last executing test programs:

8m40.373157494s ago: executing program 1 (id=2):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000000c0)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='contention_end\x00', r0}, 0x10)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
setsockopt$XDP_UMEM_COMPLETION_RING(r1, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_RX_RING(r1, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00', <r3=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r1, 0x11b, 0x5, &(0x7f0000000300)=0x1, 0x4)
bind$xdp(r1, &(0x7f0000000180)={0x2c, 0xa, r3}, 0x10)
bind$xdp(r1, &(0x7f00000001c0)={0x2c, 0xa, 0x0, 0x6}, 0x10)

8m39.931948653s ago: executing program 1 (id=7):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
chdir(0x0)
landlock_restrict_self(0xffffffffffffffff, 0x0)
r1 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000180)='/dev/comedi3\x00', 0xc00, 0x0)
ioctl$COMEDI_DEVCONFIG(r1, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r1, 0x40946400, &(0x7f00000000c0)={'8255\x00', [0x40404f26, 0x5, 0x2, 0x401, 0xc, 0x9, 0xfff, 0x5c95239c, 0x5, 0x3bf, 0x802, 0x1600, 0x1, 0x20000001, 0x9, 0xe1cb, 0x6, 0x0, 0x400, 0x195, 0x6, 0x0, 0xb, 0x402, 0x9, 0x3, 0x41, 0x5, 0x6, 0x8000003, 0xdffffffa]})

8m37.389469936s ago: executing program 1 (id=9):
syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000340)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r2, @ANYBLOB="0000000000004a641c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c00000010001fff0000000001000000000000d7", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800a000100767863616e0000000400028008000a00", @ANYRES32=r2], 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x600, &(0x7f0000000140)={&(0x7f0000000400)=@newlink={0x40, 0x10, 0x403, 0x70bd25, 0x0, {0x0, 0x0, 0x0, 0x0, 0x500}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @gretap={{0xb}, {0x8, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}]}}}, @IFLA_MASTER={0x8, 0xa, r5}]}, 0x40}, 0x1, 0x0, 0x0, 0x24000804}, 0x8000)

8m34.13500459s ago: executing program 1 (id=15):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000c80)={'lo\x00'})
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x0, 0x2000000000000069, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000380)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xe, &(0x7f0000000140)={[{@test_dummy_encryption_v1}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x5}}]}, 0x3, 0x459, &(0x7f0000000ac0)="$eJzs281vFOUfAPDvzHbLjx9gK+ILLyqKxsaXlgIqMRzUaOIBExM96LFpC0EWamhNhBAFY/BkjIl348GD/4InvRjjycSr3g0JMVwAT2tmd4buLrvbdt2yhf18kmmfZ+aZfZ7vzjy7z8yzE8DQ2pv9SSK2RsQfETFWzzYX2Fv/d/3q+dkbV8/PJlGtvv13Uit37er52aJosd+WPDORRqSfJbG7Tb2LZ8+dnKlU5s/k+amlUx9MLZ4999yJUzPH54/Pnz5w+PChg9MvvnDg+b7EmbXp2q6PF/bsfOO9r948+kVT/HkcR/pSU7S+dFtPVqv9rW3AtjWkk5EBNoQ1KUVEdrjKtf4/FqVYPnhj8fqnA20csK6q1Wp1S+fNF6rAXSyJ5rwuD8Oi+KLPrn+LpXUQ8PL6DT8G7sor9QugLO7r+VLfMhJpXqbccn3bT3sj4t0L/3yTLdFyPwUAYD38mI1/nm03/kvjgYZy9+RzQ+MRcW9EbI+I+yJiR0TcH1Er+2BEPLTG+lsnSW4d/6SXewpslbLx35F8bqt5/FeM/mK8lOe21eIvJ8dOVOb35+/JRJQ3ZfnpLnX89NrvX3ba1jj+y5as/mIsmLfj8sim5n3mZpZm/kvMja5cjNg10i7+5OZMQBIROyNiV491nHj6+z2dtq0cfxd9mGeqfhvxVP34X4iW+AtJ9/nJqf9FZX7/VHFW3OrX3y691an+PP6XvotYe/x9kB3//7c9/2/GP540ztcurr2OS39+3vGaptfzfzR5p5Yezdd9NLO0dGY6YjQ5Wm904/oDy/sW+aJ8Fv/Evvb9f3ssvxO7IyI7iR+OiEci4tG87Y9FxOMRsa9L/L+8+sT7K8U/2sv53wdZ/HNrOv7LidFoXdM+UTr58w9NlY7fEv+N7sf/UC01ka9ZzeffatrV29kMAAAAd540IrZGkk7eTKfp5GT99/I7ItLKwuLSM8cWPjw9V39GYDwiLe50jTXcD53OL+vr+YsRUf9pQbH9YH7f+OvS5lp+cnahMjfo4GHIbenQ/zN/lQbdOmDdeV4Lhpf+D8NL/4fhpf/D8GrT/zcPoh3A7dfu+/+TAbQDuP1a+r9pPxgirv9heOn/MLz0fxhKi5tj5YfkuyaKV+px97s2EeUN0Yx1S0S6IZqxYRPlO7xfDO4zCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoJ/+DQAA//9Ra9vE")
creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
symlink(&(0x7f0000000280)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f00000009c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
symlink(&(0x7f0000002500)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f00000007c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x300001, 0x0, 0x1, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x20, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x4008, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
openat$dir(0xffffffffffffff9c, &(0x7f0000000400)='./file0/file1\x00', 0x0, 0x83)

8m31.60363091s ago: executing program 1 (id=24):
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r0, &(0x7f0000000240)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f00006dbffc), 0x4)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000e80)="632a1eb3f0c0d7e1f3e8d83e8279b7e98f2a563510c1fcfd07c0d1e58d723f809bb0322337f15e8d329d0926517a3148030a1d29dd671ac729d9cef6e520827a2201ccd77c7dc703e9116d512859f12dceb0dad478a2369aba7403b262e45c11c1290b59d473d3beb8d3a31bc7f5dcd1a708ed0be6f4770112b98b16c93db109594b2a4b04efb89f5ef215ff6d9d93fb8edbcf8d1c62b39759c68e1a184914791d5462c363b80e38ea6cd8556c46c6252445e967b63edceb1040badab4eef2ef162c734cb8052dabd2bfedbdfd0b22bdc6b9dc0fca9b566b32c4dc85d26161877f60652000000031ae091ccaa53c0faf409dee0d109e684a93bc32e715052d24d7349df7bdaa7aea658d7b0a53376ca1c71ad1a878ceacf5ce8a8c64ace50f4d18f1027b9efc61a4b4a61e4b323fad5c47e4341c1292d0d1c1e15582399572a3f2983e1a15eb78767b87da6d3da400d215326419919de0df00007736000000000000000000edd0c789d37a7dcf3f5b8c9aa5329c38e2ed4c0fe3a0eae2a169c0322b4e5b96dd251a4477da4961b81a965463617e444bfac080d03ac4fbf2d0c40e22aed01bea5ce1b4ca5e0b249366f1b777a13fcfad3d0a047371d2169230d0d0597e10f58c8e2b20cf205740044c15fab6d52121b0a6b2c122096848d4e29e968e20c1615b1e11c61d8e0c58fe667224e89b83ef29e04c0c6fdf73c50bf051d8651613e5bf65f9e91a91f5ce1080bcbad3aa36f82e9d367cb537444e25cdc8c21b60216d540ac605f39e02950b5af27d81a80cddc1a96754465fe43887165f7dc70939eefaf15dce85857c9329b2bbdcf10f5c85f110a42bcc3489b45f3ffd8a8fadf90cf9a6e35674a89b740ddc", 0x26f}, {&(0x7f0000000580)="1eac4d20f8509e8f36d2842c8fae7bbe58c5bf73985d5106bf5b5e7e5761716e35b468ea79633c916c4a8026f9408d0558de77df67c0e6fd0b1b3da5de5d003382ac95eade5dadad870ce3749452d2c1c3651ffff244be3078fdbfeb97d093bbbe0131e733d91c4ad38e7b52aa7afa9cb8e2351bd3f8a7a2a0425b071f6790992b8c2a51d964b0161c1856697820eb52f55c97fcdc19c2ef7c66ccc23c77a28a34b216c429444343ea056f171399dc03d56a1131ba74d31fc1012d3deff0e43309fc9e3b88bec90a7680aa74ccd581e02eb436a0009fa62097513d0c9533256d81978fae39288edcb833739d2988ccf5a564bc00edd1ab0853b873cbab3ef227f11325d72dbe2f435351610d09d0f74e180df6eaa94651336e7713414e49956fcb68a973e8239e343684255efba0d1b149b22c2d81f1ac5eaccaab01ab108178e97eb8a45d5d6cdeca0d6b9af9f88cfee58935be6902ac7c6915d60548367d164990b142d472b9b5700191b1f978fbe071de646385dcf5cb7adf1ec70baef4061d2da93d2f5eef8b1081374d58ab54532755c1b8bf303584296145e9aad2e3ccef93f30da9c109db5cfe346baba2fd3f157cb6e825e607365ff8c6187e216dc4072e582874ce63166405e21644015f99d5713165a377bfdc3143928e8469b4e312ce1f9dff83fe7c8d9fca791af2b46f1650e3937c9ab58978eb8b269ba2ef764d4505ed495fe156f0dcbb79d177e4f0b476", 0x212}], 0x2, 0x0, 0x0, 0x4090}, 0x0)
sendmsg$alg(r0, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x0)
read$alg(r0, &(0x7f0000003780)=""/4096, 0x1000)

8m30.728020092s ago: executing program 1 (id=26):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$fou(&(0x7f0000001dc0), r0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$SIOCX25SDTEFACILITIES(0xffffffffffffffff, 0x89eb, &(0x7f0000000000)={0x3d, 0x101, 0x100, 0x1, 0x4, 0x18, 0x36, "e75867a0aa45de1500", "39e8799918f836f17fc65c8b001f00"})
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x5, 0x1000086}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x43, &(0x7f0000000040)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$FOU_CMD_GET(r0, &(0x7f0000001ec0)={0x0, 0x0, &(0x7f0000001e80)={&(0x7f0000000080)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01012cbd7000fcdbdf250300000008000b00", @ANYRES32=0x0, @ANYBLOB="050002000a0000001400070000000000000000000000000000000008060001004e"], 0x50}, 0x1, 0x0, 0x0, 0x8000}, 0x48020)

8m29.845166019s ago: executing program 32 (id=26):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$fou(&(0x7f0000001dc0), r0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$SIOCX25SDTEFACILITIES(0xffffffffffffffff, 0x89eb, &(0x7f0000000000)={0x3d, 0x101, 0x100, 0x1, 0x4, 0x18, 0x36, "e75867a0aa45de1500", "39e8799918f836f17fc65c8b001f00"})
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x5, 0x1000086}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x43, &(0x7f0000000040)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$FOU_CMD_GET(r0, &(0x7f0000001ec0)={0x0, 0x0, &(0x7f0000001e80)={&(0x7f0000000080)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01012cbd7000fcdbdf250300000008000b00", @ANYRES32=0x0, @ANYBLOB="050002000a0000001400070000000000000000000000000000000008060001004e"], 0x50}, 0x1, 0x0, 0x0, 0x8000}, 0x48020)

8m26.479828556s ago: executing program 4 (id=37):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x1)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
io_uring_setup(0x7625, &(0x7f00000003c0)={0x0, 0x9678, 0x2, 0x0, 0xf7})
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
r1 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r1, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r1, 0x40946400, &(0x7f00000000c0)={'8255\x00', [0x4f27, 0x5, 0x2, 0x401, 0x1, 0xcc7, 0xfff, 0x5c952399, 0x5, 0x3ff, 0x802, 0x1600, 0x1, 0x1, 0x9, 0xe1cb, 0x6, 0x4, 0x3, 0x395, 0x80000089, 0xfffffffd, 0x0, 0xfffffff5, 0xffffeadb, 0x3, 0x3c, 0x8, 0x4, 0x8000000, 0xdffffffa]})

8m24.98437672s ago: executing program 4 (id=40):
socket$netlink(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000004c00)=""/102392, 0x18ff8)
r1 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x80800)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)=[<r2=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r1, 0xc05064a7, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2})

8m22.514773103s ago: executing program 4 (id=45):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x7}, 0x1c)
listen(r0, 0xfd)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r2 = syz_io_uring_setup(0xd2, &(0x7f00000000c0)={0x0, 0x1fffd, 0x0, 0x803, 0xcc}, &(0x7f0000000000)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0xd, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_MADVISE={0x19, 0x7b, 0x0, 0x0, 0x0, &(0x7f0000011000/0x4000)=nil, 0x4000, 0xc})
io_uring_enter(r2, 0x47bc, 0x0, 0x0, 0x0, 0x0)

8m21.784057105s ago: executing program 4 (id=49):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='./bus\x00', 0x0, &(0x7f00000002c0)={[{@errors_remount}, {@mblk_io_submit}, {@nodioread_nolock}, {@nolazytime}, {@nobarrier}, {@jqfmt_vfsv1}, {@noinit_itable}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x40}}]}, 0x1, 0xbaf, &(0x7f00000017c0)="$eJzs3M1rXFUbAPDn3ny2zftO+vIi1k0jIi2o07SSYotgKxU3LgTdCg3ppIRMP0giNWkWE/0HRF0LbgS1KF3YdTcKbt1o3VpcCEVioyCikTsfSWxmkrSd5Ibk94Mz95w5d+Z5nrlM7j0wNwHsWgPZQxpxICLOJhGF+vNpRHRXe70Rldp+C/OzI7/Pz44ksbj42i9JJBFxd352pPFeSX27rz7ojYhvX0zif++sjjs5PTM+XC6XJurjI1MXLh+ZnJ55ZuzC8PnS+dLFo8efGzo2dHzwxFDbav3jx1M3fnv85Z8qf37617Vf3/84iVPRV59bWUe7DMTA0meyUmdEDLc7WE466vWsrDPpXOdF6SYnBQBAS+mKa7hHohAdsXzxVoivvss1OQAAAKAtFjsiFgEAAIAdLrH+BwAAgB2u8TuAu/OzI42W7y8Sttad0xHRX6t/od5qM51RqW57oysi9t5NYuVtrUntZQ9tICJu/3Dii6zFJt2HvJbKXEQ82uz4J9X6+6t3ca+uP42IwTbEH7hnvN3qf7q7df2n2hA/7/oB2J1unq6dyFaf/9Kl659ocv7rbHLuehB5n/8a138Lq67/luvvaHH99+oGY1z95MMrreay+p+/8dLnjZbFz7YPVdR9uDMX8Vhns/qTpfqTFvWf3WCMwt9XSq3m8q5/8aOIQ9G8/oZk7f9PdGR0rFwarD02jTH3zdBnreLnXX92/Pe2qH+94395gzHeOHPmequ59etPf+5OXq/2uuvPvDU8NTVxNKI7eWX188fqN7S30Nin8R5Z/YefWPv736z+LESl/jlka4G5+jYbv31PzBeuXf1yrfqztV+ex//cAx7/dzcY48mv3zvcam7l+jdrWfzbSW0tDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANaUT0RZIWl/ppWixG7IuI/8fetHxpcuqp0UtvXjyXzUX0R1c6OlYuDUZEoTZOsvHRan95fOye8bMRsT8iPijsqY6LI5fK5/IuHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgCX7IqIvkrQYEWlELBTStFjMOysAAACg7frzTgAAAADYdNb/AAAAsPNZ/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALDJ9h+8eSuJiMrJPdWW6a7PdeWaGbDZ0rwTAHLTkXcCQG46804AyM19rvFdLsAOlKwz39typqftuQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwfR06cPNWEhGVk3uqLdNdn+tq+oqDW5gdsJnSvBMActOx1mTn1uUBbD1fcdi9mq/xgd0kWWe+d3mfyr9nejYtJwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC2n75qS9JiRKTVfpoWixH/iYj+6EpGx8qlwYj4b0R8X+jqycY9eScNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA201Oz4wPl8ulCR0dnXw7yfZIo9bJ+y8TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB5mJyeGR8ul0sTk3lnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAORtcnpmfLhcLk1soHP9fnZe0cm7RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8vNPAAAA///5ZQ4Q")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x8)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x1db)
writev(r1, &(0x7f0000000040)=[{&(0x7f0000000240)='\v', 0x1}], 0x1)
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r2, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1, 0x8005, 0x0, 0x0, 0x19, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f283e6d60200000000000000000000000100", [0x208]})
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r0, 0x0)
open(&(0x7f0000000180)='./bus\x00', 0x4827e, 0x0)

8m16.443980136s ago: executing program 4 (id=59):
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="100000002d000b02d25a806f8c6394f9101a04", 0x13}], 0x1}, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d80000001c0081044e81f782db44b9040a1d08030e000000e8fea4a1180015000600142603600e1208000f1000810401a80016000a0001", 0x37}], 0x1, 0x0, 0x0, 0x7400}, 0x10)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @mcast1}, 0x80, 0x0, 0x0, 0x0, 0x5c8}, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce620300fe"], 0xfe1b)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="563f00001800599c6d0eab070004000523"], 0xfe33)
write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc)
splice(r0, 0x0, r2, 0x0, 0x4ffe6, 0x0)

8m13.736008651s ago: executing program 4 (id=64):
r0 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
r1 = syz_create_resource$binfmt(&(0x7f0000001400)='./file0\x00')
r2 = openat$binfmt(0xffffffffffffff9c, r1, 0x42, 0x1ff)
write$binfmt_elf64(r2, &(0x7f0000000040)=ANY=[@ANYBLOB="7f454c4602010103fcffffffffffffff03003e005666d37500010000000000004000000000000000df012000040000000000000003003800010007000200010003000000000000000300000000010100ff"], 0x509)
close(r2)
r3 = openat$binfmt(0xffffffffffffff9c, r0, 0x42, 0x1ff)
write$binfmt_elf64(r2, &(0x7f0000001440)={{0x7f, 0x45, 0x4c, 0x46, 0x7, 0xe5, 0x2, 0x6, 0x3, 0x3, 0x6, 0x47, 0x1f8, 0x40, 0x84, 0x4, 0x3, 0x38, 0x1, 0x0, 0x3, 0x6}, [{0x6474e551, 0x4, 0x2, 0x2, 0x10001, 0xfffffffffffffffb, 0x1, 0x2}]}, 0x78)
close(r3)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x401, 0x0)
execveat$binfmt(0xffffffffffffff9c, r0, 0x0, 0x0, 0x0)

8m11.821329445s ago: executing program 33 (id=64):
r0 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
r1 = syz_create_resource$binfmt(&(0x7f0000001400)='./file0\x00')
r2 = openat$binfmt(0xffffffffffffff9c, r1, 0x42, 0x1ff)
write$binfmt_elf64(r2, &(0x7f0000000040)=ANY=[@ANYBLOB="7f454c4602010103fcffffffffffffff03003e005666d37500010000000000004000000000000000df012000040000000000000003003800010007000200010003000000000000000300000000010100ff"], 0x509)
close(r2)
r3 = openat$binfmt(0xffffffffffffff9c, r0, 0x42, 0x1ff)
write$binfmt_elf64(r2, &(0x7f0000001440)={{0x7f, 0x45, 0x4c, 0x46, 0x7, 0xe5, 0x2, 0x6, 0x3, 0x3, 0x6, 0x47, 0x1f8, 0x40, 0x84, 0x4, 0x3, 0x38, 0x1, 0x0, 0x3, 0x6}, [{0x6474e551, 0x4, 0x2, 0x2, 0x10001, 0xfffffffffffffffb, 0x1, 0x2}]}, 0x78)
close(r3)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x401, 0x0)
execveat$binfmt(0xffffffffffffff9c, r0, 0x0, 0x0, 0x0)

5m38.608018046s ago: executing program 3 (id=389):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x15, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40000000000000079104800000000006104000000"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_reuseport=0x28}, 0x94)
ioctl$UFFDIO_WRITEPROTECT(0xffffffffffffffff, 0xc018aa06, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
move_pages(0x0, 0x1efe, &(0x7f0000000080), 0x0, &(0x7f0000000040), 0x0)

5m37.318723027s ago: executing program 3 (id=391):
gettid()
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x80000000000001, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, 0x0)
r1 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r1, &(0x7f0000000040)='asymmetric\x00', &(0x7f00000017c0))

5m36.498346757s ago: executing program 3 (id=393):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000680)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = syz_open_dev$dri(&(0x7f0000000080), 0x0, 0x0)
userfaultfd(0x80001)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_SET_VERSION(r1, 0xc0106407, &(0x7f00000000c0)={0x1, 0x2, 0x3, 0x7})
ioctl$DRM_IOCTL_GET_UNIQUE(r1, 0xc0106401, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)

5m34.59050692s ago: executing program 3 (id=396):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3804402, &(0x7f0000000240)={[{@user_xattr}, {@abort}, {@resuid}, {@user_xattr}, {@discard}, {@nouid32}, {@nolazytime}, {@noinit_itable}, {@nomblk_io_submit}, {@nodelalloc}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x40000}}]}, 0x1, 0x55f, &(0x7f0000000c80)="$eJzs3d9rW+UbAPDnpO1+77sOxvgqIoVdOJlL19YfE7yYl6LDgd7PkmRlNFlGk461Dtwu3I03MgQRB+K1eu/l8B/wrxjoYMgoingTOelJl7VJm3XZmpnPB077vuec9D1Pznnevm9OQgIYWhPpj1zECxHxZRJxqG3baGQbJ1b3W3lwrZAuSTQaH/2RRJKta+2fZL/3Z5X/R8Qvn0ecyG1st7a0PD9bLpcWsvpkvXJ5sra0fPJiZXauNFe6ND0zc/qNmem333qzb7G+eu6vbz68897pL46tfP3TvcO3kjgTB7Jt7XE8gevtlYmYyJ6TsTizbsepPjQ2SJKdPgC2ZSTL87FI+4BDMZJlPfDf91lENIAhlch/GFKtcUBrbt+nefBz4/67qxOgjfGPrr42Enuac6N9K8kjM6N0vjveh/bTNn7+/fatdIn+vQ4BsKXrNyLi1Ojoxv4vyfq/7TvVwz7r29D/wbNzJx3/vNZp/JNbG/9Eh/HP/g65ux1b53/uXh+a6Sod/73Tcfy7dtNqfCSrHWyO+caSCxfLpbRv+19EHI+x3Wl9s/s5p1fuNrptax//pUvafmssmB3HvdHdjz6mOFuffZKY292/EfFix/Fvsnb+kw7nP30+zvXYxtHS7Ze7bds6/qer8X3EKx3P/8M7Wsnm9ycnm9fDZOuq2OjPm0d/7db+Tsefnv99q/H/nU0J18c/nrTfr609fhvf7fmn1G3bdq//XcnHzfKubN3V2Xp9YSpiV/LBxvXTDx/bqrf2T+M/fmzz/q/T9b83Ij7pMf6bR358afvxP11p/MXNr/915//xC3ff//Tbbu33dv5fb5aOZ2t66f96PcAnee4AAAAAAABg0OQi4kAkufxaOZfL51ff33Ek9uXK1Vr9xIXq4qViND8rOx5judad7kNt74eYyt4P26pPr6vPRMThiPhqZG+zni9Uy8WdDh4AAAAAAAAAAAAAAAAAAAAGxP4un/9P/Tay00cHPHW+8huG15b5349vegIGkv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX507ezZdGisPrhXSevHK0uJ89crJYqk2n68sFvKF6sLl/Fy1Olcu5QvVylZ/r1ytXp6ajsWrk/VSrT5ZW1o+X6kuXqqfv1j54WBEaeyZRAUAAAAAAAAAAAAAAAAAAADPl9rS8vxsuVxaUGgWdsdAHMZzVBgdjMNQ6HNhp3smAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHjo3wAAAP//waw5Ug==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x8)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x104)
fallocate(r1, 0x0, 0x3, 0x800000)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x1db)
writev(r2, &(0x7f0000000040)=[{&(0x7f0000000240)="0bcb93b7b7c4", 0xf6d}], 0x1)
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r3, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1, 0x8005, 0x0, 0x0, 0x19, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f283e6d60200000000000000000000000100", [0x208]})
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)

5m33.476211764s ago: executing program 3 (id=397):
syz_mount_image$exfat(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f0000000600)={[{@utf8}, {@gid}, {@iocharset={'iocharset', 0x3d, 'macgaelic'}}, {@discard}, {@discard}, {}, {@errors_remount}, {@errors_remount}, {@iocharset={'iocharset', 0x3d, 'iso8859-7'}}, {@errors_continue}]}, 0x1, 0x1528, &(0x7f0000001f80)="$eJzs3AuYT9X6OPD3XWvtMSS+TXIZ1lrv5ptclkmSXJLkkiRJkuSWkDTJkYTEEJI0JCG5DEkMIblMTBr3+/2SkCRNkoTklqz/M+FxOnX+p/M7/XKe37yf59mP9X73ftd+9/f9XvbeZubbrkNrNaldvRERwX8EL/yTBACxADAQAPICQAAA5ePKx2Wtzykx6T/bCftzPZh6pStgVxL3P3vj/mdv3P/sjfufvXH/szfuf/bG/c/euP+MZWebphW6hpfsu/D9/+yMv///D8ksM/bLNWWu6wYQ80dTuP/ZG/f//6zgj2zE/c/euP/ZVeyVLoD9F+D3f3aQ45+u4f5nb9x/xrKzK33/+UovEPkvew6O5LzQmL/q+BljjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMsb/AaX+ZAoBL4ytdF2OMMcYYY4wxxv48PseVroAxxhhjjDHGGGP/+xAESFAQQAzkgFjICblAAMDVkAfyQgSugTi4FvLBdZAfCkBBKATxUBiKgAYDFghCKArFIArXQ3G4AUpASSgFpcFBGUiAG6Es3ATl4GYoD7dABbgVKkIlqAxV4DaoCrdDNbgDqsOdUANqQi2oDXdBHbgb6sI9UA/uhfpwHzSA+6EhPACN4EFoDA9BE3gYmsIj0AyaQwtoCa3+R/nPQ094AXpBb0iCPtAXXoR+0B8GwEswEF6GQfAKDIZXIRmGwFB4DYbB6zAc3oARMBJGwZswGt6CMTAWxsF4SIEJMBHehknwDkyGd2EKTIVUmAbT4T2YATNhFrwPs+EDmANzYR7MhzT4EBbAQkiHj2ARfAwZsBiWwFJYBsthBayEVbAa1sBaWAfrYQNshE2wGbbAVtgG22EHfAI74VPYBbthD3wGe+HzfzP/1D/kd0NAQIECFSqMwRiMxVjMhbkwN+bGPJgHIxjBOIzDfJgP82N+LIgFMR7jsQgWQYMGCQmLYlGMYhSLY3EsgSWwFJZChw4TMAHL4k1YDstheSyPFbACVsRKWAmrYBWsilWxGlbD6lgda2ANrIW18C68C/tgXayL9bAe1sf6l25PYSNshI2xMTbBJtgUm2IzbIYtsAW2wlbYGltjG2yD7bAdtsf22AE7YCImYkfsiJ2wE3bGztgFu2BX7IrdsDt2z3w+B+AL+AL2xhqiD/bFvtgPk3MMwJfwJXwZB+Er+Aq+isk4BIfia/gavo7D8SSOwJE4CkdhVfEWjsGxSGI8pmAKTsSJOAknYVah7+JUTMVpOB2n4wyciTPxfZyNH+AHOBfn4nxMwzRcgAsxHdNxEZ7CDFyMS3ApLsPluAxX4ipciWtwLa7B9bgeN+JG3IybcStuxe24HT9BBYCf4m7cjcm4F/fiPtyH+3E/HsADmImZeBAP4iE8hIfxMB7BI3gUj+FxPIYn8ASexFN4Gk/jWTyL5/DZ+K8bf1JydTKILEooESNiRKyIFblELpFb5BZ5RB4RERERJ+JEPpFP5Bf5RUFRUMSLeFFEFBFGGEEijAEAERVRUVwUFyVECVFKlBJOOJEgEkRZUVaUE+VEeXGLqCBuFRVFJdHWVRFVRFXRzlUTd4jqorqoIWqKWqK2qC3qiDqirqgr6ol6or6oLxqI+0VD0QcH4IMiqzNNxBBsKoZiM9FcyIufYK3FcGwj2op24nExEkdgB9HaJYqnREcxBjuJv4mx+IzoIsZjV/Gc6Ca6ix7iedFTtHG9RG8xGfuIvmIq9hP9xQDxkpiBNcX7ODtnLfGqSBZDxFDxmpiPr4vh4g0xQowUo8SbYrR4S4wRY8U4MV6kiAlionhbTBLviMniXTFFTBWpYpqYLt4TM8RMMUu8L2aLD8QcMVfME/NFmvhQLBALRbr4SCwSH4sMsVgsEUvFMrFcrBArxSqxWqwRa8U6sV5sEBvFJrFZbBFbxTaxXewQn4id4lOxS+wWe8RnYq/4XOwTX4j94ktxQHwlMsXX4qD4RhwS34rD4jtxRHwvjopj4rj4QZwQP4qT4pQ4Lc6Is+IncU78LM4LL0CiFFJKJQMZI3PIWJlT5pJXydwyuPjsXiPj5LUyn7xO5pcFZEFZSMbLwrKI1NJIK0mGsqgsJqPyellc3iBLyJKylCwtnSwjE+SNsqy8SZaTN8vy8hZZQd4qK8pKsrKsIm+TVeXtEiIX9lFD1pS1ZG15l0yCu2VdeY+sJ++V9eV9soG8XzaUD8hG8kHZWD4km8iHZVP5iGwmm8sWsqVsJR+VreVjso1sK9vJx2V7+YTsIJ+UifIp2VH6iy+RZ2QX+azsKp+T3WR32UP+LM9LL3vJ3hL6gOwrX5T9ZH85IBYA5MtykHxFDpavymQ5RA6Vr8lh8nU5XL4hR8iRcpR8U46Wb8kxcqwcJ8fLFDlBTpRvy0nyHTlZviunyKkyVU6TA+TAX2aaJeW/zH/7d/IH/7L3jXKT3Cy3yK1ym9wud8hP5E65U+6Su+QeuUfulXvlPrlP7pf75QF5QGbKTHlQHpSH5CF5WB6WR+QReVQek2fkD/KE/FGelKfkKXlGnpVn5bmLzwEoVEJJpVSgYlQOFatyqlzqKpVbXa3yqLwqoq5RcepalU9dp/KrAqqgKqTiVWFVRGlllFWkQlVUFVNRdT1efMGoUqq0cqqMSlA3/jv5qri6QZVQJX+Vf6m+pH9SXyvVSrVWrVUb1Ua1U+1Ue9VedVAdVKJKVB1VR9VJdVKdVWfVRXVRXVVX1U11Uz1UD9VT9VS9VC+VpJJUX/Wi6qf6qwHqJTVQvawGqUFqsBqsklWyGqqGqmFqmBquhqsRaoQapUap0Wq0GqPGqHFqnEpRKWqimqgmqUlqspqspqgpKlWlqulqupqhZqhZapaarWarOWqOmqfmqTSVphaoBSpdpatFapHKUIvVYrVULVXL1XK1Uq1Uq9VqtVatVevVepWhNqlNaovaorapbWqH2qF2qp1ql9ql9qg9aq/aq/apfWq/2q8OqAMqU2Wqg+qgOqQOqcPqsDqijqij6qg6ro6rE+qEOqlOqtPqtDqrzqpz6pw6r85nnfYFIhCBClQQE8QEsUFskCvIFeQOcgd5gjxBJIgEcUFckC+4LsgfFAgKBoWC+KBwUCTQgQlsIC42PRpcHxQPbghKBCWDUkHpwAVlgoTgxqBscFNQLrg5KB/cElQIbg0qBpWCykGV4LaganB7UC24I6ge3BnUCGoGtYLawV1BneDuoG5wT1AvuDeoH9wXNAjuDxoGDwSNggeDxsFDQZPg4aBp8EjQLGgetAhaBq3+1Pm9P1ngMddL99ZJuo/uq1/U/XR/PUC/pAfql/Ug/YoerF/VyXqIHqpf08P063q4fkOP0CP1KP2mHq3f0mP0WD1Oj9cpeoKeqN/Wk/Q7erJ+V0/RU3Wqnqan6/f0DD1Tz9Lv69n6Az1Hz9Xz9Hydpj/UC/RCna4/0ov0xzpDL9ZL9FK9TC/XK/RKvUqv1mv0Wr1Or9cb9Ea9SW/WW/RWvU1v1zv0J3qn/lTv0rv1Hv2Z3qs/1/v0F3q//lIf0F/pTP21Pqi/0Yf0t/qw/k4f0d/ro/qYPq5/0Cf0j/qkPqVP6zP6rP5Jn9M/6/PaZ53cZ329G2WUiTExJtbEmlwml8ltcps8Jo+JmIiJM3Emn8ln8pv8pqApaOJNvCliipgsZMgUNUVN1ERNcVPclDAlTClTyjjjTIJJMGVNWVPOlDPlTXlTwVQwFU1FU9lUNreZ28zt5nZzh7nD3GnuNDVNTVPb1DZ1TB1T19Q19Uw9U9/UNw1MA9PQNDSNTCPT2DQ2TUwT09Q0Nc1MM9PCtDCtTCvT2rQ2bUwb0860M+1Ne9PBdDCJJtF0NB1NJ9PJdDadTRfTxXQ1XU030830MD1MT9PT9DK9TJJJMn1NX9PP9DMDzAAz0Aw0g8wgM9gMNskm2Qw1Q80wM8wMN8PNCDPSjMo6UTVvmTFmrBlnxpsUk2ImmolmkplkJpvJZoqZYlJNqpluppsZZoaZZWaZ2Wa2mWPmmHlmnkkzaWaBWWDSTbpZZBaZDJNhlpglZplZZlaYFWaVWWXWmDVmHawzG8wGs8lsMlvMFrPNbDM7zA6z0+w0u8wus8fsMXvNXrPP7DP7zX5zwBwwmSbTHDQHzSFzyBw2h80Rc8QcNUfNcXPcnDAnzElz0pw2p81ZU+Di96U3sTanzWWvsrnt1TaPzWv/MS5oC9l4W9gWsdrmtwV+FRtrbQlb0paypa2zZWyCvfE3cUVbyVa2Vexttqq93Vb7TVzH3m3r2ntsPXuvrW3v+lVc395nG9iHbUNEANvcNrYtbRP7sG1qH7HNbHPbwra07e0TtoN90ibap2xH+/Rv4gV2oV1lV9s1dq3dZXfb0/aMPWS/tWftT7aX7W0H2pftIPuKHWxftcl2yG/iUfZNO9q+ZcfYsXacHf+beIqdalPtNDvdvmdn2Jm/idPsh3a2Tbdz7Fw7z87/Jc6qKd1+ZBfZj22GDWCJXWqX2eV2hV15qVaf1663G+xGu9N+arfYrXab3W53XDoRtrvtHvuZ3Ws/twftN3a//dIesIdtpv36lzjr+A7b7+wR+709ao/Z4/YHe8L+qC5lZx37D/Zne956C4QEJElRQDGUg2IpJ+Wiqyg3XU15KC9F6BqKo2spH11H+akAFaRCFE+FqQhpMmSJKKSiVIyidD1dKq8UlSZHZSiBbqSydBOVo5upPN1CFehWqkiVqDJVoduoKt1O1egOqk53Ug2qSbWoNt1Fdehuqkv3UD26l+rTfdSA7qeG9AA1ogepMT1ETehhakqPUDNqTi2oJbWiR6k1PUZtqC21o8epPT1BHehJSqSnqCM9TZ3ob9SZnqEu9Cx1peeoG3WnHvQ89aQXqBf1piTqQ33pRepH/WkAvUQD6WUaRK/QYHqVkmkIDaXXaBi9TsPpDRpBI2kUvUmj6S0aQ2NpHI2nFJpAE+ltmkTv0GR6l6bQVEqlaTSd3qMZNJNm0fs0mz6gOTSX5tF8SqMPaQEtpHT6iBbRx5RBi2kJLaVltJxW0EpaRatpDa2ldbSeNtBG2kSbaQttpW20nXbQJ7STPqVdtJv20Ge0lz6nffQF7acv6QB9RZn0NR2kb+gQfUuH6Tvfm76no3SMjtMPdIJ+pJN0ik7TGTpLP9E5+pnOkycIMRShDFUYhDFhjjA2zBnmCq8Kc4dXh3nCvGEkvCaMC68N84XXhfnDAmHBsFAYHxYOi4Q6NKENKQzDomGxMBpeHxYPbwhLhCXDUmHp0IVlwoTwxrBseFNYLrw5LB/eElYIbw0rhpXCh++tEt4WVg1vD6uFd4TVwzvDGmHNsFZYO7wrrBPeHdYN7wnrhfeG5cL7wgbh/WHD8IGwUfhg2Dh8KGwSPhw2DR8Jm4XNwxZhy7BV+GjYOnwsbBO2DduFj4ftwyfCDuGTYWL4VNgxfPqX9fct/Ofrk8I+Yd/wxfDF0Pt75Lzo/Gha9MPogujCaHr0o+ii6MfRjOji6JLo0uiy6PLoiujK6Kro6uia6Nrouuj66Iboxqj3tXOAQyecdMoFLsblcLEup8vlrnK53dUuj8vrIu4aF+eudfncdS6/K+AKukIu3hV2RZx2xllHLnRFXTEXdde74u4GV8KVdKVcaedcGZfgWrpWrpVr7R5zbVxb18497h53T7gn3JPuSfeU6+iedp3c31xn94zr4p51z7rnXDfX3fVwz7uebkKeC+/JJNfX9XX9XD83wA1wA91AN8gNcoPdYJfskt1QN9QNc8PccDfcjXAj3Cg3yo12o90YN8aNc+NciktxE91EN8lNcpPdZDfFTXGpLtVNd9PdDDfDVZ15YS9z3Bw3z81zaS7NLXBZ54zpbpFb5DJchlvilrhlbplb4Va4VW6VW+PWuHVundvgNrhNbpPb4ra4bW6b2+F2uJ1up9vl816Y1O11+9w+t9/tdwfcVy7Tfe0Oum/cIfetO+y+c0fc9+6oO+aOux/cCfejO+lOudPujDvrfnLn3M/uvPMuJTIhMjHydmRS5J3I5Mi7kSmRqZHUyLTI9Mh7kRmRmZFZkfcjsyMfROZE5kbmReZH0iIfRhZEFkbSIx9FFkU+jmREFkeWRJZGlkWWR7wvvCX0RX0xH/XX++L+Bl/Cl/SlfGnvfBmf4G/0Zf1Nvpy/2Zf3t/gK/lZf0Vfylf0jvplv7lv4lr6Vf9S39o/5Nr6tb+cf9+39E76Df9In+qd8R/+07+T/5jv7Z3wX/6zv6p/z3Xx338M/73v6F3wv39sn+T6+r3/R9/P9/QD/kh/oX/aD/Ct+sH/VJ/shfqh/zQ/zr/vh/g0/wo/0o2Le9KMvXSLDeJ/iJ/iJ/m0/yb/jJ/t3/RQ/1af6aX66f8/P8DP9LP++n+0/8HP8XD/Pz/dp/kO/wC/06f4jv8h/7DP84ks3lf0Kv9Kv8qv9Gr/Wr/Pr/Qa/0W/ym/0Wv9Vv89v9Dv+J3+k/9bv8br/Hf+b3+s/9Pv+F3++/9Af8Vz7Tf+0P+m/8If+tP+y/80f89/6oP+aP+x/8Cf+jP+lP+dP+jD/rf/Ln/M/+PP/OGmOMMcbYHzLh8lD8es2F2/l9fidH/N3GfQHg6q2FMv9+fdYZ5br8F8b9RXz7CAA81bvrg5eWGjWSkpIubpshISg2F+DS/wRliYHL8WJoB09AIrSFsr9bf3/R/Sz9i/mjtwDk+rucWLgcX57/CwBM+p35H3181IIK4em4/8/8cwFKFLuckxMux4uh3S/3V9pCuX9Sf4HW/6L+nF+mALT5u5zccDm+XH8CPAZPQ+KvtmSMMcYYY4wxxi7oLyp3vnT9eeknPn/v+jxeXc7JAZfjf3V9zhhjjDHGGGOMsSvvme49nnw0MbFt539/UO1/lPWHB03hf2tmHvzuwHuAS48oAPgPJwTIGsi/8ig2/yX7Sr741vnHVcvO+AD+O1r5Zwyu8AcTY4wxxhhj7E93+aT/14+rK1UQY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDGWDf0Vf07sSh8jY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxdqX9vwAAAP//kfb+pw==")
creat(&(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x10)
open(&(0x7f0000000080)='./bus\x00', 0x62142, 0x0)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='freezer.self_freezing\x00', 0x275a, 0x0)
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xec)
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000005c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.throttle.io_service_bytes\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000001840)='pids.current\x00', 0x26e1, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

5m32.314769316s ago: executing program 3 (id=402):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000300)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x50)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x7, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r4}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0xb}}, [@snprintf={{0x5, 0x0, 0xb, 0x9, 0x0, 0x0, 0x2}, {0x3, 0x0, 0x3, 0xa, 0x9, 0xfe04}, {0x5, 0x0, 0xb, 0x9}, {0x3, 0x0, 0x6, 0xa, 0x9, 0xfe04, 0xe1}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {}, {0x18, 0x2, 0x2, 0x0, r3}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

5m30.564288578s ago: executing program 34 (id=402):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000300)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x50)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x7, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r4}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0xb}}, [@snprintf={{0x5, 0x0, 0xb, 0x9, 0x0, 0x0, 0x2}, {0x3, 0x0, 0x3, 0xa, 0x9, 0xfe04}, {0x5, 0x0, 0xb, 0x9}, {0x3, 0x0, 0x6, 0xa, 0x9, 0xfe04, 0xe1}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {}, {0x18, 0x2, 0x2, 0x0, r3}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

4m59.215404941s ago: executing program 0 (id=464):
sendmsg$802154_dgram(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000000)={0x24, @none={0x0, 0x1}}, 0x14, &(0x7f00000000c0)={&(0x7f0000019540)="9f12eb6c48aeaa032023a56e33eea3d5", 0x10}}, 0x0)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_io_uring_setup(0x10e, &(0x7f0000000140)={0x0, 0x334e, 0x10, 0x3, 0x801}, &(0x7f00000003c0)=<r1=>0x0, &(0x7f0000000300)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000040)='./file0/file0\x00', 0x60, 0x185100})
creat(&(0x7f0000000000)='./file0\x00', 0x0)
io_uring_enter(r0, 0x7277, 0x0, 0x28, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
write$FUSE_NOTIFY_DELETE(0xffffffffffffffff, &(0x7f0000000f80)={0x29, 0x6, 0x0, {0x4, 0x1}}, 0x29)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="03c90000cf47d16331aef6ee13ff7f266e13da7be839b35e9ae1a333f2d8fd8e1983903166f4d8f3d5e043b8eb3a4dd0a04b39df97c82009b793cd734558a268aac6cea0ca6aa40899810bc164d8ad6b2ce23bf4b88d9b72991218c6c68e9a992582d217f639c8ad76405b511163edb9ca95e8123830003ab82fc86a517ac2aff77866914ebb9aca4a6e530d80f19ee31eeb1e5b8139b72264f8fceb54ee9980e771c5f11155b69e12e65e6a3699d1b80648dd949081f1a612b7b5950f41554c9b832f7cf9efa4987bd88887917199318d28808204e7638ca5932c066d2a662e600ac0a8f27b86c066f2bceabd1b3af66c12fefa311c5afe0821a14432925187a05476e0a972e85f26a24832c357d70d354ade966e6963234e4956658ac9ece3780485fcb3decb69a029ffbeda1c7b27bb020f4137624286d8a2d22221028b3efd3433e7fd3ba291446947a274a748f45bb347fa49e295cfa305f5dd46b662afde61cfee33ea823d23f46a662146886c6e3c30e660d765f46dcc14914b3e342e44436410fedeb6594f37ac94cd336dea463e0541daadbe70b5b925741db16240afc85f391539569ac14e5dccb9ca5790c33f8a6cdd7abc1cb762972634968ecb9f1dff8b6b6cd6f5f56db31c24ac5b2b1bed2efea1f4e67f686a8abfa41f297a165b9fcb4800230ed07af34727fe6c2cc6daf796cc38e8f03ee4fb786a92fabfbded442086d657dec598edb21ba428d4bb28ac974c38218bcf08ad3b4f6698ae05855769dbe5693eac83a223b76a5f452195795d3d485e5c0a18caf2315c3a21acb4bb661082b1c4fccfff8f0c52c353dedd3b9e575b800cfec557e43527228abf820e16411b45c77e99f308dcc5dcd1c3b8ddb828e6481c1fc6275c3e1ed4a1f0fe6d97db39cb3ad5b08400cc990ed5797e23fcd81ee76eed1caaf2ec709c18b014dfcfac7eb658f1c07a894dca1d8e23ebbc18c7b0acefacd915235a54637d13965681a6a527325d13b4a88a21505860873038bc6ca68e25bed80496e65b53a4817e7dba3cbe31eebb770ab04202486634b7210500238707cd664735c07e539e8ccb09ec82d7fad69c4f31113b4a01089a81d4a1787d69957a2dfcf371f0c357eba5a587f0d09d64588f3fade99726d786085b513e720fd1d889104e1d98bf4fe23d6bd8c408c44fc702880e6c53a733aaafec836a80b9e69d1432225dda63a755bde5103fbba7af46f81b3b0c3457d49e187c7fa53e9410d4ff7dd1c9a954d549b49197f350e8451e850279ba4690a4ff3fa4f91ebfa4dda7d2a60257d70c09ad6520387baf2cd734bf1f993565f7ccf80f29b1414e595de79ec03faf7afbeff3daf0034aeecfe41640366ae3c1d1b9437cb7580b9a94fe71a5ffe7be4f959cc5972e1672c5f5c5d252a63804d1a292aac2582b78ac73ea143095bc1283b210c66ecc5b5b9be4d6649920118d51429328f8a983a89f8f5d6ec383c89f07e91e0726ed40776d72d7499652a84f9d0bb086e9479a6d703907ee17345ed763ae817751515c744d428ac51fb10eba495f9a477809a4c1b447a94a3f6d1a092b109478ca36c3da494552d34f30d74a32958c53ec091e32ca8aaf5c814881d4bb3add2b07f362e9e4ea17b3f8b6e7310fcbea4ea6f2d9f5505b011011b75eb4dbf2455f665027abe2bb73dd37dff9c6aab6e9454bbd7bb887aef12f19f446bcbf257ada0e5144f708ccf350f07b861b813eb4cdab02d74b660d960c737f553f84b2d027da58f02345704583717199f693c913bfc2704cfde1b31270c43f17d51c82b672796fd6e1d09e34659d7e5fd9a1a69dcdde367c074b47beeb88f374740a64d9e9a99f4fabdbfca311174da518f868704e3fe259e6069330b04d2d3804a3428d2e04a483599f5ff47ff8c877601fcae33999575180fb540ff00c55728d0ee8eb6550658c7cbc8be4f87b50a9650a33aa164c6bae4044dfc080cf43a1c80e8a8132f973faefcf2ee23f9c2f3119fa93c0e5875832d4f8b6c2a1c347d480f15ead27ba7fb6e2ba9f2204982023b15b0f9df44ce9bba765c9598810593dd32a520ba72a5bfc375f36f4ea4a55017b1494c392568ef6828c18a1f2cec1442f705687695e42f62734ac2c1b0fed399ccf29b20fccd476afc72217182a73c970029c7679dffaebfc2ab9e8d18f5e757ccde87ac69b2bb0243b2e86d225dd2edad4919977bde1806bd6305eff22f2d63646c3a856a002aaea40d96e4811fe0cf5ad942e087c55551fdccc65835686320aa635ec50872f1c30cd8a732515b4dbfa132f905205f4b2ec64d1b9a9101ee2c3d0a110e40fd40d2c0b19f9a77b43f0b14e283ad1038de31cb21c2857d278933fd4bf106a7a93e16b28d71dfa73fa0695c77c0b1236e4cc7f17837be252d1011edf8ba626315e416b2963e96172b3294ec1f087672b0fc404edb79ca9b8e7a46f69b7a6f8b0488ec6c10f937632cc29bdb6f2c0ca86b978db6ca3cb9aa9b5f253fb5ba52e5b3738468236bd3ed26da1158e14881860f37f586b3b004ff7233a7427ece1c1365bb273aa1ce801c6d61b35a247c38917df23b9f12f7e764dabf9af18885e447a952de7796c3dd27e77325be816eb82ae9026ef5a855ddfb9aaf4a0bfc153f079c95337d2ee3c2ac36e5b4e8c5da765bf5d11edcf01ef11a3748d7ca0b1fd6f8882fbfd3423bd429c8592ec28a98bba845e7fe829ae2b11f5215ce819bf777ab45d73e9afe3cc76840b7d368161ee140efdec81ca1d5716c2ea5b255fabb5a4698864c8d427738837c45f1006cbf1f68bbedbfdf70e5b65b21b1934826c06d4d3da4f08e3ad376cec5aafb2f9eae9a06cab375ef5a44f30a563e5245077d84823b88d71912f458fe17d36e4b2a88260ad121af2e5a43a555ef61ffd242c09d5011b9be422c4c310a834f664c732930c1d329212aa9f063356c85130c965d919180e62afd193224d3792db6a069ff2bc8770bd6294a6884cbfb71301859a26b7572440ee12719e8753831bf73d353a33ea64c57df0bac0cc8938ea28370724439170824d1b55d415eed14f620d3a28bb5009edd12e9322df3573bbd9b0d0ff2cbd2e48c0c297f63c100116097c48c8f4cf0a7c4fb5156723fcb615236b6db175442b2db90c3e426cca9de56f55effdbb981c75c99a8dd084a619882fb216b000cb99eae616f0b5d7a8a2cc675cbd3e0a61b6f602250b040ae57f998471095563334e165f35139ec22aabf8ada15b890e2cf038a4f40d129760e39b166f58cfb4bfee7d4455ce06ad098745e0edac9434e4c61f889cbe6d7cf74da35f1b6d2b4455abf954223d1638ff808508228a3060d390e9ce539d2dcb032ae5d6c5abcd4df4bfb63f9851e45bb961cca2150eb386abd67dab2a12c096aa8df742e41ff7718f9dd77099d9bc87a2a46d8d6ffb903b23b429747c9acb21c0e88067eb6c7fa2507ef0673e6b65a15767cfa4ef9b52adbce41ea3461f77b0e705a2d5cbcf3841bd22414f3ef2402a915705a18113d370d35619fdbbfb4fe6e1581a8520525e863d931aaaed58d06d093905b0d83dd1345f4b8213954102abf8048be627d437f267d4a0a6e6f181891562b61be55f1e646120cfe17d8d2961ad86d1575856fff39791b90ccc6895495cc0f3a1e2604f5b729aec7452b133b9c822bbc74df480670f34cf0335d42b5ad6a7009c49050d97ef8c09eff8716dbb9ce5a5d67ffad2541860017bfe982c0e48390f987f470c7b600fb29be4d3a74251d85ef1cf1fe3b5a146bb9f6fee2369cba1f2be75782b14a422b0820fa00c1250f4d437f24914a94a8564fa079fe803b39c528707dd2906120d53020000b725596b68553f1653aad2fdd23114e4a7ca3402fcdf0b060323a683a03109ffbec9627c803da8a55665e156a335528f113eb730bb28c0480daf8f2b65483d0f3805e1c512b680d8698e63a80b45aa8c7e12ad0f0e072eefc806fde42455bc4d157e402a86218896d5638f8fdadb1fbffaf4fe92f526475612980f0c5a539a9cec3c63e4efa5b893611af45c8003650888dc5b958a18848cffe11e0636f40e3ade10da702b71a69e6941e506ec3f0297349867949246310909ff445005f68910308df1e44f7ef04efbcb6ade53086aeb80b0ca96b94c9e6353c77bc1ce575edd6a1ab76e000d2ca0bc80c09d76d2bf25d90c93d5fcf6c123a9e83a3354b798356aeb2e99721732d52b1ec6c84d79d6f1237186260e7e63f29cfe8050a8fd44d57b52582b45e1fe027792c07ef33a0ac686606dd009ef3839e179190aca20d01db1d2263898a6953feb5d2e8093a4b4a2b18f6cb06a0251d3862672814b5165213c65174fe5dad7673186293e336348fc77a6d545cc07355c07a8b9a98c95d76fa5dc4c19181578a6dc4f2b29b647ab6a09f6756994c8e389c7c165766f154468b380e1e67cb2edbc7f67b6bfad1de690c3f472908b11d1c502ca61b5e869cd2cf8e11e39eceb9d31fca090fd5dd15e1f5a8c4de58531df3fa96d655653a5b99ea449d3865e07401ecb63fb4ac4042c893841c2b70b4a133937ac0dca8d6f442de175f138ab7cf19477c2483caf524fc443b3243d31f15f3f518b2d7964314d7d34754ae417dd9d46a83e443cef18eb673f46f34aeaba592a171bb4710002da17d9d6554208fc384de22bff7e05d2bfb821656e78bfa084be46fe6b0f04a06c6bc80afbd406a918a57d582345b260360cec7168142ef0e0da8ad70ac9703d6206c6da23558374ad8bc1e8fe5cdede25e8ad5d0d0741d85e86566b7b9172f457e36feabb881f14a04d182b6971bb1aa1c37a608ff0eeaba1b6c37c4bdb15696afb0e031ef8b214a7a72892593c910829c820f773135f3441afc90cadeb50f76d4a5bbd713c8b3dc441599dcae659b9ad417affde5d9ee3933f00ea69323fd33e0b9a12b1ee29b2e97c7b1db3fa0a900678c6490a847fdd85fa93bb134e3239638052359774bc22405a0abb698081ce1dce2dfe0c0430b641f00d230013944df65581f6b5f458165b16aad8b92b44bf28b3236cac5239c91fe2351c5f53359d072aa34ffee18ff275afdc0dc7b889da928fdd4e300a52699cb5a4fea8cc42f636b15e449daef52df3586d4b55fd047b04e96734aa2c45bcad8f05dbf3c97daefcd6bad396a6aed71849e484eb0e3526970973db9b268b71e726748aacb5c2203cde2992af74cac612d33cecba7f3e5d66e2a2e449eb00e770af4fe13be6d16877cfa46c108c29d8db1efff5356433fc627741d12605056ec78c02bf143afc9e2161c15ce65a0f8c9f13a6b7a9"], 0x1004)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

4m55.969076508s ago: executing program 0 (id=480):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x802, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000300)={@flat=@weak_binder={0x77622a85, 0x100a, 0x8000000000}, @flat=@weak_binder={0x77622a85, 0x1100, 0x3}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000980)={0x4c, 0x0, &(0x7f0000000800)=[@reply_sg={0x40486312, {0x3, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x400}], 0x0, 0x200000000000000, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x78, 0x0, &(0x7f0000000240)="5696a25b32f8c36bae537a9aac4d71864cbdec81d3f3d493dafde53406dffc24158b802b2d2f01e2ec0c9906a1d29e867b620841864d82ade6219e55af34ef85c0f3c7309202aba8f7153ee3a68f1a1deb1e6f1c56aca1a12a50eb8895e03920e1762ccc24bbcf4912bb08779adf2f2b45653ee2f0f8a6a7"})

4m55.617531167s ago: executing program 0 (id=482):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000002100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)

4m54.616648988s ago: executing program 0 (id=473):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3804402, &(0x7f0000000240)={[{@user_xattr}, {@abort}, {@resuid}, {@user_xattr}, {@discard}, {@nouid32}, {@nolazytime}, {@noinit_itable}, {@nomblk_io_submit}, {@nodelalloc}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x40000}}]}, 0x1, 0x55f, &(0x7f0000000c80)="$eJzs3d9rW+UbAPDnpO1+77sOxvgqIoVdOJlL19YfE7yYl6LDgd7PkmRlNFlGk461Dtwu3I03MgQRB+K1eu/l8B/wrxjoYMgoingTOelJl7VJm3XZmpnPB077vuec9D1Pznnevm9OQgIYWhPpj1zECxHxZRJxqG3baGQbJ1b3W3lwrZAuSTQaH/2RRJKta+2fZL/3Z5X/R8Qvn0ecyG1st7a0PD9bLpcWsvpkvXJ5sra0fPJiZXauNFe6ND0zc/qNmem333qzb7G+eu6vbz68897pL46tfP3TvcO3kjgTB7Jt7XE8gevtlYmYyJ6TsTizbsepPjQ2SJKdPgC2ZSTL87FI+4BDMZJlPfDf91lENIAhlch/GFKtcUBrbt+nefBz4/67qxOgjfGPrr42Enuac6N9K8kjM6N0vjveh/bTNn7+/fatdIn+vQ4BsKXrNyLi1Ojoxv4vyfq/7TvVwz7r29D/wbNzJx3/vNZp/JNbG/9Eh/HP/g65ux1b53/uXh+a6Sod/73Tcfy7dtNqfCSrHWyO+caSCxfLpbRv+19EHI+x3Wl9s/s5p1fuNrptax//pUvafmssmB3HvdHdjz6mOFuffZKY292/EfFix/Fvsnb+kw7nP30+zvXYxtHS7Ze7bds6/qer8X3EKx3P/8M7Wsnm9ycnm9fDZOuq2OjPm0d/7db+Tsefnv99q/H/nU0J18c/nrTfr609fhvf7fmn1G3bdq//XcnHzfKubN3V2Xp9YSpiV/LBxvXTDx/bqrf2T+M/fmzz/q/T9b83Ij7pMf6bR358afvxP11p/MXNr/915//xC3ff//Tbbu33dv5fb5aOZ2t66f96PcAnee4AAAAAAABg0OQi4kAkufxaOZfL51ff33Ek9uXK1Vr9xIXq4qViND8rOx5judad7kNt74eYyt4P26pPr6vPRMThiPhqZG+zni9Uy8WdDh4AAAAAAAAAAAAAAAAAAAAGxP4un/9P/Tay00cHPHW+8huG15b5349vegIGkv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX507ezZdGisPrhXSevHK0uJ89crJYqk2n68sFvKF6sLl/Fy1Olcu5QvVylZ/r1ytXp6ajsWrk/VSrT5ZW1o+X6kuXqqfv1j54WBEaeyZRAUAAAAAAAAAAAAAAAAAAADPl9rS8vxsuVxaUGgWdsdAHMZzVBgdjMNQ6HNhp3smAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHjo3wAAAP//waw5Ug==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x8)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x104)
fallocate(r1, 0x0, 0x3, 0x800000)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x1db)
writev(r2, &(0x7f0000000040)=[{&(0x7f0000000240)="0bcb93b7b7c4", 0xf6d}], 0x1)
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r3, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1, 0x8005, 0x0, 0x0, 0x19, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f283e6d60200000000000000000000000100", [0x208]})
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)

4m53.433867714s ago: executing program 0 (id=476):
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000080), 0x8000002000000, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000000010000fd0000000900000001"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000000), 0xcff5, r1}, 0x38)
prlimit64(0x0, 0xe, &(0x7f0000000440)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_io_uring_setup(0xa6, &(0x7f0000000080)={0x0, 0x7a9c, 0x10, 0xfffffffc, 0x44}, 0x0, 0x0)

4m52.035856475s ago: executing program 0 (id=478):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r3, &(0x7f0000000180), 0x10)
sendmsg$can_bcm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="0500000000bbd10d0bc11fc00000000040000000aef028c89c34dcb05408427474e1705e689c593e7a16dd0af4f5be2f038bc9faf7"], 0x80}}, 0x4)

4m50.045733288s ago: executing program 35 (id=478):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r3, &(0x7f0000000180), 0x10)
sendmsg$can_bcm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="0500000000bbd10d0bc11fc00000000040000000aef028c89c34dcb05408427474e1705e689c593e7a16dd0af4f5be2f038bc9faf7"], 0x80}}, 0x4)

3m33.934128733s ago: executing program 7 (id=65):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$CAIFSO_LINK_SELECT(0xffffffffffffffff, 0x116, 0x7f, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$inet(0x2, 0x5, 0x0)
setsockopt$sock_int(r2, 0x1, 0x2e, &(0x7f0000000180)=0x7b, 0x4)
shutdown(r2, 0x0)
setsockopt$MRT_ADD_VIF(r2, 0x0, 0xca, &(0x7f0000000000)={0xffffffffffffffff, 0x4, 0x7f, 0x1, @vifc_lcl_ifindex, @loopback}, 0x10)
recvmmsg(r2, &(0x7f00000066c0), 0xa0d, 0x0, 0x0)

3m17.954399394s ago: executing program 36 (id=65):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$CAIFSO_LINK_SELECT(0xffffffffffffffff, 0x116, 0x7f, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$inet(0x2, 0x5, 0x0)
setsockopt$sock_int(r2, 0x1, 0x2e, &(0x7f0000000180)=0x7b, 0x4)
shutdown(r2, 0x0)
setsockopt$MRT_ADD_VIF(r2, 0x0, 0xca, &(0x7f0000000000)={0xffffffffffffffff, 0x4, 0x7f, 0x1, @vifc_lcl_ifindex, @loopback}, 0x10)
recvmmsg(r2, &(0x7f00000066c0), 0xa0d, 0x0, 0x0)

2m35.016285246s ago: executing program 6 (id=695):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000004c00)=""/102392, 0x18ff8)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet6_IPV6_RTHDR(r1, 0x29, 0x39, 0x0, 0x18)
r2 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r2, 0x0, 0x0)
sendmsg$can_bcm(r2, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0)
sendmsg$can_bcm(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x0)
close(r2)

2m32.032937784s ago: executing program 6 (id=701):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="17000000000000000084000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0, <r1=>0xffffffffffffffff}, 0x0, &(0x7f0000000040)}, 0x20)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000340)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000340)={r1, 0x0, &(0x7f0000002240)=""/4097}, 0x20)

2m29.812667482s ago: executing program 6 (id=705):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='syscall\x00')
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x0, 0xfd01}, 0x8)
openat$cgroup_int(r0, &(0x7f0000000080)='cpuset.mems\x00', 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
r3 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0)
ioctl$EVIOCGMASK(r3, 0x80104592, &(0x7f0000000300)={0x0, 0xffffffffffffff36, &(0x7f0000000200)="952bb3e006ae9a4c3a"})
ioctl$EVIOCSREP(r3, 0x40084503, 0x0)

2m27.534269817s ago: executing program 6 (id=710):
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x100002, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e000000"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x1, 0x5, 0x9fd, 0x84, 0x105}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0xffffffffffffffff, 0x0, &(0x7f00000000c0), &(0x7f0000000240), 0x800, r1, 0x0, 0x2000000}, 0x38)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180200000000bf0000000000000000008500000020000000850000007d00000095"], &(0x7f0000000080)='GPL\x00', 0x4, 0xc0, &(0x7f0000002380)=""/192}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r2, 0x0, 0xe, 0x0, &(0x7f0000000680)="e0b9547ed387dbe9abc89b6f5bff", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

2m23.745673969s ago: executing program 6 (id=717):
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
syz_open_dev$sg(0x0, 0x0, 0x9840)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x4, [@func={0x2, 0x0, 0x0, 0xc, 0x2}, @func_proto]}, {0x0, [0x0, 0x5f]}}, 0x0, 0x34}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000100)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r3, 0x8, &(0x7f00000000c0)={0x0, 0x1}, 0x1}, 0x90)

2m21.339745661s ago: executing program 6 (id=721):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e40)=ANY=[@ANYBLOB="0b00000005000000020000000200000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000160000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x14, 0x9, 0x3, 0x7, 0x40000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xb}, 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x18)
r3 = socket(0x400000000010, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x1c, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_BLACKHOLE={0x4}]}, 0x1c}}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=@newnexthop={0x24, 0x68, 0x1, 0x2, 0x7ffffffc, {}, [@NHA_GROUP={0xc, 0x2, [{0x1, 0x4}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x24008000}, 0x4000)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0xfffffffffffffda3, &(0x7f0000000180)={&(0x7f0000000200)=@delnexthop={0x20, 0x69, 0xb, 0x0, 0x0, {}, [{0x8, 0x1, 0x1}]}, 0x20}}, 0x4000000)

2m5.3791361s ago: executing program 37 (id=721):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e40)=ANY=[@ANYBLOB="0b00000005000000020000000200000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000160000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x14, 0x9, 0x3, 0x7, 0x40000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xb}, 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x18)
r3 = socket(0x400000000010, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x1c, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_BLACKHOLE={0x4}]}, 0x1c}}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=@newnexthop={0x24, 0x68, 0x1, 0x2, 0x7ffffffc, {}, [@NHA_GROUP={0xc, 0x2, [{0x1, 0x4}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x24008000}, 0x4000)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0xfffffffffffffda3, &(0x7f0000000180)={&(0x7f0000000200)=@delnexthop={0x20, 0x69, 0xb, 0x0, 0x0, {}, [{0x8, 0x1, 0x1}]}, 0x20}}, 0x4000000)

1m28.893750619s ago: executing program 5 (id=814):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket(0x25, 0x1, 0x0)
sendmmsg$unix(r3, &(0x7f0000004400), 0x400000000000203, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)

1m27.616567298s ago: executing program 5 (id=816):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = socket(0x1000000000000010, 0x80802, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000004c0)="5500000018007fd500fe01b2a4a280930a06000000a843089100fe800c0008000800113f080000002d000f009b2c136ef75afb83de448daa72540d8102d2c55327c43ab82286ef1fdd20642383656d4d2449155037", 0x55}], 0x1}, 0x0)

1m26.274709576s ago: executing program 5 (id=820):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
prctl$PR_GET_IO_FLUSHER(0x4)
syz_clone(0x25000, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0)

1m24.456037762s ago: executing program 5 (id=821):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r3, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r3, 0x84, 0x17, &(0x7f0000000380)=ANY=[@ANYRES32=0x0, @ANYBLOB="01"], 0x9)
setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r3, 0x84, 0x19, &(0x7f0000000340)={0x0, 0x1}, 0x8)

1m23.076156953s ago: executing program 5 (id=824):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000108008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
getpid()
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
accept(0xffffffffffffffff, 0x0, &(0x7f0000000080))
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
creat(&(0x7f0000000000)='./file0\x00', 0xa)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
r1 = timerfd_create(0x0, 0x80000)
timerfd_settime(r1, 0x3, &(0x7f0000000380)={{0x0, 0x989680}}, 0x0)
clock_adjtime(0x0, &(0x7f0000000000)={0x3ff, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x9, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x7fffffffffffffff, 0x8, 0x2, 0x3, 0x0, 0x3})

1m17.850953427s ago: executing program 5 (id=829):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x15)
syz_clone(0x20000, 0x0, 0x0, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x5)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)

1m1.779182911s ago: executing program 38 (id=829):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x15)
syz_clone(0x20000, 0x0, 0x0, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x5)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)

19.797830294s ago: executing program 9 (id=919):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x87}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xb3d68000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = io_uring_setup(0x115c, &(0x7f0000000440)={0x0, 0x8270, 0x40, 0x3, 0x117})
io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x0, &(0x7f0000000640)=[{0x0}], 0x178)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="6a0ac4ff02000000711069000322000095"], 0x0}, 0x94)
io_uring_register$IORING_REGISTER_FILES(r3, 0x1e, &(0x7f0000000000)=[r3], 0x1)

18.466998157s ago: executing program 9 (id=920):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f00000000c0)=[{0x20, 0x0, 0x81, 0xfffff034}, {0x20, 0x0, 0x0, 0xfffff038}, {0x6}]}, 0x10)
sendmmsg(r3, &(0x7f0000000180), 0x4000190, 0x0)
shmdt(0x0)

17.426176534s ago: executing program 9 (id=921):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r4=>0x0})
r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), r3)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000980)={0x1c, r5, 0x48212b8952c3aff5, 0x70bd24, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)

16.370011083s ago: executing program 9 (id=925):
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_usb_connect(0x3, 0x1c, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
r2 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000000)={'vxcan0\x00', <r3=>0x0})
bind$can_j1939(r2, &(0x7f0000000100)={0x1d, r3, 0x2, {0x3}}, 0x18)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vxcan0\x00', <r4=>0x0})
syz_genetlink_get_family_id$tipc2(&(0x7f0000000180), r2)
sendmsg$TIPC_NL_KEY_SET(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000400)=ANY=[], 0x14}}, 0x10)
sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x8, &(0x7f00000001c0)={&(0x7f0000000380)=@getchain={0x24, 0x11, 0x1, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r4, {}, {0x7, 0x2}, {0x0, 0xf}}}, 0x24}, 0x1, 0x0, 0x0, 0x20000}, 0x98)

10.916267585s ago: executing program 8 (id=932):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000380)=@abs={0x0, 0x0, 0x200}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020700000000000002030207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000100850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sched_switch\x00', r3}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="3c0000001800eff900000000000000000a00", @ANYRES32=0x0, @ANYBLOB], 0x3c}, 0x1, 0x11}, 0x0)

9.652250416s ago: executing program 8 (id=935):
r0 = syz_init_net_socket$llc(0x1a, 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000000c0)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400400bce)
r1 = syz_open_dev$MSR(&(0x7f0000000340), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
socket(0x1d, 0x2, 0x6)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0)
bind$llc(r0, &(0x7f0000000000)={0x1a, 0x0, 0x1, 0x3, 0x3, 0x4a}, 0x10)
close(r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r2, 0x0, 0x0)

8.444925885s ago: executing program 2 (id=936):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000300)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = add_key$keyring(&(0x7f0000000300), &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r4, &(0x7f0000000380)='asymmetric\x00', &(0x7f00000003c0))

8.008404486s ago: executing program 8 (id=937):
madvise(&(0x7f0000130000/0xd000)=nil, 0xd000, 0x66)
prctl$PR_SCHED_CORE(0x3e, 0x10000000001, 0x0, 0x2, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r0)
mmap$IORING_OFF_SQES(&(0x7f000013a000/0x3000)=nil, 0x3000, 0x1000004, 0x8010, r0, 0x10000000)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
r1 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r1, &(0x7f000001b700)=""/102392, 0x18ff8)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x31, &(0x7f0000000000)=0xffff7b6e, 0x4)
getsockopt$inet6_buf(r2, 0x29, 0x6, &(0x7f00000000c0)=""/13, &(0x7f0000000240)=0xd)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x6, 0xe, &(0x7f0000000300)=ANY=[@ANYBLOB="b700000018000000bca30000000000002403000040feffff720af0ff0000000071a4f0ff000000001f030000000000002e140200000000002604fdffffff000061140400000000001d430000000000007a0a00fe0000001f6114000000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f30002af51efd601b6bf01c8e8b1fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f0177184b6a89adaf17b0a6041bdef728f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101ab062cd54e67051d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566de74e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48b936e6f9e0fcda88fe4413537528fd79153baae244e7bf573eac34b781337ad5901a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab51380d7b4ead35a385e0b4a26b602396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb1188883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcc536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d648532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2654026c6ea08b83b123145ab5703dad844ceb201efeb6dc5f6a9037d2283c42efc54dd84323afc4c10eff462c8843187f1dd48ef0900000000000000ff0f4000000000f00700003c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fcdb4c1011e32f808890205f0e6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767912d146aef7799738b292fd64bbca48568325b2969e2b15f36b788bce0900000000000000499f6947a967a794963442aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2869291b7d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e637d4219ef7ec61261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ecab5d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addbc4b3093c91b8068c5adfcb0d7fd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf699b3746979f99f6a1527f004f37e84fb478199dc1020f4beb98b8074bf7df8b5e783637daf121f175a81cffff4ac55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc682928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a4a274000000000000000000000000000000000000000000000009dd14b38f2f5426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4120260ffcd030000006d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb3928143be1c1023a375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10b0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d3b332240d450fdb0a9a69f432e277f3a0386eb2bd1305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07e18b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e8c0a0d213c3ffad44d2a376def42e41e9fc3167a257e040fa7cf32c221aaac6cfdeb33c27500001a0000000000000000000017350000c11ae694b0c69c2c03f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d10522a7a945b93fb705b95b6aae27a8fab1e6984c8bdc12360627137ab6737b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481ffe46a4ce86be0b1f8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0b74903580ac98708007c80d6c7d0de4614195e40d797c0348de20f36a220e8b3710fb5358c27e90793bcb9ee6319342c4b239ca8cbc6fc83d32e6eb62ad92e43991f2447be9c2a1ae1119eafb901a43d57e885116d19aa152bfb89f8d0b2516f80120a1cddff771657f3d0288ec3899f1e3ba0151c4037148fb479de703fc52b6573349c28d1b107d859b4961324c17756dde99de1924a1d2b7095d34a55060f47f4407d89acf9f285b20c2e6b3d0491d0d3591b0d94713332b6b79c8297117b0d14eff64e0aca8a4b4aa773d8fba1217e9519952419bb9dd998d0ec870ff00b6d556018602738fbc6cec89d6dd13cf55b96f6fe9a137d2d6a56ad78e52c23ed080000000000002bc261a781fd14126c146a0aac4221839a4b9bbf61e4bba695a41e2109eba8e40c370267cc51ffadbd15cafc97b4d3edfdcb9b5729307c6bdaf7b69325fb05fa8a9869de0600ee477d71bf3e36d1d9019edfa27aae24b632f251df210c86a18fae731ecb8b0d48357378caf2b6789509b1bacfd4fa812dc341875cfa5e798bbf59770000000000000000c8a594ea3c3347962d9113b1fecdfad5a8da641053f02e49456f5d21674521e67a5b18ea451eccf69dd6af928d2d68da9304a296c22fdcea26498d26229110b1aade386b113045033a6188d56e675564d8cb8d5b40114b4f5bf15dd64c9ece60b8588ee8777d0ea8f4713b258427c7d90f9e93348e17723ba9ab8ae790f74cc41ae5795835f3cec40dff485d2802c0"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f00000000c0), 0x10}, 0x94)

6.724490675s ago: executing program 2 (id=938):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
add_key(&(0x7f0000000380)='asymmetric\x00', 0x0, &(0x7f0000000880)="10", 0x1, 0xffffffffffffffff)

6.403001441s ago: executing program 9 (id=939):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000240))
sched_setscheduler(0x0, 0x2, &(0x7f0000000440)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
prctl$PR_SCHED_CORE(0x4d, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000340)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
arch_prctl$ARCH_MAP_VDSO_32(0x2002, 0x5)
r3 = syz_init_net_socket$ax25(0x3, 0x5, 0x7)
setsockopt$ax25_int(r3, 0x101, 0x6, &(0x7f0000000000)=0x200, 0x4)

5.221546982s ago: executing program 2 (id=940):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = getpid()
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000080)={r3, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x7], 0x0, 0x0, 0x20a8, 0x0, r4}}, 0x40)

5.115324157s ago: executing program 8 (id=941):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
r1 = socket$inet6(0xa, 0x80002, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback={0xff00000000000000}, 0x400}, 0x1c)
sendmmsg$inet6(r1, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000)

3.682571748s ago: executing program 2 (id=942):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001c80)={{r3}, &(0x7f0000001c00)=0x8000000, &(0x7f0000001c40)=r4}, 0x20)

3.520189269s ago: executing program 8 (id=943):
bpf$BPF_LINK_CREATE(0x1c, 0x0, 0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = dup(r0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @loopback, 0x3}], 0x1c)
sendmsg$inet6(r0, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x4048043)
r2 = dup(r0)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000000)='bond_slave_1\x00', 0x10)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000180)={0x0, 0x18, 0xfa00, {0x4, 0x0, 0x111, 0x2}}, 0x20)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000140)=@newtaction={0x14, 0x30, 0x1, 0x70bd2b, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x2000c800}, 0x2400c800)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000300)={0x0, 0x18, 0xfa00, {0x2, 0x0, 0x13f, 0x6}}, 0x20)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in6={{0xa, 0x4e60, 0xfffffff2, @empty, 0x3}}, 0x1000000, 0x31, 0xffff1896, 0x3, 0x6, 0x8, 0x1b}, 0x9c)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0026}]})
close_range(r3, 0xffffffffffffffff, 0x0)

1.349066795s ago: executing program 2 (id=944):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x8041, 0x0)
write$dsp(r0, &(0x7f00000001c0)="5cba91a4", 0xffffffd9)
ioctl$SNDCTL_DSP_SYNC(r0, 0x5001, 0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000440)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$SNDCTL_DSP_SYNC(r0, 0x5001, 0x0)
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
name_to_handle_at(0xffffffffffffff9c, 0x0, &(0x7f00000000c0)=ANY=[], 0x0, 0x0)
open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x200000000000140)
syz_emit_vhci(&(0x7f0000000280)=@HCI_EVENT_PKT={0x4, @hci_ev_pin_code_req={{0x16, 0x6}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}}}, 0x9)
ioctl$SNDCTL_DSP_SUBDIVIDE(r0, 0xc0045009, &(0x7f0000000040)=0xfff)

1.348682943s ago: executing program 8 (id=945):
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
set_mempolicy(0x2, 0x0, 0x3ff)
openat(0xffffffffffffff9c, 0x0, 0x401c2, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
set_mempolicy(0x3, &(0x7f0000000100)=0x3, 0x9)
setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x808000, 0x4, 0x20300, 0xfc, 0x2000000}, 0x1c)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_int(r2, 0x0, 0x12, 0x0, 0x0)
sendto$inet(r2, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10)
recvmmsg(r2, &(0x7f000000e280), 0x58a, 0x42, 0x0)

770.096µs ago: executing program 2 (id=946):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x208, 0x1ffe0000000}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendto$inet6(r3, &(0x7f0000000400)="2ae0e710", 0x4, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1}, 0x1c)
setsockopt$inet6_int(r3, 0x29, 0x5, &(0x7f0000000140)=0x6, 0x4)
recvmmsg(r3, &(0x7f0000000d80), 0x4000000000001e9, 0x10162, 0x0)

0s ago: executing program 9 (id=955):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f00000004c0)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
timer_gettime(0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, 0x0, 0x20000010)
r3 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_add_memb(r3, 0x107, 0x1, 0x0, 0x0)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)

kernel console output (not intermixed with test programs):

294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6413 comm="syz.2.102" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fbb1ed8eec9 code=0x0
[  157.533529][   T43] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  157.585475][ T6107] batman_adv: batadv0: Adding interface: batadv_slave_1
[  157.625280][ T6420] netlink: 'syz.5.104': attribute type 1 has an invalid length.
[  157.636107][ T6107] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  157.670621][ T6107] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  157.683308][ T6295] chnl_net:caif_netlink_parms(): no params data found
[  157.760662][   T43] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  157.772473][   T43] usb 4-1: config 0 has no interfaces?
[  157.797617][   T43] usb 4-1: New USB device found, idVendor=0ccd, idProduct=0093, bcdDevice=23.5a
[  157.811086][   T43] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  157.840496][   T43] usb 4-1: Product: syz
[  157.894609][   T43] usb 4-1: Manufacturer: syz
[  157.918270][   T43] usb 4-1: SerialNumber: syz
[  157.967531][ T6422] bond0: entered promiscuous mode
[  157.998973][   T43] usb 4-1: config 0 descriptor??
[  158.044773][ T6422] bond0: entered allmulticast mode
[  158.105982][ T6422] 8021q: adding VLAN 0 to HW filter on device bond0
[  158.799632][ T6425] bridge1: entered promiscuous mode
[  158.826298][   T12] bond0: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  158.861153][ T6425] bridge1: entered allmulticast mode
[  158.904004][ T6425] bond0: (slave bridge1): Enslaving as an active interface with an up link
[  159.046151][ T6437] process 'syz.0.107' launched '/dev/fd/4' with NULL argv: empty string added
[  159.091005][   T49] bond0: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  159.449948][ T6107] hsr_slave_0: entered promiscuous mode
[  159.463977][ T6107] hsr_slave_1: entered promiscuous mode
[  159.470572][ T6107] debugfs: 'hsr0' already exists in 'hsr'
[  159.478230][ T6107] Cannot create hsr debugfs directory
[  159.717913][ T6295] bridge0: port 1(bridge_slave_0) entered blocking state
[  159.747508][ T6295] bridge0: port 1(bridge_slave_0) entered disabled state
[  159.789594][ T6295] bridge_slave_0: entered allmulticast mode
[  159.834406][ T6295] bridge_slave_0: entered promiscuous mode
[  159.959137][ T6295] bridge0: port 2(bridge_slave_1) entered blocking state
[  160.091437][ T6295] bridge0: port 2(bridge_slave_1) entered disabled state
[  160.129524][ T6295] bridge_slave_1: entered allmulticast mode
[  160.215153][ T6295] bridge_slave_1: entered promiscuous mode
[  161.952996][ T5872] usb 4-1: USB disconnect, device number 3
[  161.980399][ T6295] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  162.229281][ T6295] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  162.377255][  T482] bridge_slave_1: left allmulticast mode
[  162.466149][  T482] bridge_slave_1: left promiscuous mode
[  162.519313][  T482] bridge0: port 2(bridge_slave_1) entered disabled state
[  162.552489][  T482] bridge_slave_0: left allmulticast mode
[  162.558204][  T482] bridge_slave_0: left promiscuous mode
[  162.568730][  T482] bridge0: port 1(bridge_slave_0) entered disabled state
[  164.072488][ T6486] loop2: detected capacity change from 0 to 65536
[  164.209980][ T6486] XFS (loop2): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  164.366471][ T6486] XFS (loop2): Ending clean mount
[  166.653186][ T6509] netlink: 12 bytes leftover after parsing attributes in process `syz.3.123'.
[  166.724117][ T5865] XFS (loop2): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  167.519385][  T482] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  167.551712][  T482] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  167.586410][  T482] bond0 (unregistering): Released all slaves
[  167.829587][ T6295] team0: Port device team_slave_0 added
[  169.495203][ T6529] sctp: failed to load transform for md5: -2
[  170.374103][ T6295] team0: Port device team_slave_1 added
[  170.747095][ T6295] batman_adv: batadv0: Adding interface: batadv_slave_0
[  170.790869][ T6295] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  170.900751][ T6295] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  171.209585][ T6295] batman_adv: batadv0: Adding interface: batadv_slave_1
[  171.279926][ T6295] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  171.482727][ T6295] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  171.948441][  T482] hsr_slave_0: left promiscuous mode
[  172.104852][  T482] hsr_slave_1: left promiscuous mode
[  172.112590][  T482] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  172.143952][  T482] batman_adv: batadv0: Removing interface: batadv_slave_0
[  172.203326][  T482] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  172.231084][  T482] batman_adv: batadv0: Removing interface: batadv_slave_1
[  172.386874][  T482] veth1_macvtap: left promiscuous mode
[  172.428623][  T482] veth0_macvtap: left promiscuous mode
[  172.469527][  T482] veth1_vlan: left promiscuous mode
[  172.506664][  T482] veth0_vlan: left promiscuous mode
[  172.709789][ T6556] binder: 6555:6556 ioctl c0306201 200000000680 returned -14
[  174.370971][  T482] team0 (unregistering): Port device team_slave_1 removed
[  174.589082][  T482] team0 (unregistering): Port device team_slave_0 removed
[  176.188391][ T6568] netlink: 92 bytes leftover after parsing attributes in process `syz.3.140'.
[  176.199188][ T6568] netem: unknown loss type 0
[  176.211111][ T6568] netem: change failed
[  176.440508][ T6295] hsr_slave_0: entered promiscuous mode
[  176.459544][ T6295] hsr_slave_1: entered promiscuous mode
[  176.478401][ T6295] debugfs: 'hsr0' already exists in 'hsr'
[  176.486798][ T6295] Cannot create hsr debugfs directory
[  178.138422][ T6107] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  178.236246][ T6107] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  178.321503][ T6107] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  178.375650][ T6107] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  181.186521][ T6295] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  181.279031][ T6295] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  181.430351][ T6295] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  181.507316][ T6107] 8021q: adding VLAN 0 to HW filter on device bond0
[  181.549781][ T6624] netlink: 'syz.2.153': attribute type 27 has an invalid length.
[  181.596644][ T6295] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  181.624191][ T6624] netlink: 'syz.2.153': attribute type 4 has an invalid length.
[  181.660958][ T6624] netlink: 144 bytes leftover after parsing attributes in process `syz.2.153'.
[  182.964715][ T6107] 8021q: adding VLAN 0 to HW filter on device team0
[  183.134979][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  183.142206][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  183.186492][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  183.193700][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  183.287818][ T6645] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  183.841799][ T6295] 8021q: adding VLAN 0 to HW filter on device bond0
[  183.897450][ T6655] bridge: RTM_NEWNEIGH with invalid ether address
[  184.139725][ T6665] loop3: detected capacity change from 0 to 1764
[  184.709974][ T6295] 8021q: adding VLAN 0 to HW filter on device team0
[  184.842619][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[  184.849815][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[  184.906708][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[  184.914023][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[  185.126501][ T6676] loop3: detected capacity change from 0 to 256
[  185.274378][ T6676] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  185.341708][   T30] audit: type=1800 audit(1758544361.322:4): pid=6676 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.164" name="file1" dev="loop3" ino=1048613 res=0 errno=0
[  186.239671][ T6676] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  186.380852][ T6676] FAT-fs (loop3): Filesystem has been set read-only
[  188.075573][ T6702] loop3: detected capacity change from 0 to 128
[  188.261196][ T6702] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  188.333078][ T6702] ext4 filesystem being mounted at /31/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  188.788946][ T6295] 8021q: adding VLAN 0 to HW filter on device batadv0
[  189.159212][ T5882] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  189.673465][ T5875] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  189.711965][ T5875] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  189.726362][ T5875] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  189.751003][ T5875] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  189.758907][ T5875] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  191.772819][ T5875] Bluetooth: hci1: command tx timeout
[  193.117698][ T6753] Driver unsupported XDP return value 0 on prog  (id 30) dev N/A, expect packet loss!
[  193.809262][ T6295] veth0_vlan: entered promiscuous mode
[  193.851383][ T5875] Bluetooth: hci1: command tx timeout
[  194.010344][ T6295] veth1_vlan: entered promiscuous mode
[  194.334620][   T12] bridge_slave_1: left allmulticast mode
[  194.340512][   T12] bridge_slave_1: left promiscuous mode
[  194.356585][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  194.413619][   T12] bridge_slave_0: left allmulticast mode
[  194.441860][   T12] bridge_slave_0: left promiscuous mode
[  194.447744][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  194.689692][ T6772] loop0: detected capacity change from 0 to 256
[  194.934557][ T6772] FAT-fs (loop0): Directory bread(block 64) failed
[  194.952569][ T6772] FAT-fs (loop0): Directory bread(block 65) failed
[  195.023250][ T6772] FAT-fs (loop0): Directory bread(block 66) failed
[  195.029846][ T6772] FAT-fs (loop0): Directory bread(block 67) failed
[  195.236977][ T6772] FAT-fs (loop0): Directory bread(block 68) failed
[  195.277207][ T6772] FAT-fs (loop0): Directory bread(block 69) failed
[  195.307335][ T6772] FAT-fs (loop0): Directory bread(block 70) failed
[  195.366866][ T6772] FAT-fs (loop0): Directory bread(block 71) failed
[  195.395130][ T6772] FAT-fs (loop0): Directory bread(block 72) failed
[  195.428673][ T6772] FAT-fs (loop0): Directory bread(block 73) failed
[  195.962255][ T5875] Bluetooth: hci1: command tx timeout
[  196.462683][ T6790] syz.0.184: attempt to access beyond end of device
[  196.462683][ T6790] loop0: rw=2049, sector=1224, nr_sectors = 32 limit=256
[  196.508685][ T6790] syz.0.184: attempt to access beyond end of device
[  196.508685][ T6790] loop0: rw=2049, sector=1320, nr_sectors = 32 limit=256
[  196.550438][ T6790] syz.0.184: attempt to access beyond end of device
[  196.550438][ T6790] loop0: rw=2049, sector=1384, nr_sectors = 32 limit=256
[  196.659433][ T6790] syz.0.184: attempt to access beyond end of device
[  196.659433][ T6790] loop0: rw=2049, sector=1448, nr_sectors = 8 limit=256
[  196.731652][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  196.823150][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  196.884632][   T12] bond0 (unregistering): Released all slaves
[  196.920609][   T49] kworker/u8:3: attempt to access beyond end of device
[  196.920609][   T49] loop0: rw=1, sector=1224, nr_sectors = 32 limit=256
[  197.051962][   T49] kworker/u8:3: attempt to access beyond end of device
[  197.051962][   T49] loop0: rw=1, sector=1320, nr_sectors = 32 limit=256
[  197.115297][   T49] kworker/u8:3: attempt to access beyond end of device
[  197.115297][   T49] loop0: rw=1, sector=1384, nr_sectors = 32 limit=256
[  197.168161][ T6785] netlink: 28 bytes leftover after parsing attributes in process `syz.5.187'.
[  197.180998][   T49] kworker/u8:3: attempt to access beyond end of device
[  197.180998][   T49] loop0: rw=1, sector=1448, nr_sectors = 8 limit=256
[  197.417825][   T12] hsr_slave_0: left promiscuous mode
[  197.462290][   T12] hsr_slave_1: left promiscuous mode
[  197.497951][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  197.541998][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  198.055239][ T5875] Bluetooth: hci1: command tx timeout
[  200.224527][   T12] team0 (unregistering): Port device team_slave_1 removed
[  200.447910][   T12] team0 (unregistering): Port device team_slave_0 removed
[  200.794669][ T6822] netlink: 'syz.3.194': attribute type 1 has an invalid length.
[  203.972660][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  203.979075][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  204.592177][ T6786] netlink: 28 bytes leftover after parsing attributes in process `syz.5.187'.
[  204.659762][ T6729] chnl_net:caif_netlink_parms(): no params data found
[  204.775414][ T6295] veth0_macvtap: entered promiscuous mode
[  206.666129][ T6729] bridge0: port 1(bridge_slave_0) entered blocking state
[  206.699900][ T5868] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  206.702690][ T6729] bridge0: port 1(bridge_slave_0) entered disabled state
[  206.710551][ T5868] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  206.722504][ T5868] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  206.732054][ T5868] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  206.741755][ T5868] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  206.763014][ T6729] bridge_slave_0: entered allmulticast mode
[  206.772980][ T6729] bridge_slave_0: entered promiscuous mode
[  206.797441][ T6729] bridge0: port 2(bridge_slave_1) entered blocking state
[  206.817335][ T6881] loop3: detected capacity change from 0 to 128
[  206.842809][ T6881] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  206.903055][ T6729] bridge0: port 2(bridge_slave_1) entered disabled state
[  206.942117][ T6729] bridge_slave_1: entered allmulticast mode
[  207.014707][ T6729] bridge_slave_1: entered promiscuous mode
[  207.464935][ T6729] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  207.794221][ T6729] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  208.242705][ T6729] team0: Port device team_slave_0 added
[  208.544173][ T6729] team0: Port device team_slave_1 added
[  208.810904][ T5868] Bluetooth: hci6: command tx timeout
[  210.189543][ T6729] batman_adv: batadv0: Adding interface: batadv_slave_0
[  210.240383][ T6729] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  210.291682][    T9] usb 6-1: new full-speed USB device number 2 using dummy_hcd
[  210.405290][ T6729] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  210.431030][ T6729] batman_adv: batadv0: Adding interface: batadv_slave_1
[  210.438423][ T6729] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  210.693255][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  210.720874][    T9] usb 6-1: New USB device found, idVendor=1e7d, idProduct=3138, bcdDevice= 0.00
[  210.730937][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  211.133605][ T5868] Bluetooth: hci6: command tx timeout
[  211.450657][ T6729] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  211.572106][    T9] usb 6-1: config 0 descriptor??
[  211.598117][ T6919] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  212.156331][    T9] ryos 0003:1E7D:3138.0001: item fetching failed at offset 1/5
[  212.181414][    T9] ryos 0003:1E7D:3138.0001: parse failed
[  212.196019][    T9] ryos 0003:1E7D:3138.0001: probe with driver ryos failed with error -22
[  212.534814][ T5968] usb 6-1: USB disconnect, device number 2
[  212.862755][ T6729] hsr_slave_0: entered promiscuous mode
[  212.933642][ T6729] hsr_slave_1: entered promiscuous mode
[  213.023069][ T6729] debugfs: 'hsr0' already exists in 'hsr'
[  213.028835][ T6729] Cannot create hsr debugfs directory
[  213.221008][ T5875] Bluetooth: hci6: command tx timeout
[  214.977634][ T6878] chnl_net:caif_netlink_parms(): no params data found
[  215.291470][ T5875] Bluetooth: hci6: command tx timeout
[  215.644983][ T6961] netlink: 14 bytes leftover after parsing attributes in process `syz.5.225'.
[  215.926162][   T59] bridge_slave_1: left allmulticast mode
[  215.933603][   T59] bridge_slave_1: left promiscuous mode
[  216.053801][   T59] bridge0: port 2(bridge_slave_1) entered disabled state
[  216.331149][   T59] bridge_slave_0: left allmulticast mode
[  216.341083][   T59] bridge_slave_0: left promiscuous mode
[  216.346880][   T59] bridge0: port 1(bridge_slave_0) entered disabled state
[  219.185724][   T59] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  219.571635][   T59] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  219.893293][   T59] bond0 (unregistering): Released all slaves
[  219.968902][ T6998] netlink: 4 bytes leftover after parsing attributes in process `syz.2.232'.
[  221.568682][   T59] hsr_slave_0: left promiscuous mode
[  221.652147][   T59] hsr_slave_1: left promiscuous mode
[  221.659936][   T59] batman_adv: batadv0: Removing interface: batadv_slave_0
[  221.690441][   T59] batman_adv: batadv0: Removing interface: batadv_slave_1
[  221.786870][   T59] veth0_macvtap: left promiscuous mode
[  221.806876][   T59] veth1_vlan: left promiscuous mode
[  221.819083][   T59] veth0_vlan: left promiscuous mode
[  225.555657][   T59] team0 (unregistering): Port device team_slave_1 removed
[  225.744082][   T59] team0 (unregistering): Port device team_slave_0 removed
[  227.299847][ T7012] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  227.660315][ T6878] bridge0: port 1(bridge_slave_0) entered blocking state
[  227.719194][ T6878] bridge0: port 1(bridge_slave_0) entered disabled state
[  227.772779][ T6878] bridge_slave_0: entered allmulticast mode
[  227.819643][ T6878] bridge_slave_0: entered promiscuous mode
[  228.701389][ T6878] bridge0: port 2(bridge_slave_1) entered blocking state
[  228.745527][ T6878] bridge0: port 2(bridge_slave_1) entered disabled state
[  228.791622][ T6878] bridge_slave_1: entered allmulticast mode
[  228.803021][ T7063] 9pnet_fd: Insufficient options for proto=fd
[  228.831860][ T6878] bridge_slave_1: entered promiscuous mode
[  228.849526][ T7065] loop0: detected capacity change from 0 to 1024
[  228.966161][ T7065] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  229.385250][ T6878] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  229.456626][ T6878] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  230.278495][ T7080] netlink: 12 bytes leftover after parsing attributes in process `syz.3.251'.
[  230.315618][ T7080] netlink: 12 bytes leftover after parsing attributes in process `syz.3.251'.
[  231.065411][ T6878] team0: Port device team_slave_0 added
[  231.127851][ T6878] team0: Port device team_slave_1 added
[  231.393154][ T6878] batman_adv: batadv0: Adding interface: batadv_slave_0
[  231.400180][ T6878] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  231.431117][ T6878] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  231.730194][ T5180] Bluetooth: hci2: command 0x0406 tx timeout
[  231.736746][ T5180] Bluetooth: hci3: command 0x0406 tx timeout
[  231.743148][ T5180] Bluetooth: hci0: command 0x0406 tx timeout
[  231.750594][ T5180] Bluetooth: hci5: command 0x0406 tx timeout
[  232.149878][ T6878] batman_adv: batadv0: Adding interface: batadv_slave_1
[  232.186833][ T6878] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  232.230084][ T6878] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  232.508548][ T5876] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  232.674613][ T6878] hsr_slave_0: entered promiscuous mode
[  232.686412][ T6878] hsr_slave_1: entered promiscuous mode
[  232.721825][ T6878] debugfs: 'hsr0' already exists in 'hsr'
[  232.738491][ T6878] Cannot create hsr debugfs directory
[  232.814229][ T5849] IPVS: starting estimator thread 0...
[  232.941163][ T7107] IPVS: using max 21 ests per chain, 50400 per kthread
[  234.695702][ T6729] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  234.745751][ T6729] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  234.874142][ T6729] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  234.925187][ T6729] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  235.358974][   T30] audit: type=1800 audit(1758544411.322:5): pid=7138 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.268" name="file1" dev="tmpfs" ino=380 res=0 errno=0
[  236.630327][ T6729] 8021q: adding VLAN 0 to HW filter on device bond0
[  238.115634][ T6729] 8021q: adding VLAN 0 to HW filter on device team0
[  238.248709][ T6729] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  238.398232][ T6729] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  238.512321][ T6258] bridge0: port 1(bridge_slave_0) entered blocking state
[  238.519568][ T6258] bridge0: port 1(bridge_slave_0) entered forwarding state
[  238.625764][ T6258] bridge0: port 2(bridge_slave_1) entered blocking state
[  238.632961][ T6258] bridge0: port 2(bridge_slave_1) entered forwarding state
[  238.736906][   T43] Process accounting resumed
[  240.184886][ T6878] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  240.298609][ T6878] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  240.480776][ T6878] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  240.676753][ T6878] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  240.943821][ T6729] 8021q: adding VLAN 0 to HW filter on device batadv0
[  243.108439][ T6878] 8021q: adding VLAN 0 to HW filter on device bond0
[  243.305679][ T6878] 8021q: adding VLAN 0 to HW filter on device team0
[  243.411460][ T1151] bridge0: port 1(bridge_slave_0) entered blocking state
[  243.418652][ T1151] bridge0: port 1(bridge_slave_0) entered forwarding state
[  243.564647][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[  243.571917][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[  246.187805][ T6729] veth0_vlan: entered promiscuous mode
[  246.348231][ T6729] veth1_vlan: entered promiscuous mode
[  246.654137][ T6878] 8021q: adding VLAN 0 to HW filter on device batadv0
[  246.684189][ T6729] veth0_macvtap: entered promiscuous mode
[  246.717616][ T6729] veth1_macvtap: entered promiscuous mode
[  247.118453][ T6729] batman_adv: batadv0: Interface activated: batadv_slave_0
[  247.213098][ T6729] batman_adv: batadv0: Interface activated: batadv_slave_1
[  250.090735][ T7285] netlink: set zone limit has 4 unknown bytes
[  251.691579][ T5875] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  251.797243][ T5875] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  251.814540][ T5875] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  251.838651][ T5875] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  252.560994][ T5875] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  252.832778][ T7307] netlink: 'syz.2.300': attribute type 27 has an invalid length.
[  252.840951][ T7307] netlink: 'syz.2.300': attribute type 4 has an invalid length.
[  252.848616][ T7307] netlink: 144 bytes leftover after parsing attributes in process `syz.2.300'.
[  253.450978][ T6878] veth0_vlan: entered promiscuous mode
[  254.076693][ T6878] veth1_vlan: entered promiscuous mode
[  254.678481][ T5875] Bluetooth: hci1: command tx timeout
[  255.454270][ T6878] veth0_macvtap: entered promiscuous mode
[  256.780986][ T5875] Bluetooth: hci1: command tx timeout
[  257.687274][ T6878] veth1_macvtap: entered promiscuous mode
[  258.109011][   T49] bridge_slave_1: left allmulticast mode
[  258.140942][   T49] bridge_slave_1: left promiscuous mode
[  258.146745][   T49] bridge0: port 2(bridge_slave_1) entered disabled state
[  258.316869][   T49] bridge_slave_0: left allmulticast mode
[  258.350796][   T49] bridge_slave_0: left promiscuous mode
[  258.356660][   T49] bridge0: port 1(bridge_slave_0) entered disabled state
[  258.372729][ T6078] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  258.555599][ T6078] usb 6-1: Using ep0 maxpacket: 32
[  258.584704][ T6078] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  258.596559][ T6078] usb 6-1: config 1 interface 0 altsetting 77 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  258.611394][ T6078] usb 6-1: config 1 interface 0 has no altsetting 0
[  258.627782][ T6078] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  258.644234][ T6078] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  258.654475][ T6078] usb 6-1: SerialNumber: syz
[  258.720626][ T6078] cdc_ether 6-1:1.0: invalid descriptor buffer length
[  258.739393][ T6078] usb 6-1: bad CDC descriptors
[  258.811521][ T5875] Bluetooth: hci1: command tx timeout
[  258.986079][ T5957] usb 6-1: USB disconnect, device number 3
[  258.997059][   T49] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  259.022380][   T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  259.035514][   T49] bond0 (unregistering): Released all slaves
[  259.063671][ T7355] sch_tbf: burst 1821 is lower than device lo mtu (65550) !
[  259.080045][ T7359] netlink: 12 bytes leftover after parsing attributes in process `syz.2.312'.
[  259.104551][ T6878] batman_adv: batadv0: Interface activated: batadv_slave_0
[  259.181489][ T7299] chnl_net:caif_netlink_parms(): no params data found
[  259.530417][   T49] hsr_slave_0: left promiscuous mode
[  259.578046][ T7381] netlink: 'syz.0.319': attribute type 13 has an invalid length.
[  259.586527][   T49] hsr_slave_1: left promiscuous mode
[  259.594629][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  259.602668][   T49] batman_adv: batadv0: Removing interface: batadv_slave_0
[  259.612895][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  259.620381][   T49] batman_adv: batadv0: Removing interface: batadv_slave_1
[  260.308973][   T49] veth1_macvtap: left promiscuous mode
[  260.322723][   T49] veth0_macvtap: left promiscuous mode
[  260.346973][   T49] veth1_vlan: left promiscuous mode
[  260.363208][   T49] veth0_vlan: left promiscuous mode
[  260.688608][ T7389] loop5: detected capacity change from 0 to 256
[  260.892031][ T5875] Bluetooth: hci1: command tx timeout
[  260.905137][ T7389] FAT-fs (loop5): Directory bread(block 64) failed
[  260.930659][ T7389] FAT-fs (loop5): Directory bread(block 65) failed
[  260.938377][ T7389] FAT-fs (loop5): Directory bread(block 66) failed
[  260.945247][ T7389] FAT-fs (loop5): Directory bread(block 67) failed
[  260.968297][ T7389] FAT-fs (loop5): Directory bread(block 68) failed
[  260.993110][ T7389] FAT-fs (loop5): Directory bread(block 69) failed
[  261.043141][ T7389] FAT-fs (loop5): Directory bread(block 70) failed
[  261.073409][ T7389] FAT-fs (loop5): Directory bread(block 71) failed
[  261.134107][ T7389] FAT-fs (loop5): Directory bread(block 72) failed
[  261.140851][ T7389] FAT-fs (loop5): Directory bread(block 73) failed
[  262.397305][   T49] team0 (unregistering): Port device team_slave_1 removed
[  262.453599][   T49] team0 (unregistering): Port device team_slave_0 removed
[  262.849173][ T6878] batman_adv: batadv0: Interface activated: batadv_slave_1
[  262.929416][ T7381] gretap0: refused to change device tx_queue_len
[  262.936839][ T7381] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  263.240832][ T6266] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  263.406409][ T6266] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  265.531371][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  265.537757][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  266.343697][ T1323] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  266.414069][  T482] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  266.485646][ T7299] bridge0: port 1(bridge_slave_0) entered blocking state
[  266.650634][ T7447] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  266.657926][ T7447] comedi comedi3: 8255: I/O port conflict (0x2,4)
[  266.665831][ T7447] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  266.673898][ T7447] comedi comedi3: 8255: I/O port conflict (0x5c952399,4)
[  266.681375][ T7447] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  266.688692][ T7447] comedi comedi3: 8255: I/O port conflict (0x3ff,4)
[  266.696673][ T7447] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  266.704364][ T7447] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  266.711537][ T7447] comedi comedi3: 8255: I/O port conflict (0x9,4)
[  266.718591][ T7447] comedi comedi3: 8255: I/O port conflict (0x6,4)
[  266.725645][ T7447] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  266.733391][ T7447] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  266.740717][ T7447] comedi comedi3: 8255: I/O port conflict (0xffffffff80000089,4)
[  266.749269][ T7447] comedi comedi3: 8255: I/O port conflict (0xfffffffffffffffd,4)
[  267.401729][ T7299] bridge0: port 1(bridge_slave_0) entered disabled state
[  267.486637][ T7299] bridge_slave_0: entered allmulticast mode
[  267.542684][ T7299] bridge_slave_0: entered promiscuous mode
[  267.697707][ T7299] bridge0: port 2(bridge_slave_1) entered blocking state
[  267.780191][ T7299] bridge0: port 2(bridge_slave_1) entered disabled state
[  267.838917][ T7299] bridge_slave_1: entered allmulticast mode
[  267.929580][ T7299] bridge_slave_1: entered promiscuous mode
[  268.361653][ T7299] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  268.454990][ T7299] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  268.534600][ T7456] loop0: detected capacity change from 0 to 1764
[  268.863507][ T7299] team0: Port device team_slave_0 added
[  268.958404][ T7299] team0: Port device team_slave_1 added
[  269.534853][ T5868] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  269.556687][ T5868] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  269.565510][ T5868] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  269.577761][ T5868] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  269.598900][ T5868] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  270.092607][ T7299] batman_adv: batadv0: Adding interface: batadv_slave_0
[  270.352440][ T7299] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  271.123074][ T7299] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  271.152466][ T7299] batman_adv: batadv0: Adding interface: batadv_slave_1
[  271.399497][ T7299] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  271.496999][ T7299] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  271.691835][ T5875] Bluetooth: hci4: command tx timeout
[  273.485682][ T1323] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  273.770797][ T5875] Bluetooth: hci4: command tx timeout
[  273.791197][ T7299] hsr_slave_0: entered promiscuous mode
[  273.868917][ T7299] hsr_slave_1: entered promiscuous mode
[  273.919031][ T7299] debugfs: 'hsr0' already exists in 'hsr'
[  273.940837][ T7299] Cannot create hsr debugfs directory
[  275.594906][ T1323] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  275.995477][ T5875] Bluetooth: hci4: command tx timeout
[  277.208272][ T1323] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  277.704892][ T1323] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  278.011257][ T5875] Bluetooth: hci4: command tx timeout
[  279.780715][ T7553] loop9: detected capacity change from 0 to 7
[  279.801397][ T7553] Buffer I/O error on dev loop9, logical block 0, async page read
[  279.811837][ T7553] Buffer I/O error on dev loop9, logical block 0, async page read
[  279.824833][ T7553] Buffer I/O error on dev loop9, logical block 0, async page read
[  279.837247][ T7553] Buffer I/O error on dev loop9, logical block 0, async page read
[  279.848056][ T7553] Buffer I/O error on dev loop9, logical block 0, async page read
[  279.860766][ T7553] Buffer I/O error on dev loop9, logical block 0, async page read
[  279.871808][ T7553] Buffer I/O error on dev loop9, logical block 0, async page read
[  279.883316][ T7553] ldm_validate_partition_table(): Disk read failed.
[  279.890688][ T7553] Buffer I/O error on dev loop9, logical block 0, async page read
[  279.903819][ T7553] Buffer I/O error on dev loop9, logical block 0, async page read
[  279.915587][ T7553] Buffer I/O error on dev loop9, logical block 0, async page read
[  279.925355][ T7553] Dev loop9: unable to read RDB block 0
[  279.933460][ T7553]  loop9: unable to read partition table
[  279.940730][ T7553] loop9: partition table beyond EOD, truncated
[  279.947136][ T7553] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  279.947136][ T7553] 
) failed (rc=-5)
[  283.420029][ T7470] chnl_net:caif_netlink_parms(): no params data found
[  283.937406][ T1323] bridge_slave_1: left allmulticast mode
[  284.071840][ T1323] bridge_slave_1: left promiscuous mode
[  284.611889][ T1323] bridge0: port 2(bridge_slave_1) entered disabled state
[  284.751585][ T7587] loop3: detected capacity change from 0 to 256
[  284.826573][ T1323] bridge_slave_0: left allmulticast mode
[  284.844530][ T1323] bridge_slave_0: left promiscuous mode
[  285.150593][ T1323] bridge0: port 1(bridge_slave_0) entered disabled state
[  285.537834][ T7587] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d)
[  286.058233][ T7587] exFAT-fs (loop3): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  286.216683][   T30] audit: type=1800 audit(1758544462.182:6): pid=7587 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.363" name="file1" dev="loop3" ino=1048616 res=0 errno=0
[  288.875318][ T7619] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  288.934266][ T1323] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  288.960364][ T1323] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  288.982069][   T24] IPVS: starting estimator thread 0...
[  288.992914][ T1323] bond0 (unregistering): Released all slaves
[  289.083509][ T7622] IPVS: using max 27 ests per chain, 64800 per kthread
[  289.290017][ T1323] hsr_slave_0: left promiscuous mode
[  289.340925][ T1323] hsr_slave_1: left promiscuous mode
[  289.552835][ T1323] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  289.560259][ T1323] batman_adv: batadv0: Removing interface: batadv_slave_0
[  289.582070][ T1323] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  289.589469][ T1323] batman_adv: batadv0: Removing interface: batadv_slave_1
[  289.642442][ T1323] veth1_macvtap: left promiscuous mode
[  289.648137][ T1323] veth0_macvtap: left promiscuous mode
[  289.712033][ T1323] veth1_vlan: left promiscuous mode
[  289.766283][ T1323] veth0_vlan: left promiscuous mode
[  296.405689][ T7672] netlink: 'syz.5.385': attribute type 4 has an invalid length.
[  301.489639][ T1323] team0 (unregistering): Port device team_slave_1 removed
[  301.575185][ T1323] team0 (unregistering): Port device team_slave_0 removed
[  301.647366][ T7714] loop3: detected capacity change from 0 to 1024
[  301.659514][ T7714] EXT4-fs: Ignoring removed nomblk_io_submit option
[  301.739394][ T7714] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  301.893413][ T7714] loop3: detected capacity change from 1024 to 64
[  301.918281][ T7714] syz.3.396: attempt to access beyond end of device
[  301.918281][ T7714] loop3: rw=524288, sector=224, nr_sectors = 8 limit=64
[  301.932360][ T7714] syz.3.396: attempt to access beyond end of device
[  301.932360][ T7714] loop3: rw=0, sector=224, nr_sectors = 8 limit=64
[  301.960556][ T7714] syz.3.396: attempt to access beyond end of device
[  301.960556][ T7714] loop3: rw=0, sector=224, nr_sectors = 8 limit=64
[  301.974896][ T7714] syz.3.396: attempt to access beyond end of device
[  301.974896][ T7714] loop3: rw=0, sector=224, nr_sectors = 8 limit=64
[  301.988974][ T7714] syz.3.396: attempt to access beyond end of device
[  301.988974][ T7714] loop3: rw=0, sector=224, nr_sectors = 8 limit=64
[  302.002899][ T7714] syz.3.396: attempt to access beyond end of device
[  302.002899][ T7714] loop3: rw=0, sector=224, nr_sectors = 8 limit=64
[  302.018897][ T7713] syz.3.396: attempt to access beyond end of device
[  302.018897][ T7713] loop3: rw=0, sector=224, nr_sectors = 8 limit=64
[  302.045933][ T7714] syz.3.396: attempt to access beyond end of device
[  302.045933][ T7714] loop3: rw=0, sector=224, nr_sectors = 8 limit=64
[  302.076355][ T7714] syz.3.396: attempt to access beyond end of device
[  302.076355][ T7714] loop3: rw=0, sector=224, nr_sectors = 8 limit=64
[  302.090016][ T7714] syz.3.396: attempt to access beyond end of device
[  302.090016][ T7714] loop3: rw=0, sector=224, nr_sectors = 8 limit=64
[  302.701218][ T5882] EXT4-fs error (device loop3): ext4_readdir:262: inode #2: block 16: comm syz-executor: path /92/file1: bad entry in directory: inode out of bounds - offset=0, inode=201326592, rec_len=256, size=1024 fake=0
[  302.909367][ T5882] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  302.942721][ T7470] bridge0: port 1(bridge_slave_0) entered blocking state
[  302.988769][ T7726] binder: BINDER_SET_CONTEXT_MGR already set
[  303.000888][ T7470] bridge0: port 1(bridge_slave_0) entered disabled state
[  303.008160][ T7470] bridge_slave_0: entered allmulticast mode
[  303.057041][ T7470] bridge_slave_0: entered promiscuous mode
[  303.082120][ T7726] binder: 7725:7726 ioctl 4018620d 2000000002c0 returned -16
[  303.089902][ T7715] buffer_io_error: 9 callbacks suppressed
[  303.089925][ T7715] Buffer I/O error on dev loop3, logical block 64, lost sync page write
[  303.197609][ T7470] bridge0: port 2(bridge_slave_1) entered blocking state
[  303.209184][ T7470] bridge0: port 2(bridge_slave_1) entered disabled state
[  303.217711][ T7470] bridge_slave_1: entered allmulticast mode
[  303.273750][ T7470] bridge_slave_1: entered promiscuous mode
[  303.954031][ T7470] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  304.085813][ T7470] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  304.734032][ T7470] team0: Port device team_slave_0 added
[  304.810465][ T7470] team0: Port device team_slave_1 added
[  305.027607][ T7299] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  305.045856][ T7299] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  305.223075][ T1323] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  305.488746][ T7470] batman_adv: batadv0: Adding interface: batadv_slave_0
[  305.529175][ T7470] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  305.706298][ T7470] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  305.743853][ T7299] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  305.788982][ T7299] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  305.890943][ T1323] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  306.031934][ T7470] batman_adv: batadv0: Adding interface: batadv_slave_1
[  306.115090][ T7470] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  306.297483][ T7470] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  306.483274][ T1323] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  306.785668][ T7765] vivid-007: =================  START STATUS  =================
[  306.856827][ T7765] vivid-007: Enable Output Cropping: true
[  306.875889][ T7765] vivid-007: Enable Output Composing: true
[  306.939862][ T7765] vivid-007: Enable Output Scaler: true
[  306.980963][ T7765] vivid-007: Tx RGB Quantization Range: Automatic
[  306.987519][ T7765] vivid-007: Transmit Mode: HDMI
[  306.993185][ T7765] vivid-007: Hotplug Present: 0x00000000
[  306.999130][ T7765] vivid-007: RxSense Present: 0x00000000
[  307.005254][ T7765] vivid-007: EDID Present: 0x00000000
[  307.011101][ T7765] vivid-007: ==================  END STATUS  ==================
[  307.464231][ T1323] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  308.249726][ T7470] hsr_slave_0: entered promiscuous mode
[  308.517340][ T7470] hsr_slave_1: entered promiscuous mode
[  308.539642][ T5868] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  308.569768][ T5868] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  308.578983][ T5868] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  308.598747][ T7470] debugfs: 'hsr0' already exists in 'hsr'
[  308.604843][ T5868] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  308.616904][ T5868] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  308.768524][ T7470] Cannot create hsr debugfs directory
[  310.933835][ T5868] Bluetooth: hci5: command tx timeout
[  311.929827][ T5875] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  311.951130][ T5875] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  311.958923][ T5875] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  311.970011][ T5875] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  311.979575][ T5875] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  312.164120][ T1323] bridge_slave_1: left allmulticast mode
[  312.169963][ T1323] bridge_slave_1: left promiscuous mode
[  312.186025][ T1323] bridge0: port 2(bridge_slave_1) entered disabled state
[  312.211976][ T1323] bridge_slave_0: left allmulticast mode
[  312.232557][ T1323] bridge_slave_0: left promiscuous mode
[  312.238534][ T1323] bridge0: port 1(bridge_slave_0) entered disabled state
[  312.973251][ T5868] Bluetooth: hci5: command tx timeout
[  313.579930][ T7830] loop0: detected capacity change from 0 to 128
[  313.699344][ T7830] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  313.770614][ T7830] ext4 filesystem being mounted at /93/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  313.828652][ T7830] netlink: 44 bytes leftover after parsing attributes in process `syz.0.422'.
[  313.838218][ T7830] netlink: 'syz.0.422': attribute type 6 has an invalid length.
[  313.848967][ T7830] netlink: 'syz.0.422': attribute type 5 has an invalid length.
[  313.860413][ T7830] netlink: 'syz.0.422': attribute type 4 has an invalid length.
[  314.021840][ T5868] Bluetooth: hci1: command tx timeout
[  314.078254][ T1323] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  314.177724][ T1323] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  314.269788][ T1323] bond0 (unregistering): Released all slaves
[  314.565739][ T7836] overlayfs: failed to clone upperpath
[  314.633295][ T5876] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  315.051459][ T5868] Bluetooth: hci5: command tx timeout
[  316.093318][ T5868] Bluetooth: hci1: command tx timeout
[  317.130927][ T5868] Bluetooth: hci5: command tx timeout
[  318.178380][ T5868] Bluetooth: hci1: command tx timeout
[  319.878338][ T7811] chnl_net:caif_netlink_parms(): no params data found
[  320.260933][ T5868] Bluetooth: hci1: command tx timeout
[  320.849034][ T7899] binder: 7897:7899 ioctl c0306201 2000000005c0 returned -14
[  323.858439][ T1323] hsr_slave_0: left promiscuous mode
[  324.035312][ T1323] hsr_slave_1: left promiscuous mode
[  324.065588][ T1323] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  324.083939][ T7921] loop5: detected capacity change from 0 to 256
[  324.088347][ T1323] batman_adv: batadv0: Removing interface: batadv_slave_0
[  324.137851][ T1323] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  324.186570][ T1323] batman_adv: batadv0: Removing interface: batadv_slave_1
[  324.208018][ T7921] exFAT-fs (loop5): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d)
[  324.281818][ T7921] exFAT-fs (loop5): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  324.297686][ T1323] veth1_macvtap: left promiscuous mode
[  324.314097][ T1323] veth0_macvtap: left promiscuous mode
[  324.326575][ T1323] veth1_vlan: left promiscuous mode
[  324.334394][ T1323] veth0_vlan: left promiscuous mode
[  324.419646][   T30] audit: type=1800 audit(1758544756.395:7): pid=7921 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.442" name="file1" dev="loop5" ino=1048626 res=0 errno=0
[  326.815636][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  326.823664][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  328.884101][ T5875] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  328.901129][ T5875] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  328.911396][ T5875] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  328.922140][ T5875] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  328.931698][ T5875] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  329.094311][ T1323] team0 (unregistering): Port device team_slave_1 removed
[  329.195775][ T1323] team0 (unregistering): Port device team_slave_0 removed
[  331.098783][ T5868] Bluetooth: hci6: command tx timeout
[  332.583142][ T7981] syz.0.458 uses obsolete (PF_INET,SOCK_PACKET)
[  334.285847][ T5868] Bluetooth: hci6: command tx timeout
[  336.365469][ T5868] Bluetooth: hci6: command tx timeout
[  337.122320][ T7811] bridge0: port 1(bridge_slave_0) entered blocking state
[  337.168413][ T7811] bridge0: port 1(bridge_slave_0) entered disabled state
[  337.204434][ T7811] bridge_slave_0: entered allmulticast mode
[  337.212541][ T7811] bridge_slave_0: entered promiscuous mode
[  337.274792][ T7811] bridge0: port 2(bridge_slave_1) entered blocking state
[  337.314350][ T7811] bridge0: port 2(bridge_slave_1) entered disabled state
[  337.321649][ T7811] bridge_slave_1: entered allmulticast mode
[  337.363681][ T7811] bridge_slave_1: entered promiscuous mode
[  337.582409][ T7784] chnl_net:caif_netlink_parms(): no params data found
[  338.626400][ T5868] Bluetooth: hci6: command tx timeout
[  340.261156][ T7811] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  340.326652][ T7811] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  341.676960][ T8040] loop0: detected capacity change from 0 to 1024
[  341.687501][ T7811] team0: Port device team_slave_0 added
[  341.694403][ T8040] EXT4-fs: Ignoring removed nomblk_io_submit option
[  341.768464][ T1323] IPVS: stop unused estimator thread 0...
[  341.935130][ T8040] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  341.983525][ T7811] team0: Port device team_slave_1 added
[  342.282625][ T8040] loop0: detected capacity change from 1024 to 64
[  342.333217][ T8049] bio_check_eod: 1679 callbacks suppressed
[  342.333242][ T8049] syz.0.473: attempt to access beyond end of device
[  342.333242][ T8049] loop0: rw=524288, sector=224, nr_sectors = 8 limit=64
[  342.383363][ T7784] bridge0: port 1(bridge_slave_0) entered blocking state
[  342.390533][ T7784] bridge0: port 1(bridge_slave_0) entered disabled state
[  342.441768][ T8050] syz.0.473: attempt to access beyond end of device
[  342.441768][ T8050] loop0: rw=0, sector=224, nr_sectors = 8 limit=64
[  342.471680][ T8049] syz.0.473: attempt to access beyond end of device
[  342.471680][ T8049] loop0: rw=0, sector=224, nr_sectors = 8 limit=64
[  342.501723][ T7784] bridge_slave_0: entered allmulticast mode
[  342.520346][ T7784] bridge_slave_0: entered promiscuous mode
[  342.553164][ T8050] syz.0.473: attempt to access beyond end of device
[  342.553164][ T8050] loop0: rw=0, sector=224, nr_sectors = 8 limit=64
[  342.722380][ T5876] EXT4-fs error (device loop0): ext4_readdir:262: inode #2: block 16: comm syz-executor: path /109/file1: bad entry in directory: inode out of bounds - offset=0, inode=201326592, rec_len=256, size=1024 fake=0
[  342.767951][ T7811] batman_adv: batadv0: Adding interface: batadv_slave_0
[  342.792637][ T7811] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  342.870981][ T7811] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  342.911047][ T7811] batman_adv: batadv0: Adding interface: batadv_slave_1
[  342.949337][ T7811] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  342.996881][ T7811] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  343.264364][ T5876] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  343.297757][ T7784] bridge0: port 2(bridge_slave_1) entered blocking state
[  343.309511][ T7784] bridge0: port 2(bridge_slave_1) entered disabled state
[  343.359172][ T8043] kmmpd-loop0: attempt to access beyond end of device
[  343.359172][ T8043] loop0: rw=14337, sector=128, nr_sectors = 2 limit=64
[  343.390394][ T7784] bridge_slave_1: entered allmulticast mode
[  343.405597][ T7784] bridge_slave_1: entered promiscuous mode
[  343.452017][ T8043] Buffer I/O error on dev loop0, logical block 64, lost sync page write
[  343.978192][ T7784] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  345.674630][ T7784] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  345.855568][ T7811] hsr_slave_0: entered promiscuous mode
[  345.891558][ T7811] hsr_slave_1: entered promiscuous mode
[  345.898182][ T7811] debugfs: 'hsr0' already exists in 'hsr'
[  345.943396][ T7811] Cannot create hsr debugfs directory
[  346.596803][ T7784] team0: Port device team_slave_0 added
[  347.082023][ T7784] team0: Port device team_slave_1 added
[  347.245030][ T7947] chnl_net:caif_netlink_parms(): no params data found
[  347.746710][ T8104] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  348.679132][ T5875] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  348.690095][ T5875] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  348.700314][ T5875] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  348.757646][ T5875] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  348.772675][ T5875] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  348.825070][ T7784] batman_adv: batadv0: Adding interface: batadv_slave_0
[  348.833869][ T7784] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  348.861425][ T7784] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  348.926347][ T7784] batman_adv: batadv0: Adding interface: batadv_slave_1
[  348.936176][ T7784] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  348.965725][ T7784] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  349.345970][ T7784] hsr_slave_0: entered promiscuous mode
[  349.352940][ T7784] hsr_slave_1: entered promiscuous mode
[  349.360508][ T7784] debugfs: 'hsr0' already exists in 'hsr'
[  349.366265][ T7784] Cannot create hsr debugfs directory
[  349.391361][ T7947] bridge0: port 1(bridge_slave_0) entered blocking state
[  349.404742][ T7947] bridge0: port 1(bridge_slave_0) entered disabled state
[  349.412794][ T7947] bridge_slave_0: entered allmulticast mode
[  349.428319][ T7947] bridge_slave_0: entered promiscuous mode
[  349.457756][ T7947] bridge0: port 2(bridge_slave_1) entered blocking state
[  349.473158][ T7947] bridge0: port 2(bridge_slave_1) entered disabled state
[  349.481201][ T7947] bridge_slave_1: entered allmulticast mode
[  349.489703][ T7947] bridge_slave_1: entered promiscuous mode
[  349.561664][ T1323] bridge_slave_1: left allmulticast mode
[  349.567343][ T1323] bridge_slave_1: left promiscuous mode
[  349.573504][ T1323] bridge0: port 2(bridge_slave_1) entered disabled state
[  349.584577][ T1323] bridge_slave_0: left allmulticast mode
[  349.592488][ T1323] bridge_slave_0: left promiscuous mode
[  349.618636][ T1323] bridge0: port 1(bridge_slave_0) entered disabled state
[  349.645413][ T1323] bridge_slave_1: left allmulticast mode
[  349.662058][ T1323] bridge_slave_1: left promiscuous mode
[  349.677060][ T1323] bridge0: port 2(bridge_slave_1) entered disabled state
[  349.706116][ T1323] bridge_slave_0: left allmulticast mode
[  349.714168][ T1323] bridge_slave_0: left promiscuous mode
[  349.761560][ T1323] bridge0: port 1(bridge_slave_0) entered disabled state
[  350.048315][ T8129] capability: warning: `syz.2.491' uses deprecated v2 capabilities in a way that may be insecure
[  350.104386][ T1323] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  350.123780][ T1323] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  350.136575][ T1323] bond0 (unregistering): Released all slaves
[  350.878176][ T5875] Bluetooth: hci3: command tx timeout
[  350.977008][   T30] audit: type=1804 audit(1758544782.969:8): pid=8135 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.493" name="bus" dev="ramfs" ino=18267 res=1 errno=0
[  351.017407][   T30] audit: type=1804 audit(1758544782.999:9): pid=8135 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.493" name="bus" dev="ramfs" ino=18267 res=1 errno=0
[  351.122675][ T1323] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  351.154582][ T1323] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  351.174234][ T1323] bond0 (unregistering): Released all slaves
[  351.293052][ T7947] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  351.444486][ T7947] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  351.647078][ T1323] hsr_slave_0: left promiscuous mode
[  351.655529][ T1323] hsr_slave_1: left promiscuous mode
[  351.672646][ T1323] batman_adv: batadv0: Removing interface: batadv_slave_0
[  351.682236][ T1323] batman_adv: batadv0: Removing interface: batadv_slave_1
[  351.704561][ T1323] hsr_slave_0: left promiscuous mode
[  351.715700][ T1323] hsr_slave_1: left promiscuous mode
[  351.731330][ T1323] batman_adv: batadv0: Removing interface: batadv_slave_0
[  351.742429][ T1323] batman_adv: batadv0: Removing interface: batadv_slave_1
[  352.541647][ T1323] team0 (unregistering): Port device team_slave_1 removed
[  353.022066][ T5875] Bluetooth: hci3: command tx timeout
[  353.878286][ T1323] team0 (unregistering): Port device team_slave_0 removed
[  353.958234][ T8153] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  354.424359][ T1323] team0 (unregistering): Port device team_slave_1 removed
[  354.459118][ T1323] team0 (unregistering): Port device team_slave_0 removed
[  355.645435][ T5875] Bluetooth: hci3: command tx timeout
[  357.072764][ T7947] team0: Port device team_slave_0 added
[  357.683922][ T5875] Bluetooth: hci3: command tx timeout
[  358.274362][ T7947] team0: Port device team_slave_1 added
[  360.639581][ T7947] batman_adv: batadv0: Adding interface: batadv_slave_0
[  360.692300][ T7947] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  360.837529][ T7947] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  360.903503][ T7947] batman_adv: batadv0: Adding interface: batadv_slave_1
[  360.910474][ T7947] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  360.948856][ T7947] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  361.249636][ T8106] chnl_net:caif_netlink_parms(): no params data found
[  361.409863][ T7947] hsr_slave_0: entered promiscuous mode
[  361.424479][ T7947] hsr_slave_1: entered promiscuous mode
[  361.431041][ T7947] debugfs: 'hsr0' already exists in 'hsr'
[  361.826923][ T7947] Cannot create hsr debugfs directory
[  362.686165][ T7811] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  362.828849][ T8106] bridge0: port 1(bridge_slave_0) entered blocking state
[  362.859262][ T8106] bridge0: port 1(bridge_slave_0) entered disabled state
[  362.869659][ T8106] bridge_slave_0: entered allmulticast mode
[  362.878888][ T8106] bridge_slave_0: entered promiscuous mode
[  363.547869][ T7811] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  364.728188][ T8106] bridge0: port 2(bridge_slave_1) entered blocking state
[  364.749997][ T8106] bridge0: port 2(bridge_slave_1) entered disabled state
[  364.757713][ T8106] bridge_slave_1: entered allmulticast mode
[  364.809253][ T8106] bridge_slave_1: entered promiscuous mode
[  364.888364][ T7811] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  364.996366][ T8106] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  365.007046][ T7811] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  365.097036][ T8106] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  365.206345][ T1323] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  365.332884][ T7784] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  365.373161][ T8106] team0: Port device team_slave_0 added
[  365.405828][ T7784] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  365.468703][ T1323] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  365.524099][ T8106] team0: Port device team_slave_1 added
[  365.943416][ T7784] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  368.128265][ T8236] Dead loop on virtual device ip6_vti0, fix it urgently!
[  368.218730][ T8236] Dead loop on virtual device ip6_vti0, fix it urgently!
[  368.682498][ T1323] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  368.747416][ T8106] batman_adv: batadv0: Adding interface: batadv_slave_0
[  368.755002][ T8106] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  368.818314][ T8106] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  368.844734][ T8106] batman_adv: batadv0: Adding interface: batadv_slave_1
[  368.853538][ T8106] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  368.923683][ T5868] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  368.938810][ T5868] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  368.954637][ T8106] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  368.976820][ T5868] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  368.986060][ T5868] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  369.148714][ T5868] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  369.301985][ T1323] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  369.826590][ T8247] netlink: 'syz.2.522': attribute type 2 has an invalid length.
[  370.253079][ T8250] loop5: detected capacity change from 0 to 256
[  370.323713][ T8250] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  370.373896][ T8250] exFAT-fs (loop5): Medium has reported failures. Some data may be lost.
[  370.421607][ T8106] hsr_slave_0: entered promiscuous mode
[  370.441552][ T8250] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  370.458569][ T8106] hsr_slave_1: entered promiscuous mode
[  370.474558][ T8106] debugfs: 'hsr0' already exists in 'hsr'
[  370.504294][ T8106] Cannot create hsr debugfs directory
[  370.524843][   T30] audit: type=1804 audit(1758544802.528:10): pid=8250 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.523" name="/newroot/139/bus/bus" dev="loop5" ino=1048636 res=1 errno=0
[  370.781178][ T5875] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  370.793003][ T5875] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  370.818593][ T5875] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  370.840416][ T5875] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  370.848790][ T5875] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  370.868511][ T7947] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  370.911852][ T7947] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  371.036009][ T7947] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  371.176317][ T7947] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  371.268700][ T5868] Bluetooth: hci4: command tx timeout
[  372.708527][ T1323] bridge_slave_1: left allmulticast mode
[  372.714225][ T1323] bridge_slave_1: left promiscuous mode
[  373.670642][ T5875] Bluetooth: hci4: command tx timeout
[  373.676333][ T5868] Bluetooth: hci1: command tx timeout
[  374.726169][ T1323] bridge0: port 2(bridge_slave_1) entered disabled state
[  375.079979][ T1323] bridge_slave_0: left allmulticast mode
[  375.100596][ T1323] bridge_slave_0: left promiscuous mode
[  375.133155][ T1323] bridge0: port 1(bridge_slave_0) entered disabled state
[  375.746357][ T5879] Bluetooth: hci1: command tx timeout
[  375.756551][ T5879] Bluetooth: hci4: command tx timeout
[  377.824794][ T5868] Bluetooth: hci4: command tx timeout
[  377.830255][ T5868] Bluetooth: hci1: command tx timeout
[  378.538261][ T1323] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  378.885027][ T1323] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  378.905886][ T1323] bond0 (unregistering): Released all slaves
[  379.881776][ T5868] Bluetooth: hci2: unexpected cc 0x1001 length: 1 < 9
[  379.885847][ T8299] netlink: 188 bytes leftover after parsing attributes in process `syz.5.533'.
[  379.890658][ T5868] Bluetooth: hci2: unexpected event for opcode 0x1001
[  379.917067][ T5868] Bluetooth: hci1: command tx timeout
[  380.506842][ T5868] Bluetooth: hci0: unexpected cc 0x1001 length: 1 < 9
[  380.523383][ T5868] Bluetooth: hci0: unexpected event for opcode 0x1001
[  380.540299][ T7947] 8021q: adding VLAN 0 to HW filter on device bond0
[  380.554693][ T8309] netlink: 188 bytes leftover after parsing attributes in process `syz.2.542'.
[  380.616109][ T7947] 8021q: adding VLAN 0 to HW filter on device team0
[  381.416788][ T1323] hsr_slave_0: left promiscuous mode
[  381.441599][ T1323] hsr_slave_1: left promiscuous mode
[  381.498737][ T1323] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  381.507009][ T1323] batman_adv: batadv0: Removing interface: batadv_slave_0
[  381.582839][ T1323] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  381.741101][ T1323] batman_adv: batadv0: Removing interface: batadv_slave_1
[  381.788460][ T1323] veth1_macvtap: left promiscuous mode
[  381.812606][ T1323] veth0_macvtap: left promiscuous mode
[  381.844576][ T1323] veth1_vlan: left promiscuous mode
[  381.866261][ T1323] veth0_vlan: left promiscuous mode
[  389.188642][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  389.194983][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  389.853155][ T5879] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  389.863779][ T5879] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  389.880654][ T5879] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  389.892398][ T5879] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  389.900620][ T8239] chnl_net:caif_netlink_parms(): no params data found
[  389.908855][ T5879] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  389.963817][ T8106] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  390.085161][ T8106] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  390.157063][ T8106] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  390.224809][ T8106] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  390.266338][ T8257] chnl_net:caif_netlink_parms(): no params data found
[  390.492713][ T8239] bridge0: port 1(bridge_slave_0) entered blocking state
[  390.500279][ T8239] bridge0: port 1(bridge_slave_0) entered disabled state
[  390.507963][ T8239] bridge_slave_0: entered allmulticast mode
[  390.515942][ T8239] bridge_slave_0: entered promiscuous mode
[  390.572707][ T8239] bridge0: port 2(bridge_slave_1) entered blocking state
[  390.582330][ T8239] bridge0: port 2(bridge_slave_1) entered disabled state
[  390.589859][ T8239] bridge_slave_1: entered allmulticast mode
[  390.598295][ T8239] bridge_slave_1: entered promiscuous mode
[  390.793074][ T8257] bridge0: port 1(bridge_slave_0) entered blocking state
[  390.800401][ T8257] bridge0: port 1(bridge_slave_0) entered disabled state
[  390.807857][ T8257] bridge_slave_0: entered allmulticast mode
[  390.815565][ T8257] bridge_slave_0: entered promiscuous mode
[  390.825891][ T8257] bridge0: port 2(bridge_slave_1) entered blocking state
[  390.833561][ T8257] bridge0: port 2(bridge_slave_1) entered disabled state
[  390.841589][ T8257] bridge_slave_1: entered allmulticast mode
[  390.850577][ T8257] bridge_slave_1: entered promiscuous mode
[  390.869037][ T8239] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  390.919736][ T8239] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  391.001559][ T8257] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  391.015220][ T8257] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  391.051214][ T8239] team0: Port device team_slave_0 added
[  391.110574][ T8257] team0: Port device team_slave_0 added
[  391.120185][ T8239] team0: Port device team_slave_1 added
[  391.204832][ T8257] team0: Port device team_slave_1 added
[  391.286687][ T8257] batman_adv: batadv0: Adding interface: batadv_slave_0
[  391.293872][ T8257] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  391.322230][ T8257] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  391.338385][ T8239] batman_adv: batadv0: Adding interface: batadv_slave_0
[  391.345668][ T8239] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  391.372414][ T8239] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  391.435027][ T8257] batman_adv: batadv0: Adding interface: batadv_slave_1
[  391.442182][ T8257] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  391.469582][ T8257] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  391.509696][ T8239] batman_adv: batadv0: Adding interface: batadv_slave_1
[  391.516692][ T8239] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  391.543683][ T8239] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  391.719613][ T8257] hsr_slave_0: entered promiscuous mode
[  391.726351][ T8257] hsr_slave_1: entered promiscuous mode
[  391.733115][ T8257] debugfs: 'hsr0' already exists in 'hsr'
[  391.740021][ T8257] Cannot create hsr debugfs directory
[  391.804455][ T8350] chnl_net:caif_netlink_parms(): no params data found
[  391.825730][ T8239] hsr_slave_0: entered promiscuous mode
[  391.833651][ T8239] hsr_slave_1: entered promiscuous mode
[  391.841089][ T8239] debugfs: 'hsr0' already exists in 'hsr'
[  391.846984][ T8239] Cannot create hsr debugfs directory
[  391.976713][ T5868] Bluetooth: hci5: command tx timeout
[  392.189071][ T8106] 8021q: adding VLAN 0 to HW filter on device bond0
[  392.404754][ T8350] bridge0: port 1(bridge_slave_0) entered blocking state
[  392.413172][ T8350] bridge0: port 1(bridge_slave_0) entered disabled state
[  392.420881][ T8350] bridge_slave_0: entered allmulticast mode
[  392.429996][ T8350] bridge_slave_0: entered promiscuous mode
[  392.446199][ T8350] bridge0: port 2(bridge_slave_1) entered blocking state
[  392.455291][ T8350] bridge0: port 2(bridge_slave_1) entered disabled state
[  392.463525][ T8350] bridge_slave_1: entered allmulticast mode
[  392.472182][ T8350] bridge_slave_1: entered promiscuous mode
[  392.599270][ T8106] 8021q: adding VLAN 0 to HW filter on device team0
[  392.629102][ T8350] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  392.671703][ T8350] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  392.743139][ T6164] bridge0: port 1(bridge_slave_0) entered blocking state
[  392.750373][ T6164] bridge0: port 1(bridge_slave_0) entered forwarding state
[  392.782562][ T8350] team0: Port device team_slave_0 added
[  392.793912][ T8350] team0: Port device team_slave_1 added
[  392.828941][ T6166] bridge0: port 2(bridge_slave_1) entered blocking state
[  392.836210][ T6166] bridge0: port 2(bridge_slave_1) entered forwarding state
[  392.882426][ T8350] batman_adv: batadv0: Adding interface: batadv_slave_0
[  392.890100][ T8350] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  392.917519][ T8350] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  392.962204][ T8350] batman_adv: batadv0: Adding interface: batadv_slave_1
[  392.969443][ T8350] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  392.999668][ T8350] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  393.150754][ T8350] hsr_slave_0: entered promiscuous mode
[  393.158194][ T8350] hsr_slave_1: entered promiscuous mode
[  393.164739][ T8350] debugfs: 'hsr0' already exists in 'hsr'
[  393.171391][ T8350] Cannot create hsr debugfs directory
[  393.801076][ T8106] 8021q: adding VLAN 0 to HW filter on device batadv0
[  394.044017][ T1323] bridge_slave_1: left allmulticast mode
[  394.056637][ T5868] Bluetooth: hci5: command tx timeout
[  394.062244][ T1323] bridge_slave_1: left promiscuous mode
[  394.069550][ T1323] bridge0: port 2(bridge_slave_1) entered disabled state
[  394.087783][ T1323] bridge_slave_0: left allmulticast mode
[  394.093491][ T1323] bridge_slave_0: left promiscuous mode
[  394.100916][ T1323] bridge0: port 1(bridge_slave_0) entered disabled state
[  394.121692][ T1323] bridge_slave_1: left allmulticast mode
[  394.131222][ T1323] bridge_slave_1: left promiscuous mode
[  394.140053][ T1323] bridge0: port 2(bridge_slave_1) entered disabled state
[  394.150188][ T1323] bridge_slave_0: left allmulticast mode
[  394.156174][ T1323] bridge_slave_0: left promiscuous mode
[  394.161946][ T1323] bridge0: port 1(bridge_slave_0) entered disabled state
[  394.173322][ T1323] bridge_slave_1: left allmulticast mode
[  394.179724][ T1323] bridge_slave_1: left promiscuous mode
[  394.186853][ T1323] bridge0: port 2(bridge_slave_1) entered disabled state
[  394.196767][ T1323] bridge_slave_0: left allmulticast mode
[  394.202446][ T1323] bridge_slave_0: left promiscuous mode
[  394.208951][ T1323] bridge0: port 1(bridge_slave_0) entered disabled state
[  394.520428][ T1323] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  394.538429][ T1323] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  394.550643][ T1323] bond0 (unregistering): Released all slaves
[  394.682126][ T1323] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  394.694553][ T1323] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  394.708383][ T1323] bond0 (unregistering): Released all slaves
[  394.835034][ T1323] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  394.846721][ T1323] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  394.859719][ T1323] bond0 (unregistering): Released all slaves
[  394.964693][ T8257] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  395.011896][ T8257] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  395.077948][ T1323] hsr_slave_0: left promiscuous mode
[  395.094666][ T1323] hsr_slave_1: left promiscuous mode
[  395.112937][ T1323] batman_adv: batadv0: Removing interface: batadv_slave_0
[  395.124670][ T1323] batman_adv: batadv0: Removing interface: batadv_slave_1
[  395.138040][ T1323] hsr_slave_0: left promiscuous mode
[  395.144038][ T1323] hsr_slave_1: left promiscuous mode
[  395.153515][ T1323] batman_adv: batadv0: Removing interface: batadv_slave_0
[  395.161845][ T1323] batman_adv: batadv0: Removing interface: batadv_slave_1
[  395.174219][ T1323] hsr_slave_0: left promiscuous mode
[  395.180993][ T1323] hsr_slave_1: left promiscuous mode
[  395.187565][ T1323] batman_adv: batadv0: Removing interface: batadv_slave_0
[  395.196887][ T1323] batman_adv: batadv0: Removing interface: batadv_slave_1
[  395.410500][ T1323] team0 (unregistering): Port device team_slave_1 removed
[  395.451818][ T1323] team0 (unregistering): Port device team_slave_0 removed
[  395.888633][ T1323] team0 (unregistering): Port device team_slave_1 removed
[  395.927337][ T1323] team0 (unregistering): Port device team_slave_0 removed
[  396.135546][ T5868] Bluetooth: hci5: command tx timeout
[  396.312665][ T1323] team0 (unregistering): Port device team_slave_1 removed
[  396.348570][ T1323] team0 (unregistering): Port device team_slave_0 removed
[  396.525777][ T8257] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  396.537306][ T8257] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  396.957799][ T8106] veth0_vlan: entered promiscuous mode
[  397.037562][ T8257] 8021q: adding VLAN 0 to HW filter on device bond0
[  397.061970][ T8106] veth1_vlan: entered promiscuous mode
[  397.073812][ T8257] 8021q: adding VLAN 0 to HW filter on device team0
[  397.162739][ T6166] bridge0: port 1(bridge_slave_0) entered blocking state
[  397.169960][ T6166] bridge0: port 1(bridge_slave_0) entered forwarding state
[  397.245796][ T6164] bridge0: port 2(bridge_slave_1) entered blocking state
[  397.253021][ T6164] bridge0: port 2(bridge_slave_1) entered forwarding state
[  397.412447][ T8106] veth0_macvtap: entered promiscuous mode
[  397.441878][ T8239] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  397.468147][ T8239] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  397.520183][ T8239] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  397.541507][ T8239] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  397.576250][ T8106] veth1_macvtap: entered promiscuous mode
[  397.750580][ T8106] batman_adv: batadv0: Interface activated: batadv_slave_0
[  397.792638][ T8106] batman_adv: batadv0: Interface activated: batadv_slave_1
[  397.901281][ T1151] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  397.911260][ T1151] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  397.956105][ T1151] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  397.966617][ T1151] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  398.175971][ T8257] 8021q: adding VLAN 0 to HW filter on device batadv0
[  398.214964][ T5868] Bluetooth: hci5: command tx timeout
[  398.336182][ T8350] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  398.336556][ T1323] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  398.393703][ T1323] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  398.410732][ T8350] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  398.472822][ T8350] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  398.498319][ T8350] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  398.609172][ T6161] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  398.622922][ T6161] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  398.650861][ T8239] 8021q: adding VLAN 0 to HW filter on device bond0
[  398.730455][ T8239] 8021q: adding VLAN 0 to HW filter on device team0
[  398.804698][ T6166] bridge0: port 1(bridge_slave_0) entered blocking state
[  398.811870][ T6166] bridge0: port 1(bridge_slave_0) entered forwarding state
[  398.852303][ T6166] bridge0: port 2(bridge_slave_1) entered blocking state
[  398.859484][ T6166] bridge0: port 2(bridge_slave_1) entered forwarding state
[  400.955021][ T8350] 8021q: adding VLAN 0 to HW filter on device bond0
[  402.334194][ T8350] 8021q: adding VLAN 0 to HW filter on device team0
[  402.480824][ T6164] bridge0: port 1(bridge_slave_0) entered blocking state
[  402.488076][ T6164] bridge0: port 1(bridge_slave_0) entered forwarding state
[  402.611136][ T1090] bridge0: port 2(bridge_slave_1) entered blocking state
[  402.618549][ T1090] bridge0: port 2(bridge_slave_1) entered forwarding state
[  403.018612][ T8257] veth0_vlan: entered promiscuous mode
[  403.116657][ T8257] veth1_vlan: entered promiscuous mode
[  403.332630][ T8239] 8021q: adding VLAN 0 to HW filter on device batadv0
[  403.429387][ T8257] veth0_macvtap: entered promiscuous mode
[  403.544721][ T8257] veth1_macvtap: entered promiscuous mode
[  403.720118][ T8257] batman_adv: batadv0: Interface activated: batadv_slave_0
[  403.794971][ T8257] batman_adv: batadv0: Interface activated: batadv_slave_1
[  403.933244][ T6161] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  403.981321][ T6161] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  404.012767][ T6161] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  404.345863][ T6161] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  406.654572][ T8350] 8021q: adding VLAN 0 to HW filter on device batadv0
[  406.707653][ T8490] netlink: 16 bytes leftover after parsing attributes in process `syz.2.556'.
[  406.857772][ T6258] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  406.910408][ T6258] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  407.714406][ T1151] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  407.724576][ T8505] fuse: Bad value for 'fd'
[  407.781357][ T1151] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  408.267136][ T8239] veth0_vlan: entered promiscuous mode
[  408.374176][ T8239] veth1_vlan: entered promiscuous mode
[  408.389774][ T8513] overlayfs: failed to clone upperpath
[  408.455395][ T8517] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  408.596869][ T8522] netlink: 4 bytes leftover after parsing attributes in process `syz.6.29'.
[  409.001445][ T8239] veth0_macvtap: entered promiscuous mode
[  409.058366][ T8522] bridge_slave_1: left allmulticast mode
[  409.091216][ T8522] bridge_slave_1: left promiscuous mode
[  409.811637][ T8522] bridge0: port 2(bridge_slave_1) entered disabled state
[  409.973736][ T8522] bridge_slave_0: left allmulticast mode
[  410.018370][ T8522] bridge_slave_0: left promiscuous mode
[  410.024242][ T8522] bridge0: port 1(bridge_slave_0) entered disabled state
[  410.467005][ T8239] veth1_macvtap: entered promiscuous mode
[  410.634918][ T8239] batman_adv: batadv0: Interface activated: batadv_slave_0
[  410.722975][ T8239] batman_adv: batadv0: Interface activated: batadv_slave_1
[  410.889603][ T1090] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  410.954733][ T1090] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  410.986453][ T1090] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  411.034740][ T8350] veth0_vlan: entered promiscuous mode
[  411.851009][ T1090] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  412.015019][ T8350] veth1_vlan: entered promiscuous mode


	


	


				


			
	

	
		





	

	









	

	




	

	
		


				


			
			
	
			
	
[  415.059782][ T8598] fuse: Bad value for 'fd'

syzkaller
syzkaller login: [  415.290788][ T1151] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  415.323285][ T1151] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  419.075338][ T6260] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  419.095698][ T6260] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  420.744832][ T8639] loop6: detected capacity change from 0 to 128
[  421.115373][ T1151] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  421.858732][ T1151] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  422.142341][ T8639] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  422.249599][ T8639] ext4 filesystem being mounted at /5/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  427.318198][ T8257] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  429.913762][   T30] audit: type=1804 audit(1758544861.918:11): pid=8697 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.8.600" name="bus" dev="ramfs" ino=24040 res=1 errno=0
[  430.487531][   T30] audit: type=1804 audit(1758544861.918:12): pid=8697 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.8.600" name="bus" dev="ramfs" ino=24040 res=1 errno=0
[  430.520960][ T8703] RDS: rds_bind could not find a transport for fe88::a, load rds_tcp or rds_rdma?
[  437.110125][ T8753] loop6: detected capacity change from 0 to 512
[  437.325112][ T8759] netfs: Couldn't get user pages (rc=-14)
[  438.233658][ T8767] binder: 8762:8767 ioctl c00c620f 0 returned -14
[  438.267895][ T8753] EXT4-fs (loop6): 1 orphan inode deleted
[  438.300279][   T49] Quota error (device loop6): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  438.368053][   T49] EXT4-fs error (device loop6): ext4_release_dquot:6971: comm kworker/u8:3: Failed to release dquot type 1
[  438.385977][ T8753] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  438.462893][ T8753] ext4 filesystem being mounted at /10/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  438.542669][   T30] audit: type=1804 audit(1758544870.572:13): pid=8772 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.620" name="bus" dev="ramfs" ino=22942 res=1 errno=0
[  438.672646][   T30] audit: type=1804 audit(1758544870.572:14): pid=8772 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.620" name="bus" dev="ramfs" ino=22942 res=1 errno=0
[  438.857983][ T8778] RDS: rds_bind could not find a transport for fe88::9, load rds_tcp or rds_rdma?
[  440.481345][   T30] audit: type=1400 audit(1758544872.133:15): apparmor="DENIED" operation="stack" class="file" info="label not found" error=-2 profile="unconfined" name=":ched_switch" pid=8789 comm="syz.8.624"
[  440.636165][ T8257] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  443.796060][ T8807] netlink: 8 bytes leftover after parsing attributes in process `syz.8.628'.
[  443.816036][ T5879] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  443.831176][ T5879] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  443.840938][ T5879] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  443.850655][ T5879] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  443.858896][ T5879] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  444.061369][ T8819] tun0: tun_chr_ioctl cmd 1074025675
[  444.066717][ T8819] tun0: persist enabled
[  444.072550][ T8819] tun0: tun_chr_ioctl cmd 1074025675
[  444.077948][ T8819] tun0: persist disabled
[  444.227913][ T8827] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  446.485884][ T5868] Bluetooth: hci6: command tx timeout
[  449.388010][ T5868] Bluetooth: hci6: command tx timeout
[  449.452388][   T30] audit: type=1326 audit(1758544881.488:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8857 comm="syz.2.639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb1ed8eec9 code=0x7ffc0000
[  449.682826][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  449.796934][   T30] audit: type=1326 audit(1758544881.488:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8857 comm="syz.2.639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb1ed8eec9 code=0x7ffc0000
[  449.903260][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  450.013883][   T30] audit: type=1326 audit(1758544881.678:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8857 comm="syz.2.639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fbb1ed8eec9 code=0x7ffc0000
[  450.269243][   T30] audit: type=1326 audit(1758544881.708:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8857 comm="syz.2.639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb1ed8eec9 code=0x7ffc0000
[  450.508315][   T30] audit: type=1326 audit(1758544881.728:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8857 comm="syz.2.639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb1ed8eec9 code=0x7ffc0000
[  450.602370][   T30] audit: type=1326 audit(1758544881.728:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8857 comm="syz.2.639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fbb1ed8eec9 code=0x7ffc0000
[  451.471592][ T5868] Bluetooth: hci6: command tx timeout
[  451.478056][   T30] audit: type=1326 audit(1758544881.728:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8857 comm="syz.2.639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb1ed8eec9 code=0x7ffc0000
[  451.500460][   T30] audit: type=1326 audit(1758544881.758:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8857 comm="syz.2.639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb1ed8eec9 code=0x7ffc0000
[  451.527689][   T30] audit: type=1326 audit(1758544881.758:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8857 comm="syz.2.639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fbb1ed8eec9 code=0x7ffc0000
[  451.552654][   T30] audit: type=1326 audit(1758544881.758:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8857 comm="syz.2.639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb1ed8eec9 code=0x7ffc0000
[  451.884828][ T6164] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  453.546726][ T5868] Bluetooth: hci6: command tx timeout
[  453.834074][ T6164] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  454.081326][ T8883] loop8: detected capacity change from 0 to 128
[  454.416599][ T8883] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  454.615888][ T8883] ext4 filesystem being mounted at /13/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  454.862470][ T6164] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  454.979050][ T8930] netlink: 4 bytes leftover after parsing attributes in process `syz.6.651'.
[  455.015639][ T8930] netlink: 4 bytes leftover after parsing attributes in process `syz.6.651'.
[  456.578141][ T6164] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  457.399246][ T8239] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  457.507205][ T8959] loop5: detected capacity change from 0 to 128
[  457.681473][ T8959] affs: No valid root block on device loop5
[  458.338825][ T8815] chnl_net:caif_netlink_parms(): no params data found
[  460.184732][ T8976] new mount options do not match the existing superblock, will be ignored
[  460.246339][ T8976] cgroup: option or name mismatch, new: 0x4 "", old: 0x0 ""
[  463.915015][ T8990] loop9: detected capacity change from 0 to 2048
[  464.073921][ T8986] loop8: detected capacity change from 0 to 512
[  464.121242][ T8990] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  464.149223][ T8990] ext4 filesystem being mounted at /27/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  464.314545][ T8986] EXT4-fs: Ignoring removed oldalloc option
[  465.884223][ T8815] bridge0: port 1(bridge_slave_0) entered blocking state
[  465.889942][ T8986] workqueue: Failed to create a rescuer kthread for wq "ext4-rsv-conversion": -EINTR
[  465.920997][ T8986] EXT4-fs: failed to create workqueue
[  465.935496][ T8815] bridge0: port 1(bridge_slave_0) entered disabled state
[  465.993579][ T8815] bridge_slave_0: entered allmulticast mode
[  466.014297][ T8815] bridge_slave_0: entered promiscuous mode
[  466.018523][ T8986] EXT4-fs (loop8): mount failed
[  466.055247][ T8106] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  466.063668][ T8815] bridge0: port 2(bridge_slave_1) entered blocking state
[  466.095418][ T8815] bridge0: port 2(bridge_slave_1) entered disabled state
[  466.123541][ T8815] bridge_slave_1: entered allmulticast mode
[  466.184158][ T8815] bridge_slave_1: entered promiscuous mode
[  466.429399][ T9016] loop9: detected capacity change from 0 to 65
[  467.451074][ T9016] BFS-fs: bfs_fill_super(): NOTE: filesystem loop9 was created with 512 inodes, the real maximum is 511, mounting anyway
[  468.411842][ T6164] bridge_slave_1: left allmulticast mode
[  468.426319][ T6164] bridge_slave_1: left promiscuous mode
[  468.568573][ T6164] bridge0: port 2(bridge_slave_1) entered disabled state
[  469.998638][ T6164] bridge_slave_0: left allmulticast mode
[  470.021538][ T6164] bridge_slave_0: left promiscuous mode
[  470.046670][ T6164] bridge0: port 1(bridge_slave_0) entered disabled state
[  472.626420][ T5879] Bluetooth: hci3: command 0x0406 tx timeout
[  475.559032][ T9076] netlink: 4 bytes leftover after parsing attributes in process `syz.5.686'.
[  476.158624][ T9083] loop6: detected capacity change from 0 to 65
[  476.189636][ T9083] BFS-fs: bfs_fill_super(): NOTE: filesystem loop6 was created with 512 inodes, the real maximum is 511, mounting anyway
[  481.147129][ T6044] IPVS: starting estimator thread 0...
[  481.282736][ T9102] IPVS: using max 21 ests per chain, 50400 per kthread
[  481.305593][ T9104] loop9: detected capacity change from 0 to 512
[  481.319466][ T6164] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  481.801051][ T9104] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  482.101458][ T9104] EXT4-fs (loop9): 1 truncate cleaned up
[  483.400220][ T9104] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  483.496928][ T6164] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  483.572211][   T30] kauditd_printk_skb: 25 callbacks suppressed
[  483.572235][   T30] audit: type=1800 audit(1758544915.625:51): pid=9104 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.694" name="file1" dev="loop9" ino=15 res=0 errno=0
[  483.621336][ T6164] bond0 (unregistering): Released all slaves
[  484.153338][ T8815] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  484.162780][   T30] audit: type=1800 audit(1758544916.195:52): pid=9123 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.694" name="file1" dev="loop9" ino=15 res=0 errno=0
[  484.270697][ T8815] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  486.509588][ T9137] netlink: 24 bytes leftover after parsing attributes in process `syz.2.702'.
[  487.513210][ T8106] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  487.550501][ T9135] uprobe: syz.5.704:9135 failed to unregister, leaking uprobe
[  489.661186][ T8815] team0: Port device team_slave_0 added
[  489.692207][ T9158] loop5: detected capacity change from 0 to 128
[  490.280532][ T8815] team0: Port device team_slave_1 added
[  490.296371][ T9158] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  492.143981][ T6260] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  492.623890][ T8815] batman_adv: batadv0: Adding interface: batadv_slave_0
[  492.900575][ T9184] new mount options do not match the existing superblock, will be ignored
[  492.912796][ T9184] cgroup: option or name mismatch, new: 0x4 "", old: 0x0 ""
[  492.953613][ T5868] Bluetooth: hci4: command 0x0406 tx timeout
[  493.627176][ T8815] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  494.603277][ T8815] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  496.255950][ T6164] hsr_slave_0: left promiscuous mode
[  496.965267][ T6164] hsr_slave_1: left promiscuous mode
[  496.971587][ T6164] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  496.984874][ T6164] batman_adv: batadv0: Removing interface: batadv_slave_0
[  497.004991][ T6164] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  497.012417][ T6164] batman_adv: batadv0: Removing interface: batadv_slave_1
[  497.787983][ T6164] veth1_macvtap: left promiscuous mode
[  497.793726][ T6164] veth0_macvtap: left promiscuous mode
[  497.799416][ T6164] veth1_vlan: left promiscuous mode
[  497.804845][ T6164] veth0_vlan: left promiscuous mode
[  498.034444][ T5879] Bluetooth: hci1: command 0x0406 tx timeout
[  502.295920][   T30] audit: type=1804 audit(1758544934.364:53): pid=9237 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.9.729" name="bus" dev="ramfs" ino=23542 res=1 errno=0
[  502.893976][   T30] audit: type=1804 audit(1758544934.945:54): pid=9237 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.9.729" name="bus" dev="ramfs" ino=23542 res=1 errno=0
[  506.576643][ T9261] loop8: detected capacity change from 0 to 64
[  508.333105][ T5879] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  508.365744][ T5879] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  508.376204][ T5879] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  508.726866][ T5879] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  508.738629][ T5879] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  510.802363][ T5879] Bluetooth: hci5: command tx timeout
[  511.052232][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  511.059308][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  512.030861][ T5879] Bluetooth: hci0: unexpected event for opcode 0x0c7d
[  513.380717][ T5879] Bluetooth: hci5: command tx timeout
[  514.373226][ T6164] team0 (unregistering): Port device team_slave_1 removed
[  515.734680][ T5879] Bluetooth: hci5: command tx timeout
[  516.044537][ T5868] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  516.081729][ T5875] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  516.094771][ T5875] Bluetooth: hci0: Injecting HCI hardware error event
[  516.105074][ T5875] Bluetooth: hci0: hardware error 0x00
[  516.105238][ T5868] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  516.125757][ T5868] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  516.707740][ T5868] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  516.715943][ T5868] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  516.928348][ T6164] team0 (unregistering): Port device team_slave_0 removed
[  518.703257][ T5875] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  518.709817][ T5875] Bluetooth: hci5: command tx timeout
[  518.873221][ T5875] Bluetooth: hci7: command tx timeout
[  519.004299][ T6044] usb 10-1: new full-speed USB device number 2 using dummy_hcd
[  519.593625][ T6044] usb 10-1: config 0 has an invalid interface number: 70 but max is 0
[  519.603269][ T6044] usb 10-1: config 0 has no interface number 0
[  519.621840][ T6044] usb 10-1: config 0 interface 70 has no altsetting 0
[  519.645746][ T6044] usb 10-1: New USB device found, idVendor=13d3, idProduct=3375, bcdDevice=f5.03
[  519.656921][ T6044] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  519.672892][ T6044] usb 10-1: Product: syz
[  519.677544][ T6044] usb 10-1: Manufacturer: syz
[  519.682232][ T6044] usb 10-1: SerialNumber: syz
[  519.708655][ T6044] usb 10-1: config 0 descriptor??
[  521.043539][ T5875] Bluetooth: hci7: command tx timeout
[  521.076815][ T5968] usb 10-1: USB disconnect, device number 2
[  523.241129][ T5875] Bluetooth: hci7: command tx timeout
[  525.303468][ T5879] Bluetooth: hci7: command tx timeout
[  529.711706][ T9419] loop9: detected capacity change from 0 to 128
[  529.777597][ T9419] FAT-fs (loop9): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  529.901735][   T30] audit: type=1804 audit(1758544961.988:55): pid=9422 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.8.784" name="/newroot/38/bus/file0" dev="overlay" ino=221 res=1 errno=0
[  529.935252][ T9422] evm: overlay not supported
[  531.067323][ T8902] FAT-fs (loop9): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  531.369213][ T8815] batman_adv: batadv0: Adding interface: batadv_slave_1
[  531.535611][ T8815] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  532.517525][ T8815] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  535.223641][ T9479] loop8: detected capacity change from 0 to 64
[  537.740803][ T9496] netlink: 4 bytes leftover after parsing attributes in process `syz.5.796'.
[  537.952195][ T9275] chnl_net:caif_netlink_parms(): no params data found
[  538.886392][ T9503] netlink: 4 bytes leftover after parsing attributes in process `syz.5.796'.
[  539.266811][ T9336] chnl_net:caif_netlink_parms(): no params data found
[  540.179423][ T9523] netlink: 'syz.2.802': attribute type 15 has an invalid length.
[  542.137759][ T6164] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  542.893800][ T9550] loop9: detected capacity change from 0 to 64
[  544.788789][ T6164] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  546.410640][ T9275] bridge0: port 1(bridge_slave_0) entered blocking state
[  546.418861][ T9275] bridge0: port 1(bridge_slave_0) entered disabled state
[  546.576573][ T9275] bridge_slave_0: entered allmulticast mode
[  546.973849][ T9275] bridge_slave_0: entered promiscuous mode
[  548.547784][ T6164] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  548.649334][ T9275] bridge0: port 2(bridge_slave_1) entered blocking state
[  548.660531][ T9275] bridge0: port 2(bridge_slave_1) entered disabled state
[  548.667777][ T9275] bridge_slave_1: entered allmulticast mode
[  548.712389][ T9275] bridge_slave_1: entered promiscuous mode
[  549.085603][ T9585] netlink: 'syz.5.816': attribute type 15 has an invalid length.
[  551.844669][ T9275] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  551.866069][ T9275] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  552.803672][ T9602] netlink: 'syz.2.822': attribute type 1 has an invalid length.
[  553.061000][ T9602] netlink: 'syz.2.822': attribute type 4 has an invalid length.
[  553.100189][ T9602] netlink: 15334 bytes leftover after parsing attributes in process `syz.2.822'.
[  553.448533][ T6164] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  555.724760][ T9336] bridge0: port 1(bridge_slave_0) entered blocking state
[  555.761072][ T9336] bridge0: port 1(bridge_slave_0) entered disabled state
[  555.881424][ T9336] bridge_slave_0: entered allmulticast mode
[  556.321942][ T9336] bridge_slave_0: entered promiscuous mode
[  556.342998][ T9336] bridge0: port 2(bridge_slave_1) entered blocking state
[  556.356579][ T9336] bridge0: port 2(bridge_slave_1) entered disabled state
[  556.364222][ T9336] bridge_slave_1: entered allmulticast mode
[  556.499337][   T30] audit: type=1107 audit(1758544988.583:56): pid=9613 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg=''
[  557.351905][ T9336] bridge_slave_1: entered promiscuous mode
[  559.833833][ T9275] team0: Port device team_slave_0 added
[  562.742086][ T9275] team0: Port device team_slave_1 added
[  562.781947][ T9336] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  562.829724][ T9336] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  563.124854][ T9656] loop9: detected capacity change from 0 to 1024
[  563.344508][ T9659] vhci_hcd vhci_hcd.0: pdev(8) rhport(0) sockfd(6)
[  563.351281][ T9659] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  563.361954][ T9659] vhci_hcd vhci_hcd.0: Device attached
[  563.837036][   T24] usb 49-1: new high-speed USB device number 2 using vhci_hcd
[  564.031539][ T9656] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  564.169711][ T9660] vhci_hcd: connection reset by peer
[  564.369895][ T6161] vhci_hcd: stop threads
[  564.530596][ T6161] vhci_hcd: release socket
[  564.632070][ T9336] team0: Port device team_slave_0 added
[  564.641380][ T6161] vhci_hcd: disconnect device
[  564.732686][ T9336] team0: Port device team_slave_1 added
[  566.715887][ T8106] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  567.993695][ T5875] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  568.003764][ T5875] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  568.012420][ T5875] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  568.021178][ T5875] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  568.028917][ T5875] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  569.401377][   T24] vhci_hcd: vhci_device speed not set
[  569.439715][ T9336] batman_adv: batadv0: Adding interface: batadv_slave_0
[  569.496140][ T9336] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  569.857242][ T9336] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  570.104905][ T5875] Bluetooth: hci1: command tx timeout
[  570.222808][ T9691] ptrace attach of "./syz-executor exec"[8239] was attempted by "                                                                ��\x0c��H;�'���Sde/Ȑ|�zP��иW��\x0b�P�<�I7�{���Wr�עӇam�L5��{�޶-ڨ���ظ�����E�f�YS�7�?�V�s��\x0b�M�������`���g��ر/◒��U�C�ΐ�OG�Dn��\x07��w��m}O��q�����p�]��K|I(����9�/�k��Y_�֤vqy����rƲ�.+/�n�y�]�6�B\x5c
*���Lo��� �\x0a��B�\x0d��An���\x0bptQU�olL��obB��M�����ȹ.��T3#(D�\x1b�����?-�M��M�\x0d�{�X���Lhl1G�J(��\x0a����\x07�b\x0cf��\x5c�L�e#�y�w�O%�0��,��zǂ�r�\x5cH�\x22�@)E�lĪo��=��0}�|�����m ��~�M��UK\x0b�QoDU1h$�t�Qf�\x0b�;\x0bvN�T/��rP��x0m�؇dG>�t5Q�I����0k��p��;����t�>?7~��՞��8�)>�\x0a.F�v\x5c0CP�{�\x07ԭ4OT)���%��DkfCkF 籥�;��m\x0c�v�\x0cTʪz5��m֢����v����ī'c���^ت�g_\x0bƍ��8�)c,�(q��e�B���㑻SPt4�o� 
�I�HwL#��@mU�p�E�^a��gh~d�_��9\x07r|��GJj+&ҽk(�\x07���rn�E�4�(����#ë�\x0b Y�βB��\x0aЦ&��R��`�?��L1t����իw��.M�=3�|G����s�m�g�4`|\x22{б�춋���1�[{��ȯw/B�_g�6-�qyk*�o��\x0d\x5cc8����\x5
[  570.991514][ T9336] batman_adv: batadv0: Adding interface: batadv_slave_1
[  571.145736][ T9336] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  571.205552][ T9336] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  571.590638][ T6164] bridge_slave_1: left allmulticast mode
[  571.596333][ T6164] bridge_slave_1: left promiscuous mode
[  572.021920][ T6164] bridge0: port 2(bridge_slave_1) entered disabled state
[  572.410888][ T5875] Bluetooth: hci1: command tx timeout
[  572.502304][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  572.512595][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  572.571487][ T6164] bridge_slave_0: left allmulticast mode
[  572.594524][ T6164] bridge_slave_0: left promiscuous mode
[  573.562537][ T6164] bridge0: port 1(bridge_slave_0) entered disabled state
[  574.483275][ T5875] Bluetooth: hci1: command tx timeout
[  576.194511][ T9729] netlink: 4 bytes leftover after parsing attributes in process `syz.2.852'.
[  576.540371][ T5875] Bluetooth: hci1: command tx timeout
[  577.160599][ T5879] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  577.170953][ T5879] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  577.180185][ T5879] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  577.188654][ T5879] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  577.196785][ T5879] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  577.520363][ T5875] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  577.533057][ T5875] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  577.545419][ T5875] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  577.562289][ T5875] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  577.575671][ T5875] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  579.269100][ T5875] Bluetooth: hci2: command tx timeout
[  579.601204][ T9749] netlink: 8 bytes leftover after parsing attributes in process `syz.8.856'.
[  579.694501][ T5875] Bluetooth: hci5: command tx timeout
[  580.123975][ T9751] loop9: detected capacity change from 0 to 8
[  580.179449][ T9751] SQUASHFS error: Failed to read block 0x4de: -5
[  580.195767][ T9751] SQUASHFS error: Failed to read block 0x4de: -5
[  580.205772][   T30] audit: type=1800 audit(1758545012.293:57): pid=9751 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.9.857" name="file1" dev="loop9" ino=5 res=0 errno=0
[  580.269204][ T9751] SQUASHFS error: Failed to read block 0x4de: -5
[  580.288848][ T9751] SQUASHFS error: Failed to read block 0x4de: -5
[  580.298905][ T9751] SQUASHFS error: Failed to read block 0x4de: -5
[  580.310328][ T9751] SQUASHFS error: Failed to read block 0x4de: -5
[  580.519826][ T6164] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  581.433324][ T5875] Bluetooth: hci2: command tx timeout
[  581.452983][ T6164] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  581.473120][ T6164] bond0 (unregistering): Released all slaves
[  581.618249][ T6164] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  581.637628][ T6164] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  581.894751][ T5875] Bluetooth: hci5: command tx timeout
[  582.206601][ T9770] netlink: 'syz.8.860': attribute type 15 has an invalid length.
[  582.612773][ T6164] bond0 (unregistering): Released all slaves
[  583.636504][ T5875] Bluetooth: hci2: command tx timeout
[  583.670808][ T9774] loop8: detected capacity change from 0 to 2048
[  583.724491][ T9774] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  583.980557][ T5875] Bluetooth: hci5: command tx timeout
[  585.660288][ T5875] Bluetooth: hci2: command tx timeout
[  585.800936][ T6164] hsr_slave_0: left promiscuous mode
[  585.815495][ T6164] hsr_slave_1: left promiscuous mode
[  585.840526][ T6164] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  585.857303][ T6164] batman_adv: batadv0: Removing interface: batadv_slave_0
[  586.001265][ T6164] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  586.066312][ T6164] batman_adv: batadv0: Removing interface: batadv_slave_1
[  586.074139][ T5875] Bluetooth: hci5: command tx timeout
[  586.080465][ T6164] batman_adv: batadv0: Removing interface: batadv_slave_0
[  586.127324][ T6164] batman_adv: batadv0: Removing interface: batadv_slave_1
[  586.517861][ T6164] veth1_macvtap: left promiscuous mode
[  586.546027][ T6164] veth0_macvtap: left promiscuous mode
[  586.571149][ T6164] veth1_vlan: left promiscuous mode
[  586.601528][ T6164] veth0_vlan: left promiscuous mode
[  590.027891][ T6164] team0 (unregistering): Port device team_slave_1 removed
[  590.094990][ T6164] team0 (unregistering): Port device team_slave_0 removed
[  590.298699][ T9822] loop9: detected capacity change from 0 to 2048
[  590.364209][ T9823] NILFS (loop9): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  590.449694][   T30] audit: type=1800 audit(1758545022.533:58): pid=9822 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.874" name="bus" dev="loop9" ino=2097152 res=0 errno=0
[  590.493501][ T9822] NILFS error (device loop9): nilfs_lookup: deleted inode referenced: 12
[  590.525507][ T9822] Remounting filesystem read-only
[  590.585942][ T9822] NILFS (loop9): disposed unprocessed dirty file(s) when detaching log writer
[  590.818302][ T6164] team0 (unregistering): Port device team_slave_1 removed
[  590.847545][ T6164] team0 (unregistering): Port device team_slave_0 removed
[  593.490286][ T9682] chnl_net:caif_netlink_parms(): no params data found
[  594.335137][ T9732] chnl_net:caif_netlink_parms(): no params data found
[  594.526686][ T9738] chnl_net:caif_netlink_parms(): no params data found
[  595.977238][ T9682] bridge0: port 1(bridge_slave_0) entered blocking state
[  595.987193][ T9682] bridge0: port 1(bridge_slave_0) entered disabled state
[  596.008378][ T9682] bridge_slave_0: entered allmulticast mode
[  596.021812][ T9682] bridge_slave_0: entered promiscuous mode
[  596.045843][ T9682] bridge0: port 2(bridge_slave_1) entered blocking state
[  596.053714][ T9682] bridge0: port 2(bridge_slave_1) entered disabled state
[  596.062839][ T9682] bridge_slave_1: entered allmulticast mode
[  596.882365][ T9682] bridge_slave_1: entered promiscuous mode
[  600.981818][ T9732] bridge0: port 1(bridge_slave_0) entered blocking state
[  601.009363][ T9732] bridge0: port 1(bridge_slave_0) entered disabled state
[  601.128667][ T9732] bridge_slave_0: entered allmulticast mode
[  601.783314][ T9732] bridge_slave_0: entered promiscuous mode
[  601.808049][ T9732] bridge0: port 2(bridge_slave_1) entered blocking state
[  602.125145][ T9732] bridge0: port 2(bridge_slave_1) entered disabled state
[  602.133725][ T9732] bridge_slave_1: entered allmulticast mode
[  602.147116][ T9732] bridge_slave_1: entered promiscuous mode
[  605.744967][ T9682] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  606.717961][ T9682] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  609.124658][ T9738] bridge0: port 1(bridge_slave_0) entered blocking state
[  609.150427][ T9738] bridge0: port 1(bridge_slave_0) entered disabled state
[  609.165820][ T9738] bridge_slave_0: entered allmulticast mode
[  609.182369][ T9738] bridge_slave_0: entered promiscuous mode
[  609.201496][ T9738] bridge0: port 2(bridge_slave_1) entered blocking state
[  609.229886][ T9738] bridge0: port 2(bridge_slave_1) entered disabled state
[  609.240276][ T9738] bridge_slave_1: entered allmulticast mode
[  609.258907][ T9738] bridge_slave_1: entered promiscuous mode
[  610.002889][ T9732] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  610.016086][ T9732] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  611.027448][ T9682] team0: Port device team_slave_0 added
[  612.105407][ T9738] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  612.432986][ T6164] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  612.623719][ T9732] team0: Port device team_slave_0 added
[  612.642818][ T9682] team0: Port device team_slave_1 added
[  612.661207][ T9732] team0: Port device team_slave_1 added
[  612.678632][ T9738] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  614.052448][ T6164] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  614.117219][   T30] audit: type=1326 audit(1758545046.193:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9960 comm="syz.9.917" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f151698eec9 code=0x0
[  614.196302][ T9682] batman_adv: batadv0: Adding interface: batadv_slave_0
[  614.235759][ T9682] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  614.261750][    C0] vkms_vblank_simulate: vblank timer overrun
[  614.283490][ T9682] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  614.296226][ T9732] batman_adv: batadv0: Adding interface: batadv_slave_0
[  614.305340][ T9732] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  614.331274][    C0] vkms_vblank_simulate: vblank timer overrun
[  614.366221][ T9732] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  614.383442][ T9732] batman_adv: batadv0: Adding interface: batadv_slave_1
[  614.391158][ T9732] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  614.417846][ T9732] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  614.457378][ T9973] loop8: detected capacity change from 0 to 4096
[  614.466584][ T9738] team0: Port device team_slave_0 added
[  614.485964][ T9738] team0: Port device team_slave_1 added
[  614.561961][ T9973] ntfs3(loop8): Different NTFS sector size (4096) and media sector size (512).
[  614.574974][ T6164] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  614.635829][ T9682] batman_adv: batadv0: Adding interface: batadv_slave_1
[  614.645181][ T9682] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  614.685678][ T9682] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  614.741604][ T9973] ntfs3(loop8): Mark volume as dirty due to NTFS errors
[  614.767532][ T9973] ntfs3(loop8): Failed to initialize $Extend/$Reparse.
[  614.819943][ T9973] ntfs3(loop8): ino=1b, mi_enum_attr
[  614.863546][ T6164] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  614.908818][ T9738] batman_adv: batadv0: Adding interface: batadv_slave_0
[  614.936217][ T9738] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  614.975403][ T9738] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  614.999482][ T9738] batman_adv: batadv0: Adding interface: batadv_slave_1
[  615.013278][ T9738] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  615.090750][ T9738] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  615.378292][ T9732] hsr_slave_0: entered promiscuous mode
[  616.107595][ T9732] hsr_slave_1: entered promiscuous mode
[  616.125205][ T9732] debugfs: 'hsr0' already exists in 'hsr'
[  616.249858][ T9732] Cannot create hsr debugfs directory
[  616.414368][ T9682] hsr_slave_0: entered promiscuous mode
[  616.428896][ T9682] hsr_slave_1: entered promiscuous mode
[  617.423414][ T9682] debugfs: 'hsr0' already exists in 'hsr'
[  617.429247][ T9682] Cannot create hsr debugfs directory
[  617.833654][ T9738] hsr_slave_0: entered promiscuous mode
[  617.848086][ T9738] hsr_slave_1: entered promiscuous mode
[  617.856307][ T9738] debugfs: 'hsr0' already exists in 'hsr'
[  617.870727][ T9738] Cannot create hsr debugfs directory
[  618.281651][ T6164] bridge_slave_1: left allmulticast mode
[  618.287480][ T6164] bridge_slave_1: left promiscuous mode
[  618.295828][ T6164] bridge0: port 2(bridge_slave_1) entered disabled state
[  618.306831][ T6164] bridge_slave_0: left allmulticast mode
[  618.313550][ T6164] bridge_slave_0: left promiscuous mode
[  618.319331][ T6164] bridge0: port 1(bridge_slave_0) entered disabled state
[  618.337066][ T6164] bridge_slave_1: left allmulticast mode
[  618.343944][ T6164] bridge_slave_1: left promiscuous mode
[  618.349675][ T6164] bridge0: port 2(bridge_slave_1) entered disabled state
[  618.362965][ T6164] bridge_slave_0: left allmulticast mode
[  618.368653][ T6164] bridge_slave_0: left promiscuous mode
[  618.375050][ T6164] bridge0: port 1(bridge_slave_0) entered disabled state
[  618.393692][ T6164] bridge_slave_1: left allmulticast mode
[  618.399352][ T6164] bridge_slave_1: left promiscuous mode
[  618.406379][ T6164] bridge0: port 2(bridge_slave_1) entered disabled state
[  618.416157][ T6164] bridge_slave_0: left allmulticast mode
[  618.422292][ T6164] bridge_slave_0: left promiscuous mode
[  618.428966][ T6164] bridge0: port 1(bridge_slave_0) entered disabled state
[  618.632071][ T6164] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  618.652886][ T6164] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  618.672896][ T6164] bond0 (unregistering): Released all slaves
[  620.199181][T10029] netlink: 4 bytes leftover after parsing attributes in process `syz.9.925'.
[  622.914010][ T6164] bond0 (unregistering): (slave bridge1): Removing an active aggregator
[  622.956205][ T6164] bond0 (unregistering): (slave bridge1): Releasing backup interface
[  623.326996][ T6164] bridge1 (unregistering): left promiscuous mode
[  623.430083][ T6164] bridge1 (unregistering): left allmulticast mode
[  623.999865][ T5879] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  624.016014][ T5879] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  624.030305][ T5879] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  624.049853][ T5879] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  624.068052][ T5879] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  624.429027][ T6164] bond0 (unregistering): Released all slaves
[  625.565321][ T6164] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  625.657165][T10059] netlink: 32 bytes leftover after parsing attributes in process `syz.8.932'.
[  625.793347][ T6164] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  625.926299][ T6164] bond0 (unregistering): Released all slaves
[  626.424531][ T5875] Bluetooth: hci6: command tx timeout
[  628.478393][ T5875] Bluetooth: hci6: command tx timeout
[  630.542530][ T5875] Bluetooth: hci6: command tx timeout
[  632.623451][ T5875] Bluetooth: hci6: command tx timeout
[  633.911505][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  633.917851][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  635.556583][ T5879] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  635.580936][ T5879] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  635.594589][ T5879] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  635.623203][ T5879] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  635.633194][ T5879] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  635.739189][ T6164] batman_adv: batadv0: Removing interface: batadv_slave_0
[  635.790879][ T6164] batman_adv: batadv0: Removing interface: batadv_slave_1
[  636.650778][ T6164] hsr_slave_0: left promiscuous mode
[  636.760303][ T6164] hsr_slave_1: left promiscuous mode
[  636.790232][ T6164] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  636.973063][ T6164] batman_adv: batadv0: Removing interface: batadv_slave_0
[  637.241115][ T6266] ------------[ cut here ]------------
[  637.246918][ T6266] WARNING: CPU: 0 PID: 6266 at io_uring/io_uring.c:2980 io_ring_exit_work+0x3fc/0x10f0
[  637.256826][ T6266] Modules linked in:
[  637.261046][ T6266] CPU: 0 UID: 0 PID: 6266 Comm: kworker/u8:19 Not tainted syzkaller #0 PREEMPT(full) 
[  637.271201][ T6266] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  637.281630][ T6266] Workqueue: iou_exit io_ring_exit_work
[  637.287210][ T6266] RIP: 0010:io_ring_exit_work+0x3fc/0x10f0
[  637.293100][ T6266] Code: 0f 85 0a 0b 00 00 48 8b 05 e1 67 4a 09 4c 8b 74 24 68 31 ff 49 29 c6 4c 89 f6 e8 0f ee e4 fc 4d 85 f6 79 12 e8 95 f2 e4 fc 90 <0f> 0b 90 48 c7 44 24 60 70 17 00 00 e8 83 f2 e4 fc 48 8b 74 24 60
[  637.313089][ T6266] RSP: 0018:ffffc9000b227a90 EFLAGS: 00010293
[  637.319190][ T6266] RAX: 0000000000000000 RBX: ffff888025b506c8 RCX: ffffffff84d6aa31
[  637.327401][ T6266] RDX: ffff888022b90000 RSI: ffffffff84d6aa3b RDI: 0000000000000007
[  637.335447][ T6266] RBP: ffffc9000b227c50 R08: 0000000000000007 R09: 0000000000000000
[  637.343457][ T6266] R10: fffffffffffffffe R11: 0000000000000000 R12: ffff888025b50000
[  637.351476][ T6266] R13: dffffc0000000000 R14: fffffffffffffffe R15: ffff888025b50040
[  637.359458][ T6266] FS:  0000000000000000(0000) GS:ffff8881246b3000(0000) knlGS:0000000000000000
[  637.369083][ T6266] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  637.376091][ T6266] CR2: 0000001b2e118ff8 CR3: 000000004a38a000 CR4: 0000000000350ef0
[  637.384158][ T6266] Call Trace:
[  637.387438][ T6266]  <TASK>
[  637.390423][ T6266]  ? do_raw_spin_lock+0x12c/0x2b0
[  637.395481][ T6266]  ? __pfx_io_ring_exit_work+0x10/0x10
[  637.401005][ T6266]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  637.406848][ T6266]  ? srso_alias_return_thunk+0x5/0xfbef5
[  637.412563][ T6266]  ? debug_object_deactivate+0x1ec/0x3a0
[  637.418253][ T6266]  ? srso_alias_return_thunk+0x5/0xfbef5
[  637.423950][ T6266]  ? rcu_is_watching+0x12/0xc0
[  637.428753][ T6266]  process_one_work+0x9cf/0x1b70
[  637.433807][ T6266]  ? __pfx_process_one_work+0x10/0x10
[  637.439208][ T6266]  ? srso_alias_return_thunk+0x5/0xfbef5
[  637.444947][ T6266]  ? srso_alias_return_thunk+0x5/0xfbef5
[  637.450747][ T6266]  ? assign_work+0x1a0/0x250
[  637.455368][ T6266]  worker_thread+0x6c8/0xf10
[  637.460050][ T6266]  ? __pfx_worker_thread+0x10/0x10
[  637.465190][ T6266]  kthread+0x3c5/0x780
[  637.469764][ T6266]  ? __pfx_kthread+0x10/0x10
[  637.474726][ T6266]  ? srso_alias_return_thunk+0x5/0xfbef5
[  637.480414][ T6266]  ? rcu_is_watching+0x12/0xc0
[  637.485213][ T6266]  ? __pfx_kthread+0x10/0x10
[  637.489831][ T6266]  ret_from_fork+0x56d/0x730
[  637.495038][ T6266]  ? __pfx_kthread+0x10/0x10
[  637.499652][ T6266]  ret_from_fork_asm+0x1a/0x30
[  637.504943][ T6266]  </TASK>
[  637.507974][ T6266] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  637.515255][ T6266] CPU: 0 UID: 0 PID: 6266 Comm: kworker/u8:19 Not tainted syzkaller #0 PREEMPT(full) 
[  637.524816][ T6266] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  637.534871][ T6266] Workqueue: iou_exit io_ring_exit_work
[  637.540443][ T6266] Call Trace:
[  637.543720][ T6266]  <TASK>
[  637.546641][ T6266]  dump_stack_lvl+0x3d/0x1f0
[  637.551257][ T6266]  vpanic+0x6e8/0x7a0
[  637.555265][ T6266]  ? __pfx_vpanic+0x10/0x10
[  637.559799][ T6266]  ? srso_alias_return_thunk+0x5/0xfbef5
[  637.565447][ T6266]  ? io_ring_exit_work+0x3fc/0x10f0
[  637.570663][ T6266]  panic+0xca/0xd0
[  637.574409][ T6266]  ? __pfx_panic+0x10/0x10
[  637.578862][ T6266]  ? check_panic_on_warn+0x1f/0xb0
[  637.583979][ T6266]  check_panic_on_warn+0xab/0xb0
[  637.588923][ T6266]  __warn+0xf6/0x3c0
[  637.592818][ T6266]  ? io_ring_exit_work+0x3fc/0x10f0
[  637.598033][ T6266]  report_bug+0x3c3/0x580
[  637.602381][ T6266]  ? io_ring_exit_work+0x3fc/0x10f0
[  637.607601][ T6266]  handle_bug+0x184/0x210
[  637.611944][ T6266]  exc_invalid_op+0x17/0x50
[  637.616454][ T6266]  asm_exc_invalid_op+0x1a/0x20
[  637.621307][ T6266] RIP: 0010:io_ring_exit_work+0x3fc/0x10f0
[  637.627139][ T6266] Code: 0f 85 0a 0b 00 00 48 8b 05 e1 67 4a 09 4c 8b 74 24 68 31 ff 49 29 c6 4c 89 f6 e8 0f ee e4 fc 4d 85 f6 79 12 e8 95 f2 e4 fc 90 <0f> 0b 90 48 c7 44 24 60 70 17 00 00 e8 83 f2 e4 fc 48 8b 74 24 60
[  637.646749][ T6266] RSP: 0018:ffffc9000b227a90 EFLAGS: 00010293
[  637.652825][ T6266] RAX: 0000000000000000 RBX: ffff888025b506c8 RCX: ffffffff84d6aa31
[  637.660798][ T6266] RDX: ffff888022b90000 RSI: ffffffff84d6aa3b RDI: 0000000000000007
[  637.668768][ T6266] RBP: ffffc9000b227c50 R08: 0000000000000007 R09: 0000000000000000
[  637.676751][ T6266] R10: fffffffffffffffe R11: 0000000000000000 R12: ffff888025b50000
[  637.684724][ T6266] R13: dffffc0000000000 R14: fffffffffffffffe R15: ffff888025b50040
[  637.692711][ T6266]  ? io_ring_exit_work+0x3f1/0x10f0
[  637.697931][ T6266]  ? io_ring_exit_work+0x3fb/0x10f0
[  637.703162][ T6266]  ? do_raw_spin_lock+0x12c/0x2b0
[  637.708206][ T6266]  ? __pfx_io_ring_exit_work+0x10/0x10
[  637.713689][ T6266]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  637.719518][ T6266]  ? srso_alias_return_thunk+0x5/0xfbef5
[  637.725164][ T6266]  ? debug_object_deactivate+0x1ec/0x3a0
[  637.730829][ T6266]  ? srso_alias_return_thunk+0x5/0xfbef5
[  637.736472][ T6266]  ? rcu_is_watching+0x12/0xc0
[  637.741263][ T6266]  process_one_work+0x9cf/0x1b70
[  637.746245][ T6266]  ? __pfx_process_one_work+0x10/0x10
[  637.751628][ T6266]  ? srso_alias_return_thunk+0x5/0xfbef5
[  637.757283][ T6266]  ? srso_alias_return_thunk+0x5/0xfbef5
[  637.762935][ T6266]  ? assign_work+0x1a0/0x250
[  637.767540][ T6266]  worker_thread+0x6c8/0xf10
[  637.772159][ T6266]  ? __pfx_worker_thread+0x10/0x10
[  637.777281][ T6266]  kthread+0x3c5/0x780
[  637.781360][ T6266]  ? __pfx_kthread+0x10/0x10
[  637.785961][ T6266]  ? srso_alias_return_thunk+0x5/0xfbef5
[  637.791606][ T6266]  ? rcu_is_watching+0x12/0xc0
[  637.796384][ T6266]  ? __pfx_kthread+0x10/0x10
[  637.800983][ T6266]  ret_from_fork+0x56d/0x730
[  637.805581][ T6266]  ? __pfx_kthread+0x10/0x10
[  637.810181][ T6266]  ret_from_fork_asm+0x1a/0x30
[  637.814988][ T6266]  </TASK>
[  637.818209][ T6266] Kernel Offset: disabled
[  637.822528][ T6266] Rebooting in 86400 seconds..