last executing test programs:

10.493816718s ago: executing program 0 (id=548):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
dup(r2)
mlock(&(0x7f0000626000/0x5000)=nil, 0x5000)
syz_usb_connect(0x0, 0x0, 0x0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x4, &(0x7f0000000180)=@lang_id={0x4, 0x3, 0x403}}]})
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r3, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x3d}, 0x8}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
r4 = fcntl$dupfd(r3, 0x0, r3)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r3, 0x6, 0x14, &(0x7f0000000100)=0x1, 0x41)
sendmsg$IPVS_CMD_GET_CONFIG(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[], 0x14}}, 0x4000)
setsockopt$inet6_tcp_TLS_TX(r4, 0x11a, 0x2, &(0x7f0000000340)=@gcm_128={{0x303}, "9a8427ef255ae9e4", "083421b1e961f73df0f82e94a9f869d3", "d2819647", "d567c111341c4a3f"}, 0x28)
recvmmsg(r3, &(0x7f0000001040)=[{{0x0, 0x0, &(0x7f0000000b80)=[{0x0}], 0x1}, 0x4}], 0x1, 0x40000002, 0x0)

7.225539196s ago: executing program 0 (id=566):
socket$tipc(0x1e, 0x2, 0x0)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000100)='ns/user\x00')
socket$packet(0x11, 0x3, 0x300)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$kcm(0x2, 0x200000000000001, 0x106)
r1 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x38, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r3, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0xc, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x8057}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40000}, 0x44080)
sendmsg$nl_route_sched(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000380)=@newqdisc={0x48, 0x24, 0xd0f, 0x70bd26, 0x0, {0x60, 0x0, 0x0, r3, {}, {0xffe0, 0xa}, {0x1, 0x53e7e5a6a3739329}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x0, '\x00', 0x7ff, 0x80, 0x3, 0xb5}}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x80015}, 0x4000)
sendmsg$inet(r0, &(0x7f0000000240)={&(0x7f0000000140)={0x2, 0x4001, @loopback}, 0x10, 0x0}, 0x34004000)

7.004539511s ago: executing program 1 (id=569):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
read$FUSE(r0, 0x0, 0x0)
openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_fuse_handle_req(r0, 0x0, 0x0, 0x0)
syz_fuse_handle_req(r0, &(0x7f00000062c0)="a08aea26a16d3df64ecb81d918cf1613c6c8a464adda377ded1355c3a3643a89e05e27710b7bc718e72fcb9efa4fe18688d908be63b8eeb4815bcf976b35a65a5ecdfabcb37f12bae31bde6ed731f73fe0f469239a67cc90fe0c804aadb9dd71224124e93d80adbc1ffdc4d5cf69da49aab179da0a826f4b91e301ddaefd71296e7b14ec4496540759364969efadf18e71c69ad7d9bea9390e45ac00607eff218b9a578721e3fe839cc88854b234df3312e59cf8e0e7288d90b8ff60df1e8e5dfdd0da25a1d07999e4a73daab4ef7085dda50ca1a7f2fdb3908368dc6a5c507c7d96559ce5e514ab776e41d5a38c4c6261dc64cada9b093249359f80164d5d464f507438c4494fa586918c74795acecafaf0ff3fdebd9ab22fabf83580d2e4c10806ef5c5e6fa260e236fa48665c32d52ff4f6e90947e3ac33f338318b0a0279bb73171791cf8466d305f43b77bf5e03a5bd69c2e13631b852dd16bde2f7699d1615ed64e22c07e3b44eb2fa2932d5e1060c171825d4218a1ddb5ede5dddbee0f3c883983a7179a6582811b63e949d3c4ee6cd44a31b0bd6d9cb2ae2efb56e5ecbdfb815254d566ced90663c60fdc3422ec729d6fcc3cf0c667a6f2009b5ac9af8c4f90f3a349c96548dce7375934bfe242ba123cf4b33043cc95370851ca0ce8ef165243f850935b69c55c571a6d2619027bf5e402ecdc5efd065af6e1f390388ee6f7d18f51b669f7e6c72f729e1a5ae068e48e8e67cade197539eed5511f17e7ba20e63ce6c6545795b66475599c6410162dc60a0ab447602be54b2770d076c611eb5257a7d44ad5540c92d96669c1fec69312cd9a95d818a52813a39bdfe8e8fe40b2f1f2d8084d4b62e8df90b3066bb7a9b3e1aa9f5f70a12555f63bcb5402d7d2294edec08bae879592e3f6346bafb87e7512825fb0227bf7cece4effb0a49a280c3b6d5eef1b73a0214e6f54e533502527cf2de54796dda14f53e6fe68452b06657aa7fef092b503f89e3fe564b729f0492aa7f2e7a566a7d71e7bcb9793917e6b924528c3a8533421e76aa129428c83ee2e9bf177a629db54371c85dfce8afe0413fb16a8e772417e34e524be824e750644183ab1f9ede4c918586df75892c3018618060551f41088e5edaef968a1c4a006181fde9ae56c6c397d1175d969d47c1744b22b2b8d761e1ffd96ee4d12bf8512fadc7794dd556178addb5ed93252d7b7c7e30ef0effcbdb0904b8ef8dcec3c9cad15d2c7c09370171ba14365617d80ae07b8c2bf15278b29138ebaa3617876a789a20fcf219056331b81fbad11218b6d68ff801f663373c4ae895b9730b84b7f46f28cb08741dfa7d840c634199e57e84d693a32c680347ca2075f29b6bd63a78349dca6809ad1c48c4f21ecf0bd9750c51d8568b0da8120f230b9f467dbb01c4fa2c57656822f88cd576f24c3dee8c3855aca8e19ffdb207b3f62425beaba4114b18e5fe972ecc8fe84b10e234218401d7d839ee1254dfdc83ab0a17acfb7b4b65bc2aa890c6242f2c68e1fbae5ccf0997389a3e73c76d96f8623f1cf4dd768f3a3bf3176746811a02615d544e44ee6c954c46e6bfcc7ff82f8bbc7bdc0d14f72960c742acec21edfa8234929b3291352f17d787e3518c9b38fb1598327779b525f18ee94605efbf99a54cc8eb3d02e7bc47753cbc479bcacdd70c23023ff15f33118353789e71fa4976259e7f3aa3e574f3fc8236011605adeac7dddcd8ff2879cd9db582c767038060a370be00c42781ee8544c138ed808f7eeea5b65d029b0753001608fa8d010a2e5442c74072d6b3ece391677c09edda28abf59fbae16b8ccf1a82f6953c22ed3749d58c155524005543353d2112cbe633beb0e6c7cc042f512fa36b833c9c95fde422fd6620ced7a0415eebae3dcf42c190a93991458e21119b37f4b73835f3f54beefd361c27f9c8b2172e4a94d365eb8645a4b3857218b4eb2432505206d7a515e8abf46f95587f7f084a3b4bfbdc900c50dc9c94133319c52d4ea7e85eb29591b3e0f4ecc5d8d7a9664b2704c92e7d7678c13c6cb0af35954a93d3d1787fba6b31517ebc708f221f821f53a775b33804f36148047542a06f05ba3873d119e441deb6e6b97ab5a5bef02d3459a0ee2b96bbf728785e477ee19f492569a69f494f00be6c339193084a634d45447697c4a15fc67f35e1fe7ff458ae61fa8ef93e6a45da1e3fb7fe2ffb82863d5f5c98dfd2b5acc68e8ac1cabd4de3596ad6be0502c9895bd31ddc85dd3d4c7d9260a7354462ddff2b1bfa2f05aa81e33a1245340ece98c6c99b3bc9f33a35a7beec2b171b0a9aa1476840dfc74a45fbda7c1e76cdbb6728b45d4b51a2fe79122dd6b1e2bdc1e42740d45183270fcf6f6a7864bd8bbbadaba62b4ccd5839f5bb3de1c1f1b1869056832600cbee10accc41072b8cd1c5bdb0a902fcf51c551713cb01043c36473f6576e6d15665cb6f4040a1f7e7ca9f26f37e348c1928535747d3abcd2f7c73562f9cde6c438f05f51df4f2463bf481f9fa1034a6bcbb9de6e5ef377eab6c5240b0cb66a2175bc201bf3f8decbc62209a6965aad4fa012b5ac567a879c01b461dd947b9849ce57d49ee40e0bc3b5090b570ed0f78460f7e86d0daf955acabb8268cf6db70dc9ce637da7f9d8efb770ca250d5de07dec16c278ad1153bf129ad897931566a554ce9cf72c9ac2375eda71ff0c647bd8414046c58c7c1b0dc26b382332ce4af7af50d82b6aec2d49604bb2704f6187493e213be0c3fac39f567c54cf23ac73de7054cf12df030d70ce0afbcad7e7defb3e31d5b40a0a7f2b1d175794323c1b6e81a4fa56a1aa3a71a24e23caefbcf65505fb007ba3b1d310438a63cbb06b14e524776fa3fa585405ee25d6842f575b515a9db2cfae72270bcb4b5be65aabf6a3c074e70b85e6ff2e9ddbed1fd215b89c29a7b15a834f3c6f1b0c3699edfa74a4400bc63cd97818cba9fd22dd654fc5e438d12b2a28f2f0c53f747b92dcf358d59e658a4f0767943a5ad6924591e8ae3ba40ea2b7b501662305b3d8bd831d45dfc3770ce2119ca53a53603ccc8312f8565d8d3262fce618cf62a996dae7a87127ad2f85ed62e85c6b2a6b00f5550096a8db7428b151656f718f8e1ba521ff1477a3d63f7f81e84e047c3008b168d769131223bf4af1a1c48f2167a500416bf5db7fe291936bcbf1dc06d389e2ea06f1359e69461d340cb8664db09097c824c538c602e1f7133a0dabdc0e552e2e7527fa68c3c3138206677f2e573b4eb69f541a42656a76e0212ae428271666868a7b586911e623cb963ab29311c2447e3f2b1ef8d09bb564a2bda9190d6b7e7d26bc173975703377864b0092ef501c9b4c03fed488230a695d56a00d5f042c96176f148f6cd3e9327f525b0f7ee19f0c0c1a23f7c41a96b093dd2c451f5a7f08206cf5f27913535c9928b6feb53dd1381b5cc6ae321c166108b9ddc87df095bbdf3ce21f958c838d08431716bcd3c0630c1e50673ee1c0ab2a4526f249b32903127d008e764eec80e5a760af54c79bd6cf7cbdd1af2adbd5b3d91369a366a164cd34371bb6a81e0f76c9b4473ef6bcb1250e90867684a109514628a1f030d0094f7df35a01e3a5f1e6c9542830cd88da9243a84f37d6a2268f87357a1a221336959a924c281964816f4c480b8fbb48a2a1e8fd0d537887ce0617dd00b6dca1f164843119f95c4f6737c2f1338cc92bd9920be08ea9297a8bdb9c393669638f73f6ad6e9c8757d17c906921fb69456ec89cbb2f99767859c0319de036ec8eb3a4b4a833cba92eadd5fcf2e8288ba948698cd4bd01b8b5eccb6564c2a41182a310fdff9597d95c451961cde9424400cd9904b4db47a9d483fb21329dfda90275a91147b25f09f6a6c2014d5adadaf7463648e240778b586079262ffac0dc215abedf25da4b141227b1fe734bbcf07e4e49e5f4e156a1a40b065bd1f42f48345bcd47cdda14af27d60668d2d5b6cda562df1db711d98971759e3feb459420f2265033b565dc0e72d843eb1ea89d2f2a637f2c610a74edbb7530733b431b8562a55f93d787564360ac94866c559d915e94d6b6ad5a33fbf06f7974e3aeff98aaf791018c74b451ccab80f34aba8061a82a2ec800efc4070e47f2a784814901cfcbe933e514417f9a33fffae420f1f9210ce2dfd39114675e934083961bf593fa267f25a40e3281ec2d731675f7a2043e2def24fcd42dcae3c5a26001db48566096e4f82944381b8316f35d8c320cdf481e71b3354f867990b74aaf3d926a354a0f66a34ed4b98aeeb4f991ed1eb00ebd59661b95d41c573a83207bcc4bc9bd963a2d86c80476d32531134972e8b0f308a767dba83519067fd3005b8fd51f79e6a8755c1e45981865f25b35909aaa6bccc8f5dcf18714f6da588c2cfe784c03c09f30a3638cc11cfbbafc0a378282124213ca5e346dfdeae46a0deaaf0e55ce7157d454b9f75c27a1e25642c90bdfcd118589e4b9dbbc8af3e33b0838c4d4a284eebfb95a5d07ed6b8fa74eef8011045a727dd230e277ba07583a07c7f4e7ceab12716700ed8a60b6c5db1384d998cebfd3b88b1632b75bfc78090f4fac510593a2248c83996b75ac60560b81fd348dc53933a027b2cab0754348913db31e9b82fcc329e700e8b52766a44d87561e037da39c3b50408d7f67ba1a5e64913042a1ce5765a13dbd68ac43e4fe651e8fca8b2f3ee2521fbe5b67206245d76091b368b1b8af9e073f0fbd41e45da66aa016b02cf1679c85c0e078df288b306166cbb67b981bb73cab271e9c470f68bb78ca421a752594ba2e7527f216ce0e56cac66e1f6b9828491d25b0fac2d0b065dbfb3140759b768370cd9d402241885d2cd1f361b93f4a85da3f5337ce59b0d5e40f15f40b20c3df4ac352abf2d2920b0583a9aa0655698735d866abdea66d5596366381c91eb144e98ad0203abeb2846243b640e534ffca8474078d6b43c9c01e093fb27a357c479069bd9f07da9cdb0f0459ae7d18c4693254e4654e3cc23fbc3f9865cca6bafb68475877fa4a597cfa1829fcd9304982c279aceac0805616956e6080f35439cef8912e5ea3f6c9ad64e061702768268a3b41626a7dee77e43fd9c1ea74fdff2470dfc6f7e111e0009fea2616c0404c5610bf9572710599e06014251c873defc393d5ba4f08034b22690ef47f914d3a0b9d53a63b3b89b6bf49d36dd5eb03cd415f8d08b14652b5dfdfb2a3b6ac93d10eabe6cff885c2dc22b8e99ae94ebac65f8ca487ef54ccc1fcd9b49e56a76ebd94ec368e5eb62a55241d57a774083ac367621a4264968da4b324079e37d683060d6c8b6d267303ba925173c94025af10bc5578673285a418ae7292f7ff7bd49284250bf954edf76aadef5976d780ae0b3c2349bd2e7d1621aa0e575219ccdd84455c1f1d238b8f13e24ba9fbe277ef6300eecee1a5ea003ca72c2910951d76ed9544a4f1745a35f3fe3b2a2995105f1ae14aa094aafbbba1967fc2d695046c0ed7e9a8466b3578780e141d9db2521080d9c57869bfd0e596ca3301e27c72386b9d2c4019af4d7d21dafcf43e3351e35ce866f484087112fa4862b2952685890afc510cdefd1efcbd55f68fdfa51e3919a1ef24c5e873b62432ee6f653304f5e77186ab40defecd784ac72bcf137c3c28ec0a0438951cb4812fea8b67030c3083d08d2315154546e380be655803c34d0686db09db9f67fb50e76454e5828f7024faebb8b0258c3679fcad9886f3103fa3dd5787a7fc378ff2703199037d2cea25411489e59bc4da6bc7e061d91b287e126dc03c4f47e24e138625f1fad12777b9f774e64c5cf9b3d04ab05beb9aca99ce8e0f0244095ef711030294d896bdd4c85d462f15d2e7cdfb5dd61828a33bcf57672f421040b58ef562264e0a66e2aba3534372632a4026fc3c389392d5d0bc07643e5a9ecd96071a86cb6e6455ab887d8829c95f01f6f8f73a2234ad0a2474bd8bdc1804b00efefd4d302ca6afe55a9f2a51849746fe1da68457038bec60f4b98b4730ea48e249ffe149cb9b5050a637c64fa04f742ec363daf358515206d971d36d95e45b67fb26c333521bf497944bb26dab025152342e19d10f4e243d45cfa1af73a804f25e3343a13bef2e61ddc49013d5d65e269ca41fc7d91d0bb7e041976b66ee7c19798d9fcf7ea9bfae2e8b8ef93d52c25bacd074f9ff32207038240f6fdc28c1f1025252dda84b577f5d2df38a086721f0b9a5005c796c5934c910eb97035d82e9197809a52821f570b004b3863c659bcfc971311c1220825655ac821225184d3a8cde18655938b05cce514c092fdef9039a0555b0e50374b4b679b838be745acd989f76fd08c9a166235ca72412733a28870d116adddf08c0663464a2bb44782c94e7d98639800e14dc91e5cb60d037b60414fcd5780efd43bd9eaebac3b8c087291bd68d888ed6eb11c5c2e03c82f35815412d5313073a3db1363ad73383861776771c893632431a24c7465ce04296d26a98fa7f705f6b5a9ab9dea44c6af312a7cc9eab2edc193c3bc0deca707c33c30cfa4bf517827cfcb4b56688c4ccbabdac8444c9df71b190a5230fb81001b5086b0effeb64ab6b97132a757b31f4aea1f329d6996ff699336a0a25757c9f125d54d1586b8e435a63932dd4efd58457e9e35fa72316f347fa004d21685e8201f10ac79e7440f3f34a1b4c505e4d292de0149d07ea897bb1597d03cfe74e915c18b8e6659f15ac0570cd9a7be9345328c92df9235f7544c1a463b977d705e5949f18c1207d291f50ba1c40c0305a2e763ed09ad05b39ddaa85b145c86819c5afb98e533e0b3a92a35b989da1dae4fc91f25562814a09b2ec94cceb97cf6e7a8193cdface100512a337d3b00e87372934d0d25be2b61ad0b0019251097ee3c099c67672cfe6fc70e2e2ae0f3e64aedbe42ef9d02dae111c2a01486723019b261eeeebc6554407f3bf076056c2735024f4033bbeb03bda831d396bb33e4b51901b4b5612f1afb66bae7974f1659c53f8b88beae490d7154de178ff2227123297dff4ba584996653773801e1fbd0d91207304535da536bf986340680ed658c57f29e78524f98146e2b07a6a58aac334d18a6590b29b9db11b2cc5758120a85ed022f23a5f15458ff79b1740e5dbacef5310117d312689a5d96c2f1b6859f01f43320044364bc55ebe82610f797e86dc74933848f55046d4ebf8c6a84fc1b45e1f25290f66dd5f29028342c9219e4313e697168b978107a013378fc9c97b6f677eef38f5cf316ab518146d90311bcd37a447b2d24d005875d36bf4b860ff7af7a2240960172340a54b59db47833e5695113d8555f84f8b864b1de3ceb6a3a2c5f7076eac362e208b35eda7f33a578aa644a2c307e4be108bcf97da4a53cbd61897bbb57636e9b869823a962e55baebdefd558c78ff12291816d818b32dd7cd0f4628ee13434909e22b3f767aed8a185d64211d116bce5987d0161a849fce1752573edf36e92e19d10b8ecfe35a60f63ca6ba0641e1822c48d7e1ab64625e3a2ef1542ad90bb5777da923876b6bc6a7193d33569d5c10d5311007ff74cf50cd18388d4c2ebe8475e2da5cb6611439060786e8431222c64293eaa6e70c3108a438a875bfd7ac14aa2700dd53d089f9d59dddbdcfd3d61a6b385f9dc5a358a92592d76dc60610583aeb192f04925a4bd4678994797bf1612d0381d016c6df42acc116b4fb80240854ae3982e193dd4deadbfad7d9ba9eec48f13b478ff8fcb93b4b400b1945c7dbba916eb245e978b86aa1fcb6b585a3d4fad48393830d41674601fddc3142de432a2cd72e387f85a137f20359649cc38f238cff649b29b928dba878af7720031b74b526599b1bea2c22100ad329c3d7c04357c2847de21a6ca39e1c9b745e9b77e753bc680fbb116fef5a9205a7887e42750fd0e99b8641c48c164324c87b86ed67b7e19a72581f8285ae92ae1e0eba4c45811f9fd23781cc87e62a8922a23778563a3f01f7cce7ddf80758c9e2f10e25ca83832fe8cc2a7a0928dfddf1f62f9b7929cac09d3f11ef859a261fa6cb66572d16d3efd744541e99f39ca293e049409a3f86d4994865226683683d3093012bb867e5b95cab1f4ca559cb33cd98ebf9a15105a8e7b104c9e0ef92f2ed664610419dfd637ab6d8f3a00cd60626dcb8f47a362e6eeb063ba7fc674f8332298269c9653acafcff1338672ef961f59acae40a597a9757c58133df205b3ba75bee2397445d00a3eed7c034b9dbc05950ad9029c59258b2d39cf63ba0f399147370c4900e3bd51b2d92de7f25837018fad18824904f576479105a11f03750462439e06547de0c1f022636e4ecdd61e5073cd41d510fdf832ca888093e9030db042453b12e2bda666a2b11fce95b8392fea6759363a71a9b5482c193465c267b5e16f4dc8931ca355c9feef7be27723e655fdc3a07639a40eb7d6a2620dbdfc4c6a68be474d66de0da51096b0f092804ecb7bb52b9353989e6a4f4ea73078b1793b3573200eedb4c406a3a5cc84d6908fdbe80fb5accf1f5d4f2ad5b39a15f72183de5f80c164525ca58d879031c3b036631e707f2f82c6eca3d0e046206d32c848713e545a0fa90547ebc8f1f3b74717f2798c4f5f6a2fa2ca73262317081560d259864bd592556043ad308398d34ebe2b69ae1772c644490cecad0827ee81cdc79f50513f4da712d91fc028a9fbe80493fae959ba17917f93e4846efbff735ccd7703befe57db19d895c1615da149f668c0bb76d862b9577da0a6c9eff030c11311b85645d42a0dd191ee7d67b2492023b8ebcbe13a41244ef258d9a6c4580e8a1955d59a745d1c2b8054050a9fe71fc4f0cc61386de3ac8b84900b3c8fc191302723ee5d92e05b460be1dba410981372f2c810cc18c1a6e2fefd482d7f4246f44eba7df3a944659f39ca0f7dc353fcb68c8158ed0af9d9aecbf6be1305cde1491fa4eedbc44d77e06d257dfa5c47c188e2864eaee88bba51e5f9c120218dac78f6926b2597159c310574f4847975e0f01afde831c343b91ac274a47bcbf6e7e4c70002c32296357c935f9d9f47482e7c0845e7fbb5c900251711c5dc6470a6e6cd6e2f29c4567efb9730212b01947d35d0145de4898515e93c4fd19aeee88003b1c19e332a1492856493ff01f07fdeda955abc4cbc1bbb1273b0f2f36b148cbe2a0d69aca32b6487bc4026b0c415ccdcccef65d293a628a4ab143e08174f2a65ff03ae1fded3855eaa5326c376beacf98a5e5e5f074729875f40479d0cc57a83bfbb5b2c6f6e8aa4d17adfc050659743b8ee31b798b8fc3c419bd8cc7a10be6574d4cfbfcc189ee9457ce6509453985dfe4a38427462b8c72e1456f6abd682f7fb02953c63ac915df7b27e98b1b1699488ac3e3b45f565c707b80e097c9bf9bf509abe4d841fe847a253a5682c025a0555472f84890e39065dd97f0ad11090a0ba5c9ff7a5ba11ebee08057d237b631f721dce9a596721f222bb4829406267d7bb1beaef3aeac8c31abfe7a4e8ad13eab1c934657874217f336cbaee83be477e2ae79a09f4cef5dad39c5aeddc70a887a883c7813d22bf490b2b3c252320e243df8aedbcaead7fbd660c71df510eb8eb2076db10d936502604744216f438d1bdb1e1a332891418ba76dda7f9e62ce9326f8b9d966e94bc7dfdab20a4185ff0b1988d89a515b4e37d9046a677b49ad4ae31d60c3ca278a3237a50b876122684bf80eca8ca22cfa8c3a90ab9678fbe4975bf0bceadfd098e8f5b40dffddaf7a5b84e069fe87fab949f911636d25c78518640a887c9465dceb43d6067aa350d4b79a94422f3d201efa62cdbd4db5193987326090b88825f0cf7e5af29260bcff459b2de4365aff5982667173fc19f215281d4a44dae32f3048b37bf3bb39bd092dbeab38d56fbaef0b4ded00b0236b23b4fc312e34fd3f4f30cec9978be5d825775f5d7ad8cd7bc1e56792d563ebaa156b2583c6e7742c397bb0d38a760c8d2116aacbfaa06256bbbb5b904753296d21267186d2d5f4e45278c6b68d1130e73ea143fd83740c2d21b78bd235be5b9e43cbca0fd601c4b3d598e91ce4ebec7dfffd4b1dff5eb0f28d64e76a0142f34be1f0e1ddf4bb0114b570804f0a7c62d094109301b383e1c88ae600a3a003063723b5ea77fbd38a07ce7d53b6ae3b1e31addc65b0f6753e1e547133024b0fbfece6a49c4e18796568ac91ebb82d17fb2d48a9475bc456e3413bd04a96447dad775647d05f11a885a15bda0de7620bb5d99e0a21b93f2d2ce1b3ba6dedc2867b5f5d5e8221a38176434b44e8e5ddbdd12c752f5ac63098809e4dfe215f1169c3ac0a2ca93c37106f3f8ae4111c25697a0227811ce422ca8610a86b17bf5dd900ddbbcc333e024227a46eaef2273f2f8f1de503d4fb277212d4420fa28c555ad83b7fa929807597563811c27a4f9497e069b281b478dba0ecacafbc09b03aea0cc80ca204a8df0ce21604edbc2b8b70868067cd0f0c112d5c42a06cde6acea8df2163cb095ceb1a7d2d805ab0b2ade19905324d4eb3024d2ed83f9771be1e2974bb7c90f9d684c0acc8408c164e99ac221828eeb356dacaa66fe4e722875e9603efb494aa0446a4378c2a31844886122d27d2db283a5d99a34eeb54fb615497c33af1f214aa35c38309cd0780745875d75006e7e2c450e0a1954dbe02962392c71ab3a78ffb8eb8ce816dcc5923f18226c2f1a55a8d62921fc8c1e16585184f6b8f3a34db61cf05f9c6595bd71b7a97860a0b6a677c03620d06bfbc9bf2e7629aa2c2e145032014b1521510c94a184b330da2def6a4594313181d89554fa37041f5c4e8158b504fcd2618609f842647672deea76dff493153add1507df38eb4edb7a6e943e1d20611aecb77235b7bff901dc2b7b89cc0e737aee51c2cf661097fecc10c4d24c4d700f46128b466aa0a9764b8b7aef93535c32a3d37e627819cf814090abcb801dbef5bd075263cf3b166a7f047a65d98286cb2623ad5345b9c5950edbd43240dd79161bc4f0b999c62c9711767b31b2f73e1e78b0019db741852be0493360b4dc6494e2729763fbe2eb01fc40b03444261f9fa61a8529da19f097d0ac2046c35e8437b92cfd8c780ce18f9995bee0a9efbe7bd70c739a991f5f6d3588d9c0afd79b5584ba8a269a0b88f0fd22db775abb0b30f50367feaa3dbe74d3a4c0b3dc4c8729e0c2ea58ab92d826986d1dc3845e6607581301fed5d371522ea11d5704170e5c25cc387bd231dc2d2cb8bd47b63f4ea53ae6df378b6543b0fb6fc383e24271f59615f5bc18e5163327e857528d5a173b0b07ae8ff50a6c2a416cd608df6275bc807f95371a8181d5fd11806ddd55e2e8fc8aedff4e5d2d2da63099481780555ed0d22ed8325f4919b9e2c7045713cafd1093e0d29b3112e3612113e37dbcc3c3263915ea387a6207b9cb7fa00d5e4263e3559b0d4c5c20e74a46e0f49f889ee243bf5f0e8bfcec6dc4832fc51f5d9373ec08e313d5f54091afbae0623de11f5b4b5014b922f69460dcb4b51fcf", 0x2000, &(0x7f00000009c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)={0x10, 0x0, 0x5}, 0x0, 0x0, 0x0, 0x0})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={'\x00', 0xa8e8, 0x8, 0x2, 0x2, 0x3})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xa8f94000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000004c0)={'veth0_vlan\x00'})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
r5 = mq_open(&(0x7f0000000080)='!selin\xdb\xa1\x02\xbf\xd9l\xd7\xcd\xc0uxse\xee\x0e\xcd\xce6\xbf\xfa;\xb9-a\xb8\xef\x8de\x14\xbc\x9ej\xa1q\xa2\xa5\t\x98\x8a\x8f>\xba', 0x6e93ebbbcc088cf2, 0x0, &(0x7f0000000300)={0x0, 0x1, 0xec})
mq_timedsend(r5, 0x0, 0x0, 0x0, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000001380)='ns/cgroup\x00')
mq_timedsend(r5, 0x0, 0x0, 0x0, 0x0)

6.351005702s ago: executing program 0 (id=572):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x13)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000940)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000", 0xe)
r5 = accept$alg(r4, 0x0, 0x0)
sendmsg$alg(r5, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@assoc={0x18, 0x117, 0x4, 0xd4e5}, @op={0x18, 0x117, 0x3, 0x1}], 0x30}, 0x0)
write$binfmt_script(r5, &(0x7f0000000600), 0xfec8)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000880)={0xffffff78, 0xaeb, 0x10e57, 0x4, 0xf6, "3ce69208000000f6000200", 0x4, 0x1ff})
ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000000c0)=0xd)
r6 = accept4$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0x0, @private2}, &(0x7f0000000100)=0x1c, 0x40000)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000140)={'wlan0\x00'})
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB=',noextend'])

5.932902293s ago: executing program 1 (id=574):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$IOC_PR_PREEMPT(0xffffffffffffffff, 0x40046109, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x6)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="fc0000001900010000000000fcdbdf2500000000000000000000000000000000fe8000000002000000000000000000bb00000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000004000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000001000000000000004400050000000000000000000000000000000000000000022b0000000a000000fe8000000000000000000000000000aa0000000004"], 0xfc}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r4, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r4, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r4, &(0x7f0000007fc0), 0x800001d, 0x1c)

5.165088962s ago: executing program 0 (id=578):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x6)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="fc0000001900010000000000fcdbdf2500000000000000000000000000000000fe8000000002000000000000000000bb00000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000004000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000001000000000000004400050000000000000000000000000000000000000000022b0000000a000000fe8000000000000000000000000000aa0000000004"], 0xfc}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r3, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r3, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)

5.041325109s ago: executing program 4 (id=579):
socket$packet(0x11, 0x3, 0x300)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x803, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$unix(0x1, 0x2, 0x0)
socket(0x10, 0x3, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtaction={0x70, 0x30, 0x0, 0x0, 0x0, {0x9}, [{0x5c, 0x1, [@m_sample={0x58, 0x0, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PSAMPLE_GROUP={0x8}, @TCA_SAMPLE_RATE={0x8}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x0, 0x0, 0x0, 0x0, 0x80000}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x4}}}}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x4008085}, 0x20040000)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="9000000010000305000000000000000000000700", @ANYRES32=0x0, @ANYBLOB="996e06004d4c0700540012800800010068737200480002800500030008000000050003000500000005000300fd00000008", @ANYRES32=r0, @ANYBLOB="08000100", @ANYRES32=r1], 0x90}}, 0x0)

4.962613637s ago: executing program 4 (id=580):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$FITRIM(r0, 0xc0185879, &(0x7f0000000800)={0xffffffff, 0x0, 0x6})
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000040900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r1, &(0x7f0000000180), 0x10)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffc000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={0x0}, 0x18)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r5, 0x89f1, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r5, 0x89f3, &(0x7f0000000300)={'syztnl2\x00', 0x0})
r6 = socket$inet6(0xa, 0x3, 0x3c)
connect$inet6(r6, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @loopback, 0x8}, 0x1c)
sendmmsg$inet(r6, &(0x7f0000001040)=[{{0x0, 0x0, &(0x7f0000000f40)=[{&(0x7f0000000340)="3aae1baf930b4569b9ddef9797ffd935c7d80e6466b3e4e62dc9603583f5d4b61fbc65b6ac744d7319535e75bf552062e4cfde1ba7ce29263322e18ea9740aa82ca692f123993e57cda00d2b1f4e799bd41e3f76258180fa91a42aaa8b1ebc4e0ea8fb12f2c71e6e5bc57a8e91f254005514721d93c13c5606ae1fea7f31f558d562bd5a8dfb0b9fed873efa221fccffa847cd374c92e6cbb03e6a9de890ce323f000000abcc6c01326d588495b7c1a7db31ec4129e6336f26bb9e0b7552af3cd2d5dda1632799bbc98425c433384d8a8e4071ff39a36dfdfdf05af35a4ddd340cfecd7ec935f4ce7d3e851583ba1cf53a90a7f7bce5703de57ce93ddef7849b30a01de0637e6d5e507b801d32e582e0c2d564539ebfc84c098a23e765552767b122885fb1629e9c180be47da7931bd125b80de15aab0c56a2edf2e0483b87f5ab299dc046076203dea10ccbfc631d5bf4a87ce67004519f248f086346ce6a8a9d181789a59f81d9b7f6781daac3e229914b8b8998c15c3b6302a519331cb05995bc60b7cb872dd3b5b43331c77c5d72e21f7bd2b1a915ff3204e3f20d3a20b22d6a58155b5a4ebf6d1d1cd90c656ecada531c07ff91deb3efa91762cdecfbcc43553750f22ac5c18cc5e8b6f790c2f4e6373af9f98d10e6df49ff8e5cbcbd68e11ed0b967add11410dc2e34f08dea658eb95d4d1153b4c6093192a340eb30fcc71619888c6486746a049585d249efb96b9cace83320b8f96b40ebe3a9a788d05a053380d1026b9434df87a3a387549bcabe88684c4dbf0da9a5212f3dbc8d1dff240856691243b203d7edd4d3cc89a38a6c80fdb1229a01044af7aaecb20d5570ebf24b30bbc6dfc3f70d85cd9f0d60ebd8fedd161d199d9997a0e2d18d1c99bc7158564e0ddb4673055de196535d706d142e1dc7d404583923cb1b286cfc5418884ac7e605d93652dc48ff690894405a0b6abc3c4d0f6a16c0a95c0508bd7eeffcd1da0b17f7701448658864b429e9472edfeffbf34d6e7c78f4aa73c0", 0x2de}, {&(0x7f0000000b00)="ab29d92826349952eb8f7a2a74f535bc9739c1df57144c51a3391625b8b5354134b06ef1355506aeae96e3f097503998f375a054cf3d7de4fe53ea51518955349cdbadca60e1c65cc18dbe99369be03e492fb55fc906dc9b1477866b7882c57bb6f7f7c3ee17c420000000054a63ac58225ed0502f5ac8999e0c74a5dbb320bd54ec813e8bee6bfa5cbfb0726ac1b6ad97d802d5fae186f0768021fb965c7396854e2a3ac844a3769f8449901ba5e2b2da1ff6119aeb26ac204cfc6b54be73b6f195491ae2c0cb26b0cba61dae7a17740e8112ff188919c6e2e31a2a074863edba4a0e58b61f48eccfcc29d7f9e48a43b8cb7d3c5a1e5aa67f87538140f8d633a54bceb8b1dda2397ea147d3b26e903f608b6ab1844ea7cf630d828118bba0f0f85e2e6316ae1ed9a2a7d08a05c170cb76bf111930df0cf760f7768571afdefe82a95296cee7c010f748a97046efcc774e7d85edbd5058104fef4942fb4430da89f67d1fea33bf2acfb793a6e453a8a28cd5c4b733fc8e8f630932206960e9076c7d7fc99fce018701c50d39b811a7427a7a9fcb340c2755541f228462010ec40ba945a0febd460dad5d548f1be090f5dbaa8ae8835dc47ed2537681827f6129759272574cf58f2f33c0bb3c24fa67c327cde47a0e416573cfdcfba09771910344ed9dd4ce41af4de9c471c49f12f090934c3b32f2f4777c65b15748267223cbde856fa5a33f12cb1ea51da9ce96881d1aa6d096ed6b2319344d3c2781803a2119d9efd47b1abba3c1e6c563c1ec692da80ef66b19495b8e801d07b133f1b552ee772732a90e765b92d67f7a0cc8f15a4c6143f7", 0x254}, {&(0x7f00000006c0)="5be08105437c98b91b9455046f57b5fc090014bde2bb01000000000000001a7838d859207067c30aa7352abbdf98e9bf033a3184a11e84639d3b9164d9c5d729f3dd409d39ff041e657c8df70e1607d58986", 0x52}], 0x3, 0x0, 0x0, 0x900}}], 0x1, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000007c0)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000780)={0x0}, 0x1, 0x0, 0x0, 0x4004000}, 0x8010)

4.851766166s ago: executing program 1 (id=581):
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000280)='./file1\x00', 0x810, &(0x7f0000000340)=ANY=[@ANYRES32=0x0, @ANYRES16], 0x1, 0x256, &(0x7f0000000bc0)="$eJzs2s9rHGUYB/Bn0takqclG/EUL4ose1MvQ5OyhQVoQA4o2QhWkUzPRJeNuyCyBFaE56dWjR8/i0YMgSI9ecvEv6MFbLjn2II6ku9ZtE0sx224pn89lH3jmu/sM8zI8h91789svNtbrfL3oxVSWxdSF2IlbWSzEVPxjJ9547cpvL31w5aN3lldWLr6f0qXly4tLKaX5l3/9+KsfX7nRO/PhT/O/TMfuwid7+0t/7L6we3bvr8uft+vUrlOn20tFutbt9oprVZnW2vVGntJ7VVnUZWp36nLrrv561d3c7KeiszY3u7lV1nUqOv20UfZTr5t6W/1UfFa0OynP8zQ3GxzH6g+3mib2m1NXo2ma09/HmRsxdzNakT2TsmcvZM9fzV7cyc5+Nz3pQXlIHuj57zdNa9KD8lCMvNRnIqpvtle3Vwefg/7yerSjijLORyv+jINjMjSoL729cvF8um0hvq6uD/PXt1dPDPIxzC9GKxaOzi8O8unu/HTMjv7+UrTiuaPzS0fmZ+L1V0fyebTi90+jG1WsxUH2Tv7niEhvvbtyT/7c7esAAJ40ebrj0P5286Cf/1d/kL/ffjgTESP74T371ck4d3LSd0/d/3KjqKpySzG+4uDwPwZjTKg4dZz46eG5vM81Tx9uTcV4hn/qeN8zP6Yxxlec+P/xCb+YeCT+feiHe9kkBgIAAAAAAAAAAOCBPIo/IU76HgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgMfb3wEAAP//R7zIZg==")
renameat2(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x2)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
pwritev2(r1, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x41, 0xe7b, 0x0, 0x0)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x1, &(0x7f0000000280)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f00000003c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket(0x28, 0x5, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=ANY=[], 0xdc}}, 0x0)
connect$vsock_stream(r5, &(0x7f0000000180)={0x28, 0x0, 0x2711, @local}, 0x10)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
shutdown(r0, 0x0)
clock_gettime(0x4, &(0x7f0000000400))

3.907503957s ago: executing program 2 (id=582):
ioctl$PPPIOCGCHAN(0xffffffffffffffff, 0x80047437, 0x0)
r0 = socket$pppoe(0x18, 0x1, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x16)
ioctl$sock_inet_SIOCGIFDSTADDR(r0, 0x8917, 0x0)
r1 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_COPY(r1, 0xc028aa05, &(0x7f0000000180)={&(0x7f000012f000/0x4000)=nil, &(0x7f0000513000/0x8000)=nil, 0x4000, 0x2, 0x2})
r2 = userfaultfd(0x801)
r3 = openat$smackfs_netlabel(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$smackfs_netlabel(r3, 0x0, 0x0)
write$smackfs_netlabel(r3, 0x0, 0x6c)
write$smackfs_netlabel(r3, 0x0, 0x58)
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, 0x0)
ioctl$UFFDIO_WRITEPROTECT(r2, 0xc018aa06, 0x0)
ioctl$UFFDIO_COPY(r2, 0xc028aa03, 0x0)
connect$pppoe(r0, 0x0, 0x0)
r4 = openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$PPPIOCATTCHAN(r4, 0x40047438, 0x0)
ioctl$PPPIOCBRIDGECHAN(r4, 0x40047435, 0x0)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
ioctl$sock_inet6_SIOCADDRT(r5, 0x890b, 0x0)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)

3.906486203s ago: executing program 3 (id=583):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r3)
ptrace$getregset(0x4205, r3, 0x402, &(0x7f0000000240)={&(0x7f0000000180)=""/108, 0x6c})
r4 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000340)='/proc/sys/net/ipv4/tcp_mtu_probing\x00', 0x1, 0x0)
pwritev2(r4, &(0x7f00000001c0), 0x0, 0x0, 0x0, 0x0)

3.646096261s ago: executing program 4 (id=584):
socket$tipc(0x1e, 0x2, 0x0)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000100)='ns/user\x00')
socket$packet(0x11, 0x3, 0x300)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$kcm(0x2, 0x200000000000001, 0x106)
r1 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r3, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x1, 0x2, 0x0, 0x0, 0x9, 0x5}, {0x12, 0x2, 0x0, 0x401, 0x8001, 0x1400}, 0xa5, 0x5, 0xffffffe}}, @TCA_TBF_BURST={0x8, 0x6, 0x8057}]}}]}, 0x60}, 0x1, 0x0, 0x0, 0x40000}, 0x44080)
sendmsg$nl_route_sched(r1, 0x0, 0x4000)
sendmsg$inet(r0, &(0x7f0000000240)={&(0x7f0000000140)={0x2, 0x4001, @loopback}, 0x10, 0x0}, 0x34004000)

3.644867639s ago: executing program 0 (id=585):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$IOC_PR_PREEMPT(0xffffffffffffffff, 0x40046109, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x6)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="fc0000001900010000000000fcdbdf2500000000000000000000000000000000fe8000000002000000000000000000bb00000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000004000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000001000000000000004400050000000000000000000000000000000000000000022b0000000a000000fe8000000000000000000000000000aa0000000004"], 0xfc}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r4, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r4, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r4, &(0x7f0000007fc0), 0x800001d, 0x1c)

3.209177607s ago: executing program 1 (id=586):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeeb, 0x8031, 0xffffffffffffffff, 0xc36e5000)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, 0x0, &(0x7f0000000140))
getsockopt$inet_sctp6_SCTP_CONTEXT(r1, 0x84, 0x7d, &(0x7f0000000180)={0x0, 0x71}, 0x0)
r2 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000040)={'wlan1\x00', {0x2, 0x4e23, @rand_addr=0xfffffc13}})
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r2, 0x6, 0x21, &(0x7f0000000080)="8a924060fcf6abb6a92f040634cd9555", 0x10)
mount$tmpfs(0x0, &(0x7f0000000540)='./cgroup\x00', &(0x7f0000000040), 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="5562267cbc8f3b3047bef8d37dc76665723d72656c61746976653a30302c00"])

3.154690001s ago: executing program 1 (id=587):
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$IOC_PR_PREEMPT(0xffffffffffffffff, 0x40046109, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x6)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="fc0000001900010000000000fcdbdf2500000000000000000000000000000000fe8000000002000000000000000000bb00000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000004000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000001000000000000004400050000000000000000000000000000000000000000022b0000000a000000fe8000000000000000000000000000aa0000000004"], 0xfc}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r4, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r4, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r4, &(0x7f0000007fc0), 0x800001d, 0x1c)

3.153533764s ago: executing program 2 (id=588):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r2 = socket$qrtr(0x2a, 0x2, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8914, &(0x7f0000000000)={'wlan1\x00'})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)={0x24, r5, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x7}]}, 0x24}}, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)={0x28, r1, 0x5, 0x3, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}]}, 0x28}}, 0x0)
r8 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r8, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)}], 0x1}, 0x0)
r9 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r9, &(0x7f0000000040)={0x18, 0x0, {0x3, @random="00ff00", 'bond0\x00'}}, 0x1e)
sendmmsg(r9, &(0x7f0000002340)=[{{0x0, 0x0, 0x0}}], 0x3e8, 0x0)

3.057208659s ago: executing program 2 (id=589):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x1200004, &(0x7f0000000100), 0x1, 0x599, &(0x7f0000000540)="$eJzs3T9sG2UbAPDnznHTP/m+9JO+T/pAHSpAKlJVJ+kfKEztiqhUqQMSC0SOG1Vx4ipOoIkike4VogMC1KVsMDCCGBgQCyMrC4gZqaIRSE0HMHJ8TtPULk6I4xL/ftLZ73t39vO+d35e+053cgB962j9IY14KiIuJhHDG5YNRLbwaGO91ZWl4v2VpWIStdqlX5JIIuLeylKxuX6SPR+KiOWI+H9EfJOPOJ6uv+W+ZqG6sDg1Xi6XZrP6yNz01ZHqwuKJK9Pjk6XJ0sypF186c/b0mbGTYxube7+2sZbfWl9v/Hjz3RvfvXL75qefHVkuvj+exLkYypZt7MdOamyTfJzbNP90N4L1UNLrBrAtuSzP66n0vxiOXJb1rdQ2Dg6Du9I8oItqgxE1oE8l8h/6VPN3QP34tznt5u+PO+cbByD1uKsrS8V3ohl/oHFuIvavHZsc/DV56Mikfrx5eDcbyp60fD0iRgcGHv38J9nnb/tGd6KBdNXX5xs76tH9n66PP9Fi/Blqnjv9m5rj32o2/q22iJ9rM/5d7DDG76//9FHb+NcH4+mW8ZP1+EmL+GlEvNlh/FuvfXm23bLaxxHHonX8puTx54dHLl8pl0Ybjy1jfHXsyMvt+x9xsE38xjnb/WtfMxv7vy9rU9ph/7/49vNnlh8T//lnH7//W23/AxHxXofx/3Pvk1fbLbtzPblb/xWw1f2fRD5udxj/hXNHf8iKzhoCAAAAAAAAAMAOSteuZUvSwno5TQuFxj28/42DablSnTt+uTI/M9G45u1w5NPmlVbDjXpSr49l1+M26yc31U/lsoC5A2v1QrFSnuhx3wEAAAAAAAAAAAAAAAAAAOBJcWjT/f+/5dbu/9/8d9XAXtX+L7+BvU7+Q/96OP+TnrUD2H2+/6Fv1eQ/9C/5D/1L/kP/kv/Qv+Q/9C/5D/1L/gMAAAAAAAAAAAAAAAAAAAAAAAAAQFdcvHChPtXurywV6/WJgYX5qcpbJyZK1anC9HyxUKzMXi1MViqT5VKhWJn+q/dLKpWrozEzf21krlSdG6kuLL4xXZmfaf6naCnf9R4BAAAAAAAAAAAAAAAAAADAP8/Q2pSkhYh8o56mhULEvyLicBLJ5Svl0mhE/Dsivs/lB+v1sV43GgAAAAAAAAAAAAAAAAAAAPaY6sLi1Hi5XJrtXmEgC9XFEJ0XBrayckQs72wz6u+45Vflsw3Y4023Nwq5J+Nz+OQXejgoAQAAAAAAAAAAAAAAAABAn3pw02+nr/ijuw0CAAAAAAAAAAAAAAAAAACAvpT+nEREfTo2/NzQ5qX7ktXc2nNEvH3r0gfXxufmZsfq8++uz5/7MJt/shftBzrVzNM0Iup5DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADxQXVicGi+XS7PbLAx2sE6v+wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwHX8GAAD//xLkz18=")
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x91)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, 0x0)
socket$kcm(0x29, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x62)
r3 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000280)={0xffffffff}, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x14, 0x42, 0xa01, 0x0, 0x0, {0xa}}, 0x14}}, 0x0)

3.035494917s ago: executing program 3 (id=590):
r0 = syz_open_procfs(0x0, &(0x7f0000000280)='ns\x00')
socketpair$unix(0x1, 0x5, 0x0, 0x0)
socket(0x10, 0x3, 0x0)
ioctl$mixer_OSS_GETVERSION(r0, 0x80044d76, 0x0)
socket(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000001740)=0x6)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001780)=ANY=[@ANYBLOB], 0x128}, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x240080d0)
r4 = openat$ocfs2_control(0xffffffffffffff9c, 0x0, 0x121682, 0x0)
read$nci(r4, &(0x7f0000000100)=""/107, 0x6b)
writev(r4, &(0x7f0000000200)=[{&(0x7f0000000180)}], 0x1)
openat(r0, &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xe2342, 0x16b)

2.628491049s ago: executing program 4 (id=591):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$IOC_PR_PREEMPT(0xffffffffffffffff, 0x40046109, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x6)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="fc0000001900010000000000fcdbdf2500000000000000000000000000000000fe8000000002000000000000000000bb00000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000004000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000001000000000000004400050000000000000000000000000000000000000000022b0000000a000000fe8000000000000000000000000000aa0000000004"], 0xfc}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r4, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r4, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r4, &(0x7f0000007fc0), 0x800001d, 0x1c)

2.141890445s ago: executing program 3 (id=592):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000140)={0x73622a85, 0xa, 0x2})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000540)='./binderfs/binder0\x00', 0x0, 0x0)
syz_mount_image$nilfs2(&(0x7f0000000040), &(0x7f0000000100)='./bus\x00', 0x0, &(0x7f0000000300)=ANY=[@ANYRES32, @ANYRES64=r0, @ANYRES16=r0, @ANYRESDEC=r0, @ANYBLOB="7cf697f8de087ffae067e3978bdbda6d1d0e7dff17a16d99ceb43a95cb0f522f21c4fe8c372be0c59ee6aeb585e0885a143c9b1faf40b019585efc45bbc4a971f5b8820a", @ANYRES32, @ANYRES16=r0, @ANYRESHEX, @ANYRESHEX, @ANYRES32=r1], 0x1, 0xaf5, &(0x7f0000002ac0)="$eJzs3V2IXFcBAOAzszv7k6RmUhO7prFNrLb1p5tmd40/wSYlQTA0RXwpBF9CmtZgjGAFtRRM8uSbLSWCT1bxqS+limBfJPTJl4INFKH4UH3wwRCxIKLRZMrOnjM7czKTO7M7O7O7831w59xzz7n3nHvnzp37fwIwssr1z4WFmVIIl994+djfH/zb9OKQw40c1frneFOsEkIoxfh4Nr33xpbCm++/cLpdWApz9c8UD09eb4y7NYRwIewNV0I17L589aW35p44cfH4pX1vv3ro2trMPQAAjJavXTm0sOsvf7x3x43X7jsSJtPgxZ76/nk1DtgW9/uPxB3/tP9fjmFpcnmapab0ZCK0jjceu/J0a76xNvmay6lk+caz/Knsiaz8Sod8k+HO5Y81DWs337CRpfW4Gkrl2ZZ4uTw7u3RMHurH9ROl2fNnzz3z3JAqCvTdv+4PIext6o5eao2vt+7wisctrVWd6vsWXeSrDXvZbdTuyODKulFbMvR5HlBX2z7sLRDAkvx64W0u5GcWVqcxtfHuyr/+eLn9+NAHg17/eyp/YsjlhxEvPz9ZCau0Wf+/0nyl39G2GM+vI+T3L3X+/ZWzKbcOza9HVLqsZ6frCBvl+kKneo4NuB4r1an++XqxWX05hmk5PJalN/9+8u90o3zHQHv/yc//63S6Nesq/ZhOaIlXVjOt2pC3P8D6VYkHsumot5auj0b5fX15+mRB+lRB+nRB+paC9K0F6TDKfvO9n4QXS8vH+fkxfa/nw9N5trti+KEe65Ofj+yt/OkeS+t3+U7Rs7H87tRTZ77w9MmrS/f/lxrr/624vqfDjWr8r78SM6Tzhfl59ca9/9XWcsod8t2d1eeuNvnr/Ttb85V2Lk8nNG1nbqvHTOt42zvl29Oar5rlm47dVFbffP9kSzZe2v9I29W0vMaz+a1k8zGR1SNtV3bEMK8HrERaHzvd/5/Wz5lQKT1z9tyZR2M8rad/GKtMLg4/MOB6A6vX7fM/M6H1+Z9tjeGVcvN2Yfvy8NLSduH1OL3W4XONclqHz8d4+p/75th0ffjs6e+ce7r/sw8j7bkfPv+tU+fOnflujz2L+6O9j3WnnvnpEPo6wYH1fKUc1kM1eulJhy3rpT561l3PkDdMwJrb/6OlnYBHzn771LNnnj1zfv7gwfm5uYNfnF/YX9+v39+8d9/swhBqC/TT8p/+sGsCAAAAAAAAAAAAdOv7x49dfefNz7+79Pz/8vN/6fn/dOdvev7/x9nz//lz8uk5+PQc4I426fU82QtWJ7J8ldh9OKvvzqycXdl4H4lhox2/+Px/Ki5/r2uqzz3Z8EqHaPY6gdvelzKRtT2Ytxf48RheiuEvAwxRqf07c/L1ttP7rdO6PpWFIYSa9wNvHOl7S2tDeo9Jev677Xudmr7sHQOoI/03iMcJhz2PQHv/GKn3f/9zecaHXhdd52489VcHUt7PRnedqHXcS++2BRuA/hh2+5/pvGcKz//+q1OLXcp2/fHW7WX+/lLoxZ/eaY2v6/YnB1B+3m7foMsfxvxP9VD+ry72t/xG+3fZ9u/PcfDt27+WFvNW/ML1//782rtNxYbd3W5/8/lP74Heubwb340bsfw0Nw+F7sqv/SIrP78g1KX/ZeVv6bL82+Z/z8rK/38sP11Pe/iBbsuv13gylFvrkZ83Ttf/8vPGyc1s/tO7Pe9Q/tefbzf/K2yo8VYsH0bZRmlntlfZfkRjp33l7f9GF/rb/m+jstlmLb8P43MxnjbE6T6HiVXWP91fkf4HdmXTLxX8v2n/d2P7UgyLfg+p/d+0PlbjX35TvL4sU7zSZtlu1m0NbFTvrfX1v/l/12rr4DpH37qTa17G1NDncd13R1Y9jVce61t9amMrGK/RTtyQl2WtVlvbE2oFhlo4Q1/+wz5OGHb5w17+RdJxQX4/cJK3/5un5+3/5ul5+795+nT8hjql5+3/5sszb/83T78nm27ePvBMQfpHC9J3t09vHLbfWzD+noL0jxWk72ukH27JkdLvKxj//oL0uwvSHyhI/0RB+icL0h8sSH+4Kb25DeiU/qmC8Te79DzKqM4/jLL8+Ty/fxgd9es/TY3W57//dF3I9gE2n5++duDoyV9/o7r0/P9E43xIuo53JMYr8fjpBzGeX/cOTfHFtDdj/K9Z+no/3wGjJH9/Rv7//lBBOrBxpfu8/L5hBJWm2g+OYdF7qzrt57OxfDqGn4nhZ2P4SAxnY7g/hgdiODeg+rE2jr7+20MvlpaP97dn6d3eT17KngdqeU9UCGG+y/rk5wd6vZ89f49fr1Zb/gofBwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABiacv1zYWGmFMLlN14+9tSJs/sXhxxu5KjWP8ebYpXGeCE8GsOxGL4Se26+/8Lp5vBWDEthLpRCqTE8PHm9UdLWEMKFsDdcCdWw+/LVl96ae+LExeOX9r396qFra7cEAAAAYPP7IAAA//+P1QqK")
truncate(&(0x7f0000000080)='./file2\x00', 0x81)
r2 = openat(0xffffffffffffff9c, 0x0, 0x80122, 0x0)
fallocate(r2, 0x0, 0x0, 0xffff)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
ioctl$SIOCSIFHWADDR(r2, 0x8924, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000003a80)={0x0, 0x0, 0x0}, &(0x7f0000003ac0)=0x10)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000180)=[{0x0}], 0x1}, 0x48084)
r5 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r5, 0x84, 0x7, 0x0, &(0x7f0000002000))
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r3, 0x84, 0x6d, &(0x7f0000000080), &(0x7f00000000c0)=0x3930)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000018c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r7 = syz_open_dev$vim2m(&(0x7f0000002a80), 0x3, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r7, 0xc0d05605, &(0x7f0000000140)={0x2, @pix={0x0, 0x0, 0x50424752}})
r8 = getpid()
r9 = syz_pidfd_open(r8, 0x0)
setns(r9, 0x24020000)
umount2(&(0x7f0000000040)='.\x00', 0x2)
close_range(r6, 0xffffffffffffffff, 0x0)

2.109743485s ago: executing program 2 (id=593):
r0 = gettid()
ptrace$poke(0x5, r0, &(0x7f00000000c0), 0x2)
syz_mount_image$hfs(&(0x7f0000002c80), &(0x7f0000000080)='./file0\x00', 0x4490, &(0x7f0000002cc0)=ANY=[], 0xfd, 0x28f, &(0x7f0000002940)="$eJzs3U1rE0Ecx/HfbJImtqVuH0QQT9WCJ+nDRbwUJO/AiydRmwjFUEErqCf1LL4A730LvgCPnsSz4K0nX0BukZmdNZtkN5uGppuk3w8kbLrzn4fsbGf+KSUCcGk9qP852Tu1DyOVVJJ0Xwok1aSypGu6XntzdHx43Go2hlVUchH2YRRFmoEyB0fNtFAb5yK80L4qazn5M0xG7bc+FN0HFM/d/SkCqervTne+duE9m4zLPulNW2291UrR/QAAFMuv/4Ff55f9/j0IpC2/7Peu/zO+gLaL7sCEfc85n1j/XZbVMfb6XnWnuvmeS+HKqvigk73TtLoWc9paUDSzejaYJi+rdH0Jrjw/bDXvHrxsNQJ90r5X6RbbcM+NaOrG4pzWHn8crHrT56Yj5pfJ2s5myY2hYsewm+x/osj6ObboM+7ht6b5YX6axybUVzX+7//KHWMvk7tSYd+Vivq/nV2jG+WCXKmMUa66Rm74FkYZZUkZGYniGbXadwHDvH66qLW+qGh0OzlR66lRuzlRG/1R3dmcHTlp5ot5ZDb1V99UT+z/A/tub2mUO9OWcSX9zBg6nrIrGbrZGc/Pm6klg3FHhDF81jPd08rrd+9fPG21mq/m9sDeiYOn7AoyLT28+IN4EkxLf+b2wL7JhbQerzvj15P9q4OP5edH96KfMZBJMC/svstE+V8iX9l2mzX7FPbu06vJ2E5e5YkadzJygzX3vJidwfUwLr9ZSvnr4mCLQ3OuW3ek26O0GAl9P6fP/jhBpq5fesLn/wAAAAAAAAAAAAAAAAAAALPm/P7loKasU0WPEQAAAAAAAAAAAAAAAAAAAACAWZfy/b/VQr//96GiV3z/LzBx/wIAAP//nY5x9w==")
r1 = socket$inet6(0xa, 0x2, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
r4 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r4, &(0x7f0000000000), 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
getsockopt$sock_buf(r2, 0x1, 0x1c, 0x0, 0x0)
setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14)
mremap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2000, 0x3, &(0x7f00007fe000/0x800000)=nil)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x143142, 0x40)
write$FUSE_STATFS(r7, 0x0, 0x0)
truncate(&(0x7f0000000900)='./file1\x00', 0x3000000)

2.109191013s ago: executing program 0 (id=594):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x1000040, &(0x7f0000000380)={[{@jqfmt_vfsv1}, {@nodioread_nolock}, {@noblock_validity}, {@journal_dev={'journal_dev', 0x3d, 0x8001}}, {@auto_da_alloc}, {@nodioread_nolock}]}, 0x1, 0x599, &(0x7f0000001280)="$eJzs3T9sG2UbAPDnznHTP/m+9JO+T/pAHSpAKlJVJ+kfKEztiqhUqQMSC0SOG1Vx4ipOoIkike4VogMC1KVsMDCCGBgQCyMrC4gZqaIRSE0HMHJ8TtPULk6I4xL/ftLZ73t39vO+d35e+053cgB962j9IY14KiIuJhHDG5YNRLbwaGO91ZWl4v2VpWIStdqlX5JIIuLeylKxuX6SPR+KiOWI+H9EfJOPOJ6uv+W+ZqG6sDg1Xi6XZrP6yNz01ZHqwuKJK9Pjk6XJ0sypF186c/b0mbGTYxube7+2sZbfWl9v/Hjz3RvfvXL75qefHVkuvj+exLkYypZt7MdOamyTfJzbNP90N4L1UNLrBrAtuSzP66n0vxiOXJb1rdQ2Dg6Du9I8oItqgxE1oE8l8h/6VPN3QP34tznt5u+PO+cbByD1uKsrS8V3ohl/oHFuIvavHZsc/DV56Mikfrx5eDcbyp60fD0iRgcGHv38J9nnb/tGd6KBdNXX5xs76tH9n66PP9Fi/Blqnjv9m5rj32o2/q22iJ9rM/5d7DDG76//9FHb+NcH4+mW8ZP1+EmL+GlEvNlh/FuvfXm23bLaxxHHonX8puTx54dHLl8pl0Ybjy1jfHXsyMvt+x9xsE38xjnb/WtfMxv7vy9rU9ph/7/49vNnlh8T//lnH7//W23/AxHxXofx/3Pvk1fbLbtzPblb/xWw1f2fRD5udxj/hXNHf8iKzhoCAAAAAAAAAMAOSteuZUvSwno5TQuFxj28/42DablSnTt+uTI/M9G45u1w5NPmlVbDjXpSr49l1+M26yc31U/lsoC5A2v1QrFSnuhx3wEAAAAAAAAAAAAAAAAAAOBJcWjT/f+/5dbu/9/8d9XAXtX+L7+BvU7+Q/96OP+TnrUD2H2+/6Fv1eQ/9C/5D/1L/kP/kv/Qv+Q/9C/5D/1L/gMAAAAAAAAAAAAAAAAAAAAAAAAAQFdcvHChPtXurywV6/WJgYX5qcpbJyZK1anC9HyxUKzMXi1MViqT5VKhWJn+q/dLKpWrozEzf21krlSdG6kuLL4xXZmfaf6naCnf9R4BAAAAAAAAAAAAAAAAAADAP8/Q2pSkhYh8o56mhULEvyLicBLJ5Svl0mhE/Dsivs/lB+v1sV43GgAAAAAAAAAAAAAAAAAAAPaY6sLi1Hi5XJrtXmEgC9XFEJ0XBrayckQs72wz6u+45Vflsw3Y4023Nwq5J+Nz+OQXejgoAQAAAAAAAAAAAAAAAABAn3pw02+nr/ijuw0CAAAAAAAAAAAAAAAAAACAvpT+nEREfTo2/NzQ5qX7ktXc2nNEvH3r0gfXxufmZsfq8++uz5/7MJt/shftBzrVzNM0Iup5DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADxQXVicGi+XS7PbLAx2sE6v+wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwHX8GAAD//xLkz18=")
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1d3142, 0x0)
socket$alg(0x26, 0x5, 0x0)
write$UHID_INPUT(0xffffffffffffffff, &(0x7f00000007c0)={0x8, {"dc5d3b0169633d3eba3eabbc09167be55101d4af4b22a373236464d2dbfaa84399b77bd438a54364a7ebc5bdaab4f9decb7c044318cd59a0af8279bcab35dd7daf7a0ceb381df2c32eff45b13e2c8f40e1895355bf6f165200cb1ca41a155730ee2e9f83183f9fafe029d0401b0770618254a8b2dc87b630072b1e2de160d1afed51b74c14b71ec1b226a324482d14ad586b1a4ce80e458fe45244c01eddeddf3564af838d6d5324f8a77023d6eb7aa14397a0e1413ea1c3dfdf063a35b709e627f36fe403ee3117365be5017682f53595f28543062c740a94a794312f5cebc315044b8ea000a5d0f27812ab0ce149d11e6f6f7620c5f3e250bf67d13a1ca39dbb7b8b5a31e3d7ba7ebe5849a7a09b61fc9f2cfc54b89e9cd0105bca49483ce55e0187ce2ad692a18219d881057c838587b915337169ee054655f26a04df913a658fccbf4def6aad750ca4796b74d322c67e9d4ee6a530a22dcc35db850b424d6ec9f62495b9f9fd2b000feadd57d26dbd505798c208d91eb0aab0fd97537631b8bf81ce0e2241c4272be4ff69b390e4485d574146b76d1fdbf7fc5334906805534cdae1e47240af7761a18fc8bd0a694be47529da98bc0f98eb7db3fc4a74cbb6e486f4de90fbf2452e72c2e1dca44543ad9ad094b8bc861eef1e814662d0b350339e3a510d459c6f83aabd5fd3dcb38224056d761e7df9b482b9905f1e2135c1929be328ecdb69c007a3efd548502c83106f6df1ab1178fac499eda92ad4373155227ec2df150c919d322ecb3ea37e659285f18a3e2f79b59900ca438df3a1381380a12d3ad7678e0a8d3bdfb40651389b4ac8c66138d442d70eafdc2df8b080028006b124e4ebe0d9883ef100f1934e42794146382c1d628fd2ebe5859b6c243824903d056d800975675bb1913142adbc039a9c68c2f146a0e8903447313f5e5549905f397a9b1f21a93b80c4d04a8ea7a29a50fbc5407a9305bba420edf898ea678d6879489c39692c99bb6dacf61f5f97637b94c1031d635b5423b38b9196fafaaf87b2796eadc21466af5a10281e6a808748969d29efb444c99a4cb2111732a792dbca4376a125a68f7cdac065cc6173dc21caafba48c742d9a7df2f771ff2f5725b22c247d4e0c6106f9f5f6929b69929ab37e9a9b326ce618bb702b883b12026f1300f21f2c7440cac8c5f1210a78aa067211d2827f5dcc7578252c2ccc3f67bab9d1bb6939b21b550788ef550acfed4bf50c0b4fb3ca4d2872ee64f95d611a317d9daaf373a10d868680b2226396c95fa2b0ab4d6fce06c3b42cb97d17a7b5089061537fdeb1a53040869f7befca330358fdba86754fc2e46c2113e1484cb37534af8f0408a7ee313778dab49f08229964298f847ea66c4ec319f64b6a12da585bc59e82e0263c507b397d3efee3b4066f4d25566aa1549f6185f6375f84b65fa8945148b90430c86a5b6fdf58d5c812b98d9dc621fd9a3d9f1a577495356516d1cbcf5e8bb8923b54b247225b9c3892b18a9e137f3620c734052af9dc8f1ea36f0d4592d5ee32e35676a84dc891f97456f2ac3a4ab58a42bcdc221a4ac8bb28d428add2fcbe5b110a8afd5d23b31e827bd16167b2d88cae024afc04a722ac0b4d45c52512e6b6f102aac4be21bc89ce246539048370553665b0a4336a6db99d0d19399be6437bf21419304331b4342b2c1db580f0c9bf681fdb8e9fa3e025454197bbc82ef93ee2f385660818ec5127080675a8013766469afe3b1e36e81bf2f04c3a26eaf4517551e734d21ba3bc90e48aea0891792970c39f3f528397e9b7ae190f1760fe5960dc763ee0a17939c60bfcac0a8914be82c749e4fe85d1ac5fa733413468fb8941085e8c4d6e0b6d1e62e20da58440facd640ddbb6c1f694b3ca48757a34c5a11668368711a1d4f3a81d31ac30d71277d7ae77882b6841cfa6289e6cce84a3ad57eeb328f831888ac7d3cfcd3a472a48d903f20cec8c8ae8d0bea04ebf7413ef7693f8ed876e49bd5f89d7e1078208ff62712e330fc0341b9ccf26845578d44b1e0c66d1bebc14742baedfabb8e9a2c8f42730360c72997efe0ce786ff330c2eb6e0ff20896f813c2a515ce76f826c11a1c1588eb369231ddeb4a2f9f9591ecdecc74d20aeb50047beb3ab89a9e4e1b805a20b645c79d0bc5d0247fab8ba46a97a07630b1f1cb69b42b568af746733d2c581f057873d64fe6e659b00b4a26745f5fba1fe7406a86b007936c7cfdac53a4c5b0ea9f6604863c8e3f174eddbb09175f6e13cda9a860cf400ef9ed02b895502ac6e6de6a658249c3c6e8a653517eae2231e56e0f120547923c6549ebc1ed14c623637ce3d96af5c93a32e58e2d9659d8b5b145888b52d9a5b5cb3cdf594eb137bcef2ba068cfd2c6ccf7ab6e5b4ec55e9197bfb91c9b8729f7b50cf0b0326f7ea3e712c77674d48545ca2a86744c3c38f149d69cf811beacf7e5f49c7bfba20f1dcf3d7bc0b9c796016820a46495d244c9606a06fe2e14233eda78d69ae4523ad7b708b0c7ead44d7fd376fed60e3cc2ee25e9600adfbe87ac7c8fb8269aec9459602af0f420becda6120ce7d9626c65ae7f860639e8bf664eb4301ec18add0e436c0356c12ab6b4ca35da2b43c4a8c239fd0b59a2ce94843cdfa1667053165053633b062844dbb0d00070fde74fa3178eb5f1f5fd02e2088d8690379f39ab22c080cdcb29d700bac74fabd8a356fe99afe83a5d99aa5024e9158a299eda6c99b6701e64f1d68e7e2c0c6e88396bb535a02d0948f0a250a6e090041c96d9c9acd6134d44d516fd1010c39e572b86b05bb1326a2a4f23f11181186f9c2a01dc7b58c0129f4b851ca9b1e3dc35db7364e29ef646211796b1651511e041345abce427fa5d6e48b8fb078c8432061a4cc518a8f2a2caf709a5c1473a62112a6650afc64eec12f8f9c08cff1b6fbf7a1209fc8661f62303b7c5d49c1d0b32a9f37e81ed9ab6193816d40995ed49c10b9f5752e04d57535a3d16f06c65d32846c31ec9787ec4a965679eb804e86b45d007f38d8104550770dc6f313bc846e43a14a8c21d0628c744e3e83cb998d1b7acfe996541a8c03852dadf9326444c582b481cae844e4f3fe3d638903b38f24633b63adbad841ac6c4c1169d781a0e271e8a967b1c7e986fcb3a66168e86e3559a44fcfa92452260491da9397659af60453f4cd4be2d15439445ec2b4366a79d3283da912d9d499df1242bd174edc235848caa21d2c997aff0e95c7e5cc0803c90fab84e7be7b37909d0e2f3bc9974e3388acb6800baba183ecc8eea8c71c0d65d669e41f99ceae523b7a6b772f3b8ebba1d2127ccc3ddb7ddcb4ec73cbdc26fc87c3848e258a0b5484d3a13e40ec4e4a65dd92f09e9fe1e3e2f8b96c4e363aa3683860dee62dfcf8823ee4a3593a092e0bd9c4cedacf44a272faa164447b01f46a7795642a40c61b0034a37f0e9b792428a0ddcd144fe8263088eaac8016f8f1cd30b55ac90a8f10d785b7570dd9e639a4a068d3fe98a420b9f72e79de817f676c2a224300d749571ad43f49d1fbe838f4566bc7b5f104c384ad87189213152b644d9fcbdf98bafeee569d640ce9045779f1d90024c023a7480a358dee276fba139c14b4fdb12885240903d0e61dc161659a68f62c92b899007e0f2b65bf0a069e9e57c9b6ae50a3b30dd1003fb0eead73ae2f6010b3b356b4060579a4f29935e1f00c01d12e5f44e8e3163d81dfef7ca8560604240c7e96e4454c6971614df306c768121abb3f628e3f1d2d026f58d1087334c5bdb74d7c949b0ee66a4531ba4e9b922aee3d0f802ed034734507a5913c52966f1f8bd4577840de0253aabc23299dced2a299859c07af9fb0f9c29b6533b9d84d471390d59ab315f5ddb226f6b8dd7889295f0fb1f7bd1adafe4cc520a1e84bf2a59d5b9795aeafc8d6fd66a8228aba8653b98622617ddfeb5d6795c9bd2f35d4a0c386e862675a50e3314c3fbb17aca151c13c7fc8b1d1b72ed0a958537b5ddc9e74bddc2b9571ec3f2b7775b125338d4852a75a63941564c65bb36dfb6bea4aab1ae7a4f285c2177aa98406eb2cc10934aa92d5a9612d4455c84ad200841d289b5c2d5deab0d8e2459598ef183d3dc47f6bad0b9513710600cfa4d69fcd5763cdcc4f2c2b7cd7d4491fd52f4aec82ce846c0988f6f0123e21e900d39c61085e68c9badc350b44004f6c042d64b0d0cbf91ad0592b198f1eeea1e52200bc8e6d62848d6884b10bdde72466039da488be6b340c23148f666f2fe6e032c07dac43586df182aca9116f4600313fa8375c76337ba86bdc391dae6450218f58f047ced64befc6bb5c2a60024669630a6279fedf2fe45e7e19ce582ad96ae0d023eb9b39f5f1e006e73bb038ae38157275be5eb3e7cbc8b05adf53e817646bdc2cfce98e5d162bf7faaca787db8717ab8b27b9e35609c5fb9fe9def07f010df8b43cf5c96851eadfdeff0b7bc5826e7e15490ae9c3d14166ee81bef007070e7981235a673804ad89943ee6b51ac63364f7870e121e6ff23a0c7d179527cd58dd7a4ca37247c2bd9efc79b720bb1ee2d39862e98cb81e93cf5b48d5d02ee8ac737ab504c867a1c49e678300803c94fbe978dea918a1e71b9791ee1e4d30056e86c26a4675a8b090be2365c0b451a13ece52a89a7057fe2052e11c6666eb916d823ea66bf217c320acba3b714910734b2d27c2fa586bd7f7664b0d1422adabad2ce2afc10270057f11940fac1a51d023ce48bd04ea39b7f99381b239fd0ddeea0dce7863ec1f8f61775013b6414ecf86e686a340a3148f87a9d7d48a1f2da53436d16fc88d6a4e7c3d55e0dd004cbecc15a5558eb705d82aacb1862ddc251dd5d9cbf1d78f97900ce6e8dab0ea678cb823bd1e7bbd1e927841af08f5427878c19f4f322228f9b36287fc13e7c1293ea875ae73815e052d6c2ebc40df8f7b9d1f76e0b10e35aa160944983d8e6b790df0d9b13f3460657336d81f7d83c0350324b930ec9c7557ce12887f76372e126f504b0980fea27f31a780c05187b9b5353dafc6b101543b24332b96e15bc26b19062e52fa9f86d260ee3a3bc92a133e328407bb85357ee5c45cb87228f44888b14941b5911b050e9319fe88033f830a8490917a9c0572ebbc5492b4e1083a2e3d77215a34abef947b5b9a950e780662de18873e55899c92db3ad3d437e8407890afa6b0c04ef861b8bc85fbbe1bb67b3d9ef001409f84b8ec4f01d861cecc143a805b981ab5cf5b605057b63cb2c84ec358e510a69cd8c33a8a62fe4680d0c980145cc709157832bfaef261cb0466c237376ca2944ce9affffd4b1dc7cc9511da0b34bffb9ac216fb8cf7c6572d95627787720d1ba67c6512fcdb16f6329e9668681c404efebad559f81f05971b5efb6b4cca97ad0346753cc0a40a877242d8a808c602b03dc962cee38e646cb18abb079c70d357c30738a70f55cd3c5956a83a1bfcd6649dd765f16bfe968066345df7380bbc0c16b3b5af513d6458c791343952f33a051c5d711c1f35af1b47f3db9bbfb5c7c636b3a2b52805d606479879be0b404a28ade5649a3185e0f85a85fc15cd824671c2befdd0da509597c87d869f0bd7ad163ad93ca28fc0c4025eccaafe385ec3fc06c54ebcd7b07b6c7e0197c5b9ef886159a1585ae45248f865be760db6f5bc8f868fc6aefd04e34ecb51159e4cdcc2214b42b1ca9caec13ba3e1b2e7a3c736977b226213d265c2873195122a9b448088c8b50edd549be41c38ab176807b75e7267f86e4", 0x1000}}, 0x1006)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, &(0x7f0000000400)=0x1, 0x4)
socket$inet6(0xa, 0x3, 0x7f)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="fc0000001900010000000000fcdbdf2500000000000000000000000000000000fe8000000002000000000000000000bb00000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000004000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000001000000000000004400050000000000000000000000000000000000000000022b0000000a000000fe8000000000000000000000000000aa0000000004"], 0xfc}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
bind$inet(r4, &(0x7f0000000100)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xb}}, 0x10)
setsockopt$sock_int(r4, 0x1, 0x6, &(0x7f0000000000)=0x4, 0x4)
connect$inet(r4, &(0x7f0000000280)={0x2, 0x0, @broadcast}, 0x10)
sendmmsg$inet(r4, &(0x7f0000004d00)=[{{0x0, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x30000}}], 0x300, 0xf00)

2.012346125s ago: executing program 1 (id=595):
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000001380)='./file2\x00', 0x0, &(0x7f00000000c0)=ANY=[@ANYRES16=0x0, @ANYRES64=0x0, @ANYRESOCT], 0x11, 0x1256, &(0x7f0000003680)="$eJzs3E9rXFUYB+B3plNnOjV/1FptF3rQjauhycKVIEFSkAwotRFaQZiSiQ65zoTMGBgRY1duXfoZxKU7RfwC2boX3GUjrrIQrzh3apJ2qk0jmVKfZ3Nf7rm/e84hl8Ad7jl7r3350cZ6v7HeGkS5VIryZkTaT5GiHHe8sFIcb9xcWWo2l6+ldHXp+sKrKaXZF39479NvXvpxcP7db2e/q8bu/Pt7vy7+sntx99LeH9c/7PRTp5+6vUFqpVu93qB1K2untU5/o5HS21m71W+nTrff3jrSvp71NjeHqdVdm6lvbrX7/dTqDtNGe5gGvTTYGqbWB61ONzUajTRTD+7r7L9fsvr1fp5/H5HnZ+OJyPM8L0U9SvFkzMRsfB4RT8XT8UxciGfjYjwXz8el0VWnMXwAAAAAAAAAAAAAAAAAAAD4/9gfreY/WP9/Lupxfrz+fy7mJ67/PzPtQQMAAAAAAAAAAAAAAAAAAMBj5p0bN1eWms3laynVIrIvtle3V4tj0b60Hp3Ioh1XYi5+j9EeAYWivvpmc/lKGjkTETvj/M726pmI6riTv/ILo+0ExvnK6PSd/EKRT3E7O5SvRr3ovxYR7ViMubhwqP/aQX5xYr4Wr7x8aPyNmMt3InqRxdqo74P8ZwspvfFW86785dF1AAAA8DhopL/NH33/LXb5azTu117kj/H7wF3v15W4XJnu3InoDz/ZaGVZe+toUbvnzNSK6qMxjOMU5ZPEqzGp6eeIyMpHmr76KeK/GHOp9BD3+bj0j8/P6RSloqiNn+WT3DCimFDpUXh+jl3cPtHcJxfT+5/E6Tn4o9/TVDk3lREBAAAAAAAAAADwIB7ke8Df4qG/IqzEhC/LXp/OVAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgT3bgWAAAAABAmL91Gh0bAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMFQAAAD//3MPuIc=")
openat$sw_sync_info(0xffffffffffffff9c, &(0x7f0000000000), 0x181b40, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000009780)={0x2020, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}, 0x2020)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, 0x0, 0x0)
write$FUSE_IOCTL(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_bt_hci(r4, 0x400448c9, 0x0)
sched_getattr(r3, &(0x7f0000000c00)={0x38}, 0x38, 0x0)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, &(0x7f0000000040)="e5", 0xffffffe4, 0x0, 0x0, 0x0)
unshare(0x40020000)
truncate(&(0x7f0000000100)='./file2\x00', 0x8ffe5)

1.99814466s ago: executing program 3 (id=596):
r0 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
socket$nl_route(0x10, 0x3, 0x0)
setsockopt$inet_sctp_SCTP_AUTOCLOSE(0xffffffffffffffff, 0x84, 0x4, &(0x7f0000000080)=0x10000, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
mkdirat(0xffffffffffffff9c, 0x0, 0x120)
madvise(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x15)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
r3 = dup(r2)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000100)=[@in6={0xa, 0x4e24, 0x6, @empty}], 0x1c)
sendmsg$inet6(r2, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x4048043)
r4 = dup(r2)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f0000000000)='ip6gretap0\x00', 0x10)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e22, @empty}}, 0x8003, 0x1, 0xe652, 0x2, 0x4, 0x8, 0xff}, 0x9c)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000200)={0x0, @in6={{0xa, 0xce20, 0x6, @empty, 0x2d}}, 0x7, 0x1, 0xf06, 0x3, 0xb4, 0x7f, 0x9}, 0x9c)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in6={{0xa, 0x4e60, 0xeffffff2, @empty, 0x5}}, 0x10001fc, 0x6, 0xffff1896, 0x3, 0x26, 0xffffffb9, 0x1a}, 0x9c)

1.151222027s ago: executing program 4 (id=597):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeeb, 0x8031, 0xffffffffffffffff, 0xc36e5000)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, 0x0, &(0x7f0000000140))
getsockopt$inet_sctp6_SCTP_CONTEXT(r1, 0x84, 0x7d, &(0x7f0000000180)={0x0, 0x71}, 0x0)
r2 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000040)={'wlan1\x00', {0x2, 0x4e23, @rand_addr=0xfffffc13}})
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r2, 0x6, 0x21, &(0x7f0000000080)="8a924060fcf6abb6a92f040634cd9555", 0x10)
mount$tmpfs(0x0, &(0x7f0000000540)='./cgroup\x00', &(0x7f0000000040), 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="5562267cbc8f3b3047bef8d37dc76665723d72656c61746976653a30302c00"])

1.096762363s ago: executing program 3 (id=598):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sched_setscheduler(0x0, 0x2, 0x0)
socket$inet(0x2, 0x3, 0x6)
r4 = socket$inet(0x2, 0x1, 0x0)
setsockopt$sock_int(r4, 0x1, 0x2, &(0x7f0000000040)=0x7f, 0x4)
bind$inet(r4, &(0x7f0000e15000)={0x2, 0x4e20, @multicast2}, 0x10)
r5 = socket$inet(0x2, 0x1, 0x0)
setsockopt$sock_int(r5, 0x1, 0x2, &(0x7f0000000040)=0x7f, 0x4)
bind$inet(r5, &(0x7f0000e15000)={0x2, 0x4e20, @multicast2}, 0x10)
listen(r5, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x727c45cd4283345, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1a, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
listen(r4, 0x0)

1.031822497s ago: executing program 2 (id=599):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r2 = socket$qrtr(0x2a, 0x2, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8914, &(0x7f0000000000)={'wlan1\x00'})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)={0x24, r5, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x7}]}, 0x24}}, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)={0x28, r1, 0x5, 0x3, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}]}, 0x28}}, 0x0)
r8 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r8, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="2e00000010008188e6b62aa73772cc9f1ba1f848480000", 0x17}], 0x1}, 0x0)
r9 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r9, &(0x7f0000000040)={0x18, 0x0, {0x3, @random="00ff00", 'bond0\x00'}}, 0x1e)
sendmmsg(r9, &(0x7f0000002340)=[{{0x0, 0x0, 0x0}}], 0x3e8, 0x0)

1.030748736s ago: executing program 4 (id=600):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r3)
ptrace$getregset(0x4205, r3, 0x402, &(0x7f0000000240)={&(0x7f0000000180)=""/108, 0x6c})
r4 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000340)='/proc/sys/net/ipv4/tcp_mtu_probing\x00', 0x1, 0x0)
pwritev2(r4, &(0x7f00000001c0), 0x0, 0x0, 0x0, 0x0)

25.324991ms ago: executing program 3 (id=601):
socket$tipc(0x1e, 0x2, 0x0)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000100)='ns/user\x00')
socket$packet(0x11, 0x3, 0x300)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$kcm(0x2, 0x200000000000001, 0x106)
r1 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r3, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x1, 0x2, 0x0, 0x0, 0x9, 0x5}, {0x12, 0x2, 0x0, 0x401, 0x8001, 0x1400}, 0xa5, 0x5, 0xffffffe}}, @TCA_TBF_BURST={0x8, 0x6, 0x8057}]}}]}, 0x60}, 0x1, 0x0, 0x0, 0x40000}, 0x44080)
sendmsg$nl_route_sched(r1, 0x0, 0x4000)
sendmsg$inet(r0, &(0x7f0000000240)={&(0x7f0000000140)={0x2, 0x4001, @loopback}, 0x10, 0x0}, 0x34004000)

0s ago: executing program 2 (id=602):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
r3 = add_key$keyring(&(0x7f0000000000), &(0x7f00000002c0)={'syz', 0x1}, 0x0, 0x0, r2)
r4 = add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, r3)
r5 = add_key$keyring(&(0x7f0000000280), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, r4)
r6 = add_key$keyring(&(0x7f0000000300), &(0x7f0000000340)={'syz', 0x0}, 0x0, 0x0, r5)
r7 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000100)={'syz', 0x0}, 0x0, 0x0, r6)
add_key$keyring(&(0x7f0000000140), &(0x7f00000001c0)={'syz', 0x3}, 0x0, 0x0, r7)
r8 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
add_key$user(&(0x7f0000000040), &(0x7f0000000000)={'syz', 0x3}, &(0x7f0000000200)="f1", 0x1, r8)
request_key(&(0x7f0000000080)='user\x00', &(0x7f0000000140)={'syz', 0x3}, 0x0, r8)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.1.18' (ED25519) to the list of known hosts.
[   31.067578][ T6539] cgroup: Unknown subsys name 'net'
[   31.227570][ T6539] cgroup: Unknown subsys name 'cpuset'
[   31.229549][ T6539] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   31.405578][ T6539] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k SS
[   33.527344][ T6552] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   33.527630][ T6552] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   33.535596][ T6555] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   33.538196][ T6556] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   33.538272][ T6556] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   33.538427][ T6556] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   33.541306][ T6562] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   33.541648][ T6561] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   33.542631][ T6561] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   33.543607][ T6561] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   33.543767][ T6561] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   33.547249][ T6561] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   33.547466][ T6561] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   33.547739][ T6561] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   33.550528][ T6143] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   33.550697][ T6143] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   33.554137][ T6143] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   33.555726][ T6552] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   33.555783][ T6562] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   33.557525][ T6562] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   33.557880][ T6562] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   33.558212][ T6562] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   33.558456][ T6562] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   33.565488][ T6555] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   33.567327][ T6555] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   33.703951][ T6554] chnl_net:caif_netlink_parms(): no params data found
[   33.777523][ T6563] chnl_net:caif_netlink_parms(): no params data found
[   33.790291][ T6554] bridge0: port 1(bridge_slave_0) entered blocking state
[   33.791749][ T6554] bridge0: port 1(bridge_slave_0) entered disabled state
[   33.793229][ T6554] bridge_slave_0: entered allmulticast mode
[   33.794969][ T6554] bridge_slave_0: entered promiscuous mode
[   33.798902][ T6554] bridge0: port 2(bridge_slave_1) entered blocking state
[   33.800105][ T6554] bridge0: port 2(bridge_slave_1) entered disabled state
[   33.801382][ T6554] bridge_slave_1: entered allmulticast mode
[   33.802777][ T6554] bridge_slave_1: entered promiscuous mode
[   33.813160][ T6554] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   33.824856][ T6549] chnl_net:caif_netlink_parms(): no params data found
[   33.836665][ T6554] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   33.836868][ T6550] chnl_net:caif_netlink_parms(): no params data found
[   33.843548][ T6558] chnl_net:caif_netlink_parms(): no params data found
[   33.868397][ T6563] bridge0: port 1(bridge_slave_0) entered blocking state
[   33.868478][ T6563] bridge0: port 1(bridge_slave_0) entered disabled state
[   33.868567][ T6563] bridge_slave_0: entered allmulticast mode
[   33.868985][ T6563] bridge_slave_0: entered promiscuous mode
[   33.869980][ T6563] bridge0: port 2(bridge_slave_1) entered blocking state
[   33.869998][ T6563] bridge0: port 2(bridge_slave_1) entered disabled state
[   33.870057][ T6563] bridge_slave_1: entered allmulticast mode
[   33.870446][ T6563] bridge_slave_1: entered promiscuous mode
[   33.885567][ T6554] team0: Port device team_slave_0 added
[   33.895521][ T6563] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   33.897357][ T6563] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   33.903862][ T6554] team0: Port device team_slave_1 added
[   33.932972][ T6563] team0: Port device team_slave_0 added
[   33.934913][ T6563] team0: Port device team_slave_1 added
[   33.936308][ T6549] bridge0: port 1(bridge_slave_0) entered blocking state
[   33.937471][ T6549] bridge0: port 1(bridge_slave_0) entered disabled state
[   33.938714][ T6549] bridge_slave_0: entered allmulticast mode
[   33.940105][ T6549] bridge_slave_0: entered promiscuous mode
[   33.942126][ T6554] batman_adv: batadv0: Adding interface: batadv_slave_0
[   33.942148][ T6554] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   33.942160][ T6554] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   33.943137][ T6554] batman_adv: batadv0: Adding interface: batadv_slave_1
[   33.943146][ T6554] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   33.943156][ T6554] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   33.954617][ T6550] bridge0: port 1(bridge_slave_0) entered blocking state
[   33.954664][ T6550] bridge0: port 1(bridge_slave_0) entered disabled state
[   33.954735][ T6550] bridge_slave_0: entered allmulticast mode
[   33.955166][ T6550] bridge_slave_0: entered promiscuous mode
[   33.957045][ T6550] bridge0: port 2(bridge_slave_1) entered blocking state
[   33.957082][ T6550] bridge0: port 2(bridge_slave_1) entered disabled state
[   33.957151][ T6550] bridge_slave_1: entered allmulticast mode
[   33.957589][ T6550] bridge_slave_1: entered promiscuous mode
[   33.962667][ T6558] bridge0: port 1(bridge_slave_0) entered blocking state
[   33.962702][ T6558] bridge0: port 1(bridge_slave_0) entered disabled state
[   33.962752][ T6558] bridge_slave_0: entered allmulticast mode
[   33.963189][ T6558] bridge_slave_0: entered promiscuous mode
[   33.963975][ T6558] bridge0: port 2(bridge_slave_1) entered blocking state
[   33.963994][ T6558] bridge0: port 2(bridge_slave_1) entered disabled state
[   33.964066][ T6558] bridge_slave_1: entered allmulticast mode
[   33.964611][ T6558] bridge_slave_1: entered promiscuous mode
[   33.974781][ T6549] bridge0: port 2(bridge_slave_1) entered blocking state
[   33.976091][ T6549] bridge0: port 2(bridge_slave_1) entered disabled state
[   33.977284][ T6549] bridge_slave_1: entered allmulticast mode
[   33.978697][ T6549] bridge_slave_1: entered promiscuous mode
[   33.992112][ T6550] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   33.999674][ T6563] batman_adv: batadv0: Adding interface: batadv_slave_0
[   34.000933][ T6563] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   34.000978][ T6563] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   34.011255][ T6554] hsr_slave_0: entered promiscuous mode
[   34.011611][ T6554] hsr_slave_1: entered promiscuous mode
[   34.013293][ T6550] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   34.017883][ T6558] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   34.020111][ T6563] batman_adv: batadv0: Adding interface: batadv_slave_1
[   34.020135][ T6563] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   34.020149][ T6563] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   34.029255][ T6549] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   34.035102][ T6550] team0: Port device team_slave_0 added
[   34.037546][ T6558] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   34.045391][ T6563] hsr_slave_0: entered promiscuous mode
[   34.046735][ T6563] hsr_slave_1: entered promiscuous mode
[   34.048007][ T6563] debugfs: 'hsr0' already exists in 'hsr'
[   34.049062][ T6563] Cannot create hsr debugfs directory
[   34.051374][ T6549] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   34.055354][ T6550] team0: Port device team_slave_1 added
[   34.067817][ T6558] team0: Port device team_slave_0 added
[   34.082587][ T6558] team0: Port device team_slave_1 added
[   34.084260][ T6549] team0: Port device team_slave_0 added
[   34.085389][ T6549] team0: Port device team_slave_1 added
[   34.087240][ T6550] batman_adv: batadv0: Adding interface: batadv_slave_0
[   34.088411][ T6550] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   34.092429][ T6550] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   34.103977][ T6550] batman_adv: batadv0: Adding interface: batadv_slave_1
[   34.104003][ T6550] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   34.104016][ T6550] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   34.125773][ T6558] batman_adv: batadv0: Adding interface: batadv_slave_0
[   34.125801][ T6558] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   34.125814][ T6558] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   34.127324][ T6558] batman_adv: batadv0: Adding interface: batadv_slave_1
[   34.127337][ T6558] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   34.127348][ T6558] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   34.139914][ T6549] batman_adv: batadv0: Adding interface: batadv_slave_0
[   34.139935][ T6549] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   34.139956][ T6549] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   34.160970][ T6549] batman_adv: batadv0: Adding interface: batadv_slave_1
[   34.162032][ T6549] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   34.166005][ T6549] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   34.177609][ T6550] hsr_slave_0: entered promiscuous mode
[   34.177929][ T6550] hsr_slave_1: entered promiscuous mode
[   34.178138][ T6550] debugfs: 'hsr0' already exists in 'hsr'
[   34.178148][ T6550] Cannot create hsr debugfs directory
[   34.197688][ T6549] hsr_slave_0: entered promiscuous mode
[   34.199268][ T6549] hsr_slave_1: entered promiscuous mode
[   34.200428][ T6549] debugfs: 'hsr0' already exists in 'hsr'
[   34.201377][ T6549] Cannot create hsr debugfs directory
[   34.203645][ T6558] hsr_slave_0: entered promiscuous mode
[   34.203958][ T6558] hsr_slave_1: entered promiscuous mode
[   34.204136][ T6558] debugfs: 'hsr0' already exists in 'hsr'
[   34.204145][ T6558] Cannot create hsr debugfs directory
[   34.279088][ T6554] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   34.283212][ T6554] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   34.300799][ T6554] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   34.303746][ T6554] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   34.337353][ T6563] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   34.341736][ T6563] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   34.343851][ T6563] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   34.347598][ T6554] bridge0: port 2(bridge_slave_1) entered blocking state
[   34.347654][ T6554] bridge0: port 2(bridge_slave_1) entered forwarding state
[   34.347822][ T6554] bridge0: port 1(bridge_slave_0) entered blocking state
[   34.347846][ T6554] bridge0: port 1(bridge_slave_0) entered forwarding state
[   34.352634][ T6563] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   34.376791][ T6549] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   34.379091][ T6549] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   34.382695][ T6549] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   34.385424][ T6549] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   34.390425][ T6563] bridge0: port 2(bridge_slave_1) entered blocking state
[   34.390466][ T6563] bridge0: port 2(bridge_slave_1) entered forwarding state
[   34.390528][ T6563] bridge0: port 1(bridge_slave_0) entered blocking state
[   34.390553][ T6563] bridge0: port 1(bridge_slave_0) entered forwarding state
[   34.403685][ T6554] 8021q: adding VLAN 0 to HW filter on device bond0
[   34.414317][  T281] bridge0: port 1(bridge_slave_0) entered disabled state
[   34.415706][  T281] bridge0: port 2(bridge_slave_1) entered disabled state
[   34.418574][  T281] bridge0: port 1(bridge_slave_0) entered disabled state
[   34.419686][  T281] bridge0: port 2(bridge_slave_1) entered disabled state
[   34.430484][ T6550] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   34.437334][ T6554] 8021q: adding VLAN 0 to HW filter on device team0
[   34.447281][ T6550] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   34.449662][ T6550] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   34.451845][ T6550] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   34.470631][   T42] bridge0: port 1(bridge_slave_0) entered blocking state
[   34.470679][   T42] bridge0: port 1(bridge_slave_0) entered forwarding state
[   34.471027][   T42] bridge0: port 2(bridge_slave_1) entered blocking state
[   34.471043][   T42] bridge0: port 2(bridge_slave_1) entered forwarding state
[   34.481249][ T6563] 8021q: adding VLAN 0 to HW filter on device bond0
[   34.485111][ T6563] 8021q: adding VLAN 0 to HW filter on device team0
[   34.489805][ T6558] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   34.493824][  T281] bridge0: port 1(bridge_slave_0) entered blocking state
[   34.493868][  T281] bridge0: port 1(bridge_slave_0) entered forwarding state
[   34.495662][ T6558] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   34.497427][ T6558] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   34.508504][ T6558] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   34.515775][  T281] bridge0: port 2(bridge_slave_1) entered blocking state
[   34.515817][  T281] bridge0: port 2(bridge_slave_1) entered forwarding state
[   34.545158][ T6549] 8021q: adding VLAN 0 to HW filter on device bond0
[   34.558377][ T6550] 8021q: adding VLAN 0 to HW filter on device bond0
[   34.574234][ T6550] 8021q: adding VLAN 0 to HW filter on device team0
[   34.583361][ T6549] 8021q: adding VLAN 0 to HW filter on device team0
[   34.589753][   T41] bridge0: port 1(bridge_slave_0) entered blocking state
[   34.589797][   T41] bridge0: port 1(bridge_slave_0) entered forwarding state
[   34.590142][   T41] bridge0: port 2(bridge_slave_1) entered blocking state
[   34.590161][   T41] bridge0: port 2(bridge_slave_1) entered forwarding state
[   34.594812][   T42] bridge0: port 1(bridge_slave_0) entered blocking state
[   34.594862][   T42] bridge0: port 1(bridge_slave_0) entered forwarding state
[   34.602037][   T42] bridge0: port 2(bridge_slave_1) entered blocking state
[   34.602092][   T42] bridge0: port 2(bridge_slave_1) entered forwarding state
[   34.635076][ T6554] 8021q: adding VLAN 0 to HW filter on device batadv0
[   34.643054][ T6558] 8021q: adding VLAN 0 to HW filter on device bond0
[   34.650914][ T6549] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   34.653717][ T6549] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   34.660528][ T6558] 8021q: adding VLAN 0 to HW filter on device team0
[   34.675232][ T6563] 8021q: adding VLAN 0 to HW filter on device batadv0
[   34.685450][ T6558] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   34.688523][ T6558] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   34.699398][ T1589] bridge0: port 1(bridge_slave_0) entered blocking state
[   34.699448][ T1589] bridge0: port 1(bridge_slave_0) entered forwarding state
[   34.699775][ T1589] bridge0: port 2(bridge_slave_1) entered blocking state
[   34.699789][ T1589] bridge0: port 2(bridge_slave_1) entered forwarding state
[   34.709281][ T6563] veth0_vlan: entered promiscuous mode
[   34.711998][ T6563] veth1_vlan: entered promiscuous mode
[   34.718949][ T6563] veth0_macvtap: entered promiscuous mode
[   34.721864][ T6563] veth1_macvtap: entered promiscuous mode
[   34.727182][ T6563] batman_adv: batadv0: Interface activated: batadv_slave_0
[   34.729550][ T6563] batman_adv: batadv0: Interface activated: batadv_slave_1
[   34.735503][   T41] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   34.738164][  T281] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   34.757870][   T12] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   34.758113][   T12] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   34.768871][ T6554] veth0_vlan: entered promiscuous mode
[   34.789136][ T6550] 8021q: adding VLAN 0 to HW filter on device batadv0
[   34.792511][ T6554] veth1_vlan: entered promiscuous mode
[   34.795025][  T281] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   34.798770][  T281] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   34.818152][ T6549] 8021q: adding VLAN 0 to HW filter on device batadv0
[   34.820423][ T6558] 8021q: adding VLAN 0 to HW filter on device batadv0
[   34.823245][ T6554] veth0_macvtap: entered promiscuous mode
[   34.832103][ T6554] veth1_macvtap: entered promiscuous mode
[   34.844911][ T6550] veth0_vlan: entered promiscuous mode
[   34.849386][ T6558] veth0_vlan: entered promiscuous mode
[   34.851924][ T6558] veth1_vlan: entered promiscuous mode
[   34.858478][   T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   34.858509][   T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   34.861863][ T6550] veth1_vlan: entered promiscuous mode
[   34.879448][ T6554] batman_adv: batadv0: Interface activated: batadv_slave_0
[   34.882664][ T6558] veth0_macvtap: entered promiscuous mode
[   34.884697][ T6558] veth1_macvtap: entered promiscuous mode
[   34.893770][ T6554] batman_adv: batadv0: Interface activated: batadv_slave_1
[   34.895504][ T6651] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   34.897422][ T6651] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   34.898822][ T6651] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   34.900246][ T6651] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   34.908708][ T6550] veth0_macvtap: entered promiscuous mode
[   34.917436][ T6550] veth1_macvtap: entered promiscuous mode
[   34.922363][ T6550] batman_adv: batadv0: Interface activated: batadv_slave_0
[   34.928069][ T6563] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   34.935372][ T6558] batman_adv: batadv0: Interface activated: batadv_slave_0
[   34.947395][ T6550] batman_adv: batadv0: Interface activated: batadv_slave_1
[   34.950839][   T42] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   34.950899][   T42] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   34.950930][   T42] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   34.950948][   T42] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   34.966494][ T6558] batman_adv: batadv0: Interface activated: batadv_slave_1
[   34.968097][   T15] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   34.968145][   T15] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   34.968190][   T15] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   34.968207][   T15] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   34.990668][  T281] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   34.992274][  T281] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   35.022002][ T6651] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   35.022029][ T6651] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   35.077928][ T6549] veth0_vlan: entered promiscuous mode
[   35.081907][ T6549] veth1_vlan: entered promiscuous mode
[   35.082709][   T42] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   35.082719][   T42] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   35.094423][ T6549] veth0_macvtap: entered promiscuous mode
[   35.130842][ T6651] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   35.130879][ T6651] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   35.142024][ T6549] veth1_macvtap: entered promiscuous mode
[   35.172406][ T6549] batman_adv: batadv0: Interface activated: batadv_slave_0
[   35.177526][ T6549] batman_adv: batadv0: Interface activated: batadv_slave_1
[   35.351844][  T281] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   35.351966][  T281] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   35.351994][  T281] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   35.352014][  T281] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   35.381795][ T6651] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   35.381842][ T6651] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   35.426890][   T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   35.426919][   T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   35.436626][  T281] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   35.436744][  T281] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   35.453334][  T281] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   35.453368][  T281] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   35.530786][ T6672] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[   35.530854][ T6672] CIFS mount error: No usable UNC path provided in device string!
[   35.530854][ T6672] 
[   35.530962][ T6672] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[   35.621949][   T53] Bluetooth: hci0: command tx timeout
[   35.622126][   T53] Bluetooth: hci2: command tx timeout
[   35.622249][   T53] Bluetooth: hci4: command tx timeout
[   35.622364][   T53] Bluetooth: hci3: command tx timeout
[   35.623339][ T6562] Bluetooth: hci1: command tx timeout
[   35.963735][ T6681] sctp: [Deprecated]: syz.1.2 (pid 6681) Use of struct sctp_assoc_value in delayed_ack socket option.
[   35.963735][ T6681] Use struct sctp_sack_info instead
[   36.397372][ T6685] netlink: 36 bytes leftover after parsing attributes in process `syz.4.5'.
[   36.397407][ T6685] netlink: 16 bytes leftover after parsing attributes in process `syz.4.5'.
[   36.397422][ T6685] netlink: 36 bytes leftover after parsing attributes in process `syz.4.5'.
[   36.397440][ T6685] netlink: 36 bytes leftover after parsing attributes in process `syz.4.5'.
[   37.040099][ T6696] loop0: detected capacity change from 0 to 32768
[   37.040721][ T6696] =======================================================
[   37.040721][ T6696] WARNING: The mand mount option has been deprecated and
[   37.040721][ T6696]          and is ignored by this kernel. Remove the mand
[   37.040721][ T6696]          option from the mount to silence this warning.
[   37.040721][ T6696] =======================================================
[   37.261213][ T6699] Injecting memory failure for pfn 0x1263fe at process virtual address 0x20ffe000
[   37.311847][ T6696] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[   37.319228][ T6701] loop2: detected capacity change from 0 to 1024
[   37.319618][ T6701] hfsplus: Bad value for 'gid'
[   37.822691][ T6555] Bluetooth: hci1: command tx timeout
[   37.822729][ T6555] Bluetooth: hci3: command tx timeout
[   37.822750][ T6555] Bluetooth: hci4: command tx timeout
[   37.822768][ T6555] Bluetooth: hci2: command tx timeout
[   37.822784][ T6555] Bluetooth: hci0: command tx timeout
[   37.847036][ T6699] Memory failure: 0x1263fe: Sending SIGBUS to syz.2.6:6699 due to hardware memory corruption
[   37.847133][ T6699] Memory failure: 0x1263fe: recovery action for dirty LRU page: Recovered
[   38.253057][ T6558] ocfs2: Unmounting device (7,0) on (node local)
[   38.291138][ T6716] syzkaller0: entered promiscuous mode
[   38.292398][ T6716] syzkaller0: entered allmulticast mode
[   38.419549][ T6718] loop0: detected capacity change from 0 to 32768
[   38.491878][ T6718] ocfs2: Slot 0 on device (7,0) was already allocated to this node!
[   38.537664][ T6718] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[   38.611716][ T6721] loop3: detected capacity change from 0 to 2048
[   38.644307][ T6721] iocharset k��8-r not found
[   39.515344][ T6558] ocfs2: Unmounting device (7,0) on (node local)
[   39.902782][ T6555] Bluetooth: hci2: command tx timeout
[   39.902828][ T6555] Bluetooth: hci4: command tx timeout
[   39.902862][ T6555] Bluetooth: hci3: command tx timeout
[   39.902883][ T6555] Bluetooth: hci1: command tx timeout
[   39.911657][ T6562] Bluetooth: hci0: command tx timeout
[   41.486898][ T6755] loop3: detected capacity change from 0 to 1024
[   41.490065][ T6755] EXT4-fs: Ignoring removed orlov option
[   41.966012][ T6562] Bluetooth: hci1: command tx timeout
[   41.966056][ T6562] Bluetooth: hci3: command tx timeout
[   41.966091][ T6562] Bluetooth: hci4: command tx timeout
[   41.966115][ T6562] Bluetooth: hci2: command tx timeout
[   41.966136][ T6562] Bluetooth: hci0: command tx timeout
[   42.148052][ T6755] EXT4-fs (loop3): stripe (2) is not aligned with cluster size (16), stripe is disabled
[   42.299392][ T6755] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   42.781976][ T6563] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.303680][ T6768] tipc: Started in network mode
[   43.303712][ T6768] tipc: Node identity ac14140f, cluster identity 4711
[   43.303963][ T6768] tipc: New replicast peer: 255.255.255.255
[   43.304619][ T6768] tipc: Enabled bearer <udp:syz2>, priority 10
[   45.049073][   T31] audit: type=1326 audit(44.570:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6777 comm="syz.3.23" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffffba75b9e8 code=0x0
[   45.225128][ T6620] tipc: Node number set to 2886997007
[   45.265469][ T6791] loop4: detected capacity change from 0 to 32768
[   47.079583][ T6816] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   47.079776][ T6816] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   47.081521][ T6816] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   47.081668][ T6816] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   51.671258][ T6858] loop4: detected capacity change from 0 to 512
[   51.671937][ T6858] EXT4-fs: Ignoring removed mblk_io_submit option
[   51.671965][ T6858] EXT4-fs: inline encryption not supported
[   51.671988][ T6858] EXT4-fs: Ignoring removed mblk_io_submit option
[   51.685263][ T6858] EXT4-fs (loop4): Test dummy encryption mode enabled
[   51.685314][ T6858] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   51.685330][ T6858] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   51.906313][ T6858] EXT4-fs (loop4): 1 truncate cleaned up
[   51.909540][ T6858] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   51.991841][ T6858] fscrypt: AES-256-XTS using implementation "xts-aes-ce"
[   53.213605][ T6549] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   53.786254][ T6879] loop2: detected capacity change from 0 to 1024
[   53.787559][ T6879] EXT4-fs: Ignoring removed orlov option
[   54.021548][ T6879] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled
[   54.200976][ T6879] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   54.984398][ T6795] Set syz1 is full, maxelem 65536 reached
[   55.049992][ T6554] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.063141][ T6895] loop4: detected capacity change from 0 to 512
[   55.068655][ T6895] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[   55.076238][ T6897] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   55.087429][ T6895] Quota error (device loop4): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[   55.087505][ T6895] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[   55.087996][ T6895] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.49: Failed to acquire dquot type 1
[   55.092355][ T6895] EXT4-fs (loop4): 1 truncate cleaned up
[   55.092871][ T6895] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   55.166421][ T6901] xt_CT: You must specify a L4 protocol and not use inversions on it
[   56.284829][ T6912] loop3: detected capacity change from 0 to 32768
[   56.291137][ T6912] OCFS2: ERROR (device loop3): int ocfs2_validate_inode_block(struct super_block *, struct buffer_head *): Invalid dinode #69: fs_generation is 8
[   56.291189][ T6912] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[   56.291208][ T6912] OCFS2: File system is now read-only.
[   56.291219][ T6912] (syz.3.51,6912,0):ocfs2_read_locked_inode:597 ERROR: status = -30
[   56.291294][ T6912] (syz.3.51,6912,0):_ocfs2_get_system_file_inode:144 ERROR: status = -30
[   56.291423][ T6912] (syz.3.51,6912,0):ocfs2_init_global_system_inodes:465 ERROR: status = -30
[   56.291436][ T6912] (syz.3.51,6912,0):ocfs2_init_global_system_inodes:467 ERROR: Unable to load system inode 2, possibly corrupt fs?
[   56.291448][ T6912] (syz.3.51,6912,0):ocfs2_init_global_system_inodes:476 ERROR: status = -30
[   56.291461][ T6912] (syz.3.51,6912,0):ocfs2_initialize_super:2198 ERROR: status = -30
[   56.291515][ T6912] (syz.3.51,6912,0):ocfs2_fill_super:1177 ERROR: status = -30
[   56.306942][ T6910] loop0: detected capacity change from 0 to 1764
[   56.400786][ T6549] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   56.797087][ T6917] loop2: detected capacity change from 0 to 40427
[   56.997845][ T6929] process 'syz.1.55' launched './file2' with NULL argv: empty string added
[   57.423078][ T6917] f2fs: Unknown parameter 'whint_mode'
[   58.449442][ T6940] x_tables: ip_tables: osf match: only valid for protocol 6
[   58.839516][ T6933] loop0: detected capacity change from 0 to 8192
[   59.387850][ T6953] No control pipe specified
[   59.559699][ T6959] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   59.871890][ T6962] loop0: detected capacity change from 0 to 1024
[   59.888538][ T6965] loop3: detected capacity change from 0 to 4096
[   59.901285][ T6965] ntfs3(loop3): Different NTFS sector size (1024) and media sector size (512).
[   59.910437][ T6962] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[   59.912331][ T6962] EXT4-fs error (device loop0): ext4_lookup:1787: inode #15: comm syz.0.62: inode has both inline data and extents flags
[   59.935210][ T6965] ntfs3(loop3): ino=1a, mi_enum_attr
[   59.935306][ T6965] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[   60.012639][ T6947] loop2: detected capacity change from 0 to 32768
[   60.054990][ T6947] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[   60.091452][ T6947] XFS (loop2): Ending clean mount
[   60.421766][ T6947] XFS (loop2): Quotacheck needed: Please wait.
[   60.450680][ T6947] XFS (loop2): Quotacheck: Done.
[   60.549702][ T6985] loop1: detected capacity change from 0 to 32768
[   60.565421][ T6985] ocfs2: Mounting device (7,1) on (node local, slot 0) with writeback data mode.
[   60.818023][ T6558] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[   60.831008][ T6554] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[   60.873578][ T6987] loop4: detected capacity change from 0 to 32768
[   60.912454][ T6994] loop0: detected capacity change from 0 to 256
[   60.912848][ T6994] vfat: Unknown parameter 'iocharsat'
[   61.309732][ T7002] netlink: 'syz.3.69': attribute type 10 has an invalid length.
[   61.365626][ T6550] ocfs2: Unmounting device (7,1) on (node local)
[   61.812417][ T7002] bond0: (slave wlan1): Enslaving as an active interface with an up link
[   62.802898][ T7009] loop2: detected capacity change from 0 to 40427
[   62.870335][ T7009] F2FS-fs (loop2): Invalid log sectors per block(0) log sectorsize(9)
[   62.872376][ T7009] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[   62.877686][ T7009] F2FS-fs (loop2): invalid crc value
[   63.166728][ T7009] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[   63.214940][ T7009] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[   63.218471][ T7009] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   63.273033][ T7026] loop0: detected capacity change from 0 to 1024
[   63.279830][ T7026] EXT4-fs: Ignoring removed nobh option
[   63.279858][ T7026] EXT4-fs: inline encryption not supported
[   63.344451][ T7014] loop1: detected capacity change from 0 to 32768
[   63.347675][ T7026] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   63.361772][ T7014] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.71 (7014)
[   64.008277][ T7014] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   64.012356][ T6554] syz-executor: attempt to access beyond end of device
[   64.012356][ T6554] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   64.012743][ T6554] CPU: 1 UID: 0 PID: 6554 Comm: syz-executor Not tainted syzkaller #0 PREEMPT 
[   64.012756][ T6554] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025
[   64.012760][ T6554] Call trace:
[   64.012763][ T6554]  show_stack+0x2c/0x3c (C)
[   64.012777][ T6554]  __dump_stack+0x30/0x40
[   64.012783][ T6554]  dump_stack_lvl+0xd8/0x12c
[   64.012788][ T6554]  dump_stack+0x1c/0x28
[   64.012792][ T6554]  f2fs_handle_critical_error+0x34c/0x4b8
[   64.012802][ T6554]  f2fs_stop_checkpoint+0x5c/0x70
[   64.012804][ T7014] BTRFS info (device loop1): using sha256 (sha256-lib) checksum algorithm
[   64.012808][ T6554]  f2fs_write_end_io+0x768/0xa70
[   64.012815][ T6554]  bio_endio+0x858/0x894
[   64.012821][ T6554]  submit_bio_noacct+0xd64/0x186c
[   64.012827][ T6554]  submit_bio+0x3b4/0x550
[   64.012833][ T6554]  f2fs_submit_write_bio+0x13c/0x324
[   64.012839][ T6554]  __submit_merged_bio+0x254/0x704
[   64.012844][ T6554]  __submit_merged_write_cond+0x23c/0x4ac
[   64.012850][ T6554]  f2fs_write_data_pages+0x1d28/0x2634
[   64.012856][ T6554]  do_writepages+0x270/0x468
[   64.012864][ T6554]  filemap_fdatawrite+0x14c/0x1f4
[   64.012865][ T7014] BTRFS warning (device loop1): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[   64.012869][ T6554]  f2fs_sync_dirty_inodes+0x2b8/0x788
[   64.012874][ T6554]  f2fs_write_checkpoint+0x70c/0x1c30
[   64.012879][ T6554]  kill_f2fs_super+0x228/0x594
[   64.012885][ T6554]  deactivate_locked_super+0xc4/0x12c
[   64.012892][ T6554]  deactivate_super+0xe0/0x100
[   64.012897][ T6554]  cleanup_mnt+0x31c/0x3ac
[   64.012904][ T6554]  __cleanup_mnt+0x20/0x30
[   64.012910][ T6554]  task_work_run+0x1dc/0x260
[   64.012916][ T6554]  exit_to_user_mode_loop+0xfc/0x178
[   64.012923][ T6554]  el0_svc+0x170/0x254
[   64.012930][ T6554]  el0t_64_sync_handler+0x84/0x12c
[   64.012936][ T6554]  el0t_64_sync+0x198/0x19c
[   64.012957][ T6554] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[   64.138934][ T6558] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   64.450680][ T7014] BTRFS info (device loop1): rebuilding free space tree
[   64.455321][ T7054] loop0: detected capacity change from 0 to 1024
[   64.470982][ T7054] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[   64.477675][ T7054] EXT4-fs error (device loop0): ext4_lookup:1787: inode #15: comm syz.0.79: inode has both inline data and extents flags
[   64.490874][ T7014] BTRFS info (device loop1): disabling free space tree
[   64.492857][ T7014] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   64.499676][ T2452] ieee802154 phy0 wpan0: encryption failed: -22
[   64.499730][ T2452] ieee802154 phy1 wpan1: encryption failed: -22
[   64.502832][   T11] cfg80211: failed to load regulatory.db
[   64.506124][ T7014] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[   64.527585][ T7014] BTRFS info (device loop1): enabling ssd optimizations
[   64.527623][ T7014] BTRFS info (device loop1): enabling disk space caching
[   64.527630][ T7014] BTRFS info (device loop1): force clearing of disk cache
[   64.527638][ T7014] BTRFS info (device loop1): enabling auto defrag
[   64.527646][ T7014] BTRFS info (device loop1): max_inline set to 0
[   64.646881][  T281] BTRFS info (device loop1): qgroup scan completed (inconsistency flag cleared)
[   64.687929][ T7062] loop2: detected capacity change from 0 to 64
[   64.691276][ T7062] BFS-fs: bfs_fill_super(): loop2 is unclean, continuing
[   64.725396][ T7064] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   64.986628][ T6550] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   65.794861][ T6558] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[   66.242863][ T7089] Zero length message leads to an empty skb
[   66.732628][ T7098] loop1: detected capacity change from 0 to 131072
[   66.807312][ T7098] F2FS-fs (loop1): Invalid log sectors per block(570425347) log sectorsize(9)
[   66.807349][ T7098] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[   66.811308][ T7098] F2FS-fs (loop1): invalid crc value
[   66.832778][ T7098] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=3000000, run fsck to fix.
[   66.837166][ T7098] F2FS-fs (loop1): Bad quota inode 2:50331648
[   66.837196][ T7098] F2FS-fs (loop1): Failed to enable quota tracking (type=2, err=-22). Please run fsck to fix.
[   66.837211][ T7098] F2FS-fs (loop1): Cannot turn on quotas: error -22
[   66.837223][ T7098] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[   66.848334][ T7098] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0
[   66.848373][ T7098] F2FS-fs (loop1): Mounted with checkpoint version = 753bd00b
[   66.899614][ T7088] loop4: detected capacity change from 0 to 32768
[   67.891121][ T7115] ialloc: diAlloc returned -17!
[   67.909280][ T7116] ialloc: diAlloc returned -17!
[   68.255270][ T7113] netlink: 'syz.2.92': attribute type 10 has an invalid length.
[   68.256688][ T7113] bond0: (slave wlan1): Enslaving as an active interface with an up link
[   68.610705][ T7129] loop4: detected capacity change from 0 to 1024
[   68.895293][ T7129] EXT4-fs (loop4): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[   68.900239][ T7129] EXT4-fs error (device loop4): ext4_lookup:1787: inode #15: comm syz.4.95: inode has both inline data and extents flags
[   69.270578][ T7140] loop1: detected capacity change from 0 to 512
[   69.273016][ T7140] msdos: Unknown parameter ''
[   69.341546][ T6620] libceph: connect (1)[c::]:6789 error -101
[   69.344038][ T6620] libceph: mon0 (1)[c::]:6789 connect error
[   69.767435][ T7138] ceph: No mds server is up or the cluster is laggy
[   69.779340][ T6620] libceph: connect (1)[c::]:6789 error -101
[   69.779437][ T6620] libceph: mon0 (1)[c::]:6789 connect error
[   69.907326][ T6549] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[   72.081909][ T7197] loop3: detected capacity change from 0 to 256
[   72.569681][ T7197] FAT-fs (loop3): Directory bread(block 64) failed
[   72.569722][ T7197] FAT-fs (loop3): Directory bread(block 65) failed
[   72.569758][ T7197] FAT-fs (loop3): Directory bread(block 66) failed
[   72.569773][ T7197] FAT-fs (loop3): Directory bread(block 67) failed
[   72.569799][ T7197] FAT-fs (loop3): Directory bread(block 68) failed
[   72.569812][ T7197] FAT-fs (loop3): Directory bread(block 69) failed
[   72.569836][ T7197] FAT-fs (loop3): Directory bread(block 70) failed
[   72.569849][ T7197] FAT-fs (loop3): Directory bread(block 71) failed
[   72.569877][ T7197] FAT-fs (loop3): Directory bread(block 72) failed
[   72.569889][ T7197] FAT-fs (loop3): Directory bread(block 73) failed
[   73.496276][ T7232] Device name cannot be null; rc = [-22]
[   73.607785][ T7234] xt_hashlimit: max too large, truncated to 1048576
[   74.106541][ T7236] loop4: detected capacity change from 0 to 1024
[   74.109842][ T7236] EXT4-fs: Ignoring removed orlov option
[   74.123312][ T7236] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled
[   74.181084][ T7236] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   74.888843][ T6549] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.926717][ T7242] loop0: detected capacity change from 0 to 32768
[   74.965451][ T7265] loop4: detected capacity change from 0 to 64
[   75.840652][ T7251] loop1: detected capacity change from 0 to 32768
[   76.866479][ T7288] netlink: 'syz.4.123': attribute type 10 has an invalid length.
[   76.876153][ T7251] XFS (loop1): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[   76.911634][ T7251] XFS (loop1): Ending clean mount
[   76.922436][ T7288] bond0: (slave wlan1): Enslaving as an active interface with an up link
[   76.956764][ T7294] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   77.968209][ T6550] XFS (loop1): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[   78.003590][ T7311] loop3: detected capacity change from 0 to 256
[   78.005466][ T7311] vfat: Unknown parameter 'iocharsat'
[   78.484216][ T7324] loop1: detected capacity change from 0 to 512
[   78.502035][ T7324] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.128: couldn't read orphan inode 26 (err -116)
[   78.505585][ T7324] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   78.565256][ T7324] EXT4-fs (loop1): shut down requested (2)
[   78.937436][ T6550] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.973086][ T7338] loop1: detected capacity change from 0 to 8
[   79.389098][ T7341] loop3: detected capacity change from 0 to 512
[   79.389481][ T7341] EXT4-fs: Ignoring removed mblk_io_submit option
[   79.389508][ T7341] EXT4-fs: inline encryption not supported
[   79.389531][ T7341] EXT4-fs: Ignoring removed mblk_io_submit option
[   79.405624][ T7341] EXT4-fs (loop3): Test dummy encryption mode enabled
[   79.405646][ T7341] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   79.446491][ T7341] EXT4-fs (loop3): 1 truncate cleaned up
[   79.496513][ T7341] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   80.735037][   T53] Bluetooth: hci4: link tx timeout
[   80.735160][   T53] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[   80.747704][ T7351] netlink: 'syz.4.136': attribute type 10 has an invalid length.
[   81.147712][ T6562] Bluetooth: hci4: link tx timeout
[   81.147748][ T6562] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[   81.160744][ T7355] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   81.509401][ T6562] Bluetooth: hci4: link tx timeout
[   81.509427][ T6562] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[   81.753825][ T7359] netlink: 'syz.1.138': attribute type 10 has an invalid length.
[   81.754149][ T7359] bridge0: port 2(bridge_slave_1) entered disabled state
[   81.754799][ T7359] bridge0: port 1(bridge_slave_0) entered disabled state
[   82.104884][ T7359] bridge0: port 2(bridge_slave_1) entered blocking state
[   82.104984][ T7359] bridge0: port 2(bridge_slave_1) entered forwarding state
[   82.105097][ T7359] bridge0: port 1(bridge_slave_0) entered blocking state
[   82.105142][ T7359] bridge0: port 1(bridge_slave_0) entered forwarding state
[   82.116145][ T7366] netlink: 4 bytes leftover after parsing attributes in process `syz.1.138'.
[   82.138694][ T7359] bond0: (slave bridge0): Enslaving as an active interface with an up link
[   82.333157][ T7366] bridge_slave_1: left allmulticast mode
[   82.335397][ T7366] bridge_slave_1: left promiscuous mode
[   82.337016][ T7366] bridge0: port 2(bridge_slave_1) entered disabled state
[   82.340575][ T7366] bridge_slave_0: left allmulticast mode
[   82.342253][ T7366] bridge_slave_0: left promiscuous mode
[   82.344649][ T7366] bridge0: port 1(bridge_slave_0) entered disabled state
[   82.356613][ T6563] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.363411][ T7366] bond0: (slave bridge0): Releasing backup interface
[   82.761562][ T7381] loop1: detected capacity change from 0 to 32768
[   82.762387][ T7381] jfs: Unknown parameter '00000000000000000003'
[   82.870699][ T6562] Bluetooth: hci4: command 0x0406 tx timeout
[   83.707310][ T6562] Bluetooth: hci4: link tx timeout
[   83.715013][ T7374] loop3: detected capacity change from 0 to 32768
[   83.754680][ T7374] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   83.861459][ T7374] XFS (loop3): Ending clean mount
[   83.864037][ T7374] XFS (loop3): Quotacheck needed: Please wait.
[   83.880492][ T7374] XFS (loop3): Quotacheck: Done.
[   85.124515][ T7413] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   85.561551][ T6563] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   85.585658][ T7421] loop4: detected capacity change from 0 to 16
[   85.613294][ T7421] erofs (device loop4): unsupported i_format 32 of nid 36
[   85.748783][ T7416] loop0: detected capacity change from 0 to 32768
[   86.005087][ T7426] netlink: 'syz.4.153': attribute type 1 has an invalid length.
[   86.005122][ T7426] netlink: 'syz.4.153': attribute type 2 has an invalid length.
[   86.312449][ T7416] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.151 (7416)
[   86.335367][ T7416] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   86.335435][ T7416] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[   87.143150][ T7460] loop3: detected capacity change from 0 to 128
[   87.148533][ T7460] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[   87.476228][ T7460] hpfs: filesystem error: improperly stopped
[   87.477668][ T7460] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[   87.479128][ T7460] hpfs: You really don't want any checks? You are crazy...
[   87.480639][ T7460] hpfs: hpfs_map_sector(): read error
[   87.484133][ T7460] hpfs: code page support is disabled
[   87.486102][ T7416] BTRFS info (device loop0): rebuilding free space tree
[   87.487768][ T7460] hpfs: hpfs_map_4sectors(): unaligned read
[   87.487982][ T7460] hpfs: hpfs_map_4sectors(): unaligned read
[   87.487988][ T7460] hpfs: filesystem error: unable to find root dir
[   87.727201][ T7480] ptrace attach of "./syz-executor exec"[6563] was attempted by "./syz-executor exec"[7480]
[   87.744117][ T7480] hpfs: hpfs_map_4sectors(): unaligned read
[   87.871285][ T7416] BTRFS info (device loop0): enabling ssd optimizations
[   87.872759][ T7416] BTRFS info (device loop0): using spread ssd allocation scheme
[   87.875491][ T7416] BTRFS info (device loop0): turning on async discard
[   87.878387][ T7416] BTRFS info (device loop0): enabling free space tree
[   87.882186][ T7416] BTRFS info (device loop0): force clearing of disk cache
[   89.169238][ T7497] loop3: detected capacity change from 0 to 512
[   89.210247][ T7497] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.162: bg 0: block 393: padding at end of block bitmap is not set
[   89.214345][ T7497] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6667: Corrupt filesystem
[   89.218822][ T7497] EXT4-fs (loop3): 2 truncates cleaned up
[   89.220330][ T7497] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   89.692424][ T7497] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   90.476165][ T7498] loop1: detected capacity change from 0 to 512
[   90.476539][ T7498] msdos: Unknown parameter ''
[   90.566025][ T6558] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   90.676250][ T6563] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   91.232990][ T7530] loop1: detected capacity change from 0 to 256
[   91.235788][ T7530] exfat: Deprecated parameter 'utf8'
[   91.236993][ T7530] exfat: Deprecated parameter 'namecase'
[   91.987601][ T7530] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d)
[   92.177577][ T7544] Bluetooth: MGMT ver 1.23
[   92.279041][ T7541] loop0: detected capacity change from 0 to 32768
[   92.296707][ T7541] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.170 (7541)
[   92.316006][ T7541] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   92.316072][ T7541] BTRFS info (device loop0): using crc32c (crc32c-lib) checksum algorithm
[   92.408289][ T7560] loop4: detected capacity change from 0 to 256
[   92.426079][ T7560] FAT-fs (loop4): Directory bread(block 64) failed
[   92.426112][ T7560] FAT-fs (loop4): Directory bread(block 65) failed
[   92.426141][ T7560] FAT-fs (loop4): Directory bread(block 66) failed
[   92.426156][ T7560] FAT-fs (loop4): Directory bread(block 67) failed
[   92.426179][ T7560] FAT-fs (loop4): Directory bread(block 68) failed
[   92.426193][ T7560] FAT-fs (loop4): Directory bread(block 69) failed
[   92.426215][ T7560] FAT-fs (loop4): Directory bread(block 70) failed
[   92.426228][ T7560] FAT-fs (loop4): Directory bread(block 71) failed
[   92.426249][ T7560] FAT-fs (loop4): Directory bread(block 72) failed
[   92.426262][ T7560] FAT-fs (loop4): Directory bread(block 73) failed
[   92.614512][ T7541] BTRFS info (device loop0): turning off barriers
[   92.628508][ T7541] BTRFS info (device loop0): enabling free space tree
[   92.633064][ T7541] BTRFS info (device loop0): use zlib compression, level 3
[   93.818072][   T31] audit: type=1326 audit(93.780:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7583 comm="syz.3.176" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffffba75b9e8 code=0x0
[   93.838933][ T6558] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   95.436662][ T7603] netlink: 260 bytes leftover after parsing attributes in process `syz.0.177'.
[   95.439198][ T7603] Invalid ELF header magic: != ELF
[   95.451945][ T7609] loop1: detected capacity change from 0 to 2048
[   95.459121][ T7609] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[   95.467655][ T7611] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   95.623523][ T7614] : entered promiscuous mode
[   95.762514][ T7613] syz.2.181 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   95.870096][ T7619] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[   95.870120][ T7619] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[   95.879424][ T7619] vhci_hcd vhci_hcd.0: Device attached
[   96.085812][ T7626] binder: 7615:7626 ioctl 4018620d 0 returned -22
[   96.094386][ T7626] binder: 7615:7626 ioctl c0306201 0 returned -14
[   96.096096][ T7626] binder: 7615:7626 got transaction to invalid handle, 1
[   96.096197][ T7626] binder: 7615:7626 cannot find target node
[   96.096374][ T7626] binder: 7615:7626 transaction async to 0:0 failed 4/29201/-22, code 0 size 0-0 line 3232
[   96.886265][ T6652] binder: undelivered TRANSACTION_ERROR: 29201
[   96.927146][ T1810] usb 7-1: SetAddress Request (2) to port 0
[   96.928547][ T1810] usb 7-1: new SuperSpeed USB device number 2 using vhci_hcd
[   97.480612][ T7628] loop4: detected capacity change from 0 to 256
[   97.721123][ T7621] vhci_hcd: connection closed
[   97.832090][ T7622] vhci_hcd: sendmsg failed!, ret=-32 for 48
[   97.862993][  T281] vhci_hcd: stop threads
[   97.863828][  T281] vhci_hcd: release socket
[   97.864606][  T281] vhci_hcd: disconnect device
[   97.883610][ T7628] FAT-fs (loop4): Directory bread(block 64) failed
[   97.883654][ T7628] FAT-fs (loop4): Directory bread(block 65) failed
[   97.883695][ T7628] FAT-fs (loop4): Directory bread(block 66) failed
[   97.883715][ T7628] FAT-fs (loop4): Directory bread(block 67) failed
[   97.883746][ T7628] FAT-fs (loop4): Directory bread(block 68) failed
[   97.883763][ T7628] FAT-fs (loop4): Directory bread(block 69) failed
[   97.883790][ T7628] FAT-fs (loop4): Directory bread(block 70) failed
[   97.883804][ T7628] FAT-fs (loop4): Directory bread(block 71) failed
[   97.883828][ T7628] FAT-fs (loop4): Directory bread(block 72) failed
[   97.883841][ T7628] FAT-fs (loop4): Directory bread(block 73) failed
[   98.475066][ T7639] binder: 7633:7639 BC_ACQUIRE_DONE u0000000000000002 node 5 cookie mismatch 00000000000000fc != 0000000000000000
[   98.803235][ T7645] loop0: detected capacity change from 0 to 2048
[   98.818034][ T7645] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 129: 0x32 != 0x7d
[   98.818880][ T7645] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[   98.884223][ T7649] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   98.888490][ T7649] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   98.912408][ T7652] loop1: detected capacity change from 0 to 764
[  100.254855][ T7674] netlink: 'syz.4.198': attribute type 10 has an invalid length.
[  102.373496][ T7708] loop0: detected capacity change from 0 to 4096
[  102.418075][ T7709] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  103.050546][ T1810] usb 7-1: device descriptor read/8, error -110
[  103.579775][ T7714] loop4: detected capacity change from 0 to 32768
[  103.584634][ T7714] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.209 (7714)
[  103.591600][ T7714] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  103.593553][ T7714] BTRFS info (device loop4): using sha256 (sha256-lib) checksum algorithm
[  103.595427][ T7714] BTRFS warning (device loop4): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  103.841472][ T1810] usb usb7-port1: attempt power cycle
[  103.872696][ T7714] BTRFS info (device loop4): rebuilding free space tree
[  103.887866][ T7714] BTRFS info (device loop4): disabling free space tree
[  103.887908][ T7714] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  103.887931][ T7714] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  103.896349][ T7721] netlink: 'syz.2.210': attribute type 10 has an invalid length.
[  103.896704][ T7714] BTRFS info (device loop4): setting nodatasum
[  103.896713][ T7714] BTRFS info (device loop4): setting nodatacow
[  103.896719][ T7714] BTRFS info (device loop4): enabling ssd optimizations
[  103.896725][ T7714] BTRFS info (device loop4): turning on async discard
[  103.896731][ T7714] BTRFS info (device loop4): enabling disk space caching
[  103.896736][ T7714] BTRFS info (device loop4): force clearing of disk cache
[  103.896741][ T7714] BTRFS info (device loop4): enabling auto defrag
[  103.896746][ T7714] BTRFS info (device loop4): max_inline set to 0
[  103.980453][ T7739] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  104.000154][ T7741] netlink: 'syz.2.213': attribute type 10 has an invalid length.
[  104.776372][ T7746] loop0: detected capacity change from 0 to 32768
[  104.798447][ T6549] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  104.850091][ T1810] usb usb7-port1: unable to enumerate USB device
[  105.192117][ T1860] wlan1: BSS 50:50:50:50:50:50 switches to unsupported channel (0 MHz), disconnecting
[  105.276955][ T6881] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  105.278669][ T6881] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  105.468753][ T7746] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode.
[  105.728768][ T7766] syz.4.215 uses obsolete (PF_INET,SOCK_PACKET)
[  106.661344][ T7777] netlink: 'syz.1.221': attribute type 10 has an invalid length.
[  106.668388][ T6558] ocfs2: Unmounting device (7,0) on (node local)
[  106.682489][ T7777] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  106.883534][ T7781] netlink: 'syz.1.223': attribute type 10 has an invalid length.
[  107.015000][ T7788] loop0: detected capacity change from 0 to 256
[  108.900955][ T7795] netlink: 'syz.3.226': attribute type 10 has an invalid length.
[  109.827467][ T7823] loop3: detected capacity change from 0 to 128
[  109.899638][ T7823] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  110.112130][ T7831] loop0: detected capacity change from 0 to 64
[  110.126275][ T7832] netlink: 'syz.1.233': attribute type 10 has an invalid length.
[  110.556919][ T7848] loop1: detected capacity change from 0 to 64
[  111.119121][ T6563] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  111.221065][ T7856] loop3: detected capacity change from 0 to 4096
[  111.233245][ T7856] ntfs3: Unknown parameter '18446744073709551615'
[  112.239454][ T7853] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  112.300255][ T7881] trusted_key: syz.2.243 sent an empty control message without MSG_MORE.
[  112.777840][ T7887] loop4: detected capacity change from 0 to 32768
[  112.790648][ T7887] ocfs2: Mounting device (7,4) on (node local, slot 0) with writeback data mode.
[  113.162933][ T7898] netlink: 28 bytes leftover after parsing attributes in process `syz.3.249'.
[  113.162977][ T7898] netlink: 'syz.3.249': attribute type 7 has an invalid length.
[  113.162985][ T7898] netlink: 'syz.3.249': attribute type 8 has an invalid length.
[  113.162992][ T7898] netlink: 4 bytes leftover after parsing attributes in process `syz.3.249'.
[  113.601903][ T6549] ocfs2: Unmounting device (7,4) on (node local)
[  113.928733][ T7913] loop4: detected capacity change from 0 to 1024
[  113.950379][ T7913] EXT4-fs (loop4): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  113.951678][ T7913] EXT4-fs error (device loop4): ext4_lookup:1787: inode #15: comm syz.4.254: inode has both inline data and extents flags
[  114.044119][ T7910] loop0: detected capacity change from 0 to 32768
[  114.050850][ T7910] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  114.068664][ T7910] XFS (loop0): Ending clean mount
[  114.166665][ T7931] loop3: detected capacity change from 0 to 2048
[  114.679457][ T7931] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 129: 0x32 != 0x7d
[  114.684236][ T7931] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  114.703033][ T6558] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  114.716457][ T6549] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  115.035437][ T7946] loop1: detected capacity change from 0 to 512
[  115.036643][ T7946] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  115.047500][ T7939] UDF-fs: error (device loop3): udf_verify_fi: directory (ino 1376) has entry at pos 100 with incorrect tag 6
[  115.701781][ T7950] netlink: 28 bytes leftover after parsing attributes in process `syz.2.261'.
[  115.703386][ T7950] netlink: 'syz.2.261': attribute type 7 has an invalid length.
[  115.705634][ T7950] netlink: 'syz.2.261': attribute type 8 has an invalid length.
[  115.709070][ T7950] netlink: 4 bytes leftover after parsing attributes in process `syz.2.261'.
[  115.752043][ T7953] loop3: detected capacity change from 0 to 128
[  115.802235][ T7953] FAT-fs (loop3): error, corrupted directory (invalid entries)
[  115.802273][ T7953] FAT-fs (loop3): Filesystem has been set read-only
[  116.199394][ T7960] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  116.699554][ T7974] loop0: detected capacity change from 0 to 1024
[  116.709697][ T7974] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  116.713841][ T7974] EXT4-fs error (device loop0): ext4_lookup:1787: inode #15: comm syz.0.269: inode has both inline data and extents flags
[  117.767695][ T6558] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  117.885913][ T8000] netlink: 28 bytes leftover after parsing attributes in process `syz.4.275'.
[  117.889846][ T8000] netlink: 'syz.4.275': attribute type 7 has an invalid length.
[  117.891251][ T8000] netlink: 'syz.4.275': attribute type 8 has an invalid length.
[  117.892584][ T8000] netlink: 4 bytes leftover after parsing attributes in process `syz.4.275'.
[  118.701956][ T8016] loop3: detected capacity change from 0 to 4096
[  118.733361][ T8016] ntfs3(loop3): Different NTFS sector size (1024) and media sector size (512).
[  118.876505][ T8019] loop0: detected capacity change from 0 to 1024
[  118.889752][ T8019] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  118.892879][ T8019] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  118.895801][ T8019] JBD2: no valid journal superblock found
[  118.895825][ T8019] EXT4-fs (loop0): Could not load journal inode
[  119.282286][ T8030] loop4: detected capacity change from 0 to 1024
[  119.284170][ T8030] EXT4-fs: Ignoring removed orlov option
[  119.285869][ T8030] EXT4-fs (loop4): stripe (7) is not aligned with cluster size (16), stripe is disabled
[  119.363087][ T8030] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  120.961181][ T8040] loop1: detected capacity change from 0 to 4096
[  120.963217][ T8040] EXT4-fs: Ignoring removed mblk_io_submit option
[  120.985556][ T8040] EXT4-fs (loop1): Test dummy encryption mode enabled
[  121.026263][ T8040] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  121.464791][ T8046] netlink: 28 bytes leftover after parsing attributes in process `syz.0.286'.
[  121.464830][ T8046] netlink: 'syz.0.286': attribute type 7 has an invalid length.
[  121.464850][ T8046] netlink: 'syz.0.286': attribute type 8 has an invalid length.
[  121.464861][ T8046] netlink: 4 bytes leftover after parsing attributes in process `syz.0.286'.
[  121.493344][ T6550] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  121.834224][ T6549] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  121.938190][ T8062] loop0: detected capacity change from 0 to 2048
[  121.944479][ T8062] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 129: 0x32 != 0x7d
[  121.947699][ T8062] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  123.164794][ T8081] loop0: detected capacity change from 0 to 8
[  123.168339][ T8081] SQUASHFS error: lzo decompression failed, data probably corrupt
[  123.168371][ T8081] SQUASHFS error: Failed to read block 0x144: -5
[  123.168389][ T8081] SQUASHFS error: Unable to read metadata cache entry [142]
[  123.168401][ T8081] SQUASHFS error: Unable to read inode 0x11f
[  123.224322][ T8086] tmpfs: Unknown parameter 'Ub&|��;0G���}�fer'
[  123.560855][ T8089] loop4: detected capacity change from 0 to 4096
[  123.563628][ T8089] ntfs3: Unknown parameter '18446744073709551615'
[  123.730242][ T8097] loop0: detected capacity change from 0 to 1024
[  124.065196][ T6562] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201'
[  124.067263][ T6562] CPU: 0 UID: 0 PID: 6562 Comm: kworker/u9:6 Not tainted syzkaller #0 PREEMPT 
[  124.067279][ T6562] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025
[  124.067285][ T6562] Workqueue: hci2 hci_rx_work
[  124.067301][ T6562] Call trace:
[  124.067304][ T6562]  show_stack+0x2c/0x3c (C)
[  124.067314][ T6562]  __dump_stack+0x30/0x40
[  124.067320][ T6562]  dump_stack_lvl+0xd8/0x12c
[  124.067326][ T6562]  dump_stack+0x1c/0x28
[  124.067331][ T6562]  sysfs_create_dir_ns+0x22c/0x24c
[  124.067339][ T6562]  kobject_add_internal+0x5a8/0xb20
[  124.067346][ T6562]  kobject_add+0x134/0x200
[  124.067355][ T6562]  device_add+0x394/0xa60
[  124.067363][ T6562]  hci_conn_add_sysfs+0xc0/0x1d0
[  124.067372][ T6562]  le_conn_complete_evt+0xc58/0x1184
[  124.067379][ T6562]  hci_le_conn_complete_evt+0x114/0x3f8
[  124.067387][ T6562]  hci_le_meta_evt+0x2cc/0x4b0
[  124.067396][ T6562]  hci_event_packet+0x6bc/0xf04
[  124.067404][ T6562]  hci_rx_work+0x320/0xb18
[  124.067410][ T6562]  process_one_work+0x7e8/0x155c
[  124.067417][ T6562]  worker_thread+0x958/0xed8
[  124.067423][ T6562]  kthread+0x5fc/0x75c
[  124.067433][ T6562]  ret_from_fork+0x10/0x20
[  124.067506][ T6562] kobject: kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  124.067528][ T6562] Bluetooth: hci2: failed to register connection device
[  124.325306][ T8097] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  124.379369][ T8111] netlink: 28 bytes leftover after parsing attributes in process `syz.4.301'.
[  124.379412][ T8111] netlink: 'syz.4.301': attribute type 7 has an invalid length.
[  124.379434][ T8111] netlink: 'syz.4.301': attribute type 8 has an invalid length.
[  124.379447][ T8111] netlink: 4 bytes leftover after parsing attributes in process `syz.4.301'.
[  124.388749][ T8097] EXT4-fs error (device loop0): ext4_lookup:1787: inode #15: comm syz.0.299: inode has both inline data and extents flags
[  124.507994][ T8091] loop3: detected capacity change from 0 to 40427
[  124.511350][ T8091] F2FS-fs (loop3): Invalid log sectors per block(0) log sectorsize(9)
[  124.511387][ T8091] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  124.525813][ T8091] F2FS-fs (loop3): invalid crc value
[  124.563421][ T8091] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  124.568543][ T8091] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  124.568583][ T8091] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  125.013650][ T6558] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  125.475487][ T6563] syz-executor: attempt to access beyond end of device
[  125.475487][ T6563] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  125.479585][ T6563] CPU: 1 UID: 0 PID: 6563 Comm: syz-executor Not tainted syzkaller #0 PREEMPT 
[  125.479614][ T6563] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025
[  125.479620][ T6563] Call trace:
[  125.479623][ T6563]  show_stack+0x2c/0x3c (C)
[  125.479642][ T6563]  __dump_stack+0x30/0x40
[  125.479651][ T6563]  dump_stack_lvl+0xd8/0x12c
[  125.479659][ T6563]  dump_stack+0x1c/0x28
[  125.479665][ T6563]  f2fs_handle_critical_error+0x34c/0x4b8
[  125.479672][ T6563]  f2fs_stop_checkpoint+0x5c/0x70
[  125.479677][ T6563]  f2fs_write_end_io+0x768/0xa70
[  125.479684][ T6563]  bio_endio+0x858/0x894
[  125.479689][ T6563]  submit_bio_noacct+0xd64/0x186c
[  125.479696][ T6563]  submit_bio+0x3b4/0x550
[  125.479702][ T6563]  f2fs_submit_write_bio+0x13c/0x324
[  125.479707][ T6563]  __submit_merged_bio+0x254/0x704
[  125.479713][ T6563]  __submit_merged_write_cond+0x23c/0x4ac
[  125.479719][ T6563]  f2fs_write_data_pages+0x1d28/0x2634
[  125.479725][ T6563]  do_writepages+0x270/0x468
[  125.479732][ T6563]  filemap_fdatawrite+0x14c/0x1f4
[  125.479737][ T6563]  f2fs_sync_dirty_inodes+0x2b8/0x788
[  125.479742][ T6563]  f2fs_write_checkpoint+0x70c/0x1c30
[  125.479747][ T6563]  kill_f2fs_super+0x228/0x594
[  125.479753][ T6563]  deactivate_locked_super+0xc4/0x12c
[  125.479759][ T6563]  deactivate_super+0xe0/0x100
[  125.479765][ T6563]  cleanup_mnt+0x31c/0x3ac
[  125.479771][ T6563]  __cleanup_mnt+0x20/0x30
[  125.479777][ T6563]  task_work_run+0x1dc/0x260
[  125.479783][ T6563]  exit_to_user_mode_loop+0xfc/0x178
[  125.479790][ T6563]  el0_svc+0x170/0x254
[  125.479797][ T6563]  el0t_64_sync_handler+0x84/0x12c
[  125.479803][ T6563]  el0t_64_sync+0x198/0x19c
[  125.481202][ T6563] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  125.596225][ T8137] loop1: detected capacity change from 0 to 16
[  125.631748][ T8137] MTD: Attempt to mount non-MTD device "/dev/loop1"
[  125.936743][ T2452] ieee802154 phy0 wpan0: encryption failed: -22
[  125.936782][ T2452] ieee802154 phy1 wpan1: encryption failed: -22
[  126.052415][ T8145] loop1: detected capacity change from 0 to 32768
[  126.156523][   T99] blkno = 5002c, nblocks = 1
[  126.156550][   T99] ERROR: (device loop1): dbUpdatePMap: blocks are outside the map
[  126.156550][   T99] 
[  126.159346][   T99] ERROR: (device loop1): remounting filesystem as read-only
[  126.162551][ T6550] JFS: metapage_get_blocks failed
[  126.226606][ T8150] netlink: 28 bytes leftover after parsing attributes in process `syz.1.312'.
[  126.228016][ T8150] netlink: 'syz.1.312': attribute type 7 has an invalid length.
[  126.229486][ T8150] netlink: 'syz.1.312': attribute type 8 has an invalid length.
[  126.230932][ T8150] netlink: 4 bytes leftover after parsing attributes in process `syz.1.312'.
[  126.265816][ T8152] netlink: 'syz.1.313': attribute type 10 has an invalid length.
[  126.324550][ T8153] netlink: 4 bytes leftover after parsing attributes in process `syz.3.309'.
[  126.376978][ T8155] loop0: detected capacity change from 0 to 1024
[  126.471067][ T8155] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  126.478839][ T8155] EXT4-fs error (device loop0): ext4_lookup:1787: inode #15: comm syz.0.315: inode has both inline data and extents flags
[  126.640621][ T8168] tipc: Started in network mode
[  126.640663][ T8168] tipc: Node identity ac141441, cluster identity 4711
[  126.641403][ T8168] tipc: Enabled bearer <udp:syz2>, priority 10
[  126.642624][ T8168] syzkaller0: entered promiscuous mode
[  126.700089][ T8159] loop1: detected capacity change from 0 to 32768
[  126.720043][ T8159] ocfs2: Mounting device (7,1) on (node local, slot 0) with writeback data mode.
[  126.758490][ T6550] ocfs2: Unmounting device (7,1) on (node local)
[  127.237287][ T6558] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  127.403021][ T8187] netlink: 'syz.4.323': attribute type 10 has an invalid length.
[  127.406695][ T8163] syzkaller0: left promiscuous mode
[  127.440284][ T8182] loop0: detected capacity change from 0 to 40427
[  127.458795][ T8182] F2FS-fs (loop0): invalid crc value
[  127.468513][ T8192] netlink: 28 bytes leftover after parsing attributes in process `syz.2.324'.
[  127.471312][ T8192] netlink: 24 bytes leftover after parsing attributes in process `syz.2.324'.
[  127.488083][ T8182] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  127.494088][ T8182] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  127.503238][ T8194] netlink: 'syz.4.325': attribute type 10 has an invalid length.
[  127.766040][ T6731] tipc: Node number set to 2886997057
[  128.049319][ T8211] tmpfs: Unknown parameter 'Ub&|��;0G���}�fer'
[  128.152318][ T6558] syz-executor: attempt to access beyond end of device
[  128.152318][ T6558] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  128.152377][ T6558] CPU: 1 UID: 0 PID: 6558 Comm: syz-executor Not tainted syzkaller #0 PREEMPT 
[  128.152392][ T6558] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025
[  128.152400][ T6558] Call trace:
[  128.152403][ T6558]  show_stack+0x2c/0x3c (C)
[  128.152417][ T6558]  __dump_stack+0x30/0x40
[  128.152423][ T6558]  dump_stack_lvl+0xd8/0x12c
[  128.152428][ T6558]  dump_stack+0x1c/0x28
[  128.152432][ T6558]  f2fs_handle_critical_error+0x34c/0x4b8
[  128.152442][ T6558]  f2fs_stop_checkpoint+0x5c/0x70
[  128.152447][ T6558]  f2fs_write_end_io+0x768/0xa70
[  128.152453][ T6558]  bio_endio+0x858/0x894
[  128.152459][ T6558]  submit_bio_noacct+0xd64/0x186c
[  128.152465][ T6558]  submit_bio+0x3b4/0x550
[  128.152471][ T6558]  f2fs_submit_write_bio+0x13c/0x324
[  128.152477][ T6558]  __submit_merged_bio+0x254/0x704
[  128.152483][ T6558]  __submit_merged_write_cond+0x23c/0x4ac
[  128.152488][ T6558]  f2fs_write_data_pages+0x1d28/0x2634
[  128.152495][ T6558]  do_writepages+0x270/0x468
[  128.152502][ T6558]  filemap_fdatawrite+0x14c/0x1f4
[  128.152507][ T6558]  f2fs_sync_dirty_inodes+0x2b8/0x788
[  128.152512][ T6558]  f2fs_write_checkpoint+0x70c/0x1c30
[  128.152517][ T6558]  kill_f2fs_super+0x228/0x594
[  128.152523][ T6558]  deactivate_locked_super+0xc4/0x12c
[  128.152529][ T6558]  deactivate_super+0xe0/0x100
[  128.152535][ T6558]  cleanup_mnt+0x31c/0x3ac
[  128.152541][ T6558]  __cleanup_mnt+0x20/0x30
[  128.152547][ T6558]  task_work_run+0x1dc/0x260
[  128.152554][ T6558]  exit_to_user_mode_loop+0xfc/0x178
[  128.152561][ T6558]  el0_svc+0x170/0x254
[  128.152568][ T6558]  el0t_64_sync_handler+0x84/0x12c
[  128.152574][ T6558]  el0t_64_sync+0x198/0x19c
[  128.152596][ T6558] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  129.568802][ T8231] netlink: 28 bytes leftover after parsing attributes in process `syz.2.336'.
[  129.570509][ T8231] netlink: 24 bytes leftover after parsing attributes in process `syz.2.336'.
[  129.656918][ T8235] netlink: 'syz.2.337': attribute type 10 has an invalid length.
[  129.662945][ T8233] netlink: 'syz.0.335': attribute type 10 has an invalid length.
[  129.667754][ T8233] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  130.354590][ T8254] tmpfs: Unknown parameter 'Ub&|��;0G���}�fer'
[  130.508975][ T8248] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  131.265266][ T8274] netlink: 28 bytes leftover after parsing attributes in process `syz.0.347'.
[  131.265322][ T8274] netlink: 24 bytes leftover after parsing attributes in process `syz.0.347'.
[  131.905829][ T8281] loop3: detected capacity change from 0 to 32768
[  131.997731][ T8286] netlink: 'syz.4.350': attribute type 10 has an invalid length.
[  132.422841][ T8291] loop4: detected capacity change from 0 to 1024
[  132.469158][ T8291] EXT4-fs (loop4): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  132.472228][ T8291] EXT4-fs error (device loop4): ext4_lookup:1787: inode #15: comm syz.4.351: inode has both inline data and extents flags
[  132.677364][ T8301] netlink: 'syz.2.354': attribute type 10 has an invalid length.
[  133.425422][ T6549] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  134.190344][ T8315] loop0: detected capacity change from 0 to 4096
[  134.199744][ T8315] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  134.571861][ T8326] EXT4-fs error (device loop0): ext4_empty_dir:3096: inode #12: block 80: comm syz.0.359: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[  134.606369][ T8326] EXT4-fs warning (device loop0): ext4_empty_dir:3099: inode #12: comm syz.0.359: directory missing '..'
[  134.651871][ T8330] netlink: 'syz.1.362': attribute type 10 has an invalid length.
[  134.939476][ T8338] tmpfs: Unknown parameter 'Ub&|��;0G���}�fer'
[  134.972328][ T6558] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.401448][ T8342] netlink: 'syz.0.364': attribute type 10 has an invalid length.
[  135.505587][ T8354] netlink: 'syz.2.367': attribute type 10 has an invalid length.
[  135.507379][ T8356] binder: 8355:8356 ioctl 4018620d 0 returned -22
[  135.512279][ T8356] loop0: detected capacity change from 0 to 1024
[  135.520665][ T8356] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  135.524438][ T8356] EXT4-fs error (device loop0): ext4_lookup:1787: inode #15: comm syz.0.368: inode has both inline data and extents flags
[  135.941102][ T8368] netlink: 'syz.3.371': attribute type 10 has an invalid length.
[  136.305731][ T8374] netlink: 'syz.4.373': attribute type 10 has an invalid length.
[  136.375472][ T6558] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  136.478446][ T8376] loop4: detected capacity change from 0 to 40427
[  136.494463][ T8376] F2FS-fs (loop4): build fault injection rate: 19
[  136.494498][ T8376] F2FS-fs (loop4): build fault injection type: 0x3bfe8c
[  136.497573][ T8376] F2FS-fs (loop4): invalid crc value
[  136.502892][ T8376] F2FS-fs (loop4): inject page alloc in f2fs_grab_cache_folio of f2fs_ra_meta_pages+0x4e8/0x7ac
[  136.509679][ T8376] F2FS-fs (loop4): inject slab alloc in f2fs_kmem_cache_alloc of read_node_folio+0x1b0/0x3b0
[  136.521545][ T8376] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  136.522114][ T8376] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  136.558986][ T8378] syzkaller0: entered promiscuous mode
[  136.559018][ T8378] syzkaller0: entered allmulticast mode
[  136.563801][ T8378] syzkaller0: tun_net_xmit 14
[  138.421732][ T8415] binder: 8414:8415 ioctl 4018620d 0 returned -22
[  138.425050][ T8415] loop3: detected capacity change from 0 to 1024
[  138.476582][ T8419] loop4: detected capacity change from 0 to 16
[  138.479553][ T8419] MTD: Attempt to mount non-MTD device "/dev/loop4"
[  138.511810][ T8415] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  138.542611][ T8415] EXT4-fs error (device loop3): ext4_lookup:1787: inode #15: comm syz.3.384: inode has both inline data and extents flags
[  138.832021][ T8432] loop4: detected capacity change from 0 to 32768
[  139.306766][ T6563] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  139.324420][ T8437] binder: 8435:8437 ioctl 4018620d 0 returned -22
[  139.330786][ T8437] loop1: detected capacity change from 0 to 1024
[  139.429966][ T8437] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  139.434236][ T8437] EXT4-fs error (device loop1): ext4_lookup:1787: inode #15: comm syz.1.400: inode has both inline data and extents flags
[  139.660898][ T8445] sctp: [Deprecated]: syz.2.391 (pid 8445) Use of struct sctp_assoc_value in delayed_ack socket option.
[  139.660898][ T8445] Use struct sctp_sack_info instead
[  140.107401][ T8459] loop4: detected capacity change from 0 to 512
[  140.107783][ T8459] EXT4-fs: Ignoring removed mblk_io_submit option
[  140.107813][ T8459] EXT4-fs: inline encryption not supported
[  140.107835][ T8459] EXT4-fs: Ignoring removed mblk_io_submit option
[  140.108288][ T8459] EXT4-fs (loop4): Test dummy encryption mode enabled
[  140.108334][ T8459] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  140.123950][ T8459] EXT4-fs (loop4): 1 truncate cleaned up
[  140.124391][ T8459] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  140.817394][ T8422] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  140.983674][ T6550] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  141.007278][ T8465] loop3: detected capacity change from 0 to 16
[  141.085009][ T8465] erofs (device loop3): mounted with root inode @ nid 36.
[  141.965034][ T6549] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.986825][ T6562] Bluetooth: hci4: link tx timeout
[  141.986861][ T6562] Bluetooth: hci4: killing stalled connection 10:aa:aa:aa:aa:aa
[  142.250926][ T8487] overlayfs: failed to resolve './file0': -2
[  142.293473][ T8481] loop1: detected capacity change from 0 to 32768
[  142.346546][ T8481] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.403 (8481)
[  142.357809][ T8481] BTRFS info (device loop1): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  142.357875][ T8481] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm
[  142.357894][ T8481] BTRFS warning (device loop1): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  142.677573][ T8481] BTRFS info (device loop1): rebuilding free space tree
[  142.687879][ T8481] BTRFS info (device loop1): disabling free space tree
[  142.687922][ T8481] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  142.687943][ T8481] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  142.694535][ T8481] BTRFS info (device loop1): setting nodatasum
[  142.694559][ T8481] BTRFS info (device loop1): allowing degraded mounts
[  142.694579][ T8481] BTRFS info (device loop1): turning on async discard
[  142.694592][ T8481] BTRFS info (device loop1): enabling disk space caching
[  142.694605][ T8481] BTRFS info (device loop1): force clearing of disk cache
[  142.694617][ T8481] BTRFS info (device loop1): force zlib compression, level 3
[  142.945307][ T8518] BTRFS info (device loop1): balance: start -sconvert=raid0,soft,usage=255,usage=255..0,devid=0,vrange=18446744073709551614..18446744073709551612
[  142.946672][ T8518] BTRFS info (device loop1): balance: ended with status: 0
[  143.267036][ T6550] BTRFS info (device loop1): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  143.483777][ T8527] loop0: detected capacity change from 0 to 512
[  143.487045][ T8527] EXT4-fs: Ignoring removed mblk_io_submit option
[  143.487091][ T8527] EXT4-fs: inline encryption not supported
[  143.487215][ T8527] EXT4-fs: Ignoring removed mblk_io_submit option
[  143.500187][ T8527] EXT4-fs (loop0): Test dummy encryption mode enabled
[  143.500227][ T8527] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  143.518106][ T8527] EXT4-fs (loop0): 1 truncate cleaned up
[  143.599806][ T8527] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  144.266118][   T53] Bluetooth: hci4: command 0x0406 tx timeout
[  144.660493][ T6558] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.311443][ T8576] loop4: detected capacity change from 0 to 64
[  145.313140][ T8576] hfs: Bad value for 'gid'
[  145.320807][ T8576] loop4: detected capacity change from 0 to 1024
[  145.348793][ T8576] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  145.529286][ T8592] netlink: 4 bytes leftover after parsing attributes in process `syz.4.417'.
[  145.529374][ T8592] bridge_slave_1: left allmulticast mode
[  145.529401][ T8592] bridge_slave_1: left promiscuous mode
[  145.529657][ T8592] bridge0: port 2(bridge_slave_1) entered disabled state
[  145.573797][ T8592] bridge_slave_0: left allmulticast mode
[  145.573830][ T8592] bridge_slave_0: left promiscuous mode
[  145.573934][ T8592] bridge0: port 1(bridge_slave_0) entered disabled state
[  146.263579][ T8422] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  146.500075][ T6549] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  146.688701][ T8598] loop1: detected capacity change from 0 to 32768
[  146.702938][ T8598] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.418 (8598)
[  146.713342][ T8598] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  146.713427][ T8598] BTRFS info (device loop1): using sha256 (sha256-lib) checksum algorithm
[  146.808109][ T8632] loop4: detected capacity change from 0 to 128
[  146.843660][ T8632] EXT4-fs (loop4): can't mount with data=, fs mounted w/o journal
[  147.000265][ T8598] BTRFS info (device loop1): rebuilding free space tree
[  147.010686][ T8598] BTRFS info (device loop1): enabling ssd optimizations
[  147.010713][ T8598] BTRFS info (device loop1): using spread ssd allocation scheme
[  147.010734][ T8598] BTRFS info (device loop1): turning on async discard
[  147.010747][ T8598] BTRFS info (device loop1): enabling free space tree
[  147.010760][ T8598] BTRFS info (device loop1): force clearing of disk cache
[  147.025381][ T8631] netlink: 'syz.0.423': attribute type 1 has an invalid length.
[  147.025428][ T8631] netlink: 'syz.0.423': attribute type 1 has an invalid length.
[  147.057084][ T8631] netlink: 'syz.0.423': attribute type 1 has an invalid length.
[  147.223902][ T8644] lo speed is unknown, defaulting to 1000
[  147.224245][ T8644] lo speed is unknown, defaulting to 1000
[  147.229486][ T8644] lo speed is unknown, defaulting to 1000
[  147.235306][ T8644] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  147.243479][ T8644] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  147.265882][ T8644] lo speed is unknown, defaulting to 1000
[  147.268549][ T8644] lo speed is unknown, defaulting to 1000
[  147.270728][ T8644] lo speed is unknown, defaulting to 1000
[  147.272867][ T8644] lo speed is unknown, defaulting to 1000
[  147.274929][ T8644] lo speed is unknown, defaulting to 1000
[  147.476229][ T8639] netlink: 32 bytes leftover after parsing attributes in process `syz.1.418'.
[  147.476286][ T8639] netlink: 9 bytes leftover after parsing attributes in process `syz.1.418'.
[  147.476343][ T8639] netlink: 9 bytes leftover after parsing attributes in process `syz.1.418'.
[  147.479105][ T8639] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check.
[  147.540531][ T1860] BTRFS info (device loop1): qgroup scan completed (inconsistency flag cleared)
[  147.733605][ T6550] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  148.026743][ T1810] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  148.186251][ T1810] usb 1-1: device descriptor read/64, error -71
[  148.448018][ T8683] lo speed is unknown, defaulting to 1000
[  148.686774][ T8686] loop4: detected capacity change from 0 to 512
[  148.706052][ T1810] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  148.866123][ T1810] usb 1-1: device descriptor read/64, error -71
[  148.976812][ T1810] usb usb1-port1: attempt power cycle
[  149.288566][ T6613] libceph: connect (1)[c::]:6789 error -101
[  149.289066][ T6613] libceph: mon0 (1)[c::]:6789 connect error
[  149.356125][ T1810] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  149.379112][ T1810] usb 1-1: device descriptor read/8, error -71
[  149.494182][ T8735] loop1: detected capacity change from 0 to 40427
[  149.498187][ T8735] F2FS-fs (loop1): Wrong MAIN_AREA boundary, start(4096) end(12800) block(12288)
[  149.499924][ T8735] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  149.501646][ T8735] F2FS-fs (loop1): Image doesn't support compression
[  149.502872][ T8735] F2FS-fs (loop1): build fault injection rate: 690
[  149.505044][ T8735] F2FS-fs (loop1): build fault injection type: 0x35f7
[  149.508973][ T8735] F2FS-fs (loop1): invalid crc value
[  149.546752][ T6613] libceph: connect (1)[c::]:6789 error -101
[  149.546858][ T6613] libceph: mon0 (1)[c::]:6789 connect error
[  149.550084][ T8735] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  149.554375][ T8735] F2FS-fs (loop1): Start checkpoint disabled!
[  149.568307][ T8735] F2FS-fs (loop1): f2fs_disable_checkpoint() finish, err:0
[  149.582279][ T8735] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  149.582333][ T8735] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  149.620706][ T8755] loop4: detected capacity change from 0 to 4096
[  149.645297][ T8755] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512).
[  149.649724][ T1810] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  149.667783][ T8755] ntfs3(loop4): ino=19, mi_enum_attr
[  149.668828][ T1810] usb 1-1: device descriptor read/8, error -71
[  150.114609][ T8728] ceph: No mds server is up or the cluster is laggy
[  150.117624][ T6789] libceph: connect (1)[c::]:6789 error -101
[  150.117712][ T6789] libceph: mon0 (1)[c::]:6789 connect error
[  150.120050][ T1810] usb usb1-port1: unable to enumerate USB device
[  150.239056][   T42] kworker/u8:3: attempt to access beyond end of device
[  150.239056][   T42] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  150.239650][   T42] CPU: 1 UID: 0 PID: 42 Comm: kworker/u8:3 Not tainted syzkaller #0 PREEMPT 
[  150.239666][   T42] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025
[  150.239671][   T42] Workqueue: writeback wb_workfn (flush-7:1)
[  150.239689][   T42] Call trace:
[  150.239691][   T42]  show_stack+0x2c/0x3c (C)
[  150.239701][   T42]  __dump_stack+0x30/0x40
[  150.239706][   T42]  dump_stack_lvl+0xd8/0x12c
[  150.239711][   T42]  dump_stack+0x1c/0x28
[  150.239715][   T42]  f2fs_handle_critical_error+0x34c/0x4b8
[  150.239722][   T42]  f2fs_stop_checkpoint+0x5c/0x70
[  150.239727][   T42]  f2fs_write_end_io+0x768/0xa70
[  150.239734][   T42]  bio_endio+0x858/0x894
[  150.239739][   T42]  submit_bio_noacct+0xd64/0x186c
[  150.239745][   T42]  submit_bio+0x3b4/0x550
[  150.239751][   T42]  f2fs_submit_write_bio+0x13c/0x324
[  150.239756][   T42]  __submit_merged_bio+0x254/0x704
[  150.239762][   T42]  __submit_merged_write_cond+0x23c/0x4ac
[  150.239768][   T42]  f2fs_write_data_pages+0x1d28/0x2634
[  150.239774][   T42]  do_writepages+0x270/0x468
[  150.239781][   T42]  __writeback_single_inode+0x15c/0x13e8
[  150.239787][   T42]  writeback_sb_inodes+0x55c/0xe40
[  150.239792][   T42]  wb_writeback+0x3cc/0xd70
[  150.239797][   T42]  wb_workfn+0x338/0xdc0
[  150.239802][   T42]  process_one_work+0x7e8/0x155c
[  150.239807][   T42]  worker_thread+0x958/0xed8
[  150.239812][   T42]  kthread+0x5fc/0x75c
[  150.239818][   T42]  ret_from_fork+0x10/0x20
[  150.270376][   T42] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  152.061000][ T8792] loop1: detected capacity change from 0 to 32768
[  152.065569][ T8792] xfs: Deprecated parameter 'ikeep'
[  152.065625][ T8792] XFS: ikeep mount option is deprecated.
[  152.073777][ T8792] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  152.469308][ T8792] XFS (loop1): Ending clean mount
[  152.471373][ T8792] XFS (loop1): Quotacheck needed: Please wait.
[  152.528023][ T8792] XFS (loop1): Quotacheck: Done.
[  152.873783][ T8817] Injecting memory failure for pfn 0x144b0f at process virtual address 0x20f0f000
[  153.318033][ T8820] loop4: detected capacity change from 0 to 512
[  153.318429][ T8820] msdos: Unknown parameter ''
[  153.354284][ T8817] Memory failure: 0x144b0f: recovery action for dirty LRU page: Recovered
[  153.554613][ T6550] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  153.650786][ T8828] loop4: detected capacity change from 0 to 16
[  153.653080][ T8828] MTD: Attempt to mount non-MTD device "/dev/loop4"
[  156.333226][ T8868] workqueue: Failed to create a rescuer kthread for wq "ceph-completion": -EINTR
[  156.789602][ T8867] loop4: detected capacity change from 0 to 32768
[  156.793102][ T8867] xfs: Deprecated parameter 'ikeep'
[  156.794401][ T8867] XFS: ikeep mount option is deprecated.
[  156.855232][ T8899] netlink: 36 bytes leftover after parsing attributes in process `syz.2.471'.
[  156.909160][ T8867] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  157.138779][ T8908] netlink: 36 bytes leftover after parsing attributes in process `syz.2.471'.
[  157.204678][ T8867] XFS (loop4): Ending clean mount
[  157.207185][ T8867] XFS (loop4): Quotacheck needed: Please wait.
[  157.236775][ T8867] XFS (loop4): Quotacheck: Done.
[  157.615718][ T8914] Injecting memory failure for pfn 0x146b0f at process virtual address 0x20f0f000
[  157.623609][ T8914] Memory failure: 0x146b0f: recovery action for dirty LRU page: Recovered
[  158.277972][ T6549] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  158.748833][ T6143] Bluetooth: hci1: command 0x0406 tx timeout
[  158.749171][ T6143] Bluetooth: hci2: command 0x0406 tx timeout
[  158.752179][ T6555] Bluetooth: hci3: command 0x0406 tx timeout
[  159.321838][ T8946] SQUASHFS error: Failed to read block 0x0: -5
[  160.407950][ T8956] : entered promiscuous mode
[  160.922203][ T8972] loop0: detected capacity change from 0 to 1024
[  160.936752][ T8972] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  160.945815][ T8972] EXT4-fs error (device loop0): ext4_lookup:1787: inode #15: comm syz.0.489: inode has both inline data and extents flags
[  161.690374][ T8983] loop4: detected capacity change from 0 to 32768
[  161.700338][ T8983] ocfs2: Mounting device (7,4) on (node local, slot 0) with writeback data mode.
[  161.839278][ T6558] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  161.859282][ T8994] loop3: detected capacity change from 0 to 16
[  161.859680][ T8994] MTD: Attempt to mount non-MTD device "/dev/loop3"
[  161.946687][ T8996] loop1: detected capacity change from 0 to 128
[  162.050881][ T8997] OCFS2: ERROR (device loop4): int ocfs2_get_clusters_nocache(struct inode *, struct buffer_head *, u32, unsigned int *, struct ocfs2_extent_rec *, unsigned int *): Inode 17058 has bad extent record (0, 6, 0)
[  162.051104][ T8997] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  162.051125][ T8997] OCFS2: File system is now read-only.
[  162.051153][ T8997] (syz.4.491,8997,1):ocfs2_get_clusters:634 ERROR: status = -30
[  162.051176][ T8997] (syz.4.491,8997,1):ocfs2_extent_map_get_blocks:681 ERROR: status = -30
[  162.051281][ T8997] (syz.4.491,8997,1):ocfs2_zero_range_for_truncate:6996 ERROR: status = -30
[  162.051363][ T8997] (syz.4.491,8997,1):ocfs2_orphan_for_truncate:417 ERROR: status = -30
[  162.051441][ T8997] (syz.4.491,8997,1):ocfs2_truncate_file:502 ERROR: status = -30
[  162.051460][ T8997] (syz.4.491,8997,1):ocfs2_setattr:1217 ERROR: status = -30
[  162.310568][ T8996] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  162.724003][ T6549] ocfs2: Unmounting device (7,4) on (node local)
[  163.055551][ T6550] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  163.874598][ T9019] loop4: detected capacity change from 0 to 512
[  163.879494][ T9019] EXT4-fs: Invalid want_extra_isize 16494
[  164.620530][ T9026] loop1: detected capacity change from 0 to 40427
[  164.629497][ T9026] F2FS-fs (loop1): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[  164.629537][ T9026] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  164.631171][ T9026] F2FS-fs (loop1): invalid crc value
[  164.675598][ T9026] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  164.678603][ T9026] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  164.678673][ T9026] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[  165.202526][ T9042] xt_NFQUEUE: number of total queues is 0
[  165.203335][ T9042] netlink: 24 bytes leftover after parsing attributes in process `syz.4.505'.
[  165.856045][ T9054] loop0: detected capacity change from 0 to 128
[  166.616757][ T9054] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  167.215090][ T6558] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  167.232865][ T9068] loop0: detected capacity change from 0 to 64
[  167.331211][ T9071] loop1: detected capacity change from 0 to 1024
[  167.342559][ T9071] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  167.345112][ T9071] EXT4-fs error (device loop1): ext4_lookup:1787: inode #15: comm syz.1.519: inode has both inline data and extents flags
[  168.323726][ T9089] ceph: No mds server is up or the cluster is laggy
[  168.323987][ T6620] libceph: connect (1)[c::]:6789 error -101
[  168.324086][ T6620] libceph: mon0 (1)[c::]:6789 connect error
[  168.372639][ T6550] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  169.911260][ T9109] loop4: detected capacity change from 0 to 1024
[  169.913856][ T9109] EXT4-fs: Ignoring removed orlov option
[  169.992783][ T9109] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  170.038753][ T9109] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  170.966766][ T6549] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.433988][ T9128] loop0: detected capacity change from 0 to 131072
[  171.444858][ T9128] F2FS-fs (loop0): Invalid log sectors per block(570425347) log sectorsize(9)
[  171.444890][ T9128] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[  171.451024][ T9128] F2FS-fs (loop0): invalid crc value
[  171.809471][ T9128] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=3000000, run fsck to fix.
[  171.812141][ T9128] F2FS-fs (loop0): Bad quota inode 2:50331648
[  171.812163][ T9128] F2FS-fs (loop0): Failed to enable quota tracking (type=2, err=-22). Please run fsck to fix.
[  171.812177][ T9128] F2FS-fs (loop0): Cannot turn on quotas: error -22
[  171.812189][ T9128] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  171.813191][ T9128] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0
[  171.813206][ T9128] F2FS-fs (loop0): Mounted with checkpoint version = 753bd00b
[  171.878557][ T9144] netlink: 36 bytes leftover after parsing attributes in process `syz.4.525'.
[  172.060990][ T9150] netlink: 36 bytes leftover after parsing attributes in process `syz.4.525'.
[  172.358410][ T9158] loop3: detected capacity change from 0 to 1024
[  172.370065][ T9158] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  172.375919][ T9158] EXT4-fs error (device loop3): ext4_lookup:1787: inode #15: comm syz.3.530: inode has both inline data and extents flags
[  172.661340][ T9153] loop1: detected capacity change from 0 to 32768
[  172.702306][ T9153] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  172.991987][ T9153] XFS (loop1): Ending clean mount
[  173.007401][ T9153] XFS (loop1): Quotacheck needed: Please wait.
[  173.235509][ T9153] XFS (loop1): Quotacheck: Done.
[  173.261409][ T6563] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  173.372784][ T9192] loop0: detected capacity change from 0 to 32768
[  173.380769][ T9192] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.532 (9192)
[  173.797349][ T9205] tipc: Started in network mode
[  173.798463][ T9205] tipc: Node identity ae3b6aa45b21, cluster identity 4711
[  173.800229][ T9205] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  173.804104][ T9205] syzkaller0: entered promiscuous mode
[  173.806075][ T9205] syzkaller0: entered allmulticast mode
[  173.827734][ T9192] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  173.829580][ T9192] BTRFS info (device loop0): using crc32c (crc32c-lib) checksum algorithm
[  173.834667][ T9205] warning: `syz.4.535' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  173.836453][ T9205] tipc: Resetting bearer <eth:syzkaller0>
[  173.842089][ T9204] tipc: Resetting bearer <eth:syzkaller0>
[  173.850028][ T9204] tipc: Disabling bearer <eth:syzkaller0>
[  173.856718][ T9192] BTRFS info (device loop0): enabling ssd optimizations
[  173.858603][ T9192] BTRFS info (device loop0): turning off barriers
[  173.859750][ T9192] BTRFS info (device loop0): turning on async discard
[  173.861463][ T9192] BTRFS info (device loop0): enabling free space tree
[  173.862902][ T9192] BTRFS info (device loop0): use zstd compression, level 3
[  174.731679][ T6550] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  174.887835][ T6558] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  175.057611][ T9240] netlink: 260 bytes leftover after parsing attributes in process `syz.3.539'.
[  175.059764][ T9240] Invalid ELF header magic: != ELF
[  176.460113][ T9267] tmpfs: Unknown parameter 'Ub&|��;0G���}�fer'
[  176.549198][ T9269] loop1: detected capacity change from 0 to 256
[  177.817513][ T9297] tmpfs: Unknown parameter 'Ub&|��;0G���}�fer'
[  178.010492][ T9282] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  178.047478][ T9304] loop3: detected capacity change from 0 to 16
[  178.048010][ T9304] MTD: Attempt to mount non-MTD device "/dev/loop3"
[  178.953561][ T9320] loop1: detected capacity change from 0 to 1024
[  178.972471][ T9320] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  178.973912][ T9320] EXT4-fs error (device loop1): ext4_lookup:1787: inode #15: comm syz.1.559: inode has both inline data and extents flags
[  179.858402][ T6550] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  180.766826][ T9354] netlink: 28 bytes leftover after parsing attributes in process `syz.1.568'.
[  180.766865][ T9354] netlink: 44 bytes leftover after parsing attributes in process `syz.1.568'.
[  180.777833][ T9355] tmpfs: Unknown parameter 'Ub&|��;0G���}�fer'
[  181.910123][ T9376] loop4: detected capacity change from 0 to 1024
[  181.930711][ T9376] EXT4-fs (loop4): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  181.932035][ T9376] EXT4-fs error (device loop4): ext4_lookup:1787: inode #15: comm syz.4.573: inode has both inline data and extents flags
[  182.766103][ T6549] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  182.803121][ T9395] netlink: 28 bytes leftover after parsing attributes in process `syz.4.579'.
[  182.803166][ T9395] netlink: 44 bytes leftover after parsing attributes in process `syz.4.579'.
[  182.965287][ T9401] loop1: detected capacity change from 0 to 128
[  183.000929][ T9401] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000819)
[  183.000974][ T9401] FAT-fs (loop1): Filesystem has been set read-only
[  183.005622][ T9401] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000819)
[  184.162356][ T9413] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  184.627918][ T9421] tmpfs: Unknown parameter 'Ub&|��;0G���}�fer'
[  185.709202][ T9442] loop3: detected capacity change from 0 to 2048
[  185.710750][ T9442] nilfs2: Unknown parameter '����'
[  185.821169][ T9446] loop0: detected capacity change from 0 to 1024
[  186.663600][ T9449] loop1: detected capacity change from 0 to 8192
[  186.738087][ T9457] tmpfs: Unknown parameter 'Ub&|��;0G���}�fer'
[  186.774726][ T9449] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  186.779369][ T9446] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  187.199398][ T9446] EXT4-fs error (device loop0): ext4_lookup:1787: inode #15: comm syz.0.594: inode has both inline data and extents flags
[  187.392715][ T9471] lo speed is unknown, defaulting to 1000
[  187.445688][ T9473] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000001)
[  187.445708][ T9473] FAT-fs (loop1): Filesystem has been set read-only
[  187.446431][ T9473] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000001)
[  187.446563][ T9473] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000001)
[  187.565215][ T9470] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  187.737718][ T2452] ieee802154 phy0 wpan0: encryption failed: -22
[  187.737746][ T2452] ieee802154 phy1 wpan1: encryption failed: -22
[  187.922486][ T9477] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  188.008316][ T9481] loop4: detected capacity change from 0 to 1024
[  188.039748][ T9481] EXT4-fs (loop4): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  188.045350][ T9481] EXT4-fs error (device loop4): ext4_lookup:1787: inode #15: comm syz.4.603: inode has both inline data and extents flags
[  201.818675][   T53] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  201.821227][   T53] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  201.823379][   T53] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  201.825884][   T53] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  201.827779][   T53] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  202.845298][   T53] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  202.848058][   T53] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  202.849864][   T53] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  202.852581][   T53] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  202.854638][   T53] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  203.856062][ T6562] Bluetooth: hci5: command tx timeout
[  203.882576][   T53] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  203.890163][ T6561] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  203.892360][ T6561] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  203.894729][ T6561] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  203.897913][ T6561] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  203.900099][ T6561] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  203.901999][ T6561] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  203.903477][ T6561] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  203.918400][ T6561] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  203.920631][ T6561] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  204.895991][   T53] Bluetooth: hci6: command tx timeout
[  205.936012][ T6562] Bluetooth: hci5: command tx timeout
[  205.937406][ T6561] Bluetooth: hci7: command tx timeout
[  205.938929][   T53] Bluetooth: hci8: command tx timeout
[  206.976033][   T53] Bluetooth: hci6: command tx timeout
[  208.015993][ T6562] Bluetooth: hci5: command tx timeout
[  208.017390][ T6561] Bluetooth: hci7: command tx timeout
[  208.018851][   T53] Bluetooth: hci8: command tx timeout
[  208.055929][    C0] watchdog: BUG: soft lockup - CPU#0 stuck for 22s! [aoe_tx0:2452]
[  208.055946][    C0] Modules linked in:
[  208.055952][    C0] irq event stamp: 59709189
[  208.058708][    C0] hardirqs last  enabled at (59709188): [<ffff80008ae1fbd8>] _raw_spin_unlock_irqrestore+0x38/0x98
[  208.060451][    C0] hardirqs last disabled at (59709189): [<ffff80008adfb2bc>] enter_from_kernel_mode+0x14/0x34
[  208.062215][    C0] softirqs last  enabled at (3030): [<ffff8000890c6d34>] local_bh_enable+0x10/0x34
[  208.063676][    C0] softirqs last disabled at (3034): [<ffff8000890c6d00>] local_bh_disable+0x10/0x34
[  208.065204][    C0] CPU: 0 UID: 0 PID: 2452 Comm: aoe_tx0 Not tainted syzkaller #0 PREEMPT 
[  208.065226][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025
[  208.065235][    C0] pstate: 83400005 (Nzcv daif +PAN -UAO +TCO +DIT -SSBS BTYPE=--)
[  208.065242][    C0] pc : _raw_spin_unlock_irqrestore+0x44/0x98
[  208.065250][    C0] lr : _raw_spin_unlock_irqrestore+0x38/0x98
[  208.065256][    C0] sp : ffff8000a11176f0
[  208.065258][    C0] x29: ffff8000a11176f0 x28: ffff0000fb0ed1b0 x27: 0000000000000000
[  208.065268][    C0] x26: ffff0000fb0ed140 x25: ffff0000fb0ed218 x24: dfff800000000000
[  208.065277][    C0] x23: 0000000000000003 x22: 0000000000000000 x21: ffff8000911b1b80
[  208.065284][    C0] x20: ffff8000976d8020 x19: 0000000000000000 x18: 00000000ffffffff
[  208.065291][    C0] x17: ffff800093325000 x16: ffff80008052bd88 x15: 0000000000000001
[  208.065297][    C0] x14: 1ffff00012edb004 x13: 0000000000000000 x12: 0000000000000000
[  208.065303][    C0] x11: ffff800093124d48 x10: 0000000000000003 x9 : 0000000000000000
[  208.065310][    C0] x8 : 00000000000000c0 x7 : ffff800083b31bc4 x6 : 0000000000000000
[  208.065316][    C0] x5 : 0000000000000001 x4 : 0000000000000001 x3 : 0000000000000010
[  208.065322][    C0] x2 : 0000000000000002 x1 : ffff80008eb9b576 x0 : ffff80010c9ca000
[  208.065329][    C0] Call trace:
[  208.065331][    C0]  _raw_spin_unlock_irqrestore+0x44/0x98 (P)
[  208.065339][    C0]  uart_port_unlock_deref+0x108/0x2ec
[  208.065347][    C0]  uart_write+0xc4/0x130
[  208.065353][    C0]  handle_tx+0x200/0x5fc
[  208.065359][    C0]  caif_xmit+0x108/0x150
[  208.065363][    C0]  dev_hard_start_xmit+0x2b0/0x890
[  208.065368][    C0]  __dev_queue_xmit+0x1600/0x32a8
[  208.065373][    C0]  tx+0x9c/0x1cc
[  208.065380][    C0]  kthread+0x164/0x354
[  208.065386][    C0]  kthread+0x5fc/0x75c
[  208.065393][    C0]  ret_from_fork+0x10/0x20
[  208.065400][    C0] Sending NMI from CPU 0 to CPUs 1:
[  208.065412][    C1] NMI backtrace for cpu 1
[  208.065421][    C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted syzkaller #0 PREEMPT 
[  208.065428][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025
[  208.065431][    C1] pstate: 83400005 (Nzcv daif +PAN -UAO +TCO +DIT -SSBS BTYPE=--)
[  208.065436][    C1] pc : arch_local_irq_enable+0x8/0xc
[  208.065445][    C1] lr : default_idle_call+0xd0/0xfc
[  208.065450][    C1] sp : ffff800097af7d60
[  208.065452][    C1] x29: ffff800097af7d60 x28: 0000000000000002 x27: dfff800000000000
[  208.065460][    C1] x26: 1ffff00012f5efb4 x25: 0000000000000000 x24: 0000000000000000
[  208.065467][    C1] x23: 1fffe00018343b88 x22: ffff80008f59e768 x21: 1ffff00011eb3ced
[  208.065474][    C1] x20: 0000000000000000 x19: ffff8000804cc384 x18: 1fffe000337db690
[  208.065480][    C1] x17: ffff80008f59e000 x16: ffff8000804cbca8 x15: 0000000000000001
[  208.065487][    C1] x14: 1fffe000337dd340 x13: 0000000000000000 x12: 0000000000000000
[  208.065493][    C1] x11: ffff6000337dd341 x10: 0000000000000003 x9 : 0000000000000000
[  208.065499][    C1] x8 : 0000000000122a45 x7 : ffff800080663c90 x6 : 0000000000000000
[  208.065505][    C1] x5 : 0000000000000001 x4 : 0000000000000001 x3 : ffff80008adfde00
[  208.065512][    C1] x2 : 0000000000000000 x1 : ffff80008eb9b576 x0 : ffff80010c9ee000
[  208.065518][    C1] Call trace:
[  208.065520][    C1]  arch_local_irq_enable+0x8/0xc (P)
[  208.065525][    C1]  do_idle+0x1d8/0x454
[  208.065530][    C1]  cpu_startup_entry+0x5c/0x74
[  208.065534][    C1]  secondary_start_kernel+0x1bc/0x1e4
[  208.065541][    C1]  __secondary_switched+0xc0/0xc4
[  208.066411][    C0] Kernel panic - not syncing: softlockup: hung tasks
[  208.116972][    C0] CPU: 0 UID: 0 PID: 2452 Comm: aoe_tx0 Tainted: G             L      syzkaller #0 PREEMPT 
[  208.118543][    C0] Tainted: [L]=SOFTLOCKUP
[  208.119205][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025
[  208.120817][    C0] Call trace:
[  208.121263][    C0]  show_stack+0x2c/0x3c (C)
[  208.121963][    C0]  __dump_stack+0x30/0x40
[  208.122689][    C0]  dump_stack_lvl+0x30/0x12c
[  208.123343][    C0]  dump_stack+0x1c/0x28
[  208.123947][    C0]  vpanic+0x22c/0x6c0
[  208.124601][    C0]  vpanic+0x0/0x6c0
[  208.125202][    C0]  softlockup_fn+0x0/0x120
[  208.125910][    C0]  __hrtimer_run_queues+0x3ec/0xb78
[  208.126689][    C0]  hrtimer_interrupt+0x2b8/0xb50
[  208.127464][    C0]  arch_timer_handler_virt+0x70/0x84
[  208.128328][    C0]  handle_percpu_devid_irq+0x174/0x308
[  208.129179][    C0]  generic_handle_domain_irq+0xe0/0x140
[  208.129972][    C0]  gic_handle_irq+0x6c/0x190
[  208.130689][    C0]  call_on_irq_stack+0x30/0x48
[  208.131407][    C0]  do_interrupt_handler+0xd4/0x138
[  208.132216][    C0]  el1_interrupt+0x3c/0x60
[  208.132872][    C0]  el1h_64_irq_handler+0x18/0x24
[  208.133688][    C0]  el1h_64_irq+0x6c/0x70
[  208.134355][    C0]  _raw_spin_unlock_irqrestore+0x44/0x98 (P)
[  208.135345][    C0]  uart_port_unlock_deref+0x108/0x2ec
[  208.136216][    C0]  uart_write+0xc4/0x130
[  208.136834][    C0]  handle_tx+0x200/0x5fc
[  208.137477][    C0]  caif_xmit+0x108/0x150
[  208.138176][    C0]  dev_hard_start_xmit+0x2b0/0x890
[  208.138938][    C0]  __dev_queue_xmit+0x1600/0x32a8
[  208.139606][    C0]  tx+0x9c/0x1cc
[  208.140268][    C0]  kthread+0x164/0x354
[  208.140866][    C0]  kthread+0x5fc/0x75c
[  208.141498][    C0]  ret_from_fork+0x10/0x20
[  208.142100][    C0] SMP: stopping secondary CPUs
[  208.142810][    C0] Kernel Offset: disabled
[  208.143493][    C0] CPU features: 0x100000,0001e000,42702281,5427fea7
[  208.144448][    C0] Memory Limit: none
[  208.145027][    C0] 
[  208.145386][    C0] =============================
[  208.146138][    C0] [ BUG: Invalid wait context ]
[  208.146910][    C0] syzkaller #0 Tainted: G             L     
[  208.147837][    C0] -----------------------------
[  208.148501][    C0] aoe_tx0/2452 is trying to lock:
[  208.149199][    C0] ffff0000c1b5d528 (&k->list_lock){+.+.}-{3:3}, at: bus_for_each_dev+0xa0/0x290
[  208.150461][    C0] other info that might help us debug this:
[  208.151298][    C0] context-{2:2}
[  208.151785][    C0] 3 locks held by aoe_tx0/2452:
[  208.152510][    C0]  #0: ffff80008f78ba80 (rcu_read_lock_bh){....}-{1:3}, at: rcu_lock_acquire+0x18/0x54
[  208.154052][    C0]  #1: ffff0000d5e2d158 (_xmit_NONE#2){+...}-{3:3}, at: __dev_queue_xmit+0x11d0/0x32a8
[  208.155513][    C0]  #2: ffff80008f78ba20 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire+0x10/0x4c
[  208.156912][    C0] stack backtrace:
[  208.157473][    C0] CPU: 0 UID: 0 PID: 2452 Comm: aoe_tx0 Tainted: G             L      syzkaller #0 PREEMPT 
[  208.159011][    C0] Tainted: [L]=SOFTLOCKUP
[  208.159718][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025
[  208.161252][    C0] Call trace:
[  208.161696][    C0]  show_stack+0x2c/0x3c (C)
[  208.162415][    C0]  __dump_stack+0x30/0x40
[  208.163090][    C0]  dump_stack_lvl+0x30/0x12c
[  208.163929][    C0]  dump_stack+0x1c/0x28
[  208.164558][    C0]  __lock_acquire+0xaec/0x30a4
[  208.165216][    C0]  lock_acquire+0x14c/0x2e0
[  208.165891][    C0]  _raw_spin_lock+0x48/0x60
[  208.166617][    C0]  bus_for_each_dev+0xa0/0x290
[  208.167315][    C0]  coresight_panic_cb+0x2c/0x3c
[  208.168019][    C0]  notifier_call_chain+0x1b8/0x4e4
[  208.168773][    C0]  atomic_notifier_call_chain+0xd0/0x180
[  208.169572][    C0]  vpanic+0x2c0/0x6c0
[  208.170187][    C0]  vpanic+0x0/0x6c0
[  208.170771][    C0]  softlockup_fn+0x0/0x120
[  208.171386][    C0]  __hrtimer_run_queues+0x3ec/0xb78
[  208.172167][    C0]  hrtimer_interrupt+0x2b8/0xb50
[  208.172879][    C0]  arch_timer_handler_virt+0x70/0x84
[  208.173692][    C0]  handle_percpu_devid_irq+0x174/0x308
[  208.174548][    C0]  generic_handle_domain_irq+0xe0/0x140
[  208.175378][    C0]  gic_handle_irq+0x6c/0x190
[  208.176087][    C0]  call_on_irq_stack+0x30/0x48
[  208.176772][    C0]  do_interrupt_handler+0xd4/0x138
[  208.177504][    C0]  el1_interrupt+0x3c/0x60
[  208.178184][    C0]  el1h_64_irq_handler+0x18/0x24
[  208.178876][    C0]  el1h_64_irq+0x6c/0x70
[  208.179492][    C0]  _raw_spin_unlock_irqrestore+0x44/0x98 (P)
[  208.180443][    C0]  uart_port_unlock_deref+0x108/0x2ec
[  208.181182][    C0]  uart_write+0xc4/0x130
[  208.181825][    C0]  handle_tx+0x200/0x5fc
[  208.182414][    C0]  caif_xmit+0x108/0x150
[  208.183143][    C0]  dev_hard_start_xmit+0x2b0/0x890
[  208.183869][    C0]  __dev_queue_xmit+0x1600/0x32a8
[  208.184719][    C0]  tx+0x9c/0x1cc
[  208.185233][    C0]  kthread+0x164/0x354
[  208.185785][    C0]  kthread+0x5fc/0x75c
[  208.186420][    C0]  ret_from_fork+0x10/0x20
[  208.382831][    C0] Rebooting in 86400 seconds..