2916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc0cd19c799 code=0x7ffc0000
[ 1532.363263][ T5959] usb 6-1: device descriptor read/64, error -71
[ 1532.382493][   T30] audit: type=1326 audit(1773275735.553:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17954 comm="syz.4.2916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0cd19c799 code=0x7ffc0000
[ 1532.510956][ T5959] usb usb6-port1: attempt power cycle
[ 1532.763472][ T5824] Bluetooth: hci3: Opcode 0x1003 failed: -110
[ 1532.949611][   T30] audit: type=1326 audit(1773275735.553:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17954 comm="syz.4.2916" exe="/root/syz-executor" sig=0 arch=c000003e syscall=250 compat=0 ip=0x7fc0cd19c799 code=0x7ffc0000
[ 1533.352392][ T5959] usb 6-1: new low-speed USB device number 18 using dummy_hcd
[ 1533.419339][ T5959] usb 6-1: device descriptor read/8, error -71
[ 1533.453111][T17985] syzkaller0: entered promiscuous mode
[ 1533.481185][T17985] syzkaller0: entered allmulticast mode
[ 1533.552928][T17992] loop7: detected capacity change from 0 to 1024
[ 1533.560245][T17992] EXT4-fs: inline encryption not supported
[ 1533.578545][T17992] EXT4-fs: Ignoring removed bh option
[ 1533.697417][T17992] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1533.712171][ T5959] usb 6-1: new low-speed USB device number 19 using dummy_hcd
[ 1533.856958][ T5959] usb 6-1: device descriptor read/8, error -71
[ 1533.993007][ T5959] usb usb6-port1: unable to enumerate USB device
[ 1534.108927][ T7004] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1537.642732][ T5959] usb 10-1: new low-speed USB device number 13 using dummy_hcd
[ 1537.662384][T18041] loop7: detected capacity change from 0 to 1024
[ 1537.701155][T18041] EXT4-fs: inline encryption not supported
[ 1537.732183][T18041] EXT4-fs: Ignoring removed bh option
[ 1537.826595][T18041] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1537.960014][ T5959] usb 10-1: device descriptor read/64, error -71
[ 1538.220399][ T5959] usb 10-1: new low-speed USB device number 14 using dummy_hcd
[ 1538.551350][ T7004] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1538.730302][ T5959] usb 10-1: device descriptor read/64, error -71
[ 1538.874979][ T5959] usb usb10-port1: attempt power cycle
[ 1539.821779][T18081] xt_hashlimit: size too large, truncated to 1048576
[ 1540.448805][ T5959] usb 10-1: new low-speed USB device number 15 using dummy_hcd
[ 1540.542953][T18095] loop7: detected capacity change from 0 to 1024
[ 1540.602180][T18095] EXT4-fs: inline encryption not supported
[ 1540.608109][T18095] EXT4-fs: Ignoring removed bh option
[ 1540.663748][T18095] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1540.707931][ T5959] usb 10-1: device not accepting address 15, error -71
[ 1541.131001][ T7004] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1541.260112][  T848] hid-generic 0003:0003:0000.0013: unknown main item tag 0x0
[ 1541.458830][  T848] hid-generic 0003:0003:0000.0013: unknown main item tag 0x0
[ 1541.494866][  T848] hid-generic 0003:0003:0000.0013: unknown main item tag 0x0
[ 1541.567257][  T848] hid-generic 0003:0003:0000.0013: unknown main item tag 0x0
[ 1541.601067][  T848] hid-generic 0003:0003:0000.0013: unknown main item tag 0x0
[ 1541.631997][  T848] hid-generic 0003:0003:0000.0013: unknown main item tag 0x0
[ 1541.710590][  T848] hid-generic 0003:0003:0000.0013: unknown main item tag 0x0
[ 1541.718007][  T848] hid-generic 0003:0003:0000.0013: unknown main item tag 0x0
[ 1541.768944][  T848] hid-generic 0003:0003:0000.0013: unknown main item tag 0x0
[ 1541.776347][  T848] hid-generic 0003:0003:0000.0013: unknown main item tag 0x0
[ 1541.924251][  T848] hid-generic 0003:0003:0000.0013: hidraw0: USB HID v0.00 Device [syz0] on syz1
[ 1543.388056][T18122] fido_id[18122]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1544.149045][T18137] netlink: 20 bytes leftover after parsing attributes in process `syz.7.2966'.
[ 1544.886379][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[ 1544.956708][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[ 1545.389905][T18151] netlink: 'syz.5.2971': attribute type 1 has an invalid length.
[ 1545.422430][T18151] netlink: 'syz.5.2971': attribute type 2 has an invalid length.
[ 1545.512025][T18151] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2971'.
[ 1545.837822][T18155] loop3: detected capacity change from 0 to 1024
[ 1545.896186][T18155] EXT4-fs: inline encryption not supported
[ 1545.902130][T18155] EXT4-fs: Ignoring removed bh option
[ 1546.084584][T18155] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1546.365677][T14769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1550.390648][T18206] loop3: detected capacity change from 0 to 1024
[ 1550.854678][T18206] EXT4-fs: inline encryption not supported
[ 1550.899258][T18206] EXT4-fs: Ignoring removed bh option
[ 1551.026870][T18206] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1551.279820][T14769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1553.822356][T18263] loop6: detected capacity change from 0 to 1024
[ 1553.870346][T18263] EXT4-fs: inline encryption not supported
[ 1553.902101][T18263] EXT4-fs: Ignoring removed bh option
[ 1554.005129][T18263] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1554.414813][T14185] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1554.434427][T18278] loop5: detected capacity change from 0 to 512
[ 1554.477674][T18278] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[ 1554.515428][T18278] EXT4-fs error (device loop5): ext4_free_branches:1020: inode #11: comm syz.5.3010: invalid indirect mapped block 6684672 (level 2)
[ 1554.553199][T18278] loop5: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117
[ 1554.561631][    C1] EXT4-fs (loop5): error count since last fsck: 1
[ 1554.577223][    C1] EXT4-fs (loop5): initial error at time 1773275759: ext4_free_branches:1020: inode 11
[ 1554.586949][    C1] EXT4-fs (loop5): last error at time 1773275759: ext4_free_branches:1020: inode 11
[ 1554.623108][T18278] EXT4-fs (loop5): 1 truncate cleaned up
[ 1554.630892][T18278] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1555.249567][ T5819] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1556.402632][T18306] syzkaller0: entered promiscuous mode
[ 1556.461006][T18306] syzkaller0: entered allmulticast mode
[ 1557.610900][T18326] netlink: 'syz.5.3022': attribute type 10 has an invalid length.
[ 1557.848422][T18326] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1557.855745][T18326] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1557.863416][T18326] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1557.870591][T18326] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1557.995197][T18326] bond0: (slave bridge0): Enslaving as an active interface with an up link
[ 1558.525044][T18341] loop7: detected capacity change from 0 to 512
[ 1558.550769][T18342] loop9: detected capacity change from 0 to 512
[ 1558.611889][T18341] FAT-fs (loop7): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 1558.625923][T18342] EXT4-fs (loop9): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1558.687913][T18342] EXT4-fs (loop9): mounting ext2 file system using the ext4 subsystem
[ 1559.076285][T18342] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[ 1559.087025][T18342] System zones: 0-2, 18-18, 34-35
[ 1559.106103][T18342] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[ 1559.191590][   T30] kauditd_printk_skb: 22 callbacks suppressed
[ 1559.191619][   T30] audit: type=1800 audit(1773275764.097:286): pid=18341 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.3028" name="file1" dev="loop7" ino=1048854 res=0 errno=0
[ 1559.546500][ T9977] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1561.117923][T18384] netlink: 'syz.9.3039': attribute type 10 has an invalid length.
[ 1561.167969][T18384] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1561.175300][T18384] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1561.182817][T18384] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1561.189955][T18384] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1561.899639][T18384] bond0: (slave bridge0): Enslaving as an active interface with an up link
[ 1562.325861][ T9556] Bluetooth: hci2: command 0x0406 tx timeout
[ 1563.879445][T18419] Invalid argument reading file caps for ./file0
[ 1564.337702][T18425] netlink: 'syz.4.3051': attribute type 4 has an invalid length.
[ 1564.429947][T18425] netlink: 'syz.4.3051': attribute type 4 has an invalid length.
[ 1574.388343][T18551] netlink: 182 bytes leftover after parsing attributes in process `syz.6.3082'.
[ 1576.894238][T18576] loop3: detected capacity change from 0 to 2048
[ 1577.026233][T18576] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1577.150716][T18576] ext4 filesystem being mounted at /140/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1577.461030][T18590] EXT4-fs error (device loop3): ext4_validate_block_bitmap:440: comm syz.3.3086: bg 0: block 345: padding at end of block bitmap is not set
[ 1577.506191][T18590] EXT4-fs (loop3): Remounting filesystem read-only
[ 1577.791016][ T9845] EXT4-fs warning (device loop3): ext4_convert_unwritten_extents:5033: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[ 1578.438715][T14769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1579.527005][T18613] netlink: 182 bytes leftover after parsing attributes in process `syz.7.3096'.
[ 1584.288046][T18678] netlink: 27 bytes leftover after parsing attributes in process `syz.5.3113'.
[ 1584.914517][T18684] netlink: 182 bytes leftover after parsing attributes in process `syz.7.3114'.
[ 1585.826302][T18686] loop5: detected capacity change from 0 to 128
[ 1585.938322][T18686] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1585.979910][T18686] ext4 filesystem being mounted at /570/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1586.434155][ T5819] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1587.541124][T18718] loop4: detected capacity change from 0 to 256
[ 1587.626111][T18718] vfat: Unknown parameter '0xffffffffffffffff˙˙˙˙˙˙˙˙˙˙18446744073709551615˙˙˙˙˙˙˙˙'
[ 1588.091941][T18725] loop3: detected capacity change from 0 to 136
[ 1589.324539][T18758] netlink: 182 bytes leftover after parsing attributes in process `syz.9.3130'.
[ 1590.152387][T18763] netlink: 'syz.7.3134': attribute type 10 has an invalid length.
[ 1590.160431][ T5898] usb 4-1: new low-speed USB device number 9 using dummy_hcd
[ 1590.390488][T18763] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1590.397715][T18763] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1590.405270][T18763] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1590.412407][T18763] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1590.460387][ T5898] usb 4-1: config 0 has an invalid interface number: 55 but max is 0
[ 1590.471567][T18763] bond0: (slave bridge0): Enslaving as an active interface with an up link
[ 1590.480321][ T5898] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1590.535308][ T5898] usb 4-1: config 0 has no interface number 0
[ 1590.551616][ T5898] usb 4-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1590.578418][ T5898] usb 4-1: config 0 interface 55 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1590.641884][ T5898] usb 4-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1590.693921][   T30] audit: type=1326 audit(1773275795.583:287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18766 comm="syz.5.3137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb6c19c799 code=0x7ffc0000
[ 1590.725118][ T5898] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1590.738299][   T30] audit: type=1326 audit(1773275795.583:288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18766 comm="syz.5.3137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb6c19c799 code=0x7ffc0000
[ 1590.894574][ T5898] usb 4-1: config 0 descriptor??
[ 1590.925892][   T30] audit: type=1326 audit(1773275795.583:289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18766 comm="syz.5.3137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7fdb6c19c799 code=0x7ffc0000
[ 1590.955017][ T5898] ldusb 4-1:0.55: Interrupt in endpoint not found
[ 1591.170615][   T30] audit: type=1326 audit(1773275795.583:290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18766 comm="syz.5.3137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb6c19c799 code=0x7ffc0000
[ 1591.466730][T17146] usb 4-1: USB disconnect, device number 9
[ 1591.548913][   T30] audit: type=1326 audit(1773275795.583:291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18766 comm="syz.5.3137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=248 compat=0 ip=0x7fdb6c19c799 code=0x7ffc0000
[ 1592.068151][   T30] audit: type=1326 audit(1773275795.583:292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18766 comm="syz.5.3137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb6c19c799 code=0x7ffc0000
[ 1592.223336][   T30] audit: type=1326 audit(1773275795.583:293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18766 comm="syz.5.3137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7fdb6c19c799 code=0x7ffc0000
[ 1592.359080][   T30] audit: type=1326 audit(1773275795.583:294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18766 comm="syz.5.3137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb6c19c799 code=0x7ffc0000
[ 1592.507435][   T30] audit: type=1326 audit(1773275795.593:295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18766 comm="syz.5.3137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fdb6c19c799 code=0x7ffc0000
[ 1592.606391][   T30] audit: type=1326 audit(1773275795.593:296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18766 comm="syz.5.3137" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb6c19c799 code=0x7ffc0000
[ 1592.772958][ T5824] Bluetooth: hci3: Opcode 0x1003 failed: -110
[ 1593.726981][T18809] loop3: detected capacity change from 0 to 512
[ 1593.746422][T18809] EXT4-fs: Ignoring removed nobh option
[ 1594.149627][T18809] 
[ 1594.151983][T18809] ======================================================
[ 1594.158985][T18809] WARNING: possible circular locking dependency detected
[ 1594.166001][T18809] syzkaller #0 Tainted: G             L     
[ 1594.171983][T18809] ------------------------------------------------------
[ 1594.178995][T18809] syz.3.3143/18809 is trying to acquire lock:
[ 1594.185087][T18809] ffff888035dbab98 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: do_writepages+0x278/0x600
[ 1594.194999][T18809] 
[ 1594.194999][T18809] but task is already holding lock:
[ 1594.202360][T18809] ffff8880463900c8 (&ei->xattr_sem){++++}-{4:4}, at: __ext4_mark_inode_dirty+0x606/0x8b0
[ 1594.212260][T18809] 
[ 1594.212260][T18809] which lock already depends on the new lock.
[ 1594.212260][T18809] 
[ 1594.222654][T18809] 
[ 1594.222654][T18809] the existing dependency chain (in reverse order) is:
[ 1594.231657][T18809] 
[ 1594.231657][T18809] -> #1 (&ei->xattr_sem){++++}-{4:4}:
[ 1594.239236][T18809]        down_write+0x8b/0x1f0
[ 1594.244024][T18809]        ext4_destroy_inline_data+0x2d/0xe0
[ 1594.249943][T18809]        ext4_do_writepages+0x1185/0x3f50
[ 1594.255679][T18809]        ext4_writepages+0x347/0x790
[ 1594.260976][T18809]        do_writepages+0x278/0x600
[ 1594.266107][T18809]        filemap_writeback+0x22d/0x2e0
[ 1594.271630][T18809]        file_write_and_wait_range+0xcd/0x140
[ 1594.277726][T18809]        generic_buffers_fsync_noflush+0x77/0x490
[ 1594.284162][T18809]        ext4_sync_file+0x63e/0xf10
[ 1594.289371][T18809]        vfs_fsync_range+0x9b/0x190
[ 1594.294774][T18809]        ext4_buffered_write_iter+0x2e2/0x440
[ 1594.300847][T18809]        ext4_file_write_iter+0xa2f/0x1d40
[ 1594.306660][T18809]        vfs_write+0x6ac/0x1070
[ 1594.311526][T18809]        __x64_sys_pwrite64+0x1eb/0x250
[ 1594.317088][T18809]        do_syscall_64+0x106/0xf80
[ 1594.322214][T18809]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1594.328636][T18809] 
[ 1594.328636][T18809] -> #0 (&sbi->s_writepages_rwsem){++++}-{0:0}:
[ 1594.337089][T18809]        __lock_acquire+0x14b8/0x2630
[ 1594.342503][T18809]        lock_acquire+0x1cf/0x380
[ 1594.347549][T18809]        ext4_writepages+0x21d/0x790
[ 1594.352844][T18809]        do_writepages+0x278/0x600
[ 1594.357975][T18809]        __writeback_single_inode+0x164/0x13c0
[ 1594.364142][T18809]        writeback_single_inode+0x4d3/0xf30
[ 1594.370051][T18809]        write_inode_now+0x174/0x1f0
[ 1594.375346][T18809]        iput.part.0+0x7f3/0xf50
[ 1594.380289][T18809]        iput+0x35/0x40
[ 1594.384447][T18809]        ext4_xattr_block_set+0x6f7/0x3660
[ 1594.390281][T18809]        ext4_expand_extra_isize_ea+0x17c6/0x1d70
[ 1594.396702][T18809]        __ext4_expand_extra_isize+0x346/0x480
[ 1594.402887][T18809]        __ext4_mark_inode_dirty+0x693/0x8b0
[ 1594.408881][T18809]        ext4_evict_inode+0x860/0x17c0
[ 1594.414353][T18809]        evict+0x3c2/0xad0
[ 1594.418776][T18809]        iput.part.0+0x605/0xf50
[ 1594.423717][T18809]        iput+0x35/0x40
[ 1594.427879][T18809]        ext4_orphan_cleanup+0x71e/0x11e0
[ 1594.433618][T18809]        ext4_fill_super+0x9009/0xb470
[ 1594.439096][T18809]        get_tree_bdev_flags+0x38c/0x620
[ 1594.444740][T18809]        vfs_get_tree+0x92/0x320
[ 1594.449688][T18809]        path_mount+0x7d0/0x23d0
[ 1594.454626][T18809]        __x64_sys_mount+0x293/0x310
[ 1594.459911][T18809]        do_syscall_64+0x106/0xf80
[ 1594.465036][T18809]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1594.471456][T18809] 
[ 1594.471456][T18809] other info that might help us debug this:
[ 1594.471456][T18809] 
[ 1594.481673][T18809]  Possible unsafe locking scenario:
[ 1594.481673][T18809] 
[ 1594.489111][T18809]        CPU0                    CPU1
[ 1594.494465][T18809]        ----                    ----
[ 1594.499819][T18809]   lock(&ei->xattr_sem);
[ 1594.504157][T18809]                                lock(&sbi->s_writepages_rwsem);
[ 1594.511883][T18809]                                lock(&ei->xattr_sem);
[ 1594.518738][T18809]   rlock(&sbi->s_writepages_rwsem);
[ 1594.524032][T18809] 
[ 1594.524032][T18809]  *** DEADLOCK ***
[ 1594.524032][T18809] 
[ 1594.532161][T18809] 3 locks held by syz.3.3143/18809:
[ 1594.537352][T18809]  #0: ffff888056eba0e0 (&type->s_umount_key#29/1){+.+.}-{4:4}, at: alloc_super+0x244/0xd20
[ 1594.547525][T18809]  #1: ffff888056eba610 (sb_internal){++++}-{0:0}, at: evict+0x3c2/0xad0
[ 1594.556013][T18809]  #2: ffff8880463900c8 (&ei->xattr_sem){++++}-{4:4}, at: __ext4_mark_inode_dirty+0x606/0x8b0
[ 1594.566333][T18809] 
[ 1594.566333][T18809] stack backtrace:
[ 1594.572220][T18809] CPU: 1 UID: 0 PID: 18809 Comm: syz.3.3143 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1594.572269][T18809] Tainted: [L]=SOFTLOCKUP
[ 1594.572282][T18809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[ 1594.572303][T18809] Call Trace:
[ 1594.572314][T18809]  <TASK>
[ 1594.572326][T18809]  dump_stack_lvl+0x100/0x190
[ 1594.572378][T18809]  print_circular_bug.cold+0x178/0x1c7
[ 1594.572437][T18809]  check_noncircular+0x146/0x160
[ 1594.572494][T18809]  __lock_acquire+0x14b8/0x2630
[ 1594.572550][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1594.572597][T18809]  lock_acquire+0x1cf/0x380
[ 1594.572647][T18809]  ? do_writepages+0x278/0x600
[ 1594.572700][T18809]  ? __pfx___might_resched+0x10/0x10
[ 1594.572739][T18809]  ext4_writepages+0x21d/0x790
[ 1594.572786][T18809]  ? do_writepages+0x278/0x600
[ 1594.572837][T18809]  ? __pfx_ext4_writepages+0x10/0x10
[ 1594.572887][T18809]  ? do_writepages+0x4b5/0x600
[ 1594.572937][T18809]  ? do_writepages+0x4b5/0x600
[ 1594.572986][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1594.573031][T18809]  ? __pfx_ext4_writepages+0x10/0x10
[ 1594.573074][T18809]  do_writepages+0x278/0x600
[ 1594.573127][T18809]  ? __pfx_do_writepages+0x10/0x10
[ 1594.573178][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1594.573220][T18809]  ? mark_held_locks+0x40/0x70
[ 1594.573274][T18809]  __writeback_single_inode+0x164/0x13c0
[ 1594.573318][T18809]  ? find_held_lock+0x2b/0x80
[ 1594.573359][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1594.573403][T18809]  ? __pfx___writeback_single_inode+0x10/0x10
[ 1594.573447][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1594.573489][T18809]  ? do_raw_spin_unlock+0x145/0x1e0
[ 1594.573524][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1594.573569][T18809]  writeback_single_inode+0x4d3/0xf30
[ 1594.573618][T18809]  write_inode_now+0x174/0x1f0
[ 1594.573661][T18809]  ? __pfx_write_inode_now+0x10/0x10
[ 1594.573730][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1594.573776][T18809]  ? find_held_lock+0x2b/0x80
[ 1594.573816][T18809]  ? iput.part.0+0x7e6/0xf50
[ 1594.573850][T18809]  ? iput.part.0+0x7e6/0xf50
[ 1594.573883][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1594.573931][T18809]  iput.part.0+0x7f3/0xf50
[ 1594.573965][T18809]  ? __pfx_ext4_drop_inode+0x10/0x10
[ 1594.574009][T18809]  iput+0x35/0x40
[ 1594.574041][T18809]  ext4_xattr_block_set+0x6f7/0x3660
[ 1594.574102][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1594.574150][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1594.574198][T18809]  ? __pfx_ext4_xattr_block_set+0x10/0x10
[ 1594.574261][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1594.574303][T18809]  ? xattr_find_entry+0x240/0x2e0
[ 1594.574361][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1594.574403][T18809]  ? ext4_xattr_block_find+0x59/0x430
[ 1594.574462][T18809]  ext4_expand_extra_isize_ea+0x17c6/0x1d70
[ 1594.574515][T18809]  ? __pfx_ext4_expand_extra_isize_ea+0x10/0x10
[ 1594.574556][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1594.574599][T18809]  ? dquot_initialize_needed+0x183/0x2a0
[ 1594.574645][T18809]  __ext4_expand_extra_isize+0x346/0x480
[ 1594.574704][T18809]  __ext4_mark_inode_dirty+0x693/0x8b0
[ 1594.574751][T18809]  ? __pfx___ext4_mark_inode_dirty+0x10/0x10
[ 1594.574809][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1594.574852][T18809]  ? __ext4_journal_start_sb+0x1ce/0x6a0
[ 1594.574893][T18809]  ? ext4_evict_inode+0x6e2/0x17c0
[ 1594.574939][T18809]  ext4_evict_inode+0x860/0x17c0
[ 1594.574987][T18809]  ? __pfx_ext4_evict_inode+0x10/0x10
[ 1594.575029][T18809]  ? evict+0x37e/0xad0
[ 1594.575061][T18809]  ? evict+0x37e/0xad0
[ 1594.575091][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1594.575138][T18809]  ? __pfx_ext4_evict_inode+0x10/0x10
[ 1594.575182][T18809]  evict+0x3c2/0xad0
[ 1594.575217][T18809]  ? __pfx_evict+0x10/0x10
[ 1594.575249][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1594.575297][T18809]  ? iput.part.0+0x5fd/0xf50
[ 1594.575330][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1594.575378][T18809]  iput.part.0+0x605/0xf50
[ 1594.575411][T18809]  ? __pfx_ext4_drop_inode+0x10/0x10
[ 1594.575454][T18809]  iput+0x35/0x40
[ 1594.575486][T18809]  ext4_orphan_cleanup+0x71e/0x11e0
[ 1594.575538][T18809]  ? __pfx_ext4_orphan_cleanup+0x10/0x10
[ 1594.575587][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1594.575629][T18809]  ? ext4_register_li_request+0xef/0xa00
[ 1594.575684][T18809]  ext4_fill_super+0x9009/0xb470
[ 1594.575752][T18809]  ? __pfx_ext4_fill_super+0x10/0x10
[ 1594.575807][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1594.575854][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1594.575896][T18809]  ? sb_set_blocksize+0x1fe/0x290
[ 1594.575933][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1594.575975][T18809]  ? setup_bdev_super+0x425/0x730
[ 1594.576015][T18809]  get_tree_bdev_flags+0x38c/0x620
[ 1594.576057][T18809]  ? __pfx_ext4_fill_super+0x10/0x10
[ 1594.576110][T18809]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[ 1594.576154][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1594.576199][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1594.576248][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1594.576291][T18809]  ? security_capable+0x80/0x260
[ 1594.576339][T18809]  vfs_get_tree+0x92/0x320
[ 1594.576373][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1594.576417][T18809]  path_mount+0x7d0/0x23d0
[ 1594.576455][T18809]  ? __pfx_path_mount+0x10/0x10
[ 1594.576485][T18809]  ? lockdep_hardirqs_on+0x78/0x100
[ 1594.576531][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1594.576575][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1594.576617][T18809]  ? kmem_cache_free+0x124/0x6a0
[ 1594.576658][T18809]  ? __x64_sys_mount+0x293/0x310
[ 1594.576690][T18809]  __x64_sys_mount+0x293/0x310
[ 1594.576722][T18809]  ? __pfx___x64_sys_mount+0x10/0x10
[ 1594.576756][T18809]  ? do_user_addr_fault+0x8d6/0x12f0
[ 1594.576796][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1594.576843][T18809]  do_syscall_64+0x106/0xf80
[ 1594.576885][T18809]  ? irqentry_exit+0x138/0x670
[ 1594.576932][T18809]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1594.576968][T18809] RIP: 0033:0x7f1e0c99da0a
[ 1594.576997][T18809] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1594.577035][T18809] RSP: 002b:00007f1e0d7a4e58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1594.577067][T18809] RAX: ffffffffffffffda RBX: 00007f1e0d7a4ee0 RCX: 00007f1e0c99da0a
[ 1594.577090][T18809] RDX: 0000200000000180 RSI: 0000200000000140 RDI: 00007f1e0d7a4ea0
[ 1594.577113][T18809] RBP: 0000200000000180 R08: 00007f1e0d7a4ee0 R09: 0000000000800718
[ 1594.577136][T18809] R10: 0000000000800718 R11: 0000000000000246 R12: 0000200000000140
[ 1594.577158][T18809] R13: 00007f1e0d7a4ea0 R14: 00000000000004a3 R15: 00002000000003c0
[ 1594.577193][T18809]  </TASK>
[ 1595.371530][T18809] ------------[ cut here ]------------
[ 1595.377054][T18809] EA inode 11 i_nlink=1026
[ 1595.377074][T18809] WARNING: fs/ext4/xattr.c:1057 at ext4_xattr_inode_update_ref+0x477/0x590, CPU#1: syz.3.3143/18809
[ 1595.392370][T18809] Modules linked in:
[ 1595.396281][T18809] CPU: 1 UID: 0 PID: 18809 Comm: syz.3.3143 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1595.407290][T18809] Tainted: [L]=SOFTLOCKUP
[ 1595.411782][T18809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[ 1595.421907][T18809] RIP: 0010:ext4_xattr_inode_update_ref+0x47e/0x590
[ 1595.428517][T18809] Code: 40 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 0a 01 00 00 48 8d 3d 69 3e fe 0d 48 8b 73 40 44 89 e2 <67> 48 0f b9 3a eb a6 e8 06 97 26 ff 48 8d 7b 40 48 b8 00 00 00 00
[ 1595.448624][T18809] RSP: 0018:ffffc90002ff7188 EFLAGS: 00010246
[ 1595.454972][T18809] RAX: dffffc0000000000 RBX: ffff88804636cf58 RCX: ffffc90013ce9000
[ 1595.462969][T18809] RDX: 0000000000000402 RSI: 000000000000000b RDI: ffffffff90e03fd0
[ 1595.470938][T18809] RBP: ffffc90002ff7250 R08: 0000000000000005 R09: 0000000000000001
[ 1595.478961][T18809] R10: 0000000000000402 R11: 0000000000000001 R12: 0000000000000402
[ 1595.486947][T18809] R13: 1ffff920005fee34 R14: 00000000ffffffff R15: 0000000000000000
[ 1595.494985][T18809] FS:  00007f1e0d7a56c0(0000) GS:ffff888124446000(0000) knlGS:0000000000000000
[ 1595.503940][T18809] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1595.510525][T18809] CR2: 00007ffda1ae2f52 CR3: 00000000544a5000 CR4: 0000000000350ef0
[ 1595.518509][T18809] Call Trace:
[ 1595.521799][T18809]  <TASK>
[ 1595.524727][T18809]  ? __pfx_ext4_xattr_inode_update_ref+0x10/0x10
[ 1595.531157][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1595.537157][T18809]  ? ext4_xattr_inode_iget+0x1ee/0x400
[ 1595.542912][T18809]  ext4_xattr_set_entry+0x185b/0x20b0
[ 1595.548329][T18809]  ? __pfx_ext4_xattr_set_entry+0x10/0x10
[ 1595.554104][T18809]  ? xattr_find_entry+0x240/0x2e0
[ 1595.559161][T18809]  ext4_xattr_ibody_set+0x3d3/0x5d0
[ 1595.564380][T18809]  ext4_expand_extra_isize_ea+0x180d/0x1d70
[ 1595.570298][T18809]  ? __pfx_ext4_expand_extra_isize_ea+0x10/0x10
[ 1595.576566][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1595.582237][T18809]  ? dquot_initialize_needed+0x183/0x2a0
[ 1595.587877][T18809]  __ext4_expand_extra_isize+0x346/0x480
[ 1595.593556][T18809]  __ext4_mark_inode_dirty+0x693/0x8b0
[ 1595.599031][T18809]  ? __pfx___ext4_mark_inode_dirty+0x10/0x10
[ 1595.605040][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1595.610688][T18809]  ? __ext4_journal_start_sb+0x1ce/0x6a0
[ 1595.616353][T18809]  ? ext4_evict_inode+0x6e2/0x17c0
[ 1595.621499][T18809]  ext4_evict_inode+0x860/0x17c0
[ 1595.626455][T18809]  ? __pfx_ext4_evict_inode+0x10/0x10
[ 1595.631855][T18809]  ? evict+0x37e/0xad0
[ 1595.636236][T18809]  ? evict+0x37e/0xad0
[ 1595.640304][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1595.646215][T18809]  ? __pfx_ext4_evict_inode+0x10/0x10
[ 1595.651756][T18809]  evict+0x3c2/0xad0
[ 1595.655667][T18809]  ? __pfx_evict+0x10/0x10
[ 1595.660084][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1595.665827][T18809]  ? iput.part.0+0x5fd/0xf50
[ 1595.670425][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1595.676091][T18809]  iput.part.0+0x605/0xf50
[ 1595.680517][T18809]  ? __pfx_ext4_drop_inode+0x10/0x10
[ 1595.685849][T18809]  iput+0x35/0x40
[ 1595.689489][T18809]  ext4_orphan_cleanup+0x71e/0x11e0
[ 1595.694734][T18809]  ? __pfx_ext4_orphan_cleanup+0x10/0x10
[ 1595.700388][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1595.706052][T18809]  ? ext4_register_li_request+0xef/0xa00
[ 1595.711753][T18809]  ext4_fill_super+0x9009/0xb470
[ 1595.716732][T18809]  ? __pfx_ext4_fill_super+0x10/0x10
[ 1595.722053][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1595.727711][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1595.733415][T18809]  ? sb_set_blocksize+0x1fe/0x290
[ 1595.738730][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1595.744618][T18809]  ? setup_bdev_super+0x425/0x730
[ 1595.749660][T18809]  get_tree_bdev_flags+0x38c/0x620
[ 1595.754798][T18809]  ? __pfx_ext4_fill_super+0x10/0x10
[ 1595.760107][T18809]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[ 1595.765772][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1595.771448][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1595.777094][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1595.782768][T18809]  ? security_capable+0x80/0x260
[ 1595.787728][T18809]  vfs_get_tree+0x92/0x320
[ 1595.792163][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1595.797799][T18809]  path_mount+0x7d0/0x23d0
[ 1595.802226][T18809]  ? __pfx_path_mount+0x10/0x10
[ 1595.807093][T18809]  ? lockdep_hardirqs_on+0x78/0x100
[ 1595.812309][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1595.817948][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1595.823611][T18809]  ? kmem_cache_free+0x124/0x6a0
[ 1595.828562][T18809]  ? __x64_sys_mount+0x293/0x310
[ 1595.833523][T18809]  __x64_sys_mount+0x293/0x310
[ 1595.838292][T18809]  ? __pfx___x64_sys_mount+0x10/0x10
[ 1595.843932][T18809]  ? do_user_addr_fault+0x8d6/0x12f0
[ 1595.849223][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1595.855120][T18809]  do_syscall_64+0x106/0xf80
[ 1595.859716][T18809]  ? irqentry_exit+0x138/0x670
[ 1595.864506][T18809]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1595.870397][T18809] RIP: 0033:0x7f1e0c99da0a
[ 1595.874819][T18809] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1595.894480][T18809] RSP: 002b:00007f1e0d7a4e58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1595.902922][T18809] RAX: ffffffffffffffda RBX: 00007f1e0d7a4ee0 RCX: 00007f1e0c99da0a
[ 1595.910894][T18809] RDX: 0000200000000180 RSI: 0000200000000140 RDI: 00007f1e0d7a4ea0
[ 1595.918902][T18809] RBP: 0000200000000180 R08: 00007f1e0d7a4ee0 R09: 0000000000800718
[ 1595.926908][T18809] R10: 0000000000800718 R11: 0000000000000246 R12: 0000200000000140
[ 1595.934897][T18809] R13: 00007f1e0d7a4ea0 R14: 00000000000004a3 R15: 00002000000003c0
[ 1595.943212][T18809]  </TASK>
[ 1595.946243][T18809] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 1595.953533][T18809] CPU: 1 UID: 0 PID: 18809 Comm: syz.3.3143 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1595.964501][T18809] Tainted: [L]=SOFTLOCKUP
[ 1595.968820][T18809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[ 1595.978871][T18809] Call Trace:
[ 1595.982141][T18809]  <TASK>
[ 1595.985082][T18809]  dump_stack_lvl+0x100/0x190
[ 1595.989781][T18809]  vpanic+0x552/0x970
[ 1595.993764][T18809]  ? __pfx_vpanic+0x10/0x10
[ 1595.998274][T18809]  ? lock_release+0x263/0x320
[ 1596.002981][T18809]  panic+0xd1/0xe0
[ 1596.006703][T18809]  ? __pfx_panic+0x10/0x10
[ 1596.011136][T18809]  check_panic_on_warn.cold+0x19/0x34
[ 1596.016515][T18809]  ? ext4_xattr_inode_update_ref+0x477/0x590
[ 1596.022510][T18809]  __warn.cold+0x191/0x348
[ 1596.026925][T18809]  __report_bug+0x296/0x3d0
[ 1596.031426][T18809]  ? ext4_xattr_inode_update_ref+0x477/0x590
[ 1596.037439][T18809]  ? __pfx___report_bug+0x10/0x10
[ 1596.042470][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1596.048105][T18809]  ? rcu_is_watching+0x12/0xc0
[ 1596.052870][T18809]  report_bug_entry+0xe1/0x290
[ 1596.057651][T18809]  ? ext4_xattr_inode_update_ref+0x47e/0x590
[ 1596.063647][T18809]  handle_bug+0x1cd/0x2a0
[ 1596.067984][T18809]  exc_invalid_op+0x17/0x50
[ 1596.072495][T18809]  asm_exc_invalid_op+0x1a/0x20
[ 1596.077339][T18809] RIP: 0010:ext4_xattr_inode_update_ref+0x47e/0x590
[ 1596.083947][T18809] Code: 40 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 0a 01 00 00 48 8d 3d 69 3e fe 0d 48 8b 73 40 44 89 e2 <67> 48 0f b9 3a eb a6 e8 06 97 26 ff 48 8d 7b 40 48 b8 00 00 00 00
[ 1596.103560][T18809] RSP: 0018:ffffc90002ff7188 EFLAGS: 00010246
[ 1596.109629][T18809] RAX: dffffc0000000000 RBX: ffff88804636cf58 RCX: ffffc90013ce9000
[ 1596.117596][T18809] RDX: 0000000000000402 RSI: 000000000000000b RDI: ffffffff90e03fd0
[ 1596.125582][T18809] RBP: ffffc90002ff7250 R08: 0000000000000005 R09: 0000000000000001
[ 1596.133567][T18809] R10: 0000000000000402 R11: 0000000000000001 R12: 0000000000000402
[ 1596.141535][T18809] R13: 1ffff920005fee34 R14: 00000000ffffffff R15: 0000000000000000
[ 1596.149513][T18809]  ? ext4_xattr_inode_update_ref+0x451/0x590
[ 1596.155518][T18809]  ? __pfx_ext4_xattr_inode_update_ref+0x10/0x10
[ 1596.161866][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1596.167501][T18809]  ? ext4_xattr_inode_iget+0x1ee/0x400
[ 1596.172989][T18809]  ext4_xattr_set_entry+0x185b/0x20b0
[ 1596.178389][T18809]  ? __pfx_ext4_xattr_set_entry+0x10/0x10
[ 1596.184137][T18809]  ? xattr_find_entry+0x240/0x2e0
[ 1596.189212][T18809]  ext4_xattr_ibody_set+0x3d3/0x5d0
[ 1596.194410][T18809]  ext4_expand_extra_isize_ea+0x180d/0x1d70
[ 1596.200350][T18809]  ? __pfx_ext4_expand_extra_isize_ea+0x10/0x10
[ 1596.206601][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1596.212247][T18809]  ? dquot_initialize_needed+0x183/0x2a0
[ 1596.217899][T18809]  __ext4_expand_extra_isize+0x346/0x480
[ 1596.223566][T18809]  __ext4_mark_inode_dirty+0x693/0x8b0
[ 1596.229071][T18809]  ? __pfx___ext4_mark_inode_dirty+0x10/0x10
[ 1596.235081][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1596.240725][T18809]  ? __ext4_journal_start_sb+0x1ce/0x6a0
[ 1596.246386][T18809]  ? ext4_evict_inode+0x6e2/0x17c0
[ 1596.251515][T18809]  ext4_evict_inode+0x860/0x17c0
[ 1596.256464][T18809]  ? __pfx_ext4_evict_inode+0x10/0x10
[ 1596.261849][T18809]  ? evict+0x37e/0xad0
[ 1596.265920][T18809]  ? evict+0x37e/0xad0
[ 1596.269989][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1596.275640][T18809]  ? __pfx_ext4_evict_inode+0x10/0x10
[ 1596.281028][T18809]  evict+0x3c2/0xad0
[ 1596.284931][T18809]  ? __pfx_evict+0x10/0x10
[ 1596.289347][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1596.295017][T18809]  ? iput.part.0+0x5fd/0xf50
[ 1596.299611][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1596.305263][T18809]  iput.part.0+0x605/0xf50
[ 1596.309689][T18809]  ? __pfx_ext4_drop_inode+0x10/0x10
[ 1596.314986][T18809]  iput+0x35/0x40
[ 1596.318624][T18809]  ext4_orphan_cleanup+0x71e/0x11e0
[ 1596.323848][T18809]  ? __pfx_ext4_orphan_cleanup+0x10/0x10
[ 1596.329498][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1596.335132][T18809]  ? ext4_register_li_request+0xef/0xa00
[ 1596.340782][T18809]  ext4_fill_super+0x9009/0xb470
[ 1596.345745][T18809]  ? __pfx_ext4_fill_super+0x10/0x10
[ 1596.351048][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1596.356720][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1596.362356][T18809]  ? sb_set_blocksize+0x1fe/0x290
[ 1596.367384][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1596.373033][T18809]  ? setup_bdev_super+0x425/0x730
[ 1596.378063][T18809]  get_tree_bdev_flags+0x38c/0x620
[ 1596.383188][T18809]  ? __pfx_ext4_fill_super+0x10/0x10
[ 1596.388503][T18809]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[ 1596.394155][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1596.399794][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1596.405456][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1596.411114][T18809]  ? security_capable+0x80/0x260
[ 1596.416060][T18809]  vfs_get_tree+0x92/0x320
[ 1596.420472][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1596.426106][T18809]  path_mount+0x7d0/0x23d0
[ 1596.430520][T18809]  ? __pfx_path_mount+0x10/0x10
[ 1596.435363][T18809]  ? lockdep_hardirqs_on+0x78/0x100
[ 1596.440584][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1596.446221][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1596.451880][T18809]  ? kmem_cache_free+0x124/0x6a0
[ 1596.456820][T18809]  ? __x64_sys_mount+0x293/0x310
[ 1596.461755][T18809]  __x64_sys_mount+0x293/0x310
[ 1596.466513][T18809]  ? __pfx___x64_sys_mount+0x10/0x10
[ 1596.471793][T18809]  ? do_user_addr_fault+0x8d6/0x12f0
[ 1596.477075][T18809]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1596.482731][T18809]  do_syscall_64+0x106/0xf80
[ 1596.487326][T18809]  ? irqentry_exit+0x138/0x670
[ 1596.492095][T18809]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1596.497986][T18809] RIP: 0033:0x7f1e0c99da0a
[ 1596.502393][T18809] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1596.522000][T18809] RSP: 002b:00007f1e0d7a4e58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1596.530449][T18809] RAX: ffffffffffffffda RBX: 00007f1e0d7a4ee0 RCX: 00007f1e0c99da0a
[ 1596.538420][T18809] RDX: 0000200000000180 RSI: 0000200000000140 RDI: 00007f1e0d7a4ea0
[ 1596.546390][T18809] RBP: 0000200000000180 R08: 00007f1e0d7a4ee0 R09: 0000000000800718
[ 1596.554360][T18809] R10: 0000000000800718 R11: 0000000000000246 R12: 0000200000000140
[ 1596.562349][T18809] R13: 00007f1e0d7a4ea0 R14: 00000000000004a3 R15: 00002000000003c0
[ 1596.570326][T18809]  </TASK>
[ 1596.573554][T18809] Kernel Offset: disabled
[ 1596.577869][T18809] Rebooting in 86400 seconds..