last executing test programs:

4m59.299060441s ago: executing program 2 (id=239):
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000003000000850000008600000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f00000002c0)={0x2, {{0xa, 0x0, 0x0, @mcast2}}, {{0xa, 0x0, 0x0, @local}}}, 0x108)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f00000006c0)=ANY=[@ANYBLOB="02000000000000000a00000000000000ff02000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000590000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000003"], 0x210)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000780)={0x2, {{0xa, 0x0, 0x0, @mcast2}}, 0x1, 0x1, [{{0xa, 0x0, 0x0, @empty}}]}, 0x110)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)

4m59.090439369s ago: executing program 2 (id=240):
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f0000002140)="4627563e95d073e9c44031e486c6c3c887234dab29bb5d4444d206b6ed7b2b3001b6ed59a692ab0f0251ebf104d3747ab90777b96df4449e5275f86a62902df16f5fba75e202cbdf6fe7cc018a76b412f6485398037d6cb464f1dcf7fda3c76e43cdf64a53f6182a0b7e6476035e8bce74d0582b1ccf32dc8b0cc3b610b143afb4d3c163308a66f2dedd0d45f392d7899f5c4d2ded35c1602f7338dea29e0dff356a32c9e921eeebf8b9845ec2a40b68a8bdcb88009c910e110de23a02648667d740186ee2a3f4a59672477230c4a3a62a1417659b1978cf2b671f836d49fd361ad0af9157916d29cb4fcc1e873a336660b639383485a5322faca6694c74f58fa428582950bd136778dff61da52778dade8b2c3331b31a89259469b0900ab4173202f6256b2d23d3feb8517556292de52662192eca03da5744515c4a92cd3f0f296209bacb28a0267776c9797a784cfd95a52f9de496a5ed70459d55041b663a70d7d471da4f86cd187fd53e667422a0fdfe5eb34e2f2b8c133f2271fe5b1e71533b698169ac8107187533e37765fbd69c327ec608249c44018e3496b2f66fb8bb942f4bd26ed687ee1f7d2a53d7233fbde91cd03f4b4db0c23ed56ff9a61e0d5a1bf6ed50c308e8af0c32b2e0b15df009046ed88d60b772e0cdbfb3d765251aae01b01660df364dce51971ea2034b316a0b0071cb1d28bb86279de377ccb5a18ce981241b5d566e248866f280d71c6775e14fad44342945663bd56ad056f79e49f8071153391f8de78b05496a5f174e812ee0b102e0421c632e4a9f8ffd87ea68df1d7e85af4b30024b2a3cf0e1106871b3427eedfe857f3bc2a021d42fc09224ece3c56e57806a2da229231cc8e3ed5dbd82fd2d3894cba01e36c2ba91a42456eb570446fa3e2eddfe30264572d5d778cbf5d676ad4bd37d11e09573a5566b3656a760c9d3030b2bcd90be0d670866010e2d33c93f223a79ca167bce1a46670db33470c75776582f26b5d9ce847493ddb34612bc829f93f473c24263246011c4ca689f62f4539550ee13b246aeeec477fb2e9e4b223f66c006303abdb003809b9cd4e993b90821750b86608882355e5f587182c1ac6c677b07c26956073ff3a78d4f325139d9c0b8aead052e73fd21b3615ea22acc084bf5060f72936796311e31c038426f0a0e6c304cd2d9c363e7a1a21752032be17adca8b476b0e571b591c9dd923b0066fd5e32e045494c0a9e1e511f147988e0a5fe9652b92ed0e015ef54e3ed2a510b9383f1938dece777ca866f1a21082052827f3a48c2f38482fe3a8286c0ff17d4c24a468a5a0ec0a2eb1165f48cf76fc07450c82294d973a1793dd58008834f0d3aba4e097ceff0ba44656c67839ff3e489975297b334ecf6c7ce4634afbe3d8ab70827563aa75ffafc43429170c3fe3854238485c5a9b567a959a746010c22a92e863e318312e0efc06ab86d1435e06aca5f4b7b7f06a78f90795545c145c9941b74adb9a31ab4f749f81665dd9308acba8d7861856b548eab226377be82611ad79c8d25b176de98003c1ea28b556a2b90360913c39f8f64f0d122c732af5a990603429b354ecd4de797e17722c66546cc38349cb09c40ea54972562734e9816c83103e0bd19451e6144d005e6ce6d6d6fc1ce90238b73d1e0aaa4ee9fd0545054cea97639a404edf3b27c0073be84961084ea685e8ace53c7d7f52b62e378d9ee167aec3e5cbd60ff36c0d3ad40181bad59f111c30e9414112fbc71ad7ede21c288c878dd2509c36f93c31dab5d091107c8e8bdcadffdcb3053eba35b44c70a6421b343922cb11c69b886db0f412e5c23f89dbaff9e5847fd749e28356cab3999f1142449047a3a6c43bf670244e55d888f36ef1dc87bc5bb1460b6c8d1e69efca9a02ba834591906a65102c3e1c1c7dbdeccc7e261795f349d110836445d8ba19cbc699c46d4edc34942a488de1cc1140dc6acf23c8ec1f475e613c85ba025ff7ae639cb2499629eb5f5c88c4057e30bcf41767424af763c9204084856d87cd99f0da06ae6ee5b7382c1f6f2cbb2cf2dfd8320271f16ba7ebd8f0e3c742482f5426530b1ab946c7118f70aa4eac41dd78569341a0f3dd250531aaefdff4cab9e9eed7efdaa865f9b804ade79ced061a1fcd18a6c61a708fdf119841dc232cc5c4e5343cb8a82e9dd9647779bca053b5a2c43481c06ce2a593e388f5f5f4e681771021aaaf0589dac69db22c7285035d1eb89c75935fa4208b3786f2640ce9d65b0e671967dc27808fea5d17ac70a3ac2802f65d45d9c0372aeed530ee58bf04e190f50dac25139caec0b253d17af28eaed173c7043d66567188f04ea51733835c1c66ac7a634d7b90bdac4a6d1075bb277dc6ca420b24485012db44aed5a2e8099f4f3ed53bdb0b35b35905db28169b3e3b3d13ff94bdf2c9549f4a54c64b8d27098b86ff46cfd515f35b1d5a1bbf1bb29df16cdf296e804977a6b583d018c4fdb66264d5f2d9e162059017d6b6cbc6d6c2f1009717c67093f6feaafce1f242f4b730a2e714e9bba79f18c42a158425147b7b2cd9add4ac1d2c1a95b13a4f352d51982a5d967cd611911e6d0777afbc10883c6293f056acc69da89a0a64913be996466ed63f969d5ccd124cd3052d6654e6db0519449f3cbf3a2011541d26e5b76c3c192857905bcf989fd943d42aee9ebd40fee33094eae69154092e9514819ff126040ea7d43a927809149cfaffcc76cb1e332426bf0eb1ac1a3968c70030453a284a0fe39b9ebd704f0950cb5350d4c60d65566b3f24ec4636cd5bb3e23066f4d4f1814e60f286f3ad2d3c10e79c5991c8bf5fdb561723873fe0c75c7bb6ba262aa3a6655349df95f07abb0200d5b9152da4bfdd66a311b29a15755e8465b7b0d99f7f8ccefe9cb3561b5619d4c21b36c9b29442ccd5949882d0167244d84b677685d62074f63b8dc66941f317c78bb093491e2acb7207cc80fe51c22199aae878170af9fa1eb164854587007eb108f23d1c7946bf75aee50eee6fffdae24b992393bd37d268a136b3dcb1b7d2c9b9fbfe0c860b0d344f488e85de2a65a20eb057f0047d0b6b8898bdd68e21f2234a2c66b963a2d86f62297a7d1176c14acaddd4861f5bb74ee91eb3b6ba0c7328433b977e23c02ab67d82a12d620fc034f1c9c3a99a6a07ddf59eaa18384e429101dacbd93ee794e27b774242446fa433a8c03e4312ad56f6c4dfd1ad014d07932480e07caedabda36caaeaaf405dfa1a650843f2e09ae89c666ab8754d9bf9b290f4c4c9242d8f98533bfdbae191a6fbcba6bdb9096427d2d8efb5dcfbd58df7763cc445bf44a0be6de2335a395ab8157dee25794be81c3d87a7d457b52d88f86cabf91f2ec16a8e05a00f72277943737839a5242163025704c7b938f3f424ef5db6b60d3181e3ef94cbdc6516f0ecf01b52164b92f2e12ed55db595fd8de6862a3b12ebe06b19d1f93132b83b2f5ddbc9808b3ce8fa40352c84664d824edd2631a5e2fddaae887689092007d3d0f22a948f54bfd5c42bea5f0d6bf5018cee5ef232c8b6ea3f54ee6f4997c8ad5ccfd28227eeca811312375a849bdf4d343c1b0ec7035279d1bc0892ef193a74018d5ccd5ccaf0503a697b23abb44b7aa3beced0626daa5e1fbfc4d29d2804292fcc60b775f656179510168bf05929dbc92e009d94561d946f7b4b5a18c08d29678c482d90e07abb029e80546e5cee6c4a30712a9b92d556a29b2de021bd49b6398340a9363b689bedc007416bcb659c0c4b6eaa31ec4976ee4896ff87a7dfab48dc7046d44c9c2db6881f7d6b252e582eb878b0be9b24666e74e8eb565c07582f17817ea2422de5da79cb367e76b9b8a9d056de06ad0483986fef2a3b62d64d5d2128cf55499025ad0739ad3ce5e1bfa6aaac16828bdacad2f86b32ed933a2f672efd1f4a32dd23e59aed872d1015eaaf701a0ef8e1427d59728450c4f1bd561e7ef6f8e34d12ae2120a51746a5c346e739c09854caeec07af0d70dd4d9164b3ae8a098a41c081465fdb5537cb560426bc0de4b735f253dbc779b9dce429d99700cd6c0cbd778caeb56401b2bb5c1ca310ab0c91e1d9f4578b5fb3b4f0dad4c565495797e8e83603f3ef188a896fad5bfec24457e0f6f962b8613434f16acf74308171567eae5ad9ec11186a56493a5394042bd1b29fbe0ce64e5f1b0b56e8910343666d627d71c729c0c90bfae0134e117842d67b160ff50688f7b45f0ae330c2d4890732ace7795ff74b6e36466da623c8eef75528b22199c9bf589a1fcd2aca6c5fe3cce2eddabf1ddc8e87380b815ed5928222613383db7941eb9d55b45487b399a9a35ca4cbd9eaf08c71273fc3334b0acdbd117b13697a9ae475e79a44911ce4fed1490a2ec654fe469c9ea933999dae3616b063769446cfefb4562bd124e42f62a3dd0385fe3d21029ad8fd1c58b0badd42e415a76e3e92f246629d3579dd80d940e6dd9bee3d9a6ef8a7840fb253507e718eca32ff4119eb0bcc02aa210939a3bc41704a63202139c68e276254395ab6b858f4528ea2b3a57328e0b31816de3ad85e50e7f4ec9445eaf21a8b9916ed209bb7e79a7a08c2e4e09644ab831c0ba68d05d5ebf57a9eb36bb9caa8e7ac78a8ccca1bcb03cef0c5eb31fafa6e283632c117031aa3919f72aa80a2b9b2557749951348d5294ed2414ffcbafdf976bfb7a401bedb208fe1285738df515af493047aec962bcacb8ea7bad5fc12d5bf415e66c06c4c87044e694291e104ef53850cbc7ef73ab57982d77a3f941c226a915163e8eebd256cb8a1f0130023d2c5d3be77cab39bae4449711d6f39e50cc83eefaf6cc727b1c0b3fc4f7bd110d18262cd872cee8ca95f1be8005d5b339abbde923ef2d4290d5579e4420ff2beb705c16e96101c38c31cfd05639f252730c145182e4406aab68f556e0290ccf05e25a7bf13cdb5db47a8a0841fbeb880d4f0add608d1badb8992924b548ef1426ec774ec9d86678d4c2aae8f1e3b2dfb295802f75727a308dd1b39460f26858eff99fae8d27f24ea6902adabc89311a5fd18c3d9c606db7295f25acd22624bcc753c4c3acdb3f6c563174441333b69a126e4fcc6b06165f6221539c5ed277c20dac4b7978619e10616475de88810bbac714f3651efaa59b75791080a1086c0f3f1b5edb4b3976cc936665855f6a56788d76c6e771b1c968c859fd1ba995d336d301695fc012b8031a14ca529e3e9bf622db6813417925bb4e1a7a5b786aa90f4d048f1f442a2696970dd442d3a6ee117a3e768644c99951b75e51e98de61bc7ed8eb9e87fd43ec75e948829bd19fc545cddefee7a6f068a419e216982ca4ce6ad3256f1e64d203ba1da27e9e175738124ca86a312d0dd0caae6d64751d459d8134830ebb4f4c7931aa90c1ad6fefd99ea4ded3d246236719d6fd48979ee31eaabbea385e91aea0557a58d73a63660ecee981e3da40a39fec3f01caaffafee3504e9f8dc990cc2d69c513db25f6e722ea4811f778af8a338498b6b908682aca6e02e898cb65377f820529d35707cb83ba69b16c92b571728c58188fb08ed6f6c27d6b70e963b147605714468b90966f082d7175fcbc6e770835efb6e7bac5eeaeb5b2c23eb30ecc102e647f1ff71bc6b35f629a55dd305f8ed5287e35403a91b4dc77a6df2fff354460bf563c071846c84617da4df4c46a9e359c45d217a2b096c830ac8614947d110334ca17f587d86825b2b7ae1039fc11109687c1ad0a16f0180d1700414a4694e7ab73c715436dce437a9b3dff55f62fc1ffffc33d3be037c34c9ee7a0fcfeaec1778268565663f39b69c141304c892ae80da42cc854a87c955e6d8060a731eb16ee91e8ea27f90da85196e4f034d40b85ff59eb4b7c76218342f9c9f8d3749c874562829b7ad0c786c5c25ed240aa14755ff7f5ba5298f9f6b6ec3a46ac36d6a39c59c2ecf7781da77931214ac9a8697691d933b20cb64acde409fc159d748e4f92d83ff7767260fdec04b2e80cc524a2366e8fa5b70eb8684d164dec49fa95f42e7e75daa8c268204beec1fbc58cbbe3317af0993a8676dfdb13db7875f50cebdbc629bcd605dd4c4a65c31870495fb9a9ec51c1867ca8b117a6f9507aa26cee54c4c12f8f22b9d88072639ad765bb7906435128d1c146b9e2029880eccbdf78449bd0630381ad16c13444d709a11890d80fae0d24c037180a8726143306a7cd67abbc830167f524008f9a8e3172df597a63af2e87a92e90b70ce53069657f9b46acc9da241a1b00571540ec5fed4a9acfdd0066ba248cb2bf24540d7296256d4c9a5a5bc821817ada912cdde59876d86d4c53c1d047c6bc3442c2ee78326d7c51b6d01bd4f7ff5bc45db88649220d44099b406ac2e4744996b869ea688ecb4e758e755b29717869d5dfccbf5fd553ad83de0c4cd16b3fd4913451734226e4cf29bc0a860943b3e854d8cf49f07d2bfba1c280efaa85bb8f0f8818d1e58178c338c9e46c873adc0a4b6c832aaf0878956d8a04fcc043ff307f60a263cf1bc57ad0434b6a6f99075d932ff75deb8b017cbd16b272139a4addc24749d9551ba44d5bef0536e58de5e9d0b8985f1044163d542859c699f27f033b01d1e5d4c5598bcc4279f29c56eca82cf40c3b2799277e9b0aea04ba5cdd679e3eb63ceb0eafc21c373356caadc0f5730054a0979d7e32117962af0444b7e0e75bf1d30fd1af656956367bbbddf018531833f6c383b76cd63d014c91f67b41548e558cfae6a953a78c36ba3a896b3a0bf48aaa947d042a456a48c8f323682f560f2679f53578f00746cb04c4ef12b905b37f1b1bac9c75a85d6f173d531198f150ee6dbe7fcdbed4e0baf7610b82a793c17124970924ae32c86f9b7b40a229219958cd2445fca613e264adbf29644b1f405c68ef8afff7f4c1dc86f0e578e3716fa86c53f776dc42e7d28978f1e694428560b923b5d44e3aacb18cb38d3efd90ca0812027d336b011557e9e953cbff769e9ba84b903f5fcf1e6b4ab3e210ceaac574f80607116b196b6ded8668729f9be216bfdd049e88d1cb45581701c6ca7c991488a73e6ae5decdfc6416fa69b76f82e92246ee2b29c91885be24e96ea72438499c5c421ffd199f172667adf7d257947bb47945817930a7f2f0dfc73c2a5f6002fd40b9ea51c4a0c610e9759d43c082ed0c126c0de63c5a079b4c8bac46fcc8a1f74d8929ee2b7878430e3caed5f5aad7378fcbc4d659144a7cdbd654185ffdabd9b36257993ca823990df4aa7809ee58b7a278f38085202f3618fefef67f71b39f8ed35a28b3ff47e6caa3cecdbb41b899ea7ef3179ec3d67d0e3380f61d5a57453b9b790d171e1838c68f988a6914f4b81a7a12a0f50612182de8844a5f18026bc4110a10a31a88dae4bb40a3fea22360830784cf82ccde8187d04635e7e5bc6cda8252fa77d7022ae5fdeb978315f925cdbe7cbe0e3894965795fda4b94068bee89f79f86c420b211411929b9b3074703583c0ba0703a4d282441495110dd167c228079db163febc9ea0bcb02ab400999abfecfbca274fca55a055859eb256fcddc1d1773d72d5c3793ca3ff5f2fbe647b04f5ff2b2dc50a3a897e03634a36d21e391e6b6290cf85064711600de9a74057b78d9c04857017bc762300872f674eed1b68fac65025f3252bb803a9ff8ccf4b2b49028622168439db3bc01ea9ae7618b73dc7f858ba388891da14b88f7fee4f5f49abd687ba947969b8b923c2e119fe172126835ab4d1429133a38bbb80f1f6c308ffd180a179c05d9fb112a70e7658f9e3c7b6545556726e6589ba479edf21afd08da62963b5b724fa7b618c27fba201297dd465217de92395734355e9b34e27ff4916d78dbe0424df3d6110297a7847efda2675f12a3bf5e4b07827cdae6c61b0d969f6bb15be656b394a3f3ca8d705a4cac9c78c66c4be58c40888d49ceb08eb9a90c230faace7e4c837a8cb1aa69b020f9f43532cb7315cd698dfffb0179fb24e135480af4c437170c010e6e8f94108523dca95598c59b9e483753b79bafb02a455ceec727fd271b4cb4af7d958751a747afe6625c1e8b0316af5e13e42dc8d97dc42d5960edcaa391164693250a6f98653fa20c78823e1c1a77b798491f197a647b291cdd04087b3143e5b0fc550ecbbff19666b1c8e2a5bf2cb40f9f54c11828a8dd16489f36583e3128cda7a9abde8abbf61294450af638f56444176b5a11f84e67e4e666d6df58c45c0adc45938a2639fb1717a44c8dedf8471ac82fc1771a704f778fb812acb953493a831be5b28b16b20a112aafcee4e44640a6653c4b3035d5de4fcc16312057046bc3c650057dd9be4450b3e837ff8ac19019e67550a124416d671ccc76de36946c2d91f3d63b212111f4f09f39c24c1a981a7e63dd37a8d94ebfae1df5796d971193a8c723f172a9266af23d1d0e48aae73de4e7545a13f09a1ae3feb147ba1c700776148f027abc7dbdd1f3cb823b9a4c0e9dd43fd0bc411dc3eac2369f10fc9669ffaec5ef76da6b7f8884430b3a00da63a0e5272de159ea047584f4804a14159b1321309db45c55af563081d126300dc3ac446936f6653db92fc09d225716f425997dc247939b8c1e09a11f8b10c36b671cc590922051871ce19f6db85eefac9a666c3cec6fd5a69e7610ae5123413b458024b02521420d8c50c265d7b763f070b8fd1981824da47079135a667ee2395e43cae172e6a5ae96aeb7ce490212792498e427b80036f52cc557d3f94b118b2248af9a75a6d27d084ba423edc616981864cb0069a06f359a953a6e7df6b765d222626030248253e4e93eb0979b0a5550ee15d1489f56cc1d30b1584f37b51dfa029af5b45a85b141f4f8ffdc809a19e01f22f80c8a11e9d35f790a6de2d898462a19f412de4df26896a3d107baa7a661b5482cd71453b5f88f889b93ee6df84363ecaf04cb0dcd4369f9d1a827b955182334a998e8f2edbfe74beb14e9ff50134f03d24d70b068801684e25370c1cfc065d88582389713500f974e8a6c6e7f015b8e84e5b9861e45d4ce4eef79f0e8d4f15eaf7c1b33e64287470b5b3c0b8b6bdadae567f977341b57486c1eb279be8ee1cdf11b6e0dbd42d32c95b6801cea98e6000ea80777c6ad3f62012732859497080b3aa127a0f3a7b80a99182406ccfd54affb463f8eaf01b0c65ab582628b3c2237d039ee68d307dd113e4b593b243bd64eb6f58a0ccdd8e9a78f9ed393e2affde8d616d57c7aa1d12ebb4be718b49843ec6890d5d8c197f154f27805046c410d4e1b66cbf4a8e495a3a229a2a1d58b4909a240d7ae6ea9e740c055b06e756e57e2ff19c148cbaf37357c0d3273b7f2ec631565e9f6c6c8722ddb0c1180695fb204f35917dc2fe11469801c545b2560a59d0666ec129b88e4f427989e820982329c2c39321f25648666af651f87b495195a95a5d158fd161324796272303114d99d22890385853dbc66d37ce22de0db447260217cf51aaed240e4f4963ca7510522fc6e7dbe164ccdedc334787ddb24bbc8205bf3353d447a1de2407c248775fa7e318d83e3ff18150b3cd9a7cbb0df0703aab6ef8d0f71bf9b5a305dc25fbd200e06b73c7f298320bd90dab05ec62b5f885e7cf95274c656051c71628f31196354460b001b6366c26fd2e92f6ad68ea37d7e3fe91fe98223563b4d23f802b3911a5241a793cb9f5b4f80081ace5877f95da7499f728ab09837120ca75c63d725e46f9f77c3da16318c9bcdd4a9d68379b627c1a71a34b684e5614ab3fabceab8d2741aca921b1b018098060686c56d7ed190e7470f529f6e680ed72e749fe7c9c2f37ea8cf08d4520e496361d2437018bbda93396c05abb2aeba443ea1ee56a3da04a8b880452a3610cb4163154e02df8a08a5e48c03fb0b0cdd4d355142cc736b344b9fd987b49b85791e5bf7805250dfe63b04c7ff56608129ef43664aa2acf82f18b49cdfd2ae5551ea4d486b35cd2ea60e3f032c58f531d4d36054f5ce268a29862ded0a3cc0ff1d30882f7c85b95e9a8599bf1d143d2d25555bbaa6f8b673b76ca8cc17b693519194784833d902581fec4e656ca546eade53abfd7e4650df648cb61a146bef5382f9255bf4a7c380854568495bdb7b33f490d240ead3d1851ce3b6400eda5a370f13ec998605f46b234bc9293c026bd1d648647bf52d506deb522012ae89c4ea75414ae6677c4aef28dd756f877af23d1a5ae3cb2205850c14f27f595d1a1542bb1eaf641293e3ba40e0bb54193a1e5db969d37c97709efbc34ab509f08a51ba71ecc4f9f66c27190115948cffaae914e7eb4e8d0c59ef7368e9b08a05bbbd340e1c1d34319f150d299c0ddf3bb2138359e826f4997068b99d13cc454fea46b8664d413b79b19656d62cbb5b31744aa33f99651fa56703eaec2e6998c7321f69f6cd110c89ae0c612a96f9a84dd751fd81ff66c80563e7091f5c5b67f89d52e7c58eb26218cddeaf5c6def3ad07a610bd4e5785675580c199b8550cbb02e3b4e1d240bb8df8e514fb505f39fd222209584331bef5d271056accaef84c88741ebd9f116cce3fe7b07b78ac4bad346c0d6e71c9daecd8d60aa8ea0914f85c9078dfaff04ba5e9bbbacddbc0cb40fe20f869d7f196c5edb6657c50b82c67f1abab663bff0a8da16422fe31a4a17995ee25081a06154d1c03f1a87a9d4ad5141a9227849bd920d2515ca16a245b635c85a77884cce0b8ae56929b5e22c52f971c2eed4ccfd64f7790a616f719fc0305af71405abae9407ed1cdaa26606331fdcf9b3c19b90e561f646ea15e0e668ef37b349594a335baf26962b89ef33c98aec3ca3e7df47c20dc2928d074e5f87c0edcf37cb25d3b8304f57f8257a5ae96791697e3c6d04f4ec2eb6a69f25346defed5b509368dea2b1960218bc6dd21b567583c229fc7b5fc85f7f2032eb304c3a1f72204f75ee950344cdef846d94e916b29a43d00c789256810de5fff6f9fd1af0fcfc2edd3fff9e2010d88083fc0b9e6a291e9a7a08af62433689a39e34bed8dafc90fec82be5c63a843d82132ce8916e395791dc86c8d11caf57f7fd096c28537ec38d6c14df9782312abc85fba2d04b0b159637b0e09f7e9faa1a6136359d17cf7c58b83994d58674ddbc248b804a82156900ca95a5002ef62de046e2f5ddf8e1e19f00189d4f5169bfc3c67afc149c6bc155767e64eac433cfb787be7f7bae7f869c0ec3d142668c2f90d383af7207a635850c515d69c6a62e24e0d58c5da244a917a17caa6be01992c4f8be0b9fff57522db4756840bdf72cafa6061ff2b86305c180c470b3af589e7c9e5328d98cf737bf01d80762e1e41a4d63a8655387be7f295862fdea629aa97b40c2ba1b563f1a103a860f7dff7fd5ee8423ce3dbf0fad41b66965c67299e35483130d461ac6c68215850fd441323bb856cdf03f624520743f7b445641c72e08994c8f252fe179b29226637b533f0ed6c94a0b84efc1a884af940fbc05c654b59d37a54047de233c496103bb27b657e7f63c24ef3ce29709622f67653f398dc7c4e44", 0x2000, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
openat$iommufd(0xffffffffffffff9c, 0x0, 0x8000, 0x0)
socket$packet(0x11, 0x2, 0x300)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000140)=@base={0x5, 0x4, 0x8000, 0x5c, 0x0, 0xffffffffffffffff, 0xa, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
socket$inet6_mptcp(0xa, 0x1, 0x106)

4m56.403789846s ago: executing program 2 (id=246):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, 0x0, 0x0, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(0x0, r6)
sendmsg$nl_xfrm(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000680)=ANY=[@ANYBLOB="38010000180033060000000000000000ac1414bb0000000000000000", @ANYRES32=0x0, @ANYRES32=0x0], 0x138}}, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r7 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
close(r7)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
open_tree(0xffffffffffffff9c, 0x0, 0x89901)
chroot(0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
move_mount(0xffffffffffffffff, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, 0x0, 0x10)

4m51.969936327s ago: executing program 2 (id=257):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, 0x0, 0x0)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendto$inet6(r3, 0x0, 0x0, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_RECVNXTINFO(r3, 0x84, 0x21, &(0x7f0000000000)=0x4, 0x4)
setsockopt$inet_sctp6_SCTP_RECVRCVINFO(r3, 0x84, 0x20, 0x0, 0x0)
syz_io_uring_setup(0x10d, &(0x7f0000000140), &(0x7f0000000340)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0})
clock_nanosleep(0x9, 0x0, &(0x7f00000007c0)={0x0, 0x989680}, 0x0)

4m49.675426371s ago: executing program 2 (id=260):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f60000178500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
poll(0x0, 0x0, 0x5)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/timer_list\x00', 0x0, 0x0)
lseek(r5, 0xc6c3, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f00000005c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x2, [@float={0x1, 0x0, 0x0, 0x10, 0xc}, @func_proto={0x0, 0x0, 0x0, 0xd, 0x4}, @typedef={0x0, 0x0, 0x0, 0x2, 0x4}]}}, 0x0, 0x3e, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000840)='./bus\x00', 0x210052, &(0x7f0000000240)=ANY=[@ANYBLOB='debug,gid=', @ANYRESHEX=0x0, @ANYBLOB=',dots,dots,check=relaxed,dots,nodots,errors=continue,showexec,dots,dots,codepage=860,dots,nocase,codepage=936,check=relaxed,nodots,fmask=00000000000000000000002,umask=00000000000000000000005,uid=', @ANYRESHEX=0x0, @ANYBLOB=',dots,dots,fsmagic=0x00000000000000fb,pcr=00000000000000000021,uid>', @ANYRES16, @ANYBLOB="2c636f6e746578743d73797374656d5f752c726f2c61756469742c7375626a5f726f6c651ca8ba91a3a08f88b8a003653455fed0f0b52cf1452b003f8e172d0d2cd5ed8d9ba16fba394f2bf8decb8c5a4913698ed516a64bde"], 0x5, 0x1c7, &(0x7f0000000500)="$eJzs3TFrE2EYB/DnYu1FF7sJ4nDg4hTUL2BFKog3VTLopNC69ERIltPF+hWc/IB+AOlUBzkxlzY2JFKKvbukv9+Sh/vf8T5vAm+mPHlz9/3B3ofxu++3v0W/n0RvO7bjOImt6MWJwwAA1slxVcWPqtZ2LwBAM87x/f+r4ZYAgEv28tXrF0/yfGc3y/oRR4flsBzWr3X+7Hm+8yCb2Jo9dVSWw2un+cM6z87m1+PmNH+0MN+M+/cm+Zc/2dOf+Vyext6ihr/u/vf3AAAAAAAAAAAAAAAAAAAAAAAAmjbITi2c7zMYLMvr6q/5QHPzezbizkZj2wAAAAAAAAAAAAAAAAAAAICVNv746eBtUeyPZkUaEWevXKyobi1dojtFLzrRxooWaUc/3KwbbRQxdyWKk5EY/3x8MyImxeNl99yIiEtufnZGpK2cTAAAAAAAAAAAAAAAAAAAcPVMf+ubjMZtdwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7an//7/YH12k+BwR57h5ulTS8lYBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABYY78DAAD//6d2Kn0=")

4m47.505464824s ago: executing program 2 (id=264):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={0x0, r3}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_genetlink_get_family_id$tipc(&(0x7f0000000000), 0xffffffffffffffff)
r4 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000020000850000008200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r5}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000040)={'bridge_slave_1\x00', @random="70d370117ddb"})

4m32.152510442s ago: executing program 32 (id=264):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={0x0, r3}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_genetlink_get_family_id$tipc(&(0x7f0000000000), 0xffffffffffffffff)
r4 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000020000850000008200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r5}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000040)={'bridge_slave_1\x00', @random="70d370117ddb"})

22.521408538s ago: executing program 5 (id=794):
r0 = socket$key(0xf, 0x3, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$key(r0, &(0x7f0000000000)={0x40000000, 0x0, 0x0}, 0x0)

22.033279072s ago: executing program 5 (id=797):
r0 = syz_open_dev$sndpcmc(&(0x7f00000003c0), 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE(r0, 0xc25c4110, &(0x7f0000000100)={0x0, [[0x1, 0x0, 0x0, 0x0, 0x0, 0x1], [0x20000000, 0x500, 0x4], [0x3]], '\x00', [{0xfffffffe, 0x0, 0x0, 0x1, 0x1}, {0x0, 0x0, 0x0, 0x1}, {0x0, 0xe}, {0x5}], '\x00', 0x6b4})
openat$vimc0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
creat(0x0, 0x20)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0xe, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x0, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0xc1b7, 0xffffffffffffffff, 0x4}, 0xffff}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x3}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x880)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, 0x0, 0x0, 0x2, 0x0)
bind$vsock_stream(0xffffffffffffffff, &(0x7f0000000040)={0x28, 0x0, 0x0, @host}, 0x10)
r4 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r4, 0xc05064a7, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)=[0x0, <r5=>0x0], &(0x7f0000000540), 0x0, 0x2})
ioctl$DRM_IOCTL_MODE_SETPROPERTY(r4, 0xc01064ab, &(0x7f0000000e00)={0x1, r5})

16.123770067s ago: executing program 5 (id=806):
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{r3}, &(0x7f0000000180), &(0x7f0000000200)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
syz_clone(0x42000000, 0x0, 0x0, 0x0, 0x0, 0x0)

14.199912618s ago: executing program 0 (id=813):
setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000140)='scalable\x00', 0x9)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
bind$netlink(0xffffffffffffffff, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x0)
r3 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x0, 0x0)
r5 = openat$cgroup_procs(r4, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
open_by_handle_at(r5, &(0x7f0000000100)=ANY=[@ANYBLOB="0c000000010000"], 0x260040)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)

12.94056343s ago: executing program 0 (id=815):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x60})
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
readv(r3, &(0x7f0000000240)=[{&(0x7f0000000140)=""/201, 0x20}], 0x6)
mremap(&(0x7f0000638000/0x1000)=nil, 0x6aa000, 0x2000, 0x3, &(0x7f00005c0000/0x2000)=nil)

11.485456467s ago: executing program 0 (id=817):
r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
write$binfmt_script(r0, &(0x7f0000000380)={'#! ', './file0', [], 0xa, "8a47f109e4c2d550d70669bcacd18a"}, 0x1a)

11.16803657s ago: executing program 0 (id=819):
r0 = socket$tipc(0x1e, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file2\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000980)={{{@in6=@dev, @in=@private, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}}, {{@in=@dev}, 0x0, @in6=@private0}}, &(0x7f0000000880)=0xfffffffffffffd0b)
lsetxattr$security_capability(0x0, &(0x7f0000000100), &(0x7f00000008c0)=@v3={0x3000000, [{0xfffffff7, 0x6d3}, {0x1ff, 0x1}], r4}, 0x18, 0x2)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bind$unix(r2, 0x0, 0x0)
r5 = socket$inet6(0xa, 0x2, 0x3a)
sendto$inet6(r5, &(0x7f0000000080), 0x0, 0x0, &(0x7f0000000040)={0xa, 0x0, 0x7f, @ipv4={'\x00', '\xff\xff', @remote}, 0x9}, 0x1c)
pipe(&(0x7f0000000040)={<r6=>0xffffffffffffffff})
io_setup(0x3ff, &(0x7f0000000500)=<r7=>0x0)
io_submit(r7, 0x1, &(0x7f0000000300)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x5, 0x0, r6, 0x0}])

10.776006494s ago: executing program 4 (id=822):
syz_mount_image$erofs(&(0x7f0000000200), &(0x7f0000000100)='./file1\x00', 0x810801, &(0x7f0000000140)=ANY=[], 0x4, 0x208, &(0x7f0000000640)="$eJzslb9rFEEUx78zu7e5BAlaaGFzFgEjmL3dPZU0FrEXhETU8jBjiE5y4XJFEhASbGysxX/EIpWFnVbWFioIFqa0EhyZ2dnb2dzuheX8UeR9IJPvzOybee/tu7cgCOLU8uXzj08vbi2uXAVwBnOYsuvfvPwZ7jz/8ZXXsPLt5uzTw+PnMQBK5XP/hPsDAG+WPGA/PVYp1xqYA3AWwAq40Zq74Lhi9T0whJmvKrcWYHhglx9vqWE0vWkrpGAPe3L10boUkR5iPSR66ACq4P/RAcMqgKa9gjn+be/uPelKoJ8KKTLRUNk9I1t1xbj8Gf+WOG46KdDv6/7zZwd6Htr1yMlfDI7Y6g4Ylq1exBTCMGzZqYid+C/6+fle+tpS9utE0pwsEXXFuYWSLV3h482npdDR/jE3fqm/EmBQKMF/l9Uyof2ob8Vbo1bBCeeIyX1mx1eYWxIXjg7fjVp9/a/pnUyYxgXA3Xqpy+bDjJS3S63OF1YuVfxksgqsLIm0fzAfuOz0J9/5KrQHG1vt7d29hfWN7ppYE5tJ0rkRXYui60nb9OZ0HNP/mqY/zTjnNyqeDViAne5g0I93gEE/Hs6TdHQ67vLr3ndjw03/45j/qVT2eTFhZx9KVryD2T9u/ms171U6TxAEQRAEQRAEQRAEQRAEUYsWGN7PDqeqHD+5Y7Z/BwAA//81gVqd")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
bind$alg(0xffffffffffffffff, &(0x7f0000000280)={0x26, 'hash\x00', 0x0, 0x0, 'digest_null\x00'}, 0x58)
vmsplice(r1, &(0x7f0000000400), 0x0, 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x1)
fadvise64(r0, 0x8, 0xff39, 0x3)
r5 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, &(0x7f0000000000)={0x4800}, 0x10)
chdir(0x0)
link(0x0, 0x0)

10.082453929s ago: executing program 1 (id=823):
r0 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c)
r1 = dup2(r0, r0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x10)
setreuid(0xee01, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
write$tun(r1, 0x0, 0x46)

9.757962992s ago: executing program 0 (id=824):
r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000140)={0x0, 0x5, 0x1, {0xa, @pix_mp={0x9, 0x81, 0x0, 0x8, 0x2, [{0xc}, {0x3, 0x8000}, {0xa64a80ed, 0x7fffffff}, {0x200, 0x3ff}, {0x5, 0x1}, {0x4ce, 0x8}, {0x7ff, 0x9}, {0x6, 0x1}], 0x6, 0xff, 0x6, 0x1, 0x5}}})
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_rx_ring(r1, 0x107, 0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(r2, 0x8, &(0x7f00000002c0)=0x9)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$vim2m(0xffffff9c, &(0x7f0000000180), 0x2, 0x0)
r5 = socket$alg(0x26, 0x5, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000002340)=ANY=[@ANYBLOB="653ddd7d776189732c00"/19])
syz_open_procfs(0x0, &(0x7f0000000040)='mountinfo\x00')
bind$alg(r5, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_sha384\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, 0x0, 0x0)
r6 = accept4(r5, 0x0, 0x0, 0x0)
recvmsg(r6, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000080)=""/101, 0x65}], 0x1}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000fb009500"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

9.756824616s ago: executing program 3 (id=825):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
bind$netlink(0xffffffffffffffff, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x0)
r4 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r5 = fsmount(r4, 0x0, 0x0)
r6 = openat$cgroup_procs(r5, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
open_by_handle_at(r6, &(0x7f0000000100)=ANY=[@ANYBLOB="0c000000010000"], 0x260040)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)

8.625989899s ago: executing program 1 (id=826):
syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f0000000740)='./file0\x00', 0x10040, &(0x7f0000000200)={[{@journal_dev}, {@nouid32}]}, 0xfe, 0x26d, &(0x7f00000002c0)="$eJzs3U9oHFUcB/Df7B/jJotEvQjiHxARDYR4E7zEi0JAQhARVIiIeJJEiAnesp68eNCzSkDwEsRb0x5LL6GXlkJPaZtDeim0oYeGHtrDlt3ZLdtkQ9r92+58PrDMTN57896E+b4MQ2Y2gMyajIjZiMhHxFREFCMiaa3wZvqZbGxulLYXI6rVz24n9XrpdqrZbiIiKhHxQUShWba29dXe3Z1P3vlttfj2v1tflgZ1fK3293Y/Pfh7/tdTc++vXbx8cz6J2Sg3ylqPo5eSNj8rJBEv9aOzp0RSGPYIeBwLP/9/pZb7lyPirXr+i5FrRPb3lefOFeO9v45r+8etS68OcqxA71WrxdrfwEoVyJxcRJQjyU1HRLqey01Pp9fwV/PjuR+WV36a+n55dem7Yc9UQK+UI9n9+MzY6YlD+b+RT/MPjK5yxO7nC5vXausH+WGPBuib1rvtr6WLWv6nvll/N+QfMkf+IbvkH7JL/mEEdJjdHuS/3b+2Ac+AbvL/fJ/GBAyG638YYcXmSqVtsfxDdsk/jKh/Tr41J/+QXa35BwCypTo27CeQgWEZ9vwDAAAAAAAAAAAAAAAAAAActVHaXmx+BtXn+T8j9j+KiEK7/vP17yNuvm18/E5Sq/ZQkjbrytdvdLmDLv3Xs6evSx21euF6r/rvzIXX+7PfXx7dPPaXs74UUalVnikUjp5/SeP869yLJ5QXv+2ygyd0+K2AH34x2P4Pu7853P7ndiLO1uafmXbzTy5eqS/bzz/l1lcsd+jHe13uAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIF5EAAA//9d9m3o")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x3f0, 0x0, 0x40000, 0x198, 0x0, 0x198, 0x380, 0x358, 0x358, 0x380, 0x358, 0x3, 0x0, {[{{@ip={@multicast2, @broadcast, 0x0, 0x0, 'vcan0\x00', 'wg1\x00'}, 0x0, 0x158, 0x1c0, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'fsm\x00', "0d0002191400000000000404fff0cf81dfd28c89544e14cd3e01dd24289831866346c88621039b284c3ff45c42995560a99952bed40cf5a8b9fb6133db7e2378d5afd35f4c16827f55b3af494e39e8fb330200000000000032b6a99a8d87298e88a94cb519f5c17631af916a7dbaae5592e8b15900000100", 0x8}}, @inet=@rpfilter={{0x28}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp_trap\x00', 'syz0\x00'}}}, {{@ip={@remote, @dev, 0x0, 0x0, 'team_slave_1\x00', 'netdevsim0\x00'}, 0x0, 0x70, 0x198}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x0, 0x0, 'system_u:object_r:system_cron_spool_t:s0\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x450)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
io_setup(0x5, &(0x7f0000001040)=<r4=>0x0)
io_pgetevents(r4, 0x0, 0x0, 0x0, &(0x7f00000010c0)={0x77359400}, &(0x7f0000001140)={0x0})
mknod$loop(0x0, 0x0, 0x1)

8.540866236s ago: executing program 5 (id=827):
socket$netlink(0x10, 0x3, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000780)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x800400, &(0x7f0000000100), 0x1, 0x500, &(0x7f0000000500)="$eJzs3U9sI1cZAPBvJn/sTdMmhR4AFbqUwoJWayfeNqp6oZwqhCoheuSwDYkTRbHjKHZKE/aQPXJHohInOHHmgMQBqSfuSBzgxqUckAqsQA0SByOP7V3njzfWbmzvxr+fNJo38+L53tvRvGd91s4LYGJdj4ijiJiNiPcjYqFzPuls8XZ7a/3dZ/fvrh3fv7uWRLP53j+TrL51Lno+0/Jc55r5iPjBOxE/Sk4F/VNE/eBwe7VSKe91ThUb1d1i/eDw1lZ1dbO8Wd4plVaWV5bevP1G6dL6+kr1N59ei4jf/+7Ln/zx6Fs/aTVrvlPX24/L1O76zIM4LdMR8b1hBBuDqU5/Zh/nw4/1IS5TGhGfi4hXs+d/Iaayu3nSydv07RG2DgAYhmZzIZoLvccAwFWXZjmwJC10cgHzkaaFQjuH91LMpZVavXFzo7a/s97OlS3GTLqxVSkvdXKFizGTbGxNl5ezcve4Ui6dOr4dES9GxM9y17Ljwlqtsj7OLz4AMMGeOzX//yfXnv8BgCsu/7CYG2c7AIDRyY+7AQDAyJn/AWDymP8BYPKY/wFg8pj/AWDymP8BYKJ8/913W1vzuPP+6/UPDva3ax/cWi/XtwvV/bXCWm1vt7BZq21m7+ypXnS9Sq22u/x67H9YbJTrjWL94PBOtba/07iTvdf7TnlmJL0CAB7lxVc+/ksSEUdvXcu26Hnf/4Vz9cvDbh0wTOm4GwCMzdS4GwCMzdnVvoBJIR8P9CzRe6/ndP5M4bSPBrp8at1QePrc+OIT5P+BZ5r8P0yux8v/+y4PV4H8P0yuZjOx5j8ATBg5fiC5oL739/+lZs/BYL//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJU0n21JWuisBT4faVooRDwfEYsxk2xsVcpLEfFCRPw5N5NrHS9HhHWDAOBZlv496az/dWPhtfnTtbO5/+ayfUT8+Bfv/fzD1UZjbzliNvnXg/ONjzrnS+NoPwBwke483Z3Huz67f3etu42yPZ9+p724aCvucWdr10zHdLbPZ7mGuX8nneO21veVqUuIf3QvIr5wXv+TLDey2Fn59HT8VuznRxo/PRE/zera+9a/xecvoS0waT5ujT9vn/f8pXE925///OezEerJdce/4zPjX/pg/JvqM/5dHzTG63/47pmTzYV23b2IL01HHHcv3jP+dOMnfeK/NmD8v778lVf71TV/GXEjzut/ciJWsVHdLdYPDm9tVVc3y5vlnVJpZXll6c3bb5SKWY662M1Un/WPt26+0C9+q/9zfeLnL+j/1wfs/6/+9/4Pv/qI+N/82vn3/6VHxG/Nid8YMP7q3G/z/epa8df79P+i+39zwPif/O1wfcA/BQBGoH5wuL1aqZT3hl1Ihx8iKyQRRyPoTruQ+/VP3xlVrCEW4ulohsLTVBj3yAQM28OHftwtAQAAAAAAAAAAAAAA+hnFfycadx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4uv4fAAD//5iA1Hs=")
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000500)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

8.144390579s ago: executing program 4 (id=828):
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r0 = io_uring_setup(0x3450, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x3)
syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000032680)=""/102392, 0x18ff8)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x38ead82ad8168db1)
syz_emit_ethernet(0x2a, 0x0, 0x0)
r3 = fanotify_init(0x4, 0x0)
r4 = epoll_create(0x1000107f)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f00000000c0)={0x30000015})
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x20060084, &(0x7f0000000180)={0x2, 0x4e22, @multicast2}, 0x10)
socket$inet_udp(0x2, 0x2, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x181040, 0x0)
r6 = syz_open_dev$vim2m(0x0, 0x7, 0x2)
read(r6, &(0x7f00000001c0)=""/36, 0x24)
ioctl$vim2m_VIDIOC_S_FMT(r6, 0xc0d05605, &(0x7f00000000c0)={0x2, @pix_mp={0xfffffffd, 0xc, 0x32315241, 0x7, 0x5, [{0xa, 0xd381}, {0xdc5, 0x7}, {0x0, 0x5}, {0x6, 0x10000}, {0x1000, 0xd3}, {0x8, 0x6}, {0x1, 0x5}, {0xffffffff, 0x8000}], 0x1, 0x7, 0x2, 0x0, 0x1}})
r7 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r8, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, 0x0}], 0x1, 0x2, 0x0, 0x0)
ioctl$KVM_SET_MSRS(r8, 0x4008ae89, &(0x7f0000000940)=ANY=[@ANYBLOB="0100000000000000044d56"])
ioctl$PAGEMAP_SCAN(0xffffffffffffffff, 0xc0606610, &(0x7f00000001c0)={0x60, 0x0, &(0x7f00001b8000/0x2000)=nil, &(0x7f000064f000/0x2000)=nil, 0x0, &(0x7f00000003c0)=[{}, {}], 0x2, 0x401, 0x0, 0x0, 0x0, 0x6e})
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)

7.16343669s ago: executing program 3 (id=829):
r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
write$binfmt_script(r0, &(0x7f0000000380)={'#! ', './file0', [], 0xa, "8a47f109e4c2d550d70669bcacd18a"}, 0x1a)

6.600761742s ago: executing program 3 (id=830):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x7)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x4, &(0x7f00000001c0)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000000c0)='sched_switch\x00', r3}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='pstore\x00', 0x1c011, 0x0)
mount$tmpfs(0x0, 0x0, 0x0, 0x2000402, &(0x7f0000000480)=ANY=[])
setsockopt$CAN_RAW_RECV_OWN_MSGS(0xffffffffffffffff, 0x65, 0x4, 0x0, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f00000006c0)={[{@stripe={'stripe', 0x3d, 0x3}}, {@noauto_da_alloc}, {@jqfmt_vfsold}, {@data_err_ignore}, {@dioread_nolock}, {@delalloc}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@oldalloc}, {@data_err_ignore}], [{@dont_appraise}, {@smackfsfloor={'smackfsfloor', 0x3d, 'net/mcfilter6\x00'}}]}, 0xfc, 0x550, &(0x7f0000000b00)="$eJzs3d9rW1UcAPDvTdv91nUwhvoghT04mUvX1h8TfJiPosOBvs/Q3pXRZBlNOtY6cHtwL77IEEQciH+A7z4O/wH/ioEOhoyiD75EbnrTZWvSZm22Zubzgduec89Nzz0593t6bk5CAhhaE9mPQsSrEfFtEnG4rWw08sKJteNWH16fzbYkGo3P/koiyfe1jk/y3wfzzCsR8dvXEScLG+utLa8slMrldDHPT9YrVyZryyunLlVK8+l8enl6ZubMOzPT77/3bt/a+ub5f3749O5HZ745vvr9L/eP3E7ibBzKy9rbsQM32jMTMZE/J2Nx9okDp/pQ2SBJdvsE2JaRPM7HIhsDDsdIHvXA/99XEdEAhlQi/mFIteYBrXv7Pt0HvzAefLh2A7Sx/aNrr43Evua90YHV5LE7o+x+d7wP9Wd1/PrnndvZFv17HQJgSzduRsTp0dGN41+Sj3/bd7qHY56sw/gHz8/dbP7zVqf5T2F9/hMd5j8HO8Tudmwd/4X7faimq2z+90HH+e/6otX4SJ57qTnnG0suXiqn2dj2ckSciLG9WX6z9Zwzq/ca3cra53/ZltXfmgvm53F/dO/jj5kr1Us7aXO7BzcjXus4/03W+z/p0P/Z83G+xzqOpXde71a2dfufrcbPEW907P9HK1rJ5uuTk83rYbJ1VWz0961jv3erf7fbn/X/gc3bP560r9fWnr6On/b9m3Yr2+71vyf5vJnek++7VqrXF6ci9iSfbNw//eixrXzr+Kz9J45vPv51uv73R8QXPbb/1tFbXQ8dhP6fe6r+f/rEvY+//LFb/b31/9vN1Il8Ty/jX68nuJPnDgAAAAAAAAZNISIORVIorqcLhWJx7f0dR+NAoVyt1U9erC5dnovmZ2XHY6zQWuk+3PZ+iKn8/bCt/PQT+ZmIOBIR343sb+aLs9Xy3G43HgAAAAAAAAAAAAAAAAAAAAbEwYh9nT7/n/ljZLfPDnjmfOU3DK/u8Z+X9OObnoCB5P8/DC/xD8NL/MPwEv8wvMQ/DC/xD8NL/MPwEv8AAAAAAAAAAAAAAAAAAAAAAAAAAADQV+fPncu2xurD67NZfu7q8tJC9eqpubS2UKwszRZnq4tXivPV6nw5Lc5WK1v9vXK1emVqOpauTdbTWn2ytrxyoVJduly/cKlSmk8vpGPPpVUAAAAAAAAAAAAAAAAAAADwYqktryyUyuV0UUJiW4nRwTgNiT4ndntkAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBH/gsAAP//sQI4ww==")
pwritev2(0xffffffffffffffff, &(0x7f0000000100), 0x0, 0xfff, 0x0, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcf"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000080)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="73686f72746e616d653d6d697865642c756e695f786c6174653d312c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c756e695f786c6174653d302c6e6f636173652c73686f72746e616d653d6d697865642c726f6469722c73686f72746e616d653d6d697865642c636865636b3d7374726963742c73686f72746e616d653d77696e6e742c756e695f786c6174653d302c726f6469722c757466383d312c616c6c6f775f7574696d653d30303030303030303030303030303030303030373335312c6572726f72733d72656d6f756e742d726f2c736d61636b6673666c6f6f723d756e8b5f786c2174653d312c00"], 0x6, 0x2d0, &(0x7f00000003c0)="$eJzs3b1uHFUUAOAz653ZBYp1QYWQGAkKqihOS7MWSiSEKyIXQAGGJBLyrpBiyRI/YklFS0NBwRNQ8SA0iBdAokWiI0iRLprZmf1xJhstYRMg39f4+N5z5p67O7bHha/ff3F6eqOMW3c+/yWGwyx64xjH3Sz2oxetL2PN+OsAAP7L7qYUv6e5beqyiBjuri0AYIe2/vn/w85bAgB27Prb77x5eHR09a2yHMa16Vfnx9Vv9tXH+fzhrfgoJnEzLsco7kXUDwp51E8LVXgtpTTrl5X9eGU6Oz+uKqfv/dhc//C3iLr+IEaxXw8tnjbq+jeOrh6Ucyv1s6qPZ5v1x1X9lRjF84vitforHfVxXMSrL6/0fylG8dOH8XFM4kbdxLL+i4OyfD1988dn71btVfXZ7Px4UOctpb3H/NYAAAAAAAAAAAAAAAAAAAAAAPA/dqk5O2cQ9fk91VBz/s7eveqTPMrW/vr5PPP6rL3Q6vlAKaVZiu/a83Uul2WZmsRlfT9e6Ef/yewaAAAAAAAAAAAAAAAAAAAA/l3OPvn09GQyuXn7Hwna0wD6EfHn9Yi/e53xyshLsTl50Kx5Mpn0mnA9pz9YGYm9NieL2NhGtYnuqZStLtF79Nfwmft6boLvP8i3vODw4Tl591oXg/4j7Ku9u05Psu7XcBDtyLC5Sb4tIpY5RTxkifZdLx6Uk2Kb26/onBptvffiuTqYbciJbFNjr/0631czkl3cRVG/qp3leRNEHt1fMsMH3M/dwf3fKzKndQAAAAAAAAAAAAAAAAAAwE5liz/67Zi8s7G0lwY7awsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHquzxf//XwQ/5xGLkXxtqglmTXHH1MWgiNtnT3iLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAX+CgAA//8wK1Yb")

6.553645565s ago: executing program 5 (id=831):
r0 = socket(0x10, 0x803, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000003c0)=@getchain={0x24, 0x66, 0x8, 0x70bd27, 0xa000, {0x0, 0x0, 0x0, 0x0, {}, {0xf, 0x7}}}, 0x24}}, 0x0)
getsockname$packet(r0, &(0x7f0000000740)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000700)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x14, 0x3, @mcast2}]}}}]}, 0x48}}, 0x0)
sendmsg$nl_route(r1, 0x0, 0x20004090)

6.207333574s ago: executing program 1 (id=832):
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000000)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000780)={0x8, 0x24a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000240)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffffffff}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
request_key(&(0x7f0000000280)='asymmetric\x00', &(0x7f00000002c0)={'syz', 0x0}, &(0x7f0000000300)='@\x9f+^\xbe-@(/[+\x9f{\x00', 0xfffffffffffffffe)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
setfsuid(0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r5 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r5, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r5, 0x107, 0x16, &(0x7f0000000100)={0x1, &(0x7f0000000180)=[{0x6, 0x8, 0x0, 0xf77}]}, 0x10)

5.052858056s ago: executing program 3 (id=833):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r0, &(0x7f0000000240)="04ec", 0x2, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x1000, @empty}, 0x1c)

4.86480341s ago: executing program 5 (id=834):
r0 = socket$tipc(0x1e, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file2\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000980)={{{@in6=@dev, @in=@private, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}}, {{@in=@dev}, 0x0, @in6=@private0}}, &(0x7f0000000880)=0xfffffffffffffd0b)
lsetxattr$security_capability(0x0, &(0x7f0000000100), &(0x7f00000008c0)=@v3={0x3000000, [{0xfffffff7, 0x6d3}, {0x1ff, 0x1}], r4}, 0x18, 0x2)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bind$unix(r2, 0x0, 0x0)
r5 = socket$inet6(0xa, 0x2, 0x3a)
sendto$inet6(r5, &(0x7f0000000080), 0x0, 0x0, &(0x7f0000000040)={0xa, 0x0, 0x7f, @ipv4={'\x00', '\xff\xff', @remote}, 0x9}, 0x1c)
pipe(&(0x7f0000000040)={<r6=>0xffffffffffffffff})
io_setup(0x3ff, &(0x7f0000000500)=<r7=>0x0)
io_submit(r7, 0x1, &(0x7f0000000300)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x5, 0x0, r6, 0x0}])

3.727260231s ago: executing program 4 (id=835):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x1, 0xc, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r1}, 0x10)
bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000b00)=@base={0x6, 0x4, 0x70be, 0x5c, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x0, 0x0, @void, @value, @void, @value}, 0x48)

3.566970365s ago: executing program 3 (id=836):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r0)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x14, r6, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@void, @void}}}, 0x14}}, 0x4000054)

2.043283333s ago: executing program 3 (id=837):
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000200)={[{@jqfmt_vfsold}, {@max_batch_time={'max_batch_time', 0x3d, 0x1}}, {@debug}, {@noload}, {@nombcache}, {@noblock_validity}, {@init_itable_val={'init_itable', 0x3d, 0x601}}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x2}}]}, 0xfe, 0x46c, &(0x7f0000001380)="$eJzs3M1vFOUfAPDvTF94+/FrRXwBQapoJL60tLzIwYtGEw6amOgB46m2hVQWamhNhBCtHvBoSLwb/wvjSS9GvWjiVe+GhBguoF7WzM4MLMtu2aXbLrCfTzLd55l5us/znZln95l5djeAvjWW/Uki/hcRv0fESJ69ucBY/nDtyvmZv6+cn0miWn3rr6RW7uqV8zNl0fL/tuSZarXIb2hS74V3I6YrlbkzRX5i6dQHE4tnz70wf2r6xNyJudNTR44cPLB7+PDUoa7EmcV1defHC7t2HH3n4hszxy6+91OSRh53NMTRLWP53m3q6W5X1mNb69LJYP2WPb/cSDc7E+ilgYjIDtdQrf+PxEBsur5tJF77rKeNA9ZUtVqtrvCqvFwF7mNJ9LoFQG+Ub/TZ9W+5rNPQ465w+eX8AiiL+1qx5FsGI80Te4Yarm+7aSwiji3/81W2xBrdhwAAqPddNv55vtn4L42H88Rw9uf/xRzKaEQ8EBHbIuLBiNgeEQ9F1Mo+EhGPdlh/4wzJreOf9NIdB9eGbPz3UjG3dfP4Ly2LjA4Uua21+IeS4/OVuf3FPtkXQxuOzydzkyvU8f2rv33Ralv9+C9bsvrLsWDRjkuDDTfoZqeXplcTc73Ln0bsHGwWfxLlNE4SETsiYucd1jH/7GDLbbePfwWtn7Zt1a8jnsmP/3I0xF9KWs5PTr54eOrQxMaozO2fKM+KW/3864U3W9W/qvi7IDv+m5ue/9fjH002RiyePXeyNl+72HkdF/74vOU1TYfn/9Gtxfk/nLxdWzFcbPhoemnpzGTEcPL6reunbjxbmS/LZ/Hv29u8/2+LG3visYjYFRG7I+Lx7KKwaPsTEfFkROxdIf4fX3nq/c7jX5+50iz+2dsd/6g//p0nBk7+8O3t498YEa2O/8Faal+xpp3Xv3YbuJp9BwAAAPeK/DPwSTp+PZ2m4+P5Z/i3x+a0srC49NzxhQ9Pz+aflR+NobS80zVSdz90srg3XOanGvIHivvGXw5squXHZxYqs70OHvrclhb9P/PnQK9bB6y5LsyjAfco/R/6l/4P/SnR/6Gv6f/Qv5r1/09alh7/Zk0bA6wr7//Qv9ro/8v5Q+tRAXBv8v4P/Uv/h77U8rvx6aq+8r/uiX+L3zO8W9pz/ycivSuacf8nBtv+MYsOEtWRvP9nazY0LdPrVyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDu+C8AAP//F0nluw==")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x2, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b0000000000000000001801"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r4}, 0x4)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r5}, 0x10)
socketpair(0x18, 0x0, 0x2, &(0x7f0000000000))
syz_mount_image$exfat(&(0x7f0000002000), &(0x7f0000005840)='./file1\x00', 0x1000806, &(0x7f00000016c0)=ANY=[@ANYRES16=0x0, @ANYRES16, @ANYBLOB="2c666d61736b3d30303030b8463c983030303030303030303030303030362c696f6368617273652acf418b743d637e3737352c6769643d00", @ANYRESHEX=0x0, @ANYBLOB=',dmask=00000000000000000000027,errors=continue,errors=remount-ro,namecase=1,fmask=00000000000000000000003,umask=00000000000000000000003,allow_utime=00000000000000000000200,\x00'], 0x9, 0x1505, &(0x7f0000000180)="$eJzs3Au4jdX2MPAx5pwvm9BKcp9jjpeVXCZJEknIJUmSJMktIUmSJCS33JKQhNyT3ENyC8n9fss9SY4kSUJCwvweHefzndPp9P2/0/mc59nj9zzz2XPstcZY411jr9u7n72/azewUp3K5WsxM/xb8K9fugJACgD0AYBrASACgOKZi2e+dHk6jV3/vRsRf66Hp1ztDsTVJPNP3WT+qZvMP3WT+aduMv/UTeafusn8UzeZvxCp2ZapOa6TlXqXnP9PzeT1P3WT+aduMv/UTeafusn8UzOW+adyMv/UTeafusn8hUjN/pTzyGkvF/svOJ/9H1h/u6uudh9/sKL/p7yr95MnhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEECI1ORuuMADwt/3V7ksIIYQQQgghhBB/npD2ancghBBCCCGEEEKI/zwEMBoMRJAG0kIKpIP0cA1kgIyQCa6FBFwHmeF6yAI3QFbIBtkhB+SEXJAbLBA4YIghD+SFJNwI+eAmyA8FoCAUAg+FoQjcDEXhFigGt0JxuA1KwO1QEkrBHVAa7oQycBeUhXJQHu6GClARKkFluAeqwL1QFe6DanA/VIcHoAY8CDXhIagFD0NteATqwKNQFx6DelAfGkBDaPTP8/W/zn8JOsHL0Bm66Ev3QHd4BXpAT+gFvaEPvAp94TXoB69DfxgAA+ENGARvwmB4C4bAUBgGb8NwGAEjYRSMhjEwFt6BcfAujIf3YAJMhEkwGabAVJgG78N0mAEz4QOYBR/CbJgDc2EezIePYAEshEXwMSyGT2AJLIVlsBxWwEpYBathDayFdbAeNsBG2ASbYQt8ClthG2yHHbATdsFu+Az2wOewF76AffDl/zD/zD/kt0dAQIUKDRpMg2kwBVMwPabHDJgBM2EmTGACM2NmzIJZMCtmxeyYHXNiTsyNuZGQkJExD+bBJCYxH+bD/JgfC2JB9OixCBbBongLFsNiWByLYwksgSWxFJbC0lgay2AZLItlsfztcwCwAlbCSngP3oP3YlWsitWwGlbH6lgDa2BNrIm1sBbWxtpYB+tgXayL9bAeNsAG2AgbYWNsjE2wCTbDZtgcm2MLbIEtsSW2wlbYGltjG2yDbbEttsN22B47YAd8CV/Cl/Fl7IIVVDfsjt2xB/bAXtgbe+Or2Bdfw9fwdeyPA3AgvoFv4Js4GE/jEByKw3AYllEjcCSOQlZjcCyOxXE4DsfjeJyAE3EiTsYpOBWn4TScjjNwBn6As/BD/BDn4Bych/NxPi7AhbgIF+FiPINLcCkuw+W4AlfiClyNa3A1rlN/e2huxs34KX6K23Ab7sAduAt34Wf4GX6On2N/3If7cD/uxwN4AA/iQTyEh/AwHsYjeASP4lE8hsfwOJ7Ak3gCT+EpPI1n8CyexXN4Ds/jCzm/qb2rwNr+oC4xyqg0Ko1KUSkqvUqvMqgMKpPKpBIqoTKrzCqLyqKyqqwqu8qucqqcKrfKrUiRYhWrPCqPSqqkyqfyAUBXVVAVVF55VUQVUUVVUVVMFVPF1W2qhLpdlVSlVFNfWpVWZVQzX1aVU+VVeVVBVVSVVGVVWVVRVVRVVVVVU9VUdVVd1VAPqpqqG/bCh9WlydRRA7CuGoj1VH3VQDVUb+LjqrEajE1UU9VMPamG4hBsoRr7luoZ1UqNxNbqOTUKn1dt1Rhsp15U7VUH1VG9pDqpJr6z6qImYDfVXU3GHqqn6qV6q+lYUV2aWCX1uuqvBqiB6g01D99Ug9Vbaogaqoapt9VwNUKNVKPUaDVGjVXvqHHqXTVevacmqIlqkpqspqipapp6X01XM9RM9YGapT5Us9UcNVfNU/PVR2qBWqgWqY/VYvWJWqKWqmVquVqhVqpVarVao9aqdWq92qA2qk1qs9qiPlVb1Ta1Xe1QO9UutVt9pvaoz9Ve9YXap75U+9Vf1AH1lTqovlaH1DfqsPpWHVHfqaPqe3VMdVHH1Ql1Uv2oTqmf1Gl1Rp1VP6tz6hd1Xl1QF1VQoFErrbXRkU6j0+oUnU6n19foDDqjzqSv1Ql9nc6sr9dZ9A06q86ms+scOqfOpXNrq0k7zTrWeXRendQ36nz6Jp1fF9AFdSHtdWFdRN+si+pbdDF9qy6ub9Ml9O26pC6l79Cl9Z26jL5Ll9XldHl9t66gK+pKurK+R1fR9+qq+j5dTd+vq+sHdA39oK6pH9K19MO6tn5E19GP6rr6MV1P19cNdEPdSD+uG+sndBPdVDfTT+rm+indQj+tW+pndCv9rG6tn9Nt9PO6rX5Bt9Mv6va6g+6oL+iLOujOuovuqrvp7voV3UP31L10b91Hv6r76td0P/267q8H6IH6DT1Iv6kH67f0ED1UD9Nv6+F6hB6pR+nReoweq9/R4/S7erx+T0/QE/UkPVlP0VN1r8uVZl7KN/Av89/9J/n9fr31zXqL/lRv1dv0dr1D79S79G69W+/Re/RevVfv0/v0fr1fH9AH9EF9UB/Sh/RhfVgf0Uf0UX1UH9PH9HF9Qv+sf9Sn9E/6tD6jz+if9Tl9Tp+/fB+AQaOMNsZEJo1Ja1JMOpPeXGMymIwmk7nWJMx1JrO53mQxN5isJpvJbnKYnCaXyW2sIeMMm9jkMXlN0txo8pmbTH5TwBQ0hYw3hU0Rc/Pv5UeXn+H+MP93+ls+6XJ+I9PINDaNTRPTxDQzzUxz09y0MC1MS9PStDKtTGvT2rQxbUxb09a0M+1Me9PedDQdTSfTyXRGMF1NV9PdvGJ6mJ6ml+lt+phXTV/T1/Qz/Ux/098MNAPNIDPIDDaDzRAzxAwzw8xwM9yMNCPNaDPajDVjzTgzzow3480EM8FMMpPMFDPFXHphvWSmmWlmmVlmtplt5pq5Zr6ZbxaYBWaRWWQWm8VmiVlqlprlZrlZaVaa1Wa1WWvWmvVmvdloNpolZovZYraarWa72W52mp1mt9lt9pg9Zq/Za/aZfWa/2W8OmAPmoDloDplD5rA5bI6YI+aoOWqOmWPmuDluTpqT5pQ5ZU6b0+asOWvOmXPmvDlvLpqLl972RSpSkYlMlCZKE6VEKVH6KH2UIcoQZYoyRYkoEWWOMkdZohuirFG2KHuUI8oZ5YpyRzaiyEUcxVGeKG+UjG6M8kU3RfmjAlHBqFDko8JRkejmqGh0S1QsujUqHt0WlYhuj0pGpaI7otLRnVGZ6K6obFQuKh/dHVWIKkaVosrRPVGV6N6oanRfVC26P6oePRDViB6MakYPRbWih6Pa0SNRnejRqG70WFQvqh81iBpGjf7U+iGczvaE72y72LTQzXa3r9getqftZXvbPvZV29e+ZvvZ121/O8AOtG/YQfZNO9i+ZYfYoXaYfdsOtyPsSDvKjrZj7Fj7jh1n37Xj7Xt2gp1oJ9nJdoqdaqfZ9+10O8POtB/YWfZDO9vOsXPtPDvffmQX2IV2kf3YLraf2CV2qV1ml9sVdqVdZVfbNXatXWfX2w12o91kN9st9lO71W6z2+0Ou9PusrvtZ3aP/dzutV/YffZLu9/+xR6wX9mD9mt7yH5jD9tv7RH7nT1qv7fH7A/2uD1hT9of7Sn7kz1tz9iz9md7zv5iz9sL9qINl97cX3p5J0OG0lAaSqEUSk/pKQNloEyUiRKUoMyUmbJQFspKWSk7ZaeclJNyU266hIkpD+WhJCUpH+Wj/JSfClJB8uSpCBWholSUilExKk7FqQSVuPxoAbqT7qS76C4qR+XobrqbKlJFqkyVqQpVoapUlapRNapO1akG1aCaVJNqUS2qTbWpDtWhulSX6lE9akANqBE1osbUmJpQE2pGzag5NacW1IJaUktqRa2oNbWmNtSG2lJbakftqD21p47UkTpRJ+pMnakrdaXu1J16UA/qRb2oD/WhvtSX+lE/6k/9aSANpEE0iAbTYBpCQ2kYvU3DaQSNpFE0msbQWBpL42gcjafxNIEm0CSaRFNoCk2jaTSdptNMmkmzaBbNptk0l+bSfJpPC2gBLaJFtJgW0xJaQstoGa2gFbSKVtEaWkPraB1toA20iTbRFtpCW2krbafttJN20m7aTXtoD+2lvbSP9tF+2k8H6AAdpIN0iA7RYTpMR+gIHaWjdIyO0XE6TifpJJ2iU3SaTtNZOkvn6Bc6TxfoIgVKcelceneNy+AyukzuWvePcXaXw+V0uVxuZ11Wl+3vYnLO5XcFXEFXyHlX2BVxN/8mLulKuTtcaXenK+PucmV/E1dx97qq7j5Xzd3vKrt7/i6u7h5wNdyjrqZ7zNVy9V1t19DVcY+6uu4xV8/Vdw1cQ9fcPeVauKddS/eMa+We/U28wC10a9xat86td3vc5+6s+9kdcd+5c+4X19l1cX3cq66ve831c6+7/m7Ab+Jh7m033I1wI90oN9qN+U08yU12U9xUN82976a7Gb+J57uP3Cy3yM12c9xcN+/X+FJPi9zHbrH7xC1xS90yt9ytcCvdKrf6f/e63G10m9xmt9t95ra6bW672+F2ul2/xpeOY6/7wu1zX7rD7lt3wH3lDrqj7pD75tf40vEddd+7Y+4Hd9ydcCfdj+6U+8mddmd+Pf5Lx/6ju+AuuuCAkRVrNhxxGk7LKZyO0/M1nIEzcia+lhN8HWfm6zkL38BZORtn5xyck3NxbrZM7Jg55jycl5N8I+fjmzg/F+CCXIg9F+YifDMX5Vu4GN/Kxfk2LsG3c0kuxXdwab6Ty/BdXJbLcXm+mytwRa7ElfkersL3clW+j6vx/VydH+Aa/CDX5Ie4Fj/MtfkRrsOPcl1+jOtxfW7ADbkRP86N+Qluwk25GT/JzfkpbsFPc0t+hlvxs9yan+M2/Dy35Re4Hb/I7bkDd+SXuBO/zJ25C3flbtydX+Ee3JN7cW/uw69yX36N+/Hr3J8H8EB+gwfxmzyY3+IhPJSH8ds8nEfwSB7Fo3kMj+V3eBy/y+P5PZ7AE3kST+YpPJWn8fs8nWfwTP6AZ/GHPJvn8Fyex/P5I17AC3kRf8yL+RNewkt5GS/nFbySV/FqXsNreR2v5w28kTfxZt7Cn/JW3sbIO3gn7+Ld/Bnv4c95L3/B+/hL3s9/4QP8FR/kr/kQf8OH+Vs+wt/xUf6ej/EPfJxP8En+kU/xT3yaz/BZ/pnP8S98ni/wRQ4MMcYq1rGJozhNnDZOidPF6eNr4gxxxjhTfG2ciK+LM8fXx1niG+KscbY4e5wjzhnninPHNqbYxRzHcZ44b5yMb4zzxTfF+eMCccG4UOzjwnGR+Oa4aHxLXCy+NS4e3xaXiG+PS8al4kfvLx3fGZeJ74rLxuXi8vHdcYW4YlwprhzfE1eJ742rxvfF1eL742LxA3GN+MG4ZvxQXCt+OK4dPxLXiR+N68aPxfXi+nGDuGHcKH48bhw/ETeJm8bN4ifj5vFTcYv46bhl/EzcKn72Dy/vGneLu8evxK/EIdyn5ybnJecnP0ouSC5MLkp+nFyc/CS5JLk0uSy5PLkiuTK5Krk6uSa5NrkuuT65IbkxuSm5ORlC5bTg0SuvvfGRT+PT+hSfzqf31/gMPqPP5K/1CX+dz+yv91n8DT6rz+az+xw+p8/lc3vryTvPPvZ5fF6f9Df6fP4mn98X8AV9Ie99YV/EN/SNfCPf2D/hm/imvpl/0j/pn/JP+af90/4Z38o/61v753wb/7xv61/wL/gXfXvfwXf0L/lO/mXf2XfxXX1X39139z18D9/L9/J9fB/f1/f1/Xw/399f8AP9QD/ID/KD/WA/xA/xw/wwP9wP9yP9SD/aj/Zj/Vg/zo/z4/14PyFlgp/kJ/kpfoqf5qf56X66n+ln+ln5Z/nZfraf6+f6+X6+X+AX+EV+kV/sF/slfolf5pf5FX6FX+VX+TV+jV/n1/kNfoPf5Df5LX6L3+q3+u1+u9/pd/rdfrff4/f4vX6v3+dDCF32nw3+gD/ov/aH/Df+sP/WH/Hf+aP+e3/M/+CP+xP+pP/Rn/I/+dP+jD/rf/bn/C/+vL/gL/rgxybeSYxLvJsYn3gvMSExMTEpMTkxJTE1MS3xfmJ6YkZiZuKDxKzEh4nZiTmJuYl5ifmJjxILEgsTixIfJxYnPkksSSxNLEssT6xIrEyEkGtrHPKEvCEZbgz5wk0hfygQCoZCwYfCoUi4ORQNt4Ri4dZQPNwWSoTbQ8lQKtwRHgv1Qv3QIDQMjcLjoXF4IjQJTUOz8GRoHp4KLcLToWV4JrQKz4bW4bnQJjwf2oYXQrvwYmgfOoSO4aXQKbwcOocuoWvoFrqHV0KP0DP8EnqHPuHV0De8FvqF10P/MCAMDG+EQeHNMDi8FYaEoWFYeDsMDyPCyDAqjA5jwtjwThgX3g3jw3thQpgYJoXJYUqYGqaF98P0MCPMDB+EWeHDMDvMCXPDvDA/fBQWhIVhUfg4LA6fhCVhaVgWlgdIWRlWhdVhTVgb1oX1YUPYGDaFzWFL+DRsDdvC9rAj7Ay7wu7wWdgTPg97wxdhX/gy7A9/CQfCV+Fg+DocCt+Ew+HbcCR8F46G78Ox8EM4Hk6EkwHDqfBTOB3OhLPh53Au/BLOhwvhovzNmhBCCCHE/xX9B5d3+yffU5cX/Pq7c4CM23Ic+seaG7L+dd9T5WyeAIBnurR7+G+rQoWuXbtevu4SDVHeOQCQuJKfBq7ES6EZPAUtoSkU/af99VQdzvG/rv8bKQCQHv6x/i2/U3/ErD+oHyXnAOTPeyUnHVyJr9Qv9jv1szX+g/rpvhoL0OT/yMkAV+Ir9YvAE/AstPy7awohhBBCCCGEEH/VU93R5o8+3176fJ7TXMlJC1fiP/p8LoQQQgghhBBCiKvv+Q4dn368ZcumbWRzFTbtMv51Cv8t/fzOJs1/Rxt/3gYvn736b+nnP70pd/nR/j/JumpPSUIIIYQQQoj/kCtv+q92J0IIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghROr1/+OfkF3tYxRCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGutv8VAAD//zmwHF0=")
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0)
syz_clone(0x80000400, &(0x7f0000000140), 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000015c0)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2e6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00ee0000850000000d000000b70000000000000095000000000000002c3f2cc2b7956244cef7baf48e6d2885a09a87507ebfc75b5b0f4e4309ebcdac5f7a860c000c9c781f6410457253e89ad528d985636a86ec0f68f59cd1159a2c2e85d726859a919cc9548a349980d1ccdce27f94bc074c27f81078545c146a0857153b7b8f00034debae58a4ab415b0d7ff0575cc272cd3d7e8d974927676468ff2d86e0ffac94792ed9cf6b40b3cf252a47c05af3a70d57cc3e067d1867b54d24e20000000000000020009ebf84d3b042d6e4e4e29d8b33fbdd02e86a6432cd080e3b57239f0127473e6ba922aff649609d40b47ec331ccba3ce8f530ffff19a6471bf5abc742d9cbcfb964b13831034694a6aad84cf08a6c7b2235dc99de9aa3e6b77c7a2877261ed32da90864987f30926c9013eec3b86836ae50447aa5a79f40c235000000453302712c3d8fc4e2b61adb0695e800000000d4f4e91f0000002c33df871a8e782339bc424d1bafe5725c8a404724f8a4f1cda7997b65954f74097579b91da309b887af2485c2d9ab09b506000000000000000bf7b2ff4602aec1eea200000064881c5630521a08e051374cf05c921a06fb78183e7e68de9dc8d95e0e5b365d10e1004dae58b3b5b89709b0ff47b200000000004000cbefd9a6bb70f60eb9c01dd2fc79b85e4d961498f3a80131d21d85618ba2189f45d011ef1da5c6d57bb8fd387ccea9c3899a914e47e82f040000009de2323f927355408f87264797d3fa970949793b94329d580500d1f91c0d22587e05a61e3d8576ca168e88d7a9af95b04a37c27bfffab9abbb31fa8c0080258cfa6d3f166e695f3c56490aeef464d9965d70a50f1282619344f223548e75fa39643adac1322c87ca253ff2fb1882760d6feab16bacdf83c11816dbe959ebc5ec479c8319f73e2249eab0486b110702a481d3b51976a52303056e800b4ae5acc2df636a65eb1d672bf2000000cda8462cc9b16624998be65683321e970000000009b8e20762c1bf4a3eb6769f2b23e842bacd9c685edea0ffa3e975424f8ede49e61a4de808a38ba3512d64dc71867df4eee3f1ff791cf7c9862f98b45852e4b2f78721b978addf2f2a29a387c6f0576b36038f819286eea99a6a434811cf2a117d775fe986a49fb82cf5f15972d55185ab18f1045384501adabb20f7b0e15ff47f1744e2341b59034959a1289ba6e243668e671d305707e3de7652bfc5b60c76deff43a1d6fd6a4180ab723735abbeffe7f2ec3a0bb86f9eddfc0f3d1d503d7a540f64000000000000fbb4c256409e54daefbb107c381fa729ff5fe607d93430da178d685d7730f5e129438a5214f722096d2986334c25e454474f92e65828b018174a9f4738b8c71fbdead06ab95e02f9a847182766964976b1fccdb9f35721e43e33883cf16ed1343fb7429eb395123b0a4262b7023c22039b9002589a379ed4c6267965af78b861bd335312538cec97966b8973d4e299d9802264d06e40ae118e1d242d1128dcedeb44030df12ef68ffce8d141e8960ef790fb0078215d65f96eb55db8cbcb060000000d988374e45451a694ffe38a1d03912b31c98d42e1a1bda1290de1a499a5d6849914c1788a7aca37177cc34102f44fec5c5e0abae01c439a1b0311e074e81ae9993b5b3459553ecece78d4c1541c70f5d81e0725d5b273755c0000000000000000aa4234e282182952a76233d18e7d49638aeb04e7a9e9e7eafb7c255372795d2d192a0a33cab0f5bf2e93e0544fcdf2df2bc6ce96e5a7d72fcdb0a11993d54d97a23754ac828674dbb93c0ad345715be4a13678b01edf76d8a9236558fea2c88cce004505ab45d8f5f88aa887bbce5c18970428516f6099bdbb2cd7a2356397f1a0a23e662e2a6c4834400cbaa41c3c574ea68da5ec1ae49f968bbe0e0bf9878516f553639f5b4828e92019b61f5874be1c7cdd9482df50bc24a8a1fa10d291390eb84e26a2e8dbeaa45604b05a116c1210a7540bf81005044273f5a8ffc538db289350eb248e483bd8920efcf30a798c2b636243e0a37262ca47dfeefa1ce69b4475d7d714ba0c636e6ae9f710411d30ef424aeaabe057c7df6ff8f767bcd9012e1047c686f5ccb76ab3a5df53cbc22ba7ea8f6a8edc19d6c1be841503850803bc2c2d5e0e34270a7f1cca0c6c53a8e5f891f7a793a70da62d6d88fbb90d220acc687931b42d6be83ab870da3c0a567f5e65ec0457f4ad2a4ec0b671b36388afd5520a8483a4b11f7d02a41b315f0f9e59f47668d68a74838d6976e12fd45200014041dffacbf60892ec8bd7560686f137a806d3dfaba900b47cac62f828342fff009adb5b2251461a1b9d6ba625b8fe04e69a1a4be2696f24bb68f486e172932e03000000000000005942e1b9d6dc28ab8e19e1111dd893e8d5bc5642faf21eef40d6e7de3ef62c4bc5ff17e7aeb2841098f0cf74f845d1cc9ec4eee79c290fb0ba939b13707004e2e9cc0d350538c1c8c6bb9a38c6ac5ca07df32601240ea3f160d3a7b83ecd0509ce9eba0c7bf7843799b1b56a234f9eaab8a3f14f1472bb6aaeb8ac9ee4055f05558ab31f339f6a4caf2ee2fd01f34dca330000000000000000000000000000000000000000000000000000000000000000000000000095e6f945ba9a941cef5e70b8c152321e24b5b29bcf374dcf5a29a35d76e6e2bf8df95462690a4fc9ec8129e92b6ebb4b40a992a75d3c5954d0bfc87db24d856359079b29b3c374d081c300b2cfaa596d24e800ef8e2201f2fb7a9946f89f9f31f7cbd6f7fd7f8898c70b5c65f2e28f22e983892c383882809f557affbda5e1850d66a4a1ee73b2084681f880a754acddcdafe3ceeeebc0b5f2fedfe7d198e3067f3dbac9441a9ab8409cbbb7e15b9ae3944097de34de2001c8533a3766e6e4c4c4702ccb932a27a3962814cd6aa8fc684beeaa3932efae9052be8eec1e95f6ad8d41dd34829504ba4b66e27154cb6e34aa13450522df1723130b6fe347c93f00e40e293c98d849a33f773c743728992f40faccd5c23130a1c6bfd6fc661bca1598137ddd1090ded672f5a48a40cab3f640c8241a364cbdd3f188eec7da7bccafbd5bf28a46f0eecc6b550471b06a5a411c0e0b19e15a461e7c6833ba936e214b013f2819ec6572a43b5cd32b11d7e4f8dcf8f7820a17b7b2ee6178a03351dd31091e46bfd82a3979b9cad109fd6217cd52aa81bdabd50826a474bd16b8f7e6aed12a305366599f5f029a7b24558c02750500002f1c19d16a6f391906000000cc03bbfb8c698ecc137d96711100e01031aa74fad86b99eebf0527552a9331e646c424b14ffbb815622bfd2f635855bed1b164d0a56bd104be069854111c5b26ec3c652b5f0a6b9676dae987ec23456ba05a4dfb15321ef6b76e7e547a688c67ab531cfc86784c9f940d9fb0464a72ce635e14b80dc5c1c64e8f58c570e7afd83ee77f157c146aa747b728969aeb4aba1d8f9de1b3fb8ab6ea50e884c2ea98e6400bf0c5ae2887cd1da0e57ccfdf5eca2b455247efcc13102846c0a85f20c80007c0ce6efce627b95b8ad3003385de97101678fb2163ecea6e70a77a6fbc089e31a5ccece932229b8f79faa6863d6857c3d9a9710f938ad16eeb8342278f1c1cbc226498028234d21466892983378fe64acbb44f694cd78e43c74aa75505cb1c91b189f8f89f233a05f5cd4e173a373178557843dd705268f74a9e5429945503195aefd6706e587f7ee8375fa559c3ad195d3795df1a8364cd13acc3256ee4634c73eeb6954d0fcf09ab84df0b8900e0c6fea2cc0e7c207b8942fafd70530a0fc4622ecf132d1d5bdc9ffc79f0549b82df521817651d5fead5128205b92ccdccc69407ab556217af277af999dbd456dfc43dd061b6c91485dcc208cf0b3d0bf851de413f5de5ec015e296914afab6411109355e027ce04990d9aae251b9deb11b7db45b9f15b7b55d8fdbedd9e6cf891205694f02be8b9ea8ecd41308a0e1b93ae3435bfa88b440b1f701b4d0fc49c82193f27f8023b630ea97edbf3bf421a0a1a2b4ac7bb30bcd1cdd172c0df37408fd6827bb03e8742fc1c7a2be0d1299928c5f79e846a8dc7ca648d960a759e6711b69776896a9656d59af6d44bff348229fa84034faf8421a22c4b4c17a3d24a4aeee0d0850371feefd77cc4eef51c2b417c8c7458ddd7dd9d1a863bf0a9e1a30a19020490038017a5c7e474c83302a2b59654d49a11c6736ac63e8eb383760fc2b5c976dacf3dda7191c757f28e44f6a5f95db7055f7ed983f5665210f20a494fabb0dbcd335700000000000000000000000000000086666201251aa4f139d0485ffcf89f01639fd1579a3802f720a0215c720a97071f5065a23642a5826fdbca444b00e2e5835185d5d5b2796eb0fe32cf3b0633f58ecc7648c3c6efe82f93a3008052416512eea30ea9472e0b456a652883c0907323cf03be193ad0438cdef7a98a1671a1918df310dc4bfd61c3db3c22673884dca370558936b85737e14819ab1c57b348a8ff16d36364a20fe846d11d045de81f069bac8425b31c5d08b433562ffb318c1285011f9b78b2401989384311101e452f54661ecdb251ab9eefc8e400191f0f0f8c679b0000000000000000000000b41b0ae67d9351c49e1ff285d05a3cc39a5b0cd20afe0a00086650f8fad20c0e1e7131836c85b2cbacd41593928207312189fdd66abc45a139f0c9dbcc58237cec5bd56ffe0c6de23254a7951a298501ca04ab30b5723df6dd01d0b1a87c197b83b286374ba9a9dd1bd09ea1b71b24a1f527bf59d9633e3d15ed3757acc494f464482e49884c13780cc392bfe67b5d91e5b513daea48cac7645db35f07ba41aa187f65c5344717d7a0ee353a7e36b14fdce5898a613cef224d3addb3d2de74cef73f7520dc8cc8ffaa62cbd25e691ef4c45fdd25675b32c129a8464f08c4da9c08713b54416f3b56a04086dab1d196884e062287ad4758e883d2f99833d8aaf0c56718f6b0434740900faf4ab824662a719bf370fd0b2de04c1455ec14908ce5cbec79466f2f2cc337c53437d626254e00000000000000000000000000000000c34646f8ae68c095e7298300feab8a3dfe2c43fc971385b13b4f3b61ddbf5044ff572defcc67930f0e715774e1e970751534398faf79350255cfa9021378f10c2043e7ecd5649c9720530da7ea227b792f31cb5d688b5f1eba9ff5f85c97b35e00ecf76282912b483e31c76e303e527e98a9ca14f718d495ad45db16c4500011de506f0ca35f7ea96ed1831e3c1219f985b26cb8a70e7c8efcb287984871e0fed3f1985cf63f00289292b378188ad0dfae12c265b88961a9223b48cf7055d641595e0cb926d63c1f8a207f48bd482290b79867285c2155e655e017bca6cbba43f9b49042fb2fb390c436b3306e8a0800000090d159004da838a50235b91f5273c1fe083067ce1e2d8011c9e2b6d3ea69dfc3712e5ce440432fbd29ffd004000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r6 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x61)
getdents(r6, 0x0, 0x0)

1.977102365s ago: executing program 1 (id=838):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="28000000210001"], 0x28}}, 0x0)

1.707648982s ago: executing program 1 (id=839):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
bind$netlink(0xffffffffffffffff, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x0)
r4 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r5 = fsmount(r4, 0x0, 0x0)
r6 = openat$cgroup_procs(r5, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
open_by_handle_at(r6, &(0x7f0000000100)=ANY=[@ANYBLOB="0c000000010000"], 0x260040)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)

1.415231852s ago: executing program 4 (id=840):
r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
write$binfmt_script(r0, &(0x7f0000000380)={'#! ', './file0', [], 0xa, "8a47f109e4c2d550d70669bcacd18a"}, 0x1a)

383.34287ms ago: executing program 4 (id=841):
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000ec0)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
read$FUSE(r0, &(0x7f0000006380)={0x2020}, 0xfeba)

302.328786ms ago: executing program 0 (id=842):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="e80000001000010026bd70000000000000000000", @ANYRES32=0x0, @ANYBLOB="800000000000000014000300"], 0xe8}, 0x1, 0x0, 0x0, 0x6004004}, 0x0)

301.368834ms ago: executing program 1 (id=843):
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$packet(0x11, 0x2, 0x300)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
prctl$PR_SET_IO_FLUSHER(0x39, 0x1)
bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000140)=@base={0x5, 0x4, 0x8000, 0x5c, 0x0, 0xffffffffffffffff, 0xa, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x0, 0x0, @void, @value, @void, @value}, 0x50)

0s ago: executing program 4 (id=844):
r0 = syz_mount_image$ext4(&(0x7f0000000140)='ext2\x00', &(0x7f00000005c0)='./file0\x00', 0x4000, &(0x7f0000000380)={[{@test_dummy_encryption}, {@test_dummy_encryption}, {@stripe={'stripe', 0x3d, 0x4}}, {@sb={'sb', 0x3d, 0xf}}, {@orlov}, {@barrier_val={'barrier', 0x3d, 0x5}}, {@nobarrier}, {@data_err_abort}]}, 0xd, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x4800, 0x0, 0x0, 0x0, &(0x7f0000000000))
chdir(&(0x7f00000003c0)='./bus\x00')
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x3, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000700)=ANY=[@ANYBLOB, @ANYRES64=r0, @ANYBLOB="deffffff00000000b7080000000000000000000007020000f8ffffffb7030000b7040000000000008500000001000000959c0b5910c997c647d870222b956f25dd1fdcad90d97117b2012f5382b7aa9510eba3e77e7761d000"/101], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000300)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
keyctl$session_to_parent(0x12)
sendto$inet(0xffffffffffffffff, 0x0, 0xffffffffffffffb5, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
preadv2(0xffffffffffffffff, &(0x7f0000000280)=[{&(0x7f0000000600)=""/112, 0x70}, {&(0x7f00000004c0)=""/159, 0x9f}], 0x2, 0x540, 0x0, 0x0)
futex(0x0, 0x3, 0x0, &(0x7f0000fd7ff0), &(0x7f0000048000), 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1e000000000000000400"], 0x48)

kernel console output (not intermixed with test programs):

ded
[   90.882793][ T5846] batman_adv: batadv0: Adding interface: batadv_slave_0
[   90.890132][ T5846] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   90.916563][ T5846] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   90.947868][ T5833] hsr_slave_0: entered promiscuous mode
[   90.954897][ T5833] hsr_slave_1: entered promiscuous mode
[   90.962200][ T5833] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   90.970228][ T5833] Cannot create hsr debugfs directory
[   91.051739][ T5846] batman_adv: batadv0: Adding interface: batadv_slave_1
[   91.059140][ T5846] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   91.086432][ T5846] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   91.114336][ T5831] hsr_slave_0: entered promiscuous mode
[   91.121671][ T5831] hsr_slave_1: entered promiscuous mode
[   91.128073][ T5831] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   91.135638][ T5831] Cannot create hsr debugfs directory
[   91.147067][ T5838] hsr_slave_0: entered promiscuous mode
[   91.153688][ T5838] hsr_slave_1: entered promiscuous mode
[   91.160228][ T5838] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   91.167861][ T5838] Cannot create hsr debugfs directory
[   91.385822][ T5846] hsr_slave_0: entered promiscuous mode
[   91.395520][ T5846] hsr_slave_1: entered promiscuous mode
[   91.401985][ T5846] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   91.410526][ T5846] Cannot create hsr debugfs directory
[   91.738258][ T5841] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   91.790800][ T5841] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   91.805064][ T5841] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   91.855585][ T5841] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   91.947552][   T54] Bluetooth: hci4: command tx timeout
[   91.947956][ T5849] Bluetooth: hci0: command tx timeout
[   92.009277][ T5831] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   92.025155][ T5831] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   92.030199][ T5849] Bluetooth: hci2: command tx timeout
[   92.033037][   T54] Bluetooth: hci1: command tx timeout
[   92.037301][ T5849] Bluetooth: hci3: command tx timeout
[   92.053639][ T5831] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   92.084123][ T5831] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   92.176991][ T5833] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   92.199656][ T5833] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   92.214051][ T5833] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   92.226741][ T5833] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   92.276081][ T3079] cfg80211: failed to load regulatory.db
[   92.378079][ T5838] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   92.399262][ T5838] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   92.420464][ T5838] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   92.434433][ T5838] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   92.468527][ T5841] 8021q: adding VLAN 0 to HW filter on device bond0
[   92.594130][ T5846] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   92.619723][ T5841] 8021q: adding VLAN 0 to HW filter on device team0
[   92.637013][ T5846] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   92.649978][ T5846] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   92.685012][   T67] bridge0: port 1(bridge_slave_0) entered blocking state
[   92.692379][   T67] bridge0: port 1(bridge_slave_0) entered forwarding state
[   92.703198][ T5846] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   92.763391][ T5831] 8021q: adding VLAN 0 to HW filter on device bond0
[   92.779712][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[   92.786907][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[   92.874273][ T5831] 8021q: adding VLAN 0 to HW filter on device team0
[   92.936826][ T5833] 8021q: adding VLAN 0 to HW filter on device bond0
[   92.954011][   T52] bridge0: port 1(bridge_slave_0) entered blocking state
[   92.961281][   T52] bridge0: port 1(bridge_slave_0) entered forwarding state
[   93.032467][   T52] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.041115][   T52] bridge0: port 2(bridge_slave_1) entered forwarding state
[   93.095876][ T5833] 8021q: adding VLAN 0 to HW filter on device team0
[   93.123138][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.130405][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[   93.205644][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.212895][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[   93.234453][ T5838] 8021q: adding VLAN 0 to HW filter on device bond0
[   93.354515][ T5846] 8021q: adding VLAN 0 to HW filter on device bond0
[   93.405610][ T5838] 8021q: adding VLAN 0 to HW filter on device team0
[   93.486132][ T5846] 8021q: adding VLAN 0 to HW filter on device team0
[   93.497357][   T67] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.504494][   T67] bridge0: port 1(bridge_slave_0) entered forwarding state
[   93.561314][   T67] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.568593][   T67] bridge0: port 2(bridge_slave_1) entered forwarding state
[   93.592838][ T3521] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.600093][ T3521] bridge0: port 1(bridge_slave_0) entered forwarding state
[   93.646157][  T149] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.653424][  T149] bridge0: port 2(bridge_slave_1) entered forwarding state
[   93.706684][ T5841] 8021q: adding VLAN 0 to HW filter on device batadv0
[   93.842705][ T5846] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   93.864247][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0
[   94.031599][ T5849] Bluetooth: hci0: command tx timeout
[   94.031608][   T54] Bluetooth: hci4: command tx timeout
[   94.081349][ T5841] veth0_vlan: entered promiscuous mode
[   94.109958][ T5849] Bluetooth: hci3: command tx timeout
[   94.118656][ T5849] Bluetooth: hci1: command tx timeout
[   94.121404][   T54] Bluetooth: hci2: command tx timeout
[   94.141752][ T5833] 8021q: adding VLAN 0 to HW filter on device batadv0
[   94.165855][ T5831] veth0_vlan: entered promiscuous mode
[   94.201635][ T5841] veth1_vlan: entered promiscuous mode
[   94.274922][ T5831] veth1_vlan: entered promiscuous mode
[   94.371539][ T5841] veth0_macvtap: entered promiscuous mode
[   94.411186][ T5838] 8021q: adding VLAN 0 to HW filter on device batadv0
[   94.448273][ T5841] veth1_macvtap: entered promiscuous mode
[   94.456892][ T5831] veth0_macvtap: entered promiscuous mode
[   94.467899][ T5833] veth0_vlan: entered promiscuous mode
[   94.509575][ T5833] veth1_vlan: entered promiscuous mode
[   94.524277][ T5846] 8021q: adding VLAN 0 to HW filter on device batadv0
[   94.535242][ T5831] veth1_macvtap: entered promiscuous mode
[   94.610292][ T5841] batman_adv: batadv0: Interface activated: batadv_slave_0
[   94.649113][ T5841] batman_adv: batadv0: Interface activated: batadv_slave_1
[   94.679515][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   94.699777][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   94.711848][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0
[   94.722375][ T5841] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   94.733712][ T5841] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   94.742926][ T5841] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   94.752823][ T5841] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   94.776047][ T5831] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   94.792663][ T5831] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   94.807940][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1
[   94.845444][ T5833] veth0_macvtap: entered promiscuous mode
[   94.873699][ T5831] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   94.883222][ T5831] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   94.892203][ T5831] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   94.901033][ T5831] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   94.938068][ T5833] veth1_macvtap: entered promiscuous mode
[   94.961056][ T5846] veth0_vlan: entered promiscuous mode
[   95.096536][ T5846] veth1_vlan: entered promiscuous mode
[   95.106224][ T5833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   95.121353][ T5833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   95.132247][ T5833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   95.142761][ T5833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   95.154552][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_0
[   95.219343][ T5838] veth0_vlan: entered promiscuous mode
[   95.230067][ T5833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   95.242357][ T5833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   95.252250][ T5833] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   95.262796][ T5833] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   95.274374][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_1
[   95.300526][ T3521] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   95.319508][ T3521] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.329295][ T5833] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   95.340947][ T5833] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   95.351143][ T5833] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   95.360196][ T5833] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   95.410921][ T5838] veth1_vlan: entered promiscuous mode
[   95.426736][  T149] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   95.435411][  T149] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.456779][  T149] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   95.468101][  T149] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.560239][ T5846] veth0_macvtap: entered promiscuous mode
[   95.578526][   T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   95.586782][   T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.649121][ T5846] veth1_macvtap: entered promiscuous mode
[   95.682325][ T5841] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   95.770149][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   95.790388][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   95.804099][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   95.819169][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   95.837653][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   95.852739][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   95.889202][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_0
[   95.919292][ T5838] veth0_macvtap: entered promiscuous mode
[   95.980342][ T3521] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   95.993423][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   96.002221][ T3521] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   96.026231][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   96.047341][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   96.085136][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   96.103117][ T5846] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   96.115136][   T54] Bluetooth: hci0: command tx timeout
[   96.117380][ T5849] Bluetooth: hci4: command tx timeout
[   96.121341][ T5846] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   96.142871][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_1
[   96.178623][ T5838] veth1_macvtap: entered promiscuous mode
[   96.187652][ T5849] Bluetooth: hci2: command tx timeout
[   96.187917][   T54] Bluetooth: hci1: command tx timeout
[   96.229982][ T5846] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   96.244977][ T5846] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   96.255281][ T5846] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   96.284940][ T5846] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   96.406528][ T5838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   96.432033][ T5838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   96.443565][ T5838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   96.457697][ T5838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   96.472398][ T5838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   96.483457][ T5838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   96.495765][ T5838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   96.506922][ T5838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   96.523212][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_0
[   96.552386][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   96.570370][ T5838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   96.571911][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   96.582500][ T5838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   96.582521][ T5838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   96.582536][ T5838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   96.582547][ T5838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   96.582560][ T5838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   96.582571][ T5838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   96.582583][ T5838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   96.584435][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_1
[   96.744833][ T5838] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   96.768256][ T5838] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   96.777788][    T0] NOHZ tick-stop error: local softirq work is pending, handler #1c2!!!
[   96.799365][ T5838] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   96.839623][ T5838] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   97.017549][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   97.177619][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   97.245989][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.264292][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   97.441388][  T149] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.462506][  T149] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   97.611283][ T2963] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.631604][ T2963] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   97.718497][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   97.825387][ T2963] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   98.006327][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   98.211042][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   98.307980][ T2963] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   99.717682][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   99.778388][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   99.918029][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   99.937856][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   99.949695][   T54] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[   99.960042][   T54] Bluetooth: hci3: Injecting HCI hardware error event
[   99.968580][   T54] Bluetooth: hci3: hardware error 0x00
[  100.088619][ T5849] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201'
[  100.093532][ T5966] Zero length message leads to an empty skb
[  100.104723][ T5849] CPU: 1 UID: 0 PID: 5849 Comm: kworker/u9:7 Not tainted 6.14.0-rc1-next-20250207-syzkaller #0
[  100.104747][ T5849] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  100.104763][ T5849] Workqueue: hci2 hci_rx_work
[  100.104795][ T5849] Call Trace:
[  100.104803][ T5849]  <TASK>
[  100.104813][ T5849]  dump_stack_lvl+0x241/0x360
[  100.104854][ T5849]  ? __pfx_dump_stack_lvl+0x10/0x10
[  100.104871][ T5849]  ? __pfx__printk+0x10/0x10
[  100.104905][ T5849]  ? __kmalloc_cache_noprof+0x243/0x390
[  100.104922][ T5849]  ? sysfs_create_dir_ns+0x28a/0x3a0
[  100.104945][ T5849]  sysfs_create_dir_ns+0x2ce/0x3a0
[  100.104971][ T5849]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  100.105009][ T5849]  kobject_add_internal+0x435/0x8d0
[  100.105050][ T5849]  kobject_add+0x152/0x220
[  100.105075][ T5849]  ? do_raw_spin_unlock+0x13c/0x8b0
[  100.105098][ T5849]  ? device_add+0x3e7/0xbf0
[  100.105121][ T5849]  ? __pfx_kobject_add+0x10/0x10
[  100.105146][ T5849]  ? _raw_spin_unlock+0x28/0x50
[  100.105172][ T5849]  ? get_device_parent+0x165/0x410
[  100.105202][ T5849]  device_add+0x4e5/0xbf0
[  100.105238][ T5849]  hci_conn_add_sysfs+0xe8/0x200
[  100.105267][ T5849]  le_conn_complete_evt+0xc9f/0x12e0
[  100.105309][ T5849]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  100.105327][ T5849]  ? __mutex_unlock_slowpath+0x227/0x800
[  100.105364][ T5849]  ? skb_pull_data+0x112/0x230
[  100.105393][ T5849]  hci_le_conn_complete_evt+0x18c/0x420
[  100.105426][ T5849]  hci_event_packet+0xa55/0x1540
[  100.105452][ T5849]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  100.105481][ T5849]  ? __pfx_hci_event_packet+0x10/0x10
[  100.105506][ T5849]  ? do_raw_spin_unlock+0x13c/0x8b0
[  100.105537][ T5849]  ? hci_send_to_monitor+0xd8/0x7f0
[  100.105558][ T5849]  ? kcov_remote_start+0x97/0x7d0
[  100.105584][ T5849]  hci_rx_work+0x3f3/0xdb0
[  100.105615][ T5849]  ? process_scheduled_works+0x976/0x1840
[  100.105637][ T5849]  process_scheduled_works+0xa66/0x1840
[  100.105704][ T5849]  ? __pfx_process_scheduled_works+0x10/0x10
[  100.105739][ T5849]  ? assign_work+0x364/0x3d0
[  100.105769][ T5849]  worker_thread+0x870/0xd30
[  100.105813][ T5849]  ? __kthread_parkme+0x169/0x1d0
[  100.105848][ T5849]  ? __pfx_worker_thread+0x10/0x10
[  100.105870][ T5849]  kthread+0x7a9/0x920
[  100.105891][ T5849]  ? __pfx_kthread+0x10/0x10
[  100.105917][ T5849]  ? __pfx_worker_thread+0x10/0x10
[  100.105938][ T5849]  ? __pfx_kthread+0x10/0x10
[  100.105958][ T5849]  ? __pfx_kthread+0x10/0x10
[  100.105986][ T5849]  ? __pfx_kthread+0x10/0x10
[  100.106005][ T5849]  ? _raw_spin_unlock_irq+0x23/0x50
[  100.106022][ T5849]  ? lockdep_hardirqs_on+0x99/0x150
[  100.106041][ T5849]  ? __pfx_kthread+0x10/0x10
[  100.106065][ T5849]  ret_from_fork+0x4b/0x80
[  100.106084][ T5849]  ? __pfx_kthread+0x10/0x10
[  100.106107][ T5849]  ret_from_fork_asm+0x1a/0x30
[  100.106151][ T5849]  </TASK>
[  100.106191][ T5849] kobject: kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  100.418840][ T5849] Bluetooth: hci2: failed to register connection device
[  100.637961][ T5962] pim6reg1: entered promiscuous mode
[  100.643315][ T5962] pim6reg1: entered allmulticast mode
[  102.628033][   T54] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  108.770662][ T6019] loop3: detected capacity change from 0 to 40427
[  108.777948][ T6019] =======================================================
[  108.777948][ T6019] WARNING: The mand mount option has been deprecated and
[  108.777948][ T6019]          and is ignored by this kernel. Remove the mand
[  108.777948][ T6019]          option from the mount to silence this warning.
[  108.777948][ T6019] =======================================================
[  108.825140][ T6019] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  108.833909][ T6019] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  109.009012][ T6019] F2FS-fs (loop3): invalid crc value
[  109.024446][ T6019] F2FS-fs (loop3): Found nat_bits in checkpoint
[  110.518598][ T5840] Bluetooth: hci2: command 0x0406 tx timeout
[  110.893741][ T6038] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  115.764183][ T6064] Bluetooth: MGMT ver 1.23
[  116.563191][ T6079] loop3: detected capacity change from 0 to 2048
[  116.639454][ T6083] syz.0.45: attempt to access beyond end of device
[  116.639454][ T6083] nbd0: rw=0, sector=0, nr_sectors = 1 limit=0
[  116.654398][ T6083] (syz.0.45,6083,1):ocfs2_get_sector:1714 ERROR: status = -5
[  116.661948][ T6083] (syz.0.45,6083,1):ocfs2_sb_probe:753 ERROR: status = -5
[  116.669347][ T6083] (syz.0.45,6083,1):ocfs2_fill_super:989 ERROR: superblock probe failed!
[  116.678441][ T6083] (syz.0.45,6083,1):ocfs2_fill_super:1177 ERROR: status = -5
[  116.721912][ T6079] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  116.930889][ T6087] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  117.058056][ T5846] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.839671][ T6084] loop1: detected capacity change from 0 to 32768
[  117.908830][ T6084] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.52 (6084)
[  118.877612][ T6084] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  118.963113][ T6084] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  119.007148][ T6084] BTRFS info (device loop1): using free-space-tree
[  119.872955][ T6114] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_rx_wq": -EINTR
[  119.895683][ T6084] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR
[  119.945424][ T6084] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR
[  120.007655][ T6084] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR
[  120.087897][ T6084] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[  120.194728][ T6084] BTRFS error (device loop1): open_ctree failed: -12
[  123.059787][ T5887] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  123.143987][ T6158] loop4: detected capacity change from 0 to 8
[  123.677475][ T6156] SQUASHFS error: Failed to read block 0x106: -5
[  123.726669][ T6156] SQUASHFS error: Failed to read block 0xc00107: -5
[  123.733718][ T6156] SQUASHFS error: Failed to read block 0xc8f2de: -5
[  123.741982][ T6156] SQUASHFS error: Failed to read block 0x106: -5
[  123.937743][   T29] audit: type=1800 audit(1738924737.672:2): pid=6156 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.68" name="file2" dev="loop4" ino=6 res=0 errno=0
[  124.227508][ T5887] usb 2-1: Using ep0 maxpacket: 16
[  124.267159][ T5887] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  124.280140][ T5887] usb 2-1: config 0 has no interface number 0
[  124.293660][ T5887] usb 2-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[  124.349636][ T5887] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  124.453292][ T5887] usb 2-1: Product: syz
[  124.577785][ T5887] usb 2-1: Manufacturer: syz
[  124.658740][ T5887] usb 2-1: SerialNumber: syz
[  124.971779][ T5887] usb 2-1: config 0 descriptor??
[  125.103852][ T5887] gspca_main: spca1528-2.14.0 probing 04fc:1528
[  125.264209][ T6172] loop3: detected capacity change from 0 to 764
[  125.613618][ T6174] rock: directory entry would overflow storage
[  125.620341][ T6174] rock: sig=0x4f50, size=4, remaining=3
[  125.625982][ T6174] iso9660: Corrupted directory entry in block 6 of inode 1792
[  127.465795][ T5887] gspca_spca1528: reg_r err -110
[  127.545365][ T5887] spca1528 2-1:0.1: probe with driver spca1528 failed with error -110
[  127.572282][ T5887] usb 2-1: USB disconnect, device number 2
[  127.635650][ T6192] loop3: detected capacity change from 0 to 256
[  127.869546][ T6192] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e00961, utbl_chksum : 0xe619d30d)
[  130.247354][ T6207] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_rx_wq": -EINTR
[  131.438894][ T6220] loop2: detected capacity change from 0 to 128
[  131.749777][ T6226] loop3: detected capacity change from 0 to 1764
[  133.291900][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  133.549133][ T5888] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  133.577727][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  133.819684][ T5888] usb 2-1: Using ep0 maxpacket: 16
[  134.024086][ T5888] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  134.297195][ T5888] usb 2-1: config 0 has no interface number 0
[  134.319425][ T5888] usb 2-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[  134.346001][ T5888] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  134.466255][ T5888] usb 2-1: Product: syz
[  134.643167][ T5888] usb 2-1: Manufacturer: syz
[  134.764586][ T5888] usb 2-1: SerialNumber: syz
[  134.994934][ T5888] usb 2-1: config 0 descriptor??
[  135.268448][ T5888] usb 2-1: can't set config #0, error -71
[  135.907331][ T6255] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_rx_wq": -EINTR
[  136.286547][ T5888] usb 2-1: USB disconnect, device number 3
[  137.576733][ T6276] loop3: detected capacity change from 0 to 256
[  137.681945][ T6276] exfat: Deprecated parameter 'namecase'
[  137.695395][ T6276] exfat: Deprecated parameter 'utf8'
[  137.726358][ T6278] loop0: detected capacity change from 0 to 1024
[  137.764563][ T6276] exFAT-fs (loop3): failed to load upcase table (idx : 0x0001ff53, chksum : 0xd72bb7d8, utbl_chksum : 0xe619d30d)
[  140.524200][ T6295] sctp: failed to load transform for md5: -2
[  141.471131][ T5887] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  142.627404][ T5887] usb 3-1: Using ep0 maxpacket: 16
[  142.642374][ T5887] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  142.656001][ T5887] usb 3-1: config 0 has no interface number 0
[  143.167435][ T6323] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR
[  144.015632][ T5887] usb 3-1: string descriptor 0 read error: -71
[  144.089017][ T6326] sctp: failed to load transform for md5: -2
[  144.105545][ T5887] usb 3-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[  144.296945][ T5887] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  145.114132][ T5887] usb 3-1: config 0 descriptor??
[  145.119618][ T6341] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  145.146862][ T6341] CIFS: Unable to determine destination address
[  145.279381][ T5887] usb 3-1: can't set config #0, error -71
[  145.685673][ T5887] usb 3-1: USB disconnect, device number 2
[  146.449988][ T6350] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  146.963555][ T6357] loop0: detected capacity change from 0 to 8
[  147.570948][ T6357] SQUASHFS error: Failed to read block 0x106: -5
[  147.615830][ T6357] SQUASHFS error: Failed to read block 0xc00107: -5
[  147.622960][ T6357] SQUASHFS error: Failed to read block 0xc8f2de: -5
[  147.631079][ T6357] SQUASHFS error: Failed to read block 0x106: -5
[  147.665284][   T29] audit: type=1800 audit(1738924761.562:3): pid=6357 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.123" name="file2" dev="loop0" ino=6 res=0 errno=0
[  148.240957][ T6365] loop2: detected capacity change from 0 to 1024
[  148.248759][ T6365] EXT4-fs: inline encryption not supported
[  148.254650][ T6365] EXT4-fs: inline encryption not supported
[  148.715429][ T6369] netlink: 8 bytes leftover after parsing attributes in process `syz.3.126'.
[  149.446488][ T6365] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  150.399471][ T6381] capability: warning: `syz.4.128' uses deprecated v2 capabilities in a way that may be insecure
[  150.509756][ T5841] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  150.877427][   T25] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  151.039069][ T6386] tmpfs: Unknown parameter 'e'
[  151.159134][   T25] usb 1-1: Using ep0 maxpacket: 16
[  151.416685][   T25] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[  151.605553][   T25] usb 1-1: config 0 has no interface number 0
[  151.725236][   T25] usb 1-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[  151.777602][   T25] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  151.912758][   T25] usb 1-1: Product: syz
[  151.969310][   T25] usb 1-1: Manufacturer: syz
[  152.065608][   T25] usb 1-1: SerialNumber: syz
[  152.311203][   T25] usb 1-1: config 0 descriptor??
[  152.362745][   T25] gspca_main: spca1528-2.14.0 probing 04fc:1528
[  153.458584][   T25] gspca_spca1528: reg_w err -110
[  153.477418][   T25] spca1528 1-1:0.1: probe with driver spca1528 failed with error -110
[  153.678222][ T6402] loop3: detected capacity change from 0 to 16
[  153.823302][ T6402] erofs (device loop3): mounted with root inode @ nid 36.
[  154.245786][   T51] usb 1-1: USB disconnect, device number 2
[  154.802951][ T6408] loop0: detected capacity change from 0 to 8
[  154.862987][ T6408] SQUASHFS error: Failed to read block 0x106: -5
[  154.911579][ T6408] SQUASHFS error: Failed to read block 0xc00107: -5
[  154.918722][ T6408] SQUASHFS error: Failed to read block 0xc8f2de: -5
[  154.926886][ T6408] SQUASHFS error: Failed to read block 0x106: -5
[  154.955255][   T29] audit: type=1800 audit(1738924768.852:4): pid=6408 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.138" name="file2" dev="loop0" ino=6 res=0 errno=0
[  158.337644][ T6436] tmpfs: Unknown parameter 'e'
[  159.251116][ T6446] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  159.960411][   T25] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  160.227795][   T25] usb 1-1: Using ep0 maxpacket: 16
[  160.248605][   T25] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[  160.254525][ T6451] loop2: detected capacity change from 0 to 764
[  160.404177][ T6453] loop3: detected capacity change from 0 to 4096
[  160.562544][   T25] usb 1-1: config 0 has no interface number 0
[  160.621192][ T6453] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[  160.633319][ T6453] ntfs3(loop3): Failed to load $Extend (-22).
[  160.639597][ T6453] ntfs3(loop3): Failed to initialize $Extend.
[  161.005154][   T25] usb 1-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[  161.031512][   T25] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  161.715111][ T6458] rock: directory entry would overflow storage
[  161.721393][ T6458] rock: sig=0x4f50, size=4, remaining=3
[  161.726950][ T6458] iso9660: Corrupted directory entry in block 6 of inode 1792
[  161.849572][ T6460] ntfs3(loop3): ino=21, The size of extended attributes must not exceed 64KiB
[  161.865349][ T6460] ntfs3(loop3): ino=21, The size of extended attributes must not exceed 64KiB
[  161.879638][ T6460] ax25_connect(): syz.3.152 uses autobind, please contact jreuter@yaina.de
[  161.925127][   T25] usb 1-1: Product: syz
[  161.929426][   T25] usb 1-1: Manufacturer: syz
[  161.934045][   T25] usb 1-1: SerialNumber: syz
[  161.942678][   T25] usb 1-1: config 0 descriptor??
[  162.227670][   T25] usb 1-1: can't set config #0, error -71
[  162.284517][   T25] usb 1-1: USB disconnect, device number 3
[  162.364922][ T6466] loop0: detected capacity change from 0 to 512
[  162.959019][ T6466] EXT4-fs error (device loop0): ext4_orphan_get:1389: inode #15: comm syz.0.156: casefold flag without casefold feature
[  162.979418][ T6472] loop3: detected capacity change from 0 to 512
[  163.059249][ T6466] EXT4-fs error (device loop0): ext4_orphan_get:1394: comm syz.0.156: couldn't read orphan inode 15 (err -117)
[  163.078363][ T6472] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  163.127459][ T6466] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  163.330408][ T6472] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  163.405234][ T6472] ext4 filesystem being mounted at /33/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  164.187331][   T29] audit: type=1326 audit(1738924778.102:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6477 comm="syz.4.158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e2938cde9 code=0x7fc00000
[  164.651880][ T6489] loop1: detected capacity change from 0 to 164
[  165.117210][ T5846] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.224003][ T5904] usb 2-1: new full-speed USB device number 4 using dummy_hcd
[  165.430758][ T5904] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  165.471513][ T5833] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.492357][ T5904] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  165.589199][ T5904] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  165.619138][ T5904] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  165.627191][ T5904] usb 2-1: Product: syz
[  165.663640][ T5904] usb 2-1: Manufacturer: syz
[  165.678419][ T5904] usb 2-1: SerialNumber: syz
[  165.701677][ T6500] loop4: detected capacity change from 0 to 764
[  167.500284][ T6510] rock: directory entry would overflow storage
[  167.506560][ T6510] rock: sig=0x4f50, size=4, remaining=3
[  167.512422][ T6510] iso9660: Corrupted directory entry in block 6 of inode 1792
[  167.545747][ T6513] syz.3.161: attempt to access beyond end of device
[  167.545747][ T6513] nbd3: rw=0, sector=0, nr_sectors = 1 limit=0
[  167.628841][ T6513] (syz.3.161,6513,1):ocfs2_get_sector:1714 ERROR: status = -5
[  167.684096][ T6513] (syz.3.161,6513,1):ocfs2_sb_probe:753 ERROR: status = -5
[  167.697480][    T9] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  167.726195][ T5904] usb 2-1: 0:2 : does not exist
[  167.792864][ T6513] (syz.3.161,6513,1):ocfs2_fill_super:989 ERROR: superblock probe failed!
[  167.849815][ T5904] usb 2-1: USB disconnect, device number 4
[  167.866842][ T6513] (syz.3.161,6513,1):ocfs2_fill_super:1177 ERROR: status = -5
[  167.877595][    T9] usb 1-1: Using ep0 maxpacket: 16
[  167.892114][    T9] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[  167.928075][    T9] usb 1-1: config 0 has no interface number 0
[  167.970858][    T9] usb 1-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[  167.990123][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  168.017406][    T9] usb 1-1: Product: syz
[  168.021612][    T9] usb 1-1: Manufacturer: syz
[  168.026214][    T9] usb 1-1: SerialNumber: syz
[  168.071508][    T9] usb 1-1: config 0 descriptor??
[  168.093205][    T9] gspca_main: spca1528-2.14.0 probing 04fc:1528
[  168.162818][ T6195] udevd[6195]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  168.408313][ T6518] loop2: detected capacity change from 0 to 512
[  168.592830][ T6518] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  168.606106][ T6518] ext4 filesystem being mounted at /38/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  169.260579][ T6518] syz.2.168 (6518) used greatest stack depth: 18648 bytes left
[  170.521981][ T6527] process 'syz.1.169' launched './file1' with NULL argv: empty string added
[  171.219943][    T9] gspca_spca1528: reg_r err -110
[  171.226911][    T9] spca1528 1-1:0.1: probe with driver spca1528 failed with error -110
[  171.518442][ T5841] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  172.681740][ T5904] usb 1-1: USB disconnect, device number 4
[  173.163547][   T29] audit: type=1326 audit(1738924787.082:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6535 comm="syz.1.173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f153438cde9 code=0x7ffc0000
[  173.253418][   T29] audit: type=1326 audit(1738924787.112:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6535 comm="syz.1.173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f153438cde9 code=0x7ffc0000
[  173.552348][ T6552] loop2: detected capacity change from 0 to 2048
[  174.237381][   T29] audit: type=1326 audit(1738924787.112:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6535 comm="syz.1.173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7f153438cde9 code=0x7ffc0000
[  174.655902][   T29] audit: type=1326 audit(1738924787.112:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6535 comm="syz.1.173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f153438cde9 code=0x7ffc0000
[  174.733087][   T29] audit: type=1326 audit(1738924787.112:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6535 comm="syz.1.173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f153438cde9 code=0x7ffc0000
[  174.844198][   T29] audit: type=1326 audit(1738924787.132:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6535 comm="syz.1.173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=89 compat=0 ip=0x7f153438cde9 code=0x7ffc0000
[  174.945530][   T29] audit: type=1326 audit(1738924787.132:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6535 comm="syz.1.173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f153438cde9 code=0x7ffc0000
[  175.069740][   T29] audit: type=1326 audit(1738924787.132:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6535 comm="syz.1.173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f153438cde9 code=0x7ffc0000
[  175.178089][   T29] audit: type=1326 audit(1738924787.132:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6535 comm="syz.1.173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f153438b750 code=0x7ffc0000
[  175.286835][   T29] audit: type=1326 audit(1738924787.132:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6535 comm="syz.1.173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f153438cde9 code=0x7ffc0000
[  175.852043][ T5204]  loop2: p1 < > p2 p3 < p5 > p4
[  175.897468][ T5204] loop2: partition table partially beyond EOD, truncated
[  175.906582][ T5204] loop2: p1 start 4278190080 is beyond EOD, truncated
[  176.012598][ T5204] loop2: p2 start 16908800 is beyond EOD, truncated
[  176.290334][ T5204] loop2: p4 start 11326 is beyond EOD, truncated
[  176.296735][ T5204] loop2: p5 start 16908800 is beyond EOD, truncated
[  177.154186][ T6195] udevd[6195]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[  177.169819][ T5887] usb 1-1: new full-speed USB device number 5 using dummy_hcd
[  177.287784][ T6575] loop4: detected capacity change from 0 to 512
[  177.374192][ T5887] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  177.391674][ T6575] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  177.417680][ T5887] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  177.447680][ T6575] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  177.498844][ T5887] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  177.515160][ T5887] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  177.543716][ T5887] usb 1-1: Product: syz
[  177.562421][ T5887] usb 1-1: Manufacturer: syz
[  177.588484][ T5887] usb 1-1: SerialNumber: syz
[  177.959504][ T6575] EXT4-fs (loop4): 1 truncate cleaned up
[  177.967133][ T6575] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  179.157744][ T5887] usb 1-1: 0:2 : does not exist
[  179.455249][ T5887] usb 1-1: USB disconnect, device number 5
[  179.710895][ T6574] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  179.870762][ T5885] udevd[5885]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  180.069381][ T6634] netlink: 32 bytes leftover after parsing attributes in process `syz.3.188'.
[  182.288202][ T6644] loop4: detected capacity change from 0 to 512
[  183.898239][ T6644] EXT4-fs warning (device loop4): ext4_multi_mount_protect:398: Unable to create kmmpd thread for loop4.
[  185.347935][ T5958] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  186.359089][ T5958] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  186.413315][ T5958] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  186.435600][ T5958] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  186.451077][ T5958] usb 3-1: Product: syz
[  186.461155][ T5958] usb 3-1: Manufacturer: syz
[  186.468013][ T5958] usb 3-1: SerialNumber: syz
[  187.177528][ T6674] CIFS: Unable to determine destination address
[  187.635184][ T6672] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  187.695387][ T6676] loop4: detected capacity change from 0 to 64
[  188.524430][ T5958] cdc_ncm 3-1:1.0: MAC-Address: 42:42:42:42:42:42
[  188.537156][ T5958] cdc_ncm 3-1:1.0: dwNtbInMaxSize=20 is too small. Using 2048
[  188.564564][ T5958] cdc_ncm 3-1:1.0: setting rx_max = 2048
[  188.730656][ T6687] loop4: detected capacity change from 0 to 16
[  188.762471][ T6687] erofs (device loop4): mounted with root inode @ nid 36.
[  188.824761][ T5958] cdc_ncm 3-1:1.0 eth1: register 'cdc_ncm' at usb-dummy_hcd.2-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[  188.907902][ T5958] usb 3-1: USB disconnect, device number 3
[  188.960526][ T5958] cdc_ncm 3-1:1.0 eth1: unregister 'cdc_ncm' usb-dummy_hcd.2-1, CDC NCM (NO ZLP)
[  189.094905][ T6690] Invalid ELF header type: 0 != 1
[  189.301400][ T6693] erofs (device loop4): readahead error at folio 12 @ nid 36
[  189.302187][ T6693] erofs (device loop4): readahead error at folio 10 @ nid 36
[  189.304232][ T6693] erofs (device loop4): readahead error at folio 6 @ nid 36
[  189.304465][ T6693] erofs (device loop4): readahead error at folio 4 @ nid 36
[  189.305715][ T6693] erofs (device loop4): invalid logical cluster 0 at nid 36
[  189.305751][ T6693] erofs (device loop4): readahead error at folio 0 @ nid 36
[  189.306584][ T6693] syz.4.207: attempt to access beyond end of device
[  189.306584][ T6693] loop4: rw=524288, sector=296, nr_sectors = 16 limit=16
[  189.308386][ T6693] syz.4.207: attempt to access beyond end of device
[  189.308386][ T6693] loop4: rw=524288, sector=1049264, nr_sectors = 16 limit=16
[  189.309358][ T6693] syz.4.207: attempt to access beyond end of device
[  189.309358][ T6693] loop4: rw=524288, sector=6520, nr_sectors = 16 limit=16
[  189.311876][ T6693] syz.4.207: attempt to access beyond end of device
[  189.311876][ T6693] loop4: rw=524288, sector=34359736328, nr_sectors = 16 limit=16
[  189.312949][ T6693] syz.4.207: attempt to access beyond end of device
[  189.312949][ T6693] loop4: rw=524288, sector=8, nr_sectors = 16 limit=16
[  189.313902][ T6693] syz.4.207: attempt to access beyond end of device
[  189.313902][ T6693] loop4: rw=524288, sector=720, nr_sectors = 16 limit=16
[  189.314891][ T6693] syz.4.207: attempt to access beyond end of device
[  189.314891][ T6693] loop4: rw=524288, sector=536576856, nr_sectors = 16 limit=16
[  190.247754][ T6692] tty tty29: ldisc open failed (-12), clearing slot 28
[  190.710805][ T6700] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  194.284307][ T6726] loop1: detected capacity change from 0 to 512
[  194.990829][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  194.997283][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  195.184847][ T6729] loop2: detected capacity change from 0 to 256
[  195.543408][ T6726] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  195.556660][ T6726] ext4 filesystem being mounted at /39/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  196.115796][ T6726] syz.1.217 (6726) used greatest stack depth: 18232 bytes left
[  197.116483][ T6739] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR
[  197.557001][ T6745] loop3: detected capacity change from 0 to 16
[  197.721371][ T6745] erofs (device loop3): mounted with root inode @ nid 36.
[  197.817549][ T5840] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection
[  197.982312][ T5831] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.152055][ T6753] erofs (device loop3): readahead error at folio 12 @ nid 36
[  198.154222][ T6753] erofs (device loop3): readahead error at folio 10 @ nid 36
[  198.155911][ T6753] erofs (device loop3): readahead error at folio 6 @ nid 36
[  198.156090][ T6753] erofs (device loop3): readahead error at folio 4 @ nid 36
[  198.158699][ T6753] erofs (device loop3): invalid logical cluster 0 at nid 36
[  198.158759][ T6753] erofs (device loop3): readahead error at folio 0 @ nid 36
[  198.159471][ T6753] syz.3.221: attempt to access beyond end of device
[  198.159471][ T6753] loop3: rw=524288, sector=296, nr_sectors = 16 limit=16
[  198.160813][ T6753] syz.3.221: attempt to access beyond end of device
[  198.160813][ T6753] loop3: rw=524288, sector=1049264, nr_sectors = 16 limit=16
[  198.161719][ T6753] syz.3.221: attempt to access beyond end of device
[  198.161719][ T6753] loop3: rw=524288, sector=6520, nr_sectors = 16 limit=16
[  198.162886][ T6753] syz.3.221: attempt to access beyond end of device
[  198.162886][ T6753] loop3: rw=524288, sector=34359736328, nr_sectors = 16 limit=16
[  198.163817][ T6753] syz.3.221: attempt to access beyond end of device
[  198.163817][ T6753] loop3: rw=524288, sector=8, nr_sectors = 16 limit=16
[  198.164770][ T6753] syz.3.221: attempt to access beyond end of device
[  198.164770][ T6753] loop3: rw=524288, sector=720, nr_sectors = 16 limit=16
[  198.165815][ T6753] syz.3.221: attempt to access beyond end of device
[  198.165815][ T6753] loop3: rw=524288, sector=536576856, nr_sectors = 16 limit=16
[  198.697984][ T6752] tty tty27: ldisc open failed (-12), clearing slot 26
[  203.307130][ T6793] netlink: 32 bytes leftover after parsing attributes in process `syz.3.232'.
[  205.945874][ T6816] tty tty21: ldisc open failed (-12), clearing slot 20
[  208.452519][ T6840] Invalid ELF header type: 0 != 1
[  209.335588][ T6857] loop3: detected capacity change from 0 to 512
[  209.464392][ T6857] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2240: inode #15: comm syz.3.249: corrupted in-inode xattr: invalid ea_ino
[  209.485263][ T6857] EXT4-fs error (device loop3): ext4_orphan_get:1394: comm syz.3.249: couldn't read orphan inode 15 (err -117)
[  209.520936][ T6857] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  211.164266][   T25] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  211.729662][   T25] usb 5-1: device descriptor read/all, error -71
[  211.739393][ T5846] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  211.861409][   T29] kauditd_printk_skb: 10 callbacks suppressed
[  211.861450][   T29] audit: type=1326 audit(1738924825.772:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6866 comm="syz.1.253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f153438cde9 code=0x7ffc0000
[  212.279883][ T5835] Bluetooth: hci4: command 0x0406 tx timeout
[  212.299747][ T5835] Bluetooth: hci0: command 0x0406 tx timeout
[  212.306774][ T5835] Bluetooth: hci2: command 0x0406 tx timeout
[  212.316118][ T5845] Bluetooth: hci1: command 0x0406 tx timeout
[  212.377438][   T29] audit: type=1326 audit(1738924825.772:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6866 comm="syz.1.253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f153438cde9 code=0x7ffc0000
[  212.564804][   T29] audit: type=1326 audit(1738924825.772:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6866 comm="syz.1.253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7f153438cde9 code=0x7ffc0000
[  212.601866][   T29] audit: type=1326 audit(1738924825.772:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6866 comm="syz.1.253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f153438cde9 code=0x7ffc0000
[  212.636359][   T29] audit: type=1326 audit(1738924825.772:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6866 comm="syz.1.253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f153438cde9 code=0x7ffc0000
[  212.664545][   T29] audit: type=1326 audit(1738924825.772:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6866 comm="syz.1.253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=89 compat=0 ip=0x7f153438cde9 code=0x7ffc0000
[  213.880637][   T29] audit: type=1326 audit(1738924825.782:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6866 comm="syz.1.253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f153438cde9 code=0x7ffc0000
[  214.501190][   T29] audit: type=1326 audit(1738924825.782:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6866 comm="syz.1.253" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f153438cde9 code=0x7ffc0000
[  214.523279][    C0] vkms_vblank_simulate: vblank timer overrun
[  214.985079][ T6898] Invalid ELF header type: 0 != 1
[  215.259214][ T6900] loop2: detected capacity change from 0 to 256
[  217.715427][ T6910] netlink: 32 bytes leftover after parsing attributes in process `syz.1.263'.
[  220.680826][ T6929] bridge0: port 2(bridge_slave_1) entered disabled state
[  227.186397][ T6969] netlink: 4 bytes leftover after parsing attributes in process `syz.1.282'.
[  227.968329][ T6976] netlink: 4 bytes leftover after parsing attributes in process `syz.1.286'.
[  228.081031][ T6980] loop3: detected capacity change from 0 to 16
[  228.465219][ T6980] erofs (device loop3): mounted with root inode @ nid 36.
[  229.195816][ T6985] syz.4.288: attempt to access beyond end of device
[  229.195816][ T6985] nbd4: rw=0, sector=0, nr_sectors = 1 limit=0
[  229.208805][ T6985] (syz.4.288,6985,0):ocfs2_get_sector:1714 ERROR: status = -5
[  229.216318][    C0] vxcan1: j1939_tp_rxtimer: 0xffff888032e27400: rx timeout, send abort
[  229.226727][ T6985] (syz.4.288,6985,0):ocfs2_sb_probe:753 ERROR: status = -5
[  229.234306][    C0] vxcan1: j1939_xtp_rx_abort_one: 0xffff888032e27400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  229.251296][ T6985] (syz.4.288,6985,0):ocfs2_fill_super:989 ERROR: superblock probe failed!
[  229.262118][ T6985] (syz.4.288,6985,0):ocfs2_fill_super:1177 ERROR: status = -5
[  235.234417][ T5840] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  235.393883][ T5840] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  235.404756][ T5840] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  235.414150][ T5840] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  235.422175][ T5840] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  235.431793][ T5840] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  235.479534][ T7053] netlink: 4 bytes leftover after parsing attributes in process `syz.3.300'.
[  235.973094][ T7060] loop1: detected capacity change from 0 to 64
[  236.728614][    C0] vxcan1: j1939_tp_rxtimer: 0xffff888079e5a800: rx timeout, send abort
[  236.747097][    C0] vxcan1: j1939_xtp_rx_abort_one: 0xffff888079e5a800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  237.487397][ T5840] Bluetooth: hci5: command tx timeout
[  237.589868][ T7072] loop4: detected capacity change from 0 to 16
[  237.665708][ T7072] erofs (device loop4): negative i_size @ nid 36
[  238.715435][ T7049] chnl_net:caif_netlink_parms(): no params data found
[  239.943115][ T5840] Bluetooth: hci5: command tx timeout
[  241.239273][ T7098] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR
[  242.687549][ T5840] Bluetooth: hci5: command tx timeout
[  242.770927][ T7049] bridge0: port 1(bridge_slave_0) entered blocking state
[  242.899328][ T7049] bridge0: port 1(bridge_slave_0) entered disabled state
[  242.909151][ T7049] bridge_slave_0: entered allmulticast mode
[  242.916972][ T7049] bridge_slave_0: entered promiscuous mode
[  242.975080][ T7049] bridge0: port 2(bridge_slave_1) entered blocking state
[  243.240982][ T7049] bridge0: port 2(bridge_slave_1) entered disabled state
[  243.248378][ T7049] bridge_slave_1: entered allmulticast mode
[  243.256238][ T7049] bridge_slave_1: entered promiscuous mode
[  243.390524][ T7121] loop3: detected capacity change from 0 to 128
[  244.698763][ T7121] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  244.723015][ T7121] ext4 filesystem being mounted at /66/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  244.742012][ T7120] netlink: 'syz.3.313': attribute type 16 has an invalid length.
[  244.750698][ T7120] netlink: 'syz.3.313': attribute type 3 has an invalid length.
[  244.758408][ T7120] netlink: 24858 bytes leftover after parsing attributes in process `syz.3.313'.
[  244.839081][ T5840] Bluetooth: hci5: command tx timeout
[  245.068892][ T5846] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  245.108622][ T7128] loop1: detected capacity change from 0 to 16
[  245.162034][ T7128] erofs (device loop1): negative i_size @ nid 36
[  245.184307][ T7049] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  245.355876][ T7049] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  245.394607][ T7130] loop4: detected capacity change from 0 to 512
[  246.180493][ T7130] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  246.328816][ T7130] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  246.570947][ T7130] ext4 filesystem being mounted at /68/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  247.657934][ T7049] team0: Port device team_slave_0 added
[  247.698496][ T7049] team0: Port device team_slave_1 added
[  248.000264][ T7049] batman_adv: batadv0: Adding interface: batadv_slave_0
[  248.967445][ T7049] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  249.798490][ T7049] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  249.812326][ T7049] batman_adv: batadv0: Adding interface: batadv_slave_1
[  249.819545][ T7049] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  249.895437][ T7049] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  250.409781][ T7174] loop3: detected capacity change from 0 to 512
[  252.870540][ T7174] EXT4-fs error (device loop3): ext4_expand_extra_isize_ea:2813: inode #11: comm syz.3.326: corrupted xattr block 95: invalid header
[  253.272737][ T5838] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  253.284239][ T7174] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2863: Unable to expand inode 11. Delete some EAs or run e2fsck.
[  253.299315][ T7174] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.326: bg 0: block 7: invalid block bitmap
[  253.319110][ T7174] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  253.344097][ T7174] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2977: inode #11: comm syz.3.326: corrupted xattr block 95: invalid header
[  253.363721][ T7174] EXT4-fs warning (device loop3): ext4_evict_inode:278: xattr delete (err -117)
[  253.373099][ T7174] EXT4-fs (loop3): 1 orphan inode deleted
[  253.380702][ T7174] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  253.683856][ T5846] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  254.030530][ T7049] hsr_slave_0: entered promiscuous mode
[  254.713866][ T7049] hsr_slave_1: entered promiscuous mode
[  254.738289][ T7049] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  254.745956][ T7049] Cannot create hsr debugfs directory
[  254.789956][ T7185] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  254.902890][ T7188] loop3: detected capacity change from 0 to 512
[  255.857155][ T7188] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  255.870771][ T7188] ext4 filesystem being mounted at /71/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  256.379152][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  256.385512][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  256.563706][ T7195] loop4: detected capacity change from 0 to 1024
[  256.877697][ T7195] EXT4-fs: Ignoring removed nobh option
[  257.490920][ T7195] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  258.510979][ T7195] EXT4-fs error (device loop4): ext4_ext_check_inode:524: inode #11: comm syz.4.333: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  258.556061][ T7195] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.333: couldn't read orphan inode 11 (err -117)
[  258.906463][ T7195] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  259.020179][ T5846] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  259.038347][ T5838] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  259.116174][ T7208] loop1: detected capacity change from 0 to 512
[  259.184950][ T7208] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  259.197889][ T7208] ext4 filesystem being mounted at /66/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  259.624687][ T7049] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  259.653307][ T7049] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  259.675225][ T7049] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  259.768584][ T5840] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201'
[  259.778705][ T5840] CPU: 1 UID: 0 PID: 5840 Comm: kworker/u9:3 Not tainted 6.14.0-rc1-next-20250207-syzkaller #0
[  259.778737][ T5840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  259.778754][ T5840] Workqueue: hci1 hci_rx_work
[  259.778778][ T5840] Call Trace:
[  259.778786][ T5840]  <TASK>
[  259.778794][ T5840]  dump_stack_lvl+0x241/0x360
[  259.778823][ T5840]  ? __pfx_dump_stack_lvl+0x10/0x10
[  259.778844][ T5840]  ? __pfx__printk+0x10/0x10
[  259.778882][ T5840]  ? __kmalloc_cache_noprof+0x243/0x390
[  259.778901][ T5840]  ? sysfs_create_dir_ns+0x28a/0x3a0
[  259.778929][ T5840]  sysfs_create_dir_ns+0x2ce/0x3a0
[  259.778954][ T5840]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  259.778991][ T5840]  kobject_add_internal+0x435/0x8d0
[  259.779032][ T5840]  kobject_add+0x152/0x220
[  259.779056][ T5840]  ? do_raw_spin_unlock+0x13c/0x8b0
[  259.779077][ T5840]  ? device_add+0x3e7/0xbf0
[  259.779103][ T5840]  ? __pfx_kobject_add+0x10/0x10
[  259.779129][ T5840]  ? _raw_spin_unlock+0x28/0x50
[  259.779155][ T5840]  ? get_device_parent+0x165/0x410
[  259.779188][ T5840]  device_add+0x4e5/0xbf0
[  259.779226][ T5840]  hci_conn_add_sysfs+0xe8/0x200
[  259.779258][ T5840]  le_conn_complete_evt+0xc9f/0x12e0
[  259.779303][ T5840]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  259.779322][ T5840]  ? __mutex_unlock_slowpath+0x227/0x800
[  259.779362][ T5840]  ? skb_pull_data+0x112/0x230
[  259.779394][ T5840]  hci_le_conn_complete_evt+0x18c/0x420
[  259.779430][ T5840]  hci_event_packet+0xa55/0x1540
[  259.779457][ T5840]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  259.779487][ T5840]  ? __pfx_hci_event_packet+0x10/0x10
[  259.779512][ T5840]  ? do_raw_spin_unlock+0x13c/0x8b0
[  259.779545][ T5840]  ? hci_send_to_monitor+0xd8/0x7f0
[  259.779568][ T5840]  ? kcov_remote_start+0x97/0x7d0
[  259.779598][ T5840]  hci_rx_work+0x3f3/0xdb0
[  259.779636][ T5840]  ? process_scheduled_works+0x976/0x1840
[  259.779659][ T5840]  process_scheduled_works+0xa66/0x1840
[  259.779738][ T5840]  ? __pfx_process_scheduled_works+0x10/0x10
[  259.779778][ T5840]  ? assign_work+0x364/0x3d0
[  259.779811][ T5840]  worker_thread+0x870/0xd30
[  259.779860][ T5840]  ? __kthread_parkme+0x169/0x1d0
[  259.779890][ T5840]  ? __pfx_worker_thread+0x10/0x10
[  259.779913][ T5840]  kthread+0x7a9/0x920
[  259.779934][ T5840]  ? __pfx_kthread+0x10/0x10
[  259.779961][ T5840]  ? __pfx_worker_thread+0x10/0x10
[  259.779984][ T5840]  ? __pfx_kthread+0x10/0x10
[  259.780004][ T5840]  ? __pfx_kthread+0x10/0x10
[  259.780033][ T5840]  ? __pfx_kthread+0x10/0x10
[  259.780053][ T5840]  ? _raw_spin_unlock_irq+0x23/0x50
[  259.780072][ T5840]  ? lockdep_hardirqs_on+0x99/0x150
[  259.780092][ T5840]  ? __pfx_kthread+0x10/0x10
[  259.780118][ T5840]  ret_from_fork+0x4b/0x80
[  259.780138][ T5840]  ? __pfx_kthread+0x10/0x10
[  259.780162][ T5840]  ret_from_fork_asm+0x1a/0x30
[  259.780211][ T5840]  </TASK>
[  259.780348][ T5840] kobject: kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  259.893234][ T7049] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  259.903550][ T5840] Bluetooth: hci1: failed to register connection device
[  260.142784][ T5831] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  260.866520][ T7224] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_rx_wq": -EINTR
[  260.880854][ T7232] loop4: detected capacity change from 0 to 256
[  261.818020][ T7242] syz.1.341: attempt to access beyond end of device
[  261.818020][ T7242] nbd1: rw=0, sector=0, nr_sectors = 1 limit=0
[  261.831309][ T7242] (syz.1.341,7242,1):ocfs2_get_sector:1714 ERROR: status = -5
[  261.838942][ T7242] (syz.1.341,7242,1):ocfs2_sb_probe:753 ERROR: status = -5
[  261.847515][ T7242] (syz.1.341,7242,1):ocfs2_fill_super:989 ERROR: superblock probe failed!
[  261.856102][ T7242] (syz.1.341,7242,1):ocfs2_fill_super:1177 ERROR: status = -5
[  262.573002][ T7049] 8021q: adding VLAN 0 to HW filter on device bond0
[  262.757795][ T7248] loop1: detected capacity change from 0 to 128
[  262.801924][ T7049] 8021q: adding VLAN 0 to HW filter on device team0
[  262.843675][ T7248] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  262.847445][  T975] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  262.885377][   T67] bridge0: port 1(bridge_slave_0) entered blocking state
[  262.892638][   T67] bridge0: port 1(bridge_slave_0) entered forwarding state
[  262.917050][ T7234] loop3: detected capacity change from 0 to 256
[  262.962076][   T67] bridge0: port 2(bridge_slave_1) entered blocking state
[  262.969395][   T67] bridge0: port 2(bridge_slave_1) entered forwarding state
[  262.986752][ T7248] ext4 filesystem being mounted at /68/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  263.858321][ T5831] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  264.749115][ T7049] 8021q: adding VLAN 0 to HW filter on device batadv0
[  267.413169][ T6615] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  268.379252][ T6615] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  268.620291][ T5849] Bluetooth: hci1: command 0x0406 tx timeout
[  269.781866][ T7319] loop1: detected capacity change from 0 to 764
[  270.265187][ T7323] rock: directory entry would overflow storage
[  270.271679][ T7323] rock: sig=0x4f50, size=4, remaining=3
[  270.277415][ T7323] iso9660: Corrupted directory entry in block 6 of inode 1792
[  270.325592][ T6615] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  270.529141][ T7049] veth0_vlan: entered promiscuous mode
[  270.650649][ T6615] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  270.773469][ T7049] veth1_vlan: entered promiscuous mode
[  270.879035][ T7049] veth0_macvtap: entered promiscuous mode
[  270.895065][ T7049] veth1_macvtap: entered promiscuous mode
[  271.626091][ T7049] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  271.659003][ T7340] loop1: detected capacity change from 0 to 64
[  271.733128][ T7049] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  271.981172][ T7049] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  272.017318][ T7049] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  272.027187][ T7049] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  272.770992][ T7049] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  272.799044][ T7049] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  272.811981][ T7049] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  272.821918][ T7049] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  273.179233][ T7049] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  273.191864][ T7049] batman_adv: batadv0: Interface activated: batadv_slave_0
[  273.250840][ T7359] loop4: detected capacity change from 0 to 64
[  273.285616][ T7049] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  273.323788][ T7049] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  273.488493][ T7049] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  273.502202][ T7049] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  273.512425][ T7049] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  273.524490][ T7049] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  274.157325][ T7049] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  274.177365][ T7049] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  274.197314][ T7049] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  274.222862][ T7049] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  274.292296][ T7049] batman_adv: batadv0: Interface activated: batadv_slave_1
[  276.361583][ T7049] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  276.496720][ T7379] loop4: detected capacity change from 0 to 764
[  276.548597][ T7049] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  276.557423][ T7049] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  276.566157][ T7049] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  278.226779][ T6615] bridge0: port 2(bridge_slave_1) entered disabled state
[  278.431785][ T6615] bridge_slave_0: left allmulticast mode
[  278.453560][ T6615] bridge_slave_0: left promiscuous mode
[  278.467167][ T7382] rock: directory entry would overflow storage
[  278.478953][ T6615] bridge0: port 1(bridge_slave_0) entered disabled state
[  278.488474][ T7382] rock: sig=0x4f50, size=4, remaining=3
[  278.494158][ T7382] iso9660: Corrupted directory entry in block 6 of inode 1792
[  279.805856][ T7416] loop1: detected capacity change from 0 to 16
[  279.815990][ T7416] erofs (device loop1): negative i_size @ nid 36
[  282.319887][ T7437] loop3: detected capacity change from 0 to 512
[  282.411953][ T7437] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  282.426609][ T7437] ext4 filesystem being mounted at /85/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  285.381182][ T7461] loop4: detected capacity change from 0 to 16
[  285.435948][ T7461] erofs (device loop4): negative i_size @ nid 36
[  285.449434][ T6615] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  285.490084][ T6615] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  285.527931][ T6615] bond0 (unregistering): Released all slaves
[  288.835394][ T7473] tmpfs: Unknown parameter 'e'
[  290.063927][ T5846] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  290.095126][ T1110] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  290.112293][ T1110] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  290.315764][ T7494] loop1: detected capacity change from 0 to 512
[  290.581723][ T7494] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  290.595484][ T7494] ext4 filesystem being mounted at /89/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  292.589956][ T7505] tty tty20: ldisc open failed (-12), clearing slot 19
[  293.169327][ T5831] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  293.970483][ T6615] hsr_slave_0: left promiscuous mode
[  294.114113][ T6615] hsr_slave_1: left promiscuous mode
[  294.165807][ T6615] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  294.229571][ T6615] batman_adv: batadv0: Removing interface: batadv_slave_0
[  294.239624][ T7526] tmpfs: Unknown parameter 'e'
[  294.292721][ T7527] loop1: detected capacity change from 0 to 512
[  294.338292][ T6615] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  294.383056][ T6615] batman_adv: batadv0: Removing interface: batadv_slave_1
[  294.391960][ T7527] EXT4-fs: Ignoring removed orlov option
[  294.476711][ T7527] EXT4-fs error (device loop1): ext4_orphan_get:1389: inode #15: comm syz.1.417: casefold flag without casefold feature
[  294.505966][ T7527] EXT4-fs error (device loop1): ext4_orphan_get:1394: comm syz.1.417: couldn't read orphan inode 15 (err -117)
[  294.539806][ T6615] veth1_macvtap: left promiscuous mode
[  294.546093][ T6615] veth0_macvtap: left promiscuous mode
[  294.552556][ T6615] veth1_vlan: left promiscuous mode
[  294.558498][ T6615] veth0_vlan: left promiscuous mode
[  294.638326][ T7527] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  294.889200][ T5831] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  295.463287][ T5840] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  295.477784][ T5840] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  295.493670][ T5840] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  295.516974][ T5840] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  295.526953][ T5840] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  295.534779][ T5840] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  296.373653][ T6615] team0 (unregistering): Port device team_slave_1 removed
[  296.420905][ T6615] team0 (unregistering): Port device team_slave_0 removed
[  296.860762][ T7541] slcan: can't register candev
[  296.873171][ T7541] Falling back ldisc for ttyS3.
[  297.358639][ T7547] loop3: detected capacity change from 0 to 64
[  297.436216][ T7550] loop4: detected capacity change from 0 to 64
[  297.628404][ T5849] Bluetooth: hci3: command tx timeout
[  299.711800][ T5849] Bluetooth: hci3: command tx timeout
[  300.468020][ T7538] chnl_net:caif_netlink_parms(): no params data found
[  300.588323][ T7569] tmpfs: Unknown parameter 'e'
[  301.285362][ T7597] netlink: 4 bytes leftover after parsing attributes in process `syz.0.433'.
[  301.850750][ T5849] Bluetooth: hci3: command tx timeout
[  302.731317][ T7538] bridge0: port 1(bridge_slave_0) entered blocking state
[  302.762434][ T7538] bridge0: port 1(bridge_slave_0) entered disabled state
[  302.775482][ T7538] bridge_slave_0: entered allmulticast mode
[  302.787207][ T7538] bridge_slave_0: entered promiscuous mode
[  302.813930][ T7538] bridge0: port 2(bridge_slave_1) entered blocking state
[  302.965021][ T7538] bridge0: port 2(bridge_slave_1) entered disabled state
[  302.972917][ T7538] bridge_slave_1: entered allmulticast mode
[  302.981482][ T7538] bridge_slave_1: entered promiscuous mode
[  303.019951][ T7610] loop1: detected capacity change from 0 to 2048
[  303.048440][ T7610] EXT4-fs: Ignoring removed mblk_io_submit option
[  303.154597][ T7610] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  303.300168][ T7538] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  303.380983][ T7538] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  303.867563][ T5849] Bluetooth: hci3: command tx timeout
[  304.630644][ T5831] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  305.005534][ T7538] team0: Port device team_slave_0 added
[  305.057642][   T51] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  305.212178][ T6615] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  305.261570][ T7631] loop1: detected capacity change from 0 to 64
[  305.267536][   T51] usb 1-1: Using ep0 maxpacket: 16
[  305.272228][ T7538] team0: Port device team_slave_1 added
[  305.315908][   T51] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  305.321251][ T6615] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  305.507944][   T51] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  306.245062][   T51] usb 1-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[  306.276777][   T51] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  306.313763][   T51] usb 1-1: Product: syz
[  306.367472][   T51] usb 1-1: Manufacturer: syz
[  306.385594][ T7538] batman_adv: batadv0: Adding interface: batadv_slave_0
[  306.401139][   T51] usb 1-1: SerialNumber: syz
[  306.430919][   T51] usb 1-1: config 0 descriptor??
[  306.436051][ T7538] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  306.536314][ T7538] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  306.685108][ T6615] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  307.494037][ T7538] batman_adv: batadv0: Adding interface: batadv_slave_1
[  307.501908][ T7538] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  307.579561][ T7538] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  307.850728][ T5904] usb 1-1: USB disconnect, device number 6
[  307.970895][ T6615] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  308.193420][ T7651] tmpfs: Unknown parameter 'e'
[  308.482082][ T7538] hsr_slave_0: entered promiscuous mode
[  308.582706][ T7538] hsr_slave_1: entered promiscuous mode
[  308.960191][ T7648] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  309.348887][ T7671] Invalid ELF header type: 0 != 1
[  310.543014][ T7671] could not allocate digest TFM handle crct10dif
[  311.207509][ T7687] netlink: 4 bytes leftover after parsing attributes in process `syz.4.453'.
[  313.003131][ T7701] tmpfs: Unknown parameter 'e'
[  313.025138][ T6615] bridge_slave_1: left allmulticast mode
[  313.054574][ T6615] bridge_slave_1: left promiscuous mode
[  313.088472][ T6615] bridge0: port 2(bridge_slave_1) entered disabled state
[  313.176863][ T6615] bridge_slave_0: left allmulticast mode
[  313.194904][ T6615] bridge_slave_0: left promiscuous mode
[  313.230313][ T6615] bridge0: port 1(bridge_slave_0) entered disabled state
[  315.232129][ T7713] Invalid ELF header type: 0 != 1
[  315.306412][ T6615] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  315.363223][ T6615] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  315.381435][ T6615] bond0 (unregistering): Released all slaves
[  315.425456][ T7713] could not allocate digest TFM handle crct10dif
[  316.591485][ T7729] syz.3.461: attempt to access beyond end of device
[  316.591485][ T7729] nbd3: rw=0, sector=0, nr_sectors = 1 limit=0
[  316.604287][ T7729] (syz.3.461,7729,1):ocfs2_get_sector:1714 ERROR: status = -5
[  316.611837][ T7729] (syz.3.461,7729,1):ocfs2_sb_probe:753 ERROR: status = -5
[  316.619081][ T7729] (syz.3.461,7729,1):ocfs2_fill_super:989 ERROR: superblock probe failed!
[  316.627638][ T7729] (syz.3.461,7729,1):ocfs2_fill_super:1177 ERROR: status = -5
[  317.301470][ T7732] loop3: detected capacity change from 0 to 256
[  317.307961][ T7720] wg2: entered promiscuous mode
[  317.314505][ T7720] wg2: entered allmulticast mode
[  317.324720][ T7732] exfat: Deprecated parameter 'namecase'
[  317.414356][ T7732] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe3f33698, utbl_chksum : 0xe619d30d)
[  317.577110][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  317.586586][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  317.934956][ T7745] loop4: detected capacity change from 0 to 512
[  318.070779][ T7745] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  318.083981][ T7745] ext4 filesystem being mounted at /112/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  319.610087][ T5838] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  319.987620][ T6615] hsr_slave_0: left promiscuous mode
[  320.003884][ T6615] hsr_slave_1: left promiscuous mode
[  320.022961][ T6615] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  320.049220][ T6615] batman_adv: batadv0: Removing interface: batadv_slave_0
[  320.093104][ T6615] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  320.134886][ T6615] batman_adv: batadv0: Removing interface: batadv_slave_1
[  320.345558][ T6615] veth1_macvtap: left promiscuous mode
[  320.376956][ T6615] veth0_macvtap: left promiscuous mode
[  320.410317][ T6615] veth1_vlan: left promiscuous mode
[  320.427903][ T6615] veth0_vlan: left promiscuous mode
[  321.289197][ T7767] tmpfs: Unknown parameter 'e'
[  323.071286][ T7792] syz.0.474: attempt to access beyond end of device
[  323.071286][ T7792] nbd0: rw=0, sector=0, nr_sectors = 1 limit=0
[  323.085638][ T7792] (syz.0.474,7792,1):ocfs2_get_sector:1714 ERROR: status = -5
[  323.094165][ T7792] (syz.0.474,7792,1):ocfs2_sb_probe:753 ERROR: status = -5
[  323.101501][ T7792] (syz.0.474,7792,1):ocfs2_fill_super:989 ERROR: superblock probe failed!
[  323.110118][ T7792] (syz.0.474,7792,1):ocfs2_fill_super:1177 ERROR: status = -5
[  325.486959][ T6615] team0 (unregistering): Port device team_slave_1 removed
[  325.583262][ T6615] team0 (unregistering): Port device team_slave_0 removed
[  328.405517][ T7538] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  328.680408][ T7822] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  328.717105][ T7822] xt_CT: You must specify a L4 protocol and not use inversions on it
[  329.273073][ T7821] loop1: detected capacity change from 0 to 16
[  329.338453][ T7821] erofs (device loop1): negative i_size @ nid 36
[  329.381932][ T7538] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  329.825088][ T7835] tmpfs: Unknown parameter 'e'
[  329.847438][ T7538] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  329.896330][ T7836] loop4: detected capacity change from 0 to 512
[  329.925595][ T7538] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  329.963147][ T7836] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  329.976135][ T7836] ext4 filesystem being mounted at /117/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  330.810533][ T7852] loop3: detected capacity change from 0 to 64
[  331.576322][ T5838] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  332.023025][ T7538] 8021q: adding VLAN 0 to HW filter on device bond0
[  332.352376][ T7864] can0: slcan on ttyS3.
[  332.460936][ T7538] 8021q: adding VLAN 0 to HW filter on device team0
[  332.491369][ T3521] bridge0: port 1(bridge_slave_0) entered blocking state
[  332.498659][ T3521] bridge0: port 1(bridge_slave_0) entered forwarding state
[  332.545774][ T3521] bridge0: port 2(bridge_slave_1) entered blocking state
[  332.553069][ T3521] bridge0: port 2(bridge_slave_1) entered forwarding state
[  333.820647][ T7862] can0 (unregistered): slcan off ttyS3.
[  334.949267][   T29] audit: type=1326 audit(1738925461.828:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7887 comm="syz.4.497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e2938cde9 code=0x7ffc0000
[  335.569216][ T7888] could not allocate digest TFM handle crct10dif
[  335.732012][   T29] audit: type=1326 audit(1738925461.828:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7887 comm="syz.4.497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e2938cde9 code=0x7ffc0000
[  335.844490][ T7900] loop4: detected capacity change from 0 to 16
[  335.884487][   T29] audit: type=1326 audit(1738925461.828:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7887 comm="syz.4.497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7f6e2938cde9 code=0x7ffc0000
[  335.931820][ T7900] erofs (device loop4): negative i_size @ nid 36
[  335.946529][ T7903] loop1: detected capacity change from 0 to 512
[  336.222548][   T29] audit: type=1326 audit(1738925461.838:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7887 comm="syz.4.497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e2938cde9 code=0x7ffc0000
[  336.254732][   T29] audit: type=1326 audit(1738925461.838:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7887 comm="syz.4.497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e2938cde9 code=0x7ffc0000
[  336.281777][ T7903] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  336.295573][ T7903] ext4 filesystem being mounted at /113/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  336.583992][   T29] audit: type=1326 audit(1738925461.838:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7887 comm="syz.4.497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=89 compat=0 ip=0x7f6e2938cde9 code=0x7ffc0000
[  336.591615][ T7538] 8021q: adding VLAN 0 to HW filter on device batadv0
[  336.743997][   T29] audit: type=1326 audit(1738925461.838:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7887 comm="syz.4.497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e2938cde9 code=0x7ffc0000
[  337.223072][   T29] audit: type=1326 audit(1738925461.838:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7887 comm="syz.4.497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e2938cde9 code=0x7ffc0000
[  337.411702][   T29] audit: type=1326 audit(1738925461.848:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7887 comm="syz.4.497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f6e2938cde9 code=0x7ffc0000
[  337.549738][ T5831] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  337.576739][   T29] audit: type=1326 audit(1738925461.848:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7887 comm="syz.4.497" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e2938cde9 code=0x7ffc0000
[  337.995458][ T7932] overlayfs: failed to resolve './file0': -2
[  340.197403][ T7948] tty tty23: ldisc open failed (-12), clearing slot 22
[  342.357357][ T7538] veth0_vlan: entered promiscuous mode
[  342.370767][ T7962] loop4: detected capacity change from 0 to 64
[  342.483059][ T7538] veth1_vlan: entered promiscuous mode
[  342.662635][ T7538] veth0_macvtap: entered promiscuous mode
[  342.720826][ T7538] veth1_macvtap: entered promiscuous mode
[  342.792478][ T7538] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  342.803153][ T7538] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  342.813043][ T7538] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  342.824286][ T7538] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  342.834500][ T7538] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  342.849359][ T7538] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  342.859370][ T7538] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  342.870461][ T7538] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  342.893420][ T7970] overlayfs: failed to resolve './file0': -2
[  343.145889][ T7538] batman_adv: batadv0: Interface activated: batadv_slave_0
[  343.523458][ T7538] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  343.584583][ T7538] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  343.617408][ T7538] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  343.646575][ T7538] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  343.682030][ T7538] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  343.926775][ T7538] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  343.938038][ T7538] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  343.951584][ T7538] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  344.859893][ T7538] batman_adv: batadv0: Interface activated: batadv_slave_1
[  345.070855][ T7538] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  345.086014][ T7538] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  345.176812][ T7538] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  345.187676][ T7974] loop3: detected capacity change from 0 to 2048
[  345.217468][ T7538] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  346.249096][ T7974]  loop3: p1 < > p4
[  346.285965][ T7974] loop3: p4 size 8388608 extends beyond EOD, truncated
[  346.618532][ T6631] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  346.626391][ T6631] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  347.633222][ T1110] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  348.432715][ T1110] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  348.632162][ T6195] udevd[6195]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[  351.257360][   T25] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  354.660323][ T8048] loop5: detected capacity change from 0 to 64
[  356.955296][ T8065] loop1: detected capacity change from 0 to 512
[  357.387188][ T8064] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR
[  357.594552][ T8065] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  357.613234][ T8065] EXT4-fs (loop1): couldn't mount as ext3 due to feature incompatibilities
[  358.613214][ T8077] loop5: detected capacity change from 0 to 764
[  358.701223][ T8080] netlink: 4 bytes leftover after parsing attributes in process `syz.0.537'.
[  358.941683][   T25] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  358.992385][ T8081] rock: directory entry would overflow storage
[  358.999088][ T8081] rock: sig=0x4f50, size=4, remaining=3
[  359.004658][ T8081] iso9660: Corrupted directory entry in block 6 of inode 1792
[  359.128976][   T25] usb 5-1: Using ep0 maxpacket: 16
[  359.215945][   T25] usb 5-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[  359.300015][   T25] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  359.550368][   T25] usb 5-1: Product: syz
[  359.554595][   T25] usb 5-1: Manufacturer: syz
[  359.596862][   T25] usb 5-1: SerialNumber: syz
[  359.645646][   T25] usb 5-1: config 0 descriptor??
[  361.429963][ T8109] loop3: detected capacity change from 0 to 512
[  361.514134][ T8109] EXT4-fs error (device loop3): ext4_orphan_get:1389: inode #15: comm syz.3.542: casefold flag without casefold feature
[  361.838483][ T8109] EXT4-fs error (device loop3): ext4_orphan_get:1394: comm syz.3.542: couldn't read orphan inode 15 (err -117)
[  361.886160][ T8109] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  362.023106][ T5958] usb 5-1: USB disconnect, device number 4
[  363.801681][ T8144] loop1: detected capacity change from 0 to 764
[  364.171923][ T8146] rock: directory entry would overflow storage
[  364.178352][ T8146] rock: sig=0x4f50, size=4, remaining=3
[  364.183995][ T8146] iso9660: Corrupted directory entry in block 6 of inode 1792
[  365.060188][ T5846] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  366.756188][ T8201] loop1: detected capacity change from 0 to 512
[  366.886302][ T8201] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  366.899915][ T8201] ext4 filesystem being mounted at /125/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  368.558909][ T8207] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR
[  369.400932][ T5831] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  372.728748][ T8232] can0: slcan on ttyS3.
[  373.792275][ T8227] can0 (unregistered): slcan off ttyS3.
[  374.740881][ T8277] loop4: detected capacity change from 0 to 164
[  376.378831][   T29] kauditd_printk_skb: 7 callbacks suppressed
[  376.378851][   T29] audit: type=1326 audit(1738925503.278:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8280 comm="syz.0.572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aa1d8cde9 code=0x7ffc0000
[  376.519082][   T29] audit: type=1326 audit(1738925503.278:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8280 comm="syz.0.572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aa1d8cde9 code=0x7ffc0000
[  376.619448][   T29] audit: type=1326 audit(1738925503.278:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8280 comm="syz.0.572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=89 compat=0 ip=0x7f3aa1d8cde9 code=0x7ffc0000
[  376.674243][   T29] audit: type=1326 audit(1738925503.278:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8280 comm="syz.0.572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aa1d8cde9 code=0x7ffc0000
[  377.873567][   T29] audit: type=1326 audit(1738925503.278:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8280 comm="syz.0.572" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aa1d8cde9 code=0x7ffc0000
[  379.001161][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  379.007530][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  379.074606][   T25] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  379.257723][   T25] usb 6-1: Using ep0 maxpacket: 16
[  379.289094][   T25] usb 6-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[  379.313829][   T25] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  379.351767][   T25] usb 6-1: Product: syz
[  379.366366][   T25] usb 6-1: Manufacturer: syz
[  379.371682][   T25] usb 6-1: SerialNumber: syz
[  379.398476][   T25] usb 6-1: config 0 descriptor??
[  380.589154][ T5849] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection
[  382.068017][ T5889] usb 6-1: USB disconnect, device number 2
[  385.085678][ T8380] netlink: 4 bytes leftover after parsing attributes in process `syz.3.593'.
[  386.722651][ T8390] loop5: detected capacity change from 0 to 512
[  386.953491][ T8390] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  386.966626][ T8390] ext4 filesystem being mounted at /22/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  388.249167][ T7538] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  390.330126][ T8428] tmpfs: Unknown parameter 'e'
[  390.345567][ T8427] netlink: 1752 bytes leftover after parsing attributes in process `syz.5.602'.
[  395.221892][ T8475] loop3: detected capacity change from 0 to 164
[  395.657519][   T25] usb 4-1: new full-speed USB device number 2 using dummy_hcd
[  395.678626][ T8481] netlink: 1752 bytes leftover after parsing attributes in process `syz.4.613'.
[  395.880667][   T25] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  395.911628][   T25] usb 4-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  395.967271][   T25] usb 4-1: config 1 has no interface number 1
[  395.992401][   T25] usb 4-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  396.032039][   T25] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  396.066388][   T25] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  396.106575][   T25] usb 4-1: Product: syz
[  396.135684][   T25] usb 4-1: Manufacturer: syz
[  396.226994][   T25] usb 4-1: SerialNumber: syz
[  397.089284][ T8497] loop4: detected capacity change from 0 to 64
[  397.414655][ T8501] tmpfs: Unknown parameter 'e'
[  398.091049][ T8506] netlink: 32 bytes leftover after parsing attributes in process `syz.4.617'.
[  398.835137][   T25] usb 4-1: USB disconnect, device number 2
[  399.134574][ T6195] udevd[6195]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  399.158153][ T8516] Invalid ELF header type: 0 != 1
[  399.866308][ T8528] tmpfs: Unknown parameter 'e'
[  400.996080][ T8546] tmpfs: Unknown parameter 'e'
[  402.632068][ T8566] loop1: detected capacity change from 0 to 512
[  406.157860][ T8566] EXT4-fs warning (device loop1): ext4_multi_mount_protect:398: Unable to create kmmpd thread for loop1.
[  409.179478][ T8627] Invalid ELF header type: 0 != 1
[  409.262038][ T8633] loop1: detected capacity change from 0 to 164
[  410.046868][ T5889] usb 2-1: new full-speed USB device number 7 using dummy_hcd
[  410.267922][ T5889] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  410.294795][ T5889] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  410.460266][ T5889] usb 2-1: config 1 has no interface number 1
[  410.492544][ T5889] usb 2-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  410.563840][ T5889] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  410.595198][ T5889] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  410.637024][ T5889] usb 2-1: Product: syz
[  410.652835][ T5889] usb 2-1: Manufacturer: syz
[  410.697386][ T5889] usb 2-1: SerialNumber: syz
[  410.988340][ T8650] loop3: detected capacity change from 0 to 512
[  411.225315][ T8650] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  411.238710][ T8650] ext4 filesystem being mounted at /127/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  411.772767][ T8655] tmpfs: Unknown parameter 'e'
[  413.216426][ T5889] usb 2-1: USB disconnect, device number 7
[  413.238738][ T5846] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  413.504869][ T6195] udevd[6195]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  413.806173][ T8673] overlay: Bad value for 'upperdir'
[  414.686721][ T8682] netlink: 4 bytes leftover after parsing attributes in process `syz.3.645'.
[  416.273194][ T8708] netlink: 32 bytes leftover after parsing attributes in process `syz.3.654'.
[  416.894995][ T8713] loop3: detected capacity change from 0 to 64
[  417.557964][ T8720] overlay: Bad value for 'upperdir'
[  418.288319][ T8721] tmpfs: Unknown parameter 'e'
[  419.958430][ T8737] Invalid ELF header type: 0 != 1
[  422.030349][ T5840] Bluetooth: hci3: command 0x0406 tx timeout
[  422.238278][ T8750] loop5: detected capacity change from 0 to 64
[  422.581094][ T8753] tmpfs: Unknown parameter 'e'
[  426.717960][   T29] audit: type=1326 audit(1738925553.628:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8778 comm="syz.3.677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23d6d8cde9 code=0x7ffc0000
[  427.355335][   T29] audit: type=1326 audit(1738925553.628:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8778 comm="syz.3.677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23d6d8cde9 code=0x7ffc0000
[  427.469975][   T29] audit: type=1326 audit(1738925553.628:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8778 comm="syz.3.677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=89 compat=0 ip=0x7f23d6d8cde9 code=0x7ffc0000
[  427.596793][   T29] audit: type=1326 audit(1738925553.628:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8778 comm="syz.3.677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23d6d8cde9 code=0x7ffc0000
[  427.699071][   T29] audit: type=1326 audit(1738925553.628:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8778 comm="syz.3.677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23d6d8cde9 code=0x7ffc0000
[  428.082994][   T29] audit: type=1326 audit(1738925553.628:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8778 comm="syz.3.677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f23d6d8b750 code=0x7ffc0000
[  428.105970][   T29] audit: type=1326 audit(1738925553.628:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8778 comm="syz.3.677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23d6d8cde9 code=0x7ffc0000
[  428.130118][   T29] audit: type=1326 audit(1738925553.628:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8778 comm="syz.3.677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23d6d8cde9 code=0x7ffc0000
[  428.154301][   T29] audit: type=1326 audit(1738925553.628:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8778 comm="syz.3.677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f23d6d8cde9 code=0x7ffc0000
[  428.237567][   T29] audit: type=1326 audit(1738925553.628:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8778 comm="syz.3.677" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23d6d8cde9 code=0x7ffc0000
[  429.525595][ T8808] loop3: detected capacity change from 0 to 164
[  429.778938][ T8811] tmpfs: Unknown parameter 'e'
[  433.587366][  T975] usb 4-1: new full-speed USB device number 3 using dummy_hcd
[  433.662634][ T8830] loop1: detected capacity change from 0 to 512
[  433.773370][ T8830] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  433.787604][ T8830] ext4 filesystem being mounted at /147/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  434.854936][ T8842] loop4: detected capacity change from 0 to 512
[  435.087368][ T8842] EXT4-fs error (device loop4): ext4_orphan_get:1389: inode #15: comm syz.4.694: casefold flag without casefold feature
[  435.156277][ T8842] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.694: couldn't read orphan inode 15 (err -117)
[  435.203699][ T5831] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  435.287904][ T8842] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  436.437111][ T5838] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  438.173384][ T8867] overlay: Bad value for 'upperdir'
[  440.523299][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  440.530202][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  440.765372][ T8882] netlink: 4 bytes leftover after parsing attributes in process `syz.5.705'.
[  443.275692][ T8902] loop1: detected capacity change from 0 to 2048
[  443.307741][ T8903] Invalid ELF header type: 0 != 1
[  443.822090][ T8902]  loop1: p1 < > p4
[  443.884335][ T8902] loop1: p4 size 8388608 extends beyond EOD, truncated
[  444.186273][ T8913] overlay: Bad value for 'upperdir'
[  444.827762][ T5204]  loop1: p1 < > p4
[  444.911522][ T8910] Invalid ELF header type: 0 != 1
[  444.936135][ T5204] loop1: p4 size 8388608 extends beyond EOD, truncated
[  445.265677][ T8912] could not allocate digest TFM handle crct10dif
[  445.278137][ T6195] udevd[6195]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[  445.290567][ T5885] udevd[5885]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[  446.163589][ T5885] udevd[5885]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[  446.172997][ T6195] udevd[6195]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[  447.606960][ T8938] netlink: 32 bytes leftover after parsing attributes in process `syz.1.720'.
[  447.813933][ T8940] loop5: detected capacity change from 0 to 512
[  447.982026][ T8942] tmpfs: Unknown parameter 'e'
[  449.338652][ T8940] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  449.352965][ T8940] ext4 filesystem being mounted at /59/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  449.408425][ T8949] loop4: detected capacity change from 0 to 512
[  449.511367][ T7538] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  449.521265][ T8949] EXT4-fs error (device loop4): ext4_orphan_get:1389: inode #15: comm syz.4.723: casefold flag without casefold feature
[  449.543304][ T8949] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.723: couldn't read orphan inode 15 (err -117)
[  449.561874][ T8949] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  449.703314][ T8953] loop1: detected capacity change from 0 to 512
[  449.741920][ T8953] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  449.755933][ T8953] ext4 filesystem being mounted at /153/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  450.858840][ T5838] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  451.288298][ T8967] loop3: detected capacity change from 0 to 2048
[  451.299961][ T5831] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  451.547633][ T8967]  loop3: p1 < > p4
[  451.582289][ T8967] loop3: p4 size 8388608 extends beyond EOD, truncated
[  452.460168][ T5204]  loop3: p1 < > p4
[  452.478674][ T5204] loop3: p4 size 8388608 extends beyond EOD, truncated
[  453.401896][ T6195] udevd[6195]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[  453.617548][ T5885] udevd[5885]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[  453.911473][ T6195] udevd[6195]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[  453.986700][ T8993] tmpfs: Unknown parameter 'e'
[  454.623576][ T5885] udevd[5885]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[  454.997680][ T8995] overlay: Bad value for 'upperdir'
[  455.675804][ T9001] loop1: detected capacity change from 0 to 512
[  455.710022][ T9001] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  455.722919][ T9001] ext4 filesystem being mounted at /156/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  455.910189][ T9012] netlink: 4 bytes leftover after parsing attributes in process `syz.3.738'.
[  456.026235][ T9013] loop5: detected capacity change from 0 to 164
[  456.404191][ T5831] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  456.907452][  T975] usb 6-1: new full-speed USB device number 3 using dummy_hcd
[  457.155177][ T9023] tmpfs: Unknown parameter 'e'
[  458.088227][ T5849] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201'
[  458.111959][ T5849] CPU: 1 UID: 0 PID: 5849 Comm: kworker/u9:7 Not tainted 6.14.0-rc1-next-20250207-syzkaller #0
[  458.111988][ T5849] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  458.112001][ T5849] Workqueue: hci0 hci_rx_work
[  458.112026][ T5849] Call Trace:
[  458.112033][ T5849]  <TASK>
[  458.112041][ T5849]  dump_stack_lvl+0x241/0x360
[  458.112066][ T5849]  ? __pfx_dump_stack_lvl+0x10/0x10
[  458.112094][ T5849]  ? __wake_up_klogd+0xcc/0x110
[  458.112130][ T5849]  sysfs_create_dir_ns+0x2ce/0x3a0
[  458.112155][ T5849]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  458.112188][ T5849]  kobject_add_internal+0x435/0x8d0
[  458.112227][ T5849]  kobject_add+0x152/0x220
[  458.112251][ T5849]  ? do_raw_spin_unlock+0x13c/0x8b0
[  458.112272][ T5849]  ? device_add+0x3e7/0xbf0
[  458.112298][ T5849]  ? __pfx_kobject_add+0x10/0x10
[  458.112331][ T5849]  ? _raw_spin_unlock+0x28/0x50
[  458.112357][ T5849]  ? get_device_parent+0x165/0x410
[  458.112390][ T5849]  device_add+0x4e5/0xbf0
[  458.112428][ T5849]  hci_conn_add_sysfs+0xe8/0x200
[  458.112461][ T5849]  le_conn_complete_evt+0xc9f/0x12e0
[  458.112504][ T5849]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  458.112521][ T5849]  ? __mutex_unlock_slowpath+0x227/0x800
[  458.112556][ T5849]  ? skb_pull_data+0x112/0x230
[  458.112587][ T5849]  hci_le_conn_complete_evt+0x18c/0x420
[  458.112619][ T5849]  hci_event_packet+0xa55/0x1540
[  458.112644][ T5849]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  458.112674][ T5849]  ? __pfx_hci_event_packet+0x10/0x10
[  458.112700][ T5849]  ? do_raw_spin_unlock+0x13c/0x8b0
[  458.112732][ T5849]  ? hci_send_to_monitor+0xd8/0x7f0
[  458.112752][ T5849]  ? kcov_remote_start+0x97/0x7d0
[  458.112781][ T5849]  hci_rx_work+0x3f3/0xdb0
[  458.112813][ T5849]  ? process_scheduled_works+0x976/0x1840
[  458.112835][ T5849]  process_scheduled_works+0xa66/0x1840
[  458.112902][ T5849]  ? __pfx_process_scheduled_works+0x10/0x10
[  458.112940][ T5849]  ? assign_work+0x364/0x3d0
[  458.112973][ T5849]  worker_thread+0x870/0xd30
[  458.113017][ T5849]  ? __kthread_parkme+0x169/0x1d0
[  458.113045][ T5849]  ? __pfx_worker_thread+0x10/0x10
[  458.113065][ T5849]  kthread+0x7a9/0x920
[  458.113085][ T5849]  ? __pfx_kthread+0x10/0x10
[  458.113108][ T5849]  ? __pfx_worker_thread+0x10/0x10
[  458.113130][ T5849]  ? __pfx_kthread+0x10/0x10
[  458.113150][ T5849]  ? __pfx_kthread+0x10/0x10
[  458.113179][ T5849]  ? __pfx_kthread+0x10/0x10
[  458.113198][ T5849]  ? _raw_spin_unlock_irq+0x23/0x50
[  458.113217][ T5849]  ? lockdep_hardirqs_on+0x99/0x150
[  458.113237][ T5849]  ? __pfx_kthread+0x10/0x10
[  458.113262][ T5849]  ret_from_fork+0x4b/0x80
[  458.113283][ T5849]  ? __pfx_kthread+0x10/0x10
[  458.113308][ T5849]  ret_from_fork_asm+0x1a/0x30
[  458.113365][ T5849]  </TASK>
[  458.114488][ T5849] kobject: kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  458.274201][ T9024] loop3: detected capacity change from 0 to 2048
[  458.279370][ T5849] Bluetooth: hci0: failed to register connection device
[  458.737814][  T975] usb 6-1: unable to read config index 0 descriptor/start: -71
[  458.830791][  T975] usb 6-1: can't read configurations, error -71
[  458.837754][ T9024]  loop3: p1 < > p4
[  459.826924][ T9024] loop3: p4 size 8388608 extends beyond EOD, truncated
[  460.664803][ T9044] tmpfs: Unknown parameter 'e'
[  461.634394][ T6195] udevd[6195]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[  461.656824][ T5885] udevd[5885]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[  462.313175][ T9054] loop3: detected capacity change from 0 to 2048
[  462.329749][ T9054] EXT4-fs: Ignoring removed mblk_io_submit option
[  462.476949][ T9054] EXT4-fs (loop3): couldn't mount as ext2 due to feature incompatibilities
[  465.507611][ T9067] tmpfs: Unknown parameter 'e'
[  466.477632][ T5849] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[  469.857055][   T29] kauditd_printk_skb: 7 callbacks suppressed
[  469.857073][   T29] audit: type=1326 audit(1738925596.758:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9104 comm="syz.5.764" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f958c38cde9 code=0x7ffc0000
[  470.857764][   T29] audit: type=1326 audit(1738925596.758:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9104 comm="syz.5.764" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f958c38cde9 code=0x7ffc0000
[  470.876243][ T9114] Invalid ELF header type: 0 != 1
[  470.879928][    C0] vkms_vblank_simulate: vblank timer overrun
[  471.027490][   T29] audit: type=1326 audit(1738925596.758:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9104 comm="syz.5.764" exe="/root/syz-executor" sig=0 arch=c000003e syscall=89 compat=0 ip=0x7f958c38cde9 code=0x7ffc0000
[  471.050668][   T29] audit: type=1326 audit(1738925596.768:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9104 comm="syz.5.764" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f958c38cde9 code=0x7ffc0000
[  471.095320][   T29] audit: type=1326 audit(1738925596.768:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9104 comm="syz.5.764" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f958c38cde9 code=0x7ffc0000
[  472.111789][   T29] audit: type=1326 audit(1738925596.768:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9104 comm="syz.5.764" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f958c38b750 code=0x7ffc0000
[  472.157604][   T29] audit: type=1326 audit(1738925596.768:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9104 comm="syz.5.764" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f958c38cde9 code=0x7ffc0000
[  472.245251][   T29] audit: type=1326 audit(1738925596.768:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9104 comm="syz.5.764" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f958c38cde9 code=0x7ffc0000
[  472.307093][ T9110] could not allocate digest TFM handle crct10dif
[  472.319717][   T29] audit: type=1326 audit(1738925596.768:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9104 comm="syz.5.764" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f958c38cde9 code=0x7ffc0000
[  472.387320][   T29] audit: type=1326 audit(1738925596.768:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9104 comm="syz.5.764" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f958c38cde9 code=0x7ffc0000
[  472.753503][ T9131] xt_CT: You must specify a L4 protocol and not use inversions on it
[  473.168941][ T9136] netlink: 8 bytes leftover after parsing attributes in process `syz.4.773'.
[  474.185828][ T9142] loop4: detected capacity change from 0 to 512
[  474.235729][ T9142] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  474.249543][ T9142] ext4 filesystem being mounted at /172/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  475.716877][ T5838] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  475.938271][ T9159] syz.5.778: attempt to access beyond end of device
[  475.938271][ T9159] nbd5: rw=0, sector=0, nr_sectors = 1 limit=0
[  475.951692][ T9159] (syz.5.778,9159,1):ocfs2_get_sector:1714 ERROR: status = -5
[  475.959291][ T9159] (syz.5.778,9159,1):ocfs2_sb_probe:753 ERROR: status = -5
[  475.967648][ T9159] (syz.5.778,9159,1):ocfs2_fill_super:989 ERROR: superblock probe failed!
[  475.976308][ T9159] (syz.5.778,9159,1):ocfs2_fill_super:1177 ERROR: status = -5
[  476.869362][ T5840] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201'
[  476.879315][ T5840] CPU: 0 UID: 0 PID: 5840 Comm: kworker/u9:3 Not tainted 6.14.0-rc1-next-20250207-syzkaller #0
[  476.879339][ T5840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  476.879351][ T5840] Workqueue: hci3 hci_rx_work
[  476.879377][ T5840] Call Trace:
[  476.879385][ T5840]  <TASK>
[  476.879393][ T5840]  dump_stack_lvl+0x241/0x360
[  476.879421][ T5840]  ? __pfx_dump_stack_lvl+0x10/0x10
[  476.879441][ T5840]  ? __pfx__printk+0x10/0x10
[  476.879478][ T5840]  ? __kmalloc_cache_noprof+0x243/0x390
[  476.879499][ T5840]  ? sysfs_create_dir_ns+0x28a/0x3a0
[  476.879527][ T5840]  sysfs_create_dir_ns+0x2ce/0x3a0
[  476.879553][ T5840]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  476.879590][ T5840]  kobject_add_internal+0x435/0x8d0
[  476.879631][ T5840]  kobject_add+0x152/0x220
[  476.879655][ T5840]  ? do_raw_spin_unlock+0x13c/0x8b0
[  476.879677][ T5840]  ? device_add+0x3e7/0xbf0
[  476.879703][ T5840]  ? __pfx_kobject_add+0x10/0x10
[  476.879727][ T5840]  ? _raw_spin_unlock+0x28/0x50
[  476.879753][ T5840]  ? get_device_parent+0x165/0x410
[  476.879783][ T5840]  device_add+0x4e5/0xbf0
[  476.879818][ T5840]  hci_conn_add_sysfs+0xe8/0x200
[  476.879851][ T5840]  le_conn_complete_evt+0xc9f/0x12e0
[  476.879896][ T5840]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  476.879915][ T5840]  ? __mutex_unlock_slowpath+0x227/0x800
[  476.879955][ T5840]  ? skb_pull_data+0x112/0x230
[  476.880006][ T5840]  hci_le_conn_complete_evt+0x18c/0x420
[  476.880043][ T5840]  hci_event_packet+0xa55/0x1540
[  476.880071][ T5840]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  476.880104][ T5840]  ? __pfx_hci_event_packet+0x10/0x10
[  476.880130][ T5840]  ? do_raw_spin_unlock+0x13c/0x8b0
[  476.880165][ T5840]  ? hci_send_to_monitor+0xd8/0x7f0
[  476.880188][ T5840]  ? kcov_remote_start+0x97/0x7d0
[  476.880216][ T5840]  hci_rx_work+0x3f3/0xdb0
[  476.880250][ T5840]  ? process_scheduled_works+0x976/0x1840
[  476.880273][ T5840]  process_scheduled_works+0xa66/0x1840
[  476.880346][ T5840]  ? __pfx_process_scheduled_works+0x10/0x10
[  476.880385][ T5840]  ? assign_work+0x364/0x3d0
[  476.880416][ T5840]  worker_thread+0x870/0xd30
[  476.880464][ T5840]  ? __kthread_parkme+0x169/0x1d0
[  476.880494][ T5840]  ? __pfx_worker_thread+0x10/0x10
[  476.880516][ T5840]  kthread+0x7a9/0x920
[  476.880537][ T5840]  ? __pfx_kthread+0x10/0x10
[  476.880564][ T5840]  ? __pfx_worker_thread+0x10/0x10
[  476.880587][ T5840]  ? __pfx_kthread+0x10/0x10
[  476.880608][ T5840]  ? __pfx_kthread+0x10/0x10
[  476.880637][ T5840]  ? __pfx_kthread+0x10/0x10
[  476.880657][ T5840]  ? _raw_spin_unlock_irq+0x23/0x50
[  476.880676][ T5840]  ? lockdep_hardirqs_on+0x99/0x150
[  476.880697][ T5840]  ? __pfx_kthread+0x10/0x10
[  476.880722][ T5840]  ret_from_fork+0x4b/0x80
[  476.880743][ T5840]  ? __pfx_kthread+0x10/0x10
[  476.880768][ T5840]  ret_from_fork_asm+0x1a/0x30
[  476.880818][ T5840]  </TASK>
[  476.880853][ T5840] kobject: kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  477.173916][ T5840] Bluetooth: hci3: failed to register connection device
[  479.513149][ T9188] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  479.523010][ T9188] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  480.223512][ T9188] syz.4.787 (9188) used greatest stack depth: 17200 bytes left
[  480.570716][ T9200] Invalid ELF header type: 0 != 1
[  482.117720][ T9216] loop1: detected capacity change from 0 to 16
[  482.175479][ T9216] erofs (device loop1): mounted with root inode @ nid 36.
[  482.712177][ T9221] erofs (device loop1): readahead error at folio 12 @ nid 36
[  482.721044][ T9221] erofs (device loop1): readahead error at folio 10 @ nid 36
[  482.731147][ T9221] erofs (device loop1): readahead error at folio 6 @ nid 36
[  482.740063][ T9221] erofs (device loop1): readahead error at folio 4 @ nid 36
[  482.749384][ T9221] erofs (device loop1): invalid logical cluster 0 at nid 36
[  482.756758][ T9221] erofs (device loop1): readahead error at folio 0 @ nid 36
[  482.765233][ T9221] syz.1.798: attempt to access beyond end of device
[  482.765233][ T9221] loop1: rw=524288, sector=296, nr_sectors = 16 limit=16
[  482.780130][ T9221] syz.1.798: attempt to access beyond end of device
[  482.780130][ T9221] loop1: rw=524288, sector=1049264, nr_sectors = 16 limit=16
[  482.795283][ T9221] syz.1.798: attempt to access beyond end of device
[  482.795283][ T9221] loop1: rw=524288, sector=6520, nr_sectors = 16 limit=16
[  482.810485][ T9221] syz.1.798: attempt to access beyond end of device
[  482.810485][ T9221] loop1: rw=524288, sector=34359736328, nr_sectors = 16 limit=16
[  482.870025][ T9221] syz.1.798: attempt to access beyond end of device
[  482.870025][ T9221] loop1: rw=524288, sector=8, nr_sectors = 16 limit=16
[  482.884687][ T9221] syz.1.798: attempt to access beyond end of device
[  482.884687][ T9221] loop1: rw=524288, sector=720, nr_sectors = 16 limit=16
[  482.899800][ T9221] syz.1.798: attempt to access beyond end of device
[  482.899800][ T9221] loop1: rw=524288, sector=536576856, nr_sectors = 16 limit=16
[  484.387978][ T5840] Bluetooth: hci3: command 0x0406 tx timeout
[  486.885605][ T9244] loop4: detected capacity change from 0 to 128
[  486.973694][ T9244] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  486.986698][ T9244] ext4 filesystem being mounted at /180/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  487.000098][ T9244] netlink: 'syz.4.803': attribute type 16 has an invalid length.
[  487.008145][ T9244] netlink: 'syz.4.803': attribute type 3 has an invalid length.
[  487.015810][ T9244] netlink: 24858 bytes leftover after parsing attributes in process `syz.4.803'.
[  487.690702][ T5838] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  493.661630][ T9306] netlink: 4 bytes leftover after parsing attributes in process `syz.3.820'.
[  493.944796][ T9311] loop4: detected capacity change from 0 to 16
[  494.057501][ T9311] erofs (device loop4): mounted with root inode @ nid 36.
[  494.936158][ T9318] erofs (device loop4): readahead error at folio 12 @ nid 36
[  494.943911][ T9318] erofs (device loop4): readahead error at folio 10 @ nid 36
[  494.951727][ T9318] erofs (device loop4): readahead error at folio 6 @ nid 36
[  494.959124][ T9318] erofs (device loop4): readahead error at folio 4 @ nid 36
[  494.966710][ T9318] erofs (device loop4): invalid logical cluster 0 at nid 36
[  494.974087][ T9318] erofs (device loop4): readahead error at folio 0 @ nid 36
[  494.981613][ T9318] syz.4.822: attempt to access beyond end of device
[  494.981613][ T9318] loop4: rw=524288, sector=296, nr_sectors = 16 limit=16
[  494.995447][ T9318] syz.4.822: attempt to access beyond end of device
[  494.995447][ T9318] loop4: rw=524288, sector=1049264, nr_sectors = 16 limit=16
[  495.009617][ T9318] syz.4.822: attempt to access beyond end of device
[  495.009617][ T9318] loop4: rw=524288, sector=6520, nr_sectors = 16 limit=16
[  495.026138][ T9318] syz.4.822: attempt to access beyond end of device
[  495.026138][ T9318] loop4: rw=524288, sector=34359736328, nr_sectors = 16 limit=16
[  495.041046][ T9318] syz.4.822: attempt to access beyond end of device
[  495.041046][ T9318] loop4: rw=524288, sector=8, nr_sectors = 16 limit=16
[  495.054626][ T9318] syz.4.822: attempt to access beyond end of device
[  495.054626][ T9318] loop4: rw=524288, sector=720, nr_sectors = 16 limit=16
[  495.070089][ T9318] syz.4.822: attempt to access beyond end of device
[  495.070089][ T9318] loop4: rw=524288, sector=536576856, nr_sectors = 16 limit=16
[  496.150681][ T9326] loop1: detected capacity change from 0 to 128
[  496.218129][ T9327] loop5: detected capacity change from 0 to 512
[  496.300735][ T9327] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  496.313763][ T9327] ext4 filesystem being mounted at /78/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  496.612486][ T9326] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  496.669706][ T9326] ext4 filesystem being mounted at /173/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  497.204102][ T9342] tmpfs: Unknown parameter 'e'
[  497.527864][ T7538] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  497.684717][ T5831] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  497.939012][ T9347] loop3: detected capacity change from 0 to 1024
[  497.953700][ T9347] EXT4-fs: Ignoring removed oldalloc option
[  497.960158][ T9347] ext4: Unknown parameter 'dont_appraise'
[  498.077872][ T9347] loop3: detected capacity change from 0 to 256
[  500.877832][ T9367] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  500.887464][ T9367] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  501.873375][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  501.880070][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  501.972983][ T9371] loop3: detected capacity change from 0 to 512
[  502.038941][ T9371] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  502.143742][ T9371] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002]
[  502.283039][ T9371] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2240: inode #15: comm syz.3.837: corrupted in-inode xattr: e_value size too large
[  502.349396][ T9371] EXT4-fs error (device loop3): ext4_orphan_get:1394: comm syz.3.837: couldn't read orphan inode 15 (err -117)
[  502.413291][ T9371] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  503.683448][ T9390] netlink: 180 bytes leftover after parsing attributes in process `syz.0.842'.
[  503.900608][ T9393] loop4: detected capacity change from 0 to 1024
[  503.916070][ T5846] ------------[ cut here ]------------
[  503.923134][ T5846] bad length passed for symlink [/tmp/syz-imagegen2884317625/] (got 39, expected 29)
[  503.955660][ T9393] EXT4-fs: Ignoring removed orlov option
[  503.992979][ T5846] WARNING: CPU: 0 PID: 5846 at ./include/linux/fs.h:803 inode_set_cached_link+0xd0/0x110
[  504.003057][ T5846] Modules linked in:
[  504.003877][ T9393] EXT4-fs (loop4): VFS: Can't find ext4 filesystem
[  504.008087][ T5846] CPU: 0 UID: 0 PID: 5846 Comm: syz-executor Not tainted 6.14.0-rc1-next-20250207-syzkaller #0
[  504.008127][ T5846] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  504.008144][ T5846] RIP: 0010:inode_set_cached_link+0xd0/0x110
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=-1 (errno 104: Connection reset by peer)
[  504.044022][ T5846] Code: 41 5f 5d c3 cc cc cc cc e8 4d e6 43 ff c6 05 eb 29 8a 0d 01 90 48 c7 c7 60 df 1d 8c 4c 89 f6 44 89 fa 89 e9 e8 41 8d 04 ff 90 <0f> 0b 90 90 e9 6a ff ff ff 89 f9 80 e1 07 80 c1 03 38 c1 7c a1 e8
[  504.064084][ T5846] RSP: 0018:ffffc9000419f698 EFLAGS: 00010246
[  504.070584][ T5846] RAX: 4ee96c951bb6b300 RBX: ffff888078faefa8 RCX: ffff888035bf3c00
[  504.078680][ T5846] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  504.086680][ T5846] RBP: 000000000000001d R08: ffffffff81803292 R09: 1ffff110170e519a
[  504.094810][ T5846] R10: dffffc0000000000 R11: ffffed10170e519b R12: ffff888078faefa8
[  504.102940][ T5846] R13: dffffc0000000000 R14: ffff888078faecf8 R15: 0000000000000027
[  504.111009][ T5846] FS:  0000555577639500(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[  504.120072][ T5846] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  504.127530][ T5846] CR2: 000000110c2cacfd CR3: 000000006013e000 CR4: 00000000003526f0
[  504.136232][ T5846] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  504.144356][ T5846] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  504.152714][ T5846] Call Trace:
[  504.156291][ T5846]  <TASK>
[  504.159315][ T5846]  ? __warn+0x165/0x4d0
[  504.163494][ T5846]  ? inode_set_cached_link+0xd0/0x110
[  504.168962][ T5846]  ? report_bug+0x2b3/0x500
[  504.173517][ T5846]  ? inode_set_cached_link+0xd0/0x110
[  504.179007][ T5846]  ? handle_bug+0x60/0x90
[  504.183365][ T5846]  ? exc_invalid_op+0x1a/0x50
[  504.188345][ T5846]  ? asm_exc_invalid_op+0x1a/0x20
[  504.193448][ T5846]  ? __warn_printk+0x292/0x360
[  504.198333][ T5846]  ? inode_set_cached_link+0xd0/0x110
[  504.203779][ T5846]  ? inode_set_cached_link+0xcf/0x110
[  504.209238][ T5846]  __ext4_iget+0x2ea4/0x3f30
[  504.213854][ T5846]  ? __pfx_lock_release+0x10/0x10
[  504.219038][ T5846]  ? __pfx___ext4_iget+0x10/0x10
[  504.224039][ T5846]  ? ext4_fname_free_filename+0x89/0xb0
[  504.230479][ T5846]  ? rcu_is_watching+0x15/0xb0
[  504.235272][ T5846]  ? ext4_fname_free_filename+0x89/0xb0
[  504.241609][ T5846]  ? kfree+0x4e/0x430
[  504.245645][ T5846]  ext4_lookup+0x3e3/0x750
[  504.250169][ T5846]  ? __pfx_ext4_lookup+0x10/0x10
[  504.255484][ T5846]  ? __init_waitqueue_head+0xae/0x150
[  504.261253][ T5846]  __lookup_slow+0x296/0x400
[  504.265894][ T5846]  ? __pfx___lookup_slow+0x10/0x10
[  504.271206][ T5846]  ? lookup_fast+0x1a8/0x5a0
[  504.275872][ T5846]  lookup_slow+0x53/0x70
[  504.280276][ T5846]  walk_component+0x2eb/0x410
[  504.284987][ T5846]  path_lookupat+0x169/0x440
[  504.289693][ T5846]  filename_lookup+0x2a6/0x670
[  504.294489][ T5846]  ? __virt_addr_valid+0x183/0x530
[  504.299721][ T5846]  ? __pfx_filename_lookup+0x10/0x10
[  504.305088][ T5846]  ? strncpy_from_user+0x146/0x270
[  504.310331][ T5846]  ? getname_flags+0x1e3/0x530
[  504.315136][ T5846]  user_path_at+0x3a/0x60
[  504.319592][ T5846]  __x64_sys_umount+0xee/0x170
[  504.324440][ T5846]  ? __pfx___x64_sys_umount+0x10/0x10
[  504.330698][ T5846]  ? do_syscall_64+0x100/0x230
[  504.336204][ T5846]  ? do_syscall_64+0xb6/0x230
[  504.341091][ T5846]  do_syscall_64+0xf3/0x230
[  504.345636][ T5846]  ? clear_bhb_loop+0x35/0x90
[  504.350467][ T5846]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  504.356741][ T5846] RIP: 0033:0x7f23d6d8e117
[  504.361545][ T5846] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  504.381327][ T5846] RSP: 002b:00007ffc4e4f2878 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  504.389894][ T5846] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f23d6d8e117
[  504.398053][ T5846] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc4e4f2930
[  504.406097][ T5846] RBP: 00007ffc4e4f2930 R08: 0000000000000000 R09: 0000000000000000
[  504.414165][ T5846] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc4e4f3a20
[  504.422279][ T5846] R13: 00007f23d6e0e08c R14: 000000000007aee8 R15: 00007ffc4e4f5be0
[  504.430658][ T5846]  </TASK>
[  504.434418][ T5846] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  504.441733][ T5846] CPU: 0 UID: 0 PID: 5846 Comm: syz-executor Not tainted 6.14.0-rc1-next-20250207-syzkaller #0
[  504.452091][ T5846] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  504.462170][ T5846] Call Trace:
[  504.465450][ T5846]  <TASK>
[  504.468374][ T5846]  dump_stack_lvl+0x241/0x360
[  504.473052][ T5846]  ? __pfx_dump_stack_lvl+0x10/0x10
[  504.478250][ T5846]  ? __pfx__printk+0x10/0x10
[  504.482877][ T5846]  ? vscnprintf+0x5d/0x90
[  504.487218][ T5846]  panic+0x349/0x880
[  504.491129][ T5846]  ? __warn+0x174/0x4d0
[  504.495289][ T5846]  ? __pfx_panic+0x10/0x10
[  504.499731][ T5846]  __warn+0x344/0x4d0
[  504.503721][ T5846]  ? inode_set_cached_link+0xd0/0x110
[  504.509099][ T5846]  report_bug+0x2b3/0x500
[  504.513431][ T5846]  ? inode_set_cached_link+0xd0/0x110
[  504.518808][ T5846]  handle_bug+0x60/0x90
[  504.522963][ T5846]  exc_invalid_op+0x1a/0x50
[  504.527462][ T5846]  asm_exc_invalid_op+0x1a/0x20
[  504.532308][ T5846] RIP: 0010:inode_set_cached_link+0xd0/0x110
[  504.538288][ T5846] Code: 41 5f 5d c3 cc cc cc cc e8 4d e6 43 ff c6 05 eb 29 8a 0d 01 90 48 c7 c7 60 df 1d 8c 4c 89 f6 44 89 fa 89 e9 e8 41 8d 04 ff 90 <0f> 0b 90 90 e9 6a ff ff ff 89 f9 80 e1 07 80 c1 03 38 c1 7c a1 e8
[  504.557905][ T5846] RSP: 0018:ffffc9000419f698 EFLAGS: 00010246
[  504.563973][ T5846] RAX: 4ee96c951bb6b300 RBX: ffff888078faefa8 RCX: ffff888035bf3c00
[  504.571947][ T5846] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  504.579914][ T5846] RBP: 000000000000001d R08: ffffffff81803292 R09: 1ffff110170e519a
[  504.587881][ T5846] R10: dffffc0000000000 R11: ffffed10170e519b R12: ffff888078faefa8
[  504.595852][ T5846] R13: dffffc0000000000 R14: ffff888078faecf8 R15: 0000000000000027
[  504.603829][ T5846]  ? __warn_printk+0x292/0x360
[  504.608609][ T5846]  ? inode_set_cached_link+0xcf/0x110
[  504.613983][ T5846]  __ext4_iget+0x2ea4/0x3f30
[  504.618571][ T5846]  ? __pfx_lock_release+0x10/0x10
[  504.623618][ T5846]  ? __pfx___ext4_iget+0x10/0x10
[  504.628558][ T5846]  ? ext4_fname_free_filename+0x89/0xb0
[  504.634099][ T5846]  ? rcu_is_watching+0x15/0xb0
[  504.638861][ T5846]  ? ext4_fname_free_filename+0x89/0xb0
[  504.644406][ T5846]  ? kfree+0x4e/0x430
[  504.648393][ T5846]  ext4_lookup+0x3e3/0x750
[  504.652812][ T5846]  ? __pfx_ext4_lookup+0x10/0x10
[  504.657862][ T5846]  ? __init_waitqueue_head+0xae/0x150
[  504.663242][ T5846]  __lookup_slow+0x296/0x400
[  504.667836][ T5846]  ? __pfx___lookup_slow+0x10/0x10
[  504.672963][ T5846]  ? lookup_fast+0x1a8/0x5a0
[  504.677557][ T5846]  lookup_slow+0x53/0x70
[  504.681802][ T5846]  walk_component+0x2eb/0x410
[  504.686482][ T5846]  path_lookupat+0x169/0x440
[  504.691080][ T5846]  filename_lookup+0x2a6/0x670
[  504.695847][ T5846]  ? __virt_addr_valid+0x183/0x530
[  504.700968][ T5846]  ? __pfx_filename_lookup+0x10/0x10
[  504.706279][ T5846]  ? strncpy_from_user+0x146/0x270
[  504.711397][ T5846]  ? getname_flags+0x1e3/0x530
[  504.716160][ T5846]  user_path_at+0x3a/0x60
[  504.720490][ T5846]  __x64_sys_umount+0xee/0x170
[  504.725257][ T5846]  ? __pfx___x64_sys_umount+0x10/0x10
[  504.730634][ T5846]  ? do_syscall_64+0x100/0x230
[  504.735403][ T5846]  ? do_syscall_64+0xb6/0x230
[  504.740191][ T5846]  do_syscall_64+0xf3/0x230
[  504.744708][ T5846]  ? clear_bhb_loop+0x35/0x90
[  504.749396][ T5846]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  504.755290][ T5846] RIP: 0033:0x7f23d6d8e117
[  504.759703][ T5846] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  504.779310][ T5846] RSP: 002b:00007ffc4e4f2878 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  504.787727][ T5846] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f23d6d8e117
[  504.795697][ T5846] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc4e4f2930
[  504.803663][ T5846] RBP: 00007ffc4e4f2930 R08: 0000000000000000 R09: 0000000000000000
[  504.811630][ T5846] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc4e4f3a20
[  504.819593][ T5846] R13: 00007f23d6e0e08c R14: 000000000007aee8 R15: 00007ffc4e4f5be0
[  504.827574][ T5846]  </TASK>
[  504.830849][ T5846] Kernel Offset: disabled
[  504.835166][ T5846] Rebooting in 86400 seconds..