last executing test programs:

1m9.996796738s ago: executing program 4 (id=866):
socket$netlink(0x10, 0x3, 0x0)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = socket$xdp(0x2c, 0x3, 0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000280)={'batadv_slave_1\x00', <r4=>0x0})
r5 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
setsockopt$XDP_UMEM_COMPLETION_RING(r5, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
r6 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_RX_RING(r5, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
setsockopt$XDP_TX_RING(r2, 0x11b, 0x3, &(0x7f0000000440)=0x400, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f0000000180)={'batadv_slave_1\x00', <r7=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r5, 0x11b, 0x5, &(0x7f0000000140)=0x1, 0x4)
bind$xdp(r5, &(0x7f0000000100)={0x2c, 0x0, r7}, 0x10)
bind$xdp(r2, &(0x7f0000000240)={0x2c, 0x1, r4, 0x0, r5}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
ppoll(&(0x7f0000000500)=[{r0}], 0x1, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f00000002c0)={0x3ff}, 0x0, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000740)=@bpf_lsm={0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)

1m8.070448466s ago: executing program 4 (id=875):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0xa04108, &(0x7f0000000400)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x1}}, {@stripe}, {@nolazytime}, {@noquota}, {@nobh}, {@minixdf}, {@nodiscard}, {@grpid}, {@debug}]}, 0x11, 0x4d8, &(0x7f0000000540)="$eJzs3d9rW9cdAPDvla3ESZzZ2faQBZaFJcMJWyQ7XhKzhyyDsTwFtmXvmWfLxli2jCUnsQnDYX/AYIyt0Kc+9aXQP6BQ8ieUQqB9L21pKW3SPuShrYqkq+K4UmxT/Ujtzwdu7jnnXt3vOTH36J57j6QADqwzEXE9IgYi4kJEjKTlmXS5UctsNvZ78vj+TG1Jolq99WkSSVrWPFaSro81XhJDEfHXGxH/SL4bt7y+sThdLBZW03y+srSSL69vXFxYmp4vzBeWJycnrkxdnbo8Nd6Rdo5GxLU/fvi/f7/6p2tv/ubue7c/Pv/PWrWG0+1b25HKdiJukh5qaEvZYESsduLgL4CBdN2R/ywAALqudo3/44j4Zf36fyQG6lenAAAAwH5S/f1wfJlEVAEAAIB9K1OfA5tkculcgOHIZHK5xhzen8bRTLFUrvx6rrS2PNuYKzsa2czcQrEwns4VHo1sUstPpHNsm/lL2/KTEXEiIv47cqSez82UirP9vvkBAAAAB8SxbeP/L0Ya438AAABgnxnd4/5DXaoHAAAA0D17Hf8DAAAAPzzG/wAAALCv/fnmzdpSbf7+9eyd9bXF0p2Ls4XyYm5pbSY3U1pdyc2XSvP17+xb2ul4xVJp5bexvHYvXymUK/ny+sbtpdLacuX2gk8NAAAAQL+c+MXDd5OI2PzdkfpSc6jflQJ6ItnLzh90rx5A7w30uwJA3wy2Knza+3oAvZftdwWAvtvpPkDbyTtvdb4uAABAd4z9rP3zf/cGYH/L9LsCAEDPtXz+DxwIWTMA4cD70Q7bv//z/2p1TxUCAAA6bri+JJlc+ixwODKZXC7ieP1nAbLJ3EKxMJ6OD94ZyR6u5Sfqr0z29tlhAAAAAAAAAAAAAAAAAAAAAAAAADjAqtUkqgAAAMC+FpH5KKl/m3/E2Mi54e33Bw4lT0fq64i4+/Kt/9+brlRWJ2rln31bXnkpLb/UjzsYAAAAwHbNcXpzHA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnfTk8f2Z5tLLuJ/8ISJGG/GHnok/GEP19VBkI+Lo50kMbnldEhEDHYi/+SAiTrZqf1KrVoymtWgV/0gf42ci4lgH4sNB9rDW/1xvdf5l4kx93er8O1xPD3Yg/tb+b3v8Zv830Kb/Ob7LGKcevZ5vG/9BxKnB1v1PM37SJv7ZXcb/+982Ntptq74SMdby/Sd5Jla+srSSL69vXFxYmp4vzBeWJycnrkxdnbo8NZ6fWygW0n9bxvjPz9/4+nntP9om/ugO7T+3y/Z/9eje4580ktlW8c+fbf3+e7JN/Ez63verNF3bPtZMbzbSW51+7e3Tz2v/bJv27/T3P7/L9l/4y7/e3+WuAEAPlNc3FqeLxcJqlxPJYNdDSEjsLXE4PQm2bEov+nt2Xry4iX72SgAAQDdsGfkAAAAAAAAAAAAAAAAAAAAAfdKLrxPbHnOzP00FAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHiubwIAAP//zIPNdg==")
syz_usb_connect$uac1(0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x2, [{0x0, 0x0}, {0x2, &(0x7f0000000380)=@string={0x2}}]})
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="043e110b07"], 0xec)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000d, 0x4008031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
getdents(0xffffffffffffffff, 0x0, 0x0)
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = getpgrp(0xffffffffffffffff)
ioctl$TIOCSPGRP(0xffffffffffffffff, 0x5410, &(0x7f0000000240)=r0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$inet6_udp(0xa, 0x2, 0x0)
r2 = dup(r1)
write$UHID_INPUT(r2, &(0x7f0000002100)={0x18, {"a2e3ad2119c752f91b5e09091bf70e0dd038e7ff7fc6e5539b324d078b089b3b0838721a0890e0878f0e1ac6e7049b3d63959b509a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31320d076d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70d998ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f0000000c558cdc0a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5af098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000108000e0a37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b2fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d3a6df40babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f794c9eee1198751adaa13d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f39a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60559516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d8872fe174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f980000000203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[@cr4], 0x1)
mprotect(&(0x7f0000000000/0x2000)=nil, 0x2000, 0xc)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000100), r2)
sendmsg$BATADV_CMD_SET_MESH(r2, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x3c, r3, 0x100, 0x70bd25, 0x25dfdbff, {}, [@BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0xd}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x6}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_MULTICAST_FANOUT={0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x20000080)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuset.effective_mems\x00', 0x275a, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r4, 0xc028660f, &(0x7f0000000040))

1m3.919343049s ago: executing program 4 (id=879):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x2d)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
r3 = memfd_create(&(0x7f0000000100)='\vem\xda\x99R@m\xfc\xfe\x9b#*\xff', 0x0)
write(r3, &(0x7f0000000040)="0600", 0x2)
write$FUSE_NOTIFY_STORE(r3, &(0x7f0000000180)=ANY=[], 0xe)
sendfile(r3, r3, &(0x7f0000001000), 0xffff)
mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f000001a000)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f000002eff0)={0x135, &(0x7f0000000000)=[{}]}, 0x10)

1m3.914650049s ago: executing program 0 (id=880):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=ANY=[@ANYBLOB="34000000180001000000000000000000020000000000000900000000060015000600000010001680040003"], 0x34}}, 0x0)
pipe2(&(0x7f0000000200)={<r2=>0x0, <r3=>0x0}, 0x0)
pipe2(&(0x7f0000000000)={<r4=>0x0, 0x0}, 0x0)
ioctl$int_in(r2, 0x5452, &(0x7f0000000040)=0x6)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = openat$cgroup_int(r5, &(0x7f0000000100)='cpuset.cpus\x00', 0x2, 0x0)
write$cgroup_subtree(r6, &(0x7f0000000240)=ANY=[@ANYBLOB='1-1'], 0x31)
writev(0xffffffffffffffff, &(0x7f00000001c0)=[{&(0x7f0000000280)}], 0x1)
splice(r4, 0x0, r3, 0x0, 0xe4, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
syz_mount_image$fuse(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$packet(0x11, 0x0, 0x300)
socket$key(0xf, 0x3, 0x2)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x2c481, 0x0)
syncfs(r1)

1m2.891186579s ago: executing program 0 (id=884):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x1e, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r0}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = socket(0x1d, 0x2, 0x6)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='blkio.bfq.sectors_recursive\x00', 0x275a, 0x0)
ioctl$SIOCSIFHWADDR(r5, 0x4030582b, &(0x7f0000000280)={'lo\x00', @link_local={0x1, 0x80, 0xc2, 0xc, 0x8}})
getsockname$packet(r4, &(0x7f0000002200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000002240)=0x14)

1m1.766555937s ago: executing program 0 (id=885):
r0 = socket(0x0, 0x0, 0x0)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8}, 0x0)
sched_setscheduler(0x0, 0x0, &(0x7f0000000240)=0x7)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
r2 = eventfd(0x0)
ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000100)=r2)
ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000040)={0x0, r2})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000380)={0x1, 0x0, 0x0, &(0x7f0000000280)=""/233, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f00000001c0)={0x0, 0x1, 0x0, &(0x7f00000003c0)=""/77, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f00000004c0))
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000000)=0x20000)
r3 = socket$inet(0x2, 0x3, 0x100)
setsockopt$sock_int(r3, 0x1, 0x6, &(0x7f0000000500)=0x8, 0x4)
bind$inet(r3, &(0x7f0000000000)={0x2, 0x0, @local}, 0x3c)
connect$inet(r3, &(0x7f0000000080)={0x2, 0x0, @broadcast}, 0x10)
sendmmsg$inet(r3, &(0x7f0000002b00)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000001980)=[@ip_tos_u8={{0x11}}], 0x18}}], 0x1, 0x0)
write$eventfd(r2, &(0x7f00000000c0)=0xfffffffffffffffe, 0x8)
ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000180))
getsockopt$ARPT_SO_GET_REVISION_TARGET(r0, 0x0, 0x63, &(0x7f0000000200)={'NETMAP\x00'}, &(0x7f0000000440)=0x1e)

1m0.512804406s ago: executing program 4 (id=888):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000000180)="1a", 0x1, 0x0, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r1 = socket$key(0xf, 0x3, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r5}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000340)={0x0, 0x81}, 0x8)
sendmsg$key(r1, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x2, 0xd, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, [@sadb_x_policy={0x8, 0x12, 0x0, 0x2, 0x0, 0x0, 0x0, {0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in=@dev}}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @local}}, @sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @private2}}]}, 0xa0}}, 0x0)
sendto$inet6(r0, &(0x7f0000000280)="aa", 0x1, 0x0, 0x0, 0x0)
sendto$inet6(r0, &(0x7f0000000040)="93", 0x34000, 0x0, 0x0, 0x44)

59.835089515s ago: executing program 0 (id=892):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan0\x00'})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r1, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, 0x0, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x6)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000f80)=ANY=[@ANYBLOB="b70200000b000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f7a80d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab0300817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001e8c76bbe7ff988a28ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f757036303767d2e24f29e5dad9796edb697a8ad004eea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa407e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4522bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b9fbef2461c96a088a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabfd50200a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987595ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afd80e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd1389a0963de85dd2b189774450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db08407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07af1491ef06b4092140faed0c329be610c3082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b4c8787361f326df86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c39b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa525235da0000afe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8bc410d9f48bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70a3009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f981179186e4000000000000646174b55d251f7f8ca5ccc32a5efb33b237eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4445eef08401cd1a3e266db41474e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24c5efd5c8495c1ccd580033c55725f2d60354f8ad5914a0155eaa743350ddb388f486b6de0549ef3b1b3c3b7d4d3a830ff39885776119408029be3788dd8422b1ab7b4c9d5b7d8682fd759c713108e1bdfc64b9121bbf07099def5c0ce3c861ae4b5cad8bba5a0b6059b9ef90c2f96a59320309e25df89484522bb1d6eaa92164f9e4042cb689a45a898354c17b08705205a9189772bcbcb6414e44b33a2470d3bc16f761c33f565b9da5e7991ad8482579cc1b16c1fcec815a5482ae8b1779c5e339971a6ec1217bcfd1ef24284de8a0a9f068f297037d6478c2434a9a18dcc6c7c791e444a79d7ce37f9cf2a434b9048ca6a2fa254aa02cd098026798a6d336348af0fc11fa2809a5ebbe17ca4d0f889d518f64ee50f562b5fdb1f76d4a7fe14701f8ed0c6a55d66a6efea3e449e6b4783d66661a92f174f8293cf83bceaf6c9eda1f83166aa1e2093d626870510e6cd176d501fe01e4a752fc30134073188e3f826f695e4e14fca6596943467c7df154493023f77c107b3db20ea75b493b4b38dc43986d94748cbfab954edae20982b6d212a44f4b40387876bc9eb73900"/3112], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r3, 0x18000000000002a0, 0xf, 0x0, &(0x7f0000000100)="b9ff0b076859268cb89e14f088a847", 0x0, 0xf00, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r4, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r4, &(0x7f0000000480)={0x2, 0xfffe, @multicast2}, 0x10)
sendmmsg(r4, &(0x7f0000007fc0), 0x800001d, 0x0)
listen(0xffffffffffffffff, 0x6)
writev(r2, &(0x7f00000001c0), 0x0)
readv(r2, 0x0, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r5, 0x8)

59.537379501s ago: executing program 4 (id=894):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x8, &(0x7f00000001c0)=ANY=[@ANYBLOB="51b843f324833500cd81cb7287e718f47daf4cb8cfdebb0a22e14af8d093b58ba65d8568ff32f8c5a53ccb43241ae3f9e9478ff9af2c8205f3c686dc8607ad"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
pipe(&(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = fcntl$dupfd(r4, 0x3, 0xffffffffffffffff)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="440000001000050700"/20, @ANYRES32=0x0, @ANYBLOB="0000000790a2c4b35c14ce94e9705f2d6cfe0000000000240012800b0001006272696467650000140002800666fb2ea83bf3b5009a4bd64a8ca1b851b043da6eeb6de9ddf0d0e3d1bb0bd3891e9f9b7769d7c5c8dc0551a1d6bb455fea77b7c062e37e2acb53854495941aefaa496004b42e03160b4ec1f0b6249ea84a8abe207c6a0e84e28dc0fc5237178499b623aa2f35caae4dcbc2b1fc72a69b9849f68b4eba65744a2823e648189b01edbbe446b00bf6cb328af88c3633484ac07a823babb2671ed5f3765cf89a617004e6fd73aa612b1d6f3d24bf659d6515ce102ef1171ca23161eab568bfcf3fc129fe0f399c9a0adf97f68ec7"], 0x44}}, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000940)=[{&(0x7f00000008c0)=""/106, 0x6a}, {&(0x7f00000007c0)=""/242, 0xf2}, {&(0x7f0000001380)=""/239, 0xef}], 0x3, 0x0, 0x0)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000004980)={<r7=>0x0, <r8=>0x0}, &(0x7f00000049c0)=0xc)
getresgid(&(0x7f0000004a00), &(0x7f0000004a40)=<r9=>0x0, &(0x7f0000004a80)=<r10=>0x0)
r11 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r11, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=@ipv4_newnexthop={0x28, 0x68, 0x23, 0x0, 0x0, {}, [@NHA_FDB={0x4}, @NHA_ENCAP={0xc, 0x8, 0x0, 0x1, @SEG6_LOCAL_OIF={0x8}}]}, 0x28}}, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000004b80)=[{{&(0x7f0000001140)=@abs={0x0, 0x0, 0x4e21}, 0x6e, &(0x7f00000011c0)=[{&(0x7f0000001280)="3d21950f365ff35e6d784c34a0dd6f193bb9592192d41da445f7c82db5890328eeb5fa4ebf65a31cca6b50da04f5a3a5e269c8e83843c8cf399f8bff55aea3a122c3a9f7b8bd37d93cf2f83af76a84ded3b081e552306d607f24d90e99c9333928855b8cf558c3d5300383869c50", 0x6e}, {&(0x7f0000001600)="fd0335d8573eaf121ca5d5be5b7572544f32cff20bd8d96756e7e98499c78b74529de9fbe2417136f8a5f16a8086de018d34cbaa3ce732f005736eaa271c412c7a5477cc8905cf8d8d7f33966d975f621a1a35ba2a3a98bf8bccf69401a1d4a070aee928425be7be00623c5302025873c947da752f7d2555bb4cb14e4499ec8d43936cc5adc63bc25f1db5f568586c1dc4aad018f7313ea5aa6771e118e84f169f264c633096b189", 0xa8}, {&(0x7f00000016c0)="6c92f620f063f88f8f336825fcfb6a3c0857b05152fa6267046c24bb25134cc56ad0a62f39063d8e5537fa70715505c327d11c0c1dcec7a728590330c10fce5068d15a3df3af435a191f97d3e1f1b94cfaf9b191a5508179cd72661470b5c5ed40bb82cf0d2ad742354a7d5d34edd6e375b7282eaff45d65577eb5ff861a1374669c38c51b814bce38a4df4dbb4986da4c3d34ae07a7e0afcf0e7dc1888a101c4f642ed2472fd111f650e038eec59a13079507bf73b77d74bf6c545f639989bcff2c0bbee90e11ad98f16af11640e249e6558904e3dd3a19d6927ab36755d98cae57487b4f974155a393619289fcdbcd6bae8199efd639edd58f26aba5cf79010bf2b26184b8580de6a46fac227ed2deca8b99e884af8ab611685b6e5713984bd986aa601db1295c221a9031922afe4ed94299d4afb12de01116700fd0dee30c4352405a2db2ddfd071bb870a90e446f2dd8ea95f74dd0d52e37c4dccba91f6fd5fe22a0469f9f41df718f3080c18fc9e3e4616539d5131086fe19b6fdbfed2b9218594bf258ec15228e57f2f17e550bdeea7a0b759d679effa5045f71945720a37f765c336333d50892e4adc50c11ad6dd3c6d7d04b65aa693500f255939a586f7c085b0ea5866f809746bbb64b830e56c6b8801187f80d8fd962a0e9bb314cca6c348a9117a8e455bec56bb8dac484b4cb9875f5a40e0edea862ee1f082f723a020ee3b4090cf3180f28e63771c60e02adc752d233a1814f418b2ead85bb25e1cde40db1cc8affe58e8eb02aa3c5e68f737337a4b11eef09e8565290afe0f3b631afb798598145d8425515b9374fc5242ba156f954ff412e9dcd42c78386b10124f8daf9efdc6009975cc0d735e628c6854f749aa907a3ad032cb443cc86fa9a89139b6b76646848806e8b0b028314fcae247619b900146f26be1902c0cfbddd39286ebab8f880bd9678e6502be1521a54111badb5dd01486ea754628afa5169efa3d301a78d9af4e69335e02b770f0f98abb74f6c0bdded3696ccd6cabfe9aa8f8cd4015d5630b26f271eea70957e89fe1b3c3272c777f3d27f4ef5c9f714e8e29ee0a4c6b6055ebee150b4b91c360742c1819a317ecb606c6f8b80c02ec63b0d6bb161e3e13972ba33a26f90cfa17b6ad1c7eaebe560925f41f6060430733ed7eec2cee507c1826a7bdf4e6b7d4ba238cb9e8dd24757d5feeefae432385bb8d68d260e5161e5e59e4aefc19961513c9a0c7d8a83a5edc96406b4d46f81bfae71e66d26c4052abe3e35bfdf421b5f3c335ec24c9957757fb88f3f6aef0fc6663c095229f6b7073028976828462ffd95c7ce1fbb8b8e27b88272448f709ab6503cf458bb4cf6bc72d79e2715f254de35cb55dca815b813980e9d90f5cd56092868e39d103b812e6c4528884b2bd69ed4259a017168fb55d6b7cf98b2429138fe005b4fa06548cf0ad780445a067664e7aeba6e2b09701f3b5fb136e44e128cb3109dd02721a1fe62a62825d603ce858cf38d7d3859f17013d45a1d5da0dd990eb0f563de92d03b1e58cbfad1cb88e43fd74de367ddf3e66ae5599ae87edeb84eb01b7fa89ac65f67fde5256bab413a087f295f5aafd3b12771cdf8757cbf421e20a8bd4a14838b7c581531589956103222a98a1f44b30f121490c56ec036d291eceaf61ccedf2fb8d4cd4876b9b533f2089302a62838e5a4fd6b5febaff731218ea2c70f97eb97be15434a797598613ca0b18f02c2efa4c09e8ce2f49cecee684966c0520c7d00930799a89378e153b84ddffd561050f1542b5f2a481ae8b3d7fc9355ba69e9b9ec4f9d20c49394ab8d101c08047d67913eb12ce3ce5458e0548a81bb16b9a46405ce9492625b5e21245ec8ed3c33ff8e35f873fef096ec781419c88fda8e8aa3e03af3458df31f67982aec27d5a60ac30e9da6c0c3c8df70c7ddb8f1aa1de352a44b360e5404b5e5fa1032b6b1266527ccd68865e69a717c4874308b433be9456b5a133c88441e3badf0e892a9307516ebbd4e1c35880d95e820e578702706367a8ef4df31ec0bd80a5c8a78c96425b42ea6cfb27baf146d0a802ea254080e1d83efed2cf94d0034cc2e0c2d4bb485b5fbc4ca17bafb3547d2230ed75408ecaee2f55e6b250ffc2822c60cb25aaa81fdb923460398a23f4890c19f09f40d17801aeb93877178187e7ba61c4ee14890a23b5f932c905e4ae4e88168d754fa3ad968ddd942d522328daba9662ad0cecc3d73a25f8a60b965868a08fbd929be616bd35d80be29c634c09daf1a39f8d6e4615aafd3a5871f2c1d67f3798d8d1e75149b8fe200c73a2cc71f814ce4fb1a3d1fb156821a5c669168f697e05ad75325c7cdf4fc5f68b41ffe70d6f269e534abfc1ac67771dd66dd2deba353c625796b936eb6b820e7bd6d4d6c36044c55630d701cd329dc5d0fa4598826db33128fc48db113cc3b5ebdea1ded34e0895228ba358e51e762a8b8901e5474ec5641ce40010d11f522b1110c67697cae2e1c0717ffc272bbcd2b5be18d150dbc298139da3ad2866cbdbd4dd6315124c446322cf3bc7d854a7f3669a9390d1e6d2be5cddf4eb87ea90da228c0868599116b99449ffb78f5bfcddfc2119ad7116ab9364ecf60440c4bf202420c1dd46a0652e979afb5973288c9d9127a0bbd3005d4a3e28fd1b1f7cf97391bcab92d84fb7d0bf4afb4c6c772b055201b8152a13d629d9f7f43ed46e8e576bb88b6c6be851c8dd7e15bc041f2ecf5542d33173865ccf870d88c360d0c0564fccd7657d8cb296d2f3d7a3114777ce8c62e342a2527ae6a39b6b2bc52e27de112f59e6abadc8d5a78b690633978b3d5cf3932911ec023c43b6d268fa18d70a6c6f33e0f3d069586b6e52bbf5b2d2baabfa6f5884ef41e55223e918db652ecb93733ebe99f86868da6ed08e1a139e86cd2bbe0b280c7194e404977ab6bb143cc369d75681a4bb9e06b82db1382966409d76f93a99371657386f281f1d661e5dddbeb3360e3c4c464b84c88848b10e394418a9ddf7473fa6001f9caa12bbafa41f291f5b1d97ee61c3484cb3045245ff68400b33b965b4f7846ce18919f0a48d388adc62ab9cb0e316adcf2e54cd0499edb4213bec297aedbee43b5b941001cb32a15cae331725da3dcd2333b09b39324901a3569d0655947e343d80913143eb6158d4db6760923c9a75867083f6d3ee4727beb364a15b4e07f3f84856099e067f5cda9098387a658703888ec07126ad684f3dfe163032b0ff24a53e1777b14e8180c132b8c9a4a8262935a65b692affc5d91bc12c5d2981551339e1caddc97a557efa915920919410876d7c893cd5afc5d55f2e954718d87206c8fec09a44875153fd80f58c18e6c8a85b4f4aca38d40be6900401d0c45fd3ef21e0ff049ce316b73dbc2a3baa52654be774febaaf063ea2c9f131f0564b3fc823d4ada53c788b60a864d4c01f5941741460d506de90ae42385d89472025d00ca21ff313fd28babf8167ec51581288ba3dae8410ada2f2d36d2fbe806154033ae832b0ba1edafef4a47b9654e714ef7970a9f7bc46a5fd196e0eff3d9a6c249ea46adf124e3fa6d2842aabb67a28cc2db00c6774d8f359429e4e26e507f1631fc6f95f80c7767a4fb4bb7ac8c715b4c6c7b6758f364db174c3738533b058338144fad473473c2f1fbfb77ee532c10cce297d89460b266de8a81c7d6b6cd55af2e067955037421f09b642ff0eaf7446d4b2bea19344f071b0ac826037616b0ab1c136b46995cc474aa539fc6a39aeceb47d4c048d8b5a0ed4c265b89bd08e66fcb69e2002f7727006094b95fd8e5cf35d796bfe13e5c9ef84ab419beb1747c8699331d6e364ac5f51884689c58d7baa9884eac1015d4141549d88af1bf758221554405a23c4cccc022e8ab79ce2249c4fedec94f6b9771b0a285de15b5c7b71c0f28aaaac398f20c98c099ba020a109e3cd0937e3ac2bf3c80e705416a4290cf789441c69400b94a5f0c1654ccf35ce8643878488c300881d9641b1d06d4549f25768f7c97a97a686503ae427604addc9f1d8f1a8619e63edd32468ca334ac505067f87275c8a7348893044f7c0f3d8d371b0d8cc0d9f915cf7dc7331cfaea8ec02da2662e1c67132e3555c14df879440581cafef695ba5630bc19725fb9ec208963819ce07e0d909661b864a2fe115c4794fdb05b2cd47cf24ae82aed60063cc4c49f6429b371ddd0590cdb4c1eff013b8ddfc0fb76092ef559a175e25615adc8973ff5de473f88f10b7c4597e5c94198a430af939f37f85f3607b0de821fcc0249b91d16f34d7c36efd1df0b49dff8631d791793ce7c159270550cbc5f0adbbf3b02d251c66eb852feac1ac392cd34a960d64ca0c32eef1c5af41c690c270b6c8f431a363b1f52c993ca6a8e54cbeba9c5f154e7f67b114854f787e8384d98224d0fb3fe80860e8087edad2e2ff7875116df4501ab5dd0196a0154cf924039fccc141904277df460872a54a47746570a288695cb0934b44b678890c7d1308e94b3c9ff72b987b552a7ab6c9f7085ceb862f8e24f475c97115d376f32f8ae3f62c1ea00257c1c6fe1213bd32231cd5267afded3b430cf7ca5f75d83f2fdc91b15a7d3791dc0eab3829520450fcf415c8188e018ab7f348bae4d94394d7d5595ab7ba56027ba9f978c1896e096aeb7f763c12af779b5eb973150ae825487d0782c808baf6258c39599fa0caee37709932a6c4c17a666dcb790ddf06b9046b42279af0212996d8351d8c8d4c33fb3d126e936dfafb1a7ecc2d8a7a87f314570db13536fb5ecd90314d2e20ef992f9d78968b5cc4a76bdbc07f585c958f0bffe6f1b92dd7346baf5bddd2fbece482b7ba5727515a04a0ca857597ca43028f8166ccd99a51e3f467299b7f9a9fe9474add0ac23cd4f1858f765e798334ea14cc1d635b1d46dabf67be52a16adb47e6f85e55b704eaada1e91ececa85457cd0dbf8e7f0a160df01b44feb1fab9aa7b6b41cf9de0a5ca0fd7171b709b087ffffbf0cbc00325c196b810caed67b237385eda9d29a82b008dfb3691e2754383419cea7cbc022653abeb93bcf13e2cfaa053880b050c4087266b87b9ee3b70ef04f925d12a69612b5ee6eecdc20c2287515a874dc6aa5f95b1d065e388e078b3455e80d36fa353f6a3ff2323b1a987b3c8103ed3f88c6a028468ef968427eecb599cd597c56b871d10e4760f06a19f8ceabdf3a8cff1df7e3674aa1217d14b28da6f37e835b58f4bdc6a5f71ea23e63284f4e4bf31bfed8c15bb57bbedae819237e20ccf1ebbd6cccf9f6678edd546627d98d312ed14f6d51809c7944f2b6b7c47bfa982b16f8a52d15813f17416fdf9cf1464c9b6069fe21624d08f653a8b807bacfad68266df1783978d69c21b07a7f084caa82eb8e67408f34f222825d7e42fe69e3c5f13a9507caa6b17b31d4865b40fee512c9ad6da847a6739b44ec11ef86a6f9eb2d9855e48111f094f0e817fbe4656a75a0b810dab93719d1b56457005a7ef32c86b0a864f5068f2fb1ec00f61fd56e3959a9acdab8f975573602cdb3a98886a53843ccd5b48fe899091d5d1426230ff0311822e83ec9b06edf70c30d29fe06c57d20379ebbac682daec948bdbac95201f156441f3c92c381993a31778f4d0f713a075d96619cf2a9dfca8138c0e6c7584ea064d8a8ca75bfdb62e36217c07efa5ca883d900ec6a5c40efab3a7c2651bf8c710d45f7aaf6d6d184626f1e68031635c24df2888bd87880f", 0xff0}], 0x3, &(0x7f0000002740)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0xffffffffffffffff, 0xee01}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xffffffffffffffff}}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xffffffffffffffff}}}], 0xa0, 0x20000004}}, {{&(0x7f0000002800)=@abs={0x1, 0x0, 0x4e22}, 0x6e, &(0x7f0000002d00), 0x0, 0x0, 0x0, 0x4004002}}, {{&(0x7f0000003080)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000004480)=[{&(0x7f0000003100)="b13ebaea1660c8d08bca833c788dfebc147d29870b3a7f197093566820b986bcad0aff41b57db7550fece71f1f445f6de27513afef1686b03ee8e7152d09d553c62f6d7826fdd3c1b69b31f90bde2fd7f2a86b1374206e2087261c3e39a27a433c89aa57087458", 0x67}, {&(0x7f0000003180)="f91c3082fc2cbaad38fbff282d352a98f98b88e996e340b62e489bdafdea0f54990071b54bbb54e0f56924506d5b5d6a7ff1fcc4a37eb4073da851cc6ae6ef1278a645a0f15d66251efb54232ebbe83a03def078ed2af5e515b97e768abaa5e727e61ddad178f05863662c71edbcc8736807f02d1b83c506fd7736a95301b352494303e9773d729c6453eb2a7958cbeb6962be55089f6fc7249373b6939c60a142ca7e99c5ec06290944aa559f08161d55adab25de6b79819a7e061687b8d7e4162e41e1f17fe2ebfec5c5e47ba706cb7a06a36eadf80c998f4948af0f169c5c9d95d91b8d", 0xe5}, {&(0x7f0000003280)="1585deee14bab8b5b7ad123b7e28ee9423503d14f707038f7fa428d9b09625db2e992a911bf2e3cd3cd26d33178fbe216bcacc1ec4ef73e2f949a68587622e66d20844bdefac257d7cd2fbb97ef32fd81cb9133bf6765abef01d13d5d5d1d06c5b500882c716", 0x66}, {&(0x7f0000003300)="ecbe8704101bd9dd9b35c314888d174e998c41f2f0792cdafce9cb2292d4370be60df7efd8d7527504b339ba", 0x2c}, {&(0x7f0000003340)="e232f91edb356e3b1a5e0af63898656797ffc8a8523cb055ba527fadb2a113cd9db5fc79a9b97db8459959e7d149997a4c1fcc004182593ea6906bd530d2af783841491443f5d719aac93c87ae98f759c7daa43134d305f64e358dbd14236a01c1f662faa0f6c2f327221cd8a3c7822271068858823f7252512ce6a6bea0843bf12f3a10f793a6171c2f8bbc2d689b5af8", 0x91}, {&(0x7f0000004440)="52d376f1aacd7074f65b3e842c221bee41c613db5f", 0x15}], 0x6, &(0x7f0000000280)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32, @ANYRES32=0xee01, @ANYRES32=0xee00, @ANYBLOB="0000000038000000e9ff00fe00000000010000", @ANYRES32=r3, @ANYRES32=r1, @ANYRES32=r5, @ANYRES32, @ANYRESHEX=r11, @ANYRES32=r4, @ANYRESHEX, @ANYRES32=r2, @ANYRES32, @ANYRES32, @ANYBLOB="2c000000000100000001000000000000", @ANYRES32=r0, @ANYRES32, @ANYRES32=r0, @ANYRES32, @ANYRES32=r5, @ANYRES32, @ANYRES32, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32=r1, @ANYRESDEC=r8, @ANYRES32, @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES16=r9, @ANYRES32=r9, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0x100, 0x8041}}, {{&(0x7f0000004740)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000001300)=[{&(0x7f00000047c0)="22ccdcf42ee596eec327da3391edc4dc179d1841582267dbdc197b7f7ede2c95", 0x20}], 0x1, &(0x7f0000004ac0)=ANY=[@ANYBLOB="2c000000000000000100000001000000", @ANYRES32=r3, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="000000001800000000000000010000", @ANYRES32=r4, @ANYBLOB, @ANYRES32=r7, @ANYRES32, @ANYRES32=r10, @ANYBLOB='\n\x00\x00\x00'], 0x88, 0x20000000}}], 0x4, 0x0)
ioctl$VHOST_SET_FEATURES(0xffffffffffffffff, 0x4008af00, &(0x7f0000001200)=0x1c)
write(r5, &(0x7f0000000100), 0xfffffe5d)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
utimensat(r3, &(0x7f0000000200)='./file0\x00', &(0x7f00000003c0)={{0x0, 0xea60}, {0x0, 0xea60}}, 0x100)
r12 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
getsockopt$inet6_opts(r12, 0x3a, 0x0, 0x0, 0xffffffffffffffff)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1c917, &(0x7f0000000080)={[{@nobarrier}, {@noblock_validity}, {@discard}, {@barrier_val={'barrier', 0x3d, 0x3}}, {@noinit_itable}, {@resgid={'resgid', 0x3d, 0xee01}}, {@jqfmt_vfsold}, {@resgid={'resgid', 0x3d, 0xee01}}, {@resgid={'resgid', 0x3d, 0xee00}, 0x32}]}, 0x1b, 0x4c5, &(0x7f0000000ec0)="$eJzs3c9uW1kZAPDv3sSlf1KSChalEqWiRWkFtZOGthGLAhKCVSWg7EtInCiKE0ex0zZRBal4ACSEAIkVKzZIPAAS6iMgpErMfjQzmtFopp1ZzGKmHvna7qSp3SSqY3fi30+68bnH1/nOZ8vHPuce+QYwsM5FxJWIeFqr1S5FxGizPm1uD09ExFbjuCeP78/WtyRqtVsfJJE06+rHJ9v+Z/MhcTQifvmziN8kL8atbGwuzZRKxbXmfqG6vFqobGxeXlyeWSguFFempiavTV+fvjo90ZU8RyLixk/e+fMf/vHTG//53t03b7938bdJsz625dFtjdRz2XPRMhwRawcRrA+GIuJqliEAAF8Gre/5346ISzEaQ9m3UwAAAOAwqf1wJD5NImoAAADAoZVma2CTNN9cBzASaZrPN9bwfj2Op6Vypfrd+fL6ylxjrexY5NL5xVJxorlWeCxySX1/Mit/sX9lx/5URJyKiD+NHsv287Pl0ly/Jz8AAABgQJzYMf7/eLQx/gcAAAAOmbF+NwAAAAA4cMb/AAAAcPgZ/wMAAMCh9vObN+tbrXX967k7G+tL5TuX54qVpfzy+mx+try2ml8olxey3+xb3u3/lcrl1e/Hyvq9QrVYqRYqG5u3l8vrK9Xbi89dAhsAAADooVPfevhGEhFbPziWbXVH+t0ooCeG93Pw2wfXDqD3hvrdAKBv9vX5DxwquX43AOi7ZJf7Oy7e+W/32wIAAByM8W+0P/+f7Do3sJX2qInAATH/B4PL+X8YXM7/w+DKxVAYyMNgO/jz/7XavhoEAAB03Ui2JWk+IpsHGIk0zecjTmaXBcgl84ul4kREfDUi/j+a+0p9fzJ7ZLLrmAEAAAAAAAAAAAAAAAAAAAAAAAAAaKjVkqgBAAAAh1pE+m7SvP7X+OiFkZ3zA0eST0az24i4+7dbf7k3U62uTdbrP3xWX/1rs/5KP2YwAAAAgJ1a4/TWOB4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuunJ4/uzra2Xcd//cUSMtYs/HEez26ORi4jjHyUxvO1xSUQMdSH+1oOION0uflJvVow1W9Eu/rE+xk8j4kQX4sMge1jvf37U7v2Xxrnstv3771rWQ726zv1f+qz/G+rQ/5zcY4wzj/5V6Bj/QcSZ4fb9Tyt+0iH++T3G//WvNjc73Vf7e8R428+f5LlYheryaqGysXl5cXlmobhQXJmamrw2fX366vREYX6xVGz+bRvjj9/899OX5X+8Q/yxXfK/sMf8P3t07/HXGsVcu/gXz7d//U93iJ82P/u+0yzX7x9vlbca5e3O/vN/Z1+W/1yH/Hd7/S/uMf9Lv/j9W3s8FADogcrG5tJMqVRcG+jCKz0b9a9Fr0UWCvst/O71aMZrWehvvwQAAHTfi2NgAAAAAAAAAAAAAAAAAAAAoNd6+et6LVv9SRUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4KU+DwAA//8zCtT1")

58.738069831s ago: executing program 0 (id=897):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x2, 0x4, 0x6, 0x505, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200), &(0x7f00000002c0), 0xa79, r0}, 0x38)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r4=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x19, 0x3, &(0x7f0000000280)=ANY=[@ANYBLOB="850000006b00000057000000000000009500040000000000"], &(0x7f0000000140)='GPL\x00', 0x1, 0xfc76, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x16, 0xffffffffffffffff, 0x8, &(0x7f0000000040), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffe77, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x161281, 0x0)
write$binfmt_aout(r6, &(0x7f0000000380)=ANY=[], 0xff2e)
ioctl$TCSETS(r6, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x0, 0xeb6, 0x0, "85f94609000000000000000001000e00"})
r7 = syz_open_pts(r6, 0x0)
r8 = dup3(r7, r6, 0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r8, @ANYBLOB=',wfdno='])
r9 = dup(r5)
write$UHID_INPUT(r9, &(0x7f0000002080)={0x9b, {"a2e3ad09ed0d09f91a5e070987f70e06d038e7ff7fc6e5539b0d3e0e8b089b3f363563030890e0879b0af8c6e70a9b334a959b669a240d0a0af3988f7ef319520100ffe8d178708c526db51b1b5b31070d0773090acd3b78130daa61d8e8040001000000b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f6709000000a141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7af1d0e54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c01008e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e1a63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0d8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
r10 = socket(0x10, 0x2, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0), r10)
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000100)=ANY=[@ANYBLOB="98030000", @ANYRES16=r3, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r4, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff080211000001"], 0x398}}, 0x0)

51.683843697s ago: executing program 0 (id=900):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, r0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0xd, 0x800000, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4000, 0xfffffffc, 0x0, 0x0, @void, @value, @void, @value}, 0x21)
openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
ioctl$TCFLSH(r1, 0x4b45, 0x2)
dup(0xffffffffffffffff)

51.447103838s ago: executing program 4 (id=902):
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
io_setup(0x3, &(0x7f0000000180)=<r1=>0x0)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
eventfd(0x45)
r2 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
io_submit(r1, 0x1, &(0x7f0000000800)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x5, 0x0, r2, 0x0}])
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x1, 0x40, 0x6, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_inet_SIOCSIFNETMASK(r4, 0x891c, &(0x7f0000000080)={'veth0_to_batadv\x00', {0x2, 0x0, @private=0xfffffffc}})
syz_open_dev$usbfs(&(0x7f0000000200), 0x5785, 0x803)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x9, 0x0, r3, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x1a, &(0x7f0000000080)=0x1, 0x4)
bind$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @multicast2}}, 0x1c)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x541b, 0x0)
openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='cgroup\x00', 0x0, &(0x7f0000000380)='source')
write$rfkill(r0, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1}, 0x8)

44.951146675s ago: executing program 2 (id=916):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x13, &(0x7f0000000380)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c1300000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000048aa0080850000002d0000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000007"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
fanotify_mark(0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000280)={@in={{0x2, 0x0, @loopback}}, 0x0, 0x2, 0x7, 0x0, '\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\b\x00'}, 0xd8)
bind$inet(r3, &(0x7f0000000140)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$sock_linger(r3, 0x1, 0xd, &(0x7f0000000040)={0x3, 0xff5}, 0x8)
sendto$inet(r3, 0x0, 0xffffffffffffff7c, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)
close(r3)

43.191616379s ago: executing program 2 (id=918):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001080)={0x6, 0xc, &(0x7f0000000680)=@framed={{}, [@ringbuf_output={{0x18, 0x5, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x45}}]}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
open(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000580)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
unshare(0x40020000)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

41.122688629s ago: executing program 2 (id=922):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
open(&(0x7f0000000100)='.\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000400000000dfffff1918120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r4}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0}, 0x10)
r5 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_FREE_STREAMS(r5, 0x802c550a, &(0x7f0000000040)=ANY=[@ANYBLOB="02002302230102090500000010000020d3"])
ioctl$USBDEVFS_REAPURBNDELAY(r5, 0x4004550c, 0x0)
syz_open_procfs$namespace(0x0, 0x0)

40.09027133s ago: executing program 2 (id=924):
syz_open_dev$vbi(&(0x7f0000000040), 0x0, 0x2)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89001)
sched_setscheduler(0x0, 0x0, &(0x7f0000000240))
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, &(0x7f0000000040)={{@my=0x1}, @host, 0x0, 0x0, 0x7})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, &(0x7f0000000080)={{@hyper}, @hyper, 0x0, 0x0, 0x7})
ioctl$IOCTL_VMCI_QUEUEPAIR_SETVA(r0, 0x7aa, &(0x7f0000000180)={{@my=0x1}})
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
bind$netlink(r2, &(0x7f0000000000)={0x10, 0x0, 0x25dfdbfc, 0x1000000}, 0xc)
socket$igmp(0x2, 0x3, 0x2)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
socket$alg(0x26, 0x5, 0x0)
r3 = socket(0x1e, 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r3, 0x89f1, &(0x7f0000000680)={'ip6tnl0\x00', &(0x7f0000000500)={'syztnl2\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, @mcast2, 0x7800}})
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000003d00), 0x0)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r4, 0xc058534f, &(0x7f0000003d40)={{0x0, 0x1}, 0x0, 0x2})
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)

38.076295845s ago: executing program 1 (id=930):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000040)='./file0\x00', 0x300001a, &(0x7f0000000240)=ANY=[@ANYRES32=r0, @ANYBLOB="42ef9910cd385077b5fdc7d8ffac224d42c422b8b5a12dfbab6443219c5dda8f44665cc0e6a17bbc8cb13c21ead2f7d41c0f648c1184704aa8e76b00c5dc804d168c0c5253248494", @ANYRES8=0x0], 0x4, 0x2ba, &(0x7f00000007c0)="$eJzs3U9rI2UYAPBnkjQZ9ZAgXvwDO6AHT2Xr1UuirCD2pERQLwa3C5KUhS4EXMG6p/0EHsWv4Ufw7DcQvAredg+VkcnMNMk2qbEmFba/H5S+vO/7vPNknpCc8syXbxyP795P4tGT3yJNk2j0ox9Pk+hFI2rfRysAgOfH0zyPP/NynFR/m2k1dpcVALBL5fd/aeOgWztNCQDYsU8++/yjweHhnY+zLI1Xu4+nwyQijh9Ph+X64F58HZM4itvRjbOI/Fw5/uDDwzvRygq9eOv4dDqcLp0/+CNiFn8Q3eitjj/ISlX8MKL4vxcvRhaDe3v1Ud14ZXX8OyviY9iOt99cyH8/uvHrV3E/JnE3ith5/HcHWfZ+/sOTb78oLlPEJ40Ydmb75vLm9VQEAAAAAAAAAAAAAAAAAAAAAICbYD/LkrJ9z6x/TzFV9d9pns3W97Nab7k/Txl/3i+47A+UR9Wi5zSPH+v+OrezLMurjXV8JyJea3mwAAAAAAAAAAAAAAAAAAAAABQefPNwPJpMjk7+86A5Hk3qbgD1z/qvemB/YeZWPByPmusP7Gx+rcVuA0Wul26OViu2cFs2GbxQ5LNmz09Vvv/+5M68uJ9W4XVhtvoqXn7vPMOsWqpv8niU/NO10rpwPy8uteOq+cxqOzk6yWdvibN8uabpmpvZ3tLdaL+0cumvPM83O+fd38saVTPJrMXGZlffqwZr3y3pxVr8sjyTxnyprmH/2Y+M5jY+dwAAAAAAAAAAAAAAAAAAgIuWfzj9jEfr416PaOwyLwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4TvPn/9eDNCKWZy4MTqvgy/ZUg3acPPifXyIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3wN8BAAD//1ZMSAs=")
open(&(0x7f0000000040)='./bus\x00', 0x145142, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6(0xa, 0x0, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sendmsg$key(r1, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000080)={'syztnl1\x00', 0x0})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
getpeername$packet(0xffffffffffffffff, 0x0, 0x0)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(0xffffffffffffffff, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000300)='./bus\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYRES64=0x0, @ANYRES32, @ANYRESOCT], 0x2, 0x627, &(0x7f0000000b80)="$eJzs3U9oHNcdB/DvrCVZUoujJHZi2kBFDGmpqa0/KK16iRtC8SGUkB56FrYcC6+VIClBCaGo6b9rD7kW0oNuPRV6F7Tn5parjoFCLzkJWlCZ2dn1ylopKznySvbnY96+9+bNvPeb387sahfMBnhqvf5GspUiN6++uV72tzdnm9ubs+fr4WaSst1IhlpViuVk6M/JjbRKRrqmKw5a59Ol+be/+Gr7y1ZvqC7V/o1k+BHPYqMumUxyrq73O2SZ3d0D57t14Hz9KjqZKRN2paw3HmlC+Gbs7tO+Mv/bz+EH3u/A2VG03jf3mUjGk4y2/g7ovIE2HmtwJ8D7LwAAAE+DZ3ayk/VcGHQcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcJbUv/9f1KXRbk+maP/+/0i9LXX7jCn29LYGFgcAAAAAAAAAHEfRc+v3drKT9Uanv1uk8d3k5apzsXr8Vt7PahazkmtZz0LWspaVTCeZ6JpoZH1hbW1luo8jZ3oeOXMCpwwAAAAAAAAAT6LJnls/yc1ceOyxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAIYrkXKuqysW6bhtNMlI2NpLP2+2zbGvQAQAAAMBj8MxOdrKeC+3+blF95n+h+tw/mveznLUsZS3NLOZ2/V1A+am/sb0529zenL1flnLj+T3z/uw/RwqjmjGt7x56r3y52mMsd7JUbbmWW3k3zdxOozqydLkdT3dcD/ymjKl4raXoM7LbdV3u/6eHvg0ZrIkqI8OdjEzVsZXZePbwTBzx2Xl4pek0Ot/8XDxCzl/rc73xui7P5w+nOucz9dX3eXnPHJCJTvTf//tff3W3uXzv7p3Vq6fnlI6pzsTGUJ2J2a778MXDr4knLBNTVSYudfo38/P8MlczmbeykqV8kIWsZTGTjTeq1kJ9RZSPE4dn6sae3ltfF8lI/by0XkX7iintmF6ujr2Qpfwi7+Z2FvNq9W8m0/lx5jKX+a5n+FIfd33jaHf9lR/UjbEkf6zr06HM67Ndee1+zZ2oxrq3PMjScwdnqTjma+PQd+pGucZv6/p0eDgT012ZeP7w6+Uvu+XjanP53srdhff6XO+Vui5T+ftT9S5RXi/PlU9W1dt7dZRjz/ccm67GLnbGGvvGLnXGet6pK+3156u9X+g500w19mLPsdlq7HLXWK+/twA49cZ/OD4y9u+xf419Nva7sbtjb46+fv4n518ayfA/h386NHXulcZLxd/yWX794PM/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwfKsffnRvodlcXPmaxlYf+zxKo6h/yOcEl9Do0RjJ4FbP6ClJgkavZwd4wl1fu//e9dUPP/rR0v2FdxbfWVwenpubn5qfe3X2+p2l5uJU63HQUQIn4dt1vbLa9yEfn1gwAAAAAAAAAAAAQF8ex38nGPQ5AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGfbzasZ2kqR6alrU2V/e3O2WZZ2+8GeQ0kaSYqPk+IfyY20Sia6pisOWufTpfm3v/hq+8vOXJ/8r71/47Djehp+eMNGXTKZ5Fw+GD/SdPvtme9WXR9f0TnDMmFX2omDQft/AAAA///9xArx")
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r2, &(0x7f0000000200)=ANY=[@ANYBLOB='0\x00\x00\x00\a'], 0xd)

38.075920826s ago: executing program 2 (id=931):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f00000013c0)=0x80000000001, 0x4)
socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$PPPIOCNEWUNIT(r5, 0xc004743e, 0x0)
r6 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001440)=ANY=[@ANYBLOB="1c0000005e0021a5553f8c6b23cbff07bbbf7f00931c07b2fd"], 0x1c}}, 0x0)
recvmmsg$unix(r6, &(0x7f0000002380)=[{{0x0, 0x0, &(0x7f0000001340)=[{&(0x7f00000002c0)=""/4096, 0x1004}], 0x1}}], 0x8, 0x34000, 0x0)

37.006513729s ago: executing program 2 (id=933):
syz_mount_image$exfat(&(0x7f0000000040), &(0x7f0000000180)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0xa1000a, &(0x7f00000003c0)=ANY=[], 0x21, 0x1506, &(0x7f0000001b00)="$eJzs3AvYTdX2MPAx5pyLl6Sd5D7HHIudXkyXJLkkySVJkiNJbgkhSZKQ3G9JSELuSe4huYXkfr/lniRJkiQkJJnfo9P5Oud0/v++8//3fZ7v/47f86xnz7HXGnPNucf7vnvN9T57f9NhSOW6VSrUZmb4b8G/PnQHgBQA6A8A1wFABAAlspTIcmV/Bo3d/3snEX+uh6Zf7RGIq0nqn7ZJ/dM2qX/aJvVP26T+aZvUP22T+qdtUn8h0rLtM3JeL1va3eT+f1om7///gxwtPPaLjYVv7PhvpEj90zapf9om9U/bpP5pm9Q/bZP6p21S/7RN6i9EWvZfv3cs/zv4n7Bd7Z8/IYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBpw4XwGwMAf2tf7XEJIYQQQgghhBDizxPSX+0RCCGEEEIIIYQQ4v8+BAUaDESQDtJDCmSAjHANZIJrITNcBwm4HrLADZAVboRskB1yQE7IBbkhD1ggcMAQQ17IB0m4CfLDzZAKBaAgFAIPhaEIFIVicAsUh1uhBNwGJeF2KAWloQyUhTugHNwJ5eEuqAB3Q0WoBJWhCtwDVeFeqAb3QXW4H2rAA1ATHoRa8BeoDQ9BHXgY6sIjUA8ehfrQABpCI2j8X8p/AbrAi9AVukF36AE9oRf0hj7QF/pBf3gJBsDLMBBegUEwGIbAqzAUXoNh8DoMhxG/vGKjYDSMgbEwDsbDBHgTJsJbMAnehskwBabCNJgOM2AmvAOzYDbMgXdhLrwH82A+LICFsAjeh8WwBJbCB7AMPoTlsAJWwipYDWtgLayD9bABNsIm2AxbYCtsg+3wEeyAnbALdsMe2Av74GPYD5/AAfgUDsJn/2b++X/K74iAgAoVGjSYDtNhCqZgRsyImTATZsbMmMAEZsEsmBWzYjbMhjkwB+bCXJgH8yAhISNjXsyLSUxifsyPqZiKBbEgevRYBItgMbwFi2NxLIElsCSWxFJYGktjWSyL5bAclsfyWAErYEWsiJWxMt6D9+C9WA2rYXWsjjWwBtbEmlgLa2FtrI11sA7WxbpYD+thfayPDbEhNsbG2ASbYFNsis2xObbAFtgKW2FrbI1tsA22xbbYDtthe2yPHbADdsRO2AlfwBfwRXwRu2FF1QN7Yk/sjb2xL/bDfvgSDsCX8WV8BQfhYByCr+Kr+BoOw3M4HEfgSByJ5dRoHINjkdV4nIATcCJOxEk4CSfjFJyC03A6zsCZOBNn4Wycje/iXHwP38P5OB8X4iJchItxCS7FpbgMz+NyXIErcRWuxjW4GtfhelyHG3ETbsQtuAW34Tb8CD/CnbgTd+Nu3IsGAD/GT/ATHIQH8SAewkN4GA/jETyCR/EoHsNjeByP4wk8gSfxJJ7C03gGT+NZPIvn8DxewAt4ES/iJXwu11d19hbYMAjUFUYZlU6lUykqRWVUGVUmlUllVplVQiVUFpVFZVVZVTaVTeVQOVQulUvlUXkUKVKsYpVX5VVJlVT5VX6VqlJVQVVQeeVVEVVEFVPFVHFVXJVQt6mS6nZVSpVWzXxZVVaVU819eXWXqqAqqIqqkqqsqqgqqqqqqqqpaqq6qq5qqBqqpnpQ1VI9sC8+pK5Upq4ajPXUEKyvGqiGqpF6DR9TTdQwbKqaqebqCTUCh2Mr1cS3Vk+pNmoMtlXPqLH4rGqvxmMH9bzqqDqpzuoF1UU19V1VNzUZe6ieahr2Vn1UX9VPzcJK6krFKqtX1CA1WA1Rr6qF+Joapl5Xw9UINVK9oUap0WqMGqvGqfFqgnpTTVRvqUnqbTVZTVFT1TQ1Xc1QM9U7apaareaod9Vc9Z6ap+arBWqhWqTeV4vVErVUfaCWqQ/VcrVCrVSr1Gq1Rq1V69R6tUFtVJvUZrVFbVXb1Hb1kdqhdqpdarfao/aqfepjtV99og6oT9VB9Zk6pD5Xh9UX6oj6Uh1VX6lj6mt1XH2jTqhv1Un1nTqlTqsz6nt1Vv2gzqnz6oL6UV1UP6lL6md1WQUFGrXSWhsd6XQ6vU7RGXRGfY3OpK/VmfV1OqGv11n0DTqrvlFn09l1Dp1T59K5dR5tNWmnWcc6r86nk/omnV/frFN1AV1QF9JeF9ZFdFFdTN+ii+tbdQl9my6pb9eldGldRpfVd+hy+k5dXt+lK+i7dUVdSVfWVfQ9uqq+V1fT9+nq+n5dQz+ga+oHdS39F11bP6Tr6Id1Xf2Irqcf1fV1A91QN9KN9WO6iX5cN9XNdHP9hG6hW+pW+kndWj+l2+indVv9jG6nn9Xt9XO6g35ed9SddGf9s76sg+6qu+nuuofuqXvp3rqP7qv76f76JT1Av6wH6lf0ID1YD9Gv6qH6NT1Mv66H6xF6pH5Dj9Kj9Rg9Vo/T4/UE/aaeqN/Sk/TberKeoqfqaXq6nqH7/trTnP+D/Lf+Rf7AX86+TW/XH+kdeqfepXfrPXqv3qf36f16vz6gD+iD+qA+pA/pw/qwPqKP6KP6qD6mj+nj+rg+oU/ok/qkPqVP6x/19/qs/kGf0+f1ef2jvqgv6ku/vgZg0CijjTGRSWfSmxSTwWQ015hM5lqT2VxnEuZ6k8XcYLKaG002k93kMDlNLpPb5DHWkHGGTWzymnwmaW7CXy8oTEFTyHhT2BQxRf+dfJPf3GxSTYF/yP+j8TU2jU0T08Q0NU1Nc9PctDAtTCvTyrQ2rU0b08a0NW1NO9POtDftTQfTwXQ0HU1n09l0MV1MV9PVdDfdTU/Ty/Q2fUxf08/0Ny+ZAWaAGWgGmkFmkBlihpihZqgZZoaZ4Wa4GWlGmlFmlBljxphxZpyZYCaYiWaimWQmmclmsplqpprpZrqZaWaaWWaWmWPmmLlmrpln5pkFZoFZZBaZxWaxWWqWmmVmmVluVpgVZpVZZdaYNWadWWc2mA1mk9lktpgtZrnZbrabHWaH2WV2mT1mj9ln9pn9Zr85YA6Yg+agOWQOmcPmsDlijpij5qg5Zo6Z4+a4OWFOmJPmpDllTpkz5ow5a86ac+acuWAumIvmorlkLpnL5vKVy75IRSoykYnSRemilCglyhhljDJFmaLMUeYoESWiLFGWKGt0Y5Qtyh7liHJGuaLcUZ7IRhS5iKM4yhvli5LRTVH+6OYoNSoQFYwKRT4qHBWJikbFolui4tGtUYnotqhkdHtUKiodlYnKRndE5aI7o/LRXVGF6O6oYlQpqhxVie6Jqkb3RtWi+6Lq0f1RjeiBqGb0YFQr+ktUO3ooqhM9HNWNHonqRY9G9aMGUcOoUdT4T+0/hHPZH/ddbTfb3fawPW0v29v2sX1tP9vfvmQH2JftQPuKHWQH2yH2VTvUvmaH2dftcDvCjrRv2FF2tB1jx9pxdrydYN+0E+1bdpJ92062U+xUO81OtzPsTPuOnWVn2zn2XTvXvmfn2fl2gV1oF9n37WK7xC61H9hl9kO73K6wK+0qu9qusWvtOrvebrAb7Sa72W6xW+02u91+ZHfYnXaX3W332L12n/3Y7ref2AP2U3vQfmYP2c/tYfuFPWK/tEftV/aY/doet9/YE/Zbe9J+Z0/Z0/aM/d6etT/Yc/a8vWB/tBftT/aS/dletuHKxf2Vt3cyZCgdpaMUSqGMlJEyUSbKTJkpQQnKQlkoK2WlbJSNclAOykW5KA/loSuYmPJSXkpSkvJTfkqlVCpIBcmTpyJUhIpRMSpOxakElaCSVJJKUSkqQ2XoDrqD7qQ76S66i+6mu6kSVaIqVIWqUlWqRtWoOlWnGlSDalJNqkW1qDbVpjpUh+pSXapH9ag+1aeG1JAaU2NqQk2oKTWl5tScWlALakWtqDW1pjbUhtpSW2pH7ag9tacO1IE6UkfqTJ2pC3WhrtSVulN36kk9qTf1pr7Ul/pTfxpAA2ggDaRBNIiG0BAaSkNpGA2j4TSCRtIbNIpG0xgaS+NoPE2gCTSRJtIkmkSTaTJNpak0nabTTJpJs2gWzaE5NJfm0jyaRwtoAS2iRbSYFtNSWkrLaBktp+W0klbSalpNa2ktraf1tJE20mbaTFtpK22n7bSDdtAu2kV7aA/to320n/bTATpAB+kgHaJDAQHoCB2ho3SUjtExOk7H6QSdoJN0kk7RKTpDZ+gsnaVzdI4u0AW6SD/RJfqZLlOgFJfBZXTXuEzuWpfZXef+Oc7hcrpcLrfL46zL5rL/Q0zOuVRXwBX82xLTFXWpKVceCznvCrsirqgr5Uq7Mq6su8OVc3e68r+Lq7p7XTV3n6vu7ndV3D3/ENdwD7ia7hFXyz3qarsGro5r5Oq6R1w996ir7xq4hq6Ra+FaulbuSdfaPeXauKd/Fy92S9x6t8FtdJvcfveJu+B+dMfdN+6i+8l1dd1cf/eSG+BedgPdK26QG/y7eKR7w41yo90YN9aNc+N/F09109x0N8PNdO+4WW727+JF7n031y1189x8t8At/CW+Mqal7gO3zH3olrsVbqVb5Va7NW6tW/e/x7rKbXFb3Ta3z33sdridbpfb7fa4vb/EV+ZxwH3qDrrP3DH3tTvsvnBH3Al31H31S3xlfifct+6k+86dcqfdGfe9O+t+cOfc+SvzD1fm/r372V12wQEjK9ZsOOJ0nJ5TOANn5Gs4E1/Lmfk6TvD1nIVv4Kx8I2fj7JyDc3Iuzs152DKxY+aY83I+TvJNnJ9v5lQuwAW5EHsuzEW4KBfjW7g438ol+DYuybdzKS7NZbgs38Hl+E4uz3dxBb6bK3IlrsxV+B6uyvdyNb6Pq/P9XIMf4Jr8INfiv3Btfojr8MNclx/hevwo1+cG3JAbcWN+jJvw49yUm3FzfoJbcEtuxU9ya36K2/DT3Jaf4Xb8LLfn57gDP88duRN35he4C7/IXbkbd+ce3JN7cW/uw325H/fnl3gAv8wD+RUexIN5CL/KQ/k1Hsav83AewSP5DR7Fo3kMj+VxPJ4n8Js8kd/iSfw2T+YpPJWn8XSewTP5HZ7Fs3kOv8tz+T2ex/N5AS/kRfw+L+YlvJQ/4GX8IS/nFbySV/FqXsNreR2v5w28kTfxZt7CW3kbb+ePeAfv5F28m/fwXt7HH/N+zvDrL9xnfIg/58P8BR/hL/kof8XH+Gs+zt/wCf6WT/J3fIpP8xn+ns/yD3yOz/MF/pEv8k98iX/myxwYYoxVrGMTR3G6OH2cEmeIM8bXxJnia+PM8XVxIr4+zhLfEGeNb4yzxdnjHHHOOFecO84T25hiF3Mcx3njfHEyvinOH98cp8YF4oJxodjHheMicdG4WHxLXDy+NS4R3xaXjG+PS8Wl40fuLxvfEZeL74zLx3fFFeK744pxpbhyXCW+J64a3xtXi++Lq8f3x8XjB+Ka8YMx/Pp5lTrxw3Hd+JG4XvxoXD9uEDeMG8WN48fiJvHjcdO4Wdw8fiJuEbeMW8VPxq3jp+I28dN/uL973CPuGfeKe8Uh3KcXJBcmFyXfTy5OLkkuTX6QXJb8MLk8uSK5MrkquTq5Jrk2uS65PrkhuTG5Kbk5uSW5NbktGUKV9ODRK6+98ZFP59P7FJ/BZ/TX+Ez+Wp/ZX+cT/nqfxd/gs/obfTaf3efwOX0un9vn8daTd5597PP6fD7pb/L5/c0+1RfwBX0h731hX8Q38o19Y9/EP+6b+ma+uX/CP+Fb+pb+Sf+kf8q38U/7tv4Z384/69v75/xz/nnf0Xfynf0Lvot/0Xf13Xx339339D19b9/b9/V9fX/f3w/wA/xAP9AP8oP8ED/ED/VD/TA/zA/3w/1IP9KP8qP8GD/Gj/Pj/AQ/wU/0E/0kP8lHADDVT/XT/XQ/08/0s/wsP8fP8XNT5/p5fp5f4Bf4RX6RX+wX+6V+qV/ml/nlfrlf6Vf61X61X+vX+vV+vd/oN/rNfrPf6rf67X673+F3+F1+l9/j9/h9fp/f7/f7A/6AP+gP+kP+kD/sD/sj/kt/1H/lj/mv/XH/jT/hv/Un/Xf+lD/tz/jv/Vn/gz/nz/sL/kd/0f/kL/mf/WUf/ITEm4mJibcSkxJvJyYnpiSmJqYlpidmJGYm3knMSsxOzEm8m5ibeC8xLzE/sSCxMLEo8X5icWJJYmnig8SyxIeJ5YkViZWJVYnViTUGQu4dccgb8oVkuCnkDzeH1FAgFAyFgg+FQ5FQNBQLt4Ti4dZQItwWSobbQ6lQOpQJj4b6oUFoGBqFxuGx0CQ8HpqGZqF5eCK0CC1Dq/BkaB2eCm3C06FteCa0C8+G9uG50CE8HzqGTqFzeCF0CS+GrqFb6B56hJ6hV+gd+oS+oV/oH14KA8LLYWB4JQwKg8OQ8GoYGl4Lw8LrYXgYEUaGN8KoMDqMCWPDuDA+TAhvhonhrTApvB0mhylhapgWpocZYWZ4J8wKs8Oc8G6YG94L88L8sCAsDIvC+2FxWBKWhg/CsvBhWB5WhJVhVVgd1oS1YV1YHzaEjWFT2By2hK1hW9gePgo7ws6wK+wOe8LesC98HPaHT8KB8Gk4GD4Lh8Ln4XD4IhwJX4aj4atwLHwdjodvwonwbTgZvgunwulwJnwfzoYfwrlwPlwIP4aL4adwKfwcLv+bn1mr9OfdQBdCCCGE+P9Krz/Y3+NfPGcAQP3a/imEcO3OnEf/fr8GgM3Z/truo3K1SADAU906PPS3rWLF7t27/3rscg1RvvkAkPinE/war4Dm0BJaQzMo9i/H10d1ush/0H/yNoCMf5eTAr/Fv/X/+X/Q/2NPjFxcMr6Q5T/pfz5Aar7fcq6swv8Wr4DmV2YDzaD4f9B/9iZ/MP4MX0wAaPp3OZkAoGmGfx5/EXgcnobW/3CkEEIIIYQQQgjxV31UmXZ/tH6+sj7PZX7LSQ+/xX+0PhdCCCGEEEIIIcTV92ynzk8+1rp1s3bSkIY00lij5X9yzNX+yySEEEIIIYT4s/120f/bcxmu5oCEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQog06P/FN41d7TkKIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQV9v/CgAA//+LZDZM")
openat(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r3, 0x400455c8, 0x0)
sendmsg$NL80211_CMD_REGISTER_BEACONS(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)=ANY=[], 0x1c}}, 0x0)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r4, 0x800448d2, &(0x7f0000000100))

36.725478563s ago: executing program 1 (id=934):
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000280)={'virt_wifi0\x00', <r1=>0x0})
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000240)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cipher_null\x00'}, 0x58)
r3 = accept4(r2, 0x0, 0x0, 0x0)
sendmmsg$unix(r3, &(0x7f0000000c40)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=[@rights={{0x14, 0x117, 0x3, [0xffffffffffffffff]}}, @cred={{0x1c, 0x117, 0x4, {0xffffffffffffffff, 0x0, 0xffffffffffffffff}}}], 0x38}}], 0x2, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
capset(&(0x7f00000000c0)={0x19980330}, &(0x7f0000000100))
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_ifreq(r4, 0x8914, &(0x7f0000002540)={'veth1_macvtap\x00', @ifru_ivalue})
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xf, 0x4, 0x8, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000300)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x3}}, @call={0x85, 0x0, 0x0, 0x7}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00'}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB, @ANYRES32=r1], 0x20}}, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r6, 0xc020f509, &(0x7f0000000200)={<r7=>r0, 0x0, 0x5, 0x10000})
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000003c0)={{r7}, &(0x7f00000002c0), &(0x7f0000000380)='%pI4   \x00'}, 0x20)

35.95909147s ago: executing program 1 (id=935):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x18808, 0x0, 0xf9, 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
write$binfmt_script(r4, &(0x7f00000003c0), 0xb)
syz_mount_image$fuse(0x0, &(0x7f0000000180)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
setrlimit(0x1, &(0x7f0000000000))
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}, {@metacopy_on}], [], 0x2c})
r5 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
fchmodat(r5, &(0x7f00000000c0)='./file1\x00', 0x0)

34.850428197s ago: executing program 1 (id=937):
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x4000000000000, 0x40, 0x0, 0x0)
r0 = dup(0xffffffffffffffff)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, 0x0)
ioctl$KVM_NMI(r1, 0xae9a)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000240), 0x21, 0x4a6, &(0x7f0000000a40)="$eJzs3cFPG9kZAPBvBgiEkEDaHNqqbdI0bVpFscFJUJRTemlVRZGqRj31kFBwEMLGCJs00BzI/1CpkXpq/4QeKvVQKae97233tpfsYaXsbrSrsNIevJqxIYRgYDcES/j3k55m3jzj7z2sec98gF8APetcRKxFxLGIuBcRo+3rSbvEzVbJHvfyxaPp9RePppNoNu98luTt2bXY8jWZE+3nHIqIP/4u4i/Jm3HrK6vzU5VKealdLzaqi8X6yurluerUbHm2vFAqTU5Mjl+/cq10YGM9W/3P89/O3frT///3k2fvr/36b1m3RtptW8dxkFpDH9iMk+mPiFvvIlgX9LXHc6zbHeE7SSPiexFxPr//R6MvfzUBgKOs2RyN5ujWOgBw1KV5DixJC+1cwEikaaHQyuGdieG0Uqs3Lt2vLS/MtHJlYzGQ3p+rlMfbucKxGEiy+kR+/qpe2la/EhGnI+Lvg8fzemG6Vpnp5hsfAOhhJ7at/18OttZ/AOCIG+p2BwCAQ2f9B4DeY/0HgN5j/QeA3mP9B4DeY/0HgN5j/QeAnvKH27ez0lxvf/71zIOV5fnag8sz5fp8obo8XZiuLS0WZmu12fwze6p7PV+lVlucuBrLD4uNcr1RrK+s3q3Wlhcad/PP9b5bHjiUUQEAuzl99umHSUSs3Tiel9iyl4O1Go62tNsdALqmr9sdALrGbl/Qu/yMD+ywRe9rOv6J0JOD7wtwOC7+UP4fepX8P/Qu+X/oXfL/0LuazcSe/wDQY+T4Ab//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG9vJC9JWmjvBT4SaVooRJyMiLEYSO7PVcrjEXEqIj4YHBjM6hPd7jQA8JbST5L2/l8XRy+MbG89lnw1mB8j4q//vPOPh1ONxtJEdv3zzeuNJ+3rpW70HwDYy8Y6vbGOb3j54tH0RjnM/jz/TWtz0Szueru0WvqjPz8OxUBEDH+RtOst2fuVvgOIv/Y4In6w0/iTPDcy1t75dHv8LPbJQ42fvhY/zdtax+x78f0D6Av0mqfZ/HNzp/svjXP5cef7fyifod7exvy3/sb8l27Of30d5r9z+41x9b3fd2x7HPGj/p3iJ5vxkw7xL+wz/kc//un5Tm3Nf0VcjJ3jb41VbFQXi/WV1ctz1anZ8mx5oVSanJgcv37lWqmY56iLG5nqN31649Kp3cY/3CH+0B7j/8U+x//vr+/9+We7xP/Vz3d+/c/sEj9bE3+5z/hTw//tuH13Fn+mw/j3ev0v7TP+s49XZ/b5UADgENRXVuenKpXykhMnTpxsnnR7ZgLetVc3fbd7AgAAAAAAAAAAAAAAdHIY/07U7TECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwdH0TAAD//yyP2UE=")
creat(&(0x7f0000000380)='./bus\x00', 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, 0x0, 0x4000004)
r3 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da0700000000000109022400010000000009040000090300000009210000000122220009058103"], 0x0)
syz_usb_control_io$hid(r3, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(0xffffffffffffffff, 0x7, 0x0, 0x0, 0x0)
syz_usb_control_io$hid(r3, &(0x7f0000000280)={0x24, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="00222200000096231307f7940ef7070f00000016b8ef0a1a7083"], 0x0}, 0x0)
creat(0x0, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)

32.167244591s ago: executing program 1 (id=940):
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x400, 0x248, 0xffffffff, 0xffffffff, 0x248, 0xffffffff, 0x3c8, 0xffffffff, 0xffffffff, 0x3c8, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0x1f8, 0x220, 0x0, {}, [@common=@inet=@hashlimit2={{0x150}, {'geneve1\x00'}}]}, @common=@unspec=@NFQUEUE3={0x28}}, {{@uncond, 0x0, 0xa8, 0x110}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'pptp\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x460)
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0xb, &(0x7f0000000000)=0x2, 0x4)
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=@newtaction={0x14, 0x1c, 0x4, 0x0, 0x0, {0x0, 0x0, 0x1300}}, 0x14}}, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000480), 0xffffffffffffffff)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=ANY=[], 0x2a, 0x0)
r1 = add_key$fscrypt_v1(0x0, &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x48, 0xffffffffffffffff)
keyctl$KEYCTL_MOVE(0x4, r1, r1, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x2000480, &(0x7f0000001900), 0x1, 0x762, &(0x7f0000001180)="$eJzs3c9rHFUcAPDvbJKmTauJIGg9BQQNlG5Mja2Ch4oHESwU9GxdNttQs8mW7KY0IaAighdBxYOgl579UW/exB9X/S88SEvVtFjxIJHZzKbbZrfJpkmWup8PTPt9M7N5892Zee/tzrATQM8aTf/JRRyOiA+TiOFsfhIRA/WoP+Lk2no3V5aL6ZTE6uqrfyT1dW6sLBej6TWpg1nh0Yj48b2II7mN9VYXl2YK5XJpPiuP12bPj1cXl46emy1Ml6ZLc8cnJiePnXjmxPGdy/WvX5YOXf3opSe/PvnPu49c/uCnJE7GoWxZcx47ZTRGs/dkIH0Lb/PiTlfWZUm3N4BtSU/NvrWzPA7HcPTVIwDg/+ytiFgFAHpMov8HgB7T+B7gxspysTF19xuJvXXthYjYv5Z/4/rm2pL+7Jrd/vp10KEbyW1XRpKIGNmB+kcj4vNvX/8ynWKXrkMCtPL2d1mwof1PNtyz0KmntrDO6B1l7R/sne/T8c+zrcZ/ufXxT7QY/wy2OHe3Y/PzP3dlB6ppKx3/Pd90b9vNpvwzI31Z6YH6mG8gOXuuXErbtgcjYiwGBtPyxF3qGLv+7/V2y5rHf39+/OYXaf3p/7fWyF3pH7z9NVOFWuFecm527Z2Ix/pb5Z+s7/+kzfj39BbrePm59z9rtyzNP823MW3Mf3etXop4ouX+v3VHW3LX+xPH64fDeOOgaOGbXz8dald/8/5Pp7T+xmeBvZDu/6G75z+SNN+vWe28jp8vDf/Qbtnm+bc+/vclr9Xjfdm8i4VabX4iYl/yysb5x269tlFurJ/mP/Z4Pf8D2Sob2r9Wx3/6mfCNzRLPNqL/6u9fbT//3ZXmP9XR/u88uHxzpq9d/Vvb/5P1aCybs5X2b6sbeC/vHQAAAAAAAAAAAAAAAAAAAAAAAABsVS4iDkWSy6/HuVw+v/YM74djKFeuVGtHzlYW5qai/qzskRjINX7qcrjp91Anst/Db5SP3VF+OiIeiohPBg/Uy/lipTzV7eQBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIHOwzfP/U78NdnvrAIBds7/bGwAA7Dn9PwD0nk77f+MFALj/6c8BoPfo/wGg9+j/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2GWnT51Kp9W/V5aLaXnqwuLCTOXC0alSdSY/u1DMFyvz5/PTlcp0uZQvVmY3+3vlSuX8ZMwtXByvlaq18eri0pnZysJc7cy52cJ06UxpYE+yAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDOVBeXZgrlcmleIBAI1oNut0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA94f/AgAA///tuiN0")
r2 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
fallocate(r2, 0x0, 0x0, 0x1000f4)
r4 = open(&(0x7f0000000780)='./bus\x00', 0x14507e, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x90e976db910956fe, 0x4002011, r4, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r5 = open(&(0x7f0000000100)='./bus\x00', 0x14113e, 0x0)
write$binfmt_script(r5, &(0x7f0000000080), 0x208e24b)
clock_gettime(0x0, &(0x7f0000001b40))
add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f00000004c0)={'syz', 0x3}, &(0x7f0000000500)="fd57eefc11929498d3a4a6abb05c089cffc20cd43f688db2e02d074f8e15c4c5a8732e9b0f113b56363464ef2b451e041650b60b0a80f7c37fa753e82c7f2578117c38b453a3f07c76cc7f209ec09a051a5e9624b66dd68e8426672b9cd43ea08a99185fa5e3b3daf70d116d4b7085b1f04b3df760d7f8bd6848f05010d3ff0571e1b3903db2df59e426bdc5fd8fe16c363ed1b2c1171a5715511462f0ae21073088e0e4ba59ceeb000b6e4398417fa48605b4b7856042", 0xb7, 0x0)

31.703525492s ago: executing program 1 (id=942):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
bpf$MAP_LOOKUP_BATCH(0x18, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
set_robust_list(&(0x7f0000000140), 0x18)
keyctl$chown(0x5, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = syz_open_dev$sndpcmp(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_FORWARD(r4, 0xc06c4124, 0xfffffffffffffffd)
syz_mount_image$udf(&(0x7f00000004c0), &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000540), 0x1, 0x489, &(0x7f0000000580)="$eJzs29trHOUfx/HPd7K72Wz7+3XbpmmVgquCSsWaQ4/Gix5iqNBDmjYiRYXYbOLSnMim0hbR4o233ngjIgoKUkULIt54pb3zD1AQBL3wQgT3wgMIgszsMzuTzbZJu4d02/cL2p08852Z57DPPM/uPCsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdeupgb5+tdS4AAEArHT812tvP+A8AwF3lNJ//AQAA7iYmT9/LNDRasmPB32Xpo4XZ8xfGhoZrH9ZlwZEdQbz/L93XP7Br9569+8LXGx/faPfoxKnTB3OH52bmF/LFYn4iNzZbODs3kV/1Geo9vtqOoAJyM+fOT0xOFnP9OweW7L6Q/aVzXU92cG/PAS+MHRsaHj4Vi0kkb/nqy1xvhp+Sp20y/fbQp3Zckqf662KF906zdQWF2BEUYmxoOCjIdGF8dtHfORJWhOfK6qTCOmpBW9SlW/LzZanGfGZLytMBmXp+LtkJSR1hPTwafDF8/QMTDbn8LfPz+bykB9QGbXYb65SnH2Wa2ZDWyNo3K1osIU8XZPpjsGQng/uB35/82+bRZ3JPz07OxWJHzPWodh8fWuk2vzel5el4cMcv2ehaZwYt50+W3pJpy8cvB/MKBfPSDYN7nzg5EJ9hbF3hPH7sTjd/XM2YnHSxIzZi5jW+XAAAAAAAAACkTvP0nUylr3JRYtbkxR4Zp1V+MJRbmywCaBbz9LZMJ0dLwdfw8XUpHbH1PRXt/uyvufnvSh+em7+4UJh6abHm/kz64IvFxYXxs7V3q8u/z3bEU1Zax1KnpHlKyfTcnx9Z5brl+79bChDl5sMnozUz6errB++b/5fXM4XPkPaf2Rrfrpnlm3g+6l/TzNOiTIc2bXNrVTJaVmcqx30u0+/vbXdxXsqy7vm2n93yGScL0/leP/Zrmd7/N4wNlkVpnYvdHMX2+bEm05vHlsaud7HdUWy/Hzss07UXasduiWIH/NjXZZr/NRfGZvzY+1xsTxS78+zc9EStqgRult//f5Lp3e6chX0jUX7/Le//r0RjweXqE12nz9fb/7OxtMuuX5/x+/9f24K+HPR/r3b/f0OmT77Y7uLKfS/l9m8M/o/6/7MyTX27NDbjYjdFsX2rrtg24bf/dpmObLlaqRvX/q4FolaLt/+91e+OJrX/xlha1l23szFFh6TixUvnxqen8wtssMEGG5WNtb4zoRX88f8zfxb15Q+V+Y4b/93HlGhm9fer0fg/WH2iJo3/m2Jpg242kkxI6cWZ+eRWKV28eOmxwsz4VH4qP7urd0/v7l37+/bvS6bCyV20VXdd3Yn89v9Gpn/WXal83l06/6s9/89Un6hJ7b85lpZZMl+pu+hw7X9FpvuvXa18L3Gj+X/4/c8jD5ZfK/2zSe3fHUvLuuv+rzFFBwAAAAAAAAAAAAAAAIC2ljRPH8h05PGEhb81W836v2U/QGvS+q+eWNpEi36vUHelAkAb8OTpHZkeVsle8xPWS8fir7ij/RcAAP//+UwjnQ==")

6.895241228s ago: executing program 3 (id=960):
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000640)='./file1\x00', 0x3014850, &(0x7f00000001c0)={[{@quota}, {@barrier_val={'barrier', 0x3d, 0x1000}}, {@grpjquota}, {@norecovery}, {@dioread_lock}]}, 0x3, 0x4bd, &(0x7f0000000f00)="$eJzs3d9rW9cdAPDvle3ESZzZ2faQBZaFLcMJWyQ7XhKzh8yDsT0FlmXvnmfLxli2jCUnsQnDYX/AYPQX7VOf+lLoH1Ao+RNKIdC+l1JaQpukD31oqyL5KnFdyZaJbSXW5wPH9557r/z9Hgkd6dxz0Q2gY52JiLGI6IqI8xHRn27PpCXW1kv1uEcP70xWSxKVyo0vkkjSbfX/laTLY+nDeiPiH3+L+Hfy47illdW5iUIhv5TWc+X5xVxpZfXC7PzETH4mvzA2Mnx59MropdGhXWvr1b98+sr/3vrr1fd+f+vj8c/P/aeaVl+6b2M7WrHW4nHrTe+pPRd13RGxtJNgz7GutD097U4EAICWVL/j/zQifh0Rj19vdzYAAADAXqj8qS++SSIqAAAAwIGVqV0Dm2Sy6bUAfZHJZLPr1/D+PI5mCsVS+XfTxeWFqfVrZQeiJzM9W8gPpdcKD0RPUq0P19af1i9uqo9ExImIeKn/SK2enSwWptp98gMAAAA6xLFN4/+v+tfH/wAAAMABM9DuBAAAAIA9Z/wPAAAAB1/T8X/Svb+JAAAAAHvh79euVUulfv/rqZsry3PFmxem8qW57PzyZHayuLSYnSkWZ2q/2Te/3f8rFIuLf4iF5du5cr5UzpVWVsfni8sL5fHafb3H8+4TDQAAAPvvxK/ufZRExNofj9RK1aF0Xwtj9bG9zQ7YS5mdHZ7sVR7A/utqdwJA27jAFzqX+Xhgm4H9y5vqOzxtAAAAPA8Gf/FM8//mA+EFZiAPncv8P3Qu8//Qucz/Q4c7vP0hvc12vL/LuQAAAHumr1aSTDadC+yLTCabjTheuy1ATzI9W8gPRcRPIuLD/p7D1fpwu5MGAAAAAAAAAAAAAAAAAAAAAAAAgBdMpZJEBQAAADjQIjKfJemN/Af7z/ZtPj9wKPm6v7aMiFtv3Hj19kS5vDRc3f7lk+3l19LtF9txBgMAAADYrD5Or4/jAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGA3PXp4Z7Je9jPugz9HxECj+N3RW1v2Rk9EHH2cRPeGxyUR0bUL8dfuRsTJRvGTaloxkGaxOX4mIo60Of6xXYgPnexetf8Za/T+y8SZ2rLx+687Lc/qwZlm/V/mSf/X1aT/O95ijFP338k1jX834lR34/6nHj95xv73X/9cXW22r/JmxGDDz5/kB7Fy5fnFXGll9cLs/MRMfia/MDIyfHn0yuil0aHc9Gwhn/5tGOP/v3z3u63af7RJ/IFt2n+2xfZ/e//2w59tEf/cbxq//ie3iF997n+bfg5U9w/W19fW1zc6/fYHp7dq/1ST9m/3+p9rsf3nr//3kxYPBQD2QWlldW6iUMgvWbFi5eCtXE/f6Dt+eJs7JgAAYNc9/dLf7kwAAAAAAAAAAAAAAAAAAACgc+3Hj5BtjNfbvqYCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGzp+wAAAP//hqfSmw==")
bpf$MAP_CREATE(0x0, 0x0, 0x0)
openat$sysfs(0xffffff9c, 0x0, 0x42, 0x0)
io_submit(0x0, 0x0, 0x0)
io_pgetevents(0x0, 0x8, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
mkdir(0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0xfffffffffffffddf, &(0x7f0000000040)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000100)={@dev, 0x1, 0x2}, 0x0)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
ioctl$FS_IOC_GETFSLABEL(r3, 0x400452c8, &(0x7f0000000100))

5.800763064s ago: executing program 3 (id=961):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text16={0x10, 0x0}], 0x1, 0x38, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x106000})
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a980000000c0a000000000000000000000000000084000380800000807c0001805d000100aee09168ffecac3156bff708b8ec15159ced8e080d3d3ed8ad57d0e51c2994da81dd74ada255db756d3132af7ead84b2b80ad85b06c9be8956d9695939d887dd197e5b0076f7b65bd56f183c3eda2258d75557e99c6b2cb3e3000000170001003c3ecb311f0ced338a9f9a484bfdb93fdd7cc6"], 0xc0}}, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r5, 0x0)
r6 = dup(r4)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
r8 = socket(0xa, 0x3, 0x6)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000003e80)=[{{&(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10, 0x0}}], 0x1, 0x0)
getsockopt$nfc_llcp(r8, 0x29, 0x39, 0x0, 0x20000011)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

4.734971097s ago: executing program 3 (id=962):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000000c0)='syzkaller\x00', 0x4, 0x91, &(0x7f0000000000)=""/145, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10)
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)={0x58, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x14, 0x3, 'hash:ip,port,ip\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x0}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x58}}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000100)={0x0, 0x0, 0xdc, 0x3})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000002c0)={'bond0\x00'})
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
close(r3)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000040), 0x208e24b)
r5 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
connect$llc(r5, &(0x7f00000001c0)={0x1a, 0x0, 0x0, 0x8, 0x0, 0x0, @dev}, 0x10)
sendmsg$nl_route(r3, &(0x7f0000003e00)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000003dc0)={&(0x7f00000003c0)=@ipv6_getnexthop={0x20, 0x6a, 0x300, 0x70bd25, 0x25dfdbfc, {}, [@NHA_ID={0x8, 0x1, 0x2}]}, 0x20}, 0x1, 0x0, 0x0, 0x4000}, 0x40)
recvmmsg(r5, &(0x7f00000005c0)=[{{0x0, 0xe8, 0x0, 0x0, 0x0, 0x0, 0xffffffff00003f00}}], 0x4000000000001db, 0x0, 0x0)
recvmmsg(r5, &(0x7f0000003cc0)=[{{&(0x7f0000000400)=@vsock={0x28, 0x0, 0x0, @my}, 0x80, &(0x7f00000018c0)=[{&(0x7f0000000600)=""/4096, 0x1000}, {&(0x7f0000000480)=""/45, 0x2d}, {&(0x7f0000001600)=""/240, 0xf0}, {&(0x7f0000000500)=""/95, 0x5f}, {&(0x7f0000001700)=""/240, 0xf0}, {&(0x7f0000001800)=""/174, 0xae}], 0x6, &(0x7f0000001940)=""/4096, 0x1000}, 0x8}, {{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000002940)=""/125, 0x7d}, {&(0x7f00000029c0)=""/247, 0xf7}], 0x2, &(0x7f0000002ac0)=""/101, 0x65}, 0xffff}, {{&(0x7f0000002b40)=@ethernet={0x0, @remote}, 0x80, &(0x7f0000003c80)=[{&(0x7f0000002bc0)=""/18, 0x12}, {&(0x7f0000002c00)=""/116, 0x74}, {&(0x7f0000002c80)=""/4096, 0x1000}], 0x3}, 0x200}], 0x3, 0x40000002, &(0x7f0000003d80)={0x77359400})
socket$nl_generic(0x10, 0x3, 0x10)
sendfile(r5, r4, 0x0, 0xffefffff)

3.819807297s ago: executing program 3 (id=963):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DESTROY(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000580)=ANY=[@ANYBLOB="2800000003060102000000000000040000000000050001000700"], 0x28}}, 0x0)
r4 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r4, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_inet_SIOCSARP(r5, 0x8955, &(0x7f0000000a80)={{0x2, 0x0, @empty}, {0x0, @remote}, 0x4a, {}, 'lo\x00'})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r6 = syz_open_dev$dri(&(0x7f00000000c0), 0x1, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r6, 0xc018643a, &(0x7f0000000080)={0x4000000})

967.195386ms ago: executing program 3 (id=964):
openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x601c2, 0x0)
open(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000580)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014001100b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x31, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x4000000000000, 0x40, 0x0, 0x0)
r6 = syz_open_dev$usbfs(&(0x7f0000000040), 0x80000000003, 0x101301)
ioctl$USBDEVFS_FREE_STREAMS(r6, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="0200a006002a17006000000002000020d3"])
ioctl$USBDEVFS_REAPURBNDELAY(r6, 0x4008550d, 0x0)

0s ago: executing program 3 (id=965):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0xfffd)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r1 = socket$inet6(0xa, 0x1, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
setsockopt$inet6_int(r1, 0x29, 0x8, 0x0, 0x0)
getsockopt$inet6_buf(r1, 0x29, 0x6, 0x0, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={0x0, 0x134}}, 0x0)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_MEDIA_GET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x1500, &(0x7f00000005c0)={&(0x7f0000000200)={0x6c, r3, 0x1, 0x0, 0x0, {0x3}, [@TIPC_NLA_BEARER={0x58, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x10}, 0xf8}}, {0x20, 0x2, @in6={0xa, 0x0, 0x0, @mcast1}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}]}]}, 0x6c}}, 0x0)
sendmsg$TIPC_NL_LINK_SET(r2, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000001c0)={&(0x7f00000005c0)={0x44, r3, 0x1, 0x70bd25, 0x25dfdbfc, {}, [@TIPC_NLA_BEARER={0x30, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e20, @remote}}, {0x14, 0x2, @in={0x2, 0x4e21, @loopback}}}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x8040}, 0x20008000)
syz_genetlink_get_family_id$tipc2(0x0, r0)
sendmsg$TIPC_NL_NET_GET(r0, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x4}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20000001}, 0x40010)
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000340)=[{0x6, 0x0, 0x0, 0x67b}]}, 0x10)
bind$inet6(r4, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r4, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

kernel console output (not intermixed with test programs):

[  423.772433][ T6608] Quota error (device loop1): qtree_write_dquot: Error -5 occurred while creating quota
[  425.561590][ T6608] EXT4-fs error (device loop1): ext4_acquire_dquot:6800: comm syz.1.501: Failed to acquire dquot type 0
[  425.589208][ T6608] EXT4-fs (loop1): 1 orphan inode deleted
[  425.698694][ T6608] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  425.715445][ T6608] EXT4-fs (loop1): unmounting filesystem.
[  425.806868][ T3683] usb 2-1: USB disconnect, device number 4
[  426.365010][ T6642] dccp_close: ABORT with 68 bytes unread
[  426.925657][ T6654] loop4: detected capacity change from 0 to 40427
[  426.950085][ T6654] F2FS-fs (loop4): invalid crc value
[  427.050516][ T6654] F2FS-fs (loop4): Found nat_bits in checkpoint
[  427.161205][ T6654] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[  427.713251][ T6661] syz.4.513: attempt to access beyond end of device
[  427.713251][ T6661] loop4: rw=2049, sector=53248, nr_sectors = 1544 limit=40427
[  428.311354][   T26] audit: type=1800 audit(1726003510.289:88): pid=6661 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.513" name="file2" dev="overlay" ino=28 res=0 errno=0
[  428.350377][ T5891] EXT4-fs (loop2): unmounting filesystem.
[  429.512645][   T26] audit: type=1804 audit(1726003510.519:89): pid=6662 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.513" name="/newroot/23/file0/bus/file2" dev="overlay" ino=28 res=1 errno=0
[  429.764958][ T5952] syz-executor: attempt to access beyond end of device
[  429.764958][ T5952] loop4: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[  429.788566][ T5952] syz-executor: attempt to access beyond end of device
[  429.788566][ T5952] loop4: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  430.508696][ T6386] kworker/u4:25: attempt to access beyond end of device
[  430.508696][ T6386] loop4: rw=2049, sector=40960, nr_sectors = 136 limit=40427
[  431.817878][ T3701] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  431.916984][ T3701] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  431.967097][ T6682] netlink: 4 bytes leftover after parsing attributes in process `syz.2.518'.
[  432.014190][ T5294] kernel write not supported for file /uinput (pid: 5294 comm: kworker/0:14)
[  432.036250][ T3701] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  432.181867][ T3701] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  433.900728][ T6701] loop1: detected capacity change from 0 to 512
[  434.003738][ T6701] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  434.078444][ T6701] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  434.146471][ T6701] Quota error (device loop1): v2_read_file_info: Free block number 1 out of range (1, 6).
[  434.194810][ T6701] EXT4-fs warning (device loop1): ext4_enable_quotas:7035: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  434.345004][ T6701] EXT4-fs (loop1): mount failed
[  435.605843][ T6731] sctp: [Deprecated]: syz.0.526 (pid 6731) Use of struct sctp_assoc_value in delayed_ack socket option.
[  435.605843][ T6731] Use struct sctp_sack_info instead
[  435.902617][ T3654] Bluetooth: hci4: unexpected event for opcode 0x0c26
[  436.465511][ T6731] device hsr0 entered promiscuous mode
[  436.520587][ T6731] device hsr0 left promiscuous mode
[  436.857702][ T6747] loop3: detected capacity change from 0 to 64
[  439.893089][ T1269] ieee802154 phy0 wpan0: encryption failed: -22
[  439.899663][ T1269] ieee802154 phy1 wpan1: encryption failed: -22
[  439.929944][ T3654] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  439.938880][ T3654] Bluetooth: hci4: Injecting HCI hardware error event
[  439.953744][   T48] Bluetooth: hci4: hardware error 0x00
[  440.415225][   T26] audit: type=1326 audit(1726003523.179:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6768 comm="syz.1.536" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8e2797def9 code=0x0
[  441.038998][ T6780] syz.3.535[6780] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  441.039110][ T6780] syz.3.535[6780] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  442.609235][ T6781] xt_cgroup: invalid path, errno=-2
[  442.613810][   T48] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  442.661339][   T48] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  442.674578][   T48] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  442.684927][   T48] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  442.693623][   T48] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  442.701506][   T48] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  442.709907][   T48] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  442.963713][ T3701] device hsr_slave_0 left promiscuous mode
[  443.134562][ T3701] device hsr_slave_1 left promiscuous mode
[  443.147462][ T3701] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  443.446078][ T3701] batman_adv: batadv0: Removing interface: batadv_slave_0
[  443.506224][ T3701] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  443.514904][ T3701] batman_adv: batadv0: Removing interface: batadv_slave_1
[  443.629524][ T3701] device bridge_slave_1 left promiscuous mode
[  443.897633][ T3701] bridge0: port 2(bridge_slave_1) entered disabled state
[  444.010654][ T3701] device bridge_slave_0 left promiscuous mode
[  444.041587][ T3701] bridge0: port 1(bridge_slave_0) entered disabled state
[  444.323758][ T3701] device veth1_macvtap left promiscuous mode
[  444.355438][ T3701] device veth0_macvtap left promiscuous mode
[  444.363351][ T3701] device veth1_vlan left promiscuous mode
[  445.515233][ T3640] Bluetooth: hci3: command tx timeout
[  445.541677][ T6803] loop2: detected capacity change from 0 to 512
[  445.559960][ T6803] ext4: Unknown parameter 'noacl'
[  446.360765][ T6811] loop3: detected capacity change from 0 to 128
[  446.461071][ T6815] "syz.2.542" (6815) uses obsolete ecb(arc4) skcipher
[  446.655589][ T6814] loop0: detected capacity change from 0 to 1024
[  446.738510][ T6814] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  446.865676][ T6814] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  447.048203][   T26] audit: type=1804 audit(1726003529.809:91): pid=6814 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.544" name="/newroot/55/file0/bus" dev="loop0" ino=18 res=1 errno=0
[  447.237380][ T6831] loop1: detected capacity change from 0 to 164
[  447.371913][ T5502] EXT4-fs (loop0): unmounting filesystem.
[  447.399317][ T6641] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  447.518446][   T26] audit: type=1326 audit(1726003530.249:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6828 comm="syz.2.546" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7fe0b7def9 code=0x0
[  447.546935][ T3640] Bluetooth: hci3: command tx timeout
[  447.636853][ T3640] Bluetooth: hci0: command 0x0406 tx timeout
[  449.514608][  T946] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  449.565614][ T6848] syz.3.549 (6848): drop_caches: 2
[  449.768677][ T3640] Bluetooth: hci3: command tx timeout
[  449.899143][ T6846] ALSA: mixer_oss: invalid OSS volume '00000000000000000000'
[  449.908651][ T6846] ALSA: mixer_oss: invalid OSS volume 'OGAINWÁ”1ő›'
[  450.118471][  T946] usb 2-1: Using ep0 maxpacket: 16
[  452.156590][ T3640] Bluetooth: hci3: command tx timeout
[  452.226203][ T6869] loop2: detected capacity change from 0 to 2048
[  452.236016][ T6871] loop3: detected capacity change from 0 to 1024
[  452.255824][ T6871] EXT4-fs: Ignoring removed nobh option
[  452.264651][ T3701] team0 (unregistering): Port device team_slave_1 removed
[  452.287284][ T6869] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  452.315136][   T26] audit: type=1800 audit(1726003535.079:93): pid=6869 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.556" name="bus" dev="loop2" ino=18 res=0 errno=0
[  452.337731][ T6871] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  452.366130][   T26] audit: type=1800 audit(1726003535.129:94): pid=6871 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.557" name="bus" dev="loop3" ino=18 res=0 errno=0
[  452.445082][ T3701] team0 (unregistering): Port device team_slave_0 removed
[  452.532739][ T3701] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  452.631570][ T3701] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  452.642514][ T5891] EXT4-fs (loop2): unmounting filesystem.
[  453.362991][ T5332] EXT4-fs (loop3): unmounting filesystem.
[  454.713663][ T3701] bond0 (unregistering): Released all slaves
[  454.845843][ T6881] netlink: 'syz.2.558': attribute type 11 has an invalid length.
[  454.959114][  T946] usb 2-1: unable to read config index 0 descriptor/all
[  454.966153][  T946] usb 2-1: can't read configurations, error -71
[  455.106277][ T6896] loop2: detected capacity change from 0 to 8
[  455.275926][ T6894] loop1: detected capacity change from 0 to 1024
[  457.291003][   T48] Bluetooth: hci1: command 0x0406 tx timeout
[  457.351677][ T6894] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  457.533565][ T6777] chnl_net:caif_netlink_parms(): no params data found
[  457.659229][ T5829] EXT4-fs (loop1): unmounting filesystem.
[  457.758963][ T6910] loop3: detected capacity change from 0 to 128
[  457.777595][ T6910] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[  458.480304][ T6923] netlink: 8 bytes leftover after parsing attributes in process `syz.2.564'.
[  459.898633][ T6921] netlink: 148 bytes leftover after parsing attributes in process `syz.3.566'.
[  461.204478][ T6929] loop1: detected capacity change from 0 to 256
[  461.444011][ T6777] bridge0: port 1(bridge_slave_0) entered blocking state
[  461.462273][   T26] audit: type=1800 audit(1726003544.229:95): pid=6929 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.567" name="bus" dev="loop1" ino=1048680 res=0 errno=0
[  461.504921][ T6777] bridge0: port 1(bridge_slave_0) entered disabled state
[  461.529714][ T6777] device bridge_slave_0 entered promiscuous mode
[  461.530208][ T6937] loop3: detected capacity change from 0 to 512
[  461.569433][ T6777] bridge0: port 2(bridge_slave_1) entered blocking state
[  461.592919][ T6777] bridge0: port 2(bridge_slave_1) entered disabled state
[  461.602085][ T6937] EXT4-fs: Ignoring removed bh option
[  461.633598][ T6777] device bridge_slave_1 entered promiscuous mode
[  461.709793][ T6937] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz.3.568: inode #11614: comm syz.3.568: iget: illegal inode #
[  461.814432][ T6937] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.568: error while reading EA inode 11614 err=-117
[  461.921982][ T6777] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  461.964352][ T6777] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  461.988955][ T6954] loop2: detected capacity change from 0 to 1024
[  462.033389][ T6937] EXT4-fs (loop3): 1 truncate cleaned up
[  462.039582][  T946] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  462.067148][ T6937] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  462.219299][ T6956] loop0: detected capacity change from 0 to 512
[  462.301451][ T6954] hfsplus: extend alloc file! (8192,65536,366)
[  462.493789][ T6777] team0: Port device team_slave_0 added
[  462.537785][ T6956] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.572: bg 0: block 248: padding at end of block bitmap is not set
[  462.564114][ T6956] Quota error (device loop0): write_blk: dquota write failed
[  462.572104][ T6956] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  462.582281][ T6956] EXT4-fs error (device loop0): ext4_acquire_dquot:6800: comm syz.0.572: Failed to acquire dquot type 1
[  462.614005][ T6956] EXT4-fs (loop0): 1 truncate cleaned up
[  462.619944][ T6956] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  462.629799][ T6956] ext4 filesystem being mounted at /60/file0 supports timestamps until 2038 (0x7fffffff)
[  462.950364][ T5502] EXT4-fs (loop0): unmounting filesystem.
[  463.097465][ T6777] team0: Port device team_slave_1 added
[  463.148491][  T946] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  463.474779][  T946] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  463.713427][  T946] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  463.756137][  T946] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  463.903083][  T946] usb 2-1: config 0 descriptor??
[  463.947447][ T6777] batman_adv: batadv0: Adding interface: batadv_slave_0
[  463.965100][ T6777] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  464.133814][ T6777] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  464.961649][ T6777] batman_adv: batadv0: Adding interface: batadv_slave_1
[  464.990560][  T946] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[  465.005614][ T5332] EXT4-fs (loop3): unmounting filesystem.
[  465.018342][ T6777] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  465.046778][  T946] plantronics 0003:047F:FFFF.0005: No inputs registered, leaving
[  465.716835][  T946] plantronics 0003:047F:FFFF.0005: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  465.743182][ T6777] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  465.824181][  T946] usb 2-1: USB disconnect, device number 7
[  465.954670][ T6983] sctp: [Deprecated]: syz.0.576 (pid 6983) Use of int in max_burst socket option.
[  465.954670][ T6983] Use struct sctp_assoc_value instead
[  466.331400][ T6777] device hsr_slave_0 entered promiscuous mode
[  466.363379][ T6777] device hsr_slave_1 entered promiscuous mode
[  466.392796][ T6777] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  467.103279][ T6777] Cannot create hsr debugfs directory
[  467.360134][ T7010] netlink: 44 bytes leftover after parsing attributes in process `syz.2.577'.
[  467.425681][ T7006] loop1: detected capacity change from 0 to 2048
[  467.489190][ T7006]  loop1: p3 < > p4 < >
[  467.493475][ T7006] loop1: partition table partially beyond EOD, truncated
[  467.548621][ T7006] loop1: p3 start 4284289 is beyond EOD, truncated
[  467.622796][ T3092]  loop1: p3 < > p4 < >
[  467.637272][ T3092] loop1: partition table partially beyond EOD, truncated
[  467.686942][ T3092] loop1: p3 start 4284289 is beyond EOD, truncated
[  470.361808][ T7046] device vlan2 entered promiscuous mode
[  470.372260][ T7050] netlink: 24 bytes leftover after parsing attributes in process `syz.1.585'.
[  470.398809][ T7046] device batadv0 entered promiscuous mode
[  470.467791][ T7056] input: syz0 as /devices/virtual/input/input15
[  470.477690][ T7046] team0: Port device vlan2 added
[  473.315033][ T7076] loop1: detected capacity change from 0 to 256
[  473.348512][ T7076] exfat: Deprecated parameter 'utf8'
[  473.353904][ T7076] exfat: Bad value for 'errors'
[  475.532726][ T7092] loop3: detected capacity change from 0 to 256
[  476.007667][ T7092] FAT-fs (loop3): Directory bread(block 64) failed
[  476.014942][ T7092] FAT-fs (loop3): Directory bread(block 65) failed
[  476.021643][ T7092] FAT-fs (loop3): Directory bread(block 66) failed
[  476.028191][ T7092] FAT-fs (loop3): Directory bread(block 67) failed
[  476.035990][ T7092] FAT-fs (loop3): Directory bread(block 68) failed
[  476.042587][ T7092] FAT-fs (loop3): Directory bread(block 69) failed
[  476.049271][ T7092] FAT-fs (loop3): Directory bread(block 70) failed
[  476.055909][ T7092] FAT-fs (loop3): Directory bread(block 71) failed
[  476.062728][ T7092] FAT-fs (loop3): Directory bread(block 72) failed
[  476.069387][ T7092] FAT-fs (loop3): Directory bread(block 73) failed
[  476.163675][ T6777] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  476.181644][ T6777] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  476.192427][ T7088] 9pnet_fd: Insufficient options for proto=fd
[  476.336998][ T6777] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  476.472988][ T6777] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  476.684824][ T7098] program syz.1.596 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  478.137215][ T6777] 8021q: adding VLAN 0 to HW filter on device bond0
[  478.856032][ T6411] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  478.868747][ T6411] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  478.921835][ T6777] 8021q: adding VLAN 0 to HW filter on device team0
[  478.989594][ T6396] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  479.012919][ T6396] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  479.215030][ T6396] bridge0: port 1(bridge_slave_0) entered blocking state
[  479.222197][ T6396] bridge0: port 1(bridge_slave_0) entered forwarding state
[  479.695794][ T6396] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  479.948881][ T6396] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  479.990143][ T6396] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  480.051328][ T6396] bridge0: port 2(bridge_slave_1) entered blocking state
[  480.058521][ T6396] bridge0: port 2(bridge_slave_1) entered forwarding state
[  480.155110][ T6396] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  480.247956][ T6371] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  480.287472][ T6371] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  480.299790][ T7139] loop0: detected capacity change from 0 to 164
[  480.365044][ T6371] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  480.400165][ T6371] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  480.482903][ T6371] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  480.579942][ T6371] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  480.644214][ T6371] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  480.690248][ T6371] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  480.731795][ T6371] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  480.777391][ T6371] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  480.800997][ T7146] loop1: detected capacity change from 0 to 2048
[  480.840823][ T7146] journal_path: Lookup failure for './file0'
[  480.849960][ T6777] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  480.888481][ T7146] EXT4-fs: error: could not find journal device path
[  482.110313][ T7156] loop1: detected capacity change from 0 to 190
[  482.281994][ T7156] ntfs: (device loop1): is_boot_sector_ntfs(): Invalid boot sector checksum.
[  482.348919][ T7156] ntfs: (device loop1): ntfs_read_inode_mount(): Incorrect mft offset to the first attribute 65530 in superblock.
[  482.778729][ T7156] ntfs: (device loop1): ntfs_read_inode_mount(): Failed. Marking inode as bad.
[  482.787731][ T7156] ntfs: (device loop1): ntfs_fill_super(): Failed to load essential metadata.
[  484.087539][ T6371] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  484.119321][ T7177] SET target dimension over the limit!
[  484.135956][ T6371] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  484.187746][ T3640] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  484.200082][ T3640] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  484.208941][ T3640] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  484.235789][ T7179] loop1: detected capacity change from 0 to 2048
[  484.242423][ T3640] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  484.251803][ T3640] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  484.264790][ T3640] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  484.301214][ T7177] netlink: 40 bytes leftover after parsing attributes in process `syz.0.612'.
[  484.342749][ T7179]  loop1: p1 p2 p3
[  484.366330][ T6777] 8021q: adding VLAN 0 to HW filter on device batadv0
[  484.568713][ T5297] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  484.604227][   T46] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  484.828444][ T5297] usb 4-1: Using ep0 maxpacket: 32
[  484.954402][ T5297] usb 4-1: config index 0 descriptor too short (expected 29220, got 36)
[  484.967306][   T46] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  484.990706][ T5297] usb 4-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  485.027412][ T5297] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 81
[  485.038519][ T5297] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  485.050618][ T5297] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  485.068383][ T5297] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  486.451408][ T3640] Bluetooth: hci1: command tx timeout
[  486.516740][ T5297] usb 4-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  486.560287][ T5297] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  486.602571][ T5297] usb 4-1: config 0 descriptor??
[  486.763473][   T46] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  487.171859][ T5297] usblp 4-1:0.0: usblp0: USB Bidirectional printer dev 5 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  487.468640][ T5297] usb 4-1: USB disconnect, device number 5
[  487.489582][ T5297] usblp0: removed
[  487.542472][   T46] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  487.839179][ T7181] chnl_net:caif_netlink_parms(): no params data found
[  488.176923][ T7235] loop1: detected capacity change from 0 to 256
[  488.202445][ T3654] Bluetooth: hci0: unexpected event 0x30 length: 4 > 3
[  488.439667][ T7234] trusted_key: encrypted_key: keylen parameter is missing
[  488.490287][ T3654] Bluetooth: hci1: command tx timeout
[  489.224659][ T7181] bridge0: port 1(bridge_slave_0) entered blocking state
[  489.235505][ T7181] bridge0: port 1(bridge_slave_0) entered disabled state
[  489.249284][ T7181] device bridge_slave_0 entered promiscuous mode
[  489.259669][ T6369] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  489.279027][ T6369] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  489.414526][ T7181] bridge0: port 2(bridge_slave_1) entered blocking state
[  489.427182][ T7181] bridge0: port 2(bridge_slave_1) entered disabled state
[  489.446201][ T7181] device bridge_slave_1 entered promiscuous mode
[  489.470177][ T6384] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  489.494566][ T6384] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  489.576787][ T6777] device veth0_vlan entered promiscuous mode
[  489.590952][ T6384] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  489.605922][ T6384] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  489.671989][ T6777] device veth1_vlan entered promiscuous mode
[  489.971228][ T7181] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  489.986531][ T7280] loop0: detected capacity change from 0 to 512
[  489.989050][ T6384] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  490.001766][ T6384] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  490.021938][ T7280] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  490.044822][ T7280] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  490.140687][ T7280] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  490.821503][ T7181] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  490.836937][ T7280] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  490.847453][ T7280] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=e040e01c, mo2=0000]
[  490.893114][ T3654] Bluetooth: hci0: command 0x0406 tx timeout
[  490.900612][ T3640] Bluetooth: hci1: command tx timeout
[  490.921373][ T7280] EXT4-fs (loop0): failed to initialize system zone (-117)
[  490.928843][ T7280] EXT4-fs (loop0): mount failed
[  491.159471][ T7181] team0: Port device team_slave_0 added
[  491.221248][ T7181] team0: Port device team_slave_1 added
[  492.078024][ T6777] device veth0_macvtap entered promiscuous mode
[  492.299001][ T7181] batman_adv: batadv0: Adding interface: batadv_slave_0
[  492.306007][ T7181] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  492.411645][ T7181] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  492.438204][ T7181] batman_adv: batadv0: Adding interface: batadv_slave_1
[  492.789322][ T7181] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  493.014975][ T3640] Bluetooth: hci1: command tx timeout
[  493.872098][ T7181] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  493.883817][ T6384] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  493.925055][ T6384] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  493.973470][ T6777] device veth1_macvtap entered promiscuous mode
[  494.884632][ T6384] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  494.908750][ T7329] loop1: detected capacity change from 0 to 512
[  494.964695][ T7329] EXT4-fs (loop1): orphan cleanup on readonly fs
[  494.988769][ T7329] EXT4-fs error (device loop1): ext4_ext_check_inode:520: inode #4: comm syz.1.631: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 2048(2048)
[  495.058032][ T7335] loop0: detected capacity change from 0 to 16
[  495.095739][ T7335] erofs: (device loop0): mounted with root inode @ nid 36.
[  495.119079][ T7329] EXT4-fs error (device loop1): ext4_quota_enable:6994: comm syz.1.631: Bad quota inode: 4, type: 1
[  495.120357][ T7181] device hsr_slave_0 entered promiscuous mode
[  495.156968][ T7181] device hsr_slave_1 entered promiscuous mode
[  495.164129][ T7329] EXT4-fs warning (device loop1): ext4_enable_quotas:7035: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  495.184605][ T7181] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  495.205095][ T7181] Cannot create hsr debugfs directory
[  495.206485][ T7329] EXT4-fs (loop1): Cannot turn on quotas: error -117
[  495.219585][ T6777] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  495.238529][ T6777] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  495.260733][ T7329] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  495.278345][ T6777] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  495.307144][ T7329] EXT4-fs (loop1): shut down requested (2)
[  495.308350][ T6777] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  495.328890][ T7338] loop3: detected capacity change from 0 to 4096
[  495.345412][ T7329] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[  495.353436][ T6777] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  495.366386][ T6777] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  495.376973][ T6777] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  495.388032][ T6777] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  495.406253][ T7329] EXT4-fs warning (device loop1): ext4_enable_quotas:7035: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  495.409430][ T7343] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  495.426219][ T6777] batman_adv: batadv0: Interface activated: batadv_slave_0
[  495.497958][ T7345] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  495.620607][ T6364] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  495.655488][ T6364] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  495.720365][   T26] audit: type=1800 audit(1726003578.469:96): pid=7349 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.634" name="bus" dev="loop3" ino=18 res=0 errno=0
[  495.760019][   T26] audit: type=1800 audit(1726003578.489:97): pid=7338 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.634" name="bus" dev="loop3" ino=18 res=0 errno=0
[  495.818504][ T7338] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[  495.825113][ T7338] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  495.837338][ T6777] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  495.845981][ T7338] vhci_hcd vhci_hcd.0: Device attached
[  495.854676][ T6777] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  495.865996][ T6777] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  495.868483][ T7349] vhci_hcd vhci_hcd.0: pdev(3) rhport(1) sockfd(11)
[  495.876662][ T6777] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  495.883095][ T7349] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  495.904019][ T6777] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  495.915445][ T6777] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  495.926613][ T7349] vhci_hcd vhci_hcd.0: Device attached
[  495.940613][ T6777] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  495.953150][ T6777] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  495.966911][ T5829] EXT4-fs (loop1): unmounting filesystem.
[  495.975147][ T6777] batman_adv: batadv0: Interface activated: batadv_slave_1
[  495.996204][ T7338] vhci_hcd vhci_hcd.0: pdev(3) rhport(2) sockfd(16)
[  496.002865][ T7338] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  496.038229][ T7338] vhci_hcd vhci_hcd.0: Device attached
[  496.038969][ T5297] vhci_hcd: vhci_device speed not set
[  496.061996][ T6396] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  496.081723][ T6396] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  496.099409][ T7349] vhci_hcd vhci_hcd.0: pdev(3) rhport(3) sockfd(13)
[  496.106144][ T7349] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  496.148362][ T5297] usb 15-1: new full-speed USB device number 2 using vhci_hcd
[  496.166448][ T7349] vhci_hcd vhci_hcd.0: Device attached
[  496.182921][ T7361] vhci_hcd: connection closed
[  496.186670][ T7353] vhci_hcd: connection reset by peer
[  496.186936][ T7365] vhci_hcd: connection closed
[  496.197386][ T7358] vhci_hcd: connection closed
[  496.211856][ T6369] vhci_hcd: stop threads
[  496.225533][ T6369] vhci_hcd: release socket
[  496.236950][ T6369] vhci_hcd: disconnect device
[  497.168788][ T6369] vhci_hcd: stop threads
[  497.173230][ T6369] vhci_hcd: release socket
[  497.188514][ T6369] vhci_hcd: disconnect device
[  497.208458][ T6369] vhci_hcd: stop threads
[  497.212786][ T6369] vhci_hcd: release socket
[  497.251579][ T6369] vhci_hcd: disconnect device
[  497.271655][ T6369] vhci_hcd: stop threads
[  497.275946][ T6369] vhci_hcd: release socket
[  497.312101][ T6369] vhci_hcd: disconnect device
[  497.616725][ T7385] loop0: detected capacity change from 0 to 256
[  497.661858][ T6777] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  497.682338][ T7385] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d)
[  497.689870][ T6777] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  497.749727][ T6777] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  497.761470][ T6777] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  499.533107][ T7401] loop0: detected capacity change from 0 to 8
[  500.459864][ T7399] SQUASHFS error: zlib decompression failed, data probably corrupt
[  500.468539][ T7399] SQUASHFS error: Failed to read block 0x13e: -5
[  500.474899][ T7399] SQUASHFS error: Unable to read metadata cache entry [13c]
[  500.482276][ T7399] SQUASHFS error: Unable to read directory block [13c:26]
[  501.012117][   T26] audit: type=1326 audit(1726003583.779:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7388 comm="syz.3.641" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fefe9d7def9 code=0x0
[  501.288894][ T5297] vhci_hcd: vhci_device speed not set
[  501.319921][ T1269] ieee802154 phy0 wpan0: encryption failed: -22
[  501.334771][ T1269] ieee802154 phy1 wpan1: encryption failed: -22
[  502.004167][   T26] audit: type=1326 audit(1726003584.769:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7421 comm="syz.0.648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f123a77def9 code=0x7ffc0000
[  502.078979][   T46] device hsr_slave_0 left promiscuous mode
[  502.086615][   T26] audit: type=1326 audit(1726003584.799:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7421 comm="syz.0.648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f123a77def9 code=0x7ffc0000
[  502.136418][ T7422] loop0: detected capacity change from 0 to 512
[  502.142988][   T46] device hsr_slave_1 left promiscuous mode
[  502.151932][ T3654] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  502.163377][ T3654] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  502.172802][ T3654] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  502.187209][ T3654] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  502.194876][ T3654] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  502.202360][ T3654] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  502.226296][ T3640] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  502.233793][ T3640] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  502.241306][   T26] audit: type=1326 audit(1726003584.799:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7421 comm="syz.0.648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=282 compat=0 ip=0x7f123a77def9 code=0x7ffc0000
[  502.264756][ T3640] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  502.274594][ T3640] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  502.283246][ T3640] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  502.290663][ T3640] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  502.298911][ T7422] EXT4-fs error (device loop0): ext4_clear_blocks:883: inode #13: comm syz.0.648: attempt to clear invalid blocks 1 len 1
[  502.305427][   T26] audit: type=1326 audit(1726003584.799:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7421 comm="syz.0.648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f123a77def9 code=0x7ffc0000
[  502.354440][ T7422] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.648: bg 0: block 343: padding at end of block bitmap is not set
[  502.395224][ T7422] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6172: Corrupt filesystem
[  502.423474][   T26] audit: type=1326 audit(1726003584.799:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7421 comm="syz.0.648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f123a77def9 code=0x7ffc0000
[  502.458518][ T7422] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz.0.648: invalid indirect mapped block 1819239214 (level 0)
[  502.486070][   T26] audit: type=1326 audit(1726003584.799:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7421 comm="syz.0.648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=280 compat=0 ip=0x7f123a77def9 code=0x7ffc0000
[  502.506833][ T7422] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz.0.648: invalid indirect mapped block 1819239214 (level 1)
[  502.531299][ T7422] EXT4-fs (loop0): 1 truncate cleaned up
[  502.537023][ T7422] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  502.554957][   T26] audit: type=1326 audit(1726003584.799:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7421 comm="syz.0.648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f123a77def9 code=0x7ffc0000
[  502.590224][   T26] audit: type=1326 audit(1726003584.799:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7421 comm="syz.0.648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f123a77def9 code=0x7ffc0000
[  502.619261][   T26] audit: type=1326 audit(1726003584.809:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7421 comm="syz.0.648" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f123a77def9 code=0x7ffc0000
[  502.653021][ T7422] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2186: inode #15: comm syz.0.648: corrupted in-inode xattr
[  502.667317][   T46] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  502.682907][   T46] batman_adv: batadv0: Removing interface: batadv_slave_0
[  502.696308][   T46] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  502.711548][ T7422] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2186: inode #15: comm syz.0.648: corrupted in-inode xattr
[  502.727176][   T46] batman_adv: batadv0: Removing interface: batadv_slave_1
[  502.735742][   T46] device bridge_slave_1 left promiscuous mode
[  502.742316][   T46] bridge0: port 2(bridge_slave_1) entered disabled state
[  502.757965][ T7435] loop3: detected capacity change from 0 to 512
[  502.776726][   T46] device bridge_slave_0 left promiscuous mode
[  502.786369][   T46] bridge0: port 1(bridge_slave_0) entered disabled state
[  502.801720][ T7435] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  502.810750][ T7435] ext4 filesystem being mounted at /91/bus supports timestamps until 2038 (0x7fffffff)
[  503.016992][ T5502] EXT4-fs (loop0): unmounting filesystem.
[  503.018997][   T46] device batadv0 left promiscuous mode
[  503.090104][   T46] device veth1_macvtap left promiscuous mode
[  503.388608][   T46] device veth0_macvtap left promiscuous mode
[  503.410480][   T46] device veth1_vlan left promiscuous mode
[  503.420196][   T46] device veth0_vlan left promiscuous mode
[  503.757017][   T46] team0 (unregistering): Port device vlan2 removed
[  504.408481][ T3640] Bluetooth: hci5: command tx timeout
[  505.500563][   T46] team0 (unregistering): Port device team_slave_1 removed
[  505.597647][   T46] team0 (unregistering): Port device team_slave_0 removed
[  505.779199][   T46] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  507.515442][ T3640] Bluetooth: hci5: command tx timeout
[  509.123897][ T7452] loop0: detected capacity change from 0 to 2048
[  509.167670][ T7452] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[  509.261840][ T7452] syz.0.652: attempt to access beyond end of device
[  509.261840][ T7452] loop0: rw=524288, sector=33554430, nr_sectors = 2 limit=2048
[  509.290027][ T7456] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  509.302067][   T46] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  509.528355][ T3640] Bluetooth: hci5: command tx timeout
[  511.609954][ T3640] Bluetooth: hci5: command tx timeout
[  511.976891][   T46] bond0 (unregistering): Released all slaves
[  512.202900][ T3654] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  512.216422][ T3654] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  512.225202][ T3654] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  512.240081][ T3654] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  512.247777][ T3654] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  512.256809][ T3654] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  512.349907][ T5332] EXT4-fs (loop3): unmounting filesystem.
[  513.129863][ T7485] loop3: detected capacity change from 0 to 764
[  513.470223][ T7471] chnl_net:caif_netlink_parms(): no params data found
[  513.660850][ T7424] chnl_net:caif_netlink_parms(): no params data found
[  513.831661][   T46] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  513.892574][ T7181] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  514.003876][   T46] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  514.041570][ T7506] loop0: detected capacity change from 0 to 64
[  514.107686][ T7181] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  514.182288][ T7181] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  514.320965][   T46] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  514.331680][ T3640] Bluetooth: hci3: command tx timeout
[  514.374674][ T7181] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  514.411877][ T7471] bridge0: port 1(bridge_slave_0) entered blocking state
[  514.419720][ T7471] bridge0: port 1(bridge_slave_0) entered disabled state
[  514.428087][ T7471] device bridge_slave_0 entered promiscuous mode
[  514.532520][   T46] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  514.617519][ T7471] bridge0: port 2(bridge_slave_1) entered blocking state
[  514.636402][ T7471] bridge0: port 2(bridge_slave_1) entered disabled state
[  514.654428][ T7471] device bridge_slave_1 entered promiscuous mode
[  514.698797][ T7424] bridge0: port 1(bridge_slave_0) entered blocking state
[  514.708641][ T7424] bridge0: port 1(bridge_slave_0) entered disabled state
[  514.743779][ T7424] device bridge_slave_0 entered promiscuous mode
[  514.869125][ T7471] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  514.904040][ T7471] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  514.944095][ T7424] bridge0: port 2(bridge_slave_1) entered blocking state
[  514.974254][ T7424] bridge0: port 2(bridge_slave_1) entered disabled state
[  514.999464][ T7424] device bridge_slave_1 entered promiscuous mode
[  515.138773][ T7424] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  515.183043][ T7471] team0: Port device team_slave_0 added
[  515.211269][ T7424] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  515.258871][ T7512] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[  515.280969][ T7471] team0: Port device team_slave_1 added
[  515.321034][ T7513] netlink: 12 bytes leftover after parsing attributes in process `syz.3.660'.
[  515.473872][ T7424] team0: Port device team_slave_0 added
[  515.595335][   T46] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  515.622906][ T7471] batman_adv: batadv0: Adding interface: batadv_slave_0
[  517.178961][ T7523] loop0: detected capacity change from 0 to 4096
[  517.387449][ T7523] ntfs: volume version 3.1.
[  517.415525][ T7471] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  517.518688][ T5561] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  517.571955][ T3640] Bluetooth: hci3: command tx timeout
[  517.688444][ T7471] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  517.715782][ T7424] team0: Port device team_slave_1 added
[  517.752624][ T7181] 8021q: adding VLAN 0 to HW filter on device bond0
[  517.810507][   T46] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  517.832385][ T7471] batman_adv: batadv0: Adding interface: batadv_slave_1
[  517.845718][ T7471] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  517.872614][ T7471] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  517.942709][ T7424] batman_adv: batadv0: Adding interface: batadv_slave_0
[  517.985510][ T7424] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  518.012563][ T5561] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  518.028359][ T5561] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  518.038224][ T5561] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  518.072769][ T7424] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  518.087550][ T5561] usb 4-1: New USB device found, idVendor=28bd, idProduct=0055, bcdDevice= 0.00
[  518.100254][ T7527] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  518.103172][ T5561] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  518.149156][ T5561] usb 4-1: config 0 descriptor??
[  518.186879][   T46] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  518.219505][ T7424] batman_adv: batadv0: Adding interface: batadv_slave_1
[  518.226527][ T7424] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  518.263360][ T7424] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  518.297655][ T7535] netlink: 12 bytes leftover after parsing attributes in process `syz.0.663'.
[  518.325447][ T7181] 8021q: adding VLAN 0 to HW filter on device team0
[  518.386725][   T46] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  518.421130][ T6371] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  518.434213][ T6371] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  518.450056][ T7471] device hsr_slave_0 entered promiscuous mode
[  518.457178][ T7471] device hsr_slave_1 entered promiscuous mode
[  518.464476][ T7471] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  518.475509][ T7471] Cannot create hsr debugfs directory
[  518.517141][ T3731] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  518.527189][ T3731] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  518.536419][ T3731] bridge0: port 1(bridge_slave_0) entered blocking state
[  518.543610][ T3731] bridge0: port 1(bridge_slave_0) entered forwarding state
[  518.553198][ T3731] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  518.562924][ T3731] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  518.572218][ T3731] bridge0: port 2(bridge_slave_1) entered blocking state
[  518.579430][ T3731] bridge0: port 2(bridge_slave_1) entered forwarding state
[  518.590941][ T3731] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  518.637736][ T7424] device hsr_slave_0 entered promiscuous mode
[  518.653074][ T7424] device hsr_slave_1 entered promiscuous mode
[  518.662025][ T7424] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  518.670071][ T7424] Cannot create hsr debugfs directory
[  518.679531][ T3731] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  518.688225][ T3731] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  518.698206][ T3731] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  518.710414][ T5561] usbhid 4-1:0.0: can't add hid device: -71
[  518.716524][ T5561] usbhid: probe of 4-1:0.0 failed with error -71
[  518.729346][ T3731] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  518.747585][ T5561] usb 4-1: USB disconnect, device number 6
[  518.754420][ T3731] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  518.817900][ T3731] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  518.827751][ T3731] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  518.892286][ T6396] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  518.906363][ T6396] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  518.976192][ T3692] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  518.985662][ T3692] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  519.023372][ T7181] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  519.490504][   T26] kauditd_printk_skb: 37 callbacks suppressed
[  519.490520][   T26] audit: type=1326 audit(1726003602.209:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7546 comm="syz.3.664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fefe9d7def9 code=0x7ffc0000
[  519.688543][ T3640] Bluetooth: hci3: command tx timeout
[  520.065389][   T26] audit: type=1326 audit(1726003602.209:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7546 comm="syz.3.664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fefe9d7def9 code=0x7ffc0000
[  520.175071][   T26] audit: type=1326 audit(1726003602.209:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7546 comm="syz.3.664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fefe9d7def9 code=0x7ffc0000
[  520.212435][   T26] audit: type=1326 audit(1726003602.209:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7546 comm="syz.3.664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fefe9d7def9 code=0x7ffc0000
[  520.278817][   T26] audit: type=1326 audit(1726003602.249:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7546 comm="syz.3.664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fefe9d7def9 code=0x7ffc0000
[  520.321598][   T26] audit: type=1326 audit(1726003602.249:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7546 comm="syz.3.664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fefe9d7def9 code=0x7ffc0000
[  520.423442][   T26] audit: type=1326 audit(1726003602.249:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7546 comm="syz.3.664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fefe9d7def9 code=0x7ffc0000
[  520.511051][   T26] audit: type=1326 audit(1726003602.249:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7546 comm="syz.3.664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fefe9d7def9 code=0x7ffc0000
[  520.679238][ T7563] loop3: detected capacity change from 0 to 256
[  520.999082][ T6396] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  521.009545][ T6396] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  521.254772][ T7181] 8021q: adding VLAN 0 to HW filter on device batadv0
[  521.530074][ T3692] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  521.556806][ T3692] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  521.699160][ T7578] loop0: detected capacity change from 0 to 512
[  521.721045][ T3692] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  521.740475][ T3692] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  521.761570][ T7578] EXT4-fs error (device loop0): __ext4_fill_super:5399: inode #2: comm syz.0.668: casefold flag without casefold feature
[  521.761593][ T3692] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  521.762317][ T3692] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  521.790037][ T3640] Bluetooth: hci3: command tx timeout
[  521.809982][ T7578] EXT4-fs (loop0): get root inode failed
[  521.815714][ T7578] EXT4-fs (loop0): mount failed
[  521.831360][ T7181] device veth0_vlan entered promiscuous mode
[  522.109905][   T52] block nbd3: Attempted send on invalid socket
[  522.116492][   T52] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  522.129818][ T7586] efs: cannot read volume header
[  522.426928][ T7590] loop0: detected capacity change from 0 to 1024
[  522.902829][ T7181] device veth1_vlan entered promiscuous mode
[  522.917104][ T6398] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  523.207923][ T6371] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  523.227475][ T7595] loop0: detected capacity change from 0 to 512
[  523.239202][ T6371] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  523.263944][ T7595] EXT4-fs: Ignoring removed nomblk_io_submit option
[  523.284414][ T7595] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  523.362426][   T26] audit: type=1804 audit(1726003606.119:153): pid=7595 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.669" name="/newroot/102/file0/bus" dev="loop0" ino=19 res=1 errno=0
[  523.383827][    C0] vkms_vblank_simulate: vblank timer overrun
[  523.396336][ T7181] device veth0_macvtap entered promiscuous mode
[  523.438379][ T7181] device veth1_macvtap entered promiscuous mode
[  523.480739][ T5502] EXT4-fs (loop0): unmounting filesystem.
[  523.711361][ T7181] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  523.748001][ T7181] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  523.782919][ T7181] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  523.811703][ T7181] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  523.845066][ T7181] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  523.886020][ T7181] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  523.926392][ T7181] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  523.955548][ T7181] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  523.995733][ T7181] batman_adv: batadv0: Interface activated: batadv_slave_0
[  524.023155][ T7181] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  524.058490][ T7181] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  524.106371][ T7181] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  524.138375][ T7181] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  524.168617][ T7181] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  524.188294][ T7181] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  524.198575][ T7181] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  524.215323][ T7181] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  524.242107][ T7181] batman_adv: batadv0: Interface activated: batadv_slave_1
[  524.257532][ T6398] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  524.267927][ T6398] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  524.296124][ T6398] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  524.339559][ T6398] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  524.363006][ T6398] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  524.400858][ T6398] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  524.574435][ T7621] loop0: detected capacity change from 0 to 1024
[  524.583572][ T7181] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  524.597171][ T7181] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  524.665460][ T3687] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  524.674252][ T7181] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  524.695103][ T7181] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  524.836647][ T7471] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  524.846661][ T7471] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  525.170636][ T7471] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  525.537973][   T46] device hsr_slave_0 left promiscuous mode
[  525.564560][   T46] device hsr_slave_1 left promiscuous mode
[  525.575261][   T46] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  525.597488][   T46] batman_adv: batadv0: Removing interface: batadv_slave_0
[  525.632154][   T46] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  525.655177][   T46] batman_adv: batadv0: Removing interface: batadv_slave_1
[  525.679800][   T46] device bridge_slave_1 left promiscuous mode
[  525.686072][   T46] bridge0: port 2(bridge_slave_1) entered disabled state
[  525.718334][ T3687] usb 4-1: Using ep0 maxpacket: 8
[  525.773594][   T46] device bridge_slave_0 left promiscuous mode
[  525.786209][   T46] bridge0: port 1(bridge_slave_0) entered disabled state
[  525.828380][   T46] device hsr_slave_0 left promiscuous mode
[  525.835056][   T46] device hsr_slave_1 left promiscuous mode
[  525.841312][ T3687] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  525.851869][ T3687] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  525.862060][ T3687] usb 4-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x3D, skipping
[  525.878952][   T46] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  525.890714][   T46] batman_adv: batadv0: Removing interface: batadv_slave_0
[  525.924303][   T46] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  525.934508][   T46] batman_adv: batadv0: Removing interface: batadv_slave_1
[  525.968129][   T46] device bridge_slave_1 left promiscuous mode
[  525.984688][   T46] bridge0: port 2(bridge_slave_1) entered disabled state
[  526.001377][   T46] device bridge_slave_0 left promiscuous mode
[  526.008001][   T46] bridge0: port 1(bridge_slave_0) entered disabled state
[  526.038692][ T3687] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a4, bcdDevice=9e.7e
[  526.047781][ T3687] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  526.068411][ T3687] usb 4-1: Product: syz
[  526.072710][ T3687] usb 4-1: Manufacturer: syz
[  526.077327][ T3687] usb 4-1: SerialNumber: syz
[  526.096429][ T3687] usb 4-1: config 0 descriptor??
[  526.108023][   T46] device veth1_macvtap left promiscuous mode
[  526.115434][   T46] device veth0_macvtap left promiscuous mode
[  526.122526][   T46] device veth1_vlan left promiscuous mode
[  526.128548][   T46] device veth0_vlan left promiscuous mode
[  526.135484][   T46] device veth1_macvtap left promiscuous mode
[  526.143379][ T3687] usbtest 4-1:0.0: couldn't get endpoints, -22
[  526.145144][   T46] device veth0_macvtap left promiscuous mode
[  526.152576][ T3687] usbtest: probe of 4-1:0.0 failed with error -22
[  526.156947][   T46] device veth1_vlan left promiscuous mode
[  526.173098][   T46] device veth0_vlan left promiscuous mode
[  526.377581][ T3687] usb 4-1: USB disconnect, device number 7
[  526.835150][   T46] team0 (unregistering): Port device team_slave_1 removed
[  526.884430][   T46] team0 (unregistering): Port device team_slave_0 removed
[  526.935085][   T46] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  527.166929][   T46] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  528.065097][ T7648] loop3: detected capacity change from 0 to 512
[  528.079195][ T7648] ext4: Unknown parameter 'noacl'
[  528.645645][   T46] bond0 (unregistering): Released all slaves
[  529.164352][   T46] team0 (unregistering): Port device team_slave_1 removed
[  529.217337][   T46] team0 (unregistering): Port device team_slave_0 removed
[  529.268470][   T46] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  529.318617][   T46] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  529.830265][   T46] bond0 (unregistering): Released all slaves
[  529.935185][ T7471] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  529.984971][ T7424] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  530.018906][ T7424] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  530.055395][ T7424] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  530.103119][ T7424] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  530.155260][ T6384] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  530.172096][ T6384] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  530.259718][ T3731] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  530.298185][ T6384] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  530.309673][ T6384] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  530.336416][ T6384] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  530.442652][ T7650] loop0: detected capacity change from 0 to 512
[  530.453107][ T7471] 8021q: adding VLAN 0 to HW filter on device bond0
[  530.552099][ T7424] 8021q: adding VLAN 0 to HW filter on device bond0
[  530.607080][ T7424] 8021q: adding VLAN 0 to HW filter on device team0
[  530.653780][ T7650] EXT4-fs error (device loop0): ext4_orphan_get:1396: inode #16: comm syz.0.683: casefold flag without casefold feature
[  530.676887][ T7471] 8021q: adding VLAN 0 to HW filter on device team0
[  530.682149][ T7650] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz.0.683: couldn't read orphan inode 16 (err -117)
[  530.698361][ T6398] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  530.708787][ T7650] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  530.719455][ T7650] ext4 filesystem being mounted at /106/file1 supports timestamps until 2038 (0x7fffffff)
[  530.721380][ T6398] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  530.969081][ T6398] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  531.148022][ T6398] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  531.432673][ T5502] EXT4-fs (loop0): unmounting filesystem.
[  531.445108][ T7471] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  531.457068][ T7471] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  531.576157][ T6398] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  531.592749][ T6398] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  531.612570][ T6398] bridge0: port 1(bridge_slave_0) entered blocking state
[  531.619806][ T6398] bridge0: port 1(bridge_slave_0) entered forwarding state
[  531.628039][ T6398] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  531.637058][ T6398] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  531.646581][ T6398] bridge0: port 2(bridge_slave_1) entered blocking state
[  531.653729][ T6398] bridge0: port 2(bridge_slave_1) entered forwarding state
[  531.661831][ T6398] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  531.670933][ T6398] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  531.680047][ T6398] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  531.697501][ T6398] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  531.734240][ T6398] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  531.807177][ T6398] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  531.816130][ T6398] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  531.824794][ T6398] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  531.834239][ T6398] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  531.842845][ T6398] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  531.851531][ T6398] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  532.891220][ T6398] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  532.902676][ T6398] bridge0: port 1(bridge_slave_0) entered blocking state
[  532.910020][ T6398] bridge0: port 1(bridge_slave_0) entered forwarding state
[  532.917945][ T6398] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  532.926970][ T6398] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  532.935663][ T6398] bridge0: port 2(bridge_slave_1) entered blocking state
[  532.942856][ T6398] bridge0: port 2(bridge_slave_1) entered forwarding state
[  532.959365][ T6398] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  532.989184][ T6398] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  532.997419][ T6398] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  533.119650][ T6398] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  533.227455][ T7679] loop3: detected capacity change from 0 to 2048
[  533.500967][ T6384] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  533.520404][ T7679]  loop3: p1 < > p4
[  533.535794][ T7679] loop3: p4 size 8388608 extends beyond EOD, truncated
[  533.724424][ T6384] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  533.738165][ T7681] loop2: detected capacity change from 0 to 256
[  533.913389][ T6384] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  533.982674][ T6384] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  534.034086][ T6384] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  534.069220][ T5332] __loop_clr_fd: partition scan of loop3 failed (rc=-16)
[  534.080327][ T7473] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  534.090528][ T7641] I/O error, dev loop3, sector 8 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  534.135959][ T7473] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  534.147352][ T7641] I/O error, dev loop3, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  534.197680][ T7473] Buffer I/O error on dev loop3p1, logical block 0, async page read
[  534.212732][ T7641] Buffer I/O error on dev loop3p4, logical block 1, async page read
[  534.238383][ T6384] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  534.258868][ T7473] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  534.267497][ T6384] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  534.272234][ T7473] Buffer I/O error on dev loop3p1, logical block 0, async page read
[  534.415378][ T7473] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  534.549768][ T6384] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  534.601436][ T7473] Buffer I/O error on dev loop3p1, logical block 0, async page read
[  534.705652][ T6384] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  535.018897][ T7473] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  535.081589][ T7424] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  535.122238][ T7473] Buffer I/O error on dev loop3p1, logical block 0, async page read
[  535.144583][ T6384] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  535.159411][ T6384] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  535.192635][ T7473] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  535.242692][ T7473] Buffer I/O error on dev loop3p1, logical block 0, async page read
[  535.254285][ T7471] 8021q: adding VLAN 0 to HW filter on device batadv0
[  535.259031][ T7694] loop3: detected capacity change from 0 to 1024
[  535.273306][ T6411] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  535.315028][ T6411] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  535.420212][ T6411] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  535.432601][ T7473] udevd[7473]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[  535.472666][ T7641] udevd[7641]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[  535.484407][ T6411] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  535.589394][ T6411] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  535.620711][ T6411] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  535.638171][ T7692] hfsplus: trying to free free bnode 0(1)
[  535.662626][ T7471] device veth0_vlan entered promiscuous mode
[  535.672841][ T6411] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  535.696635][ T6411] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  535.740818][ T7471] device veth1_vlan entered promiscuous mode
[  535.794662][ T7641] udevd[7641]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[  535.829488][ T7473] udevd[7473]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[  535.856232][ T6398] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  535.910011][ T6398] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  535.943728][ T6398] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  536.000780][ T6398] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  536.047085][ T7471] device veth0_macvtap entered promiscuous mode
[  536.081560][ T7471] device veth1_macvtap entered promiscuous mode
[  536.125232][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  536.162711][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  536.225601][ T7471] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  536.281329][ T7471] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  536.302838][ T7471] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  536.313792][ T7471] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  536.323980][ T7471] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  536.342805][ T7471] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  536.371505][ T7471] batman_adv: batadv0: Interface activated: batadv_slave_0
[  536.438650][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  536.447506][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  536.486337][ T7471] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  536.505746][ T7471] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  536.509457][ T7706] loop0: detected capacity change from 0 to 8
[  536.519359][ T7471] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  536.537180][ T7471] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  536.548341][ T7471] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  536.562108][ T7471] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  536.575608][ T7471] batman_adv: batadv0: Interface activated: batadv_slave_1
[  536.607184][ T6398] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  536.631096][ T6398] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  536.779490][ T7706] SQUASHFS error: zstd decompression failed, data probably corrupt
[  536.800868][ T7706] SQUASHFS error: Failed to read block 0x4ec: -5
[  536.802692][ T7471] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  536.807323][ T7706] SQUASHFS error: Unable to read metadata cache entry [4ea]
[  537.200994][ T7706] SQUASHFS error: Unable to read inode 0x2011f
[  537.613074][ T7471] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  537.621922][ T7471] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  537.631356][ T7471] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  537.685847][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  537.700118][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  537.749543][ T7424] 8021q: adding VLAN 0 to HW filter on device batadv0
[  537.992874][ T7715] netlink: 12 bytes leftover after parsing attributes in process `syz.2.689'.
[  538.041202][ T7717] syz.0.687 (7717): /proc/7705/oom_adj is deprecated, please use /proc/7705/oom_score_adj instead.
[  538.126764][   T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  538.192739][   T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  538.286902][ T6386] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  538.306863][   T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  538.343119][   T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  538.392782][ T6386] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  538.692704][ T7725] loop1: detected capacity change from 0 to 512
[  538.807524][ T4097] hfsplus: b-tree write err: -5, ino 4
[  538.845494][ T7725] EXT4-fs (loop1): can't mount with commit=9, fs mounted w/o journal
[  539.460491][ T6411] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  539.562725][ T6411] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  539.947226][ T7424] device veth0_vlan entered promiscuous mode
[  540.006956][ T6411] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  540.016391][ T6411] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  540.103116][ T7737] loop1: detected capacity change from 0 to 256
[  540.114428][ T7424] device veth1_vlan entered promiscuous mode
[  540.209852][ T6411] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  540.220660][ T6411] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  540.642288][ T6411] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  540.654943][ T6411] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  540.687327][ T7424] device veth0_macvtap entered promiscuous mode
[  540.721562][ T7424] device veth1_macvtap entered promiscuous mode
[  540.801824][ T7424] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  540.830839][ T7424] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  540.878474][ T7424] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  540.922486][ T7424] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  540.942842][ T7424] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  540.975267][ T7424] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  541.005850][ T7424] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  541.029527][ T7424] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  541.071199][ T7424] batman_adv: batadv0: Interface activated: batadv_slave_0
[  541.096889][ T4097] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  541.122659][ T4097] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  541.161016][ T4097] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  541.203972][ T4097] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  541.227077][ T7424] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  541.257909][ T7424] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  541.277491][ T7424] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  541.294089][ T7424] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  541.324858][ T7424] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  541.346027][ T7424] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  541.348865][ T7745] loop2: detected capacity change from 0 to 40427
[  541.395757][ T7745] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  541.403570][ T7745] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  541.422186][ T7424] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  541.441237][ T7424] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  541.453897][ T7424] batman_adv: batadv0: Interface activated: batadv_slave_1
[  541.463337][ T7745] F2FS-fs (loop2): Found nat_bits in checkpoint
[  541.465434][ T4097] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  541.480018][ T4097] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  541.493407][ T7424] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  541.503048][ T7424] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  541.511888][ T7424] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  541.538362][ T7424] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  541.555234][ T7745] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  541.562377][ T7745] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  541.686912][ T7754] cannot load conntrack support for proto=3
[  542.034964][ T6411] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  542.063970][ T6411] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  542.113373][ T6396] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  542.136944][ T6411] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  542.161992][ T6411] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  542.234004][ T4097] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  543.713062][ T7765] loop4: detected capacity change from 0 to 1024
[  543.730213][ T7765] hfsplus: unable to parse mount options
[  545.176918][  T946] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  545.364811][ T7780] loop0: detected capacity change from 0 to 128
[  545.380632][ T7780] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  547.023232][  T946] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=1a.9e
[  547.039465][  T946] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  547.069554][  T946] usb 3-1: config 0 descriptor??
[  547.088499][  T946] usb 3-1: can't set config #0, error -71
[  547.126043][  T946] usb 3-1: USB disconnect, device number 4
[  548.831532][ T7811] loop1: detected capacity change from 0 to 164
[  548.907108][ T7807] loop2: detected capacity change from 0 to 32768
[  549.044832][ T7807] XFS (loop2): DAX unsupported by block device. Turning off DAX.
[  549.062856][ T7807] XFS (loop2): Mounting V5 Filesystem
[  549.104947][ T7807] XFS (loop2): totally zeroed log
[  549.112360][ T7807] XFS (loop2): Corruption warning: Metadata has LSN (1:384) ahead of current LSN (1:0). Please unmount and run xfs_repair (>= v4.3) to resolve.
[  549.127527][ T7807] XFS (loop2): log mount/recovery failed: error -22
[  549.167552][ T7807] XFS (loop2): log mount failed
[  549.293196][ T7811] netlink: 'syz.1.707': attribute type 4 has an invalid length.
[  551.033970][ T7837] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  551.148459][ T7837] loop0: detected capacity change from 0 to 64
[  551.297009][ T7834] loop3: detected capacity change from 0 to 64
[  551.473449][ T7834] hfs: request for non-existent node 1286 in B*Tree
[  551.544455][ T7846] xt_NFQUEUE: number of total queues is 0
[  552.356000][ T7834] hfs: request for non-existent node 1286 in B*Tree
[  552.387015][ T7834] hfs: request for non-existent node 1286 in B*Tree
[  552.417290][ T7834] hfs: request for non-existent node 1286 in B*Tree
[  553.831375][ T7855] loop1: detected capacity change from 0 to 512
[  554.009387][ T7855] EXT4-fs error (device loop1): __ext4_fill_super:5399: inode #2: comm syz.1.715: casefold flag without casefold feature
[  554.049526][ T7855] EXT4-fs (loop1): get root inode failed
[  554.055210][ T7855] EXT4-fs (loop1): mount failed
[  555.117204][ T7871] loop0: detected capacity change from 0 to 256
[  555.763446][ T7881] loop4: detected capacity change from 0 to 512
[  556.205946][ T7881] EXT4-fs (loop4): orphan cleanup on readonly fs
[  556.261153][ T7881] EXT4-fs (loop4): 1 orphan inode deleted
[  556.270865][ T7881] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  558.539944][ T7899] loop3: detected capacity change from 0 to 1024
[  558.557025][ T7903] loop0: detected capacity change from 0 to 1024
[  558.569183][ T7899] EXT4-fs: Ignoring removed nomblk_io_submit option
[  558.595519][ T7899] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  558.664713][ T7899] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  558.680411][ T7903] netlink: 8 bytes leftover after parsing attributes in process `syz.0.726'.
[  558.804840][ T7899] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  559.097862][ T5332] EXT4-fs (loop3): unmounting filesystem.
[  560.155009][ T7910] loop0: detected capacity change from 0 to 32768
[  560.179203][ T7910] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.728 (7910)
[  560.200683][ T7910] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  560.211310][ T7910] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  560.220245][ T7910] BTRFS warning (device loop0): the 'inode_cache' option is deprecated and has no effect since 5.11
[  560.231411][ T7910] BTRFS info (device loop0): metadata ratio 53037
[  560.237864][ T7910] BTRFS warning (device loop0): the 'inode_cache' option is deprecated and has no effect since 5.11
[  560.248977][ T7910] BTRFS info (device loop0): setting nodatasum
[  560.255192][ T7910] BTRFS warning (device loop0): the 'inode_cache' option is deprecated and has no effect since 5.11
[  560.266045][ T7910] BTRFS info (device loop0): using free space tree
[  560.881262][ T7910] BTRFS info (device loop0): enabling ssd optimizations
[  560.914560][ T3701] BTRFS warning (device loop0): checksum verify failed on logical 5267456 mirror 1 wanted 0x22fa3277 found 0x6c403011 level 0
[  561.518697][ T7910] BTRFS warning (device loop0): failed to read fs tree: -5
[  561.540776][ T7910] BTRFS error (device loop0): open_ctree failed
[  561.856766][ T7948] ip6_tunnel: non-ECT from 0000:0000:0000:0000:0000:ffff:0000:0000 with DS=0xd
[  562.576903][ T7424] EXT4-fs (loop4): unmounting filesystem.
[  562.738738][ T1269] ieee802154 phy0 wpan0: encryption failed: -22
[  562.745130][ T1269] ieee802154 phy1 wpan1: encryption failed: -22
[  563.998746][   T26] audit: type=1804 audit(1726003646.759:154): pid=7959 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.735" name="/newroot/120/bus/bus" dev="overlay" ino=709 res=1 errno=0
[  565.774610][ T7963] loop4: detected capacity change from 0 to 256
[  570.637870][ T7971] bridge0: port 3(vlan2) entered blocking state
[  570.678926][ T7971] bridge0: port 3(vlan2) entered disabled state
[  570.813465][ T7979] loop4: detected capacity change from 0 to 256
[  570.837497][ T7977] loop2: detected capacity change from 0 to 256
[  570.883716][ T7977] exfat: Deprecated parameter 'utf8'
[  570.955575][ T7981] loop0: detected capacity change from 0 to 2048
[  570.983704][ T7981] EXT4-fs (loop0): #clusters per group too big: 20480
[  570.994981][ T7979] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  571.007361][ T7977] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[  571.936579][ T7979] exFAT-fs (loop4): hint_cluster is invalid (17)
[  572.236244][ T7991] netlink: 4 bytes leftover after parsing attributes in process `syz.3.745'.
[  572.249574][ T7991] netlink: 4 bytes leftover after parsing attributes in process `syz.3.745'.
[  573.071575][ T7981] bad cache= option: nonw
[  573.071575][ T7981] 
[  573.078149][ T7981] CIFS: VFS: bad cache= option: nonw
[  573.107861][ T7981] loop0: detected capacity change from 0 to 128
[  573.134293][ T7993] loop1: detected capacity change from 0 to 512
[  573.179122][ T7981] FAT-fs (loop0): Unrecognized mount option "cache=nonw" or missing value
[  573.263734][ T7993] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  573.278548][ T7993] ext4 filesystem being mounted at /13/file0 supports timestamps until 2038 (0x7fffffff)
[  575.033691][ T8007] loop4: detected capacity change from 0 to 1024
[  575.089760][ T8007] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  575.201125][ T8007] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  576.542561][ T8017] loop3: detected capacity change from 0 to 512
[  576.562797][ T7424] EXT4-fs (loop4): unmounting filesystem.
[  576.574168][ T8017] UDF-fs: warning (device loop3): udf_load_vrs: No VRS found
[  576.633589][ T8017] UDF-fs: Scanning with blocksize 512 failed
[  576.677735][ T8017] UDF-fs: warning (device loop3): udf_load_vrs: No VRS found
[  576.697413][ T8017] UDF-fs: Scanning with blocksize 1024 failed
[  576.722089][ T8017] UDF-fs: warning (device loop3): udf_load_vrs: No VRS found
[  576.732638][ T8017] UDF-fs: Scanning with blocksize 2048 failed
[  576.754882][ T8017] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  576.776585][ T7471] EXT4-fs (loop1): unmounting filesystem.
[  576.815170][ T8017] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  577.517736][ T8017] input: syz1 as /devices/virtual/input/input17
[  577.679063][ T8029] loop1: detected capacity change from 0 to 512
[  578.583646][ T8029] EXT4-fs warning (device loop1): ext4_enable_quotas:7035: Failed to enable quota tracking (type=0, err=-13, ino=3). Please run e2fsck to fix.
[  578.606192][ T8029] EXT4-fs (loop1): mount failed
[  579.085272][ T8042] device wireguard0 entered promiscuous mode
[  579.102630][ T8045] loop4: detected capacity change from 0 to 256
[  579.173062][ T8045] exfat: Deprecated parameter 'utf8'
[  579.232135][ T8045] exfat: Deprecated parameter 'namecase'
[  579.249397][ T8045] exfat: Deprecated parameter 'utf8'
[  579.274804][ T8045] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  579.342589][ T8045] exFAT-fs (loop4): error, tried to truncate zeroed cluster.
[  579.393914][ T8045] exFAT-fs (loop4): hint_cluster is invalid (1)
[  579.437002][ T8053] Bluetooth: MGMT ver 1.22
[  580.472049][ T8045] exFAT-fs (loop4): error, invalid access to exfat cache (entry 0x00000000)
[  580.558376][ T5561] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  580.647694][ T8045] exFAT-fs (loop4): error, failed to bmap (inode : ffff888075b0e960 iblock : 9, err : -5)
[  581.414727][ T8045] exFAT-fs (loop4): error, tried to truncate zeroed cluster.
[  581.422975][ T8045] exFAT-fs (loop4): error, tried to truncate zeroed cluster.
[  581.438521][ T5561] usb 2-1: Using ep0 maxpacket: 8
[  581.693368][ T5561] usb 2-1: New USB device found, idVendor=0681, idProduct=0010, bcdDevice=ab.e9
[  581.708494][ T5561] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  581.723484][ T8067] loop3: detected capacity change from 0 to 128
[  582.571735][ T5561] usb 2-1: config 0 descriptor??
[  582.618428][ T5561] usb 2-1: can't set config #0, error -71
[  582.653173][ T5561] usb 2-1: USB disconnect, device number 8
[  582.741439][ T8070] xt_connbytes: Forcing CT accounting to be enabled
[  582.748457][ T8070] xt_time: invalid argument - start or stop time greater than 23:59:59
[  582.770245][ T6411] kworker/u4:33: attempt to access beyond end of device
[  582.770245][ T6411] loop4: rw=1, sector=34359738488, nr_sectors = 8 limit=256
[  591.979086][ T8116] loop3: detected capacity change from 0 to 512
[  592.156069][ T8116] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  594.598412][ T8116] ext4 filesystem being mounted at /129/file0 supports timestamps until 2038 (0x7fffffff)
[  594.820614][ T8116] EXT4-fs error (device loop3): ext4_add_entry:2484: inode #2: comm syz.3.777: Directory hole found for htree leaf block 0
[  595.066592][ T8116] EXT4-fs error (device loop3): ext4_add_entry:2484: inode #2: comm syz.3.777: Directory hole found for htree leaf block 0
[  595.814739][ T8144] loop2: detected capacity change from 0 to 256
[  596.008206][ T5332] EXT4-fs (loop3): unmounting filesystem.
[  596.680607][ T3654] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  596.697720][ T3654] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  596.725372][ T3654] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  596.751319][ T3654] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  596.775203][ T3654] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  596.786396][ T3654] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  597.091192][ T8156] netlink: 'syz.3.784': attribute type 12 has an invalid length.
[  597.245956][ T8156] ŞŞŞŞŞŞ: renamed from vlan0
[  598.532583][ T8180] netlink: 8 bytes leftover after parsing attributes in process `syz.0.788'.
[  598.551595][ T8180] netlink: 32 bytes leftover after parsing attributes in process `syz.0.788'.
[  598.980125][ T3654] Bluetooth: hci0: command tx timeout
[  600.261620][ T8149] chnl_net:caif_netlink_parms(): no params data found
[  600.545461][ T8195] loop2: detected capacity change from 0 to 256
[  600.556230][ T8194] loop3: detected capacity change from 0 to 512
[  600.581280][ T8194] ext4: Unknown parameter 'nobh"'
[  602.678001][ T3654] Bluetooth: hci0: command tx timeout
[  602.691793][ T8131] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  603.132224][ T8213] ptrace attach of "./syz-executor exec"[8218] was attempted by "./syz-executor exec"[8213]
[  604.684294][   T26] audit: type=1326 audit(1726003687.439:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8191 comm="syz.3.794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fefe9d7def9 code=0x7fc00000
[  604.756835][ T8214] cgroup: release_agent respecified
[  604.956125][   T26] audit: type=1326 audit(1726003687.449:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8191 comm="syz.3.794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fefe9d7def9 code=0x7fc00000
[  604.985947][   T26] audit: type=1326 audit(1726003687.689:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8191 comm="syz.3.794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fefe9d7def9 code=0x7fc00000
[  605.037928][ T3654] Bluetooth: hci0: command tx timeout
[  605.132258][ T3692] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  605.223546][ T8221] netlink: 6 bytes leftover after parsing attributes in process `syz.0.799'.
[  605.258123][ T8149] bridge0: port 1(bridge_slave_0) entered blocking state
[  605.276172][ T8149] bridge0: port 1(bridge_slave_0) entered disabled state
[  605.308557][ T8149] device bridge_slave_0 entered promiscuous mode
[  605.320731][ T8225] loop3: detected capacity change from 0 to 764
[  605.374434][ T8149] bridge0: port 2(bridge_slave_1) entered blocking state
[  605.395581][   T26] audit: type=1326 audit(1726003688.159:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8226 comm="syz.0.802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f123a77def9 code=0x7ffc0000
[  605.434924][ T8149] bridge0: port 2(bridge_slave_1) entered disabled state
[  605.464107][ T8149] device bridge_slave_1 entered promiscuous mode
[  605.466978][ T8227] loop0: detected capacity change from 0 to 128
[  605.487899][   T26] audit: type=1326 audit(1726003688.199:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8226 comm="syz.0.802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f123a77def9 code=0x7ffc0000
[  605.512712][   T26] audit: type=1326 audit(1726003688.229:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8226 comm="syz.0.802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=226 compat=0 ip=0x7f123a77def9 code=0x7ffc0000
[  605.538391][   T26] audit: type=1326 audit(1726003688.229:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8226 comm="syz.0.802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f123a77def9 code=0x7ffc0000
[  605.566031][ T3692] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  605.625438][   T26] audit: type=1326 audit(1726003688.229:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8226 comm="syz.0.802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f123a77def9 code=0x7ffc0000
[  605.685093][   T26] audit: type=1326 audit(1726003688.229:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8226 comm="syz.0.802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f123a77df33 code=0x7ffc0000
[  605.728720][   T26] audit: type=1326 audit(1726003688.229:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8226 comm="syz.0.802" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f123a77c9df code=0x7ffc0000
[  605.783848][ T3692] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  605.807059][ T8149] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  605.831193][ T8149] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  605.920987][ T3692] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  606.062051][ T8149] team0: Port device team_slave_0 added
[  606.103359][ T8149] team0: Port device team_slave_1 added
[  606.259988][ T8149] batman_adv: batadv0: Adding interface: batadv_slave_0
[  606.273690][ T8149] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  606.402898][ T8149] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  606.636428][ T8149] batman_adv: batadv0: Adding interface: batadv_slave_1
[  606.650804][ T8149] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  606.740785][ T8242] ipt_CLUSTERIP: Please specify destination IP
[  607.278981][ T3640] Bluetooth: hci0: command tx timeout
[  607.480908][ T8149] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  609.490410][ T3640] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  609.502718][ T3640] Bluetooth: hci3: Injecting HCI hardware error event
[  609.561189][ T3640] Bluetooth: hci3: hardware error 0x00
[  610.019969][ T8256] loop2: detected capacity change from 0 to 2048
[  610.483107][ T8261] loop3: detected capacity change from 0 to 256
[  610.672265][ T8149] device hsr_slave_0 entered promiscuous mode
[  610.966044][ T8149] device hsr_slave_1 entered promiscuous mode
[  610.985759][ T8149] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  611.008308][ T8149] Cannot create hsr debugfs directory
[  611.654904][ T8264] loop1: detected capacity change from 0 to 2048
[  611.735436][ T8264] UDF-fs: warning (device loop1): udf_fill_super: No fileset found
[  611.976176][ T8270] loop3: detected capacity change from 0 to 1024
[  612.074949][ T8270] EXT4-fs: Ignoring removed nomblk_io_submit option
[  612.367757][ T8270] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  612.663562][ T3640] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  613.487078][ T5332] EXT4-fs (loop3): unmounting filesystem.
[  614.039014][ T8294] netlink: 4 bytes leftover after parsing attributes in process `syz.3.817'.
[  614.434299][ T8298] loop0: detected capacity change from 0 to 1024
[  614.516311][ T8273] syz.2.812[8273] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  614.516429][ T8273] syz.2.812[8273] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  614.532768][ T8304] loop1: detected capacity change from 0 to 1024
[  614.607352][ T8304] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  614.890696][ T8304] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  615.050411][ T8304] EXT4-fs (loop1): orphan cleanup on readonly fs
[  615.093056][ T8304] EXT4-fs error (device loop1): ext4_free_blocks:6212: comm syz.1.818: Freeing blocks not in datazone - block = 0, count = 4096
[  616.088694][ T8304] EXT4-fs (loop1): Remounting filesystem read-only
[  616.149654][ T8304] EXT4-fs (loop1): 1 orphan inode deleted
[  616.175728][ T8304] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  616.902329][ T8304] EXT4-fs error (device loop1): ext4_search_dir:1549: inode #2: block 16: comm syz.1.818: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0
[  618.066956][ T8329] netlink: 'syz.2.824': attribute type 3 has an invalid length.
[  618.085732][ T8329] netlink: 8 bytes leftover after parsing attributes in process `syz.2.824'.
[  618.183280][ T8329] netlink: 'syz.2.824': attribute type 4 has an invalid length.
[  618.252055][ T8149] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  618.344472][ T7471] EXT4-fs (loop1): unmounting filesystem.
[  618.414428][ T8336] ptrace attach of "./syz-executor exec"[5332] was attempted by "./syz-executor exec"[8336]
[  618.462076][ T8331] netlink: 'syz.2.824': attribute type 4 has an invalid length.
[  619.102003][ T8335] device wireguard0 entered promiscuous mode
[  619.208745][ T8149] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  619.219356][ T8342] loop1: detected capacity change from 0 to 1024
[  619.267278][ T8149] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  619.279936][ T8342] EXT4-fs: Ignoring removed nomblk_io_submit option
[  619.347647][ T8342] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  619.644615][ T8149] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  620.453002][ T7471] EXT4-fs (loop1): unmounting filesystem.
[  620.503631][ T8362] loop3: detected capacity change from 0 to 164
[  620.645079][ T3692] device hsr_slave_0 left promiscuous mode
[  620.659076][ T3692] device hsr_slave_1 left promiscuous mode
[  620.699680][ T3692] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  620.725468][ T3692] batman_adv: batadv0: Removing interface: batadv_slave_0
[  620.778334][ T3692] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  620.778369][ T3692] batman_adv: batadv0: Removing interface: batadv_slave_1
[  620.779095][ T3692] device bridge_slave_1 left promiscuous mode
[  620.779250][ T3692] bridge0: port 2(bridge_slave_1) entered disabled state
[  620.781109][ T3692] device bridge_slave_0 left promiscuous mode
[  620.781249][ T3692] bridge0: port 1(bridge_slave_0) entered disabled state
[  620.902566][ T3692] device veth1_macvtap left promiscuous mode
[  620.902649][ T3692] device veth0_macvtap left promiscuous mode
[  620.902780][ T3692] device veth1_vlan left promiscuous mode
[  620.902891][ T3692] device veth0_vlan left promiscuous mode
[  621.364130][ T8354] loop2: detected capacity change from 0 to 32768
[  621.457644][ T8379] loop0: detected capacity change from 0 to 1024
[  621.475643][ T8379] EXT4-fs: Ignoring removed orlov option
[  621.520140][ T8379] EXT4-fs: Ignoring removed oldalloc option
[  621.533960][ T8379] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  621.552474][ T8379] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  621.563851][ T8379] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (12914!=20869)
[  621.586476][ T8379] EXT4-fs (loop0): invalid journal inode
[  621.592650][ T8379] EXT4-fs (loop0): can't get journal size
[  621.603366][ T8379] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  621.630134][ T8379] EXT4-fs (loop0): unmounting filesystem.
[  622.126358][ T3692] team0 (unregistering): Port device team_slave_1 removed
[  622.180869][ T3692] team0 (unregistering): Port device team_slave_0 removed
[  622.229176][ T3692] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  622.282562][ T3692] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  622.838587][ T3692] bond0 (unregistering): Released all slaves
[  622.927555][ T8149] 8021q: adding VLAN 0 to HW filter on device bond0
[  622.949682][ T8370] lo speed is unknown, defaulting to 1000
[  622.996959][ T6382] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  623.007112][ T6382] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  623.058045][ T8370] lo speed is unknown, defaulting to 1000
[  623.061029][ T8149] 8021q: adding VLAN 0 to HW filter on device team0
[  623.101892][ T6371] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  623.117796][ T6371] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  623.135534][ T6371] bridge0: port 1(bridge_slave_0) entered blocking state
[  623.142692][ T6371] bridge0: port 1(bridge_slave_0) entered forwarding state
[  623.175772][ T6371] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  623.188164][ T6371] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  623.197766][ T6371] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  623.216928][ T6371] bridge0: port 2(bridge_slave_1) entered blocking state
[  623.224113][ T6371] bridge0: port 2(bridge_slave_1) entered forwarding state
[  623.243730][ T6371] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  623.266908][ T8370] lo speed is unknown, defaulting to 1000
[  623.294065][ T6371] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  623.313856][ T6371] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  623.333033][ T6371] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  623.360495][ T6371] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  623.379359][ T6371] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  623.403442][ T6371] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  623.420312][ T6371] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  623.444694][ T6371] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  623.474612][ T6371] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  623.506733][ T6371] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  623.544379][ T8149] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  623.635405][ T8370] infiniband syz0: set down
[  623.644355][ T5561] lo speed is unknown, defaulting to 1000
[  623.654825][ T8370] infiniband syz0: added lo
[  623.666013][ T8370] rdma_rxe: unable to create cq
[  623.672816][ T8370] infiniband syz0: Couldn't create ib_mad CQ
[  623.680301][ T8370] infiniband syz0: Couldn't open port 1
[  623.837647][ T8370] RDS/IB: syz0: added
[  623.846205][ T8370] smc: adding ib device syz0 with port count 1
[  623.854245][ T8370] smc:    ib device syz0 port 1 has pnetid 
[  623.866265][ T3687] lo speed is unknown, defaulting to 1000
[  623.964876][ T8370] lo speed is unknown, defaulting to 1000
[  624.171016][ T1269] ieee802154 phy0 wpan0: encryption failed: -22
[  624.181614][ T1269] ieee802154 phy1 wpan1: encryption failed: -22
[  624.876036][ T8370] lo speed is unknown, defaulting to 1000
[  625.757319][ T8413] loop3: detected capacity change from 0 to 256
[  625.799572][ T3731] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  625.807076][ T3731] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  625.825757][ T8413] FAT-fs (loop3): Unrecognized mount option "shortname=mixeîF¶dir" or missing value
[  625.839854][ T8370] lo speed is unknown, defaulting to 1000
[  625.844659][ T8149] 8021q: adding VLAN 0 to HW filter on device batadv0
[  625.944913][ T8413] syz.3.836[8413] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  625.945021][ T8413] syz.3.836[8413] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  625.958683][ T8417] netlink: 'syz.0.837': attribute type 4 has an invalid length.
[  626.101170][ T8419] netlink: 'syz.0.837': attribute type 4 has an invalid length.
[  626.164631][ T8370] lo speed is unknown, defaulting to 1000
[  626.356769][ T8427] loop2: detected capacity change from 0 to 1024
[  626.396173][ T8427] EXT4-fs: Ignoring removed nomblk_io_submit option
[  626.457684][ T8427] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  626.538693][ T8370] lo speed is unknown, defaulting to 1000
[  626.704524][ T7955] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  627.481859][ T6398] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  628.370396][ T7181] EXT4-fs (loop2): unmounting filesystem.
[  628.376408][ T6398] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  628.419123][ T4097] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  628.433880][ T4097] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  628.445349][ T8149] device veth0_vlan entered promiscuous mode
[  628.459044][ T4097] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  628.467850][ T4097] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  628.512346][ T8149] device veth1_vlan entered promiscuous mode
[  628.525263][ T4097] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  628.564959][ T4097] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  628.575015][ T4097] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  628.594816][ T8149] device veth0_macvtap entered promiscuous mode
[  628.615859][ T8149] device veth1_macvtap entered promiscuous mode
[  628.645727][ T8149] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  628.657778][ T8149] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  628.673853][ T8149] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  628.684762][ T8149] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  628.702829][ T8149] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  628.769561][ T8149] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  628.806652][ T8149] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  628.818508][ T8149] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  628.820136][ T8149] batman_adv: batadv0: Interface activated: batadv_slave_0
[  628.823216][ T8149] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  628.823237][ T8149] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  628.823252][ T8149] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  628.823267][ T8149] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  628.823280][ T8149] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  628.823294][ T8149] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  628.823307][ T8149] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  628.823321][ T8149] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  628.824519][ T8149] batman_adv: batadv0: Interface activated: batadv_slave_1
[  628.827508][ T8149] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  628.827543][ T8149] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  628.827571][ T8149] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  628.827599][ T8149] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  628.849707][ T4097] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  628.850419][ T4097] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  628.851024][ T4097] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  628.851621][ T4097] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  628.852200][ T4097] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  628.852768][ T4097] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  628.933962][ T3731] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  628.934053][ T3731] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  628.944553][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  628.985447][ T3731] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  628.985612][ T3731] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  629.016400][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  629.595140][ T8461] overlayfs: statfs failed on './file0'
[  629.606015][ T7955] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  629.606053][ T7955] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  629.606090][ T7955] usb 4-1: New USB device found, idVendor=046d, idProduct=c71b, bcdDevice= 0.00
[  629.606116][ T7955] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  629.609569][ T7955] usb 4-1: config 0 descriptor??
[  629.658425][ T7955] usb 4-1: can't set config #0, error -71
[  629.659845][ T7955] usb 4-1: USB disconnect, device number 8
[  629.741042][ T8464] loop4: detected capacity change from 0 to 512
[  631.212891][ T8451] tty tty1: ldisc open failed (-12), clearing slot 0
[  631.230875][ T8453] tty tty3: ldisc open failed (-12), clearing slot 2
[  631.429582][ T8469] input: syz0 as /devices/virtual/input/input18
[  631.732935][ T8479] loop0: detected capacity change from 0 to 1024
[  633.624308][ T8484] loop2: detected capacity change from 0 to 64
[  633.692410][ T8486] netlink: 16 bytes leftover after parsing attributes in process `syz.3.851'.
[  634.215628][ T8479] EXT4-fs: Ignoring removed orlov option
[  634.268501][ T8479] EXT4-fs: Ignoring removed nomblk_io_submit option
[  634.300781][ T8479] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  634.426837][ T8493] loop3: detected capacity change from 0 to 2048
[  634.622946][ T8493] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  635.185201][ T5502] EXT4-fs (loop0): unmounting filesystem.
[  638.142625][ T8512] loop2: detected capacity change from 0 to 1024
[  638.205466][ T8512] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  638.397790][ T8512] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  640.013640][ T8512] EXT4-fs error (device loop2): ext4_expand_extra_isize_ea:2738: inode #2: comm syz.2.858: corrupted in-inode xattr
[  640.465455][ T8530] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2186: inode #2: comm syz.2.858: corrupted in-inode xattr
[  640.648169][ T7181] EXT4-fs (loop2): unmounting filesystem.
[  644.980074][ T8595] loop1: detected capacity change from 0 to 4096
[  644.987395][ T8595] __ntfs_warning: 32 callbacks suppressed
[  644.987430][ T8595] ntfs: (device loop1): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel.
[  645.072110][ T8595] ntfs: (device loop1): ntfs_is_extended_system_file(): Non-resident file name. You should run chkdsk.
[  645.155159][ T8610] netlink: 'syz.3.868': attribute type 11 has an invalid length.
[  645.234193][ T8595] ntfs: (device loop1): ntfs_read_locked_inode(): $DATA attribute is missing.
[  645.271889][ T8595] ntfs: (device loop1): ntfs_read_locked_inode(): Failed with error code -2.  Marking corrupt inode 0x1 as bad.  Run chkdsk.
[  645.339939][ T8595] ntfs: (device loop1): load_system_files(): Failed to load $MFTMirr.  Mounting read-only.  Run ntfsfix and/or chkdsk.
[  645.423401][ T8595] ntfs: volume version 3.1.
[  645.555270][ T8619] loop3: detected capacity change from 0 to 1024
[  646.389110][ T8619] EXT4-fs: Ignoring removed orlov option
[  646.419271][ T8595] ntfs: (device loop1): load_and_init_quota(): Failed to find inode number for $Quota.
[  646.462566][ T8595] ntfs: (device loop1): load_system_files(): Failed to load $Quota.  Will not be able to remount read-write.  Run chkdsk.
[  646.524429][ T8619] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  646.588058][ T8628] loop4: detected capacity change from 0 to 512
[  646.665976][ T8628] EXT4-fs: Ignoring removed nobh option
[  647.683738][ T8635] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[  647.693091][ T8635] overlayfs: missing 'lowerdir'
[  647.837002][ T8628] [EXT4 FS bs=4096, gc=1, bpg=71, ipg=32, mo=a842c09c, mo2=0000]
[  647.848017][ T8628] System zones: 0-2, 18-18, 34-34
[  647.901041][ T8628] Quota error (device loop4): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[  648.021202][ T8645] loop0: detected capacity change from 0 to 64
[  648.443564][ T8628] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0
[  648.515289][ T5332] EXT4-fs (loop3): unmounting filesystem.
[  648.563087][ T8628] EXT4-fs error (device loop4): ext4_acquire_dquot:6800: comm syz.4.875: Failed to acquire dquot type 0
[  648.744342][ T8628] Quota error (device loop4): find_tree_dqentry: Cycle in quota tree detected: block 1 index 0
[  648.765467][ T8628] EXT4-fs error (device loop4): ext4_acquire_dquot:6800: comm syz.4.875: Failed to acquire dquot type 0
[  648.842733][ T8628] EXT4-fs error (device loop4): ext4_acquire_dquot:6800: comm syz.4.875: Failed to acquire dquot type 0
[  648.924576][ T8628] EXT4-fs (loop4): 1 orphan inode deleted
[  648.944469][ T8628] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  649.211095][ T8628] ext4 filesystem being mounted at /4/file1 supports timestamps until 2038 (0x7fffffff)
[  649.646608][ T8149] EXT4-fs (loop4): unmounting filesystem.
[  649.814731][ T8655] netlink: 8 bytes leftover after parsing attributes in process `syz.0.880'.
[  650.768079][ T8670] loop3: detected capacity change from 0 to 128
[  654.856825][ T8716] netlink: 36 bytes leftover after parsing attributes in process `syz.4.894'.
[  654.945884][ T8719] loop4: detected capacity change from 0 to 512
[  655.018860][ T8719] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  655.037984][ T8719] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  655.052436][ T8725] 9pnet_fd: Insufficient options for proto=fd
[  655.078385][ T8719] EXT4-fs (loop4): ea_inode feature is not supported for Hurd
[  655.966859][ T8725] netlink: 4 bytes leftover after parsing attributes in process `syz.0.897'.
[  663.264632][ T8745] Non-string source
[  663.395374][ T8755] netlink: 20 bytes leftover after parsing attributes in process `syz.3.903'.
[  663.402861][ T8753] kvm: vcpu 0: requested 128 ns lapic timer period limited to 200000 ns
[  663.414243][ T8753] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  663.534704][ T8755] netlink: 20 bytes leftover after parsing attributes in process `syz.3.903'.
[  663.961719][ T8761] loop2: detected capacity change from 0 to 2048
[  664.103544][ T8761] EXT4-fs (loop2): can't mount with data=, fs mounted w/o journal
[  664.728787][ T8776] lo speed is unknown, defaulting to 1000
[  665.916066][   T26] kauditd_printk_skb: 3 callbacks suppressed
[  665.916083][   T26] audit: type=1800 audit(1726003748.679:197): pid=8780 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.906" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0
[  666.607747][ T8786] loop3: detected capacity change from 0 to 1024
[  666.656414][ T8786] hfsplus: invalid catalog btree flag
[  666.668013][ T8786] hfsplus: failed to load catalog file
[  667.787795][ T8797] MTD: Couldn't look up './file0': -15
[  668.584898][ T8805] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  668.726178][ T8815] overlayfs: failed to resolve './file0': -2
[  669.279190][ T8819] loop3: detected capacity change from 0 to 1024
[  669.305579][ T8819] EXT4-fs: Ignoring removed oldalloc option
[  669.333633][ T8819] EXT4-fs: Invalid want_extra_isize 4096
[  671.029183][ T8834] lo speed is unknown, defaulting to 1000
[  672.614539][ T8859] netlink: 8 bytes leftover after parsing attributes in process `syz.1.921'.
[  672.923420][ T8866] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  674.230702][ T8885] netem: change failed
[  674.792058][ T8900] cgroup: Invalid name
[  675.868000][ T8913] loop1: detected capacity change from 0 to 256
[  675.879279][ T8913] FAT-fs (loop1): Unrecognized mount option "" or missing value
[  676.581577][ T8917] loop1: detected capacity change from 0 to 1024
[  676.632303][ T8917] hfsplus: unable to find HFS+ superblock
[  676.713338][ T8921] loop2: detected capacity change from 0 to 256
[  676.761168][ T8917] Bluetooth: MGMT ver 1.22
[  678.854556][ T8947] loop1: detected capacity change from 0 to 512
[  678.896042][ T8947] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  678.905504][ T8947] ext4 filesystem being mounted at /57/file0 supports timestamps until 2038 (0x7fffffff)
[  679.218346][ T5153] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  679.498286][ T5153] usb 2-1: Using ep0 maxpacket: 16
[  679.648569][ T5153] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  679.665258][ T5153] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  679.675628][ T5153] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  679.698684][ T5153] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  679.713084][ T5153] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  679.751112][ T5153] usb 2-1: config 0 descriptor??
[  680.763685][ T5153] microsoft 0003:045E:07DA.0006: unknown main item tag 0x0
[  680.771209][ T5153] microsoft 0003:045E:07DA.0006: unknown main item tag 0x0
[  680.778716][ T5153] microsoft 0003:045E:07DA.0006: unknown main item tag 0x0
[  680.786098][ T5153] microsoft 0003:045E:07DA.0006: unknown main item tag 0x0
[  680.793819][ T5153] microsoft 0003:045E:07DA.0006: unknown main item tag 0x0
[  680.801379][ T5153] microsoft 0003:045E:07DA.0006: unknown main item tag 0x0
[  680.809792][ T5153] microsoft 0003:045E:07DA.0006: unknown main item tag 0x0
[  680.817023][ T5153] microsoft 0003:045E:07DA.0006: unknown main item tag 0x0
[  680.824509][ T5153] microsoft 0003:045E:07DA.0006: unknown main item tag 0x0
[  680.832027][ T5153] microsoft 0003:045E:07DA.0006: unknown main item tag 0x0
[  680.841213][ T5153] microsoft 0003:045E:07DA.0006: No inputs registered, leaving
[  680.850432][ T5153] microsoft 0003:045E:07DA.0006: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0
[  680.861998][ T5153] microsoft 0003:045E:07DA.0006: no inputs found
[  680.868402][ T5153] microsoft 0003:045E:07DA.0006: could not initialize ff, continuing anyway
[  680.962646][ T3685] usb 2-1: USB disconnect, device number 9
[  681.496527][ T7471] EXT4-fs (loop1): unmounting filesystem.
[  681.637953][ T8963] loop1: detected capacity change from 0 to 2048
[  681.645343][ T8965] loop3: detected capacity change from 0 to 2048
[  681.656021][ T8965] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  681.672513][ T8965] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4
[  681.701868][ T8965] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  681.704641][ T8963] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  681.864378][ T8969] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5882: Corrupt filesystem
[  681.884901][ T8969] EXT4-fs error (device loop1): __ext4_ext_dirty:202: inode #18: comm syz.1.940: mark_inode_dirty error
[  681.911409][ T8969] EXT4-fs error (device loop1): ext4_map_blocks:744: inode #18: block 114: comm syz.1.940: lblock 2 mapped to illegal pblock 114 (length 1)
[  681.957631][ T7471] EXT4-fs error (device loop1): ext4_map_blocks:634: inode #2: block 16: comm syz-executor: lblock 0 mapped to illegal pblock 16 (length 1)
[  682.501691][ T8890] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5882: Corrupt filesystem
[  682.517299][ T8890] EXT4-fs error (device loop1): ext4_dirty_inode:6086: inode #18: comm syz.1.928: mark_inode_dirty error
[  682.542669][ T8890] EXT4-fs (loop1): unmounting filesystem.
[  685.610971][ T1269] ieee802154 phy0 wpan0: encryption failed: -22
[  685.617265][ T1269] ieee802154 phy1 wpan1: encryption failed: -22
[  695.508383][ T8956] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  695.868441][ T8956] usb 4-1: config 0 has an invalid interface number: 25 but max is 0
[  695.876581][ T8956] usb 4-1: config 0 has no interface number 0
[  695.883136][ T8956] usb 4-1: config 0 interface 25 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  695.894191][ T8956] usb 4-1: config 0 interface 25 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  695.904257][ T8956] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  695.913374][ T8956] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  695.923228][ T8956] usb 4-1: config 0 descriptor??
[  696.411470][ T8956] uclogic 0003:256C:006D.0007: interface is invalid, ignoring
[  696.613657][ T3682] usb 4-1: USB disconnect, device number 9
[  697.202292][ T8997] binder: 8996:8997 ioctl 4018620d 0 returned -22
[  700.452359][ T9015] loop3: detected capacity change from 0 to 1024
[  700.528479][ T9016] netlink: 116 bytes leftover after parsing attributes in process `syz.3.956'.
[  700.563792][ T9016] bridge0: port 2(bridge_slave_1) entered disabled state
[  704.462890][ T9024] loop3: detected capacity change from 0 to 128
[  704.578786][ T9023] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  704.585356][ T9023] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  704.593238][ T9023] vhci_hcd vhci_hcd.0: Device attached
[  704.818889][ T5153] vhci_hcd: vhci_device speed not set
[  704.898915][ T5153] usb 15-1: new full-speed USB device number 3 using vhci_hcd
[  704.986085][ T9025] vhci_hcd: connection reset by peer
[  705.003581][ T6362] vhci_hcd: stop threads
[  705.007945][ T6362] vhci_hcd: release socket
[  705.014796][ T6362] vhci_hcd: disconnect device
[  706.747025][ T9032] loop3: detected capacity change from 0 to 512
[  706.767963][ T9032] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  706.786028][ T9032] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  706.795414][ T9032] ext4 filesystem being mounted at /190/file1 supports timestamps until 2038 (0x7fffffff)
[  706.868780][ T9035] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  707.859589][ T5332] EXT4-fs (loop3): unmounting filesystem.
[  710.198574][ T9051] netlink: 12 bytes leftover after parsing attributes in process `syz.3.963'.
[  711.014598][ T5153] vhci_hcd: vhci_device speed not set
[  712.808982][ T9056] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  747.049994][ T1269] ieee802154 phy0 wpan0: encryption failed: -22
[  747.056355][ T1269] ieee802154 phy1 wpan1: encryption failed: -22
[  808.489975][ T1269] ieee802154 phy0 wpan0: encryption failed: -22
[  808.496328][ T1269] ieee802154 phy1 wpan1: encryption failed: -22
[  818.088771][   T27] INFO: task kworker/1:3:3681 blocked for more than 143 seconds.
[  818.096570][   T27]       Not tainted 6.1.109-syzkaller #0
[  818.102324][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  818.111070][   T27] task:kworker/1:3     state:D stack:21112 pid:3681  ppid:2      flags:0x00004000
[  818.120344][   T27] Workqueue: events rfkill_global_led_trigger_worker
[  818.127146][   T27] Call Trace:
[  818.130476][   T27]  <TASK>
[  818.133424][   T27]  __schedule+0x143f/0x4570
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  818.137936][   T27]  ? do_raw_spin_unlock+0x137/0x8a0
[  818.143587][   T27]  ? release_firmware_map_entry+0x186/0x186
[  818.155979][   T27]  ? print_irqtrace_events+0x210/0x210
[  818.161799][   T27]  ? do_raw_spin_unlock+0x137/0x8a0
[  818.167032][   T27]  ? _raw_spin_unlock_irq+0x1f/0x40
[  818.189174][   T27]  ? lockdep_hardirqs_on+0x94/0x130
[  818.194528][   T27]  schedule+0xbf/0x180
[  818.233715][   T27]  schedule_preempt_disabled+0xf/0x20
[  818.243975][   T27]  __mutex_lock+0x6b9/0xd80
[  818.256650][   T27]  ? __mutex_lock+0x53c/0xd80
[  818.262535][   T27]  ? rfkill_global_led_trigger_worker+0x23/0xd0
[  818.274223][   T27]  ? mutex_lock_nested+0x10/0x10
[  818.280792][   T27]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  818.286841][   T27]  ? print_irqtrace_events+0x210/0x210
[  818.298114][   T27]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[  818.304317][   T27]  ? do_raw_spin_unlock+0x137/0x8a0
[  818.315068][   T27]  ? process_one_work+0x7a9/0x11d0
[  818.320615][   T27]  rfkill_global_led_trigger_worker+0x23/0xd0
[  818.326726][   T27]  ? process_one_work+0x7a9/0x11d0
[  818.332632][   T27]  process_one_work+0x8a9/0x11d0
[  818.337625][   T27]  ? worker_detach_from_pool+0x260/0x260
[  818.343651][   T27]  ? _raw_spin_lock_irqsave+0x120/0x120
[  818.349596][   T27]  ? kthread_data+0x4e/0xc0
[  818.354156][   T27]  ? wq_worker_running+0x97/0x190
[  818.359642][   T27]  worker_thread+0xa47/0x1200
[  818.364366][   T27]  ? _raw_spin_unlock+0x40/0x40
[  818.369765][   T27]  kthread+0x28d/0x320
[  818.373869][   T27]  ? worker_clr_flags+0x190/0x190
[  818.379310][   T27]  ? kthread_blkcg+0xd0/0xd0
[  818.383932][   T27]  ret_from_fork+0x1f/0x30
[  818.390103][   T27]  </TASK>
[  818.408258][   T27] INFO: task kworker/1:8:3687 blocked for more than 143 seconds.
[  818.416063][   T27]       Not tainted 6.1.109-syzkaller #0
[  818.428226][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  818.436951][   T27] task:kworker/1:8     state:D stack:22232 pid:3687  ppid:2      flags:0x00004000
[  818.468264][   T27] Workqueue: events rfkill_sync_work
[  818.473673][   T27] Call Trace:
[  818.476986][   T27]  <TASK>
[  818.493564][   T27]  __schedule+0x143f/0x4570
[  818.513836][   T27]  ? do_raw_spin_unlock+0x137/0x8a0
[  818.519430][   T27]  ? release_firmware_map_entry+0x186/0x186
[  818.525377][   T27]  ? print_irqtrace_events+0x210/0x210
[  818.553693][   T27]  schedule+0xbf/0x180
[  818.557837][   T27]  schedule_preempt_disabled+0xf/0x20
[  818.563645][   T27]  __mutex_lock+0x6b9/0xd80
[  818.574348][   T27]  ? __mutex_lock+0x53c/0xd80
[  818.585508][   T27]  ? rfkill_sync_work+0x25/0xe0
[  818.596027][   T27]  ? mutex_lock_nested+0x10/0x10
[  818.601644][   T27]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  818.607688][   T27]  ? print_irqtrace_events+0x210/0x210
[  818.620143][   T27]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[  818.626077][   T27]  ? do_raw_spin_unlock+0x137/0x8a0
[  818.635710][   T27]  rfkill_sync_work+0x25/0xe0
[  818.642132][   T27]  ? process_one_work+0x7a9/0x11d0
[  818.647382][   T27]  process_one_work+0x8a9/0x11d0
[  818.668240][   T27]  ? worker_detach_from_pool+0x260/0x260
[  818.673943][   T27]  ? _raw_spin_lock_irqsave+0x120/0x120
[  818.685412][   T27]  ? kthread_data+0x4e/0xc0
[  818.690204][   T27]  ? wq_worker_running+0x97/0x190
[  818.695268][   T27]  worker_thread+0xa47/0x1200
[  818.705852][   T27]  kthread+0x28d/0x320
[  818.710425][   T27]  ? worker_clr_flags+0x190/0x190
[  818.715496][   T27]  ? kthread_blkcg+0xd0/0xd0
[  818.720982][   T27]  ret_from_fork+0x1f/0x30
[  818.725480][   T27]  </TASK>
[  818.730865][   T27] INFO: task syz-executor:5502 blocked for more than 144 seconds.
[  818.740869][   T27]       Not tainted 6.1.109-syzkaller #0
[  818.746621][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  818.755972][   T27] task:syz-executor    state:D stack:20888 pid:5502  ppid:1      flags:0x00004006
[  818.766304][   T27] Call Trace:
[  818.769895][   T27]  <TASK>
[  818.772851][   T27]  __schedule+0x143f/0x4570
[  818.777422][   T27]  ? __mutex_lock+0x6b4/0xd80
[  818.782595][   T27]  ? release_firmware_map_entry+0x186/0x186
[  818.788833][   T27]  ? __mutex_trylock_common+0x8d/0x2e0
[  818.794338][   T27]  ? do_raw_spin_unlock+0x137/0x8a0
[  818.799895][   T27]  schedule+0xbf/0x180
[  818.804004][   T27]  schedule_preempt_disabled+0xf/0x20
[  818.809802][   T27]  __mutex_lock+0x6b9/0xd80
[  818.814332][   T27]  ? kobject_put+0x422/0x460
[  818.819304][   T27]  ? __mutex_lock+0x53c/0xd80
[  818.824017][   T27]  ? rfkill_unregister+0xcc/0x220
[  818.829511][   T27]  ? mutex_lock_nested+0x10/0x10
[  818.834484][   T27]  ? kill_device+0x160/0x160
[  818.840986][   T27]  ? kmem_cache_free+0x292/0x510
[  818.845987][   T27]  rfkill_unregister+0xcc/0x220
[  818.851253][   T27]  hci_unregister_dev+0x362/0x500
[  818.856310][   T27]  vhci_release+0x7f/0xd0
[  818.861049][   T27]  ? vhci_open+0x360/0x360
[  818.865509][   T27]  __fput+0x3f6/0x8d0
[  818.870050][   T27]  task_work_run+0x246/0x300
[  818.874677][   T27]  ? kasan_quarantine_put+0xd4/0x220
[  818.880319][   T27]  ? task_work_cancel+0x2e0/0x2e0
[  818.885383][   T27]  ? kmem_cache_free+0x292/0x510
[  818.890721][   T27]  ? do_exit+0xa6e/0x26a0
[  818.895095][   T27]  do_exit+0xa73/0x26a0
[  818.899644][   T27]  ? put_task_struct+0x80/0x80
[  818.904446][   T27]  ? get_signal+0x137e/0x17d0
[  818.909560][   T27]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  818.915600][   T27]  ? print_irqtrace_events+0x210/0x210
[  818.921463][   T27]  ? _raw_spin_lock_irq+0xdb/0x110
[  818.926613][   T27]  do_group_exit+0x202/0x2b0
[  818.931565][   T27]  ? _raw_spin_unlock_irq+0x1f/0x40
[  818.936790][   T27]  ? lockdep_hardirqs_on+0x94/0x130
[  818.942353][   T27]  get_signal+0x16f7/0x17d0
[  818.946931][   T27]  ? ptrace_notify+0x370/0x370
[  818.953484][   T27]  arch_do_signal_or_restart+0xb0/0x1a10
[  818.959429][   T27]  ? __ia32_sys_waitid+0xc0/0xc0
[  818.964402][   T27]  ? kernel_waitid+0x520/0x520
[  818.969588][   T27]  ? preempt_schedule_irq+0x136/0x1c0
[  818.975004][   T27]  ? get_sigframe_size+0x10/0x10
[  818.980346][   T27]  ? __x64_sys_wait4+0x181/0x1e0
[  818.985340][   T27]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  818.991756][   T27]  ? exit_to_user_mode_loop+0x39/0x100
[  818.997241][   T27]  exit_to_user_mode_loop+0x6a/0x100
[  819.002568][   T27]  exit_to_user_mode_prepare+0xb1/0x140
[  819.008213][   T27]  syscall_exit_to_user_mode+0x60/0x270
[  819.013813][   T27]  do_syscall_64+0x47/0xb0
[  819.018310][   T27]  ? clear_bhb_loop+0x45/0xa0
[  819.023016][   T27]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  819.028982][   T27] RIP: 0033:0x7f123a774157
[  819.033417][   T27] RSP: 002b:00007ffc983322e0 EFLAGS: 00000293 ORIG_RAX: 000000000000003d
[  819.041889][   T27] RAX: fffffffffffffe00 RBX: 0000000000000257 RCX: 00007f123a774157
[  819.049994][   T27] RDX: 0000000040000000 RSI: 00007ffc9833233c RDI: 00000000ffffffff
[  819.057961][   T27] RBP: 00007ffc9833233c R08: 0000000000000000 R09: 0000000000000010
[  819.066274][   T27] R10: 0000000000000000 R11: 0000000000000293 R12: 000055555d6a55eb
[  819.075072][   T27] R13: 000055555d6a5590 R14: 00000000000a1a65 R15: 00007ffc98332390
[  819.083170][   T27]  </TASK>
[  819.086243][   T27] INFO: task syz.0.900:8748 blocked for more than 144 seconds.
[  819.093942][   T27]       Not tainted 6.1.109-syzkaller #0
[  819.099648][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  819.108364][   T27] task:syz.0.900       state:D stack:24832 pid:8748  ppid:5502   flags:0x00004002
[  819.117605][   T27] Call Trace:
[  819.120951][   T27]  <TASK>
[  819.123915][   T27]  __schedule+0x143f/0x4570
[  819.128889][   T27]  ? release_firmware_map_entry+0x186/0x186
[  819.134853][   T27]  schedule+0xbf/0x180
[  819.139000][   T27]  schedule_timeout+0xac/0x300
[  819.143787][   T27]  ? console_conditional_schedule+0x40/0x40
[  819.149724][   T27]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  819.155797][   T27]  ? do_raw_spin_unlock+0x137/0x8a0
[  819.161074][   T27]  ? wait_for_completion+0x2f9/0x610
[  819.166392][   T27]  ? _raw_spin_unlock_irq+0x1f/0x40
[  819.171850][   T27]  ? lockdep_hardirqs_on+0x94/0x130
[  819.177125][   T27]  ? wait_for_completion+0x2f9/0x610
[  819.182653][   T27]  wait_for_completion+0x350/0x610
[  819.187818][   T27]  ? io_schedule+0x100/0x100
[  819.192534][   T27]  ? do_raw_spin_unlock+0x137/0x8a0
[  819.197764][   T27]  ? __flush_work+0xe5/0xad0
[  819.202430][   T27]  __flush_work+0x95b/0xad0
[  819.206953][   T27]  ? __flush_work+0xe5/0xad0
[  819.211652][   T27]  ? flush_work+0x20/0x20
[  819.216066][   T27]  ? move_linked_works+0x230/0x230
[  819.221286][   T27]  ? print_irqtrace_events+0x210/0x210
[  819.226778][   T27]  ? __cancel_work_timer+0x467/0x6a0
[  819.232113][   T27]  __cancel_work_timer+0x519/0x6a0
[  819.237259][   T27]  ? rcu_is_watching+0x11/0xb0
[  819.242088][   T27]  ? cancel_work_sync+0x20/0x20
[  819.246979][   T27]  ? nla_put+0x12d/0x1e0
[  819.251349][   T27]  ? nfc_unregister_device+0x5f/0x290
[  819.256765][   T27]  ? mutex_lock_nested+0x10/0x10
[  819.261790][   T27]  ? nfc_genl_device_removed+0x251/0x370
[  819.267454][   T27]  ? nfc_genl_setup_device_added+0x3f0/0x3f0
[  819.273539][   T27]  rfkill_unregister+0x92/0x220
[  819.279954][   T27]  nfc_unregister_device+0x92/0x290
[  819.285197][   T27]  virtual_ncidev_close+0x55/0x90
[  819.290354][   T27]  ? virtual_ncidev_open+0xc0/0xc0
[  819.295488][   T27]  __fput+0x3f6/0x8d0
[  819.299555][   T27]  task_work_run+0x246/0x300
[  819.304174][   T27]  ? task_work_cancel+0x2e0/0x2e0
[  819.309364][   T27]  ? exit_task_namespaces+0xdd/0xf0
[  819.314608][   T27]  do_exit+0xa73/0x26a0
[  819.318872][   T27]  ? put_task_struct+0x80/0x80
[  819.323664][   T27]  ? get_signal+0x137e/0x17d0
[  819.328514][   T27]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  819.334528][   T27]  ? print_irqtrace_events+0x210/0x210
[  819.340065][   T27]  ? _raw_spin_lock_irq+0xdb/0x110
[  819.345224][   T27]  do_group_exit+0x202/0x2b0
[  819.349874][   T27]  ? _raw_spin_unlock_irq+0x1f/0x40
[  819.355176][   T27]  ? lockdep_hardirqs_on+0x94/0x130
[  819.360516][   T27]  get_signal+0x16f7/0x17d0
[  819.365049][   T27]  ? ptrace_notify+0x370/0x370
[  819.369873][   T27]  ? print_irqtrace_events+0x210/0x210
[  819.375377][   T27]  arch_do_signal_or_restart+0xb0/0x1a10
[  819.381103][   T27]  ? kmem_cache_free+0x292/0x510
[  819.386069][   T27]  ? do_sys_openat2+0x1f9/0x4f0
[  819.391204][   T27]  ? do_sys_openat2+0x1f9/0x4f0
[  819.396095][   T27]  ? get_sigframe_size+0x10/0x10
[  819.401272][   T27]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  819.407316][   T27]  ? __x64_sys_openat+0x243/0x290
[  819.412406][   T27]  ? exit_to_user_mode_loop+0x39/0x100
[  819.417886][   T27]  exit_to_user_mode_loop+0x6a/0x100
[  819.423214][   T27]  exit_to_user_mode_prepare+0xb1/0x140
[  819.428834][   T27]  syscall_exit_to_user_mode+0x60/0x270
[  819.434429][   T27]  do_syscall_64+0x47/0xb0
[  819.438943][   T27]  ? clear_bhb_loop+0x45/0xa0
[  819.443739][   T27]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  819.449725][   T27] RIP: 0033:0x7f123a77def9
[  819.454168][   T27] RSP: 002b:00007f123b4cf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  819.462739][   T27] RAX: 000000000000000a RBX: 00007f123a936130 RCX: 00007f123a77def9
[  819.470751][   T27] RDX: 0000000000000002 RSI: 0000000020000000 RDI: ffffffffffffff9c
[  819.478808][   T27] RBP: 00007f123a7f09f6 R08: 0000000000000000 R09: 0000000000000000
[  819.486835][   T27] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  819.494904][   T27] R13: 0000000000000000 R14: 00007f123a936130 R15: 00007ffc98331f78
[  819.503089][   T27]  </TASK>
[  819.506157][   T27] INFO: task syz.4.902:8745 blocked for more than 144 seconds.
[  819.514302][   T27]       Not tainted 6.1.109-syzkaller #0
[  819.520172][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  819.528941][   T27] task:syz.4.902       state:D stack:22976 pid:8745  ppid:8149   flags:0x00004004
[  819.538258][   T27] Call Trace:
[  819.541561][   T27]  <TASK>
[  819.544516][   T27]  __schedule+0x143f/0x4570
[  819.549112][   T27]  ? release_firmware_map_entry+0x186/0x186
[  819.555034][   T27]  ? __mutex_trylock_common+0x8d/0x2e0
[  819.560541][   T27]  ? do_raw_spin_unlock+0x137/0x8a0
[  819.565790][   T27]  schedule+0xbf/0x180
[  819.569944][   T27]  schedule_preempt_disabled+0xf/0x20
[  819.575349][   T27]  __mutex_lock+0x6b9/0xd80
[  819.579896][   T27]  ? __mutex_lock+0x53c/0xd80
[  819.584588][   T27]  ? nfc_rfkill_set_block+0x4c/0x2f0
[  819.589916][   T27]  ? mutex_lock_nested+0x10/0x10
[  819.594865][   T27]  ? do_raw_spin_unlock+0x137/0x8a0
[  819.600137][   T27]  ? lockdep_hardirqs_on+0x94/0x130
[  819.605356][   T27]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[  819.612738][   T27]  ? _raw_spin_unlock+0x40/0x40
[  819.617629][   T27]  nfc_rfkill_set_block+0x4c/0x2f0
[  819.622828][   T27]  ? nfc_unregister_device+0x290/0x290
[  819.628354][   T27]  rfkill_set_block+0x1e7/0x430
[  819.633246][   T27]  rfkill_fop_write+0x5b7/0x790
[  819.638240][   T27]  ? rfkill_fop_read+0x470/0x470
[  819.643221][   T27]  ? fsnotify_perm+0x64/0x590
[  819.647907][   T27]  ? security_file_permission+0x75/0xa0
[  819.653487][   T27]  ? rfkill_fop_read+0x470/0x470
[  819.658518][   T27]  vfs_write+0x2d9/0xbc0
[  819.662812][   T27]  ? file_end_write+0x250/0x250
[  819.667690][   T27]  ? __fget_files+0x28/0x4a0
[  819.672362][   T27]  ? __fget_files+0x435/0x4a0
[  819.677061][   T27]  ? __fget_files+0x28/0x4a0
[  819.681803][   T27]  ? __fdget_pos+0x1db/0x360
[  819.686417][   T27]  ? ksys_write+0x77/0x2c0
[  819.696523][   T27]  ksys_write+0x19c/0x2c0
[  819.701197][   T27]  ? print_irqtrace_events+0x210/0x210
[  819.706694][   T27]  ? __ia32_sys_read+0x80/0x80
[  819.711604][   T27]  ? syscall_enter_from_user_mode+0x2e/0x230
[  819.717803][   T27]  ? lockdep_hardirqs_on+0x94/0x130
[  819.723064][   T27]  ? syscall_enter_from_user_mode+0x2e/0x230
[  819.729156][   T27]  do_syscall_64+0x3b/0xb0
[  819.733598][   T27]  ? clear_bhb_loop+0x45/0xa0
[  819.738354][   T27]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  819.744278][   T27] RIP: 0033:0x7f206937def9
[  819.749673][   T27] RSP: 002b:00007f206a19f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  819.758169][   T27] RAX: ffffffffffffffda RBX: 00007f2069535f80 RCX: 00007f206937def9
[  819.766199][   T27] RDX: 0000000000000008 RSI: 0000000020000080 RDI: 0000000000000003
[  819.775857][   T27] RBP: 00007f20693f09f6 R08: 0000000000000000 R09: 0000000000000000
[  819.783906][   T27] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  819.791938][   T27] R13: 0000000000000000 R14: 00007f2069535f80 R15: 00007ffc9dfe9938
[  819.799997][   T27]  </TASK>
[  819.803043][   T27] INFO: task syz-executor:8876 blocked for more than 145 seconds.
[  819.810948][   T27]       Not tainted 6.1.109-syzkaller #0
[  819.816594][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  819.825297][   T27] task:syz-executor    state:D stack:27304 pid:8876  ppid:1      flags:0x00004004
[  819.834583][   T27] Call Trace:
[  819.837877][   T27]  <TASK>
[  819.840874][   T27]  __schedule+0x143f/0x4570
[  819.845438][   T27]  ? release_firmware_map_entry+0x186/0x186
[  819.851449][   T27]  ? __mutex_trylock_common+0x8d/0x2e0
[  819.856943][   T27]  ? do_raw_spin_unlock+0x137/0x8a0
[  819.862466][   T27]  schedule+0xbf/0x180
[  819.866578][   T27]  schedule_preempt_disabled+0xf/0x20
[  819.872223][   T27]  __mutex_lock+0x6b9/0xd80
[  819.876772][   T27]  ? __mutex_lock+0x53c/0xd80
[  819.882676][   T27]  ? rfkill_register+0x30/0x880
[  819.887595][   T27]  ? mutex_lock_nested+0x10/0x10
[  819.892771][   T27]  ? __init_waitqueue_head+0xaa/0x140
[  819.898528][   T27]  ? device_initialize+0x24a/0x450
[  819.903686][   T27]  rfkill_register+0x30/0x880
[  819.908647][   T27]  hci_register_dev+0x4df/0xa40
[  819.913554][   T27]  vhci_create_device+0x3ba/0x700
[  819.918878][   T27]  vhci_write+0x38b/0x440
[  819.923277][   T27]  vfs_write+0x857/0xbc0
[  819.927526][   T27]  ? file_end_write+0x250/0x250
[  819.932526][   T27]  ? __fdget_pos+0x1db/0x360
[  819.937188][   T27]  ksys_write+0x19c/0x2c0
[  819.941603][   T27]  ? print_irqtrace_events+0x210/0x210
[  819.947097][   T27]  ? __ia32_sys_read+0x80/0x80
[  819.951949][   T27]  ? syscall_enter_from_user_mode+0x2e/0x230
[  819.958059][   T27]  ? lockdep_hardirqs_on+0x94/0x130
[  819.963319][   T27]  ? syscall_enter_from_user_mode+0x2e/0x230
[  819.970151][   T27]  do_syscall_64+0x3b/0xb0
[  819.974611][   T27]  ? clear_bhb_loop+0x45/0xa0
[  819.979375][   T27]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  819.985327][   T27] RIP: 0033:0x7f1fdad7c9a0
[  819.991405][   T27] RSP: 002b:00007ffcd4ec73f8 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[  819.999923][   T27] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f1fdad7c9a0
[  820.007915][   T27] RDX: 0000000000000002 RSI: 00007ffcd4ec740a RDI: 00000000000000ca
[  820.018996][   T27] RBP: 00007f1fdaf36a38 R08: 0000000000000000 R09: 00007f1fdba6d6c0
[  820.027033][   T27] R10: 0000000000000000 R11: 0000000000000202 R12: 000000000000000c
[  820.035163][   T27] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000
[  820.043212][   T27]  </TASK>
[  820.046240][   T27] INFO: task syz-executor:8878 blocked for more than 145 seconds.
[  820.054635][   T27]       Not tainted 6.1.109-syzkaller #0
[  820.060446][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  820.069174][   T27] task:syz-executor    state:D stack:27560 pid:8878  ppid:1      flags:0x00004004
[  820.079255][   T27] Call Trace:
[  820.082556][   T27]  <TASK>
[  820.085504][   T27]  __schedule+0x143f/0x4570
[  820.090119][   T27]  ? release_firmware_map_entry+0x186/0x186
[  820.096050][   T27]  ? __mutex_trylock_common+0x8d/0x2e0
[  820.103026][   T27]  ? do_raw_spin_unlock+0x137/0x8a0
[  820.108328][   T27]  schedule+0xbf/0x180
[  820.112433][   T27]  schedule_preempt_disabled+0xf/0x20
[  820.117812][   T27]  __mutex_lock+0x6b9/0xd80
[  820.122396][   T27]  ? __mutex_lock+0x53c/0xd80
[  820.127122][   T27]  ? rfkill_register+0x30/0x880
[  820.132022][   T27]  ? mutex_lock_nested+0x10/0x10
[  820.137008][   T27]  ? __init_waitqueue_head+0xaa/0x140
[  820.142463][   T27]  ? device_initialize+0x24a/0x450
[  820.147611][   T27]  rfkill_register+0x30/0x880
[  820.152369][   T27]  hci_register_dev+0x4df/0xa40
[  820.157261][   T27]  vhci_create_device+0x3ba/0x700
[  820.162369][   T27]  vhci_write+0x38b/0x440
[  820.166760][   T27]  vfs_write+0x857/0xbc0
[  820.171107][   T27]  ? file_end_write+0x250/0x250
[  820.175988][   T27]  ? __fdget_pos+0x1db/0x360
[  820.180674][   T27]  ksys_write+0x19c/0x2c0
[  820.185025][   T27]  ? print_irqtrace_events+0x210/0x210
[  820.190867][   T27]  ? __ia32_sys_read+0x80/0x80
[  820.195665][   T27]  ? syscall_enter_from_user_mode+0x2e/0x230
[  820.202271][   T27]  ? lockdep_hardirqs_on+0x94/0x130
[  820.207500][   T27]  ? syscall_enter_from_user_mode+0x2e/0x230
[  820.215370][   T27]  do_syscall_64+0x3b/0xb0
[  820.220021][   T27]  ? clear_bhb_loop+0x45/0xa0
[  820.224749][   T27]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  820.230756][   T27] RIP: 0033:0x7f350417c9a0
[  820.235219][   T27] RSP: 002b:00007ffd4287d198 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[  820.243695][   T27] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f350417c9a0
[  820.251757][   T27] RDX: 0000000000000002 RSI: 00007ffd4287d1aa RDI: 00000000000000ca
[  820.259817][   T27] RBP: 00007f3504336a38 R08: 0000000000000000 R09: 00007f3504e6d6c0
[  820.267806][   T27] R10: 0000000000000000 R11: 0000000000000202 R12: 000000000000000c
[  820.275851][   T27] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000
[  820.283904][   T27]  </TASK>
[  820.286946][   T27] 
[  820.286946][   T27] Showing all locks held in the system:
[  820.294752][   T27] 1 lock held by rcu_tasks_kthre/12:
[  820.300782][   T27]  #0: ffffffff8d32b190 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x29/0xe30
[  820.311374][   T27] 1 lock held by rcu_tasks_trace/13:
[  820.316669][   T27]  #0: ffffffff8d32b990 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x29/0xe30
[  820.327945][   T27] 1 lock held by khungtaskd/27:
[  820.332941][   T27]  #0: ffffffff8d32afc0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x51/0x290
[  820.343191][   T27] 2 locks held by getty/3397:
[  820.347894][   T27]  #0: ffff88802e6cf098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x21/0x70
[  820.357799][   T27]  #1: ffffc900031262f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a7/0x1db0
[  820.368360][   T27] 3 locks held by kworker/1:3/3681:
[  820.373586][   T27]  #0: ffff888017c70938 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  820.384079][   T27]  #1: ffffc9000423fd20 ((work_completion)(&rfkill_global_led_trigger_work)){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  820.397356][   T27]  #2: ffffffff8e7a8788 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_global_led_trigger_worker+0x23/0xd0
[  820.408926][   T27] 3 locks held by kworker/1:8/3687:
[  820.414179][   T27]  #0: ffff888017c70938 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  820.424654][   T27]  #1: ffffc900042bfd20 ((work_completion)(&rfkill->sync_work)){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  820.436485][   T27]  #2: ffffffff8e7a8788 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_sync_work+0x25/0xe0
[  820.446498][   T27] 1 lock held by syz-executor/5332:
[  820.451753][   T27]  #0: ffffffff8e7a8788 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_unregister+0xcc/0x220
[  820.461968][   T27] 1 lock held by syz-executor/5502:
[  820.467174][   T27]  #0: ffffffff8e7a8788 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_unregister+0xcc/0x220
[  820.477390][   T27] 1 lock held by syz.0.900/8748:
[  820.482455][   T27]  #0: ffff8880292f7100 (&dev->mutex){....}-{3:3}, at: nfc_unregister_device+0x5f/0x290
[  820.493259][   T27] 2 locks held by syz.4.902/8745:
[  820.498732][   T27]  #0: ffffffff8e7a8788 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_fop_write+0x1a5/0x790
[  820.509257][   T27]  #1: ffff8880292f7100 (&dev->mutex){....}-{3:3}, at: nfc_rfkill_set_block+0x4c/0x2f0
[  820.520084][   T27] 2 locks held by syz-executor/8876:
[  820.525391][   T27]  #0: ffff88801fe74918 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x700
[  820.535492][   T27]  #1: ffffffff8e7a8788 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x30/0x880
[  820.546519][   T27] 2 locks held by syz-executor/8878:
[  820.551956][   T27]  #0: ffff888059426118 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x700
[  820.562058][   T27]  #1: ffffffff8e7a8788 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x30/0x880
[  820.572101][   T27] 1 lock held by syz.1.928/8890:
[  820.577048][   T27]  #0: ffffffff8e7a8788 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_unregister+0xcc/0x220
[  820.587204][   T27] 2 locks held by syz.2.933/8930:
[  820.592360][   T27]  #0: ffff888024711098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x21/0x70
[  820.602262][   T27]  #1: ffffffff8e7a8788 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x30/0x880
[  820.612301][   T27] 2 locks held by syz-executor/8984:
[  820.617602][   T27]  #0: ffff8880739e3918 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x700
[  820.627763][   T27]  #1: ffffffff8e7a8788 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x30/0x880
[  820.638277][   T27] 2 locks held by syz-executor/8985:
[  820.643596][   T27]  #0: ffff88805994b918 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x700
[  820.654536][   T27]  #1: ffffffff8e7a8788 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x30/0x880
[  820.666298][   T27] 2 locks held by syz-executor/9063:
[  820.671768][   T27]  #0: ffff8880768cb918 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x700
[  820.681890][   T27]  #1: ffffffff8e7a8788 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x30/0x880
[  820.691891][   T27] 2 locks held by syz-executor/9065:
[  820.697175][   T27]  #0: ffff8880247e1118 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x700
[  820.707294][   T27]  #1: ffffffff8e7a8788 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x30/0x880
[  820.717290][   T27] 2 locks held by syz-executor/9070:
[  820.722682][   T27]  #0: ffff8880279e8118 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x700
[  820.732950][   T27]  #1: ffffffff8e7a8788 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x30/0x880
[  820.743000][   T27] 2 locks held by syz-executor/9072:
[  820.749051][   T27]  #0: ffff888077c3c918 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x700
[  820.759185][   T27]  #1: ffffffff8e7a8788 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x30/0x880
[  820.770292][   T27] 2 locks held by syz-executor/9077:
[  820.775611][   T27]  #0: ffff88807c280918 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x700
[  820.785905][   T27]  #1: ffffffff8e7a8788 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x30/0x880
[  820.795980][   T27] 2 locks held by syz-executor/9079:
[  820.801303][   T27]  #0: ffff88807c283918 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x700
[  820.811958][   T27]  #1: ffffffff8e7a8788 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x30/0x880
[  820.822003][   T27] 2 locks held by syz-executor/9082:
[  820.827300][   T27]  #0: ffff888028c16118 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x700
[  820.837408][   T27]  #1: ffffffff8e7a8788 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x30/0x880
[  820.847406][   T27] 2 locks held by syz-executor/9084:
[  820.852738][   T27]  #0: ffff8880553f1118 (&data->open_mutex){+.+.}-{3:3}, at: vhci_create_device+0x34/0x700
[  820.863285][   T27]  #1: ffffffff8e7a8788 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x30/0x880
[  820.873326][   T27] 
[  820.875662][   T27] =============================================
[  820.875662][   T27] 
[  820.885629][   T27] NMI backtrace for cpu 1
[  820.889991][   T27] CPU: 1 PID: 27 Comm: khungtaskd Not tainted 6.1.109-syzkaller #0
[  820.897891][   T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  820.907964][   T27] Call Trace:
[  820.911250][   T27]  <TASK>
[  820.914206][   T27]  dump_stack_lvl+0x1e3/0x2cb
[  820.918915][   T27]  ? nf_tcp_handle_invalid+0x642/0x642
[  820.924405][   T27]  ? panic+0x764/0x764
[  820.928482][   T27]  ? vprintk_emit+0x622/0x740
[  820.933191][   T27]  ? printk_sprint+0x490/0x490
[  820.937959][   T27]  ? nmi_cpu_backtrace+0x252/0x560
[  820.943078][   T27]  nmi_cpu_backtrace+0x4e1/0x560
[  820.948025][   T27]  ? nmi_trigger_cpumask_backtrace+0x3f0/0x3f0
[  820.954184][   T27]  ? _printk+0xd1/0x111
[  820.958348][   T27]  ? panic+0x764/0x764
[  820.962429][   T27]  ? __wake_up_klogd+0xcc/0x100
[  820.967272][   T27]  ? panic+0x764/0x764
[  820.971348][   T27]  ? nmi_trigger_cpumask_backtrace+0xe0/0x3f0
[  820.977444][   T27]  ? arch_trigger_cpumask_backtrace+0x10/0x10
[  820.983517][   T27]  nmi_trigger_cpumask_backtrace+0x1ae/0x3f0
[  820.989516][   T27]  watchdog+0xf88/0xfd0
[  820.993695][   T27]  ? watchdog+0x1f8/0xfd0
[  820.998037][   T27]  kthread+0x28d/0x320
[  821.002113][   T27]  ? hungtask_pm_notify+0x50/0x50
[  821.007147][   T27]  ? kthread_blkcg+0xd0/0xd0
[  821.011743][   T27]  ret_from_fork+0x1f/0x30
[  821.016183][   T27]  </TASK>
[  821.019612][   T27] Sending NMI from CPU 1 to CPUs 0:
[  821.024860][    C0] NMI backtrace for cpu 0
[  821.024870][    C0] CPU: 0 PID: 6394 Comm: kworker/u4:27 Not tainted 6.1.109-syzkaller #0
[  821.024887][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  821.024898][    C0] Workqueue: bat_events batadv_nc_worker
[  821.024935][    C0] RIP: 0010:lockdep_softirqs_off+0x18/0x420
[  821.024975][    C0] Code: fc ff df e9 2c fe ff ff e8 85 54 3c 09 0f 1f 44 00 00 55 48 89 e5 41 57 41 56 41 55 41 54 53 48 83 e4 e0 48 81 ec 80 00 00 00 <48> 89 7c 24 18 65 48 8b 04 25 28 00 00 00 48 89 44 24 60 49 bd 00
[  821.024999][    C0] RSP: 0018:ffffc90004f179a0 EFLAGS: 00000086
[  821.025024][    C0] RAX: 0000000080000000 RBX: ffffc90004f17aa0 RCX: 0000000000000076
[  821.025036][    C0] RDX: 1ffff110042d6199 RSI: 0000000000000201 RDI: ffffffff8a77c5c8
[  821.025057][    C0] RBP: ffffc90004f17a50 R08: dffffc0000000000 R09: fffffbfff223b65f
[  821.025082][    C0] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[  821.025094][    C0] R13: 1ffff920009e2f50 R14: 0000000000000246 R15: 0000000000000201
[  821.025116][    C0] FS:  0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[  821.025145][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  821.025159][    C0] CR2: 00007f549f667d60 CR3: 000000007f976000 CR4: 00000000003506f0
[  821.025174][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  821.025184][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  821.025194][    C0] Call Trace:
[  821.025199][    C0]  <NMI>
[  821.025205][    C0]  ? nmi_cpu_backtrace+0x3de/0x560
[  821.025239][    C0]  ? read_lock_is_recursive+0x10/0x10
[  821.025266][    C0]  ? nmi_trigger_cpumask_backtrace+0x3f0/0x3f0
[  821.025294][    C0]  ? nmi_handle+0x25/0x440
[  821.025333][    C0]  ? nmi_cpu_backtrace_handler+0x8/0x10
[  821.025360][    C0]  ? nmi_handle+0x12e/0x440
[  821.025386][    C0]  ? nmi_handle+0x25/0x440
[  821.025411][    C0]  ? lockdep_softirqs_off+0x18/0x420
[  821.025436][    C0]  ? default_do_nmi+0x62/0x150
[  821.025454][    C0]  ? exc_nmi+0xa8/0x100
[  821.025470][    C0]  ? end_repeat_nmi+0x16/0x31
[  821.025500][    C0]  ? batadv_nc_purge_paths+0xe8/0x3b0
[  821.025524][    C0]  ? lockdep_softirqs_off+0x18/0x420
[  821.025550][    C0]  ? lockdep_softirqs_off+0x18/0x420
[  821.025582][    C0]  ? lockdep_softirqs_off+0x18/0x420
[  821.025606][    C0]  </NMI>
[  821.025611][    C0]  <TASK>
[  821.025618][    C0]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  821.025645][    C0]  ? print_irqtrace_events+0x210/0x210
[  821.025676][    C0]  __local_bh_disable_ip+0xf7/0x210
[  821.025703][    C0]  ? __local_bh_enable_ip+0x164/0x1f0
[  821.025729][    C0]  ? lockdep_hardirqs_on+0x94/0x130
[  821.025747][    C0]  ? batadv_nc_purge_paths+0xe8/0x3b0
[  821.025772][    C0]  ? __bpf_trace_softirq+0x10/0x10
[  821.025797][    C0]  ? __local_bh_enable_ip+0x164/0x1f0
[  821.025824][    C0]  ? batadv_nc_purge_paths+0x30e/0x3b0
[  821.025853][    C0]  ? _local_bh_enable+0xa0/0xa0
[  821.025881][    C0]  ? batadv_nc_purge_paths+0xe8/0x3b0
[  821.025908][    C0]  ? batadv_nc_purge_paths+0xe8/0x3b0
[  821.025934][    C0]  _raw_spin_lock_bh+0x18/0x40
[  821.025953][    C0]  ? batadv_nc_purge_paths+0x3b0/0x3b0
[  821.025977][    C0]  batadv_nc_purge_paths+0xe8/0x3b0
[  821.026008][    C0]  batadv_nc_worker+0x324/0x610
[  821.026032][    C0]  ? batadv_nc_worker+0xc7/0x610
[  821.026056][    C0]  ? process_one_work+0x7a9/0x11d0
[  821.026076][    C0]  process_one_work+0x8a9/0x11d0
[  821.026103][    C0]  ? worker_detach_from_pool+0x260/0x260
[  821.026126][    C0]  ? _raw_spin_lock_irqsave+0x120/0x120
[  821.026153][    C0]  ? kthread_data+0x4e/0xc0
[  821.026180][    C0]  ? wq_worker_running+0x97/0x190
[  821.026208][    C0]  worker_thread+0xa47/0x1200
[  821.026229][    C0]  ? release_firmware_map_entry+0x186/0x186
[  821.026267][    C0]  kthread+0x28d/0x320
[  821.026281][    C0]  ? worker_clr_flags+0x190/0x190
[  821.026299][    C0]  ? kthread_blkcg+0xd0/0xd0
[  821.026315][    C0]  ret_from_fork+0x1f/0x30
[  821.026346][    C0]  </TASK>
[  821.407934][   T27] Kernel panic - not syncing: hung_task: blocked tasks
[  821.414808][   T27] CPU: 1 PID: 27 Comm: khungtaskd Not tainted 6.1.109-syzkaller #0
[  821.422690][   T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  821.432767][   T27] Call Trace:
[  821.436055][   T27]  <TASK>
[  821.438981][   T27]  dump_stack_lvl+0x1e3/0x2cb
[  821.443674][   T27]  ? nf_tcp_handle_invalid+0x642/0x642
[  821.449142][   T27]  ? panic+0x764/0x764
[  821.453227][   T27]  ? vscnprintf+0x59/0x80
[  821.457571][   T27]  panic+0x318/0x764
[  821.461471][   T27]  ? nmi_trigger_cpumask_backtrace+0x2bf/0x3f0
[  821.467638][   T27]  ? memcpy_page_flushcache+0xfc/0xfc
[  821.473037][   T27]  ? nmi_trigger_cpumask_backtrace+0x2bf/0x3f0
[  821.479200][   T27]  ? nmi_trigger_cpumask_backtrace+0x338/0x3f0
[  821.485361][   T27]  ? nmi_trigger_cpumask_backtrace+0x33d/0x3f0
[  821.491547][   T27]  watchdog+0xfc7/0xfd0
[  821.495727][   T27]  ? watchdog+0x1f8/0xfd0
[  821.500061][   T27]  kthread+0x28d/0x320
[  821.504143][   T27]  ? hungtask_pm_notify+0x50/0x50
[  821.509175][   T27]  ? kthread_blkcg+0xd0/0xd0
[  821.513782][   T27]  ret_from_fork+0x1f/0x30
[  821.518220][   T27]  </TASK>
[  821.521551][   T27] Kernel Offset: disabled
[  821.525875][   T27] Rebooting in 86400 seconds..