last executing test programs:

6m0.129134275s ago: executing program 3 (id=804):
syz_mount_image$ext4(&(0x7f0000000880)='ext2\x00', &(0x7f0000000000)='./bus\x00', 0x21001a, &(0x7f00000007c0)={[{@data_journal}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x2}}, {@dax}, {@nojournal_checksum}, {@nojournal_checksum}, {@nouid32}, {@dioread_lock}]}, 0xde, 0x53b, &(0x7f0000001340)="$eJzs3c1vI2cZAPBnJnbIdlOSAodSqR+ii3YrWHvT0Dbi0BaBuFUClfsSJd4oWme9ip12E1WQFX8AEkJQiRMnLkjcuCCh/RMQUiX2jgCBEGzhwAEYNOPxNmvG2cD6Y5X8ftJrv/OOPc/zOvb4nY94AjizXoiINyNiLiJeioilsj0tSxz2S/64D++9t5GXvPntvySRlG0RRfW+8+XTFvp3lbr7B9fX2+3Wbjnd7O3cbHb3Dy5v76xvtbZaN1ZXV15de23tlbUrY+ln3q/Xv/KHH3z3J199/Zeff/e3V/906Vt50l8u5w/6NT7Fqxd3i9t6/lrcV4uI3fEGm5m5sj/1WScCAMCJ5KPUT0TEZ4rx/1LMFaO5wvCQbmH62QEAAADjkL2xGP9MIjIAAADg1HojIhYjSRvluQCLkaaNRv8c3k/FE2m70+197lpn78ZmPi9iOerpte1260p5Tu1y1JN8eqWofzT98tD0akQ8FRHfXzpXTDc2Ou3NWe/8AAAAgDPi/ND2/9+X+tv/AAAAwCmzPOsEAAAAgIkbtf2fTDkPAAAAYHIc/wcAAIBT7WtvvZWXbHD968139veud965vNnqXm/s7G00Njq7Nxtbnc5W8Zt9O8ctqx4R7U7n5hci9m41e61ur9ndP7i609m70bu67fqBAAAAMCtPPX/nbhIRh188V5TcfH4zN+IJzhWAUyMd0V75Mf/9ZHMBpmvU1/wJzI8zD2D6arNOAJidw1knAMzaAz/1UTEoOHryzgP7DH41uZwAAIDxuvjpO3e/XXH8v1aezw+cXqOO/wOn3yMc/89l48oDmD7H/+HsqsdctnTiR9+eaC7AbDzsUh8jf7yj6vh/5ZnBWfbQZQEAABO1WJTn00Z5LHAx0rTRiHiy+B/genJtu926EhEfj4jfLNU/lk+vFM9MXB4QAAAAAAAAAAAAAAAAAAAAAAAAAE4oy5LIAAAAgFMtIv1jUl7/6+LShcXh/QPzyT+KywPOR8S7P3r7h7fWe73dlbz9r/fbe++X7S/PYg8GAAAAnEW1Y+cOttMH2/EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAME4f3ntvY1CmGffPX4qI5ar4tVgo7heiHhFP/C2J2pHnJRExN4b4h7cj4umq+EmeViyXWQzHTyPi3HTiP5tlWWX882OID2fZnXz982bV5y+NF4r76s9/rSyP6oH13/zPj8xJ76//5kas/548YYxnPvhZc2T82xHP1KrXP4P4yYj4L1YtsOJF+eY3Dg7+q7G/8Mh+HHGx8vsneSBWs7dzs9ndP7i8vbO+1dpq3VhdXXl17bW1V9auNK9tt1vlbVWI+N6zv/j3UPR/ZX1F/6MfP6rWv8f1/0JeqR9pzIbDlME+uHXvk/1qfWgRRfxLL1a//54+Jn7+nvhs+T2Qz784qB/260c999NfP1eZWBl/c8Tr/7C//6VRCx3y0te/87sTPhQAmILBKGu3u39wfb3dbk2s8n6WZRMO8X9UIj3pg4vhYkTMPufJVGqTficsPC49nXLlwuORxv9SGceeLQAA4HHz0aB/1pkAAAAAAAAAAAAAAAAAAADA2dXdj3TSPyc2HPNwNl0FAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADjWfwIAAP//nJjX8w==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x6}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000740)=@base={0xc, 0x4, 0x4, 0xfffffffd, 0x0, r3, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3}, 0x50)

5m58.356966082s ago: executing program 3 (id=808):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
pipe(&(0x7f0000000000)={<r1=>0xffffffffffffffff})
pipe(&(0x7f0000000180)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x1000, 0x800000000000000)
splice(r1, 0x0, r3, 0x0, 0x80, 0x8)

5m54.641890255s ago: executing program 3 (id=819):
syz_mount_image$squashfs(&(0x7f00000000c0), &(0x7f0000000080)='./file1\x00', 0x4, &(0x7f0000000280)=ANY=[], 0x2, 0x1b5, &(0x7f00000002c0)="$eJzsVc0K00AQ/ibZJo0H8aoIHhRtD23T+HPVk/QBfABLG2sxRW0K2uIhnvoeIvQ1PIiv4EHxUg8ieLBXkcjuzqZJWxARbIX9oPm++XY2O7tbJg/Tp6kP4KeDAe5AwcVZfCCCAHCJtHfX1/zV09zm+IvQ3GT/FfNH5nS+eNRPknh6UOQNoOq42HV+L4xq4Y+m/edis3NSdCAnwz8t7J2PvSvIAJzIiR1bgFEdgnPUwoKjH0tJkKg4/t++cBvefungm+pl77+/GEhxH0Ce57n0hvpH5RzZid7qnEB6F4T6kYu8yJHNTwbXAPx4PXnSSeeL1njSH8WjmKLo+q3wRhjejDoPxkkc6ieVlnD4DyG5CUD21KA0XgPwiRvsGezDlM/jFOyUb9C4LJ81pYnXM3NzFoQ3xVzu7ZDvuIerqAN4ltHWNYVDbakHgguhgi6XCyr2VlcD7cHjZLgEgTgzXEHAMdPWqBVBVASist0lcF6WdoXjHvOKec1svlnmWyRkD8JnjrwM8PC8P5tNu9LSSnmmZu1F5zKULkiuuvGqm7voH7gVCwsLCwsLC4uTxq8AAAD//6x/T6A=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xbf}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file2\x00', 0x121140, 0x13d)
mmap(&(0x7f0000454000/0x3000)=nil, 0x3000, 0x200000d, 0x12, r3, 0xba2ca000)

5m52.5259745s ago: executing program 3 (id=823):
syz_mount_image$ext4(&(0x7f0000000500)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f00000004c0)={[{}]}, 0x1, 0x453, &(0x7f0000001040)="$eJzs3U9sFFUcB/DvbrslAbRg/IP4r4JKEaW2NUESTCTKSS4GE88NLYRYqKE1EUKMJh68eTHx7EG5eeTgyXjAoyZ48aaejJEYIvGk1sx2ly5lt3RD26nu55PM7pud132/mdffzO7ryzRAzxoqHirJ1iTfJxlcWL25wtDC0/VrF47/ee3C8Urm54/9XqnX++PahePNqs2f21I8VJPhalL9oJKH2rQ7e+78mxPT01NnG+sjc6ffGpk9d/7ZU6cnTk6dnDozeuDgC+OjB8bGx1dtX1+9+O6xLa+9dOSjySu/zVz86csi3q2Nba37sVqGMnTzsWzx1Go3VrL7WsqV/hIDoSt9SYruqtXzfzB9Wey8wXzzY6nBAWtqvrCp4+b35oH/sUrKjgAoR/NCX3z/bS7r9dmD8l09vPAFsOj3641lYUt/qo06tSXf71fTUJJDl458USxZo3EYAAAAgF721eEkz7Qb/6vm/pZ6RfmBJDuSPJhkZ1Kf1/NwkkeSPJrkseZ8oi4srb90/KfSaQINq+Lq4eRQY27XzeN/zdG/bOtrrN1VrKRWOXFqeuq5JHcnGU5tU7E+ukwbl7/957tO21rH/4qlaL85FtiI49f+JX+fnpyYm7iTfWbR1feTnf3t+r9yYyZQkYKPJ9nVzRvXFos/79p7slO12/c/a2n+02RP2/xvnHivHKw/LTM/c6R+PhhpnhVu9eHo2Cud2tf/5Sryf/Ny/Z9sq7TO153tvo3LOy692Glb9+f/Hz4rzv8DldfrAQ40Xn1nYm7u7GgyUDl66+tj3cf839b5Q1PzeDSPV9H/w7vbX//vaXm33UmeSPJkY+7ynvq1P9mb5Okk+5aJ5u+XD7zRaZv8L1fR/5Nt8//G1IAl+d994dD2T452an9l+f98/Rd6uPGKz3+3t9IOKjtOAAAAAAAAAFZHtX4PvEp1/41ytbp//8I9/O7N5ur0zOzcvhMzb5+ZXLhX3rbUqs2ZXoMt80FH6+XF9bEl6+NJtif5uO+vxp0HZqYny9556HFbOuR/4Ze+sqMD1pz7tULvWkH+19YjDmD9uf5D75L/0LvkP/Qu+Q+9S/5D75L/0LtWnv8DaxoHsP5c/6En3cl9/TZaoT8bIoy2heb8qZLCaP5L/g1yNDZm4fOvk3Voqy/JRtnlZQplnpUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANo5/AwAA//9EA9s8")
syz_mount_image$fuse(0x0, &(0x7f0000000400)='./file4\x00', 0x1018000, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x10000, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file4'}}], [], 0x2c})
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
syz_mount_image$exfat(&(0x7f00000009c0), &(0x7f0000001100)='./file1\x00', 0x2000000, &(0x7f0000001040)=ANY=[@ANYBLOB='=', @ANYRESHEX=0xee01, @ANYRESDEC, @ANYRESHEX=0xee00, @ANYBLOB=',\x00'], 0x1, 0x152b, &(0x7f0000002780)="$eJzs3AmYjtXbAPD7Puc8Y0zS2yTLcM65H95kOSZJsiTJkiRJkmRLSJrkLwmJIVvSkIRkGZJlCMkyMWns+74kJEmTJCHZkvNdir/66r8vvuub+3ddzzXnfs9zn+c87/0+8yyzfNN5SI1GNas2ICL4l+AvX5IBIBYABgDANQAQAEDZ+LLxF/pzSkz+1zbC/r0eSrvSM2BXEtc/e+P6Z29c/+yN65+9cf2zN65/9sb1z964/oxlZ5umFbiWl+y78PP/7IzP//+PZJUa88WaUtd3AYj5e1O4/tkb1///reDvWYnrn71x/bOr2Cs9AfZ/AB//2UGOv9jD9c/euP6MZWdX+vnzf36Rf7UfItnhPfgr+88YY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjP0XnPaXKQC41L7S82KMMcYYY4wxxti/j89xpWfAGGOMMcYYY4yx/zwEARIUBBADOSAWckIcCAC4GnLDNRCBayEeroM8cD3khXyQHwpAAhSEQqDBgAWCEApDEYjCDVAUboRiUBxKQElwUAoS4SYoDTdDGbgFysKtUA5ug/JQASpCJbgdKsMdUAXuhKpwF1SD6lADasLdUAvugdpwL9SB+6Au3A/14AGoDw9CA3gIGsLD0AgegcbwKDSBptAMmkOLfyr/BegOL0IP6AnJ0At6w0vQB/pCP+gPA+BlGAivwCB4FVJgMAyB12AovA7D4A0YDiNgJLwJo+AtGA1jYCyMg1QYDxPgbZgI78AkmAxTYCqkwTSYDu/CDJgJs+A9mA3vwxyYC/NgPqTDB7AAFkIGfAiL4CPIhMWwBJbCMlgOK2AlrILVsAbWwjpYDxtgI2yCzbAFtsI22A474GPYCZ/ALtgNe/5cv38k/9Sv8j+FvdAFAQEFClSoMAZjMBZjMQ7jMBfmwtyYGyMYwXiMxzyYB/NiXsyP+TEBE7AQFkKDBgkJC2NhjGIUi2JRLIbFsASWQIcOEzERS+PNWAbLYFksi+WwHJbHClgBK2ElrIyVsQpWwapYFathNayBNfBuvBt7YW2sjXWwDtbFupceT2EDbIANsSE2wkbYGBtjE2yCzbAZtsAW2BJbYitshW2wDbbFttgO22ESJmF7bI8dsAN2xI7YCTthZ+yMXbArds16IQfgi/gi9sRqohf2xt7YB1Ny9MP+2B9fxoH4Cr6Cr2IKDsYh+Bq+hq/jMDyJw3EEjsSRWFm8haNxDJIYh6mYihNwAk7EiTgJJ+NknIppOA2n43ScgTNxJr6Hs/F9fB/n4lycj+mYjgtwIWZgBi7CU5iJi3EJLsVluByX4UpchStxDa7FNbge1+NG3IibcTNuxa24Hbfjx6gA8BPcjbsxBffiXtyH+3A/7scDeACzMAsP4kE8hIfwMB7GI3gEj+IxPI7H8ASewJN4Ck/jaTyLZ/EcPpfwVcOPi69OAXGBEkrEiBgRK2JFnIgTuUQukVvkFhEREfEiXuQReURekVfkF/lFgkgQhUQhYYQRJMIYABBRERVFRVFRTBQTJUQJ4YQTiSJRlBalRRlRRpQVt4py4jZRXlQQrV0lUUlUFm1cFXGnqCqqimqiuqghaoqaopaoJWqL2qKOqCPqirqinnhA1Be9sB8+JC5UppEYjI3FEGwimgp58QhoKYZhK9FatBFPiBE4HNuJli5JPC3ai9HYQfxJjMFnRScxDjuL50UX0VV0Ey+I7qKV6yF6iknYS/QWU7GP6Cv6if5iBlYX7+HsnDXEqyJFDBZDxGtiPr4uhok3xHAxQowUb4pR4i0xWowRY8U4kSrGiwnibTFRvCMmicliipgq0sQ0MV28K2aImWKWeE/MFu+LOWKumCfmi3TxgVggFooM8aFYJD4SmWKxWCKWimViuVghVopVYrVYI9aKdWK92CA2ik1is9gitoptYrvYIT4WO8UnYpfYLfaIT8Ve8ZnYJz4X+8UX4oD4UmSJr8RB8bU4JL4Rh8W34oj4ThwVx8Rx8b04IX4QJ8UpcVqcEWfFj+Kc+EmcF16ARCmklEoGMkbmkLEyp4yTV8lcMrj47l4r4+V1Mo+8XuaV+WR+WUAmyIKykNTSSCtJhrKwLCKj8gZZVN4oi8nisoQsKZ0sJRPlTbK0vFmWkbfIsvJWWU7eJsvLCrKirCRvl5XlHRIiv2yjmqwua8ia8m6ZDPfI2vJeWUfeJ+vK+2U9+YCsLx+UDeRDsqF8WDaSj8jG8lHZRDaVzWRz2UI+JlvKx2Ur2Vq2kU/ItvJJ2U4+JZPk07K99Bc/Is/KTvI52Vk+L7vIrrKb/Emel172kD0l9ALZW74k+8i+sp/sLwfIl+VA+YocJF+VKXKwHCJfk0Pl63KYfEMOlyPkSPmmHCXfkqPlGDlWjpOpcrycIN+WE+U7cpKcLKfIqTJNTpP9Lo40S8q/mf/2r/MvnHrlNDno561vlJvkZrlFbpXb5Ha5Q34sd8qdcpfcJffIPXKv3Cv3yX1yv9wvD8gDMktmyYPyoDwkD8nD8rA8Io/Io/KYPCO/lyfkD/KkPCVPyTPyrDwrz118D0ChEkoqpQIVo3KoWJVTxamrVC51tcqtrlERda2KV9epPOp6lVflU/lVAZWgCqpCSiujrCIVqsKqiIqqG/DiB0aVUCWVU6VUorrpH8lXRdWNqpgq/pv8S/NL/gvza6FaqJaqpWqlWqk2qo1qq9qqdqqdSlJJqr1qrzqoDqqj6qg6qU6qs+qsuqguqpvqprqr7qqH6qGSVbLqrV5SfVRf1U/1VwPUy2qgGqgGqUEqRaWoIWqIGqqGqmFqmBquhquRaqQapUap0Wq0GqvGqlSVqiaoCWqimqgmqUlqipqi0lSamq6mqxlqhpqlZqnZaraao+aoeWqeSlfpaoFaoDJUhlqkFqlMtVgtVkvVUrVcLVcr1Uq1Wq1Wa9VatV6tV5lqk9qktqgtapvapnaoHWqn2ql2qV1qj9qj9qq9ap/ap/ar/eqAOqCyVJY6qA6qQ+qQOqwOqyPqiDqqjqrj6rg6oU6ok+qkOq1Oq7PqrDqnzqnz6ryCQIAIRKACFcQEMUFsEBvEBXFBriBXkDvIHUSCSBAfxAd5guuDvEG+IH9QIEgICgaFAh2YwAbiYtGjwQ1B0eDGoFhQPCgRlAxcUCpIDG4KSgc3B2WCW4Kywa1BueC2oHxQIagYVApuDyoHdwRVgjuDqsFdQbWgelAjqBncHdQK7glqB/cGdYL7grrB/UG94IGgfvBg0CB4KGgYPBw0Ch4JGgePBk2CpkGzoHnQ4t86vvcn8z3ueuieOln30r31S7qP7qv76f56gH5ZD9Sv6EH6VZ2iB+sh+jU9VL+uh+k39HA9Qo/Ub+pR+i09Wo/RY/U4narH6wn6bT1Rv6Mn6cl6ip6q0/Q0PV2/q2fomXqWfk/P1u/rOXqunqfn63T9gV6gF+oM/aFepD/SmXqxXqKX6mV6uV6hV+pVerVeo9fqdXq93qA36k16s96it+pterveoT/WO/UnepferffoT/Ve/Znepz/X+/UX+oD+Umfpr/RB/bU+pL/Rh/W3+oj+Th/Vx/Rx/b0+oX/QJ/UpfVqf0Wf1j/qc/kmf1/7Cxf2F07tRRpkYE2NiTayJM3Eml8llcpvcJmIiJt7Emzwmj8lr8pr8Jr9JMAmmkClkLiBDprApbKImaoqaoqaYKWZKmBLGGWcSTaIpbUqbMqaMKWvKmnKmnClvypuKpqK53dxu7jB3mDvNneYuc5epbqqbmqamqWVqmdqmtqlj6pi6pq6pZ+qZ+qa+aWAamIamoWlkGpnGprFpYpqYZqaZaWFamJampWllWpk2po1pa9qadqadSTJJpr1pbzqYDqaj6Wg6mU6ms+lsupguppvpZrqb7qaH6WGSTbLpbXqbPqaP6Wf6mQFmgBloBppBZpBJMSlmiBlihpqhZpgZZoabEWbkhQtV85YZbcaYsWacSTWpZoKZYCaaiWaSmWSmmCkmzaSZ6Wa6mWFmmFlmlpltZps5Zo6ZZ+aZdJNuFpgFJsNkmEVmkck0mWaJWWKWmWVmhVlhVplVZo1ZY9bBOrPBbDCbzCazxWwx28w2s8PsMDvNTrPL7DJ7zB6z1+w1+8w+s9/sNwfMAZNlssxBc9AcMofMYXPYHDFHzFFz1Bw3x80Jc8KcNCfNaXPanDX5Lp4vvYm1OW2cvcrmslfb3PYa+7/j/LaATbAFbSGrbV6b7zexsdYWs8VtCVvSOlvKJtqbfheXtxVsRVvJ3m4r2ztsld/Ftew9tra919ax99ma9u7fxHXt/baefcTWRwSwTW1D29w2so/YxvZR28Q2tc1sc9vWPmnb2adskn3atrfP/C5eYBfaVXa1XWPX2l12tz1tz9hD9ht71v5oe9iedoB92Q60r9hB9lWbYgf/Lh5p37Sj7Ft2tB1jx9pxv4un2Kk2zU6z0+27doad+bs43X5gZ9sMO8fOtfPs/J/jC3PKsB/aRfYjm2kDWGKX2mV2uV1hV/55rkvtervBbrQ77Sd2i91qt9ntdselC2G72+6xn9q99jN70H5t99sv7AF72GbZr36OL+zfYfutPWK/s0ftMXvcfm9P2B/UpewL+/69/cmet94CIQFJUhRQDOWgWMpJcXQV5aKrKTddQxG6luLpOspD11Neykf5qQAlUEEqRJoMWSIKqTAVoSjdQJemV4JKkqNSlEg3UWm6mcrQLVSWbqVydBuVpwpUkSrR7VSZ7qAqdCdVpbuoGlWnGlST7qZadA/VpnupDt1Hdel+qkcPUH16kBrQQ9SQHqZG9Ag1pkepCTWlZtScWtBj1JIep1bUmtrQE9SWnqR29BQl0dPUnp6hDvQn6kjPUid6jjrT89SFulI3eoG604vUg3pSMvWi3vQS9aG+1I/60wB6mQbSKzSIXqUUGkxD6DUaSq/TMHqDhtMIGklv0ih6i0bTGBpL4yiVxtMEepsm0js0iSbTFJpKaTSNptO7NINm0ix6j2bT+zSH5tI8mk/p9AEtoIWUQR/SIvqIMmkxLaGltIyW0wpaSatoNa2htbSO1tMG2kibaDNtoa20jbbTDvqYdtIntIt20x76lPbSZ7SPPqf99AUdoC8pi76ig/Q1HaJv6DB963vSd3SUjtFx+p5O0A90kk7RaTpDZ+lHOkc/0XnyBCGGIpShCoMwJswRxoY5w7jwqjBXeHWYO7wmjITXhvHhdWGe8Powb5gvzB8WCBPCgmGhUIcmtCGFYVg4LBJGwxvCouGNYbGweFgiLBm6sFSYGN4Ulg5vDsuEt4Rlw1vDcuFtYfmwQvjIfZXC28PK4R1hlfDOsGp4V1gtrB7WCGuGd4e1wnvC2uG9YZ3wvrBMeH9YL3wgrB8+GDYIHwobhg+HjcJHwsbho2GTsGnYLGwetggfC1uGj4etwtZhm/CJsG34ZNgufCpMCp8O24fP/Nx//8K/3J8c9gp7hy+FL4Xe3yvnRedH06MfRBdEF0Yzoh9GF0U/imZGF0eXRJdGl0WXR1dEV0ZXRVdH10TXRtdF10c3RDdGva+ZAxw64aRTLnAxLoeLdTldnLvK5XJXu9zuGhdx17p4d53L4653eV0+l98VcAmuoCvktDPOOnKhK+yKuKi7wRV1N7pirrgr4Uo650q5RNfctXAtXEv3uGvlWrs27gn3hHvSPemeck+5p11794zr4P7kOrpnXSf3nHvOPe+6uK6um3vBdXfjc/9yTCa73q636+P6uH6unxvgBriBbqAb5Aa5FJfihrghbqgb6oa5YW64G+5GupFulBvlRrvRbqwb61JdqpvgJriJbqKb5Ca5KW6KS3Npbrqb7ma4Ga7yzF+2MsfNcfPcPJfu0t0Cd+GaMcMtcotcpst0S9wSt8wtcyvcCrfKrXJr3Bq3zq1zG9wGt8ltclvcFrfNbXM73A630+10u/w1vwzq9rp9bp/b7/a7A+5Ll+W+cgfd1+6Q+8Yddt+6I+47d9Qdc8fd9+6E+8GddKfcaXfGnXU/unPuJ3feeZcaGR+ZEHk7MjHyTmRSZHJkSmRqJC0yLTI98m5kRmRmZFbkvcjsyPuROZG5kXmR+ZH0yAeRBZGFkYzIh5FFkY8imZHFkSWRpZFlkeUR7wtuCX1hX8RH/Q2+qL/RF/PFfQlf0jtfyif6m3xpf7Mv42/xZf2tvpy/zZf3FXxF/6hv4pv6Zr65b+Ef8y39476Vb+3b+Cd8W/+kb+ef8kn+ad/eP+M7+D/5jv5Z38k/5zv7530X39V38y/47v5F38P39Mm+l+/tX/J9fF/fz/f3A/zLfqB/xQ/yr/oUP9gP8a/5of51P8y/4Yf7EX5kzJt+1KVbZBjnU/14P8G/7Sf6d/wkP9lP8VN9mp/mp/t3/Qw/08/y7/nZ/n0/x8/18/x8n+4/8Av8Qp/hP/SL/Ec+0y++9FDSr/Ar/Sq/2q/xa/06v95v8Bv9Jr/Zb/Fb/Ta/3e/wH/ud/hO/y+/2e/ynfq//zO/zn/v9/gt/wH/ps/xX/qD/2h/y3/jD/lt/xH/nj/pj/rj/3p/wP/iT/pQ/7c/4s/5Hf87/5M/z36wxxhhjjP1dxl9uit/2/PI4v9cf5IhfrdwbAK7eWiDr1/0XrijX5f2l3VcktI0AwNM9Oz90aalWLTk5+eK6mRKCInMBLv0k6IIYuBwvhjbwJCRBayj9h/PvK7qepb8xfvRWgLhf5cTC5fjy+J8DYPIfjP/YEyMXlAtPx/+V8ecCFCtyOScnXI4XQ5ufn6+0hjJ/Yf75Wv6N+ef8IhWg1a9ycsHl+PL8E+FxeAaSfrMmY4wxxhhjjDH2i76iYsdL95+XfuPzj+7PE9TlnBxwOf5b9+eMMcYYY4wxxhi78p7t2u2px5KSWnf8xxtV/qmsv7vRGP5TI3PjDxveA1x6RQHAvzggwIWG/G/uxeb/yrZSLh46/7tr2RkfwP+NUv7zjbF/fuUKf2NijDHGGGOM/dtdvvr/7evqSk2IMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhjLhv4b/1fsSu8jY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxdqX9TwAAAP//HmP+kg==")
openat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x143142, 0x40)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x48400, 0x100)
fchmod(r1, 0x1f0)
fchmodat(r0, &(0x7f00000000c0)='./file1\x00', 0x0)
unlink(&(0x7f0000000180)='./file1\x00')
mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', 0x0, 0x80020, 0x0)
getdents(r0, &(0x7f0000001080)=""/4096, 0x1000)

5m46.798063754s ago: executing program 3 (id=832):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeeb, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$EBT_SO_SET_ENTRIES(r3, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x70, 0xff00, 0x90, [0x0, 0x0, 0x0, 0x0, 0x200000001300, 0x200000001330], 0x0, 0x0, &(0x7f0000001300)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}]}, 0x108)

5m38.932938308s ago: executing program 3 (id=850):
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x21, 0x2}, &(0x7f0000000b80)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r1, &(0x7f00000001c0)={0xa, 0x4e23, 0x2, @ipv4={'\x00', '\xff\xff', @local}, 0xc3f37cc}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000240)=0x2, 0x4)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x2, &(0x7f0000000180)=@gcm_256={{0x304}, "32f058ec27d46898", "d40f86fd02541c95afec379bdb3cc0d5646e20975202603a18fe7474dc4c3d7b", '\"\vEX', "010000000100"}, 0x38)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000200), r1)

5m36.470055713s ago: executing program 32 (id=850):
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x21, 0x2}, &(0x7f0000000b80)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r1, &(0x7f00000001c0)={0xa, 0x4e23, 0x2, @ipv4={'\x00', '\xff\xff', @local}, 0xc3f37cc}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000240)=0x2, 0x4)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x2, &(0x7f0000000180)=@gcm_256={{0x304}, "32f058ec27d46898", "d40f86fd02541c95afec379bdb3cc0d5646e20975202603a18fe7474dc4c3d7b", '\"\vEX', "010000000100"}, 0x38)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000200), r1)

4m37.51791404s ago: executing program 2 (id=983):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = io_uring_setup(0x28a6, &(0x7f0000000100)={0x0, 0xfffffffd, 0x2, 0x0, 0x2})
io_uring_register$IORING_REGISTER_BUFFERS2(r3, 0xf, &(0x7f0000002280)={0x1, 0x0, 0x0, &(0x7f00000014c0)=[{&(0x7f0000000040)=""/168, 0xa8}], &(0x7f0000001540)=[0x2]}, 0x20)
io_uring_enter(r3, 0x64f5, 0x90f4, 0x1, 0x0, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r3, 0x10, &(0x7f0000001b00)={0x0, 0x0, &(0x7f0000001a80)=[{0x0}], 0x0, 0x1}, 0x20)

4m35.065222416s ago: executing program 2 (id=988):
r0 = socket$kcm(0x11, 0x3, 0x0)
r1 = socket$unix(0x1, 0x5, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r3)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000001c0)=@newqdisc={0x3c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0x0, 0x10}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_SPLIT_GSO={0x8}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0xc040041}, 0x45004)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000600), 0x56)
sendmsg$kcm(r0, &(0x7f00000000c0)={&(0x7f0000000580)=@xdp={0x2c, 0x0, r6, 0x3e}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)="27030200590214000600006fb96dbcf706e10500000086ddffff1144ee1611d4b8bf4a31accb", 0xee19}], 0x1}, 0x0)

4m32.67634912s ago: executing program 2 (id=992):
syz_emit_ethernet(0x6e, &(0x7f0000000040)=ANY=[], 0x0)
socket$kcm(0x10, 0x2, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x45, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_GET_PROG_INFO(0xa, 0x0, 0x0)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r1, 0x0, 0x482, &(0x7f0000000080)={0x84, @local, 0x15, 0x3, 'sh\x00', 0x28, 0x5, 0x72}, 0x2c)

4m30.865380984s ago: executing program 5 (id=995):
socket$nl_route(0x10, 0x3, 0x0)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x21c0, 0x103)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000001180), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000010c0)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x8000}})
read$FUSE(r1, &(0x7f0000004280)={0x2020, 0x0, <r2=>0x0}, 0x2020)
syz_fuse_handle_req(r1, &(0x7f00000062c0)="23db5037805f177d136115e6a1a5903469af39c1fb9cb38215fe64cff9f2f0444a57e22b0cc5cb4f74c9792365400d9e1c68539ea5eff0a5ed0864814d39251bee8dfea69aa052d900bc0c792e1c9752b7d3a3222f6a1ad3e44c1f65617b128aea51911861ca36ba7c96b96b2fba0fdaa49ffb2612f3e81fe565327dd9965a60046442c9dcd0d552c6a00388be3b438a08883c7349761531880294ad9887db97d8c2f74921c57910cf1f5cc528e17bd5c3746b6202f26d621535aac5f7872c2cb3295e42524b5acb249b2d1ac1b53a4e31271decfca3fad2e2f740768adf00875c18cb7d115150f83ceb73f77a1f61f1666c2bb9f6bd9f0fb55b3a619446e32bae2a1d99aa49e5f3822e048f8be44b707f2db10d7916ec9a10a695d573d871cf24959c3d15e61344a68309d186956537c6ea8532fc2e1c7649f8409d8dcde4c8ee1530470ac9c870f9f1837574e444ba6addf5ddb2dec67c0e76df79f265b403818dddb4efc27c90985ed69a48b12056e548f9c99edf80d2b195d26acb1127661727a0600257f4b2546513d03930a0638a71bd3223e51fbb75c832ef737907f2f4d3f0505f431ea02783c798b5c4579c99961fb73dc623a0d99c1b306435464d413b537d42c6444851b36482597140b22fbc0ebc7e795b2f96739bf139f5823bc869ede547da4f394fa1b1787836095e1013264042e53d5006ea059d0488cb2f5ccd44b30d25ea53c2dda71d112d7d441dbfc9f8462c99c098b1958c80b237d83c32f2759c9a9c081d7d7666a477cfda59354309b09f2a8b9f6c3077b0df1e8d0c71ac07232de4f437107cb0eb9b47b2267efe31938a337cf11cadad72ced56895bb14763cca5bdadd245d801e829a1eb3bb4ed851a345918efd2dcf8d38f66badc773068e6a2ef59b2bb838abd8b043cf6ac54550f3fde1bbb9e761095e4b8ef1891757d376be1f778142610c0acbbfc697f51fbb7a1602ed46e82813c74f41ee2bae818174809f3692084bea7310ebec3d6166702ae62aad84313e19b4d145167185ea8d53cb21d099fb592d7d7f8bc305dd375b5c0cd73be44f49ff53cee220085d4706bbf50c6f63b02e7e805e8fa4c73046a57a8700886da29ea53e5a316e7b011c44a0f7be5cc5cb5641ba0069ff591eee18966c7f005ef40046a5fe2bf325b2545b009867761264aa9611d184fa372ba3c5c33d9a50717210f7cec7f6dc4418a87a797eb6aaf6ab3892bd3f559547c88d8c29646c8173fad1588f52beb34ff863be65e7ec1598cfb465f270bd5532fa7035aae077eedbc846058fa19f58ffb1cf0f1863f6d33f2e5c454d18b66be766ca369af2cc9656fa34c6c10e4d4da44ce5e2370aaf60c4e130da331d3489e8f44c600246323409fdd35d11da27128c9d64be65dd3a90c1546a6eb9185cb6d3a4a9cfad0e41ea03896fd2346f745eb3563d7a79fd345b037c040e56f0677840bf9b0d295bcfa98b931464c5ce9fcaf745720deac2d8b4edeffc0fe6f089ed7c3880959fcf8e31f7b7054bc4f5c9d3ed3f66c968d0bc20b2d66c374f030f3f1965f43a98519e527caf693362412d523eeb38c8b016ff77f78f833d7513e4b5a53d5ed5143916673f822ceac9967b8788bc6428283181eaf8d99e48286aacf4f658a903e9f08659450f7f9483807c2e013a1d9d199f18886a8cb4e14d41c71e5731455a4394551281eca12a1bb6ae717f5da2949175d0f1f3d718b761dfc1099c7d9d8928c899ac8e936e69d19fcbfcfdee83b68ef8e15eed41a8ac0d54aa92d7d2ee58bb4799f378225ec9ba4709e5ce2b77208ecc85c22c64967a9ef3360c54d311b8917ceb7b432c90cc5e98de9327c1400f8ec89261b1d77d8874b0bbdd2c5eb59df415705de52b08b0e12c07fb7367c6d461c19f282d51e482cb4fb9ceb0249ac2d6400ca170fbd6c0063224179c616bb030a5c10102aa2eea92f1e6f5828590b250b09e6d1a9535c298a68160b7c281fecdd295dc3396c4e6eb3395d5a677d5fa95a732dfdef81f4346545dd1a74bb3aa9b516699bdf0a59165077ab459a5ffe0dbb3ef8afa7a8382a8441e0c36ffabbed8f93f4bbeb97e5f6a704bf63a0de9ccf8fef643ebc530a80920931002003b027014de317c42f861d98ef4fef66d232d9706e6bd263347384dadadaa43a7e106bbb21bd822d468ace171b3f04b996112135b63dcbd612b5888ec40da583ab549c340ddaf5d7406c3e99322c68874214356c1fd9b5f84348e629cc3487a901d1b7a2fa531b1509ac1c93de3da9f1c3773e3a2aba2b29d2419f240ae6d24ed9f14bf0b9b0f1e740a2db06dab64d6386f950bff4e4c94160ef4b832bbde3af4937b7528658b5c16a51cb22193fe99385721ce5b048d9338e289dcb40683140c413eca52c8e4b64b306f47569477379c864cfb3aa3e349262407d3935ab9a0916eb0f6db2be71a7eb8f9968dfac44995d5bff8ef617fceeaa448f5e5f8d4b39e3512fe7ae9ee1d8a0d5912b6148969ab0325f3f76e2340fbd67ce156bdf638140b3ccdb08e5049db15957915cb05db8901249b10c59cc5c3ff836290e3334eee2df387e44c57b4d6198c3749f5dc57f6c3de115ced6b43cbddd762b58f1fb40b2baf3b381febdc073142e30d2e9a1a69e8d86314221e540f195509d223b206173dc5406865d8064817c30c284c034035a63190ab86df3bae4168c58e01d2251748fd5d9d610024129e83a5730fe83cf0918790e6854ab765c78649b91c06655f0cb9e26d8432df78bbadd99583b6a8afcf177ed6f339e08c0b36a16c6d31d8a24cb6f2bc3ba58d7711b6f8b988dc3e3144be619548457d4f40509f17eeb186cb93a2928ecb951593d1907c8bbb9f4c8999caba3059c8e73dce54ad6f87bcd51d559f7759902b14e68d3b845c0b179b38f4e6f0bd3a89cbcd5ebed9972102048647da1eda5c8456442369f4ae871d4037ba26f27d27371ce57e23adca5af8dc93f934f2ef8d69ad3b2db66657b3868dd839c2b522f5461f24407ef091b77242fc70a48b7eec45f3bcbcfbc6bdc36e4b67295020a345233a32a0a0af4d03a53ef67e69716d5ae35342722afbe7558946475a9ebf5b39c18558a0011f68bc8a78590b0cb63618379a512790c42d94bb239dd3ef5b8d1036cf0391aded8802a7a447c38f231ae611aeeab9bba44cd14369473758b64108d0bc9b6bc9e9b497c2d1d2acbae7c620a55c226cf371331688eaddec61fe961c5fcef71dad45820ed0ac8dc7641d82150f1318ac15aa41e7be585b6a50da1b3cd95239ee61cfde15aba80ae8ebc21ba4540883c6f44cd35b6b97da4640c97f5a2b6efa8d184fec823abc754ab8a0db6c45c2293e90d9c154c4a3e0b9ec2b6113ce6583b80f0d234dec9a9815067244733e2134b9ba93bb9692fb44200bb5501bb109f2401e8baaf0115d795bb0346dfafaf953bed8e9a52a5b9b02d490c55fd89daf311ad5e08b070a9571f696d6df4715c8b69b840e4e03d6f361326e20d9546c47b3a63163e7df9bd260621358c166177ee7c69ed63a8c43dd4a78543aa9f922c0ef527f4aa61ff65bb14595f518412ce25a1e103df89cd4b363593da16c11d80a23a9b5ad8e3a7be8f697cecf82c8fbd889a4f743c839b67f7ba5453b10bbf59b1e4f4e821872c061a4125c0c15c1ca5164efe61a58bb54dcedc849800a6021a448d4660c3b85e2362b7cd8ce95156fbf408a09a30a8ccfc3554004e9f9a35382907eec00617e2ae1f8803146bc8c28b4f3bf3c6b183ae9248e7f05c4adce3e0b7ff29252b5be9b19431e3fe612d471f52c5c34cc12c83049189f4d2e5ca516df78766ba3449d07ef9436c68052c986d9dde8802c931194e2ce34acb8cc26663a09348b15c6c145d26306bded0d1f482803ae6dee26562b03fcb183b69ee4a0491e8776ecdadfca395cb4eac2948d4d64321a4e669f2f663eb54f05f12ed9c685835c3e79f982152dbe701073b9a4ab2932b46ee2424a5e18bbe5f25ce0b898ff6937927f4670defe430ac86021226ae055daf39b535cdc0899fcc99d15e67d66bd2dd89bb21b8d2689a8af10a1b0bd44103c469922c36fc0228d7b6febf5e366dceecf8bb1db385c8ab95d86ff09b76c2fa6282de81fd6864c495a4c8295df61a2548e1b81c3e3f30d7a41216801d6c2d1743f66ae2055756083e8bf403d436b8244ac214f4d84a693d13f299ba267401d094f2df70840e8a980622794212f0992ecf5a47980ab2cf7d5a6f12b0a489af3c3c847ac59bc89f36fbb0e08bf283b68213a17de38b3a45eade6f0b198def408f7711c16367bcc0ded794a9a323c7e7f07fad96ea9c4d7344c26e43844a27c21076b8d7cd07677602d91eac825eb5fd0631755c2dd1dbf7bce3eb3c3f7377fc6080ecd0b894e29769845725943e25932d4249abb4ab78d4e2ff2e2df42c8d884cd6bd13886cef080c6491c217abae0eec6e9d4d49eab6657f15cfd38e6cd6d0bd33198c4685ab302d0f46e42f4a5d5bb7d2840a0a8817b98a856700d4de74351896fe7d7d5a0d1bc57fb4c828aa51f9637807aeb905780f239527ed4affd83f68be8b7ad1e10d9e797ba39cdee24f7be0a0ab0ac22ea3968dac61eb4bdd522c9ce570edf63a439abfd9954bf6a16c88d86157d05477200a83255cde279b454979cee4de00e81cb44acdc4295c877566a749ab5b91d250f03d46ecc14210c196700338eea028c930ce104f20a9e7fabb0ad1d314ec1a2d97d1d1b9e09114dee0e3e513eacede01971ff85dc98634156073df4e8acd6c3aadd615adaffa7a81573813bc4ca21886ddd532021bba5c84b34c34665534db48d61903a03c1cca4ed955ca92c1e33b7664b494e3db6d1e637a49e537808a2669ebeca301691acd4fab0af197b9c7db01b7862466b568ab3a4712a25210264fb297a6b679dfc3fceb65bddd1a23d5b507a0d6da83d73b716d971c5179a92e57b9b93451eb943845a549de737f2d082a83682c32649b4941e787758ead9d2c256b2b4ed1e0255952ce83cccecc39e5bbdd38490f1960b26e5379943be3d9a64b5149c84d577e5fd099560baa292befa06ce9065fb03ed432a9e055ca4ad0e952f8368b3d230fd5239726f79f4c98a0b4a9648382b245d324cb61049562f765f923fc657ef36747658494d78590a1e27a2d09856acf50c3b26271c6d5aa96e8ff9bdb9043859665e21ea53a050c335cac414bbf27b0328ac2c7450acb26b093bf232358afd1135ee50ac3fb26b5f0256ccdd37033c8a59740607cfd549d4c6540afe4a6b4425ae1f633872dcfb5da8d0547cf0c4888817b71fbc7c45b2a641e9c1a76b6a6be124402422ada35edc02ed997d6b87b361aee95a16d2c528d89a52fe40dfd83434969bd86f02e63fc1ae72941209af39a08cfbb4c320bc47d853f5dbaf0cd60ec54608aadbc382fa6b5cab3e9cac57bea26609f4c79f6a6b4eb4a9336fa95783b0c0c366f36d5d6b8310b3cfdb800207919a131bc7f984f7fa11fd0bf2c89e060e9d1286e453fe97363ef72bd6eba29a85ffeccdc3bee72e12284333a5a40622c01619558d2750fc45abfa22059ebdf743f8e50ad29770d19f84d8a34232d6918514769b3bb2a1ea5e59e9556332ba669675764458e9349a1835c501a93e91dd3b31018979880a9913f54ec1e8526b8cffcb776b97fbb9424faa5c5eb60d2ac74955bba4b5182571d0d9f84f0df1baa722b20a78c9c0011c667f688b58489c9e450d83e40ac5eb41c5564b6d76a226448abe4a3f499927074125aa9c0e7e704c36df5bb110a0f15f8433a470e81db414827d5ce21ca1da1c8d51d746d1e1ca110127c15e92afd75d3cd05ce0b632cfa03745de3cdd4b57373d46676583c89f045c26c6fc5793e5489555ced08f83ba351135834a2028113c319af30cc85bc01a7f8208822d7d607aed0d2e12c80aa009100441b75beaccfe0adbda7e8bb870edf4963158794c8c3a5baacf6eec7b5efaefb7602dab8409d161beeb281cba21f1da0ccdc092d0433fb940d79699ffeb87ea775829a6e7e3b308a2ee0b7aec8ac5f35eed61be374c7c77196f7119a8882deff68230f461cb917b0ccb2b8597efcbdd1003b7b77b2c601ebd4b45c35b8426f7b9138ab3df0ec00819604ab8e1e64cf2aa2282b1269585af127a268cd207f964edff172e555398a16df44bdc52889538c3a27f8fbfffb61f7aeb55b259952bbfea81d73058d8b0f78ece9dc08e660437d21d4e3ec38b19e5afda7a6e33023f9158db8a1c14dabd9b8b307ddc66927f7b19df5e0da2237d98ddd890b81f1963808977d02198e8ae2e97419dbb1f8e51cad36a3424b955500fbdaab6ff8dbf028708b1f951fe43864b59b6c2368b816c98023d4480a91b3f1059e9c214bf55a7f8c7da907f79ff5568fd787d3aa022ab9d03cde551f7e3295f02c4f3aa37e4cebdd968c0f82f09eb004fbdb1a4ef3a0d426691bde3964c29ea65622f5d3ffd854053545ba1ec164495e4bef4845439c058f9438d13be7922b656db499c246ee6176a15b97e6a68e42f0c703033b699504e1f92b43054c7237199bd013d96faab47433b6b3f91dc66368706439d4ef7da3942ce8b9c1c9a9d0643fc4540e7d3f1c3821267e866cacd3e904be9f9df80381eec09eb2b0d745ff03ffb199b917a14fdd8fbfbffe8bfb0cf7023aa7183301a8a41e7097ff9f5247f8b78f7d08bbfc596a81047807cf0929677222e7e9e921b294e04088c3746d8dc19294645f1c093a21b4c5e6d92e54dd90465b11dd5d9d42af849070edff4ec63970f4088daaa33afdebb28d01df5ee043a8150ab1b25d864ef31e20c84696596cfbea92d02ea29c4a3933c41ec68aee7d68d7eea7f30d8920e14e62be42bcf856d7a58f46fdb2438b023e974f77281c5a462553627e9614504cbd3f1cae6e0fd9f7e89d9bce48946d0508616fbe542303dc542982c61d7bb4afbf3e76bf1fb2381cdc99f2175ef944dcd826aabdca2b7678db5262733c69ce504c38e7deb7adfb9b6d8bb00d8e4251e0438417ea615cde58bd76c2427b3d7a0578bbbff9fde2abbc5d60307aff0050b18176158aaedb34e283886378ff798b4f74e0a0c95d64271f1916280dd247304d9201c67f5e2640d9706add8703cac81795a0190107e2bb2941ed13738595da1c86ba0f68e2283a435cb5f162c74071a13dfe2266d05abaef080dd6b1dade115e883e04f0bb4be4d91f535ae6f822b02e814e65d2b7807d199a23d3f26209f6c9f93602a3a93ccfdebb5f8161b7928059674e15820d1848a980c8d1af5a73aadc5c402fbb6e730ba51227913ca27f0d78d331d6325d0a7926c238296b2a22b10a69cdffeb087dfe175511ed8e2cde8d7dae140e4ce92f892b129d9940e4a30b19f822ef7611b8750eaea8e55502604b7d2358c09a217af8be6c86d67cf6ff6130c971c9765d56631fe6224fbe1e833d497b534fbf6b030af93691f59295279aa1bdfb5d5d9d4668d5aea70e2b8fc117df0042e91c7e6225f27329727ed6e14a87c7943c040dfee4e5c06a20251c39a45ab4865951b0daefb9c05571fdcc21d1761945bd2b8047ccedd6f1e708646fbe61e75bb2728e8cee893d7e6f642119e786155a6cbab057d6d83b77716145119e974ad7355179d2adc3d748fa249cb58e32e6791d646240c05da4427b2f359976c8fd1486c604cb7ee647e24633d8fca8314cf1f85110ca6351156a2b26e44b040f7d2810acd36f45a3969c1fafd1a7e0bc14fd9b26593375be8e750c3f6534ffb85904d15d75fba05dac4a673de97f7543ee931724cd35474cd7ff5cf3e8abaf206f3030e92895633fa9d8499ea763601560260109dad18bd64b990531fc5377e6eaa5da050b98e1c6515ea48c7de1a15b63283d4a694cbad379356bfdac50e6c343879e29f6b9ab425600d51f257ceb35d0ca00f83cf5bd734223de716747614666ba1f1a8fa756e5f3ff0fc94fa4bd4073bddb0098cf565ee40af5732ee9218d262e5b64ad6b8118c54eeaf7072f2e15514a401779b425fa89d8abb1750e56cc3108dffdcf2d3fd86b8af4560d56f7ff0702154211f9949e3992d93e66892b297fa2d4bfe18de3fd74e96c9d30eb14fd458fdbc9e9a34e00f3280dd732520147fa2a8fa83e91dd0687501466a300015bf888c03fc08190c2753d7719acf6f84885c4c5642f466c1984f15a7716a9b608ee5f1b395726bcc8519766667d24d11e396e62ea39640c9e73e4e9e9e5076d7019ca1bebbd7097807f46b3b6fcb96ed4b433b25ec551fb176a5fa252ed1d81b0350cfdfb8069c9916495bef3a262b6668910896c0b37eee40547c663a901e92f41b417ac50e88d058d021a8f9a5783bd936cca4962bec1c9886689cc547970f9215232596392515182e563f720bb79d29baaabf0e2697de6500bc677e346847011ee3450358c0b16ca528368b5cbb8df5ab974a3cef072d20c9906fa585e0f3083ec6d8507b8561f64e65aa1aecf825fc47ad1459c87771549fd5c9a9cc094e7b1179ee1e90eff7158f28f59f029d90e708f4ec50b4f67d8b4bb7140065528354a7e25d63e92977183a0284ec22aa923210f0bfea89cca53547137381e5de0f60bc484bc2daf129b0380244f1ed4bfb674eb2791e76dce33cae684ad36620d5d67cb587f840caed316b7439b0e8c3de0e065e62680f3997369be3466670278168c9a1a644d870e3a8d0a79b2b720e8c3c51bb9133532beee64319e98714bb2e6d5c0b723962d923b0ef454361d4b3cb470bf8c39031ed4a75267f499741be15aacac92d8e6afdcb01a2e7d2dbf549ceb2a2108c4079c620f05ca1bd31d631c2c8d35ca0d73155f56ed020c25e389db356edf510ae088d11b5e4fed51d0dce4d3aa04924b09c28200ede5bec1a8f38cc5f081055e0f28d75afc4d588ca0e828d00085d150beafdda17b8df9e7d9218ea7d81f2e076412901c5ae04d6929d717fea2fcc8e5a1e69dbd7b5258799a2fa5eb108b6cc35dfab599fb27e6d75f1030b83f452af8137830337141f031942eba83123d3f87b5f01623d4613e5a44b4952c300baf3d4d3dbbfb0ad024a19b3810a174ef8453d85a25822f66e45eba2490f29de1077683ccc32e3517f88b51e010672a982f7c8591450c9ab1573143aefb61c17ebb0c92dcb0494d116b970c2a827a6b3608ae10d583d1f7d092263fa873de9f31cd59bc9491ff012059b63a9120af89477f2ccc34eee7bd66de60af64730c879128b49d31da6400c2471e0d5abf707e560574b477b8e20ca45d92182d639eb434e14aea1a3f91ad8fb60e4859b77389753990513181ea3a82884235e8520294359435cfba220502b591fc28ac36ec697442657d290bd7aad7fce53a3f1766f2bf7d55c24d7c0e9c7a71d6f1282ea1478e0a36378b50e4fee281f686bc53f50138036e2a5d6199d40caff084fde7b63b3c0a47da0791107c3218330f7c2e2c7609aba202fae5290243b6033379eb15edc572eee452008e04c9b53efd5f3d88327317b38934745bc3de4c55bd818febc7a7953bf03c4029f77177c2a974310f0485aa46252f1000dc71934947287c38ea5854f29c7b82f630afb8caf1fd880670307b155a6e7feddc019cfbbbdc18f3bc03da3bd371d93ccbf56bcb39eea55c2d113efc148127c30089d21ce6a5088dbfbcf8f8d75c19456bc962c371548634a95382acb5a0886efc46a87bdc111dc0d1e54084cea0d58054f00762c91d7fe0f0fbcf4c280f29f9cd5999a5e8c6f507f8080d7c7ea9a8685be50722cf1a082f3728dec8d6152cdc72f8da6b1805643c042f4f6780ba79cc8a2165d9d7acec8ab2f421bc3e77b51c62c4bbb262b5674ea7d2dcf9acb894d050e91b052364322a5b08bd9667249571c004fb495da7e24fc5620adda3af6848ccf238911a52bdbff766e4e279ac274afa2c2302faba25b5fe98d972a04aa13f77c0c05d7dd82b0a19f1ded8cf5f99c80e392b0aab1264a29e9fbcf0b69f6b0a9f2332e09ab74dea7277106d0883bb264e279c67e5bc69009225bf4fd1a8532f9392a011b55a73a7cf8d16a59d695b2a65b57fad64a2041f8c28804ee1a48845c5dab757d04f1d95520aa9ddb69904d6529c0e14bd789dfe37067073b3e0e136ae2aebb1c34c55b94ce942f786be4b45f801f35f7c768d91a460b92ffa57ff675f0b4b00437a07f871a8650f21b2bf7c722c1d9e860e8955fef5699ee53a5f6fe46fb9e5e17a1c69fe2538af4718b7215ad2c00c3d420589a8653ee511b809945451fb8205b19ce377c8d0253b05493c557cf2bd8ef208e8fc01beceea1acca38d025f328f28d69bcfaa3adc6d9573a3832dc3f3c758fe08cf9cd0c32acfddae81b3682869e8aa9725b64336252aeb2ee8eb78f0721aa3158217a3009948adb297c5ea45ec26cb6d963c7be47ee1b93fa136ebe73a21936df0148fa311206f8bca2e80719aeca8745ff74ddaad5182644762c66333f942d9a93c467d5f9fd5d0dbbe57480362d4bb0f760294f4eba3e1b08047d256dbda157635d21a43aff3a71f6ad574b402bb36e5270d7ed082c6fbae07771721513ae9ddb22d23b00733046c898ee6ac05ef8a51ce41919e1f241cb98e0592ace68214620ba1a748ef81131661f58f1635713ca2873e150a3e848c8d2ebd039769fda112b73050efa4d1c35dbb46ca5a7b7ccbed1dcded36af272f6838b4c1e7e6778e7e9ca3d794f275d49c9e32e768097349118d2337e7c031ada38d0cc5c04c286ff93083f6d58d73a821118c93432fda9a8c76fa2cbcc093a7decac8e4f001ecc9f67faf1c2f102120f0618469cf653bbd5fcefd4ef2bae86dc4f5393b840f9f47140cf7f46a186c21878a43612a71d3b540b9994f010ab623f878264cf46c7366d0bec5d43d481b47846091fd3cda73a9a28ceb7f839eca695c9f084a16c812475f6575ef2368c88cc6655f47663ef69ce4779fe3ccc4dd85a07a9e4c6f39f42690d231f5727f45c247a53fd8df029fcefda4f328658435892519c17205a3c715ad6bb7387d09a5e387c83f008daf626f5977c66203af1143ef7b59ccd8e3c17bb156bca317861f0b9f222ea63c044075a3a74beaf05c23d0a75caa60397d831bbe507234fff154960faf0f02776d3f9038c955bf0c1ec9c92523cf0b855c18d6ac3b35d437796420ba3dfd581dc6adac64315c1cb1a2c3a45ec4655bb2bd6e0b4a3082281ed0697a213d1d93142e96b4fd57431d2f4547451d008ab58bcd9765ccf3ca3297becd5de9e2be0263cfca09935c9334b5e687bc7e7057dc2ed03873be22200c9fe32a9497dd00a336cf4c723ead302340b5cd1fef8cd88330a9089fc93af4ef739295b94407b291bf33f4f39c936736e1166106428f8796a4b92805f4dfcf46d8692b54e40a9e8584c0eaac4caada87bb33f553eafeef5051b889402176ab766936a38ddd7e5205d2c87e133a02e84ab24ba2d889a4c4db8cbe18b271455e84da716f4a32acdbc0a5aaba25a2ec757c73847dd1c4ccb2967c651e5257692a4553dde227846bfe2977021805f46a287c835ea8dc5", 0x2000, &(0x7f00000015c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000440)={0x10, 0xffffffffffffffda, 0x3ff, {0x0, 0xb}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r1, &(0x7f0000000180)={0x50, 0x0, r2, {0x7, 0x2b, 0xfffffffe, 0x30004004, 0x0, 0xfffe, 0x6, 0xfffffffe, 0x0, 0x0, 0x1, 0x100}}, 0x50)
close(0x3)
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
close(r1)
pselect6(0x2000, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x300}, 0x0, &(0x7f0000000100)={0x8}, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

4m25.057406377s ago: executing program 2 (id=1010):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = add_key$user(&(0x7f0000000200), &(0x7f0000000300)={'syz', 0x2}, &(0x7f00000002c0)="f5", 0x30, 0xfffffffffffffffe)
syz_open_dev$loop(&(0x7f0000000180), 0x75d, 0x2480)
r4 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r3, r4, r3}, &(0x7f00000000c0)=""/83, 0x53, 0x0)

4m25.049578942s ago: executing program 5 (id=1012):
munmap(&(0x7f000045e000/0x1000)=nil, 0x1000)
mremap(&(0x7f0000dde000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000bb3000/0x1000)=nil)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
mmap(&(0x7f000095f000/0x3000)=nil, 0x3000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000582000/0x8000)=nil, 0x8000, 0xa)
mremap(&(0x7f00006bd000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000721000/0x4000)=nil)
munmap(&(0x7f0000a88000/0x1000)=nil, 0x1000)
munmap(&(0x7f000060f000/0x4000)=nil, 0x4000)
mremap(&(0x7f000061c000/0x13000)=nil, 0x13000, 0x4000, 0x3, &(0x7f0000fb0000/0x4000)=nil)
mremap(&(0x7f00007b2000/0x4000)=nil, 0x4000, 0x3000, 0x3, &(0x7f0000968000/0x3000)=nil)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
munmap(&(0x7f00003fe000/0xc00000)=nil, 0xc00000)

4m24.145266245s ago: executing program 5 (id=998):
r0 = fsopen(&(0x7f0000000140)='sysfs\x00', 0x0)
syz_emit_ethernet(0x64, &(0x7f00000004c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb08004012000000660000020290787f000001ac1e000123079078ac1414aab2c75314fd7a9492975471c24f16ddc5bafba4da95c6a323a178557aaf0d75aef07677416c6159debab22339bd6b6be7d5a9690e3245d0533c4fc10818ce2d759766f4c6bd8e7f3c0763a9775c62903b1dfd01f4078bd0694917e529107302a64667fdef2cfc08d9f36848c1e968401536b2269333a23feee42063553130d283aa98a8597131043c0a25e9790b7d70f2408fd50e6140e7d54822f70a15697e82e81adbbe8aacd64581a1cbd40ecda084053a384d8e1de957728b0e3758658746c1da780b7d50e362f902008835a78de5d7d4b0f5a1036cbe1b547caa86a5"], 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe2(&(0x7f0000000040)={<r2=>0xffffffffffffffff}, 0x0)
pipe2$9p(&(0x7f0000000180)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
tee(r2, r3, 0x4e, 0x0)
write$binfmt_script(r3, 0x0, 0x0)
r4 = fsopen(&(0x7f0000000140)='sysfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x5)

4m22.334652307s ago: executing program 5 (id=1006):
msgctl$MSG_INFO(0x0, 0xc, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
pipe(&(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r2, 0x6, 0x10000000013, &(0x7f0000000180)=0x1, 0x4)
connect$inet(r2, &(0x7f0000000300)={0x2, 0x0, @remote}, 0x10)
splice(r2, 0x0, r1, 0x0, 0xfea8, 0xa)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syz_open_procfs(0x0, 0x0)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x8014)

4m21.280502298s ago: executing program 2 (id=1007):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r1, 0x11b, 0x3, &(0x7f0000000140)=0x40, 0x4)
setsockopt$XDP_UMEM_FILL_RING(r1, 0x11b, 0x5, &(0x7f0000000180)=0x800, 0x4)
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f0000000340)={&(0x7f0000000000)=""/62, 0x31c000, 0x800, 0x9}, 0x20)
setsockopt$XDP_UMEM_COMPLETION_RING(r2, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
setsockopt$XDP_UMEM_COMPLETION_RING(r1, 0x11b, 0x6, &(0x7f00000000c0)=0x80, 0x4)
setsockopt$XDP_RX_RING(r2, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r3=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r2, 0x11b, 0x5, &(0x7f0000000300)=0x2, 0x4)
bind$xdp(r2, &(0x7f0000000100)={0x2c, 0x0, r3}, 0x10)
bind$xdp(r1, &(0x7f0000000240)={0x2c, 0x1, r3, 0x25, r2}, 0x10)

4m18.475894188s ago: executing program 5 (id=1019):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
unshare(0x2a020480)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

4m15.383172162s ago: executing program 5 (id=1023):
socket(0x10, 0x3, 0x0)
mount$overlay(0x0, 0x0, 0x0, 0x40000, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000580)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000001a40)=""/102392, 0x18ff8)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f0000000180), 0x4)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x401, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_FLUSH(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000680)=ANY=[@ANYBLOB="1c00000004060148a60df3a7d8082f000200000a05000100070000005f4e517bd27a2c84319718ca0a222fe1289cc1887bebd30ccc40b4f576459f375642d2950f91b91f017f88a47f924f623e1d50e7ea21528f17ae040aba4e3311d448da89b88db7746114b84245ec0fd3bf4996101e8aad829687b3fef7d697e30ef37b0b8b05c5"], 0x1c}, 0x1, 0x0, 0x0, 0xc011}, 0x800)

4m15.324903444s ago: executing program 2 (id=1025):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r3)
ptrace$getregset(0x4204, r3, 0x2, 0x0)

3m59.722014397s ago: executing program 33 (id=1025):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r3)
ptrace$getregset(0x4204, r3, 0x2, 0x0)

3m59.509852632s ago: executing program 34 (id=1023):
socket(0x10, 0x3, 0x0)
mount$overlay(0x0, 0x0, 0x0, 0x40000, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000580)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000001a40)=""/102392, 0x18ff8)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f0000000180), 0x4)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x401, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_FLUSH(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000680)=ANY=[@ANYBLOB="1c00000004060148a60df3a7d8082f000200000a05000100070000005f4e517bd27a2c84319718ca0a222fe1289cc1887bebd30ccc40b4f576459f375642d2950f91b91f017f88a47f924f623e1d50e7ea21528f17ae040aba4e3311d448da89b88db7746114b84245ec0fd3bf4996101e8aad829687b3fef7d697e30ef37b0b8b05c5"], 0x1c}, 0x1, 0x0, 0x0, 0xc011}, 0x800)

19.260558527s ago: executing program 6 (id=1473):
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
syz_open_dev$radio(&(0x7f00000000c0), 0xffffffffffffffff, 0x2)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
userfaultfd(0x80001)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/hardlockup_count', 0x800, 0x4)
read$char_usb(r1, &(0x7f0000000040)=""/236, 0xec)
unshare(0x22020400)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
pselect6(0x40, &(0x7f0000000240)={0x0, 0x0, 0x1ff, 0x7d, 0x0, 0x8000, 0x4, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x6, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0)

15.806620075s ago: executing program 6 (id=1488):
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0xc, 0xe, &(0x7f0000000780)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xd6}, 0x94)
fcntl$setsig(0xffffffffffffffff, 0xa, 0x12)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x50)
r1 = socket$unix(0x1, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000000)={'vxcan0\x00', <r2=>0x0})
r3 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r3, &(0x7f0000000200)={0x1d, r2}, 0x10)
sendmsg$can_bcm(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="01000000d7fe68ca7e4d5d5bdbe70000", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=r2, @ANYRES64=r1, @ANYBLOB="3bf81bb9e9"], 0x20000600}}, 0x0)

11.991283505s ago: executing program 0 (id=1481):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
read$alg(0xffffffffffffffff, 0x0, 0x0)
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000340)=0x6)
ioctl$vim2m_VIDIOC_S_CTRL(0xffffffffffffffff, 0xc008561c, 0x0)
r3 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r3, &(0x7f0000000100)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r3, &(0x7f00000000c0)={&(0x7f0000000080)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, &(0x7f0000000240)=[@mask_fadd={0x58, 0x118, 0x8, {{0x0, 0x3}, 0x0, 0x0, 0x5c, 0x8}}], 0x58}, 0x0)

11.897148417s ago: executing program 6 (id=1484):
syz_genetlink_get_family_id$SEG6(&(0x7f0000000080), 0xffffffffffffffff)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = socket$kcm(0x2, 0x1, 0x0)
sendmsg$inet(r2, &(0x7f0000000fc0)={&(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x20000811)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)
ioctl$BINDER_GET_NODE_INFO_FOR_REF(r0, 0xc018620c, &(0x7f0000000000)={0x2})

10.505906533s ago: executing program 0 (id=1496):
bind$inet(0xffffffffffffffff, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x40008d0}, 0x40)
sendmsg$NFT_BATCH(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000000)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSETELEM={0x3c, 0xc, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x10, 0x3, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x64}, 0x1, 0x0, 0x0, 0x24000840}, 0x40)

7.51161385s ago: executing program 0 (id=1487):
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x9}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeeb, 0x8031, 0xffffffffffffffff, 0xc36e5000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$inet(0xa, 0x1, 0x186)
openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0)
r3 = socket$kcm(0x29, 0x5, 0x0)
setsockopt$kcm_KCM_RECV_DISABLE(r3, 0x119, 0x1, &(0x7f0000000000)=0x2, 0x4)

7.510578362s ago: executing program 1 (id=1499):
prlimit64(0x0, 0xe, &(0x7f0000000480)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x1}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x240})
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_COPY(r3, 0xc028aa05, &(0x7f0000000180)={&(0x7f00002b9000/0x400000)=nil, &(0x7f00003ab000/0x2000)=nil, 0x400000, 0x2, 0x2})

6.284392469s ago: executing program 4 (id=1489):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x30000c6, &(0x7f0000000200), 0x1, 0x569, &(0x7f00000002c0)="$eJzs3U1rXFUfAPD/nWT6/jxNoRQVkYALK7WTJvGlgou61mJB93VIbkPJpFMyk9LEgu3CrqW4EQviXly7LH4BF36GghaKlKALN5E7uTOdJDPJtJ0mU+f3g1vOuS8598y5/9NzcmYyAQyt8eyfQsTLEfF1EnE0IpL82GjkB8fXz1t9dGMm25JYW/v0z6RxXpZv/qzmdYfzzEsR8ctXEacKW8utLa/MlyuVdDHPT9QXrk7UlldOX14oz6Vz6ZWp6emz70xPvf/eu32r65sX/v72k3sjee7YnSTOxZE8116PZ3CzPTMe4/lrUoxzm06c7ENhgyTpuPenXb8PnsxIHufFyPqAozGSRz3w3/dlRKwBQyp54vj/rfh87gTYXc1xQHNu36d58Avj4YfrE6Ct9R9d/91IHGjMjQ6tJhtmRtl8d6wP5Wdl/PzH3TvZFv37PQTAjm7eiogzo6Nb+78k7/+e3pkeztlchv4Pds+9bPzzVqfxT6E1/okO45/DHWL3aewc/4UHfSimq2z890HH8W9r0WpsJM/9rzHmKyaXLlfSrG/7f0ScjOL+LL/des7Z1ftr3Y61j/+yLSu/ORbM7+PB6P6N18yW6+VnqXO7h7ciXuk4/k1a7Z90aP/s9bjQYxkn0ruvdTu2c/2fr7UfIt7o2P6PV7SS7dcnJxrPw0Tzqdjqr9snfu1W/l7XP2v/Q9vXfyxpX6+ttV890lMZ3x/4J43WevJGG+ofvT//+5LPGul9+b7r5Xp9cTJiX/Jxa3+huX/q8bXNfPP8rP4nX9++/+v0/B+MiM97qn3E7eM/vtrt2CC0/2zH9m/Nbje1/5Mn7n/0xXfdyu+t/3u7kTqZ7+ml/+v1Bp/ltQMAAAAAAIBBU4iII5EUSq10oVAqrb+/43gcKlSqtfqpS9WlK7PR+KzsWBQLzZXuo23vh5jMVwyb+alN+emIOBYR34wcbORLM9XK7F5XHgAAAAAAAAAAAAAAAAAAAAbE4S6f/8/8vvXPux/Y/TsEnitf+Q3Da8f478c3PQEDyf//MLzEPwwv8Q/DS/zD8BL/MLzEPwwv8Q/DS/wDAAAAAAAAAAAAAAAAAAAAAAAAAABAX104fz7b1lYf3ZjJ8rPXlpfmq9dOz6a1+dLC0kxpprp4tTRXrc5V0tJMdWGnn1epVq9OTsXS9Yl6WqtP1JZXLi5Ul67UL15eKM+lF9PirtQKAAAAAAAAAAAAAAAAAAAAXiy15ZX5cqWSLkpIPFVidDBuQ6LPib3umQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgsX8DAAD//welMww=")
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x11, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)=<r1=>0x0)
fcntl$lock(0xffffffffffffffff, 0x26, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x1})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r1, 0x1, &(0x7f0000000040)={{0x77359400}}, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27fffff, 0x4002011, 0xffffffffffffffff, 0x9000)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000080)={'#! ', './bus'}, 0x9)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x0, &(0x7f0000130000/0x800000)=nil)
getdents(0xffffffffffffffff, &(0x7f0000000500)=""/184, 0xb8)
utimensat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KDSIGACCEPT(0xffffffffffffffff, 0x4b4e, 0x1c)
userfaultfd(0x800)

6.2830885s ago: executing program 1 (id=1501):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeee, 0x8031, 0xffffffffffffffff, 0x4000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x840, 0x0, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b70000008100003bbfa30000000000000703000005feffff720af0fff8ffffff71a4f0ff0000000071105400000000001d400500000000004704000001ed00000f030000000000006f440000000000006b0a00fe000000007303000000000000b500feff000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050cdcfc92f5daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646c0200000000000000020000e35208b0bb0d2cd829e654400e2438ec649dc76128610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda82fc9c4d7ecc7a803bf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714f62ba7a54f0c33d39000d0bfed3a6a59ff616236fd8f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06fa2e04cfe0649226c697d9e8eaade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00023ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf9bf04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff4e2c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88f15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40fc5d2f55ff07c53147de202ce517b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661061173f359e9052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff26b61aac8aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c7bc46dd12305a1ae9dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e26534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ad1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336dfaa6d5d164301190bc2d4c04087729033342045804a28082abc3b4762302a271722fb515f31e0dd115a292f1e68481a62cd15ea5460a29c60b1058fb7aa9bf4ee3cbe11b03711a15d730646b72d074dab1e8c429339f3460d324c17a4a8bfc7d7eab45bef00664d6dc8230000065937f36f6490eb033b1ce0d4922701cb42aa86ee11cd5950b58ebffffae2aba1a21410e6cb3835bc2c19c9dacbb5f836d1c0de069c20c55fa567859aca8be3afdc3a14779e9181a382831580eac154d314974d209c00896548b04f80d68da1c7ecdfea1e05d0f442b81c4f2a38ae1f43688aff1d3eb14112da5d5289bedeeff7093a12faf47f55bd7ffc82893600042e761ec18de4cd287e176befc4af4063e5f091f8a50cbf02ad70682c0131d616ff6d999fc6fba6e9d4a3fc4e6430aca493d38db18ef4b2d46a22c1dc14910a49126684e453d30ea51dc537a0c"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00}, 0x48)

6.280118944s ago: executing program 6 (id=1490):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
splice(r1, 0x0, r3, 0x0, 0x6, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c89425, &(0x7f00000002c0)={"6b2f3b6a399bc2f1af59106a2a1667f8", 0x0, 0x0, {0x9, 0x9d5f}, {0xd, 0x41}, 0xffff, [0xde99, 0x8e9, 0xc, 0x1d, 0x43, 0xfffffffffffffffb, 0x28, 0x1, 0x34e0000, 0x7ffffffffffffffb, 0x9, 0x5, 0x6, 0x8, 0x7, 0x4]})
write$cgroup_subtree(r4, &(0x7f0000000280)=ANY=[], 0x10448)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r4, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x1, 0x2, 0x11fe726f7e78fcf0}, 0x28)
close(r2)
write(r0, 0x0, 0x0)
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x100000d, 0x6031, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000007, 0x31, r3, 0x0)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r5, 0x84, 0x83, &(0x7f0000000000)=@assoc_value, &(0x7f0000000080)=0x8)

4.907216852s ago: executing program 4 (id=1491):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, r1, {0x2, 0x4e24, @broadcast}, 0x2, 0x0, 0x3}}, 0x26)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r2, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x3, r0, {0x2, 0x4e21, @broadcast}, 0x2, 0x9800, 0xfffffffd}}, 0x2e)
getpid()
write$RDMA_USER_CM_CMD_MIGRATE_ID(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r3, &(0x7f00000000c0)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x2, 0x3}}, 0x26)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
ioctl$PPPIOCATTCHAN(r4, 0x40047438, &(0x7f0000000500)=0x2)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0xfc, 0x7fff0026}]})
close_range(r5, 0xffffffffffffffff, 0x0)

4.905876714s ago: executing program 1 (id=1504):
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ff8000/0x2000)=nil, 0x0}, 0x68)
r0 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r0, &(0x7f0000000000)=@file={0x1, './file0\x00'}, 0x6e)
listen(r0, 0x0)
socket$unix(0x1, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x10, 0x4, &(0x7f0000000040)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd}, 0x94)
bind$unix(0xffffffffffffffff, &(0x7f0000000100)=@file={0x1, './file0\x00'}, 0x6e)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x4004045)
r1 = io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0x970, 0x1f480, 0x0, 0x399})
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e21, 0x7, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0xa}, 0x1c)
r2 = add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000080)="ae", 0x1, 0xffffffffffffffff)
keyctl$read(0x2, r2, &(0x7f00000000c0)=""/4096, 0x1000)
io_uring_enter(r1, 0x8ae, 0x6933, 0x17, 0x0, 0xeffd)

4.600700615s ago: executing program 4 (id=1492):
socket$packet(0x11, 0x3, 0x300)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0xc, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000500)='/sys/kernel/address_bits', 0x202, 0x0)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x30}, 0x1, 0x0, 0x0, 0xaa34a4cfdf933201}, 0x10)
r1 = syz_open_dev$loop(&(0x7f0000000280), 0x80010a, 0x1cb600)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_freeze_timeout', 0x82803, 0x8e)
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f0000000080)={r2, 0x0, {0x0, 0x0, 0x0, 0x6, 0x4000000000000ffd, 0x0, 0x0, 0x1d, 0x14, "faf98317e5a1149989fc8dbe43ea6acc96e3a2503dc3bd3fe37d58128bbad0099cebdc25f5d69098c8b534464c516bdd8a0f350000e35abdb80e38f5eb010001", "32d8cc263d9e234b02000000000000004a6783cdd3dfe7800b2d7b6aa54cc5001fcaed1e831fa79a000000020000000000000400", "67523760fd40f78d2cfc03d81a8ca55ba139c01802c4dae4162e43ac61b7ad33", [0x8, 0x5]}})
ioctl$LOOP_SET_BLOCK_SIZE(r1, 0x4c09, 0x400)

3.964283871s ago: executing program 0 (id=1493):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmmsg$inet_sctp(0xffffffffffffffff, 0x0, 0x0, 0x0)
r3 = syz_open_dev$sg(&(0x7f0000001940), 0x0, 0x202)
r4 = syz_io_uring_setup(0x32d9, &(0x7f0000000200)={0x0, 0x6273, 0x8, 0xffffffff, 0x3ffffe, 0x0, 0x0}, &(0x7f0000000300)=<r5=>0x0, &(0x7f0000000140)=<r6=>0x0, &(0x7f00000000c0)=<r7=>0x0)
syz_io_uring_submit(r5, r6, r7, &(0x7f0000000100)=@IORING_OP_WRITE={0x17, 0x0, 0x4000, @fd=r3, 0x8, 0x0})
io_uring_enter(r4, 0x54e7, 0xaf26, 0x22, 0x0, 0x0)

3.771753957s ago: executing program 4 (id=1494):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000540)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-serpent-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, 0x0, 0x0)
r4 = accept4(r3, 0x0, 0x0, 0x80800)
sendmmsg$alg(r4, &(0x7f0000005a80)=[{0x0, 0x0, &(0x7f0000001c80)=[{&(0x7f0000000940)="7c5653a05074594f90b667043fe5871d494d97b9b8f89159be0bc6f8bf706baf933dd16d95d8b50041237204fa7a2474", 0x30}], 0x1, 0x0, 0x0, 0x24000090}], 0x1, 0x40800)
recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000001c0)=""/96, 0x60}], 0x1}, 0x0)

2.893109545s ago: executing program 1 (id=1495):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r3 = io_uring_setup(0x1b7f, &(0x7f0000000040)={0x0, 0x970, 0x1f480, 0x0, 0x39a})
syz_emit_ethernet(0x22, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa"], 0x0)
io_uring_enter(r3, 0x12a, 0xffffffdc, 0x17, 0x0, 0x0)

2.196792977s ago: executing program 0 (id=1497):
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x1)
bpf$PROG_BIND_MAP(0xa, 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
pipe(0x0)
r0 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000400)={'veth0_to_hsr\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd25, 0x25dfdbfe, {0x0, 0x0, 0x0, r1, {0x0, 0xffe1}, {0xffff, 0xffff}, {0xffe0}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x4, 0x9}}]}}]}, 0x48}}, 0xc840)
sendmsg$nl_route_sched(r0, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000800)=@newtfilter={0x54, 0x2c, 0xd2b, 0x70bd29, 0x25dfdbfb, {0x0, 0x0, 0x0, r1, {0x6}, {}, {0x7, 0xfff1}}, [@filter_kind_options=@f_u32={{0x8}, {0x28, 0x2, [@TCA_U32_SEL={0x24, 0x5, {0xd, 0x7, 0x1, 0x3d3f, 0x0, 0xfff, 0xb709, 0x58f, [{0x0, 0x20008000, 0x4, 0x1}]}}]}}]}, 0x54}, 0x1, 0x0, 0x0, 0x4084}, 0x24040084)
recvmmsg$unix(r0, &(0x7f0000000580)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000002c0)=""/219, 0xdb}], 0x1}}], 0x1, 0x60, 0x0)
sendmsg$GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)={0x2c, 0x0, 0x1, 0x2, 0x25dfdbfe, {}, [@GTPA_LINK={0x8}, @GTPA_MS_ADDRESS={0x8, 0x5, @private=0xa010102}, @GTPA_LINK={0x8, 0x1, r1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4004054}, 0x4000044)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[], 0xc3}, 0x1, 0x100000000000000, 0x0, 0x2000}, 0x40400c0)
r2 = socket(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f0000000000), 0x4000000000001f2, 0x0)

2.103767933s ago: executing program 4 (id=1498):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000240)='./file1\x00', 0x2200008, &(0x7f0000000800)={[{@jqfmt_vfsv1}, {@stripe={'stripe', 0x3d, 0x6}}, {@norecovery}, {@noauto_da_alloc}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@jqfmt_vfsv1}, {@inlinecrypt}, {@grpquota}, {@norecovery}]}, 0x3, 0x5a8, &(0x7f0000000a40)="$eJzs3U1rG0cfAPD/ynLenycOhND2UAw5NCWNHNt9SaGQ9Fja0EB7T4WtmGA5CpYcYjeQ5NBceimhUEoDpR+g9x5Dv0C/Qi+BNhBKMO0hF5WVV7EiW7Yli9i1fj9YeWZ35dn/7sxoVrtiAxhYo+lLLuLViPgmiTjasiwf2cLRlfWWn96aSqck6vXP/koiyeY110+yv4ezzCsR8etXEadza8utLi7NFsvl0nyWH6vNXR+rLi6duTpXnCnNlK5NTE6ee2dy4v333u1brG9e+uf7Tx9+dO7rk8vf/fz42P0kLsSRbFkzjoPbK+JOa2Y0RrN9MhwX2lYc3145u06y0xtAT4aydj4caR9wNIayVg/sfbcjog4MqET7hwHVHAc0z+1bz+cHwZMPV06A1safX/luJA7sT18PLScvnBml57sjfSg/LeOXPx/cT6do+z6l3e0Xs0N9KB4YYHfuRsTZfH5t/5dk/V/vzja+PN5YexmD9vkDO+lhOv55a73xT645/mm8to9/Dq/TdnuxefvPPW5bJenntYZ0/PfBuuPf513XyFCW+19jzDecXLlaLp2NiP9HxKkY3p/mN7qec275Ub3TstbxXzql5TfHgtl2PM7vf/E908VacTsxt3pyN+K11fFvEmv6/wONsW778U/3x6UtlnGi9OD1Tss2j7/V7a0HtkX1nyLeWPf4r9ayZOPrk2ON+jDWrBVr/X3vxG+dyu8u/v57cnelom8Q/0jSer222n0ZPx54Vuq0rNf6vy/5vJHetzLrWb1Yq82PR+xLPmmdHzfT+ROr723mb2brp/X/1MmN+7/16v/BiPhii/HfO36v46rdHv9tXp9eI41/uqvj333i0cdf/tB7/Onxf7uROpXN2Ur/t9UN3M6+AwAAAAAAgN0mFxFHIskVnqdzuUJh5f6O43EoV65Ua6evVBauTUfjt7IjMZxrXuk+2nI/xHh2P2wzP9GWn4yIYxHx7dDBRr4wVSlP73TwAAAAAAAAAAAAAAAAAAAAsEsc7vD7/9QfnjAFe59HfsPg2rT99+NJT8Cu1KH99/9pW8CuY/wPg0v7h8HVaP8dH9EJ7GU+/2Fw9dD+3RoAe4TPfxhc+biz05sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAe8mlixfTqb789NZUmp++sbgwW7lxZrpUnS3MLUwVpirz1wszlcpMuVSYqsxt9v/Klcr18YlYuDlWK1VrY9XFpctzlYVrtctX54ozpcul4ZcSFQAAAAAAAAAAAAAAAAAAAPy3VBeXZovlcmm+q8Tv0cu7VhO5bZX+shPnY1dsRs+JZLP9fD47HD0Vkd/5ACW6Swxlx3vDlXeoQwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdfwbAAD//39JMAE=")
setxattr$trusted_overlay_upper(0x0, 0x0, &(0x7f0000001000)={0x0, 0xfb, 0x37a, 0x4, 0x3, "6acd9ba65a4b7d5dde169c8e9bc0152f", "dafadf7cc553a0abb5656ad07e6939acd8a996e6b02a63afc8aa7ab5ee6589e5f2b57718537181542ab7ebf631ee7eb806e40575035530970c77250618b653bec569cc46b49c960648d4544c3d935cbccd240399a86414a3882bc6eada79f3e425eab4b729ec388d7a86650dba3728f9ab0d824adf2cfd7672d48fd410ed45236ce58d52d7a37a04a1ea42d5757798932df91994561a328747844b6c03dbbc0465fb2ecd13c2e88f883300488e1d6a280af02f826621dbd09d8b67a4f71270ebfa9113a2ac75aa66cee7a9f483111e1a8e7530c8fcae9560cc07abc3bd2a3962260dca3b5f3b2332f4b5ba972e9cbb6c543c316620510b8c2c50f0577a534ec142ef306ccf217eaec167db7869e7f214d9c5604f68a12fe7515218beaf31f16e0ac99240944e6228c7cff5aada6846bdb85e1f3a7cb9240844d3a4c0e6b24125a50ecad77174cc8cb3e0646a3f23974d7ebf877473d829129fa1a08949a5cd87fd4b2f83e5b561c686acd4ffca8d7fa3ff1d38775fc43a2be767b9c1308f3b51ba5df24f206ab41138b43565946eb628e5ef9ced55921289405a89f786491bee733cd26cfdae669c4df780ff788f8e6665545e862f4b77f01a0406524024063b4016178c6963156eb3a7d7d0a07e02ec8f5e35ee0110fd955b2721c75b9d9b68d845bab7d8a202fbcce29b8b4481945d6f3f67582257206a6c5cebd64c2ae08ba519932ad277bad80da5a1fb6c4081225e12d0e2a68e4558545fac86cc758603c1fe71f7acb686c124fccd238623932b32adb893194c6e84c7f18094807ec240f7395d4e3c07c0ce9cf389f82d5180ddcbff5a47344f8b681a4fa079996e8372485e3c4dc81384df780a711ef38351a5319331e0ad48652a700162c3645472715876368ce8e01964e2d35debafae484236bfd3f6a55102c1885eba4d1ce72c7c92b1365089ec985a5e95a6c68be206e91276d57ad11252eec814e15a786b73b351190c877368d8f2777f11c08a681db148c361f6b867d98843437be7bde5a26fd11cb00c917c159e7f9dfc973ef430c962f1da11d20a294980184e9f660185fa589d0c7a1b0be7a89e6da47af3b752ea7cd49cfa4bae4857647549980edd2c7bb372b57d5851f51340fe543098eb901578f2c76da5421653c9cfbf8a4ebf86ba38fce818ce3c7e633a8189af313beb167d28a07d9f4893ec1f8d4a044b7c12c2ccfb6c2969"}, 0x37a, 0x1)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x0)
sync()
rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000a00)='./file0/file0\x00')

446.0273ms ago: executing program 1 (id=1500):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000580), 0x100}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$inet(r5, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000900), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmsg$inet(r7, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r6, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
open_tree(0xffffffffffffff9c, 0x0, 0x89901)

433.081842ms ago: executing program 6 (id=1512):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140))
openat(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0, 0x0)
syz_io_uring_setup(0x47a8, &(0x7f0000000340)={0x0, 0x9560, 0x800, 0x80000, 0x200}, 0x0, 0x0, 0x0)
fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
dup(r0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240))
socket(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0xd, 0x3, &(0x7f0000000000)=@framed, &(0x7f0000000080)='syzkaller\x00'}, 0x94)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180))
openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x1f, 0x10, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000005000000000000008000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000000000000850000008600000018010000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000050000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000200000085000000a600000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x11}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)

224.201357ms ago: executing program 4 (id=1502):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
r0 = msgget$private(0x0, 0x7fc)
msgrcv(r0, 0xffffffffffffffff, 0x0, 0x0, 0x1000)
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x21, 0x2}, &(0x7f0000000b80)=<r1=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r1, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x8)
r2 = fsopen(&(0x7f00000001c0)='bpf\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
fsmount(r2, 0x1, 0x0)

222.091847ms ago: executing program 6 (id=1503):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0xffffffffffffff34, &(0x7f0000000080)={0x0, 0xb8}}, 0x0)
getsockname$packet(r1, &(0x7f0000000340)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000000)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="34000000100081eee80000040000000010000000", @ANYRES32=r3, @ANYBLOB="ddfffffdff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB="20000000140001000000000000000000020000ff", @ANYRES32=r3, @ANYBLOB="08000200ac1414aab2c9f47d6e50a2"], 0x20}}, 0x0)
r4 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r4, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local}, 0xc)
r5 = socket(0x10, 0x803, 0x4)
sendmsg$nl_route(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x20088814}, 0x0)
r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_mreq(r6, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8)

86.26957ms ago: executing program 0 (id=1505):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
mprotect(&(0x7f00004e2000/0x4000)=nil, 0x4000, 0x3)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='smaps\x00')
read$FUSE(r3, &(0x7f0000000080)={0x2020}, 0x2020)

0s ago: executing program 1 (id=1506):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000d80)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@enum={0x0, 0x0, 0x0, 0x13}]}}, 0x0, 0x26}, 0x20)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000003c0)={0x9, 0x4, 0x4, 0x2, 0x80, 0x1, 0x0, '\x00', 0x0, r3, 0x1, 0x1}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0xd, 0x4, 0x4, 0xa8, 0x0, r4, 0x0, '\x00', 0x0, r3, 0x0, 0x5}, 0x50)

kernel console output (not intermixed with test programs):

1: config 1 interface 0 altsetting 3 endpoint 0xB has invalid wMaxPacketSize 0
[  234.315387][ T5971] usb 4-1: config 1 interface 0 altsetting 3 bulk endpoint 0xB has invalid maxpacket 0
[  234.349640][ T5971] usb 4-1: config 1 interface 0 altsetting 3 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  234.373129][ T5971] usb 4-1: config 1 interface 0 has no altsetting 0
[  234.380186][ T5971] usb 4-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77
[  234.391188][ T5971] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  235.356016][ T5971] usb 4-1: can't set config #1, error -71
[  235.452982][ T5971] usb 4-1: USB disconnect, device number 4
[  237.946037][ T7376] netlink: 'syz.1.386': attribute type 1 has an invalid length.
[  239.980527][ T7399] fuse: fd is not a fuse device
[  240.949958][ T7376] workqueue: Failed to create a rescuer kthread for wq "bond2": -EINTR
[  242.384010][ T7419] netlink: 'syz.2.399': attribute type 10 has an invalid length.
[  243.480397][ T7424] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  243.801196][ T7419] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  243.824668][ T7419] team0: Port device netdevsim0 added
[  243.920180][ T7432] fuse: fd is not a fuse device
[  249.054163][ T7477] bond0: (slave bond_slave_1): Releasing backup interface
[  249.403395][ T7498] loop3: detected capacity change from 0 to 16
[  249.450765][ T7498] MTD: Attempt to mount non-MTD device "/dev/loop3"
[  249.507655][ T6150] udevd[6150]: incorrect cramfs checksum on /dev/loop3
[  249.618397][ T6150] udevd[6150]: incorrect cramfs checksum on /dev/loop3
[  250.988612][ T7516] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  252.247714][  T985] usb 4-1: new full-speed USB device number 5 using dummy_hcd
[  252.298697][ T7538] netlink: 'syz.0.436': attribute type 4 has an invalid length.
[  252.442691][  T985] usb 4-1: New USB device found, idVendor=04b8, idProduct=0202, bcdDevice= 0.40
[  252.466804][  T985] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  252.494788][  T985] usb 4-1: Product: syz
[  252.508646][  T985] usb 4-1: Manufacturer: syz
[  252.528226][  T985] usb 4-1: SerialNumber: syz
[  252.842518][   T30] audit: type=1326 audit(1776705852.426:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7543 comm="syz.5.451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f978899c819 code=0x7fc00000
[  252.939883][   T30] audit: type=1326 audit(1776705852.466:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7543 comm="syz.5.451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f978899c819 code=0x7fc00000
[  253.770256][  T985] usblp 4-1:1.0: usblp0: USB Unidirectional printer dev 5 if 0 alt 0 proto 1 vid 0x04B8 pid 0x0202
[  254.158012][ T7561] loop2: detected capacity change from 0 to 512
[  254.169200][ T7561] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  254.183229][ T7561] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  254.217369][ T7561] EXT4-fs error (device loop2): ext4_orphan_get:1423: comm syz.2.441: bad orphan inode 131083
[  254.239246][ T7561] loop2: lost filesystem error report for type 5 error -117
[  254.244482][    C1] EXT4-fs (loop2): initial error at time 1776705853: ext4_orphan_get:1423
[  254.260602][    C1] EXT4-fs (loop2): last error at time 1776705853: ext4_orphan_get:1423
[  254.290816][ T7561] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  256.120526][ T5919] usb 4-1: USB disconnect, device number 5
[  256.235166][ T5919] usblp0: removed
[  256.473986][ T1309] ieee802154 phy0 wpan0: encryption failed: -22
[  256.485548][ T1309] ieee802154 phy1 wpan1: encryption failed: -22
[  256.958263][ T5843] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  258.337985][ T7598] tipc: Started in network mode
[  258.364257][ T7598] tipc: Node identity ac1414aa, cluster identity 4711
[  258.406639][ T7598] tipc: Enabled bearer <udp:syz2>, priority 10
[  258.499327][ T7598] tipc: Enabled bearer <eth:veth0_macvtap>, priority 0
[  259.665031][  T985] tipc: Node number set to 2886997162
[  260.634202][   T24] usb 4-1: new full-speed USB device number 6 using dummy_hcd
[  261.476656][ T7625] fuse: Bad value for 'fd'
[  261.500650][ T7620] kernel read not supported for file /file0 (pid: 7620 comm: syz.5.458)
[  261.571767][   T30] audit: type=1800 audit(1776705861.156:29): pid=7620 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.458" name="file0" dev="mqueue" ino=13100 res=0 errno=0
[  261.707650][   T24] usb 4-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  261.746764][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  261.785139][   T24] usb 4-1: Product: syz
[  261.800472][   T24] usb 4-1: Manufacturer: syz
[  261.826275][   T24] usb 4-1: SerialNumber: syz
[  261.857717][   T24] usb 4-1: config 0 descriptor??
[  262.104526][   T24] usb 4-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  262.786830][ T7646] netlink: 180 bytes leftover after parsing attributes in process `syz.4.470'.
[  262.900831][ T7646] =======================================================
[  262.900831][ T7646] WARNING: The mand mount option has been deprecated and
[  262.900831][ T7646]          and is ignored by this kernel. Remove the mand
[  262.900831][ T7646]          option from the mount to silence this warning.
[  262.900831][ T7646] =======================================================
[  264.639531][   T24] dvb_usb_rtl28xxu 4-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  264.677366][   T24] usb 4-1: USB disconnect, device number 6
[  271.622190][ T7712] loop3: detected capacity change from 0 to 1024
[  271.656604][ T5919] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  271.735121][ T5972] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  271.834240][ T5919] usb 2-1: Using ep0 maxpacket: 16
[  271.873829][ T5919] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  271.915389][ T5919] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 11
[  271.942169][ T5972] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  271.943291][ T5919] usb 2-1: config 1 interface 0 altsetting 3 endpoint 0xB has invalid wMaxPacketSize 0
[  271.970184][   T30] audit: type=1800 audit(1776705871.556:30): pid=7719 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.490" name="file1" dev="loop3" ino=20 res=0 errno=0
[  271.993989][ T5972] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  272.004352][ T5972] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  272.017411][ T5919] usb 2-1: config 1 interface 0 altsetting 3 bulk endpoint 0xB has invalid maxpacket 0
[  272.024606][ T5972] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  272.060398][ T5919] usb 2-1: config 1 interface 0 altsetting 3 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  272.071488][ T7708] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  272.103165][ T5919] usb 2-1: config 1 interface 0 has no altsetting 0
[  272.132793][ T5919] usb 2-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77
[  272.151830][ T5972] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  272.172616][ T5919] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  272.229572][ T5919] ums-sddr09 2-1:1.0: USB Mass Storage device detected
[  272.658755][ T7705] sctp: [Deprecated]: syz.1.489 (pid 7705) Use of int in maxseg socket option.
[  272.658755][ T7705] Use struct sctp_assoc_value instead
[  273.824316][ T5972] usb 3-1: USB disconnect, device number 4
[  276.085586][ T5823] usb 2-1: USB disconnect, device number 3
[  277.706108][ T7754] netlink: set zone limit has 4 unknown bytes
[  281.030212][ T7779] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  282.399308][ T7788] loop1: detected capacity change from 0 to 1024
[  283.656873][   T30] audit: type=1800 audit(1776705883.246:31): pid=7798 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.512" name="file1" dev="loop1" ino=20 res=0 errno=0
[  284.234807][ T7807] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  284.410319][ T7812] bridge: RTM_NEWNEIGH with invalid ether address
[  284.803807][ T7818] overlayfs: failed to clone upperpath
[  288.153877][   T24] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  288.446415][   T24] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  288.464754][   T24] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  288.476748][   T24] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  288.489805][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  288.523137][ T5918] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  288.567280][ T7854] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  288.634038][   T24] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  288.733160][ T5918] usb 2-1: Using ep0 maxpacket: 8
[  289.943777][ T5918] usb 2-1: unable to get BOS descriptor or descriptor too short
[  290.056640][ T5918] usb 2-1: unable to read config index 0 descriptor/start: -71
[  290.121556][ T5918] usb 2-1: can't read configurations, error -71
[  290.275314][   T24] usb 6-1: USB disconnect, device number 4
[  291.117453][ T7880] loop2: detected capacity change from 0 to 512
[  291.497595][ T7880] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  291.519562][ T7880] ext4 filesystem being mounted at /80/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  291.623129][ T5918] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  291.836916][ T7892] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  291.859908][ T5918] usb 2-1: Using ep0 maxpacket: 16
[  291.882687][ T5918] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  292.599314][ T5918] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  292.610501][ T5918] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  292.621471][ T5918] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  292.633446][ T5918] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  292.651999][ T5918] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  292.697484][ T5918] usb 2-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  292.761237][ T5918] usb 2-1: Manufacturer: syz
[  292.879794][ T5843] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  292.907603][ T5918] usb 2-1: config 0 descriptor??
[  293.533089][ T5918] rc_core: IR keymap rc-hauppauge not found
[  293.552394][ T5918] Registered IR keymap rc-empty
[  293.564284][ T5918] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  293.615005][ T5918] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  294.460364][ T5918] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0
[  294.475882][ T5918] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input5
[  294.516951][ T5918] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  294.573683][ T5918] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  294.613356][ T5918] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  294.639628][ T5918] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  294.675152][ T5918] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  295.384266][ T5918] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  295.413284][ T5918] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  295.539248][ T5918] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  295.737461][ T5918] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  295.948200][ T5918] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  296.141161][ T5918] mceusb 2-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  296.189091][ T5918] mceusb 2-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  296.259317][ T5918] usb 2-1: USB disconnect, device number 6
[  296.328794][ T7934] fuse: fd is not a fuse device
[  296.972318][ T7939] netlink: 4 bytes leftover after parsing attributes in process `syz.2.559'.
[  297.026033][ T7939] netlink: 4 bytes leftover after parsing attributes in process `syz.2.559'.
[  297.087920][ T7943] netlink: 4 bytes leftover after parsing attributes in process `syz.2.559'.
[  298.763095][ T5823] usb 3-1: new full-speed USB device number 5 using dummy_hcd
[  299.480611][ T5823] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  299.539295][ T5823] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  299.582716][ T5823] usb 3-1: Product: syz
[  299.628241][ T5823] usb 3-1: Manufacturer: syz
[  299.658391][ T5823] usb 3-1: SerialNumber: syz
[  299.705120][ T5823] usb 3-1: config 0 descriptor??
[  299.786292][   T30] audit: type=1326 audit(1776705899.366:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7964 comm="syz.1.569" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f25bed9c819 code=0x0
[  299.913234][ T5918] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  299.956818][ T5823] usb 3-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  300.084406][ T5918] usb 4-1: Using ep0 maxpacket: 16
[  300.094468][ T5918] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  300.109340][ T5918] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  300.135442][ T5918] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  300.161629][ T5918] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  300.182227][ T5918] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  300.215280][ T5918] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  300.235348][ T5918] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  300.253229][ T5918] usb 4-1: Manufacturer: syz
[  300.307764][ T5918] usb 4-1: config 0 descriptor??
[  300.913416][ T5918] rc_core: IR keymap rc-hauppauge not found
[  300.939302][ T5918] Registered IR keymap rc-empty
[  300.977472][ T5918] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  301.138426][ T5918] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  301.942251][ T5918] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0
[  301.963529][ T5918] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input6
[  303.301410][ T5823] dvb_usb_rtl28xxu 3-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  303.399058][ T5823] usb 3-1: USB disconnect, device number 5
[  303.476529][ T5918] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  303.513230][ T5918] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  303.604880][ T5918] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  303.657398][ T5918] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  303.690182][ T7993] netlink: 'syz.0.574': attribute type 10 has an invalid length.
[  303.700710][ T7992] bridge0: port 3(syz_tun) entered blocking state
[  303.719360][ T7992] bridge0: port 3(syz_tun) entered disabled state
[  303.762100][ T5918] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  303.829117][ T7992] syz_tun: entered allmulticast mode
[  303.844090][  T985] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  303.857310][ T5918] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  303.889166][ T7992] syz_tun: entered promiscuous mode
[  303.902112][ T7992] bridge0: port 3(syz_tun) entered blocking state
[  303.910275][ T7992] bridge0: port 3(syz_tun) entered forwarding state
[  303.933698][ T5918] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  303.994404][ T5918] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  304.001287][ T7993] bridge0: port 3(syz_tun) entered disabled state
[  304.008945][ T7993] bridge0: port 2(bridge_slave_1) entered disabled state
[  304.017411][ T7993] bridge0: port 1(bridge_slave_0) entered disabled state
[  304.023045][  T985] usb 6-1: Using ep0 maxpacket: 32
[  304.038172][ T5918] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  304.064096][  T985] usb 6-1: config 0 has no interfaces?
[  304.077441][  T985] usb 6-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  304.077573][ T7993] bridge0: port 3(syz_tun) entered blocking state
[  304.093146][ T7993] bridge0: port 3(syz_tun) entered forwarding state
[  304.099374][ T5918] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  304.100473][ T7993] bridge0: port 2(bridge_slave_1) entered blocking state
[  304.114069][ T7993] bridge0: port 2(bridge_slave_1) entered forwarding state
[  304.117043][  T985] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  304.121653][ T7993] bridge0: port 1(bridge_slave_0) entered blocking state
[  304.121936][ T7993] bridge0: port 1(bridge_slave_0) entered forwarding state
[  304.170420][ T5918] mceusb 4-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  304.174047][ T7993] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  304.195144][ T5918] mceusb 4-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  304.213833][  T985] usb 6-1: config 0 descriptor??
[  304.236783][ T5918] usb 4-1: USB disconnect, device number 7
[  304.439775][ T8010] netlink: 'syz.4.580': attribute type 11 has an invalid length.
[  304.489963][ T8010] netlink: 36 bytes leftover after parsing attributes in process `syz.4.580'.
[  304.499741][ T8013] netlink: 'syz.4.580': attribute type 10 has an invalid length.
[  304.533998][ T8013] macvlan0: entered allmulticast mode
[  304.541308][ T8012] overlayfs: failed to clone upperpath
[  304.625177][ T8013] team0: Port device macvlan0 added
[  304.891817][ T8018] overlayfs: failed to clone upperpath
[  305.025853][ T5918] usb 6-1: USB disconnect, device number 5
[  307.854598][   T24] IPVS: starting estimator thread 0...
[  307.956138][ T8050] IPVS: using max 24 ests per chain, 57600 per kthread
[  310.358762][ T8070] netlink: 'syz.4.602': attribute type 1 has an invalid length.
[  310.392381][ T8070] netlink: 'syz.4.602': attribute type 4 has an invalid length.
[  310.422655][ T8070] netlink: 15334 bytes leftover after parsing attributes in process `syz.4.602'.
[  310.938786][ T8075] netlink: 'syz.0.604': attribute type 1 has an invalid length.
[  310.963067][ T8075] netlink: 4 bytes leftover after parsing attributes in process `syz.0.604'.
[  317.909650][ T1309] ieee802154 phy0 wpan0: encryption failed: -22
[  317.920519][ T1309] ieee802154 phy1 wpan1: encryption failed: -22
[  318.309346][ T5971] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  318.437022][ T5971] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  320.306271][ T8159] netlink: 4 bytes leftover after parsing attributes in process `syz.3.628'.
[  329.640180][ T8225] loop5: detected capacity change from 0 to 32768
[  329.929675][ T5972] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  330.203439][ T5972] usb 2-1: Using ep0 maxpacket: 8
[  330.354050][ T5972] usb 2-1: config 0 has no interfaces?
[  330.384570][ T5972] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  330.397273][ T8225] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.651 (8225)
[  330.422208][ T5972] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  330.456374][ T5972] usb 2-1: config 0 descriptor??
[  331.021193][ T8243] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  331.141839][ T8243] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  331.156886][ T8225] BTRFS info (device loop5): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  331.189741][ T8225] BTRFS info (device loop5): using sha256 checksum algorithm
[  331.268562][ T8225] workqueue: Failed to create a rescuer kthread for wq "btrfs-delalloc": -EINTR
[  331.277454][ T8225] workqueue: Failed to create a rescuer kthread for wq "btrfs-flush_delalloc": -EINTR
[  331.301001][ T5972] usb 2-1: USB disconnect, device number 7
[  331.388034][ T8225] workqueue: Failed to create a rescuer kthread for wq "btrfs-cache": -EINTR
[  331.388517][ T8225] workqueue: Failed to create a rescuer kthread for wq "btrfs-fixup": -EINTR
[  331.478197][ T8225] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR
[  331.494162][ T8225] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR
[  331.952524][ T8225] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR
[  332.083602][ T8225] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR
[  332.124565][ T8225] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[  332.220544][ T8225] BTRFS error (device loop5): open_ctree failed: -12
[  333.792537][ T8303] tipc: Started in network mode
[  333.823053][ T8303] tipc: Node identity 4004, cluster identity 4711
[  333.854696][ T8303] tipc: Node number set to 16388
[  334.696764][ T8315] 9pnet: p9_errstr2errno: server reported unknown error 0x0000000000
[  335.361072][ T8328] netlink: 'syz.3.674': attribute type 29 has an invalid length.
[  335.436176][ T8328] netlink: 'syz.3.674': attribute type 29 has an invalid length.
[  335.476915][ T8328] netlink: 'syz.3.674': attribute type 32 has an invalid length.
[  335.510145][ T8328] netlink: 500 bytes leftover after parsing attributes in process `syz.3.674'.
[  335.553960][ T8330] netlink: 8 bytes leftover after parsing attributes in process `syz.2.675'.
[  335.590433][ T8330] netlink: 8 bytes leftover after parsing attributes in process `syz.2.675'.
[  339.204434][ T8353] overlayfs: failed to clone upperpath
[  340.422910][ T8359] netlink: 24 bytes leftover after parsing attributes in process `syz.1.685'.
[  340.916638][ T8373] No control pipe specified
[  341.632249][ T8372] netlink: 'syz.5.688': attribute type 11 has an invalid length.
[  341.675174][ T8372] netlink: 36 bytes leftover after parsing attributes in process `syz.5.688'.
[  341.740935][ T8379] netlink: 'syz.5.688': attribute type 10 has an invalid length.
[  341.811489][ T8379] macvlan0: entered allmulticast mode
[  341.868832][ T8379] veth1_vlan: entered allmulticast mode
[  341.902195][ T8382] netlink: 12 bytes leftover after parsing attributes in process `syz.4.691'.
[  341.959726][ T8379] team0: Port device macvlan0 added
[  342.100421][ T8391] netlink: 28 bytes leftover after parsing attributes in process `syz.4.691'.
[  342.157537][ T8388] netlink: 12 bytes leftover after parsing attributes in process `syz.0.693'.
[  342.251900][ T8382] 8021q: adding VLAN 0 to HW filter on device bond1
[  342.637454][ T8385] bond1: (slave dummy0): Enslaving as an active interface with an up link
[  342.679439][ T8391] bond1: entered promiscuous mode
[  342.704671][ T8391] dummy0: entered promiscuous mode
[  342.960181][   T50] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201'
[  342.971312][   T50] CPU: 1 UID: 0 PID: 50 Comm: kworker/u9:0 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  342.971376][   T50] Tainted: [L]=SOFTLOCKUP
[  342.971392][   T50] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  342.971414][   T50] Workqueue: hci3 hci_rx_work
[  342.971455][   T50] Call Trace:
[  342.971468][   T50]  <TASK>
[  342.971480][   T50]  dump_stack_lvl+0x100/0x190
[  342.971517][   T50]  sysfs_warn_dup.cold+0x1c/0x28
[  342.971569][   T50]  sysfs_create_dir_ns+0x24b/0x2b0
[  342.971622][   T50]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  342.971673][   T50]  ? preempt_schedule_common+0x42/0xc0
[  342.971717][   T50]  ? preempt_schedule_thunk+0x16/0x30
[  342.971791][   T50]  kobject_add_internal+0x2c8/0x930
[  342.971859][   T50]  kobject_add+0x16a/0x1e0
[  342.971906][   T50]  ? __pfx_kobject_add+0x10/0x10
[  342.971951][   T50]  ? preempt_schedule_thunk+0x16/0x30
[  342.972010][   T50]  ? srso_alias_return_thunk+0x5/0xfbef5
[  342.972054][   T50]  ? kobject_put+0xb9/0x640
[  342.972093][   T50]  ? _raw_spin_unlock+0x3e/0x50
[  342.972162][   T50]  device_add+0x294/0x1950
[  342.972234][   T50]  ? __pfx_dev_set_name+0x10/0x10
[  342.972281][   T50]  ? __pfx_device_add+0x10/0x10
[  342.972353][   T50]  ? srso_alias_return_thunk+0x5/0xfbef5
[  342.972404][   T50]  ? mgmt_send_event_skb+0x2fb/0x460
[  342.972488][   T50]  hci_conn_add_sysfs+0x1a3/0x260
[  342.972549][   T50]  le_conn_complete_evt+0x11eb/0x1f60
[  342.972604][   T50]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  342.972645][   T50]  ? srso_alias_return_thunk+0x5/0xfbef5
[  342.972698][   T50]  hci_le_conn_complete_evt+0x23c/0x3a0
[  342.972741][   T50]  ? skb_pull_data+0x15f/0x1e0
[  342.972803][   T50]  hci_le_meta_evt+0x34a/0x5f0
[  342.972850][   T50]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[  342.972896][   T50]  hci_event_packet+0x51c/0xcd0
[  342.972934][   T50]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  342.972995][   T50]  ? __pfx_hci_event_packet+0x10/0x10
[  342.973058][   T50]  ? kcov_remote_start+0x384/0x660
[  342.973122][   T50]  hci_rx_work+0x451/0xfc0
[  342.973185][   T50]  process_one_work+0xa0e/0x1980
[  342.973252][   T50]  ? __pfx_process_one_work+0x10/0x10
[  342.973290][   T50]  ? srso_alias_return_thunk+0x5/0xfbef5
[  342.973345][   T50]  ? srso_alias_return_thunk+0x5/0xfbef5
[  342.973392][   T50]  worker_thread+0x5ef/0xe50
[  342.973451][   T50]  ? kthread+0x13a/0x450
[  342.973483][   T50]  ? __pfx_worker_thread+0x10/0x10
[  342.973521][   T50]  kthread+0x370/0x450
[  342.973567][   T50]  ? __pfx_kthread+0x10/0x10
[  342.973620][   T50]  ret_from_fork+0x72b/0xd50
[  342.973661][   T50]  ? __pfx_ret_from_fork+0x10/0x10
[  342.973705][   T50]  ? srso_alias_return_thunk+0x5/0xfbef5
[  342.973750][   T50]  ? __switch_to+0x800/0x1100
[  342.973800][   T50]  ? __switch_to_asm+0x39/0x70
[  342.973844][   T50]  ? __pfx_kthread+0x10/0x10
[  342.973883][   T50]  ret_from_fork_asm+0x1a/0x30
[  342.973946][   T50]  </TASK>
[  343.333365][   T50] kobject: kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  343.349504][   T50] Bluetooth: hci3: failed to register connection device
[  343.599991][ T8391] bond1: entered allmulticast mode
[  343.605972][ T8391] dummy0: entered allmulticast mode
[  344.384629][ T8419] IPv6: NLM_F_REPLACE set, but no existing node found!
[  345.227632][   T30] audit: type=1804 audit(1776705944.806:33): pid=8417 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.702" name="file0" dev="ramfs" ino=15154 res=1 errno=0
[  346.992554][ T8445] netlink: 'syz.3.708': attribute type 11 has an invalid length.
[  347.015479][ T8445] netlink: 36 bytes leftover after parsing attributes in process `syz.3.708'.
[  347.077823][ T8445] netlink: 'syz.3.708': attribute type 10 has an invalid length.
[  347.114636][ T8445] macvlan0: entered allmulticast mode
[  347.175925][ T8445] veth1_vlan: entered allmulticast mode
[  347.236004][ T8445] team0: Port device macvlan0 added
[  347.243103][ T5926] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  347.416598][ T5926] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  347.633661][ T5926] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  348.413836][ T5926] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  348.427947][ T5926] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  348.644579][ T5926] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  348.719564][ T5926] usb 3-1: config 0 descriptor??
[  349.172856][ T8464] xt_CT: You must specify a L4 protocol and not use inversions on it
[  350.125664][ T8469] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  350.146406][ T8470] netlink: 4 bytes leftover after parsing attributes in process `syz.5.714'.
[  350.168067][ T8469] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  352.113329][   T24] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  352.469565][   T24] usb 4-1: Using ep0 maxpacket: 8
[  352.483510][   T24] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  352.499482][   T24] usb 4-1: config 0 has no interface number 0
[  352.507810][   T24] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  352.546715][   T24] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  352.594402][   T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  353.374582][ T5926] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  353.438228][   T24] usb 4-1: config 0 descriptor??
[  353.658113][   T24] usb 4-1: can't set config #0, error -71
[  353.689771][   T24] usb 4-1: USB disconnect, device number 8
[  353.833165][ T5926] usb 3-1: USB disconnect, device number 6
[  355.933921][    T0] NOHZ tick-stop error: local softirq work is pending, handler #c0!!!
[  356.244702][   T50] Bluetooth: hci4: command 0x0406 tx timeout
[  356.488505][ T8515] netlink: 4 bytes leftover after parsing attributes in process `syz.4.728'.
[  356.547150][ T8515] netlink: 24 bytes leftover after parsing attributes in process `syz.4.728'.
[  356.846088][ T5971] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  357.100181][ T5157] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci5/hci5:201'
[  357.113348][ T5157] CPU: 0 UID: 0 PID: 5157 Comm: kworker/u9:1 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  357.113439][ T5157] Tainted: [L]=SOFTLOCKUP
[  357.113463][ T5157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  357.113504][ T5157] Workqueue: hci5 hci_rx_work
[  357.113570][ T5157] Call Trace:
[  357.113587][ T5157]  <TASK>
[  357.113608][ T5157]  dump_stack_lvl+0x100/0x190
[  357.113672][ T5157]  sysfs_warn_dup.cold+0x1c/0x28
[  357.113765][ T5157]  sysfs_create_dir_ns+0x24b/0x2b0
[  357.113864][ T5157]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  357.113953][ T5157]  ? find_held_lock+0x2b/0x80
[  357.114049][ T5157]  ? kobject_add_internal+0x25f/0x930
[  357.114131][ T5157]  ? kobject_add_internal+0x25f/0x930
[  357.114226][ T5157]  ? srso_alias_return_thunk+0x5/0xfbef5
[  357.114302][ T5157]  ? do_raw_spin_unlock+0x145/0x1e0
[  357.114388][ T5157]  kobject_add_internal+0x2c8/0x930
[  357.114475][ T5157]  kobject_add+0x16a/0x1e0
[  357.114553][ T5157]  ? __pfx_kobject_add+0x10/0x10
[  357.114627][ T5157]  ? class_to_subsys+0x10f/0x150
[  357.114683][ T5157]  ? srso_alias_return_thunk+0x5/0xfbef5
[  357.114752][ T5157]  ? srso_alias_return_thunk+0x5/0xfbef5
[  357.114819][ T5157]  ? kobject_put+0xb9/0x640
[  357.114882][ T5157]  ? _raw_spin_unlock+0x28/0x50
[  357.114988][ T5157]  device_add+0x294/0x1950
[  357.115080][ T5157]  ? __pfx_dev_set_name+0x10/0x10
[  357.115137][ T5157]  ? __pfx_device_add+0x10/0x10
[  357.115221][ T5157]  ? srso_alias_return_thunk+0x5/0xfbef5
[  357.115282][ T5157]  ? mgmt_send_event_skb+0x2fb/0x460
[  357.115355][ T5157]  hci_conn_add_sysfs+0x1a3/0x260
[  357.115423][ T5157]  le_conn_complete_evt+0x11eb/0x1f60
[  357.115499][ T5157]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  357.115562][ T5157]  ? srso_alias_return_thunk+0x5/0xfbef5
[  357.115635][ T5157]  hci_le_conn_complete_evt+0x23c/0x3a0
[  357.115690][ T5157]  ? skb_pull_data+0x15f/0x1e0
[  357.115772][ T5157]  hci_le_meta_evt+0x34a/0x5f0
[  357.115833][ T5157]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[  357.115895][ T5157]  hci_event_packet+0x51c/0xcd0
[  357.115948][ T5157]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  357.116010][ T5157]  ? __pfx_hci_event_packet+0x10/0x10
[  357.116075][ T5157]  ? kcov_remote_start+0x384/0x660
[  357.116138][ T5157]  hci_rx_work+0x451/0xfc0
[  357.116201][ T5157]  process_one_work+0xa0e/0x1980
[  357.116288][ T5157]  ? __pfx_process_one_work+0x10/0x10
[  357.116345][ T5157]  ? srso_alias_return_thunk+0x5/0xfbef5
[  357.116426][ T5157]  ? srso_alias_return_thunk+0x5/0xfbef5
[  357.116502][ T5157]  worker_thread+0x5ef/0xe50
[  357.116574][ T5157]  ? __pfx_worker_thread+0x10/0x10
[  357.116636][ T5157]  ? kthread+0x13a/0x450
[  357.116683][ T5157]  ? __pfx_worker_thread+0x10/0x10
[  357.116738][ T5157]  kthread+0x370/0x450
[  357.116785][ T5157]  ? __pfx_kthread+0x10/0x10
[  357.116837][ T5157]  ret_from_fork+0x72b/0xd50
[  357.116897][ T5157]  ? __pfx_ret_from_fork+0x10/0x10
[  357.116953][ T5157]  ? srso_alias_return_thunk+0x5/0xfbef5
[  357.117013][ T5157]  ? __switch_to+0x800/0x1100
[  357.117085][ T5157]  ? __switch_to_asm+0x39/0x70
[  357.117152][ T5157]  ? __pfx_kthread+0x10/0x10
[  357.117206][ T5157]  ret_from_fork_asm+0x1a/0x30
[  357.117299][ T5157]  </TASK>
[  357.120315][ T5157] kobject: kobject_add_internal failed for hci5:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  357.143062][ T5971] usb 2-1: Using ep0 maxpacket: 16
[  357.149318][ T5157] Bluetooth: hci5: failed to register connection device
[  357.736364][ T5971] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  357.779247][ T5971] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  357.876019][ T5971] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  357.928970][ T5971] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  357.970328][ T5971] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  358.037275][ T5971] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  358.072196][ T5971] usb 2-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  358.105378][ T5971] usb 2-1: Manufacturer: syz
[  358.150383][ T5971] usb 2-1: config 0 descriptor??
[  358.303726][ T5157] Bluetooth: hci4: command 0x0406 tx timeout
[  358.323167][ T8527] loop3: detected capacity change from 0 to 512
[  359.514845][ T8527] EXT4-fs: Ignoring removed orlov option
[  360.764092][ T8527] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  361.061179][ T8527] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002]
[  361.984226][ T8527] EXT4-fs error (device loop3): ext4_iget_extra_inode:5127: inode #15: comm syz.3.733: corrupted in-inode xattr: e_value size too large
[  362.057858][ T8527] loop3: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  362.063346][    C0] EXT4-fs (loop3): error count since last fsck: 1
[  362.079033][    C0] EXT4-fs (loop3): initial error at time 1776705961: ext4_iget_extra_inode:5127: inode 15
[  362.088998][    C0] EXT4-fs (loop3): last error at time 1776705961: ext4_iget_extra_inode:5127: inode 15
[  362.126335][ T8527] EXT4-fs error (device loop3): ext4_orphan_get:1400: comm syz.3.733: couldn't read orphan inode 15 (err -117)
[  362.197197][ T8527] loop3: lost filesystem error report for type 5 error -117
[  363.107937][ T8527] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  363.643299][ T5157] Bluetooth: hci3: command 0x0406 tx timeout
[  364.023447][    T0] NOHZ tick-stop error: local softirq work is pending, handler #c2!!!
[  364.337964][ T5971] rc_core: IR keymap rc-hauppauge not found
[  364.350992][ T5971] Registered IR keymap rc-empty
[  364.356160][ T5971] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  364.383149][ T5971] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  364.422017][ T5971] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0
[  364.708619][ T5971] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input7
[  365.561432][ T5971] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  365.615741][ T5971] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  365.674844][ T5971] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  365.713917][ T5847] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  365.724483][ T5971] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  365.776883][ T5971] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  365.834596][ T5971] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  365.915228][ T5971] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  365.993451][ T5971] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  366.145573][   T50] Bluetooth: hci3: command 0x0406 tx timeout
[  366.213261][ T5971] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  366.993380][ T5971] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  367.047775][ T5971] mceusb 2-1:0.0: Registered  with mce emulator interface version 1
[  367.093031][ T5971] mceusb 2-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  367.166661][ T5971] usb 2-1: USB disconnect, device number 8
[  368.856258][ T8599] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  368.866646][ T8591] loop1: detected capacity change from 0 to 4096
[  370.910485][ T8591] ntfs3(loop1): Failed to read $AttrDef (-4).
[  374.583162][ T5918] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  374.784057][ T5918] usb 6-1: Using ep0 maxpacket: 16
[  374.839900][ T5918] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  375.771479][ T5918] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  375.908151][ T5918] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  376.744688][ T5918] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  376.755089][ T5918] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  376.782866][ T5918] usb 6-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  376.965970][ T5918] usb 6-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  376.986609][ T8679] loop3: detected capacity change from 0 to 16
[  377.162228][ T5918] usb 6-1: Manufacturer: syz
[  378.859596][ T5918] usb 6-1: config 0 descriptor??
[  378.971226][ T5918] usb 6-1: can't set config #0, error -71
[  379.129235][ T5918] usb 6-1: USB disconnect, device number 6
[  379.236317][ T8690] fuse: fd is not a fuse device
[  379.364774][ T1309] ieee802154 phy0 wpan0: encryption failed: -22
[  379.375463][ T1309] ieee802154 phy1 wpan1: encryption failed: -22
[  379.659470][ T8679] erofs (device loop3): mounted with root inode @ nid 36.
[  382.328551][ T8715] No such timeout policy "syz0"
[  383.150994][ T8720] overlayfs: failed to clone upperpath
[  383.267494][ T8726] fuse: Bad value for 'fd'
[  384.686016][ T8735] netlink: 'syz.3.790': attribute type 1 has an invalid length.
[  384.716821][ T8735] netlink: 'syz.3.790': attribute type 4 has an invalid length.
[  384.760047][ T8735] netlink: 15334 bytes leftover after parsing attributes in process `syz.3.790'.
[  384.849801][ T8737] fuse: fd is not a fuse device
[  385.109256][ T8744] syzkaller0: entered promiscuous mode
[  385.321563][ T8744] syzkaller0: entered allmulticast mode
[  385.417931][ T8747] No control pipe specified
[  386.648550][ T8753] loop2: detected capacity change from 0 to 128
[  386.936550][ T8762] loop3: detected capacity change from 0 to 512
[  387.078292][ T8762] EXT4-fs: Mount option(s) incompatible with ext2
[  388.838467][ T8776] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  391.391902][ T8799] ecryptfs_validate_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README
[  391.408092][ T8799] Error validating options; rc = [-22]
[  392.234697][ T8803] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  392.245566][ T8803] overlayfs: failed to set xattr on upper
[  392.251344][ T8803] overlayfs: ...falling back to redirect_dir=nofollow.
[  392.259593][ T8803] overlayfs: ...falling back to index=off.
[  392.265628][ T8803] overlayfs: ...falling back to uuid=null.
[  392.342155][ T8803] overlayfs: overlay with incompat feature 'volatile' cannot be mounted
[  392.611308][ T8810] loop3: detected capacity change from 0 to 8
[  393.568958][ T8819] SQUASHFS error: lzo decompression failed, data probably corrupt
[  393.577485][ T8819] SQUASHFS error: Failed to read block 0x0: -5
[  393.584899][ T8819] SQUASHFS error: Failed to read block 0xff: -5
[  393.596009][ T8819] SQUASHFS error: lzo decompression failed, data probably corrupt
[  393.604327][ T8819] SQUASHFS error: Failed to read block 0x0: -5
[  393.686497][ T8819] SQUASHFS error: lzo decompression failed, data probably corrupt
[  393.694762][ T8819] SQUASHFS error: Failed to read block 0x0: -5
[  394.338284][   T30] audit: type=1800 audit(1776705993.196:34): pid=8819 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.819" name="file2" dev="loop3" ino=3 res=0 errno=0
[  395.321154][   T30] audit: type=1800 audit(1776705993.286:35): pid=8819 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.819" name="file2" dev="loop3" ino=3 res=0 errno=0
[  395.753685][   T30] audit: type=1804 audit(1776705995.066:36): pid=8824 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.820" name="bus" dev="ramfs" ino=17680 res=1 errno=0
[  395.776537][   T30] audit: type=1804 audit(1776705995.066:37): pid=8824 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.820" name="bus" dev="ramfs" ino=17680 res=1 errno=0
[  395.912664][ T8830] No control pipe specified
[  396.900497][ T8836] xt_hashlimit: size too large, truncated to 1048576
[  396.938528][ T8835] loop3: detected capacity change from 0 to 512
[  396.989760][ T8837] ¾x9ÿ: renamed from bridge_slave_0 (while UP)
[  397.643856][ T8835] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  402.136534][ T5847] EXT4-fs error (device loop3): ext4_free_branches:1020: inode #13: comm syz-executor: invalid indirect mapped block 1280 (level 0)
[  402.221815][ T5847] loop3: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117
[  402.272864][ T5847] EXT4-fs error (device loop3): ext4_lookup:1785: inode #14: comm syz-executor: unexpected EA_INODE flag
[  402.378278][ T5847] EXT4-fs error (device loop3): ext4_lookup:1785: inode #14: comm syz-executor: unexpected EA_INODE flag
[  407.631346][ T5847] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  409.027771][ T1097] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  410.311461][ T1097] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  410.804240][ T1097] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  411.772183][   T50] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  411.787178][   T50] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  411.824163][   T50] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  411.848370][   T50] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  411.861243][   T50] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  411.924377][ T1097] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  412.155454][ T8954] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  413.001791][ T8978] loop5: detected capacity change from 0 to 4096
[  413.075066][ T8978] EXT4-fs (loop5): stripe (9) is not aligned with cluster size (16), stripe is disabled
[  413.162168][ T8978] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a816c118, mo2=0002]
[  413.223821][ T8978] System zones: 0-5
[  413.280925][ T8978] EXT4-fs warning (device loop5): ext4_enable_quotas:7265: Failed to enable quota tracking (type=0, err=-22, ino=3). Please run e2fsck to fix.
[  413.375177][ T8978] EXT4-fs (loop5): mount failed
[  413.988281][ T5157] Bluetooth: hci4: command tx timeout
[  415.636590][ T1097] bridge_slave_1: left allmulticast mode
[  415.656244][ T1097] bridge_slave_1: left promiscuous mode
[  415.688517][ T1097] bridge0: port 2(bridge_slave_1) entered disabled state
[  415.767230][ T1097] bridge_slave_0: left allmulticast mode
[  415.783061][ T1097] bridge_slave_0: left promiscuous mode
[  415.807013][ T1097] bridge0: port 1(bridge_slave_0) entered disabled state
[  416.063124][ T5157] Bluetooth: hci4: command tx timeout
[  417.313784][ T9012] netlink: 'syz.2.874': attribute type 1 has an invalid length.
[  418.271687][ T5157] Bluetooth: hci4: command tx timeout
[  418.646619][ T9025] netlink: 28 bytes leftover after parsing attributes in process `syz.2.874'.
[  418.762877][ T9027] fuse: fd is not a fuse device
[  418.827151][   T24] kernel read not supported for file /newroot/177/file0 (pid: 24 comm: kworker/1:0)
[  419.155744][ T9036] overlayfs: failed to clone upperpath
[  420.326069][ T5157] Bluetooth: hci4: command tx timeout
[  420.400387][ T1097] bond1 (unregistering): (slave sit1): Releasing backup interface
[  420.448755][ T1097] sit1 (unregistering): left promiscuous mode
[  420.867271][ T9054] loop1: detected capacity change from 0 to 32768
[  420.944796][ T9054] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  421.069056][ T9054] XFS (loop1): Ending clean mount
[  421.089104][ T9054] XFS (loop1): Quotacheck needed: Please wait.
[  421.405810][ T9054] XFS (loop1): Quotacheck: Done.
[  421.487303][ T1097] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  421.500228][   T30] audit: type=1800 audit(1776706021.086:38): pid=9054 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.882" name="file1" dev="loop1" ino=4422 res=0 errno=0
[  421.832289][   T30] audit: type=1800 audit(1776706021.136:39): pid=9054 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.882" name="file1" dev="loop1" ino=4422 res=0 errno=0
[  422.398144][ T1097] bond0 (unregistering): Released all slaves
[  422.429051][ T1097] bond1 (unregistering): Released all slaves
[  422.574922][ T1097] bond2 (unregistering): Released all slaves
[  422.894177][ T5846] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  423.576584][   T30] audit: type=1804 audit(1776706023.156:40): pid=9082 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.890" name="file0" dev="tmpfs" ino=912 res=1 errno=0
[  423.655734][ T9012] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[  423.715270][ T9082] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -22741, delta: 1
[  423.765386][ T5501] 8021q: adding VLAN 0 to HW filter on device eth1
[  423.790852][ T1097] tipc: Disabling bearer <udp:syz2>
[  423.792536][ T9082] ref_ctr increment failed for inode: 0x390 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff888032448c40
[  423.800346][ T1097] tipc: Disabling bearer <eth:veth0_macvtap>
[  423.811850][ T9081] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -22741, delta: -1
[  423.916486][ T1097] tipc: Left network mode
[  423.985105][ T9081] ref_ctr decrement failed for inode: 0x390 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff888032448c40
[  424.083389][ T9081] uprobe: syz.0.890:9081 failed to unregister, leaking uprobe
[  424.675813][ T9087] 
[  425.150380][ T8952] chnl_net:caif_netlink_parms(): no params data found
[  428.292157][ T5971] IPVS: starting estimator thread 0...
[  428.633613][ T9119] IPVS: using max 26 ests per chain, 62400 per kthread
[  429.283382][ T9146] could not allocate digest TFM handle hmac(streebog512)
[  430.855526][ T9161] loop2: detected capacity change from 0 to 8
[  431.684495][ T9169] SQUASHFS error: lzo decompression failed, data probably corrupt
[  431.692589][ T9169] SQUASHFS error: Failed to read block 0x0: -5
[  431.704452][ T9169] SQUASHFS error: Failed to read block 0xff: -5
[  431.713006][ T9169] SQUASHFS error: lzo decompression failed, data probably corrupt
[  431.720921][ T9169] SQUASHFS error: Failed to read block 0x0: -5
[  432.233234][   T30] audit: type=1800 audit(1776706031.316:41): pid=9169 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.903" name="file2" dev="loop2" ino=3 res=0 errno=0
[  432.581891][ T9175] fuse: fd is not a fuse device
[  432.753770][ T9180] loop5: detected capacity change from 0 to 256
[  432.826962][ T9180] exFAT-fs (loop5): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  432.995556][ T9180] exFAT-fs (loop5): start_clu is invalid cluster(0xffffffff)
[  434.408531][ T8952] bridge0: port 1(bridge_slave_0) entered blocking state
[  434.460190][ T8952] bridge0: port 1(bridge_slave_0) entered disabled state
[  435.453295][ T8952] bridge_slave_0: entered allmulticast mode
[  435.638049][ T8952] bridge_slave_0: entered promiscuous mode
[  436.952810][ T9213] loop1: detected capacity change from 0 to 1024
[  437.033406][ T9213] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  438.519698][ T9221] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  439.209798][ T8952] bridge0: port 2(bridge_slave_1) entered blocking state
[  439.242189][ T8952] bridge0: port 2(bridge_slave_1) entered disabled state
[  439.263421][ T8952] bridge_slave_1: entered allmulticast mode
[  439.327839][ T9210] syz.0.913 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  439.358724][ T8952] bridge_slave_1: entered promiscuous mode
[  439.365242][ T5846] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  440.413930][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  440.662003][ T5501] 8021q: adding VLAN 0 to HW filter on device eth2
[  440.855319][ T1309] ieee802154 phy0 wpan0: encryption failed: -22
[  441.043761][ T1309] ieee802154 phy1 wpan1: encryption failed: -22
[  442.123788][ T9232] vlan2: entered promiscuous mode
[  442.137224][ T9232] vlan2: entered allmulticast mode
[  442.147144][ T9232] hsr_slave_1: entered allmulticast mode
[  442.201065][ T9242] netlink: 4 bytes leftover after parsing attributes in process `syz.0.923'.
[  442.378781][ T1097] hsr_slave_0: left promiscuous mode
[  442.385443][ T1097] hsr_slave_1: left promiscuous mode
[  442.392113][ T1097] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  442.399723][ T1097] batman_adv: batadv0: Removing interface: batadv_slave_0
[  443.086676][ T1097] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  443.149414][ T1097] batman_adv: batadv0: Removing interface: batadv_slave_1
[  443.308508][ T1097] veth1_macvtap: left promiscuous mode
[  443.317204][ T1097] veth0_macvtap: left promiscuous mode
[  443.327551][ T1097] veth1_vlan: left allmulticast mode
[  443.333118][ T1097] veth1_vlan: left promiscuous mode
[  443.338579][ T1097] veth0_vlan: left promiscuous mode
[  443.599450][ T9258] SET target dimension over the limit!
[  444.039121][ T1097] team0 (unregistering): Port device macvlan0 removed
[  444.442248][ T9271] netlink: 4 bytes leftover after parsing attributes in process `syz.4.929'.
[  445.290992][ T1097] team0 (unregistering): Port device team_slave_1 removed
[  445.347169][ T1097] team0 (unregistering): Port device team_slave_0 removed
[  445.720546][ T8952] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  445.756764][ T9267] syz_tun: entered allmulticast mode
[  445.869760][ T9271] syz_tun (unregistering): left allmulticast mode
[  446.035021][ T9287] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  446.081659][ T8952] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  446.335966][ T8952] team0: Port device team_slave_0 added
[  446.348148][ T8952] team0: Port device team_slave_1 added
[  446.758726][ T8952] batman_adv: batadv0: Adding interface: batadv_slave_0
[  446.787417][ T8952] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  446.821620][ T8952] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  446.888149][ T8952] batman_adv: batadv0: Adding interface: batadv_slave_1
[  447.860817][ T8952] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  447.887076][  T985] IPVS: starting estimator thread 0...
[  447.894969][ T8952] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  448.053063][ T9304] IPVS: using max 30 ests per chain, 72000 per kthread
[  448.095784][ T9310] fuse: fd is not a fuse device
[  448.249157][ T8952] hsr_slave_0: entered promiscuous mode
[  448.458209][ T8952] hsr_slave_1: entered promiscuous mode
[  448.466143][ T8952] debugfs: 'hsr0' already exists in 'hsr'
[  448.471947][ T8952] Cannot create hsr debugfs directory
[  449.323093][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  451.031694][ T9329] loop5: detected capacity change from 0 to 1024
[  451.078888][ T9329] EXT4-fs: inline encryption not supported
[  452.770396][ T9344] fuse: fd is not a fuse device
[  452.880625][ T9329] EXT4-fs (loop5): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  452.980876][ T9329] ext4 filesystem being mounted at /145/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  453.415083][ T5849] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  455.544422][ T9373] Set syz0 is full, maxelem 0 reached
[  456.074235][ T5501] 8021q: adding VLAN 0 to HW filter on device eth3
[  458.797648][ T9400] netlink: 8 bytes leftover after parsing attributes in process `syz.0.961'.
[  460.133040][    T0] NOHZ tick-stop error: local softirq work is pending, handler #12!!!
[  460.985015][ T9411] loop1: detected capacity change from 0 to 512
[  461.072385][ T9411] EXT4-fs: Mount option(s) incompatible with ext2
[  461.088040][ T9420] netlink: 4 bytes leftover after parsing attributes in process `syz.4.968'.
[  462.282220][ T8952] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  462.520288][ T8952] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  462.543571][ T8952] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  463.511023][ T8952] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  463.547428][   T30] audit: type=1326 audit(1776706063.136:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9426 comm="syz.0.970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82aa79c819 code=0x7ffc0000
[  463.571600][ T8952] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  463.617913][   T30] audit: type=1326 audit(1776706063.136:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9426 comm="syz.0.970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82aa79c819 code=0x7ffc0000
[  463.677834][ T8952] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  463.713908][   T30] audit: type=1326 audit(1776706063.246:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9426 comm="syz.0.970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=131 compat=0 ip=0x7f82aa79c819 code=0x7ffc0000
[  463.739627][ T8952] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  463.817764][   T30] audit: type=1326 audit(1776706063.246:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9426 comm="syz.0.970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82aa79c819 code=0x7ffc0000
[  463.858992][   T30] audit: type=1326 audit(1776706063.266:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9426 comm="syz.0.970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f82aa79c819 code=0x7ffc0000
[  463.953023][   T30] audit: type=1326 audit(1776706063.266:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9426 comm="syz.0.970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82aa79c819 code=0x7ffc0000
[  464.025358][   T30] audit: type=1326 audit(1776706063.266:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9426 comm="syz.0.970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82aa79c819 code=0x7ffc0000
[  464.086243][ T8952] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  464.099013][   T30] audit: type=1326 audit(1776706063.266:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9426 comm="syz.0.970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f82aa79c819 code=0x7ffc0000
[  464.141086][   T30] audit: type=1326 audit(1776706063.266:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9426 comm="syz.0.970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f82aa79c819 code=0x7ffc0000
[  464.423426][   T30] audit: type=1326 audit(1776706063.266:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9426 comm="syz.0.970" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f82aa79c819 code=0x7ffc0000
[  469.376436][ T8952] 8021q: adding VLAN 0 to HW filter on device bond0
[  471.368071][ T8952] 8021q: adding VLAN 0 to HW filter on device team0
[  471.477964][ T6222] bridge0: port 1(bridge_slave_0) entered blocking state
[  471.485268][ T6222] bridge0: port 1(bridge_slave_0) entered forwarding state
[  471.597600][ T6222] bridge0: port 2(bridge_slave_1) entered blocking state
[  471.604890][ T6222] bridge0: port 2(bridge_slave_1) entered forwarding state
[  471.619596][ T9499] netlink: 4 bytes leftover after parsing attributes in process `syz.5.986'.
[  471.760946][ T9488] loop1: detected capacity change from 0 to 8192
[  472.104496][ T9508] syzkaller0: entered promiscuous mode
[  472.137326][ T9508] syzkaller0: entered allmulticast mode
[  473.779700][   T50] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  473.800643][   T50] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  473.802613][ T5501] 8021q: adding VLAN 0 to HW filter on device eth4
[  473.828854][   T50] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  473.854503][   T50] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  473.867747][   T50] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  475.629971][ T5823] IPVS: starting estimator thread 0...
[  475.723938][ T9541] IPVS: using max 22 ests per chain, 52800 per kthread
[  475.983498][ T5157] Bluetooth: hci6: command tx timeout
[  477.702485][ T9517] chnl_net:caif_netlink_parms(): no params data found
[  477.859024][ T9517] bridge0: port 1(bridge_slave_0) entered blocking state
[  477.867186][ T9517] bridge0: port 1(bridge_slave_0) entered disabled state
[  477.874763][ T9517] bridge_slave_0: entered allmulticast mode
[  477.882443][ T9517] bridge_slave_0: entered promiscuous mode
[  477.894768][ T9517] bridge0: port 2(bridge_slave_1) entered blocking state
[  477.902088][ T9517] bridge0: port 2(bridge_slave_1) entered disabled state
[  477.910606][ T9517] bridge_slave_1: entered allmulticast mode
[  477.919959][ T9517] bridge_slave_1: entered promiscuous mode
[  477.987275][ T9517] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  478.011230][ T9517] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  478.063888][ T5157] Bluetooth: hci6: command tx timeout
[  478.105246][ T9517] team0: Port device team_slave_0 added
[  478.119601][ T6987] bridge_slave_1: left allmulticast mode
[  478.125449][ T6987] bridge_slave_1: left promiscuous mode
[  478.136381][ T6987] bridge0: port 2(bridge_slave_1) entered disabled state
[  478.154995][ T6987] bridge_slave_0: left allmulticast mode
[  478.161724][ T6987] bridge_slave_0: left promiscuous mode
[  478.167799][ T6987] bridge0: port 1(bridge_slave_0) entered disabled state
[  478.465797][ T6987] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  478.477527][ T6987] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  478.488316][ T6987] bond0 (unregistering): Released all slaves
[  478.503616][ T9517] team0: Port device team_slave_1 added
[  478.566201][ T9517] batman_adv: batadv0: Adding interface: batadv_slave_0
[  478.573618][ T9517] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  478.600657][ T9517] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  478.636187][ T9517] batman_adv: batadv0: Adding interface: batadv_slave_1
[  478.651095][ T9517] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  478.678106][ T9517] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  478.731015][ T6987] hsr_slave_0: left promiscuous mode
[  478.739329][ T6987] hsr_slave_1: left promiscuous mode
[  478.745701][ T6987] batman_adv: batadv0: Removing interface: batadv_slave_0
[  478.754256][ T6987] batman_adv: batadv0: Removing interface: batadv_slave_1
[  478.998734][ T6987] team0 (unregistering): Port device team_slave_1 removed
[  479.019327][ T6987] team0 (unregistering): Port device team_slave_0 removed
[  479.343683][ T9517] hsr_slave_0: entered promiscuous mode
[  479.365147][ T9517] hsr_slave_1: entered promiscuous mode
[  479.373776][ T9517] debugfs: 'hsr0' already exists in 'hsr'
[  479.393005][ T9517] Cannot create hsr debugfs directory
[  480.140904][ T5501] 8021q: adding VLAN 0 to HW filter on device eth5
[  480.154574][ T5157] Bluetooth: hci6: command tx timeout
[  480.454336][ T9517] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  480.465888][ T9517] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  480.474099][ T9517] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  480.487947][ T9517] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  480.496440][ T9517] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  480.507925][ T9517] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  480.518144][ T9517] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  480.534975][ T9517] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  480.669983][ T9517] 8021q: adding VLAN 0 to HW filter on device bond0
[  480.705720][ T9517] 8021q: adding VLAN 0 to HW filter on device team0
[  480.727721][ T6989] bridge0: port 1(bridge_slave_0) entered blocking state
[  480.734957][ T6989] bridge0: port 1(bridge_slave_0) entered forwarding state
[  480.756453][ T6989] bridge0: port 2(bridge_slave_1) entered blocking state
[  480.763679][ T6989] bridge0: port 2(bridge_slave_1) entered forwarding state
[  481.092034][ T9517] 8021q: adding VLAN 0 to HW filter on device batadv0
[  481.397646][ T9517] veth0_vlan: entered promiscuous mode
[  481.412230][ T9517] veth1_vlan: entered promiscuous mode
[  481.446608][ T9517] veth0_macvtap: entered promiscuous mode
[  481.458038][ T9517] veth1_macvtap: entered promiscuous mode
[  481.479633][ T9517] batman_adv: batadv0: Interface activated: batadv_slave_0
[  481.496203][ T9517] batman_adv: batadv0: Interface activated: batadv_slave_1
[  481.518279][ T6989] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  481.528032][ T6989] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  481.539021][ T6989] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  481.549537][ T6989] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  481.667409][ T6989] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  481.675722][ T6989] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  481.720448][   T48] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  481.729754][   T48] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  481.864980][ T9611] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1008'.
[  481.891230][ T9611] bridge0: port 3(syz_tun) entered disabled state
[  481.952862][ T9611] syz_tun (unregistering): left allmulticast mode
[  481.959779][ T9611] syz_tun (unregistering): left promiscuous mode
[  481.986716][ T9611] bridge0: port 3(syz_tun) entered disabled state
[  482.095620][ T9617] fuse: fd is not a fuse device
[  482.223616][ T5157] Bluetooth: hci6: command tx timeout
[  484.265819][ T9645] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1001'.
[  502.328701][ T1309] ieee802154 phy0 wpan0: encryption failed: -22
[  502.349134][ T1309] ieee802154 phy1 wpan1: encryption failed: -22
[  508.690007][ T9821] netlink: 'syz.0.1045': attribute type 4 has an invalid length.
[  509.063876][   T50] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  509.105797][   T50] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  509.120870][   T50] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  509.138946][   T50] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  509.182314][   T50] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  509.942920][    T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!!
[  510.288947][ T9836] fuse: fd is not a fuse device
[  510.474417][ T5157] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  510.504478][ T5157] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  510.529406][ T5157] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  510.592522][ T5157] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  510.608660][ T5157] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  510.717627][ T9839] loop6: detected capacity change from 0 to 1024
[  511.043588][ T9839] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  512.003701][ T5157] Bluetooth: hci4: command tx timeout
[  512.795495][ T5157] Bluetooth: hci7: command tx timeout
[  512.856632][ T9517] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  514.063038][ T5157] Bluetooth: hci4: command tx timeout
[  515.060285][ T5157] Bluetooth: hci7: command tx timeout
[  515.905846][ T6987] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  516.144194][ T5157] Bluetooth: hci4: command tx timeout
[  516.691850][ T6987] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  517.038815][ T9906] Set syz0 is full, maxelem 0 reached
[  517.106872][ T5157] Bluetooth: hci7: command tx timeout
[  518.533048][ T5157] Bluetooth: hci4: command tx timeout
[  519.186036][ T5157] Bluetooth: hci7: command tx timeout
[  520.436162][ T6987] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  521.199360][ T6987] team0: Port device netdevsim0 removed
[  521.235117][ T6987] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  521.803747][ T9955] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1076'.
[  521.967258][ T9824] chnl_net:caif_netlink_parms(): no params data found
[  526.056481][ T9995] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1087'.
[  526.066840][ T9995] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1087'.
[  526.076953][ T9995] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1087'.
[  526.171908][ T9824] bridge0: port 1(bridge_slave_0) entered blocking state
[  526.346690][ T9824] bridge0: port 1(bridge_slave_0) entered disabled state
[  526.372807][ T9824] bridge_slave_0: entered allmulticast mode
[  527.442681][ T9824] bridge_slave_0: entered promiscuous mode
[  528.295471][ T9999] syzkaller0: entered promiscuous mode
[  528.303585][ T9999] syzkaller0: entered allmulticast mode
[  528.414895][T10016] fuse: fd is not a fuse device
[  528.461430][ T9824] bridge0: port 2(bridge_slave_1) entered blocking state
[  528.470514][ T9824] bridge0: port 2(bridge_slave_1) entered disabled state
[  528.483659][ T9824] bridge_slave_1: entered allmulticast mode
[  528.492270][ T9824] bridge_slave_1: entered promiscuous mode
[  528.740266][ T9834] chnl_net:caif_netlink_parms(): no params data found
[  529.529989][ T9824] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  529.860682][ T9824] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  530.781005][ T9824] team0: Port device team_slave_0 added
[  530.794351][ T9824] team0: Port device team_slave_1 added
[  531.136031][T10044] netlink: 'syz.1.1097': attribute type 1 has an invalid length.
[  531.222032][ T6987] bridge_slave_1: left allmulticast mode
[  531.249537][ T6987] bridge_slave_1: left promiscuous mode
[  531.491796][ T6987] bridge0: port 2(bridge_slave_1) entered disabled state
[  531.592651][T10055] delete_channel: no stack
[  532.459281][ T6987] bridge_slave_0: left allmulticast mode
[  532.484048][ T6987] bridge_slave_0: left promiscuous mode
[  532.522568][ T6987] bridge0: port 1(bridge_slave_0) entered disabled state
[  532.539621][ T5926] usb 2-1: new full-speed USB device number 9 using dummy_hcd
[  537.758595][T10102] loop6: detected capacity change from 0 to 128
[  538.528922][ T5926] usb 2-1: unable to get BOS descriptor or descriptor too short
[  538.552841][ T5926] usb 2-1: unable to read config index 0 descriptor/start: -32
[  538.575974][ T5926] usb 2-1: chopping to 0 config(s)
[  538.591497][ T5926] usb 2-1: can't read configurations, error -32
[  538.723038][ T5926] usb 2-1: new full-speed USB device number 10 using dummy_hcd
[  538.825480][ T6987] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  538.867462][ T5926] usb 2-1: device descriptor read/64, error -32
[  538.900911][ T6987] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  538.915653][ T6987] bond0 (unregistering): Released all slaves
[  538.952080][ T9824] batman_adv: batadv0: Adding interface: batadv_slave_0
[  538.960638][ T9824] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  538.996764][ T9824] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  539.013533][ T5926] usb usb2-port1: attempt power cycle
[  539.073799][T10044] workqueue: Failed to create a rescuer kthread for wq "bond2": -EINTR
[  539.698098][ T5926] usb 2-1: new full-speed USB device number 11 using dummy_hcd
[  540.001636][ T5926] usb 2-1: device descriptor read/8, error -32
[  540.125338][ T5501] 8021q: adding VLAN 0 to HW filter on device eth5
[  540.195555][ T9824] batman_adv: batadv0: Adding interface: batadv_slave_1
[  540.215271][ T9824] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  540.280483][ T5926] usb 2-1: new full-speed USB device number 12 using dummy_hcd
[  540.329086][ T9824] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  540.513292][ T5926] usb 2-1: device not accepting address 12, error -71
[  540.539763][ T5926] usb usb2-port1: unable to enumerate USB device
[  540.853590][T10139] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1118'.
[  541.748586][T10140] netlink: del zone limit has 8 unknown bytes
[  543.090460][ T9824] hsr_slave_0: entered promiscuous mode
[  543.385896][ T9824] hsr_slave_1: entered promiscuous mode
[  543.405631][ T9824] debugfs: 'hsr0' already exists in 'hsr'
[  543.423054][ T9824] Cannot create hsr debugfs directory
[  543.446375][ T9834] bridge0: port 1(bridge_slave_0) entered blocking state
[  543.487991][ T9834] bridge0: port 1(bridge_slave_0) entered disabled state
[  543.520098][ T9834] bridge_slave_0: entered allmulticast mode
[  543.541162][T10156] netlink: 'syz.6.1123': attribute type 1 has an invalid length.
[  543.554953][ T9834] bridge_slave_0: entered promiscuous mode
[  543.568012][T10156] netlink: 224 bytes leftover after parsing attributes in process `syz.6.1123'.
[  543.604066][ T9834] bridge0: port 2(bridge_slave_1) entered blocking state
[  543.637238][ T9834] bridge0: port 2(bridge_slave_1) entered disabled state
[  543.646788][ T9834] bridge_slave_1: entered allmulticast mode
[  543.655722][ T9834] bridge_slave_1: entered promiscuous mode
[  546.383396][ T9834] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  547.435794][ T9834] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  548.926746][T10198] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method
[  549.911283][ T6987] hsr_slave_0: left promiscuous mode
[  549.942184][ T6987] hsr_slave_1: left promiscuous mode
[  549.964262][ T6987] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  550.006001][ T6987] batman_adv: batadv0: Removing interface: batadv_slave_0
[  550.057118][ T6987] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  550.092448][ T6987] batman_adv: batadv0: Removing interface: batadv_slave_1
[  550.173346][ T6987] veth1_macvtap: left promiscuous mode
[  550.188348][ T6987] veth0_macvtap: left promiscuous mode
[  550.216640][ T6987] veth1_vlan: left promiscuous mode
[  556.953237][ T6987] team0 (unregistering): Port device team_slave_1 removed
[  557.084308][ T6987] team0 (unregistering): Port device team_slave_0 removed
[  558.486800][ T5501] 8021q: adding VLAN 0 to HW filter on device eth6
[  558.536244][ T9834] team0: Port device team_slave_0 added
[  558.587227][ T9834] team0: Port device team_slave_1 added
[  559.651860][T10285] netlink: 'syz.4.1153': attribute type 39 has an invalid length.
[  559.739253][ T9834] batman_adv: batadv0: Adding interface: batadv_slave_0
[  559.787874][ T9834] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  559.859346][T10288] loop6: detected capacity change from 0 to 512
[  559.875997][ T9834] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  559.938915][ T9834] batman_adv: batadv0: Adding interface: batadv_slave_1
[  559.948639][T10288] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  560.859018][ T9834] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  560.962271][T10288] EXT4-fs (loop6): 1 orphan inode deleted
[  560.971236][T10288] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  560.998059][ T9834] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  561.236152][T10288] EXT4-fs (loop6): shut down requested (2)
[  562.197509][ T9517] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  562.236180][ T6987] IPVS: stop unused estimator thread 0...
[  562.555815][ T9834] hsr_slave_0: entered promiscuous mode
[  562.590528][ T9834] hsr_slave_1: entered promiscuous mode
[  563.702949][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  563.789180][ T1309] ieee802154 phy0 wpan0: encryption failed: -22
[  564.671522][T10321] netlink: 36 bytes leftover after parsing attributes in process `syz.6.1163'.
[  564.684033][T10321] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1163'.
[  564.724499][T10321] netlink: 36 bytes leftover after parsing attributes in process `syz.6.1163'.
[  566.324626][ T6987] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  566.390611][T10340] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  570.628926][ T6987] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  571.903467][T10386] loop1: detected capacity change from 0 to 256
[  573.368624][   T50] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  573.393749][   T50] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  573.423290][T10386] FAT-fs (loop1): Directory bread(block 64) failed
[  573.428077][   T50] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  573.432238][T10386] FAT-fs (loop1): Directory bread(block 65) failed
[  573.444001][T10386] FAT-fs (loop1): Directory bread(block 66) failed
[  573.450975][T10386] FAT-fs (loop1): Directory bread(block 67) failed
[  573.471038][   T50] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  573.481525][   T50] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  573.491149][T10386] FAT-fs (loop1): Directory bread(block 68) failed
[  573.510429][   T50] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  573.524881][   T50] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  573.527083][T10397] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  573.554220][T10397] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  573.577392][ T5157] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  573.618677][T10386] FAT-fs (loop1): Directory bread(block 69) failed
[  573.680269][T10386] FAT-fs (loop1): Directory bread(block 70) failed
[  573.729310][T10386] FAT-fs (loop1): Directory bread(block 71) failed
[  573.737230][ T5501] 8021q: adding VLAN 0 to HW filter on device eth7
[  573.758274][T10386] FAT-fs (loop1): Directory bread(block 72) failed
[  573.785704][T10386] FAT-fs (loop1): Directory bread(block 73) failed
[  575.254834][ T6987] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  575.758286][ T5837] Bluetooth: hci5: command tx timeout
[  576.443725][ T5157] Bluetooth: hci2: command tx timeout
[  578.463049][ T5157] Bluetooth: hci2: command tx timeout
[  578.468739][ T5837] Bluetooth: hci5: command tx timeout
[  579.434411][T10450] loop1: detected capacity change from 0 to 1024
[  579.493869][T10450] EXT4-fs (loop1): bad geometry: bigalloc file system with non-zero first_data_block
[  579.493869][T10450] 
[  579.614005][ T6987] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  579.810225][T10455] bridge_slave_0: default FDB implementation only supports local addresses
[  580.543850][ T5837] Bluetooth: hci5: command tx timeout
[  580.549789][ T5837] Bluetooth: hci2: command tx timeout
[  582.278928][T10487] tipc: Failed to remove unknown binding: 66,0,0/0:3230840454/3230840456
[  582.287646][T10487] tipc: Failed to remove unknown binding: 66,0,0/0:3230840454/3230840455
[  582.298680][T10487] tipc: Failed to remove unknown binding: 66,0,0/0:3230840454/3230840456
[  582.307484][T10487] tipc: Failed to remove unknown binding: 66,0,0/0:3230840454/3230840455
[  582.479063][T10479] warning: `syz.0.1198' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  582.568030][T10491] netlink: 'syz.6.1200': attribute type 1 has an invalid length.
[  582.624934][ T5157] Bluetooth: hci2: command tx timeout
[  582.630496][ T5157] Bluetooth: hci5: command tx timeout
[  582.983231][ T5926] usb 7-1: new full-speed USB device number 2 using dummy_hcd
[  583.195412][T10491] 8021q: adding VLAN 0 to HW filter on device bond1
[  583.266142][T10505] ptrace attach of "./syz-executor exec"[5836] was attempted by "                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
[  583.912883][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  584.150680][T10492] bond1: (slave gretap1): making interface the new active one
[  584.210139][T10492] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  584.383971][ T5926] usb 7-1: unable to get BOS descriptor or descriptor too short
[  584.448045][ T5926] usb 7-1: unable to read config index 0 descriptor/start: -71
[  584.472183][ T5926] usb 7-1: can't read configurations, error -71
[  585.195835][ T5501] 8021q: adding VLAN 0 to HW filter on device eth8
[  585.229361][T10391] chnl_net:caif_netlink_parms(): no params data found
[  586.127198][ T6987] bridge_slave_1: left allmulticast mode
[  587.092927][ T6987] bridge_slave_1: left promiscuous mode
[  587.105853][ T6987] bridge0: port 2(bridge_slave_1) entered disabled state
[  587.209573][ T6987] bridge_slave_0: left allmulticast mode
[  587.215468][ T6987] bridge_slave_0: left promiscuous mode
[  587.221427][ T6987] bridge0: port 1(bridge_slave_0) entered disabled state
[  588.266119][T10534] atomic_op ffff8880350c7998 conn xmit_atomic 0000000000000000
[  590.173266][T10540] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1212'.
[  591.638071][ T6987] bond1 (unregistering): (slave geneve2): Releasing active interface
[  593.133241][ T6987] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  593.154183][ T6987] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  593.165897][ T6987] bond0 (unregistering): Released all slaves
[  593.197084][ T6987] bond1 (unregistering): Released all slaves
[  593.341162][T10562] overlayfs: failed to clone upperpath
[  593.506988][T10389] chnl_net:caif_netlink_parms(): no params data found
[  594.535918][ T6987] tipc: Left network mode
[  594.714272][T10391] bridge0: port 1(bridge_slave_0) entered blocking state
[  594.760116][T10391] bridge0: port 1(bridge_slave_0) entered disabled state
[  594.782671][T10391] bridge_slave_0: entered allmulticast mode
[  594.836205][T10391] bridge_slave_0: entered promiscuous mode
[  595.777726][T10583] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1219'.
[  595.834705][T10579] loop6: detected capacity change from 0 to 512
[  596.330127][T10577] syz_tun: entered allmulticast mode
[  596.353065][T10391] bridge0: port 2(bridge_slave_1) entered blocking state
[  596.408527][T10391] bridge0: port 2(bridge_slave_1) entered disabled state
[  596.447239][T10391] bridge_slave_1: entered allmulticast mode
[  596.463446][ T5157] Bluetooth: hci6: command 0x0406 tx timeout
[  596.489005][T10391] bridge_slave_1: entered promiscuous mode
[  596.818676][T10391] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  597.856006][T10572] syz_tun: left allmulticast mode
[  597.888565][T10391] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  598.862289][T10389] bridge0: port 1(bridge_slave_0) entered blocking state
[  598.908865][T10389] bridge0: port 1(bridge_slave_0) entered disabled state
[  599.268663][T10389] bridge_slave_0: entered allmulticast mode
[  599.277836][T10389] bridge_slave_0: entered promiscuous mode
[  600.401682][T10391] team0: Port device team_slave_0 added
[  600.411697][T10391] team0: Port device team_slave_1 added
[  600.665396][T10389] bridge0: port 2(bridge_slave_1) entered blocking state
[  600.698166][T10389] bridge0: port 2(bridge_slave_1) entered disabled state
[  600.721891][T10389] bridge_slave_1: entered allmulticast mode
[  600.747859][T10389] bridge_slave_1: entered promiscuous mode
[  601.906799][T10391] batman_adv: batadv0: Adding interface: batadv_slave_0
[  601.932153][T10391] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  602.012989][T10391] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  602.294647][ T6987] hsr_slave_0: left promiscuous mode
[  602.338267][ T6987] hsr_slave_1: left promiscuous mode
[  602.378500][ T6987] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  603.195193][ T6987] batman_adv: batadv0: Removing interface: batadv_slave_0
[  603.211100][ T6987] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  603.227492][ T6987] batman_adv: batadv0: Removing interface: batadv_slave_1
[  603.271530][ T6987] veth1_macvtap: left promiscuous mode
[  603.277839][ T6987] veth0_macvtap: left promiscuous mode
[  603.284281][ T6987] veth1_vlan: left allmulticast mode
[  603.290015][ T6987] veth1_vlan: left promiscuous mode
[  603.296480][ T6987] veth0_vlan: left promiscuous mode
[  604.720379][T10640] ref_ctr increment failed for inode: 0x53e offset: 0x5 ref_ctr_offset: 0x1000 of mm: 0xffff88807c5c55c0
[  604.859894][ T6987] team0 (unregistering): Port device macvlan0 removed
[  604.939946][T10640] uprobe: syz.0.1236:10640 failed to unregister, leaking uprobe
[  605.137702][ T6987] team0 (unregistering): Port device team_slave_1 removed
[  605.225657][ T6987] team0 (unregistering): Port device team_slave_0 removed
[  606.399876][T10665] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1239'.
[  608.100504][T10389] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  608.111422][T10391] batman_adv: batadv0: Adding interface: batadv_slave_1
[  608.129891][T10391] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  608.158426][T10391] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  608.849748][ T5501] 8021q: adding VLAN 0 to HW filter on device eth9
[  608.857494][T10660] syz_tun: entered allmulticast mode
[  609.068320][T10665] syz_tun (unregistering): left allmulticast mode
[  609.116683][T10389] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  610.194086][T10389] team0: Port device team_slave_0 added
[  610.254975][T10391] hsr_slave_0: entered promiscuous mode
[  610.305207][T10391] hsr_slave_1: entered promiscuous mode
[  610.972416][T10391] debugfs: 'hsr0' already exists in 'hsr'
[  611.335244][T10713] netlink: 156 bytes leftover after parsing attributes in process `syz.4.1254'.
[  611.988126][T10391] Cannot create hsr debugfs directory
[  612.319076][T10389] team0: Port device team_slave_1 added
[  612.365694][T10717] fuse: fd is not a fuse device
[  612.705473][T10389] batman_adv: batadv0: Adding interface: batadv_slave_0
[  612.713308][T10389] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  612.740440][T10389] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  612.860991][T10727] overlayfs: failed to clone upperpath
[  613.502374][T10389] batman_adv: batadv0: Adding interface: batadv_slave_1
[  613.548596][ T6987] IPVS: stop unused estimator thread 0...
[  613.564859][T10389] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  613.643983][T10389] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  614.062508][T10731] IPVS: Error joining to the multicast group
[  616.220515][T10389] hsr_slave_0: entered promiscuous mode
[  616.260110][T10389] hsr_slave_1: entered promiscuous mode
[  616.287767][T10389] debugfs: 'hsr0' already exists in 'hsr'
[  616.306410][T10389] Cannot create hsr debugfs directory
[  616.943696][T10741] fuse: fd is not a fuse device
[  624.576926][T10801] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  625.224177][ T1309] ieee802154 phy0 wpan0: encryption failed: -22
[  625.982625][ T5501] 8021q: adding VLAN 0 to HW filter on device eth10
[  627.530148][ T6987] bridge_slave_1: left allmulticast mode
[  627.593877][ T6987] bridge_slave_1: left promiscuous mode
[  627.756941][ T6987] bridge0: port 2(bridge_slave_1) entered disabled state
[  628.297743][ T6987] bridge_slave_0: left allmulticast mode
[  628.351981][ T6987] bridge_slave_0: left promiscuous mode
[  628.373252][ T6987] bridge0: port 1(bridge_slave_0) entered disabled state
[  628.549858][ T6987] bridge_slave_1: left allmulticast mode
[  628.572104][ T6987] bridge_slave_1: left promiscuous mode
[  628.620267][ T6987] bridge0: port 2(bridge_slave_1) entered disabled state
[  628.670895][ T6987] bridge_slave_0: left allmulticast mode
[  628.686538][ T6987] bridge_slave_0: left promiscuous mode
[  628.711658][ T6987] bridge0: port 1(bridge_slave_0) entered disabled state
[  630.114196][ T5157] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  630.137802][ T5157] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  630.155038][ T5157] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  630.174387][ T5157] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  630.186271][ T5157] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  630.808012][ T5837] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  630.823588][ T5837] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  630.855557][ T6987] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  630.866856][ T5837] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  630.893933][ T5837] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  630.919170][ T5837] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  630.930616][ T6987] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  631.012648][ T6987] bond0 (unregistering): Released all slaves
[  632.313518][ T5157] Bluetooth: hci4: command tx timeout
[  633.023809][ T5157] Bluetooth: hci7: command tx timeout
[  633.251250][ T6987] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  633.488838][ T6987] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  634.271720][ T6987] bond0 (unregistering): Released all slaves
[  634.397831][ T5157] Bluetooth: hci4: command tx timeout
[  635.355345][ T5157] Bluetooth: hci7: command tx timeout
[  636.693216][ T5157] Bluetooth: hci4: command tx timeout
[  637.486931][ T5157] Bluetooth: hci7: command tx timeout
[  639.313132][ T5157] Bluetooth: hci4: command tx timeout
[  639.944072][ T5837] Bluetooth: hci7: command tx timeout
[  640.197389][ T5501] 8021q: adding VLAN 0 to HW filter on device eth11
[  640.375528][ T6987] hsr_slave_0: left promiscuous mode
[  640.425040][ T6987] hsr_slave_1: left promiscuous mode
[  640.450854][ T6987] batman_adv: batadv0: Removing interface: batadv_slave_0
[  640.493226][ T6987] batman_adv: batadv0: Removing interface: batadv_slave_1
[  641.329312][ T6987] hsr_slave_0: left promiscuous mode
[  641.432329][ T6987] hsr_slave_1: left promiscuous mode
[  641.667593][ T6987] batman_adv: batadv0: Removing interface: batadv_slave_0
[  642.241577][ T6987] batman_adv: batadv0: Removing interface: batadv_slave_1
[  643.464891][T10959] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1313'.
[  643.594777][ T6987] team0 (unregistering): Port device team_slave_1 removed
[  643.667017][ T6987] team0 (unregistering): Port device team_slave_0 removed
[  645.610485][ T6987] team0 (unregistering): Port device team_slave_1 removed
[  645.637906][ T6987] team0 (unregistering): Port device team_slave_0 removed
[  645.713010][ T5926] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  645.887563][ T5926] usb 2-1: Using ep0 maxpacket: 32
[  645.936676][ T5926] usb 2-1: unable to get BOS descriptor or descriptor too short
[  645.963633][ T5926] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  645.975621][ T5926] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  646.064866][ T5926] usb 2-1: New USB device found, idVendor=0d8c, idProduct=000c, bcdDevice= 0.40
[  646.106561][ T5926] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  646.131349][ T5926] usb 2-1: Product: syz
[  646.152999][ T5926] usb 2-1: Manufacturer: syz
[  646.175877][ T5926] usb 2-1: SerialNumber: syz
[  647.054887][ T5926] usb 2-1: 3:0: cannot get min/max values for control 2 (id 3)
[  647.074905][ T5926] usb 2-1: applying playback min mute quirk
[  647.092925][ T5926] usb 2-1: Warning! Unlikely small volume range (=1), linear volume or custom curve?
[  647.112925][ T5926] usb 2-1: [3] FU [Feature 3 Playback Volume] ch = 1, val = 0/1/1
[  647.144403][ T5926] usb 2-1: 3:0: failed to get current value for ch 1 (-71)
[  647.174618][ T5926] usb 2-1: 3:0: failed to get current value for ch 0 (-71)
[  647.553208][ T5926] usb 2-1: USB disconnect, device number 13
[  647.566378][T10992] loop6: detected capacity change from 0 to 256
[  647.765287][T10992] FAT-fs (loop6): Directory bread(block 64) failed
[  647.801733][T10992] FAT-fs (loop6): Directory bread(block 65) failed
[  648.386682][T10992] FAT-fs (loop6): Directory bread(block 66) failed
[  648.434507][T10992] FAT-fs (loop6): Directory bread(block 67) failed
[  648.484390][T10992] FAT-fs (loop6): Directory bread(block 68) failed
[  648.558665][T10992] FAT-fs (loop6): Directory bread(block 69) failed
[  648.568248][T10992] FAT-fs (loop6): Directory bread(block 70) failed
[  648.576807][T10992] FAT-fs (loop6): Directory bread(block 71) failed
[  648.583622][T10992] FAT-fs (loop6): Directory bread(block 72) failed
[  648.590197][T10992] FAT-fs (loop6): Directory bread(block 73) failed
[  648.962752][T11005] netlink: 'syz.1.1322': attribute type 2 has an invalid length.
[  648.976149][T11005] netlink: 'syz.1.1322': attribute type 1 has an invalid length.
[  648.986822][T11005] netlink: 'syz.1.1322': attribute type 1 has an invalid length.
[  651.214381][T11013] syz.6.1320: attempt to access beyond end of device
[  651.214381][T11013] loop6: rw=524288, sector=1160, nr_sectors = 4 limit=256
[  652.602747][T11013] syz.6.1320: attempt to access beyond end of device
[  652.602747][T11013] loop6: rw=0, sector=1160, nr_sectors = 4 limit=256
[  652.824694][   T30] kauditd_printk_skb: 58 callbacks suppressed
[  652.824728][   T30] audit: type=1800 audit(1776706252.366:110): pid=11013 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.1320" name="file0" dev="loop6" ino=1048659 res=0 errno=0
[  654.112681][T11039] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1332'.
[  654.338141][T10857] chnl_net:caif_netlink_parms(): no params data found
[  654.474553][T11043] bridge1: port 1(veth7) entered blocking state
[  654.509759][T11043] bridge1: port 1(veth7) entered disabled state
[  654.537553][T11043] veth7: entered allmulticast mode
[  654.568047][T11043] veth7: entered promiscuous mode
[  654.774630][T11047] bridge1: port 2(veth0_to_bond) entered blocking state
[  654.790629][T11047] bridge1: port 2(veth0_to_bond) entered disabled state
[  654.798099][T11047] veth0_to_bond: entered allmulticast mode
[  654.806701][T11047] veth0_to_bond: entered promiscuous mode
[  656.565453][T10864] chnl_net:caif_netlink_parms(): no params data found
[  656.820049][T11080] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1336'.
[  657.081627][T11095] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1341'.
[  657.402385][T11104] loop1: detected capacity change from 0 to 256
[  657.571491][T11104] FAT-fs (loop1): Directory bread(block 64) failed
[  657.584365][ T5501] 8021q: adding VLAN 0 to HW filter on device eth12
[  657.596857][T11104] FAT-fs (loop1): Directory bread(block 65) failed
[  657.620936][T11104] FAT-fs (loop1): Directory bread(block 66) failed
[  657.636563][T11104] FAT-fs (loop1): Directory bread(block 67) failed
[  657.653291][T11104] FAT-fs (loop1): Directory bread(block 68) failed
[  657.673587][T10857] bridge0: port 1(bridge_slave_0) entered blocking state
[  657.691486][T11104] FAT-fs (loop1): Directory bread(block 69) failed
[  657.716338][T10857] bridge0: port 1(bridge_slave_0) entered disabled state
[  657.750875][T11104] FAT-fs (loop1): Directory bread(block 70) failed
[  657.763027][T11104] FAT-fs (loop1): Directory bread(block 71) failed
[  657.771454][T11104] FAT-fs (loop1): Directory bread(block 72) failed
[  657.777387][T10857] bridge_slave_0: entered allmulticast mode
[  657.786245][T11104] FAT-fs (loop1): Directory bread(block 73) failed
[  657.797960][T10857] bridge_slave_0: entered promiscuous mode
[  657.838226][T10857] bridge0: port 2(bridge_slave_1) entered blocking state
[  657.860640][T10857] bridge0: port 2(bridge_slave_1) entered disabled state
[  657.873863][T10857] bridge_slave_1: entered allmulticast mode
[  657.889368][T10857] bridge_slave_1: entered promiscuous mode
[  659.774030][T10864] bridge0: port 1(bridge_slave_0) entered blocking state
[  659.781517][T10864] bridge0: port 1(bridge_slave_0) entered disabled state
[  659.791903][T10864] bridge_slave_0: entered allmulticast mode
[  659.801047][T10864] bridge_slave_0: entered promiscuous mode
[  659.957145][T10864] bridge0: port 2(bridge_slave_1) entered blocking state
[  659.980997][T10864] bridge0: port 2(bridge_slave_1) entered disabled state
[  660.006003][T10864] bridge_slave_1: entered allmulticast mode
[  660.132305][T10864] bridge_slave_1: entered promiscuous mode
[  661.599030][T11134] syz.4.1350 (11134): attempted to duplicate a private mapping with mremap.  This is not supported.
[  661.640733][T10857] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  661.678935][T10857] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  661.995762][T10864] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  662.049971][T10864] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  662.075094][T10857] team0: Port device team_slave_0 added
[  662.423808][T11149] fuse: Bad value for 'fd'
[  662.495193][T11148] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  662.528686][ T5971] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  662.998448][ T5971] usb 2-1: Using ep0 maxpacket: 16
[  663.166857][ T5971] usb 2-1: config 1 interface 0 altsetting 39 bulk endpoint 0x1 has invalid maxpacket 8
[  663.196155][ T5971] usb 2-1: config 1 interface 0 altsetting 39 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  663.250970][ T5971] usb 2-1: config 1 interface 0 has no altsetting 0
[  663.302788][ T5971] usb 2-1: New USB device found, idVendor=03f0, idProduct=0004, bcdDevice= 0.40
[  663.336358][ T5971] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  663.567139][ T5971] usb 2-1: Manufacturer: Ы
[  663.572491][ T5971] usb 2-1: SerialNumber: syz
[  663.604374][T11147] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  663.645666][T11155] overlayfs: failed to clone lowerpath
[  664.351537][T11147] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  666.062591][T10857] team0: Port device team_slave_1 added
[  666.115415][ T5971] usb 2-1: USB disconnect, device number 14
[  666.365416][   T24] IPVS: starting estimator thread 0...
[  666.463048][T11178] IPVS: using max 22 ests per chain, 52800 per kthread
[  667.594482][T10864] team0: Port device team_slave_0 added
[  667.662918][T10864] team0: Port device team_slave_1 added
[  667.686205][T11185] netlink: 'syz.6.1361': attribute type 1 has an invalid length.
[  667.700810][T10857] batman_adv: batadv0: Adding interface: batadv_slave_0
[  667.743064][T10857] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  668.365129][T10857] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  668.378895][T10857] batman_adv: batadv0: Adding interface: batadv_slave_1
[  668.386273][T10857] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  668.416053][T10857] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  668.732254][T11185] workqueue: Failed to create a rescuer kthread for wq "bond2": -EINTR
[  668.843529][T11188] workqueue: Failed to create a rescuer kthread for wq "bond2": -EINTR
[  669.213644][T11194] workqueue: Failed to create a rescuer kthread for wq "bond2": -EINTR
[  669.235478][T10864] batman_adv: batadv0: Adding interface: batadv_slave_0
[  669.375070][T10864] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  669.597302][T10864] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  669.801796][T10864] batman_adv: batadv0: Adding interface: batadv_slave_1
[  669.841919][T10864] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  669.975957][T10864] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  671.235742][T10857] hsr_slave_0: entered promiscuous mode
[  671.262638][T10857] hsr_slave_1: entered promiscuous mode
[  673.240249][T10864] hsr_slave_0: entered promiscuous mode
[  673.524072][T10864] hsr_slave_1: entered promiscuous mode
[  673.548587][T10864] debugfs: 'hsr0' already exists in 'hsr'
[  673.554629][T10864] Cannot create hsr debugfs directory
[  675.805922][T11264] skbuff: bad partial csum: csum=65506/2 headroom=168 headlen=65526
[  678.015476][T11282] loop6: detected capacity change from 0 to 32768
[  678.044564][T11282] XFS (loop6): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  678.095794][T11282] XFS (loop6): Ending clean mount
[  678.107257][T11282] XFS (loop6): Quotacheck needed: Please wait.
[  678.158351][T11271] bridge0: port 3(macvlan0) entered blocking state
[  678.185158][T11271] bridge0: port 3(macvlan0) entered disabled state
[  678.205352][T11271] macvlan0: entered allmulticast mode
[  678.245659][T11271] ip6gretap0: entered allmulticast mode
[  678.279345][T11282] XFS (loop6): Quotacheck: Done.
[  678.302508][T11271] macvlan0: entered promiscuous mode
[  678.345974][T11271] bridge0: port 3(macvlan0) entered blocking state
[  678.355525][T11271] bridge0: port 3(macvlan0) entered forwarding state
[  680.079497][ T9517] XFS (loop6): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  680.594334][T11309] /dev/nullb0: Can't lookup blockdev
[  681.909072][ T6987] bridge_slave_1: left allmulticast mode
[  681.925510][ T6987] bridge_slave_1: left promiscuous mode
[  681.950370][ T6987] bridge0: port 2(bridge_slave_1) entered disabled state
[  681.999030][ T6987] bridge_slave_0: left allmulticast mode
[  682.014486][ T6987] bridge_slave_0: left promiscuous mode
[  682.036721][ T6987] bridge0: port 1(bridge_slave_0) entered disabled state
[  682.105051][ T6987] bridge_slave_1: left allmulticast mode
[  682.207259][ T6987] bridge_slave_1: left promiscuous mode
[  682.225227][ T6987] bridge0: port 2(bridge_slave_1) entered disabled state
[  682.269628][ T6987] bridge_slave_0: left allmulticast mode
[  682.291508][ T6987] bridge_slave_0: left promiscuous mode
[  682.325664][ T6987] bridge0: port 1(bridge_slave_0) entered disabled state
[  684.141923][ T6987] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  684.169547][ T6987] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  684.183653][ T6987] bond0 (unregistering): Released all slaves
[  684.403049][ T6987] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  684.424758][ T6987] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  684.441880][ T6987] bond0 (unregistering): Released all slaves
[  686.035430][ T6987] hsr_slave_0: left promiscuous mode
[  686.105977][ T6987] hsr_slave_1: left promiscuous mode
[  686.130952][ T6987] batman_adv: batadv0: Removing interface: batadv_slave_0
[  686.208929][ T6987] batman_adv: batadv0: Removing interface: batadv_slave_1
[  686.746725][ T1309] ieee802154 phy0 wpan0: encryption failed: -22
[  686.785202][ T6987] hsr_slave_0: left promiscuous mode
[  687.317031][ T6987] hsr_slave_1: left promiscuous mode
[  687.534107][ T6987] batman_adv: batadv0: Removing interface: batadv_slave_0
[  687.565743][ T6987] batman_adv: batadv0: Removing interface: batadv_slave_1
[  688.341658][ T6987] team0 (unregistering): Port device team_slave_1 removed
[  688.418037][ T6987] team0 (unregistering): Port device team_slave_0 removed
[  690.299453][ T5157] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  690.322454][ T5157] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  690.336028][ T5157] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  690.349339][ T5157] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  690.359673][ T5157] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  690.494079][ T5157] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  690.514781][ T5157] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  690.528883][ T5157] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  690.545857][ T5157] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  690.555009][ T5157] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  691.044943][ T6987] team0 (unregistering): Port device team_slave_1 removed
[  691.133246][ T6987] team0 (unregistering): Port device team_slave_0 removed
[  692.236387][T11353] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1399'.
[  692.271766][T11355] : entered promiscuous mode
[  692.463026][ T5837] Bluetooth: hci2: command tx timeout
[  692.888700][ T5837] Bluetooth: hci5: command tx timeout
[  694.768757][ T5837] Bluetooth: hci2: command tx timeout
[  694.944768][ T5837] Bluetooth: hci5: command tx timeout
[  695.000879][T11410] netlink: 84 bytes leftover after parsing attributes in process `syz.6.1413'.
[  697.070334][ T5157] Bluetooth: hci5: command tx timeout
[  697.070337][ T5837] Bluetooth: hci2: command tx timeout
[  699.103866][ T5157] Bluetooth: hci2: command tx timeout
[  699.182965][ T5157] Bluetooth: hci5: command tx timeout
[  700.904530][T11434] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1418'.
[  702.407832][ T5157] Bluetooth: hci6: unexpected event for opcode 0x0000
[  702.583799][T11455] fuse: fd is not a fuse device
[  706.320704][   T30] audit: type=1800 audit(1776706305.836:111): pid=11469 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.1428" name="bus" dev="ramfs" ino=26168 res=0 errno=0
[  706.472272][ T5157] Bluetooth: hci6: Controller not accepting commands anymore: ncmd = 0
[  706.489755][ T5157] Bluetooth: hci6: Injecting HCI hardware error event
[  706.558882][ T5157] Bluetooth: hci6: hardware error 0x00
[  708.621363][T11488] m>e5n: entered promiscuous mode
[  708.656681][T11377] chnl_net:caif_netlink_parms(): no params data found
[  709.007790][ T5157] Bluetooth: hci6: Opcode 0x0c03 failed: -110
[  709.507140][T11381] chnl_net:caif_netlink_parms(): no params data found
[  711.551413][T11517] xt_CT: You must specify a L4 protocol and not use inversions on it
[  711.900788][ T6987] bridge_slave_1: left allmulticast mode
[  711.917485][ T6987] bridge_slave_1: left promiscuous mode
[  711.935170][ T6987] bridge0: port 2(bridge_slave_1) entered disabled state
[  711.955223][ T6987] bridge_slave_0: left allmulticast mode
[  711.973685][ T6987] bridge_slave_0: left promiscuous mode
[  711.989872][ T6987] bridge0: port 1(bridge_slave_0) entered disabled state
[  712.057088][ T6987] bridge_slave_1: left allmulticast mode
[  712.072970][ T6987] bridge_slave_1: left promiscuous mode
[  712.085812][ T6987] bridge0: port 2(bridge_slave_1) entered disabled state
[  712.129796][ T6987] bridge_slave_0: left allmulticast mode
[  712.150311][ T6987] bridge_slave_0: left promiscuous mode
[  712.174960][ T6987] bridge0: port 1(bridge_slave_0) entered disabled state
[  712.654940][ T6987] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  712.704929][ T6987] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  712.818276][ T6987] bond0 (unregistering): Released all slaves
[  714.130844][T11552] loop1: detected capacity change from 0 to 4096
[  714.182169][T11552] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  714.271456][ T6987] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  714.318112][ T6987] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  714.346342][ T6987] bond0 (unregistering): Released all slaves
[  714.500068][ T5846] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  715.325532][T11571] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  718.089314][ T6987] hsr_slave_0: left promiscuous mode
[  718.148523][ T6987] hsr_slave_1: left promiscuous mode
[  718.169661][ T6987] batman_adv: batadv0: Removing interface: batadv_slave_0
[  718.199189][T11582] binder: 11578:11582 ioctl c018620c 200000000000 returned -1
[  719.159332][ T6987] batman_adv: batadv0: Removing interface: batadv_slave_1
[  719.413954][ T6987] hsr_slave_0: left promiscuous mode
[  719.429932][ T6987] hsr_slave_1: left promiscuous mode
[  719.438740][ T6987] batman_adv: batadv0: Removing interface: batadv_slave_0
[  719.460474][ T6987] batman_adv: batadv0: Removing interface: batadv_slave_1
[  720.139020][ T6987] team0 (unregistering): Port device team_slave_1 removed
[  720.422439][ T6987] team0 (unregistering): Port device team_slave_0 removed
[  720.938829][   T30] audit: type=1800 audit(1776706320.526:112): pid=11602 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1458" name="bus" dev="ramfs" ino=26288 res=0 errno=0
[  721.895949][T11612] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  722.050641][ T6987] team0 (unregistering): Port device team_slave_1 removed
[  722.120022][ T6987] team0 (unregistering): Port device team_slave_0 removed
[  722.366756][T11377] bridge0: port 1(bridge_slave_0) entered blocking state
[  722.390732][T11377] bridge0: port 1(bridge_slave_0) entered disabled state
[  722.411566][T11377] bridge_slave_0: entered allmulticast mode
[  722.447294][T11377] bridge_slave_0: entered promiscuous mode
[  722.461061][T11377] bridge0: port 2(bridge_slave_1) entered blocking state
[  722.469274][T11377] bridge0: port 2(bridge_slave_1) entered disabled state
[  722.476810][T11377] bridge_slave_1: entered allmulticast mode
[  722.487570][T11377] bridge_slave_1: entered promiscuous mode
[  725.478496][T11381] bridge0: port 1(bridge_slave_0) entered blocking state
[  725.486129][T11381] bridge0: port 1(bridge_slave_0) entered disabled state
[  725.499588][T11381] bridge_slave_0: entered allmulticast mode
[  725.510306][T11381] bridge_slave_0: entered promiscuous mode
[  725.520308][T11381] bridge0: port 2(bridge_slave_1) entered blocking state
[  725.528181][T11381] bridge0: port 2(bridge_slave_1) entered disabled state
[  725.535929][T11381] bridge_slave_1: entered allmulticast mode
[  725.544952][T11381] bridge_slave_1: entered promiscuous mode
[  725.587425][T11381] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  725.601280][T11381] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  725.688410][T11377] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  726.460593][T11377] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  728.007063][T11377] team0: Port device team_slave_0 added
[  729.665380][T11381] team0: Port device team_slave_0 added
[  729.750460][T11377] team0: Port device team_slave_1 added
[  729.821174][T11381] team0: Port device team_slave_1 added
[  729.980175][T11381] batman_adv: batadv0: Adding interface: batadv_slave_0
[  729.987516][T11381] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  730.022084][T11381] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  730.096222][T11381] batman_adv: batadv0: Adding interface: batadv_slave_1
[  730.121284][T11381] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  730.274648][T11381] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  730.986897][T11377] batman_adv: batadv0: Adding interface: batadv_slave_0
[  730.997356][T11679] loop1: detected capacity change from 0 to 4096
[  731.008310][T11377] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  731.057991][T11679] ntfs3(loop1): Different NTFS sector size (1024) and media sector size (512).
[  731.084995][T11377] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  731.134184][T11682] : entered promiscuous mode
[  731.208326][T11377] batman_adv: batadv0: Adding interface: batadv_slave_1
[  731.226865][T11377] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  731.483751][T11377] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  733.383605][T11679] ntfs3(loop1): Failed to read $UpCase (-4).
[  733.854130][T11381] hsr_slave_0: entered promiscuous mode
[  733.879832][T11381] hsr_slave_1: entered promiscuous mode
[  734.980811][T11377] hsr_slave_0: entered promiscuous mode
[  735.019784][T11377] hsr_slave_1: entered promiscuous mode
[  735.053812][T11377] debugfs: 'hsr0' already exists in 'hsr'
[  735.070460][T11377] Cannot create hsr debugfs directory
[  737.645879][T11720] binder: 11716:11720 ioctl c018620c 200000000000 returned -1
[  738.133795][T11723] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1485'.
[  742.983858][T11377] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  743.137559][T11377] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  743.184309][T11377] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  744.472048][T11377] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  744.768606][T11377] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  745.093401][T11377] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  745.101678][T11377] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  745.842105][T11377] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  746.799080][T11811] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1503'.
[  852.202748][    C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  852.209770][    C1] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P10787/1:b..l
[  852.218800][    C1] rcu: 	(detected by 1, t=10503 jiffies, g=61493, q=496 ncpus=2)
[  852.226536][    C1] task:udevd           state:R  running task     stack:24808 pid:10787 tgid:10787 ppid:5206   task_flags:0x400140 flags:0x00080000
[  852.242876][    C1] Call Trace:
[  852.246167][    C1]  <TASK>
[  852.249096][    C1]  __schedule+0x10e9/0x6820
[  852.253658][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  852.259333][    C1]  ? __pfx___schedule+0x10/0x10
[  852.264207][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  852.269866][    C1]  ? mark_held_locks+0x40/0x70
[  852.274649][    C1]  preempt_schedule_irq+0x50/0x90
[  852.279687][    C1]  irqentry_exit+0x1fe/0x790
[  852.284291][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  852.290287][    C1] RIP: 0010:lock_acquire+0x5e/0x370
[  852.295502][    C1] Code: 05 3b 42 2e 12 83 f8 07 0f 87 d9 02 00 00 48 0f a3 05 46 d6 f6 0e 0f 82 a4 02 00 00 8b 35 ae 09 f7 0e 85 f6 0f 85 bf 00 00 00 <48> 8b 44 24 30 65 48 2b 05 dd 41 2e 12 0f 85 ed 02 00 00 48 83 c4
[  852.315216][    C1] RSP: 0018:ffffc9000538f648 EFLAGS: 00000206
[  852.321298][    C1] RAX: 0000000000000046 RBX: 0000000000000000 RCX: 0000000000000001
[  852.329278][    C1] RDX: 0000000000000000 RSI: ffffffff8df2ec41 RDI: ffffffff8c1c1280
[  852.337262][    C1] RBP: ffffffff8e7e5460 R08: 00000000f0338232 R09: 0000000000000007
[  852.345242][    C1] R10: 0000000000000200 R11: 0000000000000000 R12: 0000000000000002
[  852.353222][    C1] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  852.361236][    C1]  ? unwind_next_frame+0x3be/0x2090
[  852.366476][    C1]  ? unwind_next_frame+0x3be/0x2090
[  852.371704][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  852.377372][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  852.383572][    C1]  unwind_next_frame+0xd1/0x2090
[  852.388536][    C1]  ? unwind_next_frame+0xbd/0x2090
[  852.393684][    C1]  ? kasan_save_stack+0x30/0x50
[  852.398576][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  852.404794][    C1]  arch_stack_walk+0x94/0xf0
[  852.409419][    C1]  ? kasan_save_stack+0x30/0x50
[  852.414304][    C1]  ? tomoyo_path_perm+0x29c/0x460
[  852.419377][    C1]  stack_trace_save+0x8e/0xc0
[  852.424093][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[  852.429505][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  852.435156][    C1]  ? __lock_acquire+0x4a5/0x2630
[  852.440117][    C1]  kasan_save_stack+0x30/0x50
[  852.444813][    C1]  ? kasan_save_stack+0x30/0x50
[  852.449748][    C1]  kasan_save_track+0x14/0x30
[  852.454451][    C1]  kasan_save_free_info+0x3b/0x70
[  852.459486][    C1]  __kasan_slab_free+0x5f/0x80
[  852.464265][    C1]  ? tomoyo_path_perm+0x280/0x460
[  852.469312][    C1]  kfree+0x223/0x6c0
[  852.473212][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  852.478875][    C1]  ? tomoyo_path_permission+0x28e/0x3b0
[  852.484469][    C1]  tomoyo_path_perm+0x29c/0x460
[  852.489353][    C1]  ? __pfx_tomoyo_path_perm+0x10/0x10
[  852.494780][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  852.500437][    C1]  ? lockdep_hardirqs_on+0x78/0x100
[  852.505666][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  852.511321][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  852.516987][    C1]  ? kmem_cache_free+0x127/0x6c0
[  852.521963][    C1]  security_inode_getattr+0x116/0x280
[  852.527361][    C1]  vfs_fstat+0x4b/0xe0
[  852.531500][    C1]  __do_sys_newfstat+0x8b/0x110
[  852.536375][    C1]  ? __pfx___do_sys_newfstat+0x10/0x10
[  852.541895][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  852.547553][    C1]  ? rcu_is_watching+0x12/0xc0
[  852.552353][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  852.558014][    C1]  do_syscall_64+0x10b/0xf80
[  852.562631][    C1]  ? irqentry_exit+0x117/0x790
[  852.567418][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  852.573339][    C1] RIP: 0033:0x7f5370511ad7
[  852.577792][    C1] RSP: 002b:00007fff3d007c78 EFLAGS: 00000297 ORIG_RAX: 0000000000000005
[  852.586221][    C1] RAX: ffffffffffffffda RBX: 0000558cb531b510 RCX: 00007f5370511ad7
[  852.594200][    C1] RDX: 00007f53705efea0 RSI: 00007fff3d007c80 RDI: 0000000000000009
[  852.602176][    C1] RBP: 00007f53705efff0 R08: 0000000000000073 R09: 0000000000000001
[  852.610162][    C1] R10: 0000000000000000 R11: 0000000000000297 R12: 00007fff3d007e50
[  852.618154][    C1] R13: 00007f53705efff0 R14: 0000000000000016 R15: 0000558c8a8c39dd
[  852.626171][    C1]  </TASK>
[  852.629198][    C1] rcu: rcu_preempt kthread starved for 10542 jiffies! g61493 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
[  852.640403][    C1] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  852.650385][    C1] rcu: RCU grace-period kthread stack dump:
[  852.656272][    C1] task:rcu_preempt     state:R  running task     stack:26104 pid:16    tgid:16    ppid:2      task_flags:0x208040 flags:0x00080000
[  852.669856][    C1] Call Trace:
[  852.673141][    C1]  <TASK>
[  852.676095][    C1]  __schedule+0x10e9/0x6820
[  852.680661][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  852.686373][    C1]  ? __pfx___schedule+0x10/0x10
[  852.691276][    C1]  ? find_held_lock+0x2b/0x80
[  852.695985][    C1]  ? schedule+0x2bf/0x390
[  852.700360][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  852.706034][    C1]  schedule+0xdd/0x390
[  852.710126][    C1]  schedule_timeout+0x127/0x280
[  852.715039][    C1]  ? __pfx_schedule_timeout+0x10/0x10
[  852.720454][    C1]  ? __pfx_process_timeout+0x10/0x10
[  852.725788][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  852.731444][    C1]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  852.737289][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  852.742952][    C1]  ? prepare_to_swait_event+0xdf/0x4a0
[  852.748449][    C1]  rcu_gp_fqs_loop+0x1a9/0x900
[  852.753239][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  852.758896][    C1]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[  852.764201][    C1]  ? __pfx_rcu_gp_init+0x10/0x10
[  852.769158][    C1]  ? __pfx_rcu_gp_cleanup+0x10/0x10
[  852.774396][    C1]  rcu_gp_kthread+0x179/0x230
[  852.779104][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  852.784330][    C1]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  852.790195][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  852.795851][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  852.801495][    C1]  ? __kthread_parkme+0x18c/0x230
[  852.806553][    C1]  ? kthread+0x13a/0x450
[  852.810807][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  852.816031][    C1]  kthread+0x370/0x450
[  852.820143][    C1]  ? __pfx_kthread+0x10/0x10
[  852.824786][    C1]  ret_from_fork+0x72b/0xd50
[  852.829402][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[  852.834547][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  852.840195][    C1]  ? __switch_to+0x800/0x1100
[  852.844907][    C1]  ? __switch_to_asm+0x39/0x70
[  852.849704][    C1]  ? __pfx_kthread+0x10/0x10
[  852.854325][    C1]  ret_from_fork_asm+0x1a/0x30
[  852.859165][    C1]  </TASK>
[  852.862180][    C1] rcu: Stack dump where RCU GP kthread last ran:
[  852.868501][    C1] Sending NMI from CPU 1 to CPUs 0:
[  852.873732][    C0] NMI backtrace for cpu 0
[  852.873760][    C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  852.873813][    C0] Tainted: [L]=SOFTLOCKUP
[  852.873827][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  852.873850][    C0] RIP: 0010:pv_native_safe_halt+0xf/0x20
[  852.873896][    C0] Code: d6 88 02 e9 ae 88 78 f5 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d a3 c0 13 00 fb f4 <e9> 87 88 78 f5 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90
[  852.873935][    C0] RSP: 0018:ffffffff8e407e00 EFLAGS: 00000242
[  852.873963][    C0] RAX: 0000000001b9433b RBX: ffffffff8e4955c0 RCX: ffffffff8b97d045
[  852.873989][    C0] RDX: 0000000000000000 RSI: ffffffff8df54166 RDI: ffffffff8c1c1280
[  852.874014][    C0] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffed10170867b5
[  852.874039][    C0] R10: ffff8880b8433dab R11: 0000000000000000 R12: 0000000000000000
[  852.874063][    C0] R13: fffffbfff1c92ab8 R14: 0000000000000000 R15: ffffffff90dc1450
[  852.874093][    C0] FS:  0000000000000000(0000) GS:ffff8881242e8000(0000) knlGS:0000000000000000
[  852.874128][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  852.874154][    C0] CR2: 00007f82ab683ff8 CR3: 000000002a749000 CR4: 0000000000350ef0
[  852.874180][    C0] Call Trace:
[  852.874195][    C0]  <TASK>
[  852.874208][    C0]  default_idle+0x9/0x10
[  852.874255][    C0]  default_idle_call+0x6c/0xb0
[  852.874302][    C0]  do_idle+0x464/0x590
[  852.874380][    C0]  ? __pfx_do_idle+0x10/0x10
[  852.874446][    C0]  cpu_startup_entry+0x4f/0x60
[  852.874506][    C0]  rest_init+0x251/0x260
[  852.874557][    C0]  ? __pfx_x86_late_time_init+0x10/0x10
[  852.874599][    C0]  start_kernel+0x484/0x490
[  852.874663][    C0]  x86_64_start_reservations+0x24/0x30
[  852.874710][    C0]  x86_64_start_kernel+0x12b/0x130
[  852.874752][    C0]  common_startup_64+0x13e/0x148
[  852.874821][    C0]  </TASK>
[ 1003.983088][    C0] BUG: workqueue lockup - pool cpus=0 node=0 flags=0x0 nice=0 stuck for 256s!
[ 1003.996569][    C0] BUG: workqueue lockup - pool cpus=1 node=0 flags=0x0 nice=0 stuck for 149s!
[ 1004.005851][    C0] BUG: workqueue lockup - pool cpus=1 node=0 flags=0x0 nice=-20 stuck for 143s!
[ 1004.015153][    C0] Showing busy workqueues and worker pools:
[ 1004.025458][    C0] workqueue events: flags=0x100
[ 1004.030558][    C0]   pwq 2: cpus=0 node=0 flags=0x0 nice=0 active=16 refcnt=17
[ 1004.030661][    C0]     pending: 7*nsim_dev_hwstats_traffic_work, vmstat_shepherd, psi_avgs_work, 4*ovs_dp_masks_rebalance, psi_avgs_work, 2*rht_deferred_worker
[ 1004.031022][    C0]   pwq 6: cpus=1 node=0 flags=0x0 nice=0 active=11 refcnt=12
[ 1004.031103][    C0]     in-flight: 5971:switchdev_deferred_process_work for 150s
[ 1004.031222][    C0]     pending: psi_avgs_work, 2*nsim_dev_hwstats_traffic_work, 2*psi_avgs_work, 3*ovs_dp_masks_rebalance, switchdev_deferred_process_work, rht_deferred_worker
[ 1004.031579][    C0] workqueue events_long: flags=0x100
[ 1004.090930][    C0]   pwq 2: cpus=0 node=0 flags=0x0 nice=0 active=7 refcnt=8
[ 1004.091038][    C0]     pending: 3*defense_work_handler, br_multicast_gc_work, 2*br_fdb_cleanup, br_multicast_gc_work
[ 1004.091350][    C0]   pwq 6: cpus=1 node=0 flags=0x0 nice=0 active=8 refcnt=9
[ 1004.091441][    C0]     pending: 4*defense_work_handler, 2*br_fdb_cleanup, br_multicast_gc_work, br_fdb_cleanup
[ 1004.091735][    C0] workqueue events_unbound: flags=0x2
[ 1004.133852][    C0]   pwq 8: cpus=0-1 flags=0x4 nice=0 active=5 refcnt=6
[ 1004.133938][    C0]     pending: idle_cull_fn, 2*cfg80211_wiphy_work, macvlan_process_broadcast, idle_cull_fn
[ 1004.134198][    C0]   pwq 8: cpus=0-1 flags=0x4 nice=0 active=20 refcnt=21
[ 1004.134270][    C0]     in-flight: 36:nsim_dev_trap_report_work for 151s ,6988:nsim_dev_trap_report_work for 256s ,6244:idle_cull_fn for 150s
[ 1004.134543][    C0]     pending: nsim_dev_trap_report_work, cfg80211_wiphy_work, 6*nsim_dev_trap_report_work, toggle_allocation_gate, cfg80211_wiphy_work, idle_cull_fn, flush_memcg_stats_dwork, idle_cull_fn, 2*cfg80211_wiphy_work, crng_reseed, idle_cull_fn
[ 1004.135279][    C0] workqueue events_power_efficient: flags=0x180
[ 1004.202066][    C0]   pwq 2: cpus=0 node=0 flags=0x0 nice=0 active=8 refcnt=9
[ 1004.202161][    C0]     pending: hash_ip6_gc, hash_mac4_gc, gc_worker, 5*check_lifetime
[ 1004.202401][    C0]   pwq 6: cpus=1 node=0 flags=0x0 nice=0 active=10 refcnt=11
[ 1004.202493][    C0]     pending: 2*nf_flow_offload_work_gc, wg_ratelimiter_gc_entries, 2*neigh_managed_work, 2*neigh_periodic_work, 2*check_lifetime, do_cache_clean
[ 1004.244474][    C0] workqueue mm_percpu_wq: flags=0x108
[ 1004.249982][    C0]   pwq 2: cpus=0 node=0 flags=0x0 nice=0 active=1 refcnt=2
[ 1004.250080][    C0]     pending: vmstat_update
[ 1004.250184][    C0]   pwq 6: cpus=1 node=0 flags=0x0 nice=0 active=1 refcnt=2
[ 1004.250270][    C0]     pending: vmstat_update
[ 1004.250368][    C0] workqueue writeback: flags=0x4a
[ 1004.279774][    C0]   pwq 8: cpus=0-1 flags=0x4 nice=0 active=1 refcnt=2
[ 1004.279863][    C0]     pending: wb_update_bandwidth_workfn
[ 1004.280026][    C0] workqueue kblockd: flags=0x18
[ 1004.297942][    C0]   pwq 7: cpus=1 node=0 flags=0x0 nice=-20 active=1 refcnt=2
[ 1004.298051][    C0]     pending: blk_mq_timeout_work
[ 1004.298293][    C0] workqueue ipv6_addrconf: flags=0x6000a
[ 1004.317041][    C0]   pwq 8: cpus=0-1 flags=0x4 nice=0 active=1 refcnt=15
[ 1004.317126][    C0]     in-flight: 6987:addrconf_dad_work for 257s
[ 1004.317258][    C0]     inactive: 4*addrconf_dad_work, 7*addrconf_verify_work
[ 1004.317440][    C0] workqueue krxrpcd: flags=0x2001a
[ 1004.343794][    C0]   pwq 9: cpus=0-1 node=0 flags=0x4 nice=-20 active=1 refcnt=10
[ 1004.343890][    C0]     pending: rxrpc_peer_keepalive_worker
[ 1004.343953][    C0]     inactive: 6*rxrpc_peer_keepalive_worker
[ 1004.344066][    C0] workqueue bat_events: flags=0x6000a
[ 1004.369594][    C0]   pwq 8: cpus=0-1 flags=0x4 nice=0 active=1 refcnt=49
[ 1004.369684][    C0]     pending: batadv_mcast_mla_update
[ 1004.369761][    C0]     inactive: 5*batadv_mcast_mla_update, 4*batadv_purge_orig, 10*batadv_iv_send_outstanding_bat_ogm_packet, 2*batadv_purge_orig, 2*batadv_bla_periodic_work, batadv_dat_purge, 6*batadv_iv_send_outstanding_bat_ogm_packet, batadv_tt_purge, 2*batadv_bla_periodic_work, 5*batadv_dat_purge, 2*batadv_bla_periodic_work, 5*batadv_tt_purge
[ 1004.370357][    C0] workqueue wg-kex-wg0: flags=0x6
[ 1004.419332][    C0]   pwq 8: cpus=0-1 flags=0x4 nice=0 active=4 refcnt=5
[ 1004.419424][    C0]     pending: wg_queued_expired_zero_key_material, 2*wg_packet_handshake_send_worker, wg_queued_expired_zero_key_material
[ 1004.419683][    C0] workqueue wg-kex-wg0: flags=0x6
[ 1004.444735][    C0]   pwq 8: cpus=0-1 flags=0x4 nice=0 active=2 refcnt=3
[ 1004.444836][    C0]     pending: 2*wg_packet_handshake_send_worker
[ 1004.444980][    C0] workqueue wg-kex-wg1: flags=0x6
[ 1004.463466][    C0]   pwq 8: cpus=0-1 flags=0x4 nice=0 active=1 refcnt=2
[ 1004.463543][    C0]     pending: wg_queued_expired_zero_key_material
[ 1004.463632][    C0]   pwq 8: cpus=0-1 flags=0x4 nice=0 active=3 refcnt=4
[ 1004.463701][    C0]     pending: wg_queued_expired_zero_key_material, 2*wg_packet_handshake_send_worker
[ 1004.463892][    C0] workqueue wg-kex-wg2: flags=0x6
[ 1004.499184][    C0]   pwq 8: cpus=0-1 flags=0x4 nice=0 active=1 refcnt=2
[ 1004.499273][    C0]     pending: wg_queued_expired_zero_key_material
[ 1004.499415][    C0]   pwq 8: cpus=0-1 flags=0x4 nice=0 active=3 refcnt=4
[ 1004.499490][    C0]     pending: wg_queued_expired_zero_key_material, 2*wg_packet_handshake_send_worker
[ 1004.499681][    C0] workqueue wg-kex-wg1: flags=0x6
[ 1004.535383][    C0]   pwq 8: cpus=0-1 flags=0x4 nice=0 active=2 refcnt=3
[ 1004.535487][    C0]     pending: 2*wg_packet_handshake_send_worker
[ 1004.535683][    C0] workqueue wg-kex-wg2: flags=0x6
[ 1004.554655][    C0]   pwq 8: cpus=0-1 flags=0x4 nice=0 active=2 refcnt=3
[ 1004.554762][    C0]     pending: 2*wg_packet_handshake_send_worker
[ 1004.554919][    C0] workqueue wg-kex-wg0: flags=0x6
[ 1004.573602][    C0]   pwq 8: cpus=0-1 flags=0x4 nice=0 active=1 refcnt=2
[ 1004.573711][    C0]     pending: wg_queued_expired_zero_key_material
[ 1004.573878][    C0]   pwq 8: cpus=0-1 flags=0x4 nice=0 active=3 refcnt=4
[ 1004.573954][    C0]     pending: 2*wg_packet_handshake_send_worker, wg_queued_expired_zero_key_material
[ 1004.574141][    C0] workqueue wg-kex-wg1: flags=0x6
[ 1004.609635][    C0]   pwq 8: cpus=0-1 flags=0x4 nice=0 active=1 refcnt=2
[ 1004.609745][    C0]     pending: wg_queued_expired_zero_key_material
[ 1004.609884][    C0]   pwq 8: cpus=0-1 flags=0x4 nice=0 active=3 refcnt=4
[ 1004.609957][    C0]     pending: wg_queued_expired_zero_key_material, 2*wg_packet_handshake_send_worker
[ 1004.610149][    C0] workqueue wg-kex-wg2: flags=0x6
[ 1004.645722][    C0]   pwq 8: cpus=0-1 flags=0x4 nice=0 active=1 refcnt=2
[ 1004.645828][    C0]     pending: wg_queued_expired_zero_key_material
[ 1004.645959][    C0]   pwq 8: cpus=0-1 flags=0x4 nice=0 active=3 refcnt=4
[ 1004.646036][    C0]     pending: 2*wg_packet_handshake_send_worker, wg_queued_expired_zero_key_material
[ 1004.646231][    C0] workqueue bond1: flags=0x2000a
[ 1004.681609][    C0]   pwq 8: cpus=0-1 flags=0x4 nice=0 active=1 refcnt=5
[ 1004.681703][    C0]     pending: bond_mii_monitor
[ 1004.681780][    C0]     inactive: bond_3ad_state_machine_handler
[ 1004.681894][    C0] workqueue wg-kex-wg0: flags=0x6
[ 1004.705424][    C0]   pwq 8: cpus=0-1 flags=0x4 nice=0 active=2 refcnt=3
[ 1004.705516][    C0]     pending: 2*wg_packet_handshake_send_worker
[ 1004.705659][    C0] workqueue wg-crypt-wg0: flags=0x128
[ 1004.724628][    C0]   pwq 2: cpus=0 node=0 flags=0x0 nice=0 active=3 refcnt=4
[ 1004.724720][    C0]     pending: wg_packet_encrypt_worker, wg_packet_tx_worker, wg_packet_decrypt_worker
[ 1004.724940][    C0] workqueue wg-kex-wg1: flags=0x6
[ 1004.747374][    C0]   pwq 8: cpus=0-1 flags=0x4 nice=0 active=1 refcnt=2
[ 1004.747453][    C0]     pending: wg_packet_handshake_send_worker
[ 1004.747589][    C0] workqueue wg-crypt-wg1: flags=0x128
[ 1004.766445][    C0]   pwq 2: cpus=0 node=0 flags=0x0 nice=0 active=2 refcnt=3
[ 1004.766558][    C0]     pending: wg_packet_encrypt_worker, wg_packet_tx_worker
[ 1004.766744][    C0]   pwq 6: cpus=1 node=0 flags=0x0 nice=0 active=1 refcnt=2
[ 1004.766834][    C0]     pending: wg_packet_encrypt_worker
[ 1004.766955][    C0] workqueue wg-kex-wg2: flags=0x6
[ 1004.800077][    C0]   pwq 8: cpus=0-1 flags=0x4 nice=0 active=2 refcnt=3
[ 1004.800160][    C0]     pending: 2*wg_packet_handshake_send_worker
[ 1004.800307][    C0] workqueue wg-crypt-wg2: flags=0x128
[ 1004.819275][    C0]   pwq 2: cpus=0 node=0 flags=0x0 nice=0 active=2 refcnt=3
[ 1004.819374][    C0]     pending: wg_packet_encrypt_worker, wg_packet_tx_worker
[ 1004.819563][    C0]   pwq 6: cpus=1 node=0 flags=0x0 nice=0 active=1 refcnt=2
[ 1004.819650][    C0]     pending: wg_packet_encrypt_worker
[ 1004.819771][    C0] workqueue bond1: flags=0x2000a
[ 1004.852778][    C0]   pwq 8: cpus=0-1 flags=0x4 nice=0 active=1 refcnt=5
[ 1004.852865][    C0]     pending: bond_alb_monitor
[ 1004.852947][    C0]     inactive: bond_mii_monitor
[ 1004.853035][    C0] workqueue hci2: flags=0x20012
[ 1004.874979][    C0]   pwq 9: cpus=0-1 node=0 flags=0x4 nice=-20 active=1 refcnt=4
[ 1004.875071][    C0]     pending: hci_conn_timeout
[ 1004.875186][    C0] workqueue hci5: flags=0x20012
[ 1004.892933][    C0]   pwq 9: cpus=0-1 node=0 flags=0x4 nice=-20 active=1 refcnt=4
[ 1004.893018][    C0]     pending: hci_conn_timeout
[ 1004.893199][    C0] pool 6: cpus=1 node=0 flags=0x0 nice=0 hung=150s workers=7 idle: 29 24 5927 11389 5972 5934
[ 1004.893439][    C0] pool 8: cpus=0-1 flags=0x4 nice=0 hung=151s workers=15 idle: 134 12 66 48 139 3556 1097 6989 6355 11518 6222
[ 1004.893773][    C0] Showing backtraces of busy workers in stalled worker pools:
[ 1004.936318][    C0] pool 6:
[ 1004.936341][    C0] task:kworker/1:6     state:D stack:23752 pid:5971  tgid:5971  ppid:2      task_flags:0x4208060 flags:0x00080000
[ 1004.936507][    C0] Workqueue: events switchdev_deferred_process_work
[ 1004.936585][    C0] Call Trace:
[ 1004.936597][    C0]  <TASK>
[ 1004.936619][    C0]  __schedule+0x10e9/0x6820
[ 1004.936657][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1004.936712][    C0]  ? do_raw_spin_unlock+0x145/0x1e0
[ 1004.936801][    C0]  ? __pfx___schedule+0x10/0x10
[ 1004.936839][    C0]  ? find_held_lock+0x2b/0x80
[ 1004.936906][    C0]  ? schedule+0x2bf/0x390
[ 1004.936941][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1004.937003][    C0]  schedule+0xdd/0x390
[ 1004.937042][    C0]  schedule_preempt_disabled+0x13/0x30
[ 1004.937083][    C0]  __mutex_lock+0xced/0x1b10
[ 1004.937132][    C0]  ? switchdev_deferred_process_work+0xe/0x20
[ 1004.937208][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1004.937259][    C0]  ? __lock_acquire+0x4a5/0x2630
[ 1004.937312][    C0]  ? __pfx___mutex_lock+0x10/0x10
[ 1004.937358][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1004.937409][    C0]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 1004.937481][    C0]  ? debug_object_deactivate+0x2e4/0x3b0
[ 1004.937553][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1004.937608][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1004.937651][    C0]  ? rcu_is_watching+0x12/0xc0
[ 1004.937718][    C0]  ? switchdev_deferred_process_work+0xe/0x20
[ 1004.937782][    C0]  switchdev_deferred_process_work+0xe/0x20
[ 1004.937857][    C0]  process_one_work+0xa0e/0x1980
[ 1004.937931][    C0]  ? __pfx_process_one_work+0x10/0x10
[ 1004.937979][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1004.938047][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1004.938107][    C0]  worker_thread+0x5ef/0xe50
[ 1004.938176][    C0]  ? kthread+0x13a/0x450
[ 1004.938217][    C0]  ? __pfx_worker_thread+0x10/0x10
[ 1004.938265][    C0]  kthread+0x370/0x450
[ 1004.938309][    C0]  ? __pfx_kthread+0x10/0x10
[ 1004.938356][    C0]  ret_from_fork+0x72b/0xd50
[ 1004.938410][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[ 1004.938457][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1004.938515][    C0]  ? rcu_is_watching+0x12/0xc0
[ 1004.938574][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1004.938626][    C0]  ? __switch_to+0x800/0x1100
[ 1004.938685][    C0]  ? __switch_to_asm+0x39/0x70
[ 1004.938741][    C0]  ? __pfx_kthread+0x10/0x10
[ 1004.938788][    C0]  ret_from_fork_asm+0x1a/0x30
[ 1004.938870][    C0]  </TASK>