last executing test programs:

2m31.565874667s ago: executing program 3 (id=318):
write$rfkill(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x4, 0x1}, 0x8)

2m31.305213699s ago: executing program 3 (id=321):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)={0x1c, 0x3, 0x1, 0x201, 0x0, 0x0, {}, [@CTA_TUPLE_REPLY={0x4}, @CTA_FILTER={0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x2400c804}, 0x800)

2m30.107851988s ago: executing program 3 (id=324):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
add_key(&(0x7f0000000080)='asymmetric\x00', 0x0, &(0x7f0000000980)='S', 0x1, 0xfffffffffffffffe)

2m30.024636629s ago: executing program 3 (id=325):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000003, 0x4008032, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000280)={[{@i_version}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@auto_da_alloc}, {@errors_remount}, {@quota}]}, 0x3, 0x437, &(0x7f0000000400)="$eJzs28tvG0UYAPBv7aTvUlOVR9MCgYKIeCRNWkoPXEAgcQAJCQ7lGJK0CnUb1ASJVhEEhMoRVeKOOCLxF3CCCwJOSFzhjipVKJcWTkZr7ya2sdPE2HGLfz9pk5ndcWY+7449O5MNYGCNpj+SiH0R8VtEHKhlGwuM1n7dWl2e+Wt1eSaJSuXNP5NquZuryzN50fx1e/PMUETh0ySOtKh38fKV89Pl8tylLD+xdOG9icXLV56dvzB9bu7c3MWp06dPnph8/tTUc12JM43r5siHC0cPv/r2tddnzlx756dvkjz+pji6ZHSjg09UKl2urr/216WToT42hC0p1rppDFf7/4EoxvrJOxCvfNLXxgE9ValUKve3P7xSAf7Hkuh3C4D+yL/o0/vffNumoccd4caLtRugNO5b2VY7MhSFrMxw0/1tN41GxJmVv79Mt+jNPAQAQIPv0vHPM63Gf4Wonxe6J1tDKUXEvRFxMCJORcShiLgvolr2gYh4cIv1Ny+S/Hv8U7jeUWCblI7/XsjWthrHf/noL0rFLLe/OhJMleeOZ+/JWAzvPDtfnpvcoI7vX/7183bH6sd/6ZbWn48Fs3ZcH9rZ+JrZ6aXpTuNtduPjiJGhVvEnaysBSUQcjoiRDuuYf+rro+2O3T7+DXRhnanyVcSTtfO/Ek3x55KN1ycndqXXw0R6FRxvWcfPv1x9o139/yn+LkjP/56W1/9a/KWkfr12cet1XP39s7b3NJ1e/zuStxr2fTC9tHRpMmJH8lqt0fX7p+rKpZ15ar18Gv/Ysdb9/2CsvxNHIiK9iB+KiIcj4pGs7Y9GxGMRcWyD+H986fF3O4+/t9L4Z7d0/tcTO6J5T+tE8fwP3zZUWtpK/On5P1lNjWV7NvP5t5l2dXY1AwAAwN2nEBH7IimMr6ULhfHx2v/wH4o9hfLC4tLTZxfevzhbe0agFMOFfKarNh88nOTzn6W6/FRT/kQ2b/xFcXc1Pz6zUJ7td/Aw4Pa26f+pP4r9bh3Qc57XgsGl/8Pg0v9hcOn/MLha9P/d/WgHsP1aff9/1Id2ANuvqf9b9oMB4v4fBpf+D4NL/4eBtLg7bv+QvMRdnNgVvfnLUbhDApToSaLfn0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADd8U8AAAD//7Rx420=")
lsetxattr$system_posix_acl(0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="02000000010000000000000002000000", @ANYRES32=0xee01], 0x5c, 0x0)
r0 = socket(0x2000000000000021, 0x2, 0x10000000000002)
r1 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r1, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @private}}, 0x80, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18}, 0x0)
dup2(r1, r0)
connect$rxrpc(r0, &(0x7f0000000240)=@in6={0x21, 0x2, 0x2, 0x1c, {0xa, 0x4e22, 0x9, @local, 0x1a9}}, 0x24)
sendmmsg(r0, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000100100000100000024"], 0x18, 0xe000}, 0x5}, {{0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18, 0x500}}], 0x2, 0x0)
chdir(&(0x7f0000000000)='./file0\x00')
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
lseek(r2, 0x81, 0x0)
getdents64(r2, 0x0, 0x22)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
syz_clone(0x20300000, 0x0, 0x0, 0x0, 0x0, 0x0)

2m27.318962548s ago: executing program 3 (id=337):
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
bpf$MAP_CREATE(0x1900000000000000, &(0x7f00000004c0)=@base={0x1b, 0x0, 0x0, 0x2000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000440)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000005c0)='kfree\x00', r0}, 0x18)
socket$igmp6(0xa, 0x3, 0x3a)
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
socket$nl_route(0x10, 0x3, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r2=>0x0})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0xe, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r4}, &(0x7f0000000240), &(0x7f00000003c0)=r6}, 0x20)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r5, r2, 0x25, 0x2, @void}, 0x10)
syz_emit_ethernet(0x15, &(0x7f0000000300)={@random="6ea88d319b8c", @multicast, @val={@void, {0x8100, 0x0, 0x1, 0x4}}, {@x25={0x805, {0x0, 0x1, 0x5e25ed804c4cd5b4}}}}, 0x0)

2m21.822181159s ago: executing program 3 (id=367):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000130000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r0}, &(0x7f0000000280), &(0x7f00000002c0)=r1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)

2m21.465888482s ago: executing program 32 (id=367):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000130000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r0}, &(0x7f0000000280), &(0x7f00000002c0)=r1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)

2m3.402561984s ago: executing program 1 (id=457):
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000001240)='./file0\x00', 0x10, &(0x7f0000000a80)=ANY=[@ANYBLOB="00e789da34e04a1ffbc2f05cefeb4ee6d5ae1071124b2c2fb684f5c7ac05000000c7880f67e775c748f6381a3e01e7f93330b30b90bbb4d2b697899a16f2df4fa2a8f06ac2c5352ddcae2b83672ef3d9f532e55f4e798924ac6332751e737383f6890d2dcfcbdbd41940a64c7b4374674e7bb6dd0d1b8d3d62f6d77b0282e166e2ce4c353d2d4d315a81146bf46a1508ef0d2ddc7d0b447fe17b85b292d13cea2256a16cab12d75a852bc680da7ea837480feb2e0500001e0000000000003bc18c52d0351cd285197b0641569048b5b416ba1c570000000000100083794afff0a9eed63b1226b18c4b455ab222d7ae1be52a22e8ec8bf2c0c7d99770415863f50aa18bcb66061a29bc55105f3482ed752f882d224a386b51836c1b437036b677156e22e174ff516dbab0b2cdf52bee43c4ffffffffffffffffd9487b8663a339b98df63b4bf3e97f02d6f1e7e65f968dd90841506355d9ac40f1b434c8a9b5bd91a70c53a5aadbebd9ed9d0a55bd47a967163e0c02753f8895bfbf1b41b5490667c241068d59983ae1d0f03e650f5357425284b76d793e25a2558fa437e38b8200000000630000000000000000000000000000000000000000000000e911000000000066e073c14bb74617079e0b6ecfc830db14244567fd8f4e4e5903eaf983786e28295783f130b95dc37f59a658000e88047db7783ce8a9cba6c255902cfb83946ea3f5f7a8cee911b2b37ae4b01e65ea86d5ea7ae17b2a9bc250c9b8fc9fbc04617939bdd13457954172d18701768f8a461bee740f2d82ae566d2e30a93ad2b201a6d16a93c75a950cc437e7f25d3aadddb8edd028d84490b6bafd636aa4fb482a8a4b3987dafe58e742448c4b36b03790090198145dee533257bb9050554f8cace210a5bc5c768f83e99019f7c00ff9ca679768dbba3f7d21c545c99c2f7688f7030fe37121d625d1f81018feb74c9d48eebdf1702550b097271ab9bd38c62f4b31fd9482c05ba0", @ANYRES16], 0x1, 0x11dc, &(0x7f0000001280)="$eJzs3MGLG1UcB/Bf19rW1N2sWqstiA+96GVo9uBFL0G2IA0obSO0gjB1JxoyJiETFiJi9eTVv0M8ehPEm1724t/gbS8eexBHTNR2l3hYdDewfD6X/OD3vuQ9BgbeMG/23/jq40Gvynr5NNbOnIm1cUR6kCLFWvzt83j19R9/euHWnbs32p3O9s2Urrdvt15LKW28+P17n37z0g/Ti+9+u/Hd+djbfH//161f9i7vXdn//fZH/Sr1qzQcTVOe7o1G0/xeWaSdfjXIUnqnLPKqSP1hVUwO9HvlaDyepXy4s94YT4qqSvlwlgbFLE1HaTqZpfzDvD9MWZal9UbwX3S/flDXdURdPx7noq7r+oloxMV4MtZjI5qxGU/F0/FMXIpn43I8F8/HlfmoVc8bAAAAAAAAAAAAAAAAAAAAThfn/wEAAAAAAAAAAAAAAAAAAGD1bt25e6Pd6WzfTOlCRPnlbne3u/hd9Nu96EcZRVyLZvwW89P/C4v6+lud7WtpbjO+KO//lb+/233sYL41/5zA0nxrkU8H8+ej8Wh+K5pxaXl+a2n+Qrzy8iP5LJrx8wcxijJ24s/sw/xnrZTefLtzKH91Pg4AAABOgyz9Y+n+Pcv+rb/IH+H5wKH99dm4ena1ayeimn0yyMuymBxbcS6O/S8UCsX/XKz6zsRJeHjRVz0TAAAAAAAAAAAAjuIkXidc9RoBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA/2IFjAQAAAABh/tZpdGwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBVAAAA//8xgdSv")
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000180), r0)
sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000a00)=ANY=[@ANYBLOB="14010000", @ANYRES16=r1, @ANYBLOB="cd3c000000000200000001000000ce00010043ecf8a077157cd8bc73e1b93314cdcbb6b9bb84e5bcdb7f9af2eacc913a7640e8332d1daa67516c7f094b740c631f175dd5d0f0a8ebd2679204020b006f64e62cd3404917f3be657330adc6bf2f2ab6286f91741293554bf4406edcdc8a3779814659bebb63d2c301a5e2568cb3696d7ed256da47bd6246c86e86ac9cfbdae22622b43a13e9096385b4cb17bf6d8436e77f709e436462ad3ba28f73bf36e8e32e548029e220d60a9d3d7e3de5dc9007f04d9c3c932faf89062b965db52beeff385e442adbb8d87480d4000008000200"], 0x114}, 0x1, 0x0, 0x0, 0x20084880}, 0x0)

2m2.995747327s ago: executing program 1 (id=461):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x18)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket(0x10, 0x803, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
recvmsg(r2, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r3, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='contention_end\x00', r4}, 0x10)
r5 = getpid()
syz_pidfd_open(r5, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000d40)={<r6=>0xffffffffffffffff})
sendmsg$inet(r6, &(0x7f0000000b00)={0x0, 0xf22fff7f, &(0x7f0000000180)=[{&(0x7f0000000080)="31de76fb398bc62d058b8a96924594f5476a0824be53f7a5949f80614c42391e4b80412938c955d34d37eb96ba7849c3eb823bb36724bd6f6d0219cfe5c884afcd2bdea5acf9c877c03dcdbbb3e47417b6707c27d4c5c1db1924071f6b6f23c7d199c799c9b0c41101e625fcdb7bbfd12a3eeeef4540a5698f058aaf6a141e5d333929b92a7f64e925bf0ef424c3ef29fcd5fd4721c547fde6abe4d47048b64511693624b0d786711abe4a66e250fcbfe95ac9037e58f331b26b6ed0d08e5c73ba4c49", 0xc00e}], 0x9, &(0x7f00000001c0)=[@ip_tos_int={{0x7ff4d4260000}}, @ip_ttl={{0x14}}, @ip_ttl={{0x14}}, @ip_tos_u8={{0x11}}, @ip_tos_u8={{0x11, 0x2}}, @ip_retopts={{0x0, 0x0, 0x7, {[@lsrr, @generic={0x0, 0x0, "96"}, @generic={0x0, 0x0, "206a77bdd1a004129054e7704a"}]}}}], 0xf}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20008000}, 0x4040)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x40000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0xfffffffffffffffe}, 0x18)

2m1.551390648s ago: executing program 0 (id=470):
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)

2m1.486470068s ago: executing program 1 (id=472):
r0 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r2}, 0x18)
sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="0100000000000000000009000000440003800800010002000000140002007663616e30000000000000000000000008000300000000001400"], 0x58}}, 0x0)

2m1.371216959s ago: executing program 0 (id=473):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events.local\x00', 0x275a, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002300000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cgroup.controllers\x00', 0x275a, 0x0)
read$FUSE(r0, &(0x7f0000001740)={0x2020}, 0x2020)
flistxattr(r1, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = socket(0x10, 0x3, 0x0)
write(r5, 0x0, 0x0)
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)

2m1.24676451s ago: executing program 1 (id=475):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x19, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000eef890ef000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa4000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='timer_start\x00', r1}, 0x18)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
readv(r3, &(0x7f0000001340)=[{&(0x7f0000000580)=""/148, 0x94}], 0x1)

2m0.213683358s ago: executing program 0 (id=477):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYRES64, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa20000000000000702"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80000)
write$P9_RVERSION(r1, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000280)=ANY=[@ANYBLOB='S\x00\x00\x00\a\x00\x00F\x00', @ANYBLOB="a4d1c56c30ee842649d8fc3082d1287c39ca92e5302563debbd8ded9248351fbc24dcd"], 0x53)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000080)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}})

2m0.112943418s ago: executing program 1 (id=478):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kfree\x00'}, 0x18)
bind$rds(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x18)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[], 0x7c}}, 0x0)
syz_open_dev$vcsn(0x0, 0x40008000, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket(0x28, 0x5, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000000050005000200000c12000300686173683a6e65742c706f7274"], 0x4c}}, 0x2)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=ANY=[@ANYBLOB="50000000090601020000000000000000020000000900020073797a31000000000500010007000000280007800c00018008000140ffffffff0500070084000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)

1m59.81898684s ago: executing program 0 (id=479):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="02000000040000"], 0x50)
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180), 0x0, 0x0, 0x0, 0x7400}, 0x48090)

1m59.8185381s ago: executing program 1 (id=480):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r3=>0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r4)
sendmsg$NFC_CMD_DEV_UP(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001c80)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="010000000000000000000200000008000100", @ANYRES32=r3], 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x0)
write$nci(r0, &(0x7f0000005c40)=ANY=[@ANYBLOB="6103057f030603f93677ff6fcad8cf254cac"], 0x12)

1m59.681101332s ago: executing program 0 (id=482):
r0 = syz_open_dev$evdev(&(0x7f0000000180), 0xb, 0x900)
ioctl$EVIOCRMFF(r0, 0x40044581, 0x0)

1m59.482913643s ago: executing program 0 (id=484):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x602, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000040)="93d90400000300", 0x7}, {&(0x7f0000000140)="13146000000370", 0x7}], 0x7)

1m44.520093343s ago: executing program 33 (id=480):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r3=>0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r4)
sendmsg$NFC_CMD_DEV_UP(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001c80)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="010000000000000000000200000008000100", @ANYRES32=r3], 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x0)
write$nci(r0, &(0x7f0000005c40)=ANY=[@ANYBLOB="6103057f030603f93677ff6fcad8cf254cac"], 0x12)

1m44.461014453s ago: executing program 34 (id=484):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x602, 0x0)
writev(r1, &(0x7f0000000440)=[{&(0x7f0000000040)="93d90400000300", 0x7}, {&(0x7f0000000140)="13146000000370", 0x7}], 0x7)

21.250376294s ago: executing program 4 (id=904):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000a850000000f000000850000009e00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x4c, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
connect$unix(0xffffffffffffffff, &(0x7f0000000840)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000240000"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r1}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x11, 0x0, 0xfffff000, 0x8000, 0x0, 0xffffffffffffffff, 0x10, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
sendmsg$IPCTNL_MSG_CT_GET(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000280)=ANY=[@ANYBLOB="44000000010101010000000000000000020000002400018014000180080001007f007ea770aa11756dd600000c00028005130100010000000c001980080001"], 0x44}}, 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000800), 0x101007, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x2, [@func_proto={0x0, 0x0, 0x0, 0x9, 0x3}, @func_proto, @const={0x0, 0x0, 0x0, 0xa, 0x2}]}}, &(0x7f0000000100)=""/223, 0x3e, 0xdf, 0x1, 0x0, 0x0, @void, @value}, 0x20)
read$FUSE(0xffffffffffffffff, &(0x7f0000002080)={0x2020}, 0x2020)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x800714, &(0x7f0000000000)={[{@nobarrier}]}, 0xff, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=")
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x10)
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}, {@nfs_export_on}], [], 0x2c})

21.173670305s ago: executing program 5 (id=906):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='timer_start\x00'}, 0x18)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
readv(r1, &(0x7f0000001340)=[{&(0x7f0000000580)=""/148, 0x94}], 0x1)

20.816201227s ago: executing program 4 (id=908):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff00000000000000", @ANYRES32=0x1, @ANYRES32], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r3}, 0x0, &(0x7f00000002c0)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
timer_create(0x0, 0x0, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
socket$inet6(0xa, 0x2, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000140)=ANY=[@ANYBLOB="5800000055003d0926bd70000200000007000000", @ANYBLOB="200002", @ANYRES32=0x0, @ANYBLOB="00010100"/18, @ANYBLOB], 0x58}}, 0x80)
sendmsg$TIPC_NL_LINK_SET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000140)=ANY=[], 0x50}}, 0x0)

19.680181556s ago: executing program 5 (id=911):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
ioctl$TCSETS(r0, 0x5402, &(0x7f0000000240)={0x1, 0x10, 0x5, 0x100, 0xd, "f4cb8263142b68b545190e3b30a9cb5fff7954"})
r1 = getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x679fd000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000800)={{{@in6=@mcast1, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0}}, {{@in6=@local}, 0x0, @in6=@empty}}, &(0x7f0000000440)=0xe8)
stat(&(0x7f0000000480)='./file0\x00', 0x0)
sendmmsg$unix(r2, &(0x7f0000000a00)=[{{&(0x7f0000000300)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000280)=[{&(0x7f0000000540)="9296504d246b98022d0a180ca4f9bd8c120412bfcbf0bab4f070b35651461bb71a17215c1ce74fdbf4a9e885837b8895f89a7d57f6748cb4898b3dccd33798583cc1a0c33873c46fad87c41b0f39e0310436fd84893ec8f67fbb4c149c73e76b1b639168273ff0689602e50d5bceb6b542f9f1024778397494954b675cd92ef02524ca15d34d545db38bf8e3c171197cc320f4d0c2548eb2ab28e7dcb40898b82495a941491bbc1e443f01b9b3820ad2bbba941ecabf9f29e3b19c4950dbe00d4bb0c0f58634778047e796a80d77234606b97f8d8702eb1f5cf1ebf132f5811aa478fc0a6276aa6646cdd792de11d35a512c", 0xf2}, {&(0x7f00000001c0)="9ea493195e018d35b6e69cb82b2ab5", 0xf}, {&(0x7f0000000640)="085c7933b1217349b2ca452bef493b778f0372537e349d5984e7c931c8a6527ea83a360244fbf4b6e78c8ea0183a572244ece03aed05a0d80ad046847b6d814b87f833f81be4ba1c98fd8ae986c24380fca3d3746a95c5c71b7948d8cfe408ebe95805cef6e329598186f8d32338", 0x6e}, {&(0x7f0000000740)}], 0x4, &(0x7f0000000980)=[@cred={{0x1c, 0x1, 0x2, {r1}}}, @cred={{0x1c, 0x1, 0x2, {r1, r5}}}, @rights={{0x20, 0x1, 0x1, [r4, r4, r2, r2]}}], 0x60, 0x24801}}], 0x1, 0x2000c000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
r6 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCFLSH(r6, 0x5608, 0x0)

19.629582536s ago: executing program 4 (id=912):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001200)=ANY=[@ANYBLOB="140000001000010000000000000000000300000a5c000000060a0b04000000000000000002000000300004802c0001800b0001006e756d67656e00001c0002800800014000000014080003400000d74aeba50240000000000900010073797a30000000000900020073797a32"], 0x84}}, 0x0)

19.486759117s ago: executing program 4 (id=913):
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x2, 0x0)
sendmsg$SMC_PNETID_GET(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000180)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@newlink={0x38, 0x10, 0x437, 0x0, 0x0, {0x0, 0x0, 0x0, r3, 0x50483}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x4}}}]}, 0x38}}, 0x0)
sendmmsg$inet(r0, &(0x7f00000017c0)=[{{&(0x7f0000000200)={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @empty, @private=0xa010100}}}], 0x20}}], 0x1, 0x0)

19.424810048s ago: executing program 4 (id=914):
gettid()
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
futex(0x0, 0xd, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000)=0x2000000, 0x300)
futex(0x0, 0xc, 0x1, 0x0, &(0x7f0000048000)=0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$UHID_CREATE(r0, &(0x7f0000002a00)={0x0, {'syz0\x00', 'syz1\x00', 'syz0\x00', &(0x7f00000000c0)=""/43, 0x2b, 0x0, 0x0, 0x20000000, 0x1, 0x80000001}}, 0x120)

18.335045585s ago: executing program 4 (id=917):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='configfs\x00', 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="2e0000007700000000000000000018110000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x40000000, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
timerfd_gettime(0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x18)
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
r2 = epoll_create1(0x0)
r3 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f00000000c0))
epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r3, &(0x7f0000000000)={0xecedf212e4f1aa05})
bind$inet6(r1, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x93, @loopback}, 0x1c)
sendto$inet6(r1, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback, 0x4}, 0x1c)
sendmmsg$inet6(r1, &(0x7f0000004900)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)="00d23448f9c840008cd6dbd5d1670cf8da03c33c88a300ef0767d99300cbb750c1c45b00791082b0f95aa8ac7e5885c7fd0fe3924f56e11e8d9f8919db3cc28fcddae6", 0x48}], 0x1}}], 0x19, 0x11)
sysinfo(&(0x7f0000000340)=""/195)
close_range(r0, 0xffffffffffffffff, 0x0)
r4 = eventfd2(0xffff, 0x1)
write$eventfd(r4, &(0x7f0000000000)=0x9, 0x8)

17.510773471s ago: executing program 5 (id=920):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff00000000000000", @ANYRES32=0x1, @ANYRES32], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r3}, 0x0, &(0x7f00000002c0)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
timer_create(0x0, 0x0, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
socket$inet6(0xa, 0x2, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000140)=ANY=[@ANYBLOB="5800000055003d0926bd70000200000007000000", @ANYBLOB="200002", @ANYRES32=0x0, @ANYBLOB="00010100"/18, @ANYBLOB], 0x58}}, 0x80)
sendmsg$TIPC_NL_LINK_SET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000140)=ANY=[], 0x50}}, 0x0)

16.494720759s ago: executing program 2 (id=924):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)={0x14, 0x37, 0x1, 0x70bd28, 0x25dfdbfb, {0x1}}, 0x14}, 0x1, 0x0, 0x0, 0x94}, 0x0)

16.4553681s ago: executing program 5 (id=925):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000000)='kfree\x00', r0, 0x0, 0x1000000000000}, 0x18)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4400000010000304040000000000000000fbf824", @ANYRES32=0x0, @ANYBLOB="1103020000000000140012800b0001006970766c616e00000400028008000500", @ANYRES32=r3, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r3], 0x44}, 0x1, 0xba01}, 0x810)

16.36671262s ago: executing program 2 (id=926):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x1a, 0x3, &(0x7f00000006c0)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000f447333de39c7095758218a68bc5142f0cb2229fa6c8b0d7c8126aee6d3def94cd964218564fb1d255bce6cef9bea8322326039744a98eead8c59bc75bb5b42123eef53ae4bc331b0ad09a8efc4175c484ad74df9158ff1882cdd83c97c03a35"], &(0x7f0000000340)='syzkaller\x00', 0x1, 0xc5, &(0x7f0000000180)=""/197, 0x0, 0x0, '\x00', 0x0, 0x18, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x64, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$WG_CMD_GET_DEVICE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, 0x0, 0x327}, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f00000001c0), 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
fgetxattr(0xffffffffffffffff, &(0x7f0000000380)=@random={'security.', '\x8e\x10ga\xb6\x9a\x999Z\xbb\x03$\xcb/\tDUd\xcd>\xe2\x80k[\xb9\xb3z\x19\xcae\xb5'}, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={0x0, r0}, 0x10)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=ANY=[@ANYBLOB="1200000042000000080000000200000000000000", @ANYRES32=0x1, @ANYBLOB='\x00\x00\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000280)={r4, &(0x7f00000004c0), &(0x7f0000000400)=@udp6=r5}, 0x3f)
recvmmsg(r5, &(0x7f00000012c0)=[{{0x0, 0x0, 0x0}, 0x501}], 0x1, 0x40, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020701200000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
sendmsg$nl_route(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="240000006800090300000080000000000a00000000000000040004000800010001"], 0x24}}, 0x0)
ioprio_set$pid(0x1, r3, 0x4000)

16.31807125s ago: executing program 2 (id=927):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000a850000000f000000850000009e00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x4c, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
connect$unix(0xffffffffffffffff, &(0x7f0000000840)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024000000"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r1}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x11, 0x0, 0xfffff000, 0x8000, 0x0, 0xffffffffffffffff, 0x10, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
sendmsg$IPCTNL_MSG_CT_GET(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000280)=ANY=[@ANYBLOB="44000000010101010000000000000000020000002400018014000180080001007f007ea770aa11756dd600000c00028005130100010000000c001980080001"], 0x44}}, 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000800), 0x101007, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x2, [@func_proto={0x0, 0x0, 0x0, 0x9, 0x3}, @func_proto, @const={0x0, 0x0, 0x0, 0xa, 0x2}]}}, &(0x7f0000000100)=""/223, 0x3e, 0xdf, 0x1, 0x0, 0x0, @void, @value}, 0x20)
read$FUSE(0xffffffffffffffff, &(0x7f0000002080)={0x2020}, 0x2020)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x800714, &(0x7f0000000000)={[{@nobarrier}]}, 0xff, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=")
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x10)
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}, {@nfs_export_on}], [], 0x2c})

16.260651341s ago: executing program 5 (id=928):
r0 = fsopen(&(0x7f0000000780)='proc\x00', 0x0)
fchdir(0xffffffffffffffff)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x101000, 0x108)
getdents64(r1, &(0x7f0000000f80)=""/4096, 0x1000)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000180), 0x48000)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r2, 0xc0a85352, &(0x7f00000000c0)={{0x0, 0x3}, 'port1\x00', 0x62, 0x8, 0x6c, 0x140000, 0xffff, 0x40, 0x81, 0x0, 0x0, 0xff})
socket$nl_netfilter(0x10, 0x3, 0xc)
unshare(0x40020000)
mlockall(0x2)
r3 = shmget$private(0x0, 0x400000, 0x0, &(0x7f000000e000/0x400000)=nil)
shmat(r3, &(0x7f0000ffd000/0x1000)=nil, 0x7000)
r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x8, r4)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
unshare(0x68040200)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0xfffff000)
process_vm_writev(r5, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x20001c34}], 0x1, 0x0)

15.905888113s ago: executing program 2 (id=929):
r0 = socket$key(0xf, 0x3, 0x2)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
sendmsg$key(r0, &(0x7f0000001040)={0x0, 0x0, &(0x7f0000001000)={&(0x7f0000000140)={0x2, 0xa, 0xbe, 0x9, 0x2, 0x0, 0x70bd25, 0x25dfdbfd}, 0x10}}, 0x0)

15.682773475s ago: executing program 2 (id=930):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000040), 0x81, r1}, 0x38)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000040000000000000000000100000a20000000000a05000000000000000000070000010900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021800000000c0a01030000000000000000070000080900020073797a31000000000900010073797a30000000005400038050000080080003400000000244000b802c0001800a0001"], 0x104}}, 0x40000)

15.473464016s ago: executing program 2 (id=931):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
openat$nvram(0xffffffffffffff9c, &(0x7f0000000240), 0x2800, 0x0)
getegid()
stat(0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x10000000000000)

15.201514708s ago: executing program 5 (id=932):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x18)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r2 = socket(0x10, 0x803, 0x0)
socket$unix(0x1, 0x1, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd29, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x4, 0xc00}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001300)=@newtfilter={0x54, 0x2c, 0xd27, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, 0x0, {0xc, 0x7}, {}, {0x3, 0xf}}, [@filter_kind_options=@f_basic={{0xa}, {0x24, 0x2, [@TCA_BASIC_EMATCHES={0x20, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x14, 0x2, 0x0, 0x1, [@TCF_EM_IPSET={0x10, 0x1, 0x0, 0x0, {{0x2, 0x8, 0x4}, {0x4, 0x6}}}]}, @TCA_EMATCH_TREE_HDR={0x8}]}]}}]}, 0x54}, 0x1, 0x0, 0x0, 0x40040}, 0x20040054)

3.048532487s ago: executing program 35 (id=917):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='configfs\x00', 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="2e0000007700000000000000000018110000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x40000000, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
timerfd_gettime(0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x18)
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
r2 = epoll_create1(0x0)
r3 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f00000000c0))
epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r3, &(0x7f0000000000)={0xecedf212e4f1aa05})
bind$inet6(r1, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x93, @loopback}, 0x1c)
sendto$inet6(r1, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback, 0x4}, 0x1c)
sendmmsg$inet6(r1, &(0x7f0000004900)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)="00d23448f9c840008cd6dbd5d1670cf8da03c33c88a300ef0767d99300cbb750c1c45b00791082b0f95aa8ac7e5885c7fd0fe3924f56e11e8d9f8919db3cc28fcddae6", 0x48}], 0x1}}], 0x19, 0x11)
sysinfo(&(0x7f0000000340)=""/195)
close_range(r0, 0xffffffffffffffff, 0x0)
r4 = eventfd2(0xffff, 0x1)
write$eventfd(r4, &(0x7f0000000000)=0x9, 0x8)

47.18032ms ago: executing program 36 (id=931):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
openat$nvram(0xffffffffffffff9c, &(0x7f0000000240), 0x2800, 0x0)
getegid()
stat(0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x10000000000000)

0s ago: executing program 37 (id=932):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x18)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r2 = socket(0x10, 0x803, 0x0)
socket$unix(0x1, 0x1, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd29, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x4, 0xc00}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001300)=@newtfilter={0x54, 0x2c, 0xd27, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, 0x0, {0xc, 0x7}, {}, {0x3, 0xf}}, [@filter_kind_options=@f_basic={{0xa}, {0x24, 0x2, [@TCA_BASIC_EMATCHES={0x20, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x14, 0x2, 0x0, 0x1, [@TCF_EM_IPSET={0x10, 0x1, 0x0, 0x0, {{0x2, 0x8, 0x4}, {0x4, 0x6}}}]}, @TCA_EMATCH_TREE_HDR={0x8}]}]}}]}, 0x54}, 0x1, 0x0, 0x0, 0x40040}, 0x20040054)

kernel console output (not intermixed with test programs):

E): macsec0: link becomes ready
[   75.742066][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   75.760395][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   75.781191][ T4258] device veth1_macvtap entered promiscuous mode
[   75.800220][ T4266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   75.821441][ T4266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   75.832099][ T4266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   75.843026][ T4266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   75.859801][ T4266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   75.874294][ T4266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   75.891443][ T4266] batman_adv: batadv0: Interface activated: batadv_slave_0
[   75.902346][ T4266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   75.913931][ T4266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   75.923981][ T4266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   75.936120][ T4266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   75.955062][ T4266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   75.966897][ T4266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   75.981424][ T4266] batman_adv: batadv0: Interface activated: batadv_slave_1
[   75.994397][   T34] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   76.025474][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   76.028433][   T34] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   76.034620][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   76.052833][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   76.070597][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   76.087527][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   76.097021][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   76.223593][ T4266] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   76.232805][ T4266] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   76.241940][ T4266] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   76.250756][ T4266] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   76.284615][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   76.357230][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   76.435979][ T4324] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   76.465256][ T4324] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   77.003945][ T4258] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   77.015588][ T4258] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   77.026962][ T4258] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   77.044560][ T4258] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   77.054479][ T4258] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   77.065610][ T4258] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   77.075554][ T4258] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   77.089937][   T27] audit: type=1326 audit(1742347243.682:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4341 comm="syz.1.7" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f180f18d169 code=0x7ffc0000
[   77.090032][ T4265] Bluetooth: hci1: command 0x0419 tx timeout
[   77.112230][ T4269] Bluetooth: hci2: command 0x0419 tx timeout
[   77.117882][ T4265] Bluetooth: hci4: command 0x0419 tx timeout
[   77.130016][ T4271] Bluetooth: hci0: command 0x0419 tx timeout
[   77.138295][ T4258] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   77.148422][   T27] audit: type=1326 audit(1742347243.722:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4341 comm="syz.1.7" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f180f18d169 code=0x7ffc0000
[   77.174441][ T4258] batman_adv: batadv0: Interface activated: batadv_slave_0
[   77.182199][ T4269] Bluetooth: hci3: command 0x0419 tx timeout
[   77.191782][   T27] audit: type=1326 audit(1742347243.722:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4341 comm="syz.1.7" exe="/root/syz-executor" sig=0 arch=c000003e syscall=225 compat=0 ip=0x7f180f18d169 code=0x7ffc0000
[   77.197281][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   77.228012][   T27] audit: type=1326 audit(1742347243.722:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4341 comm="syz.1.7" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f180f18d169 code=0x7ffc0000
[   77.257836][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   77.266011][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   77.274865][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   77.300386][ T4258] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   77.311303][ T4258] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   77.321522][ T4258] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   77.333045][ T4258] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   77.343328][ T4258] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   77.353848][ T4258] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   77.363695][ T4258] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   77.374327][ T4258] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   77.387594][ T4258] batman_adv: batadv0: Interface activated: batadv_slave_1
[   77.407192][ T4339] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   77.419336][ T4339] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   77.430418][ T4258] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   77.440039][ T4258] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   77.448758][ T4258] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   77.458033][ T4258] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   77.677058][ T4297] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   77.692874][ T4297] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   77.711846][ T4351] mmap: syz.2.3 (4351) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   77.729095][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   77.765831][ T4338] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   77.783115][ T4338] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   77.823402][ T4338] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   77.852881][ T4338] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   77.897668][ T4338] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   77.928796][   T75] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   77.941322][ T4338] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   77.971090][   T75] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   78.009752][   T50] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   78.131695][ T4357] loop0: detected capacity change from 0 to 2048
[   78.284595][ T4368] netlink: 4 bytes leftover after parsing attributes in process `syz.1.12'.
[   78.302274][ T4357] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   78.314965][ T4368] netlink: 4 bytes leftover after parsing attributes in process `syz.1.12'.
[   78.368978][ T4369] syz.2.11[4369] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   78.369086][ T4369] syz.2.11[4369] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   78.397575][ T4371] loop4: detected capacity change from 0 to 512
[   78.439647][ T4371] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[   78.449692][ T4360] hub 9-0:1.0: USB hub found
[   78.478950][ T4249] EXT4-fs (loop0): unmounting filesystem.
[   78.536709][ T4360] hub 9-0:1.0: 1 port detected
[   78.538992][ T4371] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   78.567516][ T4369] netlink: 20 bytes leftover after parsing attributes in process `syz.2.11'.
[   78.671701][ T4371] netlink: 4 bytes leftover after parsing attributes in process `syz.4.13'.
[   78.687036][ T4376] netlink: 132 bytes leftover after parsing attributes in process `syz.0.14'.
[   78.888044][ T4371] netlink: 4 bytes leftover after parsing attributes in process `syz.4.13'.
[   78.926364][ T4380] netlink: 28 bytes leftover after parsing attributes in process `syz.1.15'.
[   78.943710][ T4383] netlink: 8 bytes leftover after parsing attributes in process `syz.2.16'.
[   78.979045][ T4383] IPVS: Error joining to the multicast group
[   78.997616][ T4380] netlink: 8 bytes leftover after parsing attributes in process `syz.1.15'.
[   79.093325][ T4388] loop1: detected capacity change from 0 to 512
[   79.135348][ T4388] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   79.196714][ T4371] netlink: 4 bytes leftover after parsing attributes in process `syz.4.13'.
[   79.287077][ T4388] EXT4-fs (loop1): 1 orphan inode deleted
[   79.321831][ T4388] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   79.338326][   T75] Quota error (device loop1): do_check_range: Getting dqdh_entries 15 out of range 0-14
[   79.377436][   T75] EXT4-fs error (device loop1): ext4_release_dquot:6818: comm kworker/u4:4: Failed to release dquot type 1
[   79.399998][ T4388] ext4 filesystem being mounted at /5/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   79.471712][ T4258] EXT4-fs (loop4): unmounting filesystem.
[   79.715178][    T7] cfg80211: failed to load regulatory.db
[   79.861980][ T4250] EXT4-fs (loop1): unmounting filesystem.
[   79.998361][ T4407] netlink: 'syz.1.24': attribute type 3 has an invalid length.
[   80.334247][ T4416] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   80.344659][ T4416] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   80.352136][ T4416] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   80.504802][ T4418] loop4: detected capacity change from 0 to 512
[   80.514773][ T4418] EXT4-fs: Ignoring removed orlov option
[   81.439296][    C0] sched: RT throttling activated
[   81.476433][ T4418] EXT4-fs error (device loop4): ext4_map_blocks:634: inode #2: block 3: comm syz.4.25: lblock 0 mapped to illegal pblock 3 (length 1)
[   81.501081][ T4418] EXT4-fs warning (device loop4): dx_probe:823: inode #2: lblock 0: comm syz.4.25: error -117 reading directory block
[   81.513822][ T4418] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117
[   81.522187][ T4418] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   81.766097][ T4258] EXT4-fs (loop4): unmounting filesystem.
[   81.883966][ T4428] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   81.906964][ T4428] batman_adv: batadv0: Removing interface: batadv_slave_0
[   81.978125][ T4428] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   82.001134][ T4428] batman_adv: batadv0: Removing interface: batadv_slave_1
[   83.228035][ T4444] loop4: detected capacity change from 0 to 512
[   83.252686][ T4444] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[   83.292993][ T4444] EXT4-fs (loop4): invalid journal inode
[   83.299007][ T4444] EXT4-fs (loop4): can't get journal size
[   83.355838][ T4444] EXT4-fs (loop4): 1 truncate cleaned up
[   83.395460][ T4444] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   84.005928][ T4258] EXT4-fs (loop4): unmounting filesystem.
[   84.559653][ T4471] loop1: detected capacity change from 0 to 512
[   84.566454][ T4471] EXT4-fs: Ignoring removed orlov option
[   85.691277][ T4471] EXT4-fs error (device loop1): ext4_map_blocks:634: inode #2: block 3: comm syz.1.41: lblock 0 mapped to illegal pblock 3 (length 1)
[   85.705710][ T4471] EXT4-fs warning (device loop1): dx_probe:823: inode #2: lblock 0: comm syz.1.41: error -117 reading directory block
[   85.718241][ T4471] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117
[   85.726494][ T4471] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   85.946078][ T4477] __nla_validate_parse: 1 callbacks suppressed
[   85.946099][ T4477] netlink: 132 bytes leftover after parsing attributes in process `syz.3.44'.
[   85.968962][ T4250] EXT4-fs (loop1): unmounting filesystem.
[   86.181103][   T27] audit: type=1326 audit(1742347252.772:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4483 comm="syz.4.47" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c2d8d169 code=0x7ffc0000
[   86.259678][   T27] audit: type=1326 audit(1742347252.792:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4483 comm="syz.4.47" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c2d8d169 code=0x7ffc0000
[   86.328020][ T4490] loop1: detected capacity change from 0 to 256
[   86.345447][   T27] audit: type=1326 audit(1742347252.792:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4483 comm="syz.4.47" exe="/root/syz-executor" sig=0 arch=c000003e syscall=207 compat=0 ip=0x7fc7c2d8d169 code=0x7ffc0000
[   86.415233][   T27] audit: type=1326 audit(1742347252.792:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4483 comm="syz.4.47" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c2d8d169 code=0x7ffc0000
[   86.509451][   T27] audit: type=1326 audit(1742347252.792:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4483 comm="syz.4.47" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c2d8d169 code=0x7ffc0000
[   86.595992][   T27] audit: type=1326 audit(1742347252.802:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4483 comm="syz.4.47" exe="/root/syz-executor" sig=0 arch=c000003e syscall=210 compat=0 ip=0x7fc7c2d8d169 code=0x7ffc0000
[   86.683812][   T27] audit: type=1326 audit(1742347252.802:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4483 comm="syz.4.47" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c2d8d169 code=0x7ffc0000
[   86.746884][   T27] audit: type=1326 audit(1742347252.802:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4483 comm="syz.4.47" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c2d8d169 code=0x7ffc0000
[   86.805432][   T27] audit: type=1326 audit(1742347252.802:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4483 comm="syz.4.47" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc7c2d8d169 code=0x7ffc0000
[   86.872977][   T27] audit: type=1326 audit(1742347252.812:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4483 comm="syz.4.47" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c2d8d169 code=0x7ffc0000
[   87.609886][ T4514] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   87.741798][ T4515] netlink: 'syz.0.55': attribute type 10 has an invalid length.
[   87.869835][ T4515] netlink: 40 bytes leftover after parsing attributes in process `syz.0.55'.
[   88.299926][ T4515] team0: Port device geneve0 added
[   89.734923][ T4575] loop3: detected capacity change from 0 to 512
[   89.741871][ T4575] EXT4-fs: Ignoring removed orlov option
[   89.768814][ T4575] EXT4-fs error (device loop3): ext4_map_blocks:634: inode #2: block 3: comm syz.3.56: lblock 0 mapped to illegal pblock 3 (length 1)
[   89.786550][ T4514] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   89.786966][ T4575] EXT4-fs warning (device loop3): dx_probe:823: inode #2: lblock 0: comm syz.3.56: error -117 reading directory block
[   89.812050][ T4575] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117
[   89.821738][ T4575] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   90.097579][ T4514] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   90.128713][ T4583] netlink: 24 bytes leftover after parsing attributes in process `syz.2.58'.
[   90.278082][ T4514] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   90.295464][ T4266] EXT4-fs (loop3): unmounting filesystem.
[   90.310640][ T4585] loop2: detected capacity change from 0 to 164
[   90.375639][ T4585] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   90.495434][ T4514] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   90.534512][ T4514] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   90.566171][ T4514] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   90.624171][ T4514] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   91.618764][ T4611] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   93.774725][ T4674] syz.4.78 uses obsolete (PF_INET,SOCK_PACKET)
[   97.134741][ T4696] netlink: 132 bytes leftover after parsing attributes in process `syz.2.84'.
[   98.364606][ T4708] loop0: detected capacity change from 0 to 1024
[   98.382662][ T4708] =======================================================
[   98.382662][ T4708] WARNING: The mand mount option has been deprecated and
[   98.382662][ T4708]          and is ignored by this kernel. Remove the mand
[   98.382662][ T4708]          option from the mount to silence this warning.
[   98.382662][ T4708] =======================================================
[   98.443450][ T4708] EXT4-fs: Ignoring removed mblk_io_submit option
[   98.464643][ T4708] EXT4-fs: Ignoring removed nobh option
[   98.489419][ T4708] EXT4-fs: Ignoring removed bh option
[   98.500177][ T4708] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   98.571126][ T4715] netlink: 4 bytes leftover after parsing attributes in process `syz.3.91'.
[   98.583696][ T4708] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   98.798259][ T4249] EXT4-fs (loop0): unmounting filesystem.
[   99.005139][ T4721] loop4: detected capacity change from 0 to 256
[   99.929237][ T4728] netlink: 184 bytes leftover after parsing attributes in process `syz.2.95'.
[  100.223604][ T4737] netlink: 132 bytes leftover after parsing attributes in process `syz.2.97'.
[  101.187847][ T4750] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  101.198605][ T4750] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  101.218595][ T4750] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  101.239458][  T951] usb 5-1: new full-speed USB device number 2 using dummy_hcd
[  101.399471][  T951] usb 5-1: device descriptor read/64, error -71
[  101.441303][ T4754] netlink: 24 bytes leftover after parsing attributes in process `syz.1.102'.
[  101.864003][  T951] usb 5-1: new full-speed USB device number 3 using dummy_hcd
[  104.144862][  T951] usb 5-1: device descriptor read/64, error -71
[  104.289834][  T951] usb usb5-port1: attempt power cycle
[  104.891515][ T4784] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.912949][ T4775] syz.3.108[4775] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  104.913058][ T4775] syz.3.108[4775] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  104.938816][ T4786] netlink: 132 bytes leftover after parsing attributes in process `syz.1.114'.
[  104.940662][ T4775] netlink: 8 bytes leftover after parsing attributes in process `syz.3.108'.
[  104.973978][ T4775] netlink: 8 bytes leftover after parsing attributes in process `syz.3.108'.
[  105.025558][ T4789] loop3: detected capacity change from 0 to 512
[  105.067559][ T4784] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  105.105478][ T4789] EXT4-fs error (device loop3): ext4_orphan_get:1400: inode #15: comm syz.3.108: casefold flag without casefold feature
[  105.120637][ T4789] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.108: couldn't read orphan inode 15 (err -117)
[  105.133114][ T4789] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  105.218437][ T4796] loop1: detected capacity change from 0 to 1024
[  105.234132][ T4784] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  105.284589][ T4796] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  105.480317][ T4784] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  105.568499][ T4250] EXT4-fs (loop1): unmounting filesystem.
[  105.645509][ T4266] EXT4-fs (loop3): unmounting filesystem.
[  105.796581][ T4784] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  105.856727][ T4784] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  105.943667][ T4784] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  106.001846][ T4819] xt_hashlimit: max too large, truncated to 1048576
[  106.021246][ T4784] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  106.189097][ T4822] rdma_op ffff8880709f41f0 conn xmit_rdma 0000000000000000
[  107.066412][ T4832] syz.1.130[4832] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  107.066514][ T4832] syz.1.130[4832] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  107.116769][ T4844] netlink: 8 bytes leftover after parsing attributes in process `syz.1.130'.
[  107.169827][ T4844] netlink: 8 bytes leftover after parsing attributes in process `syz.1.130'.
[  107.198655][ T4832] loop1: detected capacity change from 0 to 512
[  107.237424][ T4832] EXT4-fs error (device loop1): ext4_orphan_get:1400: inode #15: comm syz.1.130: casefold flag without casefold feature
[  107.301806][ T4832] EXT4-fs error (device loop1): ext4_orphan_get:1405: comm syz.1.130: couldn't read orphan inode 15 (err -117)
[  107.489912][ T4832] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  107.767710][ T4858] netlink: 16 bytes leftover after parsing attributes in process `syz.4.139'.
[  107.871711][ T4843] loop0: detected capacity change from 0 to 1024
[  107.878837][ T4843] EXT4-fs: Ignoring removed orlov option
[  107.909081][ T4250] EXT4-fs (loop1): unmounting filesystem.
[  107.970895][ T4843] EXT4-fs: Ignoring removed nomblk_io_submit option
[  108.021758][ T4843] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  108.414091][ T4843] EXT4-fs (loop0): unmounting filesystem.
[  109.241014][ T4892] netlink: 12 bytes leftover after parsing attributes in process `syz.1.150'.
[  109.337255][ T4892] loop1: detected capacity change from 0 to 512
[  109.383800][ T4892] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.150: invalid indirect mapped block 4294967295 (level 1)
[  109.439345][ T4892] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.150: invalid indirect mapped block 4294967295 (level 1)
[  109.471755][ T4892] EXT4-fs (loop1): 2 truncates cleaned up
[  109.477584][ T4892] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  109.865625][ T4250] EXT4-fs (loop1): unmounting filesystem.
[  110.325130][ T4924] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  110.334485][ T4924] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  110.341998][ T4924] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  112.807933][ T4953] loop0: detected capacity change from 0 to 1024
[  112.840385][ T4955] netlink: 332 bytes leftover after parsing attributes in process `syz.3.171'.
[  113.060263][ T4953] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  113.085667][ T4965] loop4: detected capacity change from 0 to 1024
[  113.125971][ T4953] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:3841: comm syz.0.172: Allocating blocks 497-513 which overlap fs metadata
[  113.145152][ T4965] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  113.194707][ T4968] serio: Serial port ptm0
[  113.199982][ T4965] netlink: 8 bytes leftover after parsing attributes in process `syz.4.175'.
[  113.235352][ T4965] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  113.261772][ T4965] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  113.277916][   T27] kauditd_printk_skb: 20 callbacks suppressed
[  113.277932][   T27] audit: type=1326 audit(1742347279.862:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4964 comm="syz.4.175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c2d8d169 code=0x7ffc0000
[  113.315977][ T4249] EXT4-fs (loop0): unmounting filesystem.
[  113.329805][   T27] audit: type=1326 audit(1742347279.862:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4964 comm="syz.4.175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc7c2d8d169 code=0x7ffc0000
[  113.398565][   T27] audit: type=1326 audit(1742347279.862:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4964 comm="syz.4.175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c2d8d169 code=0x7ffc0000
[  113.461473][   T27] audit: type=1326 audit(1742347279.862:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4964 comm="syz.4.175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=25 compat=0 ip=0x7fc7c2d8d169 code=0x7ffc0000
[  113.518979][   T27] audit: type=1326 audit(1742347279.862:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4964 comm="syz.4.175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c2d8d169 code=0x7ffc0000
[  113.605683][   T27] audit: type=1326 audit(1742347279.862:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4964 comm="syz.4.175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=152 compat=0 ip=0x7fc7c2d8d169 code=0x7ffc0000
[  113.651671][ T4976] netlink: 56 bytes leftover after parsing attributes in process `syz.3.179'.
[  113.666454][   T27] audit: type=1326 audit(1742347279.862:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4964 comm="syz.4.175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c2d8d169 code=0x7ffc0000
[  113.727570][   T27] audit: type=1326 audit(1742347279.862:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4964 comm="syz.4.175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c2d8d169 code=0x7ffc0000
[  113.774724][   T27] audit: type=1326 audit(1742347280.052:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4971 comm="syz.0.177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f064558d169 code=0x7ffc0000
[  113.848283][   T27] audit: type=1326 audit(1742347280.052:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4971 comm="syz.0.177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f064558d169 code=0x7ffc0000
[  113.981464][ T4258] EXT4-fs (loop4): unmounting filesystem.
[  114.373531][ T4991] rdma_op ffff888072e939f0 conn xmit_rdma 0000000000000000
[  115.665436][ T5028] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  115.674772][ T5028] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  115.682302][ T5028] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  117.255779][ T5043] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  117.319194][ T5046] loop2: detected capacity change from 0 to 512
[  117.374881][ T5043] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  117.404394][ T5046] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  117.418211][ T5046] ext4 filesystem being mounted at /44/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  117.527949][ T5043] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  117.736572][ T4252] EXT4-fs (loop2): unmounting filesystem.
[  117.744236][ T5043] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  117.935739][ T5043] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  118.103333][ T5043] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  119.920765][ T5043] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  120.012240][ T5043] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  121.386433][ T5097] Zero length message leads to an empty skb
[  121.431575][ T5099] netlink: 56 bytes leftover after parsing attributes in process `syz.2.222'.
[  121.672034][ T5101] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  121.814007][ T5101] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  122.011421][ T5101] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  122.191210][ T5101] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  122.355801][ T5101] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  122.450689][ T5101] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  122.467601][ T5101] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  122.484365][ T5101] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  122.699877][ T5119] loop2: detected capacity change from 0 to 1024
[  122.707576][ T5120] loop1: detected capacity change from 0 to 1024
[  122.752706][ T5119] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  122.793380][ T5120] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  122.822869][ T5120] ext4 filesystem being mounted at /43/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  122.837464][ T5119] EXT4-fs (loop2): re-mounted. Quota mode: writeback.
[  122.884027][ T4252] EXT4-fs (loop2): unmounting filesystem.
[  122.884084][ T5120] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  122.910957][ T5120] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 52 with error 28
[  122.938367][ T5120] EXT4-fs (loop1): This should not happen!! Data will be lost
[  122.938367][ T5120] 
[  122.948796][ T5120] EXT4-fs (loop1): Total free blocks count 0
[  122.956917][ T5120] EXT4-fs (loop1): Free/Dirty block details
[  122.964082][ T5120] EXT4-fs (loop1): free_blocks=4293918720
[  122.970341][ T5120] EXT4-fs (loop1): dirty_blocks=64
[  122.975704][ T5120] EXT4-fs (loop1): Block reservation details
[  122.982122][ T5120] EXT4-fs (loop1): i_reserved_data_blocks=4
[  123.057378][ T4250] EXT4-fs (loop1): unmounting filesystem.
[  124.215214][ T5142] netlink: 4 bytes leftover after parsing attributes in process `syz.3.238'.
[  124.226962][ T5142] netlink: 4 bytes leftover after parsing attributes in process `syz.3.238'.
[  124.510930][ T5150] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  124.584916][ T5150] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  124.677040][ T5150] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  124.757437][ T5150] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  124.794681][ T5157] process 'syz.2.244' launched './file0' with NULL argv: empty string added
[  124.879149][ T5150] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  124.916291][ T5150] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  124.936698][ T5150] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  124.955043][ T5150] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  125.273940][ T5170] netlink: 40 bytes leftover after parsing attributes in process `syz.3.250'.
[  126.763812][   T27] kauditd_printk_skb: 24 callbacks suppressed
[  126.763827][   T27] audit: type=1326 audit(1742347293.352:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5194 comm="syz.2.261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc754f8d169 code=0x7ffc0000
[  126.819629][   T27] audit: type=1326 audit(1742347293.392:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5194 comm="syz.2.261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=443 compat=0 ip=0x7fc754f8d169 code=0x7ffc0000
[  126.863993][   T27] audit: type=1326 audit(1742347293.392:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5194 comm="syz.2.261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc754f8d169 code=0x7ffc0000
[  126.868717][ T5197] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  126.936702][   T27] audit: type=1326 audit(1742347293.412:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5194 comm="syz.2.261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc754f8d169 code=0x7ffc0000
[  127.000173][ T5197] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  127.219455][   T27] audit: type=1326 audit(1742347293.772:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5208 comm="syz.3.265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5155d8d169 code=0x7ffc0000
[  127.249105][ T5197] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  127.268972][   T27] audit: type=1326 audit(1742347293.772:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5208 comm="syz.3.265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5155d8d169 code=0x7ffc0000
[  127.291241][   T27] audit: type=1326 audit(1742347293.772:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5208 comm="syz.3.265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5155d8d169 code=0x7ffc0000
[  127.315633][   T27] audit: type=1326 audit(1742347293.772:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5208 comm="syz.3.265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5155d8d169 code=0x7ffc0000
[  127.337830][   T27] audit: type=1326 audit(1742347293.772:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5208 comm="syz.3.265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5155d8d169 code=0x7ffc0000
[  127.376031][   T27] audit: type=1326 audit(1742347293.772:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5208 comm="syz.3.265" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5155d8d169 code=0x7ffc0000
[  127.402811][ T5197] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.675864][ T5225] netlink: 40 bytes leftover after parsing attributes in process `syz.3.270'.
[  128.725040][ T5227] netlink: 'syz.2.271': attribute type 7 has an invalid length.
[  128.735939][ T5227] netlink: 8 bytes leftover after parsing attributes in process `syz.2.271'.
[  129.207239][ T5233] loop4: detected capacity change from 0 to 1024
[  129.230011][ T5233] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  129.271801][ T5233] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c80ce028, mo2=0000]
[  129.291442][ T5233] EXT4-fs error (device loop4): ext4_map_blocks:634: inode #3: block 2: comm syz.4.274: lblock 2 mapped to illegal pblock 2 (length 1)
[  129.312986][ T5233] EXT4-fs (loop4): Remounting filesystem read-only
[  129.323325][ T5233] EXT4-fs error (device loop4): ext4_map_blocks:634: inode #3: block 48: comm syz.4.274: lblock 0 mapped to illegal pblock 48 (length 1)
[  129.344268][ T5233] EXT4-fs (loop4): Remounting filesystem read-only
[  129.352473][ T5233] EXT4-fs error (device loop4): ext4_acquire_dquot:6795: comm syz.4.274: Failed to acquire dquot type 0
[  129.369048][ T5233] EXT4-fs (loop4): Remounting filesystem read-only
[  129.376603][ T5233] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5885: Corrupt filesystem
[  129.394833][ T5233] EXT4-fs (loop4): Remounting filesystem read-only
[  129.403269][ T5233] EXT4-fs error (device loop4): ext4_evict_inode:279: inode #11: comm syz.4.274: mark_inode_dirty error
[  129.420677][ T5233] EXT4-fs (loop4): Remounting filesystem read-only
[  129.436894][ T5233] EXT4-fs warning (device loop4): ext4_evict_inode:282: couldn't mark inode dirty (err -117)
[  129.449126][ T5233] EXT4-fs (loop4): 1 orphan inode deleted
[  129.460129][ T4338] EXT4-fs error (device loop4): ext4_map_blocks:634: inode #3: block 1: comm kworker/u4:8: lblock 1 mapped to illegal pblock 1 (length 1)
[  129.480046][ T5233] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  129.496515][ T4338] EXT4-fs (loop4): Remounting filesystem read-only
[  129.513431][ T4338] EXT4-fs error (device loop4): ext4_release_dquot:6818: comm kworker/u4:8: Failed to release dquot type 0
[  129.562931][ T4338] EXT4-fs (loop4): Remounting filesystem read-only
[  129.625627][ T4258] EXT4-fs (loop4): unmounting filesystem.
[  129.635034][ T4258] EXT4-fs error (device loop4): __ext4_get_inode_loc:4506: comm syz-executor: Invalid inode table block 1 in block_group 0
[  129.643661][ T5239] device veth1_to_bond entered promiscuous mode
[  129.657874][ T5238] device veth1_to_bond left promiscuous mode
[  129.666629][ T4258] EXT4-fs (loop4): Remounting filesystem read-only
[  129.675200][ T4258] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5885: Corrupt filesystem
[  129.692935][ T4258] EXT4-fs (loop4): Remounting filesystem read-only
[  129.709341][ T4258] EXT4-fs error (device loop4): ext4_quota_off:7084: inode #3: comm syz-executor: mark_inode_dirty error
[  129.725658][ T4258] EXT4-fs (loop4): Remounting filesystem read-only
[  130.202210][ T5254] loop3: detected capacity change from 0 to 512
[  132.191745][ T5197] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  132.345677][ T5197] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  132.387291][ T5197] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  132.443910][ T5197] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  132.692506][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  132.698858][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  132.849921][ T5289] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  134.214839][ T5310] netlink: 32 bytes leftover after parsing attributes in process `syz.1.303'.
[  134.652770][ T5319] loop2: detected capacity change from 0 to 512
[  134.661979][ T5319] EXT4-fs: Ignoring removed orlov option
[  134.950087][ T5319] EXT4-fs error (device loop2): ext4_map_blocks:634: inode #2: block 3: comm syz.2.306: lblock 0 mapped to illegal pblock 3 (length 1)
[  134.966920][ T5319] EXT4-fs warning (device loop2): dx_probe:823: inode #2: lblock 0: comm syz.2.306: error -117 reading directory block
[  134.979711][ T5319] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117
[  134.988487][ T5319] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  135.094475][ T5321] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 255: padding at end of block bitmap is not set
[  135.431197][ T4252] EXT4-fs (loop2): unmounting filesystem.
[  135.507635][ T5313] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  135.550835][   T27] kauditd_printk_skb: 7 callbacks suppressed
[  135.550850][   T27] audit: type=1326 audit(1742347302.142:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5326 comm="syz.4.311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c2d8d169 code=0x7ffc0000
[  137.096196][   T27] audit: type=1326 audit(1742347303.682:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5326 comm="syz.4.311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c2d8d169 code=0x7ffc0000
[  137.136667][   T27] audit: type=1326 audit(1742347303.722:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5326 comm="syz.4.311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc7c2d8d169 code=0x7ffc0000
[  137.202374][   T27] audit: type=1326 audit(1742347303.722:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5326 comm="syz.4.311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c2d8d169 code=0x7ffc0000
[  137.243698][ T5329] loop4: detected capacity change from 0 to 512
[  137.276345][   T27] audit: type=1326 audit(1742347303.722:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5326 comm="syz.4.311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c2d8d169 code=0x7ffc0000
[  137.299145][   T27] audit: type=1326 audit(1742347303.722:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5326 comm="syz.4.311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc7c2d8d169 code=0x7ffc0000
[  137.322345][   T27] audit: type=1326 audit(1742347303.722:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5326 comm="syz.4.311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c2d8d169 code=0x7ffc0000
[  137.350842][ T5313] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  137.423728][   T27] audit: type=1326 audit(1742347303.722:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5326 comm="syz.4.311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c2d8d169 code=0x7ffc0000
[  137.448179][   T27] audit: type=1326 audit(1742347303.722:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5326 comm="syz.4.311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc7c2d8d169 code=0x7ffc0000
[  137.482642][ T5329] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  137.501289][ T5329] EXT4-fs (loop4): orphan cleanup on readonly fs
[  137.524841][ T5329] Quota error (device loop4): v2_read_file_info: Block with free entry 1 out of range (1, 6).
[  137.542795][ T5329] EXT4-fs warning (device loop4): ext4_enable_quotas:7030: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  137.551310][ T5313] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  137.558459][ T5329] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  137.580320][ T5329] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.311: bg 0: block 40: padding at end of block bitmap is not set
[  137.606426][ T5329] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6170: Corrupt filesystem
[  137.626394][ T5329] EXT4-fs (loop4): 1 truncate cleaned up
[  137.641934][ T5329] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  137.683509][ T5329] EXT4-fs (loop4): unmounting filesystem.
[  137.701940][ T5313] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  137.900249][ T5313] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  137.948131][ T5313] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  137.984942][ T5313] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  137.995874][ T5333] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  138.010093][ T5333] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  138.026930][ T5333] Bluetooth: hci1: Suspend notifier action (1) failed: -4
[  138.037986][ T5313] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  138.079484][ T5333] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  138.085596][ T5333] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  138.114425][ T5333] Bluetooth: hci0: Suspend notifier action (1) failed: -4
[  138.178893][ T5333] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  138.196765][ T5333] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  138.214594][ T5333] Bluetooth: hci2: Suspend notifier action (1) failed: -4
[  138.246859][ T5333] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  138.279520][ T5333] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  138.285674][ T5333] Bluetooth: hci3: Suspend notifier action (1) failed: -4
[  138.330292][ T5333] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  138.349508][ T5333] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  138.371423][ T5333] Bluetooth: hci4: Suspend notifier action (1) failed: -4
[  138.646867][ T5359] netlink: 32 bytes leftover after parsing attributes in process `syz.4.320'.
[  138.874125][ T5361] loop0: detected capacity change from 0 to 512
[  138.888962][ T5361] EXT4-fs: Ignoring removed orlov option
[  139.514960][ T4265] Bluetooth: hci1: command 0x0c1a tx timeout
[  139.541834][ T5361] EXT4-fs error (device loop0): ext4_map_blocks:634: inode #2: block 3: comm syz.0.319: lblock 0 mapped to illegal pblock 3 (length 1)
[  139.577255][ T5361] EXT4-fs warning (device loop0): dx_probe:823: inode #2: lblock 0: comm syz.0.319: error -117 reading directory block
[  139.589904][ T5361] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -117
[  139.598752][ T5361] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  139.866791][ T4249] EXT4-fs (loop0): unmounting filesystem.
[  140.017277][ T5375] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  140.021979][ T5378] loop3: detected capacity change from 0 to 512
[  140.054982][ T5378] EXT4-fs: Ignoring removed i_version option
[  140.074293][ T5378] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  140.107312][ T5377] device team_slave_0 entered promiscuous mode
[  140.113973][ T5377] device team_slave_1 entered promiscuous mode
[  140.124809][ T5377] device macsec1 entered promiscuous mode
[  140.135593][ T5377] device team0 entered promiscuous mode
[  140.142119][ T5377] device geneve0 entered promiscuous mode
[  140.151847][ T5377] device team0 left promiscuous mode
[  140.157552][ T5377] device geneve0 left promiscuous mode
[  140.163667][ T4265] Bluetooth: hci0: command 0x0c1a tx timeout
[  140.171867][ T5377] device team_slave_0 left promiscuous mode
[  140.177904][ T5377] device team_slave_1 left promiscuous mode
[  140.219873][ T4265] Bluetooth: hci2: command 0x0c1a tx timeout
[  140.233713][ T5378] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2809: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  140.272202][ T5378] EXT4-fs (loop3): 1 truncate cleaned up
[  140.277972][ T5378] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  140.289573][ T4265] Bluetooth: hci3: command 0x0c1a tx timeout
[  140.304080][ T5375] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  140.415215][ T5384] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  140.424608][ T5384] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  140.432254][ T5384] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  140.461047][ T4265] Bluetooth: hci4: command 0x0c1a tx timeout
[  140.607215][ T5369] EXT4-fs error (device loop3): ext4_read_inline_dir:1593: inode #12: block 7: comm syz.3.325: path /70/file2/file0: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=327693, rec_len=0, size=80 fake=0
[  140.913294][ T5369] EXT4-fs (loop3): Remounting filesystem read-only
[  141.562638][ T5375] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  141.572913][ T4269] Bluetooth: hci1: command 0x0406 tx timeout
[  141.655742][ T5375] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  141.858560][ T5375] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  141.945957][ T5375] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  141.972328][   T27] kauditd_printk_skb: 43 callbacks suppressed
[  141.972344][   T27] audit: type=1326 audit(1742347308.562:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5387 comm="syz.4.332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c2d8d169 code=0x7ffc0000
[  142.020463][ T5375] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  142.029650][   T27] audit: type=1326 audit(1742347308.602:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5387 comm="syz.4.332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc7c2d8bad0 code=0x7ffc0000
[  142.057856][ T5397] loop0: detected capacity change from 0 to 2048
[  142.064960][   T27] audit: type=1326 audit(1742347308.602:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5387 comm="syz.4.332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c2d8d169 code=0x7ffc0000
[  142.078211][ T5375] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  142.089410][   T27] audit: type=1326 audit(1742347308.632:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5387 comm="syz.4.332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=8 compat=0 ip=0x7fc7c2d8d169 code=0x7ffc0000
[  142.146463][   T27] audit: type=1326 audit(1742347308.632:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5387 comm="syz.4.332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c2d8d169 code=0x7ffc0000
[  142.196243][ T5397]  loop0: p1 < > p4
[  142.209731][ T4269] Bluetooth: hci0: command 0x0406 tx timeout
[  142.233928][   T27] audit: type=1326 audit(1742347308.652:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5387 comm="syz.4.332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7fc7c2d8d169 code=0x7ffc0000
[  142.278486][ T5397] loop0: p4 size 8388608 extends beyond EOD, truncated
[  142.290378][ T4269] Bluetooth: hci2: command 0x0406 tx timeout
[  142.328411][ T4266] EXT4-fs error (device loop3): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /70/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  142.352766][ T4266] EXT4-fs (loop3): Remounting filesystem read-only
[  142.369475][ T4269] Bluetooth: hci3: command 0x0406 tx timeout
[  142.384035][ T4266] EXT4-fs error (device loop3): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  142.438427][ T4266] EXT4-fs (loop3): Remounting filesystem read-only
[  142.446832][ T4266] EXT4-fs error (device loop3): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /70/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  142.485600][ T4266] EXT4-fs (loop3): Remounting filesystem read-only
[  142.577476][ T4266] EXT4-fs error (device loop3): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  142.609525][ T4269] Bluetooth: hci4: command 0x0406 tx timeout
[  142.653976][ T4266] EXT4-fs (loop3): Remounting filesystem read-only
[  142.661908][ T4266] EXT4-fs error (device loop3): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /70/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  142.689404][ T4266] EXT4-fs (loop3): Remounting filesystem read-only
[  142.706481][ T4266] EXT4-fs error (device loop3): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  142.778834][ T4266] EXT4-fs (loop3): Remounting filesystem read-only
[  142.876672][ T4266] EXT4-fs error (device loop3): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /70/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  142.967663][   T27] audit: type=1326 audit(1742347309.552:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5387 comm="syz.4.332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fc7c2d84127 code=0x7ffc0000
[  142.993110][ T4266] EXT4-fs (loop3): Remounting filesystem read-only
[  143.071437][ T4266] EXT4-fs error (device loop3): ext4_empty_dir:3177: inode #11: block 54: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=5120, inode=0, rec_len=0, size=1024 fake=0
[  143.224594][ T4266] EXT4-fs (loop3): Remounting filesystem read-only
[  143.237898][ T4266] EXT4-fs error (device loop3): ext4_readdir:260: inode #11: block 54: comm syz-executor: path /70/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  143.364735][ T5428] Cannot find add_set index 0 as target
[  144.356836][ T5439] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  144.372250][ T5439] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  144.380366][ T5439] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  144.884813][ T5443] loop2: detected capacity change from 0 to 1024
[  144.892075][ T5443] EXT4-fs: Ignoring removed orlov option
[  144.950387][ T5443] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  145.132270][ T4252] EXT4-fs (loop2): unmounting filesystem.
[  145.501967][   T27] audit: type=1326 audit(1742347312.092:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5465 comm="syz.2.352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc754f8d169 code=0x7ffc0000
[  145.558126][   T27] audit: type=1326 audit(1742347312.092:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5465 comm="syz.2.352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=443 compat=0 ip=0x7fc754f8d169 code=0x7ffc0000
[  145.594688][ T5470] loop1: detected capacity change from 0 to 128
[  145.611231][   T27] audit: type=1326 audit(1742347312.092:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5465 comm="syz.2.352" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc754f8d169 code=0x7ffc0000
[  145.773545][ T5474] syz.1.353: attempt to access beyond end of device
[  145.773545][ T5474] loop1: rw=2049, sector=145, nr_sectors = 896 limit=128
[  145.884912][ T5472] netlink: 8 bytes leftover after parsing attributes in process `syz.2.354'.
[  145.894336][ T5472] netlink: 8 bytes leftover after parsing attributes in process `syz.2.354'.
[  145.911671][ T5472] loop2: detected capacity change from 0 to 512
[  145.936202][ T5472] EXT4-fs error (device loop2): ext4_orphan_get:1400: inode #15: comm syz.2.354: casefold flag without casefold feature
[  145.953864][ T5473] syz.1.353: attempt to access beyond end of device
[  145.953864][ T5473] loop1: rw=524288, sector=897, nr_sectors = 144 limit=128
[  145.968353][ T5472] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.354: couldn't read orphan inode 15 (err -117)
[  145.980738][ T5472] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  146.000450][ T5473] syz.1.353: attempt to access beyond end of device
[  146.000450][ T5473] loop1: rw=0, sector=1025, nr_sectors = 8 limit=128
[  146.020786][ T5473] syz.1.353: attempt to access beyond end of device
[  146.020786][ T5473] loop1: rw=0, sector=1025, nr_sectors = 8 limit=128
[  146.040479][ T5473] syz.1.353: attempt to access beyond end of device
[  146.040479][ T5473] loop1: rw=0, sector=1025, nr_sectors = 8 limit=128
[  146.096269][ T5473] syz.1.353: attempt to access beyond end of device
[  146.096269][ T5473] loop1: rw=0, sector=1025, nr_sectors = 8 limit=128
[  146.126970][ T5473] syz.1.353: attempt to access beyond end of device
[  146.126970][ T5473] loop1: rw=0, sector=1025, nr_sectors = 8 limit=128
[  146.189386][ T5473] syz.1.353: attempt to access beyond end of device
[  146.189386][ T5473] loop1: rw=0, sector=1025, nr_sectors = 8 limit=128
[  146.217520][ T5473] syz.1.353: attempt to access beyond end of device
[  146.217520][ T5473] loop1: rw=0, sector=1025, nr_sectors = 8 limit=128
[  146.237323][ T5473] syz.1.353: attempt to access beyond end of device
[  146.237323][ T5473] loop1: rw=0, sector=1025, nr_sectors = 8 limit=128
[  146.363517][ T4252] EXT4-fs (loop2): unmounting filesystem.
[  146.692692][ T5485] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  146.705919][ T5485] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  146.713987][ T5485] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  147.775755][ T5506] loop1: detected capacity change from 0 to 128
[  147.806856][ T4266] EXT4-fs: 194 callbacks suppressed
[  147.806873][ T4266] EXT4-fs (loop3): unmounting filesystem.
[  147.893102][ T5508] Buffer I/O error on dev loop1, logical block 128, lost async page write
[  147.904067][ T4559] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.941303][ T5508] Buffer I/O error on dev loop1, logical block 145, lost async page write
[  147.963744][ T5508] Buffer I/O error on dev loop1, logical block 146, lost async page write
[  147.979852][ T4559] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  148.007289][ T5508] Buffer I/O error on dev loop1, logical block 147, lost async page write
[  148.030901][ T5508] Buffer I/O error on dev loop1, logical block 148, lost async page write
[  148.056526][ T5508] Buffer I/O error on dev loop1, logical block 149, lost async page write
[  148.076462][ T4559] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  148.106757][ T5508] Buffer I/O error on dev loop1, logical block 150, lost async page write
[  148.135411][ T5508] Buffer I/O error on dev loop1, logical block 151, lost async page write
[  148.157507][ T4559] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  148.182176][ T5508] Buffer I/O error on dev loop1, logical block 152, lost async page write
[  148.214780][ T5508] Buffer I/O error on dev loop1, logical block 153, lost async page write
[  148.587633][ T5514] netlink: 24 bytes leftover after parsing attributes in process `syz.4.370'.
[  148.839640][ T4265] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  148.855112][ T4265] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  148.864789][ T4265] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  148.875813][ T4265] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  148.885247][ T4265] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  148.892703][ T4265] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  149.615654][ T5518] chnl_net:caif_netlink_parms(): no params data found
[  149.922790][ T5543] rdma_op ffff8880561809f0 conn xmit_rdma 0000000000000000
[  150.626723][ T4559] device hsr_slave_0 left promiscuous mode
[  150.689576][ T4559] device hsr_slave_1 left promiscuous mode
[  150.698165][ T4559] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  150.731743][ T4559] batman_adv: batadv0: Removing interface: batadv_slave_0
[  150.761722][ T4559] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  150.811541][ T4559] batman_adv: batadv0: Removing interface: batadv_slave_1
[  150.849075][ T4559] device bridge_slave_1 left promiscuous mode
[  150.881050][ T4559] bridge0: port 2(bridge_slave_1) entered disabled state
[  150.903546][ T4559] device bridge_slave_0 left promiscuous mode
[  150.914364][ T4559] bridge0: port 1(bridge_slave_0) entered disabled state
[  150.939722][ T4265] Bluetooth: hci4: command 0x0409 tx timeout
[  150.981909][ T5558] serio: Serial port ptm0
[  150.996263][ T4559] device veth1_macvtap left promiscuous mode
[  151.003475][ T4559] device veth0_macvtap left promiscuous mode
[  151.009649][ T4559] device veth1_vlan left promiscuous mode
[  151.015711][ T4559] device veth0_vlan left promiscuous mode
[  151.431239][ T5568] rdma_op ffff88807d43d9f0 conn xmit_rdma 0000000000000000
[  152.356375][ T4559] team0 (unregistering): Port device team_slave_1 removed
[  152.714680][ T4559] team0 (unregistering): Port device team_slave_0 removed
[  153.117497][ T4265] Bluetooth: hci4: command 0x041b tx timeout
[  153.124874][ T4559] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  153.174815][ T4559] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  153.574443][ T4559] bond0 (unregistering): Released all slaves
[  153.723805][ T5587] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  153.733365][ T5587] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  153.741303][ T5587] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  153.811287][ T5518] bridge0: port 1(bridge_slave_0) entered blocking state
[  153.818411][ T5518] bridge0: port 1(bridge_slave_0) entered disabled state
[  153.890682][ T5518] device bridge_slave_0 entered promiscuous mode
[  153.931555][ T5518] bridge0: port 2(bridge_slave_1) entered blocking state
[  153.946695][ T5518] bridge0: port 2(bridge_slave_1) entered disabled state
[  153.979223][ T5518] device bridge_slave_1 entered promiscuous mode
[  154.038392][ T5518] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  154.056917][ T5518] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  154.137987][ T5518] team0: Port device team_slave_0 added
[  154.146706][ T5518] team0: Port device team_slave_1 added
[  154.201145][ T5518] batman_adv: batadv0: Adding interface: batadv_slave_0
[  154.208343][ T5518] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  154.237813][ T5518] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  154.256665][ T5518] batman_adv: batadv0: Adding interface: batadv_slave_1
[  154.264108][ T5518] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  154.308502][ T5518] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  154.441310][ T5518] device hsr_slave_0 entered promiscuous mode
[  154.448607][ T5518] device hsr_slave_1 entered promiscuous mode
[  154.455945][ T5518] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  154.464982][ T5518] Cannot create hsr debugfs directory
[  154.581307][ T5607] netlink: 'syz.1.400': attribute type 2 has an invalid length.
[  154.591678][ T5607] binder: 5602:5607 ioctl c0306201 0 returned -14
[  154.663082][ T5518] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  154.673304][ T5518] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  154.683656][ T5518] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  154.726385][ T5518] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  154.916484][ T5518] 8021q: adding VLAN 0 to HW filter on device bond0
[  155.234115][ T4265] Bluetooth: hci4: command 0x040f tx timeout
[  155.262782][ T4549] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  155.273354][ T4549] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  155.298068][ T5518] 8021q: adding VLAN 0 to HW filter on device team0
[  155.326001][ T4549] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  155.347467][ T4549] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  155.357354][ T4549] bridge0: port 1(bridge_slave_0) entered blocking state
[  155.364538][ T4549] bridge0: port 1(bridge_slave_0) entered forwarding state
[  155.410681][ T4549] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  155.436980][ T4549] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  155.464423][ T4549] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  155.478332][ T4549] bridge0: port 2(bridge_slave_1) entered blocking state
[  155.485565][ T4549] bridge0: port 2(bridge_slave_1) entered forwarding state
[  155.508525][ T4549] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  155.542378][ T4549] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  155.562394][ T4549] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  155.592583][ T4549] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  155.629437][ T4549] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  155.648909][ T4549] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  155.679821][ T4549] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  155.697138][ T4549] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  155.719790][ T4549] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  155.754168][ T4549] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  155.773986][ T4549] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  155.858968][ T5518] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  156.528957][ T4559] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  156.553323][ T4559] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  157.369491][ T4269] Bluetooth: hci4: command 0x0419 tx timeout
[  157.414290][ T5518] 8021q: adding VLAN 0 to HW filter on device batadv0
[  157.980008][ T5660] netlink: 'syz.0.417': attribute type 2 has an invalid length.
[  157.989900][ T5660] binder: 5657:5660 ioctl c0306201 0 returned -14
[  158.387127][ T4559] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  158.396521][ T4559] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  159.200814][ T4559] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  159.226987][ T4559] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  159.257510][ T5518] device veth0_vlan entered promiscuous mode
[  159.281669][ T4559] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  159.295494][ T4559] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  159.318880][ T5518] device veth1_vlan entered promiscuous mode
[  159.371618][ T4311] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  159.389759][ T4311] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  159.407229][ T4311] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  159.463686][ T4311] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  159.504372][ T5518] device veth0_macvtap entered promiscuous mode
[  159.520033][ T4311] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  159.563780][ T5518] device veth1_macvtap entered promiscuous mode
[  159.609949][ T5518] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  159.620652][ T5518] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  159.635370][ T5518] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  159.646216][ T5518] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  159.666716][ T5518] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  159.807622][ T5518] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  159.834658][ T5518] batman_adv: batadv0: Interface activated: batadv_slave_0
[  159.847680][ T5693] netlink: 4 bytes leftover after parsing attributes in process `syz.4.428'.
[  159.860504][ T5693] device bridge_slave_1 left promiscuous mode
[  159.868710][ T5693] bridge0: port 2(bridge_slave_1) entered disabled state
[  159.880010][ T5693] device bridge_slave_0 left promiscuous mode
[  159.886325][ T5693] bridge0: port 1(bridge_slave_0) entered disabled state
[  159.963930][ T5694] loop0: detected capacity change from 0 to 512
[  159.971443][ T5694] EXT4-fs: Ignoring removed orlov option
[  159.995811][ T5694] EXT4-fs error (device loop0): ext4_map_blocks:634: inode #2: block 3: comm syz.0.429: lblock 0 mapped to illegal pblock 3 (length 1)
[  160.016436][ T5694] EXT4-fs warning (device loop0): dx_probe:823: inode #2: lblock 0: comm syz.0.429: error -117 reading directory block
[  160.029249][ T5694] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -117
[  160.037562][ T5694] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  160.571624][ T4563] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  160.596196][ T4563] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  160.617920][ T5518] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  160.644436][ T5518] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  160.669236][ T5518] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  160.694343][ T5518] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  160.727108][ T5518] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  160.738273][ T5518] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  160.750514][ T4249] EXT4-fs (loop0): unmounting filesystem.
[  160.765566][ T5518] batman_adv: batadv0: Interface activated: batadv_slave_1
[  161.178936][ T5703] binder: 5702:5703 ioctl c0306201 0 returned -14
[  161.188072][ T4543] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  161.200628][ T4543] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  161.223245][ T5518] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  161.239831][ T5518] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  161.259355][ T5518] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  161.279109][ T5518] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  161.305702][ T5705] netlink: 64 bytes leftover after parsing attributes in process `syz.1.433'.
[  161.442324][ T4559] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  161.473183][ T4559] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  161.500103][ T4563] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  161.523474][ T4559] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  161.559417][ T4559] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  161.578195][ T4559] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  161.705797][ T5718] netlink: 28 bytes leftover after parsing attributes in process `syz.4.435'.
[  161.754648][ T5719] IPVS: sync thread started: state = BACKUP, mcast_ifn = vcan0, syncid = 0, id = 0
[  162.097752][ T5724] netlink: 8 bytes leftover after parsing attributes in process `syz.5.368'.
[  162.106720][ T5724] netlink: 8 bytes leftover after parsing attributes in process `syz.5.368'.
[  162.124732][ T5724] loop5: detected capacity change from 0 to 512
[  162.150737][ T5724] EXT4-fs error (device loop5): ext4_orphan_get:1400: inode #15: comm syz.5.368: casefold flag without casefold feature
[  162.163818][ T5724] EXT4-fs error (device loop5): ext4_orphan_get:1405: comm syz.5.368: couldn't read orphan inode 15 (err -117)
[  162.175915][ T5724] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  162.600739][ T5518] EXT4-fs (loop5): unmounting filesystem.
[  162.616127][ T5742] capability: warning: `syz.2.442' uses deprecated v2 capabilities in a way that may be insecure
[  162.741116][ T5743] loop4: detected capacity change from 0 to 512
[  162.749777][ T5743] EXT4-fs: Ignoring removed orlov option
[  163.440270][ T5743] EXT4-fs error (device loop4): ext4_map_blocks:634: inode #2: block 3: comm syz.4.440: lblock 0 mapped to illegal pblock 3 (length 1)
[  163.456954][ T5744] loop2: detected capacity change from 0 to 2048
[  163.464714][ T5743] EXT4-fs warning (device loop4): dx_probe:823: inode #2: lblock 0: comm syz.4.440: error -117 reading directory block
[  163.477743][ T5743] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117
[  163.486016][ T5743] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  163.542178][ T5744] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  163.716866][ T4258] EXT4-fs (loop4): unmounting filesystem.
[  163.749325][   T27] kauditd_printk_skb: 1 callbacks suppressed
[  163.749341][   T27] audit: type=1800 audit(1742347330.332:147): pid=5744 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.442" name="bus" dev="loop2" ino=18 res=0 errno=0
[  163.832124][ T5755] netlink: 'syz.4.445': attribute type 7 has an invalid length.
[  163.841038][ T5755] netlink: 8 bytes leftover after parsing attributes in process `syz.4.445'.
[  164.515131][ T4252] EXT4-fs (loop2): unmounting filesystem.
[  164.756740][ T5761] netlink: 8 bytes leftover after parsing attributes in process `syz.4.446'.
[  165.268372][ T5771] netlink: 64 bytes leftover after parsing attributes in process `syz.4.449'.
[  166.124810][ T5775] netlink: 8 bytes leftover after parsing attributes in process `syz.2.452'.
[  166.133802][ T5775] netlink: 8 bytes leftover after parsing attributes in process `syz.2.452'.
[  166.150547][ T5775] loop2: detected capacity change from 0 to 512
[  166.186650][ T5775] EXT4-fs error (device loop2): ext4_orphan_get:1400: inode #15: comm syz.2.452: casefold flag without casefold feature
[  166.203975][ T5775] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.452: couldn't read orphan inode 15 (err -117)
[  166.218234][ T5775] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  166.421692][ T4252] EXT4-fs (loop2): unmounting filesystem.
[  166.506459][ T5785] loop1: detected capacity change from 0 to 8192
[  166.533609][   T27] audit: type=1326 audit(1742347333.122:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5789 comm="syz.4.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c2d8d169 code=0x7ffc0000
[  166.549169][ T5790] loop2: detected capacity change from 0 to 512
[  166.574798][ T5785] netlink: 40 bytes leftover after parsing attributes in process `syz.1.457'.
[  166.600395][   T27] audit: type=1326 audit(1742347333.152:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5789 comm="syz.4.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7fc7c2d8d169 code=0x7ffc0000
[  166.633587][ T5790] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  166.646497][   T27] audit: type=1326 audit(1742347333.152:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5789 comm="syz.4.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c2d8d169 code=0x7ffc0000
[  166.694540][ T5790] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2186: inode #15: comm syz.2.458: corrupted in-inode xattr
[  166.710016][ T5790] EXT4-fs (loop2): Remounting filesystem read-only
[  166.716739][   T27] audit: type=1326 audit(1742347333.152:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5789 comm="syz.4.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=132 compat=0 ip=0x7fc7c2d8d169 code=0x7ffc0000
[  166.733519][ T5794] netlink: 8 bytes leftover after parsing attributes in process `syz.4.460'.
[  166.744258][ T5790] EXT4-fs (loop2): 1 truncate cleaned up
[  166.753986][ T5790] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  166.763541][   T27] audit: type=1326 audit(1742347333.152:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5789 comm="syz.4.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c2d8d169 code=0x7ffc0000
[  166.911933][ T4252] EXT4-fs (loop2): unmounting filesystem.
[  167.400318][ T5812] netlink: 64 bytes leftover after parsing attributes in process `syz.0.465'.
[  168.258457][ T5821] netlink: 24 bytes leftover after parsing attributes in process `syz.2.471'.
[  168.284652][ T5825] netlink: 8 bytes leftover after parsing attributes in process `syz.1.472'.
[  168.299334][ T5825] IPVS: Unknown mcast interface: vcan0
[  168.667202][ T5822] netlink: 8 bytes leftover after parsing attributes in process `syz.5.469'.
[  168.677603][ T5822] netlink: 8 bytes leftover after parsing attributes in process `syz.5.469'.
[  169.499082][ T5822] loop5: detected capacity change from 0 to 512
[  169.523610][ T5822] EXT4-fs error (device loop5): ext4_orphan_get:1400: inode #15: comm syz.5.469: casefold flag without casefold feature
[  169.536600][ T5822] EXT4-fs error (device loop5): ext4_orphan_get:1405: comm syz.5.469: couldn't read orphan inode 15 (err -117)
[  169.548729][ T5822] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  169.679540][ T5842] 9pnet: p9_errstr2errno: server reported unknown error ¤ÑÅl0î„&IØü0‚Ñ(|9Ê’å0%cÞ»ØÞÙ$ƒQûÂMÍ
[  169.930349][ T5518] EXT4-fs (loop5): unmounting filesystem.
[  170.044045][ T4563] nci: nci_add_new_protocol: the target found does not have the desired protocol
[  170.096640][ T5860] loop5: detected capacity change from 0 to 128
[  170.201730][ T5861] bio_check_eod: 1377 callbacks suppressed
[  170.201749][ T5861] syz.5.483: attempt to access beyond end of device
[  170.201749][ T5861] loop5: rw=1, sector=128, nr_sectors = 1 limit=128
[  170.229359][ T5861] buffer_io_error: 775 callbacks suppressed
[  170.229375][ T5861] Buffer I/O error on dev loop5, logical block 128, lost async page write
[  170.259560][ T5861] syz.5.483: attempt to access beyond end of device
[  170.259560][ T5861] loop5: rw=1, sector=145, nr_sectors = 1 limit=128
[  170.314923][ T5861] Buffer I/O error on dev loop5, logical block 145, lost async page write
[  170.354506][ T5861] syz.5.483: attempt to access beyond end of device
[  170.354506][ T5861] loop5: rw=1, sector=146, nr_sectors = 1 limit=128
[  170.400135][ T5861] Buffer I/O error on dev loop5, logical block 146, lost async page write
[  170.423598][ T5861] syz.5.483: attempt to access beyond end of device
[  170.423598][ T5861] loop5: rw=1, sector=147, nr_sectors = 1 limit=128
[  170.479079][ T5861] Buffer I/O error on dev loop5, logical block 147, lost async page write
[  170.512329][ T5861] syz.5.483: attempt to access beyond end of device
[  170.512329][ T5861] loop5: rw=1, sector=148, nr_sectors = 1 limit=128
[  170.566480][ T5861] Buffer I/O error on dev loop5, logical block 148, lost async page write
[  170.603066][ T5861] syz.5.483: attempt to access beyond end of device
[  170.603066][ T5861] loop5: rw=1, sector=149, nr_sectors = 1 limit=128
[  170.664481][ T5861] Buffer I/O error on dev loop5, logical block 149, lost async page write
[  170.705620][ T5861] syz.5.483: attempt to access beyond end of device
[  170.705620][ T5861] loop5: rw=1, sector=150, nr_sectors = 1 limit=128
[  170.772409][ T5861] Buffer I/O error on dev loop5, logical block 150, lost async page write
[  170.819437][ T5861] syz.5.483: attempt to access beyond end of device
[  170.819437][ T5861] loop5: rw=1, sector=151, nr_sectors = 1 limit=128
[  170.900110][ T5861] Buffer I/O error on dev loop5, logical block 151, lost async page write
[  170.919720][ T5861] syz.5.483: attempt to access beyond end of device
[  170.919720][ T5861] loop5: rw=1, sector=152, nr_sectors = 1 limit=128
[  170.943265][ T5861] Buffer I/O error on dev loop5, logical block 152, lost async page write
[  170.982268][ T5861] syz.5.483: attempt to access beyond end of device
[  170.982268][ T5861] loop5: rw=1, sector=153, nr_sectors = 1 limit=128
[  171.050449][ T5861] Buffer I/O error on dev loop5, logical block 153, lost async page write
[  171.251223][ T5882] netlink: 'syz.2.487': attribute type 7 has an invalid length.
[  171.285373][ T5882] netlink: 8 bytes leftover after parsing attributes in process `syz.2.487'.
[  172.447064][ T5901] netlink: 8 bytes leftover after parsing attributes in process `syz.2.492'.
[  172.456928][ T5901] netlink: 8 bytes leftover after parsing attributes in process `syz.2.492'.
[  172.474674][ T5901] loop2: detected capacity change from 0 to 512
[  172.510489][ T5901] EXT4-fs error (device loop2): ext4_orphan_get:1400: inode #15: comm syz.2.492: casefold flag without casefold feature
[  172.523466][ T5901] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.492: couldn't read orphan inode 15 (err -117)
[  172.536673][ T5901] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  172.733256][ T4252] EXT4-fs (loop2): unmounting filesystem.
[  173.023483][ T5927] ALSA: seq fatal error: cannot create timer (-22)
[  173.305009][ T5932] loop4: detected capacity change from 0 to 512
[  173.314903][ T5932] EXT4-fs: Ignoring removed orlov option
[  173.489714][ T5932] EXT4-fs error (device loop4): ext4_map_blocks:634: inode #2: block 3: comm syz.4.497: lblock 0 mapped to illegal pblock 3 (length 1)
[  173.505758][ T5932] EXT4-fs warning (device loop4): dx_probe:823: inode #2: lblock 0: comm syz.4.497: error -117 reading directory block
[  173.518724][ T5932] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117
[  173.527106][ T5932] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  174.004853][ T4258] EXT4-fs (loop4): unmounting filesystem.
[  174.106738][ T5936] netlink: 'syz.2.500': attribute type 7 has an invalid length.
[  174.118423][ T5939] loop4: detected capacity change from 0 to 128
[  174.142324][ T5936] netlink: 8 bytes leftover after parsing attributes in process `syz.2.500'.
[  175.104885][ T5963] netlink: 8 bytes leftover after parsing attributes in process `syz.5.506'.
[  175.113948][ T5963] netlink: 8 bytes leftover after parsing attributes in process `syz.5.506'.
[  175.129951][ T5963] loop5: detected capacity change from 0 to 512
[  175.158423][ T5963] EXT4-fs error (device loop5): ext4_orphan_get:1400: inode #15: comm syz.5.506: casefold flag without casefold feature
[  175.172742][ T5963] EXT4-fs error (device loop5): ext4_orphan_get:1405: comm syz.5.506: couldn't read orphan inode 15 (err -117)
[  175.189371][ T5963] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  175.403543][ T5518] EXT4-fs (loop5): unmounting filesystem.
[  177.444553][ T5992] loop5: detected capacity change from 0 to 512
[  177.451443][ T5992] EXT4-fs: Ignoring removed orlov option
[  177.927321][ T5992] EXT4-fs error (device loop5): ext4_map_blocks:634: inode #2: block 3: comm syz.5.511: lblock 0 mapped to illegal pblock 3 (length 1)
[  177.941995][ T5992] EXT4-fs warning (device loop5): dx_probe:823: inode #2: lblock 0: comm syz.5.511: error -117 reading directory block
[  177.954609][ T5992] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -117
[  177.962851][ T5992] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  178.195288][ T5518] EXT4-fs (loop5): unmounting filesystem.
[  178.206915][ T6003] loop2: detected capacity change from 0 to 128
[  178.502489][ T6015] serio: Serial port ptm0
[  179.702282][ T6026] netlink: 8 bytes leftover after parsing attributes in process `syz.5.518'.
[  179.711245][ T6026] netlink: 8 bytes leftover after parsing attributes in process `syz.5.518'.
[  179.727151][ T6026] loop5: detected capacity change from 0 to 512
[  179.753562][ T6026] EXT4-fs error (device loop5): ext4_orphan_get:1400: inode #15: comm syz.5.518: casefold flag without casefold feature
[  179.766724][ T6026] EXT4-fs error (device loop5): ext4_orphan_get:1405: comm syz.5.518: couldn't read orphan inode 15 (err -117)
[  179.783361][ T6026] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  180.091223][ T5518] EXT4-fs (loop5): unmounting filesystem.
[  180.688091][ T6052] loop4: detected capacity change from 0 to 2048
[  180.705620][ T6052] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  180.751917][ T4258] EXT4-fs (loop4): unmounting filesystem.
[  181.132424][ T6062] loop4: detected capacity change from 0 to 512
[  181.141170][ T6062] EXT4-fs: Ignoring removed orlov option
[  181.301373][ T6062] EXT4-fs error (device loop4): ext4_map_blocks:634: inode #2: block 3: comm syz.4.524: lblock 0 mapped to illegal pblock 3 (length 1)
[  181.318572][ T6062] EXT4-fs warning (device loop4): dx_probe:823: inode #2: lblock 0: comm syz.4.524: error -117 reading directory block
[  181.331490][ T6062] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117
[  181.339828][ T6062] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  181.827052][ T4258] EXT4-fs (loop4): unmounting filesystem.
[  182.123928][ T6074] netlink: 64 bytes leftover after parsing attributes in process `syz.5.528'.
[  183.449754][ T6079] netlink: 8 bytes leftover after parsing attributes in process `syz.2.531'.
[  183.458689][ T6079] netlink: 8 bytes leftover after parsing attributes in process `syz.2.531'.
[  183.474469][ T6079] loop2: detected capacity change from 0 to 512
[  183.530825][ T6079] EXT4-fs error (device loop2): ext4_orphan_get:1400: inode #15: comm syz.2.531: casefold flag without casefold feature
[  183.543794][ T6079] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.531: couldn't read orphan inode 15 (err -117)
[  183.559387][ T6079] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  183.880500][ T4252] EXT4-fs (loop2): unmounting filesystem.
[  186.496365][ T6077] Set syz1 is full, maxelem 65536 reached
[  186.791771][ T6109] loop4: detected capacity change from 0 to 1024
[  186.801184][ T6109] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  186.812214][ T6109] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  186.889470][ T6110] netlink: 64 bytes leftover after parsing attributes in process `syz.5.540'.
[  187.029522][ T6109] JBD2: no valid journal superblock found
[  187.052404][ T6109] EXT4-fs (loop4): error loading journal
[  187.645385][ T6114] loop2: detected capacity change from 0 to 128
[  187.704794][ T6116] loop5: detected capacity change from 0 to 512
[  187.746034][ T6116] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -13
[  187.767419][ T6116] EXT4-fs warning (device loop5): ext4_block_to_path:107: block 3279945729 > max in inode 13
[  187.779519][ T6116] EXT4-fs warning (device loop5): ext4_block_to_path:107: block 3279945730 > max in inode 13
[  187.791227][ T6116] EXT4-fs (loop5): 1 truncate cleaned up
[  187.796990][ T6116] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  187.856813][ T5518] EXT4-fs (loop5): unmounting filesystem.
[  189.565544][ T6147] netlink: 64 bytes leftover after parsing attributes in process `syz.4.552'.
[  190.272737][ T6149] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  190.438949][ T6149] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  190.578150][ T6149] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  190.678692][ T6149] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  190.788814][ T6149] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  190.810597][ T6149] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  190.926192][ T6149] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  191.009963][ T6149] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  192.179934][ T6183] netlink: 64 bytes leftover after parsing attributes in process `syz.4.565'.
[  194.247709][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  194.259638][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  194.716096][ T6217] loop2: detected capacity change from 0 to 128
[  195.192765][ T6231] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[  197.453847][ T6265] loop2: detected capacity change from 0 to 2048
[  197.467281][ T6265] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  197.501121][ T6265] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  198.652822][ T4252] EXT4-fs (loop2): unmounting filesystem.
[  199.306892][ T6286] netlink: 8 bytes leftover after parsing attributes in process `syz.2.599'.
[  199.315959][ T6286] netlink: 8 bytes leftover after parsing attributes in process `syz.2.599'.
[  199.341962][ T6286] loop2: detected capacity change from 0 to 512
[  199.404602][ T6286] EXT4-fs error (device loop2): ext4_orphan_get:1400: inode #15: comm syz.2.599: casefold flag without casefold feature
[  199.418842][ T6286] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.599: couldn't read orphan inode 15 (err -117)
[  199.431675][ T6286] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  199.764724][ T6297] loop4: detected capacity change from 0 to 128
[  199.767222][ T4252] EXT4-fs (loop2): unmounting filesystem.
[  200.100998][ T6306] serio: Serial port ptm0
[  201.178046][ T6318] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  201.192744][ T6318] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  201.200891][ T6318] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  201.734070][   T27] audit: type=1326 audit(1742347368.322:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6322 comm="syz.5.610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa92d8d169 code=0x7ffc0000
[  201.763206][   T27] audit: type=1326 audit(1742347368.322:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6322 comm="syz.5.610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa92d8d169 code=0x7ffc0000
[  201.786850][   T27] audit: type=1326 audit(1742347368.322:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6322 comm="syz.5.610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffa92d8d169 code=0x7ffc0000
[  201.812586][   T27] audit: type=1326 audit(1742347368.322:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6322 comm="syz.5.610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa92d8d169 code=0x7ffc0000
[  201.835039][   T27] audit: type=1326 audit(1742347368.322:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6322 comm="syz.5.610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffa92d8d169 code=0x7ffc0000
[  201.858081][   T27] audit: type=1326 audit(1742347368.322:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6322 comm="syz.5.610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa92d8d169 code=0x7ffc0000
[  201.883656][   T27] audit: type=1326 audit(1742347368.322:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6322 comm="syz.5.610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffa92d8d169 code=0x7ffc0000
[  201.906345][   T27] audit: type=1326 audit(1742347368.322:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6322 comm="syz.5.610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa92d8d169 code=0x7ffc0000
[  201.933669][   T27] audit: type=1326 audit(1742347368.322:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6322 comm="syz.5.610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ffa92d8d169 code=0x7ffc0000
[  201.956377][   T27] audit: type=1326 audit(1742347368.322:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6322 comm="syz.5.610" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa92d8d169 code=0x7ffc0000
[  202.065589][ T6333] netlink: 24 bytes leftover after parsing attributes in process `syz.4.612'.
[  202.296443][ T6335] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[  202.987089][ T6347] loop2: detected capacity change from 0 to 512
[  202.995942][ T6347] EXT4-fs: Ignoring removed orlov option
[  203.173906][ T6347] EXT4-fs error (device loop2): ext4_map_blocks:634: inode #2: block 3: comm syz.2.616: lblock 0 mapped to illegal pblock 3 (length 1)
[  203.191016][ T6347] EXT4-fs warning (device loop2): dx_probe:823: inode #2: lblock 0: comm syz.2.616: error -117 reading directory block
[  203.203763][ T6347] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117
[  203.212107][ T6347] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  203.668619][ T4252] EXT4-fs (loop2): unmounting filesystem.
[  203.753901][ T6353] loop2: detected capacity change from 0 to 1024
[  203.787333][ T6353] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  203.827512][ T6353] EXT4-fs (loop2): re-mounted. Quota mode: writeback.
[  203.876954][ T4252] EXT4-fs (loop2): unmounting filesystem.
[  204.120846][ T6360] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[  204.697077][ T6379] loop5: detected capacity change from 0 to 512
[  204.704082][ T6379] EXT4-fs: Ignoring removed orlov option
[  204.731149][ T6379] EXT4-fs error (device loop5): ext4_map_blocks:634: inode #2: block 3: comm syz.5.626: lblock 0 mapped to illegal pblock 3 (length 1)
[  204.747236][ T6379] EXT4-fs warning (device loop5): dx_probe:823: inode #2: lblock 0: comm syz.5.626: error -117 reading directory block
[  204.759832][ T6379] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -117
[  204.768021][ T6379] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  204.978437][ T5518] EXT4-fs (loop5): unmounting filesystem.
[  205.350579][ T6384] netlink: 24 bytes leftover after parsing attributes in process `syz.4.628'.
[  206.657074][ T6402] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.714011][ T6402] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.801487][ T6402] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.877767][ T6402] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.993754][ T6402] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  207.015233][ T6402] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  207.036898][ T6402] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  207.058361][ T6402] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  207.447260][ T6412] loop5: detected capacity change from 0 to 512
[  207.454293][ T6412] EXT4-fs: Ignoring removed orlov option
[  207.469351][ T6412] EXT4-fs error (device loop5): ext4_map_blocks:634: inode #2: block 3: comm syz.5.637: lblock 0 mapped to illegal pblock 3 (length 1)
[  207.488520][ T6412] EXT4-fs warning (device loop5): dx_probe:823: inode #2: lblock 0: comm syz.5.637: error -117 reading directory block
[  207.501280][ T6412] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -117
[  207.509489][ T6412] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  208.376615][ T5518] EXT4-fs (loop5): unmounting filesystem.
[  208.757370][ T6431] netlink: 24 bytes leftover after parsing attributes in process `syz.5.644'.
[  210.972393][ T6452] loop5: detected capacity change from 0 to 512
[  211.010060][ T6452] EXT4-fs: Ignoring removed orlov option
[  211.050492][ T6452] EXT4-fs error (device loop5): ext4_map_blocks:634: inode #2: block 3: comm syz.5.648: lblock 0 mapped to illegal pblock 3 (length 1)
[  211.089380][ T6452] EXT4-fs warning (device loop5): dx_probe:823: inode #2: lblock 0: comm syz.5.648: error -117 reading directory block
[  211.124670][ T6452] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -117
[  211.135839][ T6452] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  212.357178][ T5518] EXT4-fs (loop5): unmounting filesystem.
[  215.432130][ T6503] serio: Serial port ptm0
[  217.466211][ T6528] loop2: detected capacity change from 0 to 128
[  220.129070][ T6553] netlink: 24 bytes leftover after parsing attributes in process `syz.5.680'.
[  220.290788][ T6556] loop4: detected capacity change from 0 to 128
[  220.426320][ T6558] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  220.485364][ T6558] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  220.568124][ T6558] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  220.616251][ T6558] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  220.768718][ T6558] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  220.814334][ T6558] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  220.852156][ T6558] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  220.876245][ T6558] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  222.660735][ T6583] netlink: 8 bytes leftover after parsing attributes in process `syz.4.690'.
[  222.669753][ T6583] netlink: 8 bytes leftover after parsing attributes in process `syz.4.690'.
[  222.685776][ T6583] loop4: detected capacity change from 0 to 512
[  222.732405][ T6583] EXT4-fs error (device loop4): ext4_orphan_get:1400: inode #15: comm syz.4.690: casefold flag without casefold feature
[  222.745466][ T6583] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.690: couldn't read orphan inode 15 (err -117)
[  222.757622][ T6583] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  222.892754][ T4258] EXT4-fs (loop4): unmounting filesystem.
[  223.515868][ T6596] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  223.525542][ T6596] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  223.533108][ T6596] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  224.742989][ T6598] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  224.803506][ T6598] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  224.824364][ T6603] loop5: detected capacity change from 0 to 4096
[  224.837680][ T6603] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  224.855001][ T6598] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  224.894161][ T5518] EXT4-fs (loop5): unmounting filesystem.
[  224.923918][ T6598] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  225.008747][ T6598] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  225.030973][ T6598] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  225.051261][ T6598] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  225.072687][ T6598] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  226.440804][ T6622] netlink: 8 bytes leftover after parsing attributes in process `syz.2.700'.
[  226.449956][ T6622] netlink: 8 bytes leftover after parsing attributes in process `syz.2.700'.
[  226.473577][ T6622] loop2: detected capacity change from 0 to 512
[  226.509432][ T6622] EXT4-fs error (device loop2): ext4_orphan_get:1400: inode #15: comm syz.2.700: casefold flag without casefold feature
[  226.522994][ T6622] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.700: couldn't read orphan inode 15 (err -117)
[  226.535461][ T6622] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  226.926288][ T4252] EXT4-fs (loop2): unmounting filesystem.
[  227.545290][ T6641] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  227.554794][ T6641] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  227.562311][ T6641] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  229.093741][ T6658] loop5: detected capacity change from 0 to 1024
[  229.177668][ T6658] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  229.191634][ T6658] ext4 filesystem being mounted at /70/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  229.998264][   T27] kauditd_printk_skb: 12 callbacks suppressed
[  229.998282][   T27] audit: type=1800 audit(1742347396.582:175): pid=6658 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.711" name="file1" dev="loop5" ino=15 res=0 errno=0
[  230.077823][ T5518] EXT4-fs (loop5): unmounting filesystem.
[  231.414655][ T6689] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  231.423953][ T6689] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  231.431532][ T6689] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  232.535804][ T6696] loop2: detected capacity change from 0 to 128
[  232.720882][ T6706] netlink: 'syz.2.726': attribute type 7 has an invalid length.
[  232.744264][ T6706] netlink: 8 bytes leftover after parsing attributes in process `syz.2.726'.
[  233.169022][   T27] audit: type=1326 audit(1742347399.752:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6719 comm="syz.2.730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc754f8d169 code=0x7ffc0000
[  233.222974][   T27] audit: type=1326 audit(1742347399.792:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6719 comm="syz.2.730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7fc754f8d169 code=0x7ffc0000
[  233.289671][   T27] audit: type=1326 audit(1742347399.792:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6719 comm="syz.2.730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc754f8d169 code=0x7ffc0000
[  233.348268][   T27] audit: type=1326 audit(1742347399.792:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6719 comm="syz.2.730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=213 compat=0 ip=0x7fc754f8d169 code=0x7ffc0000
[  233.406506][   T27] audit: type=1326 audit(1742347399.792:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6719 comm="syz.2.730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc754f8d169 code=0x7ffc0000
[  233.834993][ T6731] netlink: 'syz.4.735': attribute type 7 has an invalid length.
[  233.859313][ T6731] netlink: 8 bytes leftover after parsing attributes in process `syz.4.735'.
[  234.974531][ T6756] netlink: 'syz.2.744': attribute type 7 has an invalid length.
[  234.999292][ T6756] netlink: 8 bytes leftover after parsing attributes in process `syz.2.744'.
[  235.913688][ T6772] netlink: 27 bytes leftover after parsing attributes in process `syz.4.749'.
[  236.495649][ T6781] netlink: 24 bytes leftover after parsing attributes in process `syz.4.753'.
[  237.225389][ T6791] netlink: 8 bytes leftover after parsing attributes in process `syz.5.757'.
[  237.234370][ T6791] netlink: 8 bytes leftover after parsing attributes in process `syz.5.757'.
[  237.259106][ T6791] loop5: detected capacity change from 0 to 512
[  237.282390][ T6791] EXT4-fs error (device loop5): ext4_orphan_get:1400: inode #15: comm syz.5.757: casefold flag without casefold feature
[  237.297668][ T6791] EXT4-fs error (device loop5): ext4_orphan_get:1405: comm syz.5.757: couldn't read orphan inode 15 (err -117)
[  237.314015][ T6791] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  237.540432][ T5518] EXT4-fs (loop5): unmounting filesystem.
[  237.552892][ T6799] netlink: 8 bytes leftover after parsing attributes in process `syz.2.760'.
[  237.631681][ T6800] xt_connbytes: Forcing CT accounting to be enabled
[  237.638841][ T6800] Cannot find set identified by id 0 to match
[  238.010340][ T6811] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  238.025293][ T6811] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  238.033538][ T6811] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  238.755847][ T6821] loop4: detected capacity change from 0 to 512
[  238.817750][ T6821] EXT4-fs (loop4): 1 orphan inode deleted
[  238.821087][ T6823] netlink: 24 bytes leftover after parsing attributes in process `syz.2.767'.
[  238.824748][ T6821] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  238.841894][ T6821] ext4 filesystem being mounted at /177/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  238.842499][ T4563] Quota error (device loop4): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  238.881418][ T4563] EXT4-fs error (device loop4): ext4_release_dquot:6818: comm kworker/u4:22: Failed to release dquot type 1
[  238.945570][ T4258] EXT4-fs (loop4): unmounting filesystem.
[  239.754085][ T6839] loop2: detected capacity change from 0 to 512
[  239.787274][ T6839] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  239.839704][ T6839] EXT4-fs (loop2): orphan cleanup on readonly fs
[  239.865714][ T6839] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.771: bg 0: block 248: padding at end of block bitmap is not set
[  239.886168][ T6839] Quota error (device loop2): write_blk: dquota write failed
[  239.893937][ T6839] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  239.904139][ T6839] EXT4-fs error (device loop2): ext4_acquire_dquot:6795: comm syz.2.771: Failed to acquire dquot type 1
[  239.927580][ T6839] EXT4-fs (loop2): 1 truncate cleaned up
[  240.016504][ T6839] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  241.481829][ T4252] EXT4-fs (loop2): unmounting filesystem.
[  241.595892][ T6855] netlink: 24 bytes leftover after parsing attributes in process `syz.2.778'.
[  242.078696][ T6874] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[  244.830595][ T6895] syz.2.793[6895] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  244.830700][ T6895] syz.2.793[6895] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  245.234864][ T6914] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[  248.633748][ T6938] loop5: detected capacity change from 0 to 2048
[  248.700775][ T6938] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  248.729393][ T6938] EXT4-fs (loop5): re-mounted. Quota mode: none.
[  248.805387][ T5518] EXT4-fs (loop5): unmounting filesystem.
[  249.128738][ T6966] loop5: detected capacity change from 0 to 1024
[  249.166075][ T6966] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  249.512610][ T6966] EXT4-fs (loop5): re-mounted. Quota mode: none.
[  250.050342][ T5518] EXT4-fs (loop5): unmounting filesystem.
[  250.187361][ T6982] loop2: detected capacity change from 0 to 256
[  250.202516][   T27] audit: type=1800 audit(1742347416.792:181): pid=6982 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.821" name="file1" dev="loop2" ino=1048605 res=0 errno=0
[  250.228888][ T6982] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  250.310771][ T6982] FAT-fs (loop2): Filesystem has been set read-only
[  250.782835][ T6993] netlink: 64 bytes leftover after parsing attributes in process `syz.2.825'.
[  253.703115][ T7024] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  253.744118][ T7024] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  253.755849][ T7024] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  255.590091][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  255.596695][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  256.391582][ T7056] loop5: detected capacity change from 0 to 512
[  256.399400][ T7056] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  256.415004][ T7056] EXT4-fs (loop5): 1 truncate cleaned up
[  256.421077][ T7056] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  257.181924][ T5518] EXT4-fs (loop5): unmounting filesystem.
[  257.197105][ T7063] Cannot find set identified by id 0 to match
[  257.565985][ T7077] loop2: detected capacity change from 0 to 1024
[  257.919049][ T7077] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  258.097758][ T7077] ext4 filesystem being mounted at /256/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  258.368757][ T7077] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  258.413803][ T7077] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 52 with error 28
[  258.442398][ T7077] EXT4-fs (loop2): This should not happen!! Data will be lost
[  258.442398][ T7077] 
[  258.452468][ T7077] EXT4-fs (loop2): Total free blocks count 0
[  258.458572][ T7077] EXT4-fs (loop2): Free/Dirty block details
[  258.464550][ T7077] EXT4-fs (loop2): free_blocks=4293918720
[  258.471287][ T7077] EXT4-fs (loop2): dirty_blocks=64
[  258.476484][ T7077] EXT4-fs (loop2): Block reservation details
[  258.482524][ T7077] EXT4-fs (loop2): i_reserved_data_blocks=4
[  258.556590][ T4252] EXT4-fs (loop2): unmounting filesystem.
[  258.708461][ T7093] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  258.757464][ T7093] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  258.767564][ T7093] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  258.795703][ T7096] xt_hashlimit: max too large, truncated to 1048576
[  260.189684][ T7102] netlink: 8 bytes leftover after parsing attributes in process `syz.2.859'.
[  260.198534][ T7102] netlink: 8 bytes leftover after parsing attributes in process `syz.2.859'.
[  260.215141][ T7102] loop2: detected capacity change from 0 to 512
[  260.250534][ T7102] EXT4-fs error (device loop2): ext4_orphan_get:1400: inode #15: comm syz.2.859: casefold flag without casefold feature
[  260.268446][ T7102] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.859: couldn't read orphan inode 15 (err -117)
[  260.288093][ T7102] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  261.203664][ T7122] loop5: detected capacity change from 0 to 512
[  261.211283][ T7122] EXT4-fs: Ignoring removed orlov option
[  261.358887][ T7122] EXT4-fs error (device loop5): ext4_map_blocks:634: inode #2: block 3: comm syz.5.865: lblock 0 mapped to illegal pblock 3 (length 1)
[  261.375078][ T7122] EXT4-fs warning (device loop5): dx_probe:823: inode #2: lblock 0: comm syz.5.865: error -117 reading directory block
[  261.387828][ T7122] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -117
[  261.396198][ T7122] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  261.631412][ T4252] EXT4-fs (loop2): unmounting filesystem.
[  261.698751][ T7125] netlink: 'syz.4.866': attribute type 10 has an invalid length.
[  261.727132][ T7125] netlink: 152 bytes leftover after parsing attributes in process `syz.4.866'.
[  261.876357][ T5518] EXT4-fs (loop5): unmounting filesystem.
[  263.259096][ T7153] netlink: 8 bytes leftover after parsing attributes in process `syz.5.875'.
[  263.268144][ T7153] netlink: 8 bytes leftover after parsing attributes in process `syz.5.875'.
[  264.012595][ T7153] loop5: detected capacity change from 0 to 512
[  264.056546][ T7153] EXT4-fs error (device loop5): ext4_orphan_get:1400: inode #15: comm syz.5.875: casefold flag without casefold feature
[  264.071057][ T7153] EXT4-fs error (device loop5): ext4_orphan_get:1405: comm syz.5.875: couldn't read orphan inode 15 (err -117)
[  264.087987][ T7153] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  264.216563][   T27] audit: type=1326 audit(1742347430.802:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7165 comm="syz.2.879" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc754f8d169 code=0x7ffc0000
[  264.276505][   T27] audit: type=1326 audit(1742347430.832:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7165 comm="syz.2.879" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fc754f8d169 code=0x7ffc0000
[  264.314390][   T27] audit: type=1326 audit(1742347430.832:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7165 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc754f8d169 code=0x7ffc0000
[  264.347201][   T27] audit: type=1326 audit(1742347430.832:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7165 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc754f8d169 code=0x7ffc0000
[  264.374207][   T27] audit: type=1326 audit(1742347430.832:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7165 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc754f8d169 code=0x7ffc0000
[  264.403986][ T5518] EXT4-fs (loop5): unmounting filesystem.
[  264.413971][   T27] audit: type=1326 audit(1742347430.832:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7165 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=66 compat=0 ip=0x7fc754f8d169 code=0x7ffc0000
[  264.478964][   T27] audit: type=1326 audit(1742347430.832:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7165 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc754f8d169 code=0x7ffc0000
[  264.526811][   T27] audit: type=1326 audit(1742347430.832:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7165 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc754f8d169 code=0x7ffc0000
[  264.569781][   T27] audit: type=1326 audit(1742347430.832:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7165 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc754f8d169 code=0x7ffc0000
[  264.614819][   T27] audit: type=1326 audit(1742347430.832:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7165 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc754f8f087 code=0x7ffc0000
[  265.111309][ T7196] overlayfs: failed to resolve './file1': -2
[  265.876972][ T7198] loop4: detected capacity change from 0 to 512
[  265.883838][ T7198] EXT4-fs: Ignoring removed orlov option
[  266.009131][ T7198] EXT4-fs error (device loop4): ext4_map_blocks:634: inode #2: block 3: comm syz.4.888: lblock 0 mapped to illegal pblock 3 (length 1)
[  266.026044][ T7198] EXT4-fs warning (device loop4): dx_probe:823: inode #2: lblock 0: comm syz.4.888: error -117 reading directory block
[  266.038873][ T7198] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117
[  266.047239][ T7198] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  266.582018][ T4258] EXT4-fs (loop4): unmounting filesystem.
[  266.613598][ T7204] netlink: 8 bytes leftover after parsing attributes in process `syz.5.890'.
[  266.622511][ T7204] netlink: 8 bytes leftover after parsing attributes in process `syz.5.890'.
[  266.638258][ T7204] loop5: detected capacity change from 0 to 512
[  266.656557][ T7204] EXT4-fs error (device loop5): ext4_orphan_get:1400: inode #15: comm syz.5.890: casefold flag without casefold feature
[  266.670011][ T7204] EXT4-fs error (device loop5): ext4_orphan_get:1405: comm syz.5.890: couldn't read orphan inode 15 (err -117)
[  266.682075][ T7204] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  266.971100][ T5518] EXT4-fs (loop5): unmounting filesystem.
[  267.105139][ T7220] netlink: 28 bytes leftover after parsing attributes in process `syz.4.896'.
[  267.266351][ T7222] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  267.474132][ T7222] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  267.564838][ T7231] overlayfs: failed to resolve './file1': -2
[  267.735022][ T7222] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  268.194534][ T7222] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  268.317412][ T7222] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  268.332234][ T7222] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  268.347243][ T7222] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  268.361451][ T7222] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  268.650341][ T7239] netlink: 8 bytes leftover after parsing attributes in process `syz.4.904'.
[  268.659325][ T7239] netlink: 8 bytes leftover after parsing attributes in process `syz.4.904'.
[  268.681991][ T7239] loop4: detected capacity change from 0 to 512
[  268.698515][ T7239] EXT4-fs error (device loop4): ext4_orphan_get:1400: inode #15: comm syz.4.904: casefold flag without casefold feature
[  268.711544][ T7239] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.904: couldn't read orphan inode 15 (err -117)
[  268.723617][ T7239] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  268.947573][ T4258] EXT4-fs (loop4): unmounting filesystem.
[  269.088612][ T7254] loop2: detected capacity change from 0 to 256
[  269.275752][ T7256] netlink: 64 bytes leftover after parsing attributes in process `syz.4.908'.
[  270.090396][ T7262] netlink: 8 bytes leftover after parsing attributes in process `syz.4.912'.
[  270.408754][ T7268] overlayfs: failed to resolve './file1': -2
[  270.562389][ T4300] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[  270.643436][ T4300] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[  270.720880][ T4300] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[  270.797290][ T4300] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[  270.872935][ T4300] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[  270.997160][ T4300] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[  271.022977][ T4300] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x4
[  271.043227][ T4300] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[  271.058926][ T4300] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[  271.068168][ T4300] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[  271.094376][ T4300] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x4
[  271.102374][ T4300] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[  271.115265][ T4300] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[  271.143382][ T4300] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x4
[  271.159582][ T4300] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[  271.167385][ T4300] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[  271.175837][ T4300] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x4
[  271.183714][ T4300] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[  271.191664][ T4300] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[  271.199977][ T4300] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[  271.215713][ T4300] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[  271.224929][ T4300] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[  271.248237][ T4300] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[  271.248299][ T4300] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[  271.248323][ T4300] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[  271.248347][ T4300] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[  271.248371][ T4300] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[  271.248395][ T4300] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[  271.248419][ T4300] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[  271.248443][ T4300] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[  271.248467][ T4300] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[  271.248490][ T4300] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[  271.248514][ T4300] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[  271.248537][ T4300] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[  271.248561][ T4300] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[  271.248584][ T4300] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[  271.248607][ T4300] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[  271.248631][ T4300] hid-generic 0000:0000:20000000.0001: unknown main item tag 0x0
[  271.268304][ T4300] hid-generic 0000:0000:20000000.0001: hidraw0: <UNKNOWN> HID v0.01 Device [syz0] on syz1
[  271.397267][   T27] kauditd_printk_skb: 48 callbacks suppressed
[  271.397285][   T27] audit: type=1326 audit(1742347437.982:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7277 comm="syz.4.917" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c2d8d169 code=0x7ffc0000
[  271.409614][   T27] audit: type=1326 audit(1742347438.002:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7277 comm="syz.4.917" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c2d8d169 code=0x7ffc0000
[  271.409945][   T27] audit: type=1326 audit(1742347438.002:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7277 comm="syz.4.917" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc7c2d8d169 code=0x7ffc0000
[  271.410152][   T27] audit: type=1326 audit(1742347438.002:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7277 comm="syz.4.917" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c2d8d169 code=0x7ffc0000
[  271.410437][   T27] audit: type=1326 audit(1742347438.002:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7277 comm="syz.4.917" exe="/root/syz-executor" sig=0 arch=c000003e syscall=287 compat=0 ip=0x7fc7c2d8d169 code=0x7ffc0000
[  271.410686][   T27] audit: type=1326 audit(1742347438.002:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7277 comm="syz.4.917" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c2d8d169 code=0x7ffc0000
[  271.410916][   T27] audit: type=1326 audit(1742347438.002:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7277 comm="syz.4.917" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc7c2d8d169 code=0x7ffc0000
[  271.411109][   T27] audit: type=1326 audit(1742347438.002:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7277 comm="syz.4.917" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c2d8d169 code=0x7ffc0000
[  271.411348][   T27] audit: type=1326 audit(1742347438.002:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7277 comm="syz.4.917" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc7c2d8d169 code=0x7ffc0000
[  271.411809][   T27] audit: type=1326 audit(1742347438.002:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7277 comm="syz.4.917" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c2d8d169 code=0x7ffc0000
[  271.552025][ T7276] netlink: 8 bytes leftover after parsing attributes in process `syz.2.916'.
[  271.552047][ T7276] netlink: 8 bytes leftover after parsing attributes in process `syz.2.916'.
[  271.581584][ T7276] loop2: detected capacity change from 0 to 512
[  271.669027][ T7276] EXT4-fs error (device loop2): ext4_orphan_get:1400: inode #15: comm syz.2.916: casefold flag without casefold feature
[  271.669341][ T7276] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.916: couldn't read orphan inode 15 (err -117)
[  271.673970][ T7276] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  272.014865][ T4252] EXT4-fs (loop2): unmounting filesystem.
[  272.357665][ T7293] netlink: 4 bytes leftover after parsing attributes in process `syz.2.922'.
[  272.450858][ T7294] netlink: 64 bytes leftover after parsing attributes in process `syz.5.920'.
[  273.268977][ T7300] device ipvlan2 entered promiscuous mode
[  273.278890][ T7300] bridge0: port 3(ipvlan2) entered blocking state
[  273.287675][ T7300] bridge0: port 3(ipvlan2) entered disabled state
[  273.580473][ T7305] netlink: 8 bytes leftover after parsing attributes in process `syz.2.927'.
[  273.589572][ T7305] netlink: 8 bytes leftover after parsing attributes in process `syz.2.927'.
[  273.605744][ T7305] loop2: detected capacity change from 0 to 512
[  273.617006][ T7305] EXT4-fs error (device loop2): ext4_orphan_get:1400: inode #15: comm syz.2.927: casefold flag without casefold feature
[  273.629961][ T7305] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.927: couldn't read orphan inode 15 (err -117)
[  273.642171][ T7305] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  273.773833][ T4252] EXT4-fs (loop2): unmounting filesystem.
[  273.860140][ T7315] syz.2.929[7315] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  273.860241][ T7315] syz.2.929[7315] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  273.964888][ T7317] netlink: 28 bytes leftover after parsing attributes in process `syz.2.930'.
[  274.038701][ T7317] netlink: 28 bytes leftover after parsing attributes in process `syz.2.930'.
[  274.146472][ T7317] netlink: 28 bytes leftover after parsing attributes in process `syz.2.930'.
[  317.012406][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  317.018803][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  331.089336][   T28] INFO: task kworker/1:1:26 blocked for more than 143 seconds.
[  331.097033][   T28]       Not tainted 6.1.131-syzkaller #0
[  331.103055][   T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  331.111931][   T28] task:kworker/1:1     state:D stack:22624 pid:26    ppid:2      flags:0x00004000
[  331.121257][   T28] Workqueue: events rfkill_global_led_trigger_worker
[  331.127959][   T28] Call Trace:
[  331.131281][   T28]  <TASK>
[  331.134227][   T28]  __schedule+0x143f/0x4570
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  331.138748][   T28]  ? release_firmware_map_entry+0x18b/0x18b
[  331.144736][   T28]  ? print_irqtrace_events+0x210/0x210
[  331.150652][   T28]  ? do_raw_spin_unlock+0x137/0x8a0
[  331.155922][   T28]  ? _raw_spin_unlock_irq+0x1f/0x40
[  331.161224][   T28]  ? lockdep_hardirqs_on+0x94/0x130
[  331.199252][   T28]  schedule+0xbf/0x180
[  331.203410][   T28]  schedule_preempt_disabled+0xf/0x20
[  331.208813][   T28]  __mutex_lock+0x6b9/0xd80
[  331.234966][   T28]  ? __mutex_lock+0x53c/0xd80
[  331.239812][   T28]  ? rfkill_global_led_trigger_worker+0x23/0xd0
[  331.246105][   T28]  ? mutex_lock_nested+0x10/0x10
[  331.252904][   T28]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  331.258954][   T28]  ? print_irqtrace_events+0x210/0x210
[  331.264683][   T28]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[  331.270631][   T28]  ? do_raw_spin_unlock+0x137/0x8a0
[  331.275851][   T28]  ? process_one_work+0x806/0x1260
[  331.281053][   T28]  rfkill_global_led_trigger_worker+0x23/0xd0
[  331.287144][   T28]  ? process_one_work+0x806/0x1260
[  331.292303][   T28]  process_one_work+0x917/0x1260
[  331.297258][   T28]  ? worker_detach_from_pool+0x260/0x260
[  331.302932][   T28]  ? _raw_spin_lock_irqsave+0x120/0x120
[  331.308472][   T28]  ? kthread_data+0x4e/0xc0
[  331.313023][   T28]  ? wq_worker_running+0x97/0x190
[  331.318044][   T28]  worker_thread+0xa47/0x1200
[  331.322767][   T28]  kthread+0x28d/0x320
[  331.326829][   T28]  ? worker_clr_flags+0x190/0x190
[  331.332189][   T28]  ? kthread_blkcg+0xd0/0xd0
[  331.336819][   T28]  ret_from_fork+0x1f/0x30
[  331.341337][   T28]  </TASK>
[  331.344482][   T28] INFO: task syz.1.480:5849 blocked for more than 143 seconds.
[  331.352070][   T28]       Not tainted 6.1.131-syzkaller #0
[  331.357690][   T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  331.366393][   T28] task:syz.1.480       state:D stack:25864 pid:5849  ppid:4250   flags:0x00004004
[  331.375739][   T28] Call Trace:
[  331.379019][   T28]  <TASK>
[  331.381985][   T28]  __schedule+0x143f/0x4570
[  331.386506][   T28]  ? __mutex_lock+0x6b4/0xd80
[  331.391257][   T28]  ? release_firmware_map_entry+0x18b/0x18b
[  331.397161][   T28]  ? __mutex_trylock_common+0x8d/0x2e0
[  331.402670][   T28]  ? do_raw_spin_unlock+0x137/0x8a0
[  331.407866][   T28]  schedule+0xbf/0x180
[  331.411990][   T28]  schedule_preempt_disabled+0xf/0x20
[  331.417364][   T28]  __mutex_lock+0x6b9/0xd80
[  331.421941][   T28]  ? kobject_put+0x422/0x460
[  331.426541][   T28]  ? __mutex_lock+0x53c/0xd80
[  331.431264][   T28]  ? rfkill_unregister+0xcc/0x220
[  331.436286][   T28]  ? mutex_lock_nested+0x10/0x10
[  331.441305][   T28]  ? kill_device+0x160/0x160
[  331.445914][   T28]  ? nfc_genl_device_removed+0x251/0x370
[  331.451603][   T28]  ? nfc_genl_setup_device_added+0x3f0/0x3f0
[  331.457586][   T28]  rfkill_unregister+0xcc/0x220
[  331.462467][   T28]  nfc_unregister_device+0x92/0x290
[  331.467667][   T28]  virtual_ncidev_close+0x55/0x90
[  331.472722][   T28]  ? virtual_ncidev_open+0xc0/0xc0
[  331.477842][   T28]  __fput+0x3f6/0x8d0
[  331.481956][   T28]  task_work_run+0x246/0x300
[  331.486548][   T28]  ? task_work_cancel+0x2e0/0x2e0
[  331.491864][   T28]  ? exit_to_user_mode_loop+0x39/0x100
[  331.497331][   T28]  exit_to_user_mode_loop+0xde/0x100
[  331.502670][   T28]  exit_to_user_mode_prepare+0xb1/0x140
[  331.508229][   T28]  syscall_exit_to_user_mode+0x60/0x270
[  331.513859][   T28]  do_syscall_64+0x47/0xb0
[  331.518272][   T28]  ? clear_bhb_loop+0x45/0xa0
[  331.523008][   T28]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  331.528906][   T28] RIP: 0033:0x7f180f18d169
[  331.533393][   T28] RSP: 002b:00007fffa4281248 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  331.541888][   T28] RAX: 0000000000000000 RBX: 00007f180f3a7ba0 RCX: 00007f180f18d169
[  331.549928][   T28] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  331.557901][   T28] RBP: 00007f180f3a7ba0 R08: 00000000000000b0 R09: 0000000aa428153f
[  331.565935][   T28] R10: 00007f180f3a7ac0 R11: 0000000000000246 R12: 0000000000029adb
[  331.574213][   T28] R13: 00007f180f3a6080 R14: ffffffffffffffff R15: 00007fffa4281360
[  331.582538][   T28]  </TASK>
[  331.585636][   T28] INFO: task syz.0.484:5863 blocked for more than 143 seconds.
[  331.593854][   T28]       Not tainted 6.1.131-syzkaller #0
[  331.599724][   T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  331.608401][   T28] task:syz.0.484       state:D stack:24000 pid:5863  ppid:4249   flags:0x00004004
[  331.617717][   T28] Call Trace:
[  331.621169][   T28]  <TASK>
[  331.624131][   T28]  __schedule+0x143f/0x4570
[  331.628687][   T28]  ? __mutex_lock+0x6b4/0xd80
[  331.633422][   T28]  ? release_firmware_map_entry+0x18b/0x18b
[  331.639434][   T28]  ? __mutex_trylock_common+0x8d/0x2e0
[  331.644934][   T28]  ? do_raw_spin_unlock+0x137/0x8a0
[  331.650197][   T28]  schedule+0xbf/0x180
[  331.654281][   T28]  schedule_preempt_disabled+0xf/0x20
[  331.659872][   T28]  __mutex_lock+0x6b9/0xd80
[  331.664424][   T28]  ? __mutex_lock+0x53c/0xd80
[  331.669109][   T28]  ? nfc_rfkill_set_block+0x4c/0x2f0
[  331.674452][   T28]  ? mutex_lock_nested+0x10/0x10
[  331.679510][   T28]  ? do_raw_spin_unlock+0x137/0x8a0
[  331.684728][   T28]  ? lockdep_hardirqs_on+0x94/0x130
[  331.689945][   T28]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[  331.695829][   T28]  ? _raw_spin_unlock+0x40/0x40
[  331.700773][   T28]  nfc_rfkill_set_block+0x4c/0x2f0
[  331.705915][   T28]  ? nfc_unregister_device+0x290/0x290
[  331.711408][   T28]  rfkill_set_block+0x1e7/0x430
[  331.716259][   T28]  rfkill_fop_write+0x5b7/0x790
[  331.721197][   T28]  ? __might_fault+0xa1/0x110
[  331.725911][   T28]  ? rfkill_fop_read+0x470/0x470
[  331.731006][   T28]  do_iter_write+0x503/0xc40
[  331.735624][   T28]  ? vfs_iter_write+0xa0/0xa0
[  331.740459][   T28]  do_writev+0x27b/0x460
[  331.744727][   T28]  ? do_readv+0x460/0x460
[  331.749066][   T28]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  331.755089][   T28]  ? print_irqtrace_events+0x210/0x210
[  331.760690][   T28]  ? syscall_enter_from_user_mode+0x2e/0x230
[  331.766694][   T28]  ? lockdep_hardirqs_on+0x94/0x130
[  331.772016][   T28]  ? syscall_enter_from_user_mode+0x2e/0x230
[  331.778001][   T28]  do_syscall_64+0x3b/0xb0
[  331.782501][   T28]  ? clear_bhb_loop+0x45/0xa0
[  331.787200][   T28]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  331.793136][   T28] RIP: 0033:0x7f064558d169
[  331.797552][   T28] RSP: 002b:00007f064638a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  331.806114][   T28] RAX: ffffffffffffffda RBX: 00007f06457a5fa0 RCX: 00007f064558d169
[  331.814133][   T28] RDX: 0000000000000007 RSI: 0000400000000440 RDI: 0000000000000005
[  331.822163][   T28] RBP: 00007f064560e2a0 R08: 0000000000000000 R09: 0000000000000000
[  331.830197][   T28] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  331.838168][   T28] R13: 0000000000000000 R14: 00007f06457a5fa0 R15: 00007ffe12187b78
[  331.846177][   T28]  </TASK>
[  331.849249][   T28] INFO: task syz-executor:6098 blocked for more than 144 seconds.
[  331.857059][   T28]       Not tainted 6.1.131-syzkaller #0
[  331.862766][   T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  331.871447][   T28] task:syz-executor    state:D stack:25816 pid:6098  ppid:1      flags:0x00004000
[  331.880824][   T28] Call Trace:
[  331.884132][   T28]  <TASK>
[  331.887057][   T28]  __schedule+0x143f/0x4570
[  331.891630][   T28]  ? __mutex_lock+0x6b4/0xd80
[  331.896312][   T28]  ? release_firmware_map_entry+0x18b/0x18b
[  331.902244][   T28]  ? __mutex_trylock_common+0x8d/0x2e0
[  331.907718][   T28]  ? do_raw_spin_unlock+0x137/0x8a0
[  331.912930][   T28]  schedule+0xbf/0x180
[  331.917000][   T28]  schedule_preempt_disabled+0xf/0x20
[  331.922416][   T28]  __mutex_lock+0x6b9/0xd80
[  331.926944][   T28]  ? __mutex_lock+0x53c/0xd80
[  331.931659][   T28]  ? rfkill_register+0x30/0x880
[  331.936502][   T28]  ? mutex_lock_nested+0x10/0x10
[  331.941472][   T28]  ? __init_waitqueue_head+0xaa/0x140
[  331.946871][   T28]  ? device_initialize+0x24a/0x450
[  331.951998][   T28]  rfkill_register+0x30/0x880
[  331.956677][   T28]  hci_register_dev+0x4df/0xa40
[  331.961598][   T28]  vhci_create_device+0x3ba/0x700
[  331.966643][   T28]  vhci_write+0x38b/0x440
[  331.970987][   T28]  vfs_write+0x857/0xbc0
[  331.975225][   T28]  ? file_end_write+0x250/0x250
[  331.980131][   T28]  ? __fdget_pos+0x1db/0x360
[  331.984738][   T28]  ksys_write+0x19c/0x2c0
[  331.989067][   T28]  ? print_irqtrace_events+0x210/0x210
[  331.994657][   T28]  ? __ia32_sys_read+0x80/0x80
[  331.999464][   T28]  ? syscall_enter_from_user_mode+0x2e/0x230
[  332.005459][   T28]  ? lockdep_hardirqs_on+0x94/0x130
[  332.010680][   T28]  ? syscall_enter_from_user_mode+0x2e/0x230
[  332.016662][   T28]  do_syscall_64+0x3b/0xb0
[  332.021117][   T28]  ? clear_bhb_loop+0x45/0xa0
[  332.025814][   T28]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  332.031734][   T28] RIP: 0033:0x7f636058bbe0
[  332.036148][   T28] RSP: 002b:00007ffc6f17deb8 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[  332.044604][   T28] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f636058bbe0
[  332.052594][   T28] RDX: 0000000000000002 RSI: 00007ffc6f17deca RDI: 00000000000000ca
[  332.060611][   T28] RBP: 00007f63607a6738 R08: 0000000000000000 R09: 00007f63612dd6c0
[  332.068594][   T28] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000008
[  332.076589][   T28] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000
[  332.084611][   T28]  </TASK>
[  332.087633][   T28] INFO: task syz-executor:6099 blocked for more than 144 seconds.
[  332.095458][   T28]       Not tainted 6.1.131-syzkaller #0
[  332.101258][   T28] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  332.109962][   T28] task:syz-executor    state:D stack:26176 pid:6099  ppid:1      flags:0x00004000
[  332.119161][   T28] Call Trace:
[  332.122478][   T28]  <TASK>
[  332.125444][   T28]  __schedule+0x143f/0x4570
[  332.130010][   T28]  ? __mutex_lock+0x6b4/0xd80
[  332.134713][   T28]  ? release_firmware_map_entry+0x18b/0x18b
[  332.140667][   T28]  ? __mutex_trylock_common+0x8d/0x2e0
[  332.146158][   T28]  ? do_raw_spin_unlock+0x137/0x8a0
[  332.151403][   T28]  schedule+0xbf/0x180
[  332.155476][   T28]  schedule_preempt_disabled+0xf/0x20
[  332.160915][   T28]  __mutex_lock+0x6b9/0xd80
[  332.165456][   T28]  ? __mutex_lock+0x53c/0xd80
[  332.170168][   T28]  ? rfkill_register+0x30/0x880
[  332.175051][   T28]  ? mutex_lock_nested+0x10/0x10
[  332.180009][   T28]  ? __init_waitqueue_head+0xaa/0x140
[  332.185391][   T28]  ? device_initialize+0x24a/0x450
[  332.190561][   T28]  rfkill_register+0x30/0x880
[  332.195255][   T28]  hci_register_dev+0x4df/0xa40
[  332.200160][   T28]  vhci_create_device+0x3ba/0x700
[  332.205205][   T28]  vhci_write+0x38b/0x440
[  332.209782][   T28]  vfs_write+0x857/0xbc0
[  332.214052][   T28]  ? file_end_write+0x250/0x250
[  332.218914][   T28]  ? __fdget_pos+0x1db/0x360
[  332.223539][   T28]  ksys_write+0x19c/0x2c0
[  332.227869][   T28]  ? print_irqtrace_events+0x210/0x210
[  332.233403][   T28]  ? __ia32_sys_read+0x80/0x80
[  332.238199][   T28]  ? syscall_enter_from_user_mode+0x2e/0x230
[  332.244214][   T28]  ? lockdep_hardirqs_on+0x94/0x130
[  332.249514][   T28]  ? syscall_enter_from_user_mode+0x2e/0x230
[  332.255529][   T28]  do_syscall_64+0x3b/0xb0
[  332.260215][   T28]  ? clear_bhb_loop+0x45/0xa0
[  332.264918][   T28]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  332.270962][   T28] RIP: 0033:0x7f3c05d8bbe0
[  332.275400][   T28] RSP: 002b:00007ffed7abd7a8 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[  332.283879][   T28] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f3c05d8bbe0
[  332.291934][   T28] RDX: 0000000000000002 RSI: 00007ffed7abd7ba RDI: 00000000000000ca
[  332.299985][   T28] RBP: 00007f3c05fa6738 R08: 0000000000000000 R09: 00007f3c06add6c0
[  332.307966][   T28] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000008
[  332.315957][   T28] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000
[  332.323975][   T28]  </TASK>
[  332.327014][   T28] 
[  332.327014][   T28] Showing all locks held in the system:
[  332.335355][   T28] 1 lock held by rcu_tasks_kthre/12:
[  332.340723][   T28]  #0: ffffffff8d32e890 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x29/0xe30
[  332.351287][   T28] 1 lock held by rcu_tasks_trace/13:
[  332.356567][   T28]  #0: ffffffff8d32f090 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x29/0xe30
[  332.367599][   T28] 3 locks held by kworker/1:1/26:
[  332.374202][   T28]  #0: ffff888017c70938 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x806/0x1260
[  332.388708][   T28]  #1: ffffc90000a1fd20 ((work_completion)(&rfkill_global_led_trigger_work)){+.+.}-{0:0}, at: process_one_work+0x806/0x1260
[  332.401777][   T28]  #2: ffffffff8e812408 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_global_led_trigger_worker+0x23/0xd0
[  332.413261][   T28] 1 lock held by khungtaskd/28:
[  332.418130][   T28]  #0: ffffffff8d32e6c0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x51/0x290
[  332.428060][   T28] 2 locks held by getty/4010:
[  332.432908][   T28]  #0: ffff88814cde5098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x21/0x70
[  332.442768][   T28]  #1: ffffc9000325e2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x54a/0x1620
[  332.452954][   T28] 1 lock held by syz-executor/4252:
[  332.458166][   T28]  #0: ffffffff8e812408 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_unregister+0xcc/0x220
[  332.468342][   T28] 1 lock held by syz-executor/4258:
[  332.473568][   T28]  #0: ffffffff8e812408 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_unregister+0xcc/0x220
[  332.483738][   T28] 2 locks held by kworker/u4:19/4557:
[  332.489108][   T28]  #0: ffff888017c79138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x806/0x1260
[  332.500312][   T28]  #1: ffffc90005117d20 ((work_completion)(&(&kfence_timer)->work)){+.+.}-{0:0}, at: process_one_work+0x806/0x1260
[  332.512502][   T28] 2 locks held by kworker/u4:22/4563:
[  332.517874][   T28]  #0: ffff8880b8f3a9d8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x26/0x140
[  332.527871][   T28]  #1: ffffffff976e74d0 (&obj_hash[i].lock){-.-.}-{2:2}, at: psi_task_switch+0x383/0x790
[  332.539309][   T28] 2 locks held by syz.1.480/5849:
[  332.544361][   T28]  #0: ffff8880592f9100 (&dev->mutex){....}-{3:3}, at: nfc_unregister_device+0x5f/0x290
[  332.554248][   T28]  #1: ffffffff8e812408 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_unregister+0xcc/0x220
[  332.564472][   T28] 2 locks held by syz.0.484/5863:
[  332.569555][   T28]  #0: ffffffff8e812408 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_fop_write+0x1a5/0x790
[  332.579691][   T28]  #1: ffff8880592f9100 (&dev->mutex){....}-{3:3}, at: nfc_rfkill_set_block+0x4c/0x2f0
[  332.589584][   T28] 2 locks held by syz-executor/6098:
[  332.594860][   T28]  #0: ffff888054da0918 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x700
[  332.604915][   T28]  #1: ffffffff8e812408 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x30/0x880
[  332.615281][   T28] 2 locks held by syz-executor/6099:
[  332.621030][   T28]  #0: ffff888054da3118 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x700
[  332.631127][   T28]  #1: ffffffff8e812408 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x30/0x880
[  332.641159][   T28] 2 locks held by syz-executor/6924:
[  332.646465][   T28]  #0: ffff888055c10918 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x700
[  332.656606][   T28]  #1: ffffffff8e812408 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x30/0x880
[  332.666590][   T28] 2 locks held by syz-executor/6942:
[  332.671920][   T28]  #0: ffff888051de9118 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x700
[  332.682042][   T28]  #1: ffffffff8e812408 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x30/0x880
[  332.692030][   T28] 2 locks held by syz.4.917/7278:
[  332.697059][   T28]  #0: ffffffff8daaf568 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x58/0x380
[  332.705535][   T28]  #1: ffffffff8e812408 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_fop_open+0x130/0x680
[  332.715571][   T28] 1 lock held by syz.2.931/7324:
[  332.720695][   T28]  #0: ffffffff8daaf568 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x58/0x380
[  332.729238][   T28] 1 lock held by syz.5.932/7327:
[  332.734176][   T28]  #0: ffffffff8daaf568 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x58/0x380
[  332.742641][   T28] 1 lock held by syz-executor/7330:
[  332.747822][   T28]  #0: ffffffff8daaf568 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x58/0x380
[  332.756301][   T28] 1 lock held by syz-executor/7333:
[  332.761682][   T28]  #0: ffffffff8daaf568 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x58/0x380
[  332.770276][   T28] 1 lock held by syz-executor/7334:
[  332.775474][   T28]  #0: ffffffff8daaf568 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x58/0x380
[  332.784095][   T28] 1 lock held by syz-executor/7337:
[  332.789341][   T28]  #0: ffffffff8daaf568 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x58/0x380
[  332.797784][   T28] 1 lock held by syz-executor/7338:
[  332.803020][   T28]  #0: ffffffff8daaf568 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x58/0x380
[  332.811588][   T28] 
[  332.813918][   T28] =============================================
[  332.813918][   T28] 
[  332.822612][   T28] NMI backtrace for cpu 1
[  332.826929][   T28] CPU: 1 PID: 28 Comm: khungtaskd Not tainted 6.1.131-syzkaller #0
[  332.834807][   T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  332.844856][   T28] Call Trace:
[  332.848190][   T28]  <TASK>
[  332.851122][   T28]  dump_stack_lvl+0x1e3/0x2cb
[  332.855798][   T28]  ? nf_tcp_handle_invalid+0x647/0x647
[  332.861254][   T28]  ? panic+0x764/0x764
[  332.865319][   T28]  ? vprintk_emit+0x622/0x740
[  332.869994][   T28]  ? printk_sprint+0x490/0x490
[  332.874750][   T28]  ? nmi_cpu_backtrace+0x252/0x560
[  332.879870][   T28]  nmi_cpu_backtrace+0x4e1/0x560
[  332.884830][   T28]  ? nmi_trigger_cpumask_backtrace+0x430/0x430
[  332.891004][   T28]  ? _printk+0xd1/0x111
[  332.895222][   T28]  ? panic+0x764/0x764
[  332.899361][   T28]  ? __wake_up_klogd+0xcc/0x100
[  332.904212][   T28]  ? panic+0x764/0x764
[  332.908285][   T28]  ? nmi_trigger_cpumask_backtrace+0xfc/0x430
[  332.914354][   T28]  nmi_trigger_cpumask_backtrace+0x1ca/0x430
[  332.920349][   T28]  ? arch_trigger_cpumask_backtrace+0x10/0x10
[  332.926432][   T28]  watchdog+0xf88/0xfd0
[  332.930609][   T28]  ? watchdog+0x1f8/0xfd0
[  332.934966][   T28]  kthread+0x28d/0x320
[  332.939029][   T28]  ? hungtask_pm_notify+0x50/0x50
[  332.944101][   T28]  ? kthread_blkcg+0xd0/0xd0
[  332.948691][   T28]  ret_from_fork+0x1f/0x30
[  332.953142][   T28]  </TASK>
[  332.956481][   T28] Sending NMI from CPU 1 to CPUs 0:
[  332.961774][    C0] NMI backtrace for cpu 0
[  332.961784][    C0] CPU: 0 PID: 4561 Comm: kworker/u4:21 Not tainted 6.1.131-syzkaller #0
[  332.961801][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  332.961811][    C0] Workqueue:  0x0 (events_unbound)
[  332.961843][    C0] RIP: 0010:check_preemption_disabled+0x19/0x110
[  332.961868][    C0] Code: cc 48 c7 c7 20 6f 5f 8b 48 c7 c6 60 6f 5f 8b eb 00 41 57 41 56 41 54 53 48 83 ec 10 65 48 8b 04 25 28 00 00 00 48 89 44 24 08 <65> 8b 1d 60 7f 50 75 65 8b 05 01 d5 50 75 a9 ff ff ff 7f 74 22 65
[  332.961881][    C0] RSP: 0018:ffffc90005157b18 EFLAGS: 00000086
[  332.961893][    C0] RAX: 57181ab4db87de00 RBX: 0000000000000000 RCX: dffffc0000000000
[  332.961904][    C0] RDX: ffff8880b8e3b4e0 RSI: ffffffff8b0c2ec0 RDI: ffffffff8b5f6f80
[  332.961916][    C0] RBP: 0000000000000001 R08: dffffc0000000000 R09: 0000000000000003
[  332.961926][    C0] R10: ffffffffffffffff R11: dffffc0000000001 R12: 0000000000000046
[  332.961937][    C0] R13: ffff8880551ed940 R14: 00000000ffffffff R15: ffff8880b8e3a9d8
[  332.961949][    C0] FS:  0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[  332.961962][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  332.961973][    C0] CR2: 000055b67a724088 CR3: 000000000d08e000 CR4: 00000000003506f0
[  332.961991][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  332.962000][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  332.962009][    C0] Call Trace:
[  332.962014][    C0]  <NMI>
[  332.962019][    C0]  ? nmi_cpu_backtrace+0x3de/0x560
[  332.962035][    C0]  ? read_lock_is_recursive+0x10/0x10
[  332.962060][    C0]  ? nmi_trigger_cpumask_backtrace+0x430/0x430
[  332.962092][    C0]  ? nmi_cpu_backtrace_handler+0x8/0x10
[  332.962106][    C0]  ? nmi_handle+0x12e/0x440
[  332.962128][    C0]  ? nmi_handle+0x25/0x440
[  332.962149][    C0]  ? check_preemption_disabled+0x19/0x110
[  332.962168][    C0]  ? default_do_nmi+0x62/0x150
[  332.962183][    C0]  ? exc_nmi+0xa8/0x100
[  332.962197][    C0]  ? end_repeat_nmi+0x16/0x31
[  332.962237][    C0]  ? check_preemption_disabled+0x19/0x110
[  332.962258][    C0]  ? check_preemption_disabled+0x19/0x110
[  332.962279][    C0]  ? check_preemption_disabled+0x19/0x110
[  332.962299][    C0]  </NMI>
[  332.962303][    C0]  <TASK>
[  332.962309][    C0]  lock_is_held_type+0xfd/0x180
[  332.962329][    C0]  pick_next_task_fair+0xbad/0xdc0
[  332.962353][    C0]  __schedule+0x7a9/0x4570
[  332.962373][    C0]  ? pwq_dec_nr_in_flight+0x1e8/0x460
[  332.962398][    C0]  ? worker_thread+0xe98/0x1200
[  332.962416][    C0]  ? release_firmware_map_entry+0x18b/0x18b
[  332.962437][    C0]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  332.962461][    C0]  ? print_irqtrace_events+0x210/0x210
[  332.962483][    C0]  ? kthread_data+0x4e/0xc0
[  332.962505][    C0]  ? wq_worker_sleeping+0x5f/0x270
[  332.962520][    C0]  schedule+0xbf/0x180
[  332.962540][    C0]  worker_thread+0xe9d/0x1200
[  332.962567][    C0]  kthread+0x28d/0x320
[  332.962580][    C0]  ? worker_clr_flags+0x190/0x190
[  332.962597][    C0]  ? kthread_blkcg+0xd0/0xd0
[  332.962612][    C0]  ret_from_fork+0x1f/0x30
[  332.962637][    C0]  </TASK>
[  332.962839][   T28] Kernel panic - not syncing: hung_task: blocked tasks
[  333.268728][   T28] CPU: 1 PID: 28 Comm: khungtaskd Not tainted 6.1.131-syzkaller #0
[  333.276620][   T28] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  333.286688][   T28] Call Trace:
[  333.290005][   T28]  <TASK>
[  333.292960][   T28]  dump_stack_lvl+0x1e3/0x2cb
[  333.297662][   T28]  ? nf_tcp_handle_invalid+0x647/0x647
[  333.303127][   T28]  ? panic+0x764/0x764
[  333.307211][   T28]  ? llist_add_batch+0x160/0x1d0
[  333.312157][   T28]  ? vscnprintf+0x59/0x80
[  333.316491][   T28]  panic+0x318/0x764
[  333.320398][   T28]  ? nmi_trigger_cpumask_backtrace+0x2db/0x430
[  333.326553][   T28]  ? memcpy_page_flushcache+0xfc/0xfc
[  333.331926][   T28]  ? preempt_schedule_thunk+0x16/0x18
[  333.337301][   T28]  ? nmi_trigger_cpumask_backtrace+0x2db/0x430
[  333.343491][   T28]  ? nmi_trigger_cpumask_backtrace+0x358/0x430
[  333.349638][   T28]  ? nmi_trigger_cpumask_backtrace+0x35d/0x430
[  333.355801][   T28]  ? arch_trigger_cpumask_backtrace+0x10/0x10
[  333.361881][   T28]  watchdog+0xfc7/0xfd0
[  333.366047][   T28]  ? watchdog+0x1f8/0xfd0
[  333.370397][   T28]  kthread+0x28d/0x320
[  333.374462][   T28]  ? hungtask_pm_notify+0x50/0x50
[  333.379489][   T28]  ? kthread_blkcg+0xd0/0xd0
[  333.384070][   T28]  ret_from_fork+0x1f/0x30
[  333.388511][   T28]  </TASK>
[  333.391841][   T28] Kernel Offset: disabled
[  333.396165][   T28] Rebooting in 86400 seconds..