last executing test programs:

2m37.477627391s ago: executing program 0 (id=647):
openat$tun(0xffffffffffffff9c, 0x0, 0x8000, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x3, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f0000000100)={0x0, 'erspan0\x00', {0x1}, 0x26})
read$FUSE(0xffffffffffffffff, &(0x7f0000009780)={0x2020}, 0x2020)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
gettid()
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$HCIINQUIRY(r3, 0x400448ca, 0x0)
ioctl$sock_bt_hci(r3, 0x400448c9, 0x0)
ioctl$BLKZEROOUT(0xffffffffffffffff, 0x127f, &(0x7f00000000c0)={0x0, 0x80600})
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10)
setsockopt$SO_BINDTODEVICE_wg(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000080)='wg1\x00', 0x4)
sendto$inet(0xffffffffffffffff, &(0x7f0000000040)="e5", 0xffffffe4, 0x0, 0x0, 0x0)

2m36.207826266s ago: executing program 0 (id=641):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0x8, &(0x7f0000000200)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
symlink(&(0x7f0000000040)='.\x00', 0x0)
r1 = socket$igmp(0x2, 0x3, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x200000000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x1, &(0x7f0000000000)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x18)
sendmsg$inet(r1, &(0x7f0000000640)={&(0x7f0000000400)={0x2, 0x4e24, @remote}, 0x10, 0x0, 0x0, &(0x7f00000007c0)=[@ip_retopts={{0x14, 0x0, 0x7, {[@generic={0x44, 0x2}]}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x3}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @private=0xa010101, @dev={0xac, 0x14, 0x14, 0xe}}}}], 0x50}, 0xc014)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000dc0)='net/udp\x00')
readv(r7, &(0x7f0000003140)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9)
r8 = socket(0x10, 0x803, 0x0)
sendmsg$BATADV_CMD_GET_MESH(r8, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x32}}, 0x0)
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=@newlink={0x38, 0x10, 0x439, 0x70bd2c, 0xffffffea, {0x0, 0x0, 0xe403, r9, 0x40083, 0x602a}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @sit={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x8, 0x3, @dev={0xac, 0x14, 0x14, 0xd}}]}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x8000}, 0x4040)
io_setup(0x2, &(0x7f00000000c0))

2m33.858261739s ago: executing program 0 (id=648):
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)=<r1=>0x0)
timer_settime(r1, 0x0, &(0x7f0000000080)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r3 = dup(r2)
bind$bt_l2cap(r3, &(0x7f0000000080)={0x1f, 0x7}, 0xe)
listen(r2, 0x9)
accept4$vsock_stream(r3, 0x0, 0x58, 0x0)
r4 = getpgrp(0x0)
prlimit64(r4, 0x6, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
open(0x0, 0x84242, 0x1df2a23c5997fa5f)
socket(0x26, 0x5, 0x10)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r6, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r6, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r6, 0x6, 0x16, &(0x7f0000000000), 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r6, 0x6, 0x13, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x1000009, 0x31, 0xffffffffffffffff, 0x7c5c7000)
socket$inet6_sctp(0xa, 0x1, 0x84)
ioctl$SNDRV_TIMER_IOCTL_START(0xffffffffffffffff, 0x54a0)
recvfrom$inet(r6, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25)

2m30.221427687s ago: executing program 0 (id=651):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r2=>0x0})
pipe(&(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = socket$inet_udp(0x2, 0x2, 0x0)
close(r5)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f0000000480)={'wlan1\x00', <r10=>0x0})
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r9, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000004c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r11, @ANYBLOB="010000000000000000003700000008000300", @ANYRES32=r10, @ANYBLOB="08002600901500000800570080"], 0x2c}}, 0x80)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r12=>0x0})
sendmsg$NL80211_CMD_FRAME(r6, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000000)=ANY=[@ANYBLOB="98030000", @ANYRES16=r7, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r12, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603"], 0x398}}, 0x0)
write$binfmt_misc(r4, &(0x7f0000000000), 0xfffffecc)
splice(r3, 0x0, r5, 0x0, 0x4ffe6, 0x0)
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0)

2m28.943074022s ago: executing program 0 (id=654):
setsockopt$RXRPC_SECURITY_KEYRING(0xffffffffffffffff, 0x110, 0x2, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
userfaultfd(0x801)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_VENDOR(r2, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_FTM_RESPONDER_STATS(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000000}, 0x8000)
read$FUSE(r0, &(0x7f0000000880)={0x2020, 0x0, 0x0, <r3=>0x0, <r4=>0x0}, 0x2020)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[], &(0x7f00000003c0)=""/192, 0x1e, 0xc0, 0x0, 0x5b, 0x10000, @value=r0}, 0x28)
r5 = syz_open_dev$loop(0x0, 0x81, 0x0)
lchown(&(0x7f00000001c0)='./cgroup.cpu/cgroup.procs\x00', r3, r4)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/partitions\x00', 0x0, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000004900)={0x2020, 0x0, 0x0, <r7=>0x0}, 0xfffffffffffffd7d)
setreuid(0x0, r7)
fchown(r6, 0x0, 0x0)
ioctl$LOOP_CONFIGURE(r5, 0x4c0a, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809a1a93c5240f45f819e01177d3d458dd4992861ac000000150000000000000000000000000000001000", "90be8b1c551265406c7f306003d8a0f4bd00", [0x0, 0xfffffffffffffff8]}})

2m27.742092504s ago: executing program 0 (id=657):
syz_open_dev$video(&(0x7f0000000000), 0x9, 0x40400)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r3, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$tipc2(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000012c0)={&(0x7f0000000000)={0x38, r5, 0x601, 0x0, 0x0, {}, [@TIPC_NLA_LINK={0x24, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x5, 0x4}]}]}]}, 0x38}}, 0x0)
ioctl$sock_TIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000004b80))
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000280)=@x25, 0x80, &(0x7f00000006c0)=[{&(0x7f0000000500)="196f19a7662613528d02b53b682e39e058d78792f971d2bf9c0c4191bdb5c1c525752712755c2e7da17e02448e9d949a0111740358b9e680472279a49304d1b29fcab44b9663c76cfb6c182977b65cd67eefb02cde7f5181ab1dac626c18f382e639988805da22eb4f8738f8dff352c8e3f35d1ad299cb78346848981ebf563b9a249b7cee9a8bb84da8565c37c22757d4671628c00af851a3082e738106ea185cfc305f88ff99f89300d57a0d7b179c667913a91c4deefdbbfc688343922055d20c74", 0xc3}, {&(0x7f0000000600)="8e64de8b169531fe76e3258be3982c9923590731dabea8e8ac6112883c2dc07bccfe45545196451763d64e8be4d52ba56f64b296fe3693c765bbfe2e2f7831bf2deab526ed3a5d9b43", 0x49}, {&(0x7f0000000680)}], 0x3, &(0x7f0000000700)=[{0x68, 0x104, 0xffffffff, "a40a1d361506205a20b564cf072e32a34658ebc77ee8b9c3ffe365d7284e3cb24400b525ab54d1a34a348a6a0aded206009c1871c2fb3745e48eefb785ef3ae94043989836b0dafa0c76ed06e43f25942a79614b83adb83c"}], 0x68}, 0x20000000)
r6 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet_int(r6, 0x0, 0xf, &(0x7f0000000340)=0xfffffffffffffff9, 0x4)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r6, 0x84, 0x64, &(0x7f00000000c0)=[@in6={0xa, 0x4e21, 0xfffffffc, @private2={0xfc, 0x2, '\x00', 0x41}, 0x8}], 0x1c)
statfs(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000140)=""/98)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r6, 0x84, 0x65, &(0x7f0000000000)=[@in={0x2, 0x0, @loopback}], 0x10)
recvmsg$can_raw(0xffffffffffffffff, &(0x7f00000004c0)={0xfffffffffffffffd, 0x0, &(0x7f0000000380)=[{&(0x7f0000000300)=""/62, 0x3e}], 0x1, &(0x7f00000003c0)=""/243, 0xf3}, 0x2003)
mount(&(0x7f0000000180)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='romfs\x00', 0x208090, 0x0)

2m11.559817004s ago: executing program 32 (id=657):
syz_open_dev$video(&(0x7f0000000000), 0x9, 0x40400)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r3, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$tipc2(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000012c0)={&(0x7f0000000000)={0x38, r5, 0x601, 0x0, 0x0, {}, [@TIPC_NLA_LINK={0x24, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x5, 0x4}]}]}]}, 0x38}}, 0x0)
ioctl$sock_TIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000004b80))
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000280)=@x25, 0x80, &(0x7f00000006c0)=[{&(0x7f0000000500)="196f19a7662613528d02b53b682e39e058d78792f971d2bf9c0c4191bdb5c1c525752712755c2e7da17e02448e9d949a0111740358b9e680472279a49304d1b29fcab44b9663c76cfb6c182977b65cd67eefb02cde7f5181ab1dac626c18f382e639988805da22eb4f8738f8dff352c8e3f35d1ad299cb78346848981ebf563b9a249b7cee9a8bb84da8565c37c22757d4671628c00af851a3082e738106ea185cfc305f88ff99f89300d57a0d7b179c667913a91c4deefdbbfc688343922055d20c74", 0xc3}, {&(0x7f0000000600)="8e64de8b169531fe76e3258be3982c9923590731dabea8e8ac6112883c2dc07bccfe45545196451763d64e8be4d52ba56f64b296fe3693c765bbfe2e2f7831bf2deab526ed3a5d9b43", 0x49}, {&(0x7f0000000680)}], 0x3, &(0x7f0000000700)=[{0x68, 0x104, 0xffffffff, "a40a1d361506205a20b564cf072e32a34658ebc77ee8b9c3ffe365d7284e3cb24400b525ab54d1a34a348a6a0aded206009c1871c2fb3745e48eefb785ef3ae94043989836b0dafa0c76ed06e43f25942a79614b83adb83c"}], 0x68}, 0x20000000)
r6 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet_int(r6, 0x0, 0xf, &(0x7f0000000340)=0xfffffffffffffff9, 0x4)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r6, 0x84, 0x64, &(0x7f00000000c0)=[@in6={0xa, 0x4e21, 0xfffffffc, @private2={0xfc, 0x2, '\x00', 0x41}, 0x8}], 0x1c)
statfs(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000140)=""/98)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r6, 0x84, 0x65, &(0x7f0000000000)=[@in={0x2, 0x0, @loopback}], 0x10)
recvmsg$can_raw(0xffffffffffffffff, &(0x7f00000004c0)={0xfffffffffffffffd, 0x0, &(0x7f0000000380)=[{&(0x7f0000000300)=""/62, 0x3e}], 0x1, &(0x7f00000003c0)=""/243, 0xf3}, 0x2003)
mount(&(0x7f0000000180)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='romfs\x00', 0x208090, 0x0)

17.228024693s ago: executing program 1 (id=829):
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000002380)='./file0\x00', 0x80000c, &(0x7f00000001c0)=ANY=[@ANYRES8=0x0, @ANYRESHEX=0x0, @ANYRES16, @ANYRESHEX=0x0, @ANYRES8, @ANYRESHEX=0x0, @ANYBLOB="2c747970653dd2100d1b2c7529643dd4f81c66210bbcbf82440a104ab956f2ba5e36e41ccb1b040fa8b829b0b87078de654c66ac22aebaa2c653ef127e38e0aa2229f9cf6a8503", @ANYRESDEC, @ANYBLOB='\x00\x00\x00\x00\x00', @ANYRESDEC, @ANYRESDEC=0x0], 0x2, 0x6ee, &(0x7f0000032440)="$eJzs3UtoHOcdAPD/rFYrrQqOnPiRlkCWGNJSUVuyUFr1UreUokMoIT30vNhyLLyWg6QU2ZRG6ePeQ049pQfdQg8lvRvac0NKyVXHQCGXnHSqyszO7EMa7a5s2do6v5+YnW/me8w3/3nt7CAmgK+tlbmoPookVube3E6n93YXWxO7i1N5disiahFRiai2R5GsR5Z7Ix/im+nMvHzSafhf/cv5cG357c+/2vuiPVXNh6x80ldvuNrRWTv5EI2ImMjHR00e0+Inhxff197NY9sbVXcN04BdKQIXf3qiVuGJHRyx08n7+N/Z56DqJzlugTGVtK+bR8xGzETEdET7qp+fHSrPtnenb+esOwAAAAAnVT95lRf2Yz+249zT6A4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8r/L3/yf5UCnSjUiK9//X8nmRp9tzx8rwFyF+NtUeP3r6nQEAAAAAAACAp+7V/diP7ThXTB8k2TP/13qe8X8j3ovNWI2NuBrb0Yyt2IqNWIiI2Z6GatvNra2NhaxmxIUBNa/HpyU1rx/fxxunvM4AAAAAAAAAMOaG/Sf+3clOcqdI/DZWus//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgHCQRE+1RNlwo0rNRqUbEdFFuJ+LTiKidbW9PJCmb+ejZ9wMAAACeyHT/ZDI9Qp0X3o/92I5zxfRBkt3zX8rul6fjvViPrViLrWjFatzK76HTu/7K3u5ia2938V46HG33x1+eqOtZi9H+7aF8yS9nJepxO9ayOVfjZiRxkKnkrby8t7uYju+V9+uDtE/Jj3IDejPRk76Vflz+JEv/sf9XhGp79N8TrelJVY7Nmc1yJzsRmc/7ltY4X0SgPBJ9W6dsN6kOXNJCVDq//FwYvKTymH8weJ1nDpUq/eXmTByOxPWodLbQpcGRiPj23z7+5Z3W+t07tzfnxmeVSr0/tMThSCz2ROLycxSJ4eazSFzsTK/Ez+IXMRdfTr0VG7EWv4pmbMVqo8hv5vtz+jk7OFKfzfROvTWsJ+kx2eicv8r61Ii+PkUjfpqlmvFatk3PxVokcT8iVuON7O96LHTOBt0tfHGEo74ywpm2x5XvZKNOmKJ+fNm/jNbkaUnjer4nrr3n3Nksr3dON0ovlkapuNaNfj3qUf1Wnkhb+N3A68OzdjgSCz2ReOm4/aUd0j9nV5PN1vrdjTvNd0dc3uv5OD2O/jBWV4l0bV6M6XzlzmefSXZMzWd5L3WusP3xquVPXNoqR/Iuduq1j9Sfx/241Xekfj+WYimWs9KXstKTR65Yad7lTkv95/A0L/2mVe082On9vnU/Wu3vQwCMt5nvztTq/6n/s/5R/ff1O/U3p38y9YOpV2ox+Y/JH1bnJ16vvJL8NT6K33Tv/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgMe3+eDh3WartbpRnqiUZyWDazVbB8WLxAaU6Usk+atyRiicbD54eDC0wcGJqbx7j1n9NBPFa/iGF24MbKf6RN1Idg5vr+nh26J4y9MIi0iOBDyt/NihK5bcnTM5BpvycKJxeg0WO2xP1sn33nrZ9pqIiLLCQ04cE6dx9gHO0rWte+9e23zw8Htr95rvrL6zuj65tLQ8v7z0xuK122ut1fn2Z0+F6hl2FjhVvV8nOmoR8erwugNe1AoAAAAAAAAAAAA8Rc/ifyHOeh0BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/28rc1F9FEkszF+dT6f3dhdb6VCkuyWrEVGJiOTXEcnfI25Ee4jZnuaS45bz4dry259/tfdFt61qUb4SsXNsvdHs5EM0ImIiH59WezeHt1frJqdKspNOZNKAXSkCB2ftfwEAAP//jLTthw==")
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = landlock_create_ruleset(&(0x7f0000000140)={0x8b28, 0x3}, 0x18, 0x0)
landlock_restrict_self(r1, 0x1)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
openat$hwrng(0xffffffffffffff9c, 0x0, 0x1, 0x0)
syz_mount_image$hfs(&(0x7f0000000180), &(0x7f0000000100)='./file1\x00', 0x2000040, &(0x7f0000000000)={[{@codepage={'codepage', 0x3d, 'cp949'}}, {@uid}, {@iocharset={'iocharset', 0x3d, 'cp936'}}]}, 0x1, 0x302, &(0x7f00000008c0)="$eJzs3c9qE0EcB/DvTDZt+oe6thXBi6Va0Eux6qF4iUiu3j2J2qQQXCq2FdSLrXgUH8C7r+DFN/Ci+AJ6EgQfoLeR+e1sskl2J6Yk2bT9fiDpZnZm9zfsbHZ+C82CiM6se7Wfn279ti8FlFACcAfQACpAAOACLlZe7Ow396NG3behkrSwL4W4peqps7XTyGpq20kLJ7SfAsyny9JU75bpmIwxd38VHQQVTs7+DBqYduehrK+MOa5ROQAuFx3DuKUPsDrCEV5iocBwiIhoArjrv3aXiXkpUtAaWHOX/VN1/T8qOoDhuh31FBlvg9T1X2Z3Rtnje05WtfM9SbTsep1kif0CseOj3FU2hXhkdUwwVb+sUmLRM9vNAOtbh6hrvEXVSVVblvd6PHQTfaJdzchNPfK3Vsb92bg3MqPsloS03Ywa03YhFX8SwdJge/T44l/9x/1VX9V39VCF+Ih6a/4XGGUPkxypsOtI6bKN/0b+luekla0F17Fqtao7qpyXnVxye3D69LKSnZGkt5ncIDhoReCLU/a9iM7bCnHvNvq0WspqFbY+5bRa7mhVciNhfetZ5L2VMhpJF9UH9UCt4i8+o5aa/2sb3xpSZ6bvq15JTTcy4v5MZdcMpGbYc+Vony4rrQic6YH7RkDe3bIc7/EEm1jYe/X6aSmKGrt24XHGwvP5XeVKyu+AzDpDXgiize5VJXha4aBdYqw3xvzvvswou3N9qBu03x+7G4hL7OmTVdmeZa0SPdLDdIYXat/gG5CTtXCYHhJdC8YAOatG9j1FE2RPJQddPgaYKToiGjM771Jx/iczeTerkwTFvoWeebo/yUTHFjdaGVznVHBR3mcHyuDm8jM4t0fVjBo3c3JGybmuXAOupgoVvHsMXZynhKrhBx7x/j8RERERERERERERERERERERERER0Ukzjn9CKLqPREREREREREREREREREREREREREREREQn3bGe/5v1G/Hy/N9wwOf/xk+Kkp8DX2mX9nv+LxENx78AAAD//1Lod7w=")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x40001e0, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r5, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
bind$inet(r5, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$NL80211_CMD_JOIN_MESH(r5, &(0x7f00000001c0)={0x0, 0x3d, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[], 0x1a000}}, 0x0)
mount$nfs(&(0x7f00000001c0)='\xb2\x83\x87J9I\xc3i\xe4\x81\xc5:\xccLD\x9d\xd8\xc7\x90v\x8b\x82\x90\xa4\xdd\x98\xb8\rQh#\xfacl\x01\x8cC\x1f|\xa5\xcb\x8f\xe5WJ\x00>\xf2\xd6\t\xf4IE\xcb\x15A\xb5\xbbG\xa0\xea\xc4\x03\xf2\xf5\xf4\xa1\x98', &(0x7f0000000240)='./file0\x00', 0x0, 0x201008, 0x0)
open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)

16.139532411s ago: executing program 1 (id=830):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x94)
openat$tun(0xffffffffffffff9c, 0x0, 0x8000, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], 0x0, 0x3, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f0000000100)={0x0, 'erspan0\x00', {0x1}, 0x26})
read$FUSE(0xffffffffffffffff, &(0x7f0000009780)={0x2020}, 0x2020)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
gettid()
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$HCIINQUIRY(r3, 0x400448ca, 0x0)
ioctl$sock_bt_hci(r3, 0x400448c9, 0x0)
ioctl$BLKZEROOUT(0xffffffffffffffff, 0x127f, &(0x7f00000000c0)={0x0, 0x80600})
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10)
setsockopt$SO_BINDTODEVICE_wg(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000080)='wg1\x00', 0x4)
sendto$inet(0xffffffffffffffff, &(0x7f0000000040)="e5", 0xffffffe4, 0x0, 0x0, 0x0)

15.596521921s ago: executing program 2 (id=832):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000280)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
mmap(&(0x7f0000ffa000/0x2000)=nil, 0x2000, 0xb578bff18fac7e8, 0x8010, r0, 0x951fa000)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
getpid()
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = syz_io_uring_setup(0xbdc, &(0x7f0000001400)={0x0, 0xfe47, 0x400, 0x1, 0x226}, &(0x7f00000006c0)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_OPENAT={0x12, 0x59, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000000c0)='./file0\x00', 0x70, 0x312040, 0x12345})
io_uring_enter(r3, 0x847ba, 0x0, 0xe, 0x0, 0x0)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r1, &(0x7f0000000000)="17", 0xfffffffffffffd9b, 0x10048085, 0x0, 0xffffffffffffff95)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, &(0x7f0000001380)=""/4080, 0xfffffffffffffdcc, 0x0, 0x0, 0xffffffffffffff29}, &(0x7f0000000000)=0x40)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)

13.866529842s ago: executing program 1 (id=833):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0x8, &(0x7f0000000200)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0ff5b14104fe62cc60e413905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf2364149215108333719acd97cfa107d40224edc5465a93df8513a32ec450bebc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe511195418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4929330142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da8c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000dd11e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15f2a169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f000010000000000000905ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400bee3dfc8fb24f67c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341b74abaa7c95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb232bbdb9dc33cbd7643866fde41f94290c2a5ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595270fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f76dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d2e959efc71f665c4d75cf2458e3322c9062ece84c99a061997a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99f0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d164118e4cbe02400000000ff0700000000cc9d8046c216c1f895778cb25122a2a998de44aeadea2a40da8daccf080842a4867217373934bbd42dcb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcd62981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba495aea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b60000000000001700d6d5210d7560eb92d6a97a27602b81f76386f1535b1fad6ec9a31137abf9a404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294059323e7a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd704e4214de5946932d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1fc8df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1785eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba891cea599b079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be2f5656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fd78f9743af932cd6db49a47613808bad959719c0000000000378a921c7f7f6933c2e24c7e800003c9e8"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
symlink(&(0x7f0000000040)='.\x00', 0x0)
r1 = socket$igmp(0x2, 0x3, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x200000000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x1, &(0x7f0000000000)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x18)
sendmsg$inet(r1, &(0x7f0000000640)={&(0x7f0000000400)={0x2, 0x4e24, @remote}, 0x10, 0x0, 0x0, &(0x7f00000007c0)=[@ip_retopts={{0x14, 0x0, 0x7, {[@generic={0x44, 0x2}]}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x3}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @private=0xa010101, @dev={0xac, 0x14, 0x14, 0xe}}}}], 0x50}, 0xc014)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000dc0)='net/udp\x00')
readv(r7, &(0x7f0000003140)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9)
r8 = socket(0x10, 0x803, 0x0)
sendmsg$BATADV_CMD_GET_MESH(r8, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x32}}, 0x0)
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=@newlink={0x38, 0x10, 0x439, 0x70bd2c, 0xffffffea, {0x0, 0x0, 0xe403, r9, 0x40083, 0x602a}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @sit={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x8, 0x3, @dev={0xac, 0x14, 0x14, 0xd}}]}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x8000}, 0x4040)
io_setup(0x2, &(0x7f00000000c0))

13.256028773s ago: executing program 2 (id=834):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e21, @multicast1}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='nv\x00', 0x3)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0x8, 0x2001, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000004a40)={&(0x7f0000004880)=ANY=[@ANYBLOB], 0x0, 0x38, 0x0, 0x1, 0x9}, 0x28)
socket$l2tp(0x2, 0x2, 0x73)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
getsockopt$inet6_IPV6_IPSEC_POLICY(r2, 0x29, 0x22, &(0x7f0000000300)={{{@in6=@remote, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0}}, {{@in=@remote}, 0x0, @in6=@initdev}}, &(0x7f0000000400)=0xe8)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="340000001900020028bd7000fedbdf2502001081fc07c80b0030000008000700ffffffff08000500ffffffff08001900", @ANYRES32=r5, @ANYBLOB="75c6493d4337690a642217e9991537"], 0x34}, 0x1, 0x0, 0x0, 0x24000804}, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r6, 0x107, 0x14, &(0x7f0000000080)=0xfff, 0x4)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r7=>0xffffffffffffffff})
getpeername$packet(r7, &(0x7f0000000000)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmmsg(r6, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0x0, r8}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x36}], 0x1}}], 0x1, 0x0)

11.758394586s ago: executing program 1 (id=835):
socket$inet_smc(0x2b, 0x1, 0x0)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYRES32=r0, @ANYBLOB="0000558b68aac2ad00b7000000000000009500000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_emit_ethernet(0x46, &(0x7f00000008c0)=ANY=[], 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000680)={'wlan0\x00'})
sendmsg$NL80211_CMD_FRAME(r1, 0x0, 0x10)
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x3c}, 0x1, 0x0, 0x0, 0x4008800}, 0x8000)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'veth1\x00'})
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYBLOB="46060900000000001c00128009000100766c616e000000000c00028006000100040000", @ANYBLOB, @ANYRES32=r5], 0x4c}, 0x1, 0x0, 0x0, 0x600}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x5)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r7 = syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0)
read$msr(r7, &(0x7f0000019680)=""/102392, 0x18ff8)
open(&(0x7f0000000080)='./bus\x00', 0x143142, 0x0)
mount(&(0x7f0000000100), &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x0, &(0x7f0000000300)='trans=rdma,')
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x3a, [0x8000, 0xc95a, 0xf, 0x8, 0x7fffffff, 0x2, 0x7, 0x7f, 0x20000006, 0x4d, 0x6, 0x5f, 0x9, 0x5, 0xffff2d37, 0xffffff01, 0x7, 0x3, 0x0, 0x5, 0x24, 0x1, 0x7, 0x3c5b, 0x1, 0x24, 0x6, 0x8000, 0x5, 0xffffffff, 0xe661, 0x4, 0x7, 0x89d2, 0x8, 0x4c74, 0x80000000, 0x40000, 0x3, 0xe, 0x0, 0x80008071, 0x7, 0x17, 0xd, 0x407, 0x5, 0x3e, 0x8f, 0x4006, 0x6, 0x80000000, 0x0, 0x4, 0x8, 0x400, 0x80, 0x0, 0x4, 0x7, 0x8, 0x4, 0xfffffffe, 0x40], [0x10000007, 0xf0000000, 0x8000012f, 0x8004, 0x5, 0x6, 0x129432e6, 0x2, 0xf9, 0xe, 0x2bf, 0x6c7, 0x9, 0xfffffffc, 0x3, 0x0, 0x0, 0x5, 0x2f, 0x10, 0x312, 0xd, 0xea4, 0xffffffff, 0x4, 0x7, 0x7fff, 0x5a7c, 0x420, 0x401, 0x6, 0x0, 0xff, 0x1, 0x1000005, 0x5f31, 0xd, 0x4e0, 0x2, 0x4, 0xb, 0x4, 0x2e, 0x8, 0x9, 0x9, 0x47, 0x8000, 0x1, 0xfe000000, 0xffff, 0xfffffffe, 0x7, 0x9, 0x5, 0x4, 0x8, 0x1, 0x3, 0x6c0, 0xbc45, 0x48c93690, 0x42, 0x3], [0x7, 0x408, 0x8004, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x9, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x10000, 0x3, 0x5, 0x3e7, 0xb, 0x5, 0x2, 0x2, 0x3, 0x20000008, 0x4, 0x6d01, 0x6, 0x1, 0x800003, 0x200, 0x7e, 0x7, 0x4, 0x2950bfaf, 0xffe, 0xa2, 0x7, 0xa9, 0x5, 0x9, 0xac8, 0x2000bf, 0x2, 0x3, 0x7ff, 0x12b, 0x4, 0x1, 0x0, 0x0, 0x5, 0x1c, 0x120000, 0x3, 0x2004, 0x80a2ed, 0x4, 0x25], [0x9, 0xbb33, 0x7, 0xb, 0x5, 0x938, 0x6, 0x6, 0x0, 0xb9, 0xce7, 0x9, 0x2, 0x57, 0x5, 0x3, 0x101, 0x10000, 0x4, 0x7fff, 0xffff, 0x2000a620, 0x2, 0x5, 0x1, 0x2, 0x5, 0xe7, 0x6, 0x16, 0xfffffffe, 0x80000003, 0x6, 0x4, 0xc8, 0x9, 0xfffff000, 0x10000, 0x3, 0x7e, 0xfd, 0x9602, 0x7, 0xaf, 0x8, 0x6, 0xffffffff, 0x5, 0x5, 0x8, 0x30b1d693, 0x5, 0xf40, 0x7, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1e, 0xd7, 0x200, 0xffff3441, 0xfff]}, 0x45c)
syz_open_dev$vim2m(&(0x7f00000001c0), 0x7fffffff, 0x2)

11.113074859s ago: executing program 3 (id=836):
setsockopt$RXRPC_SECURITY_KEYRING(0xffffffffffffffff, 0x110, 0x2, 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
userfaultfd(0x801)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_VENDOR(r1, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_FTM_RESPONDER_STATS(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000000}, 0x8000)
read$FUSE(0xffffffffffffffff, &(0x7f0000000880)={0x2020, 0x0, 0x0, <r2=>0x0, <r3=>0x0, <r4=>0x0}, 0x2020)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[], &(0x7f00000003c0)=""/192, 0x1e, 0xc0, 0x0, 0x5b, 0x10000}, 0x28)
r5 = syz_open_dev$loop(0x0, 0x81, 0x0)
lchown(&(0x7f00000001c0)='./cgroup.cpu/cgroup.procs\x00', r2, r3)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/partitions\x00', 0x0, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000004900)={0x2020, 0x0, 0x0, <r7=>0x0}, 0xfffffffffffffd7d)
setreuid(0x0, r7)
fchown(r6, 0x0, 0x0)
ioctl$LOOP_CONFIGURE(r5, 0x4c0a, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809a1a93c5240f45f819e01177d3d458dd4992861ac000000150000000000000000000000000000001000", "90be8b1c551265406c7f306003d8a0f4bd00", [0x0, 0xfffffffffffffff8]}})
setpriority(0x2, r4, 0x7)

11.110000399s ago: executing program 4 (id=837):
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0x18, &(0x7f0000000300)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007b000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb702000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$inet_udp(0x2, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000680)=ANY=[@ANYBLOB="9feb01001800000000000000180000001800000004000000020000000000000f"], 0x0, 0x34}, 0x28)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
pipe2$9p(&(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r4, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff0180000008003950323030302e"], 0x15)
r5 = dup(r4)
write$FUSE_BMAP(r5, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r5, &(0x7f0000000000)=ANY=[@ANYBLOB="38010000fe0000"], 0x138)
mount$9p_fd(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYRESHEX=r4])
lstat(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240))
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000500)=ANY=[@ANYRESDEC=r1], 0x7c}}, 0x80)
sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001d40)=ANY=[@ANYBLOB="140000001000010000000200000000000500000a14000000140a030000000000000000000300000920000000080a01040000000000000000020000030900010073797a3000000000140000001100010000000000000000000000000a"], 0x5c}, 0x1, 0x0, 0x0, 0x44}, 0x0)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x1f, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="180200000000000000000000ffffffff851000000100000095000000000000001800000020646c2500000000002020207b1af8ff00000000bda100000000000007010000f8bcd5ffb702000008000000b70300000000000085000000b500000095"], &(0x7f0000000200)='syzkaller\x00', 0x9dda, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, r1}, 0x94)
r7 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000100), 0x200a00, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r7, 0x84, 0x64, &(0x7f0000000600)=[@in6={0xa, 0x4e20, 0xc, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x3}, @in={0x2, 0x4e20, @multicast1}, @in={0x2, 0x4e20, @multicast2}], 0x3c)
setsockopt$ALG_SET_KEY(r6, 0x117, 0x1, &(0x7f0000000140), 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000080)='./binderfs/custom1\x00', 0x800, 0x0)

11.08213061s ago: executing program 2 (id=838):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0x8, &(0x7f0000000200)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0ff5b14104fe62cc60e413905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf2364149215108333719acd97cfa107d40224edc5465a93df8513a32ec450bebc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe511195418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4929330142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da8c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000dd11e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15f2a169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f000010000000000000905ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400bee3dfc8fb24f67c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341b74abaa7c95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb232bbdb9dc33cbd7643866fde41f94290c2a5ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595270fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f76dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d2e959efc71f665c4d75cf2458e3322c9062ece84c99a061997a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99f0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d164118e4cbe02400000000ff0700000000cc9d8046c216c1f895778cb25122a2a998de44aeadea2a40da8daccf080842a4867217373934bbd42dcb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcd62981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba495aea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b60000000000001700d6d5210d7560eb92d6a97a27602b81f76386f1535b1fad6ec9a31137abf9a404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294059323e7a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd704e4214de5946932d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1fc8df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1785eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba891cea599b079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be2f5656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fd78f9743af932cd6db49a47613808bad959719c0000000000378a921c7f7f6933c2e24c7e800003c9e8095e02985f28de0bbc76d58dd92606b1ef6486c85fa3e678f66422436f949e2ab8f162d7"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
symlink(&(0x7f0000000040)='.\x00', 0x0)
r1 = socket$igmp(0x2, 0x3, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x200000000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x1, &(0x7f0000000000)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x18)
sendmsg$inet(r1, &(0x7f0000000640)={&(0x7f0000000400)={0x2, 0x4e24, @remote}, 0x10, 0x0, 0x0, &(0x7f00000007c0)=[@ip_retopts={{0x14, 0x0, 0x7, {[@generic={0x44, 0x2}]}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x3}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @private=0xa010101, @dev={0xac, 0x14, 0x14, 0xe}}}}], 0x50}, 0xc014)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000dc0)='net/udp\x00')
readv(r7, &(0x7f0000003140)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9)
r8 = socket(0x10, 0x803, 0x0)
sendmsg$BATADV_CMD_GET_MESH(r8, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x32}}, 0x0)
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=@newlink={0x38, 0x10, 0x439, 0x70bd2c, 0xffffffea, {0x0, 0x0, 0xe403, r9, 0x40083, 0x602a}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @sit={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x8, 0x3, @dev={0xac, 0x14, 0x14, 0xd}}]}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x8000}, 0x4040)
io_setup(0x2, &(0x7f00000000c0))

10.197372961s ago: executing program 1 (id=839):
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000002380)='./file0\x00', 0x80000c, &(0x7f00000001c0)=ANY=[@ANYRES8=0x0, @ANYRESHEX=0x0, @ANYRES16, @ANYRESHEX=0x0, @ANYRES8, @ANYRESHEX=0x0, @ANYBLOB="2c747970653dd2100d1b2c7529643dd4f81c66210bbcbf82440a104ab956f2ba5e36e41ccb1b040fa8b829b0b87078de654c66ac22aebaa2c653ef127e38e0aa2229f9cf6a8503", @ANYRESDEC, @ANYBLOB='\x00\x00\x00\x00\x00', @ANYRESDEC, @ANYRESDEC=0x0], 0x2, 0x6ee, &(0x7f0000032440)="$eJzs3UtoHOcdAPD/rFYrrQqOnPiRlkCWGNJSUVuyUFr1UreUokMoIT30vNhyLLyWg6QU2ZRG6ePeQ049pQfdQg8lvRvac0NKyVXHQCGXnHSqyszO7EMa7a5s2do6v5+YnW/me8w3/3nt7CAmgK+tlbmoPookVube3E6n93YXWxO7i1N5disiahFRiai2R5GsR5Z7Ix/im+nMvHzSafhf/cv5cG357c+/2vuiPVXNh6x80ldvuNrRWTv5EI2ImMjHR00e0+Inhxff197NY9sbVXcN04BdKQIXf3qiVuGJHRyx08n7+N/Z56DqJzlugTGVtK+bR8xGzETEdET7qp+fHSrPtnenb+esOwAAAAAnVT95lRf2Yz+249zT6A4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8r/L3/yf5UCnSjUiK9//X8nmRp9tzx8rwFyF+NtUeP3r6nQEAAAAAAACAp+7V/diP7ThXTB8k2TP/13qe8X8j3ovNWI2NuBrb0Yyt2IqNWIiI2Z6GatvNra2NhaxmxIUBNa/HpyU1rx/fxxunvM4AAAAAAAAAMOaG/Sf+3clOcqdI/DZWus//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgHCQRE+1RNlwo0rNRqUbEdFFuJ+LTiKidbW9PJCmb+ejZ9wMAAACeyHT/ZDI9Qp0X3o/92I5zxfRBkt3zX8rul6fjvViPrViLrWjFatzK76HTu/7K3u5ia2938V46HG33x1+eqOtZi9H+7aF8yS9nJepxO9ayOVfjZiRxkKnkrby8t7uYju+V9+uDtE/Jj3IDejPRk76Vflz+JEv/sf9XhGp79N8TrelJVY7Nmc1yJzsRmc/7ltY4X0SgPBJ9W6dsN6kOXNJCVDq//FwYvKTymH8weJ1nDpUq/eXmTByOxPWodLbQpcGRiPj23z7+5Z3W+t07tzfnxmeVSr0/tMThSCz2ROLycxSJ4eazSFzsTK/Ez+IXMRdfTr0VG7EWv4pmbMVqo8hv5vtz+jk7OFKfzfROvTWsJ+kx2eicv8r61Ii+PkUjfpqlmvFatk3PxVokcT8iVuON7O96LHTOBt0tfHGEo74ywpm2x5XvZKNOmKJ+fNm/jNbkaUnjer4nrr3n3Nksr3dON0ovlkapuNaNfj3qUf1Wnkhb+N3A68OzdjgSCz2ReOm4/aUd0j9nV5PN1vrdjTvNd0dc3uv5OD2O/jBWV4l0bV6M6XzlzmefSXZMzWd5L3WusP3xquVPXNoqR/Iuduq1j9Sfx/241Xekfj+WYimWs9KXstKTR65Yad7lTkv95/A0L/2mVe082On9vnU/Wu3vQwCMt5nvztTq/6n/s/5R/ff1O/U3p38y9YOpV2ox+Y/JH1bnJ16vvJL8NT6K33Tv/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgMe3+eDh3WartbpRnqiUZyWDazVbB8WLxAaU6Usk+atyRiicbD54eDC0wcGJqbx7j1n9NBPFa/iGF24MbKf6RN1Idg5vr+nh26J4y9MIi0iOBDyt/NihK5bcnTM5BpvycKJxeg0WO2xP1sn33nrZ9pqIiLLCQ04cE6dx9gHO0rWte+9e23zw8Htr95rvrL6zuj65tLQ8v7z0xuK122ut1fn2Z0+F6hl2FjhVvV8nOmoR8erwugNe1AoAAAAAAAAAAAA8Rc/ifyHOeh0BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/28rc1F9FEkszF+dT6f3dhdb6VCkuyWrEVGJiOTXEcnfI25Ee4jZnuaS45bz4dry259/tfdFt61qUb4SsXNsvdHs5EM0ImIiH59WezeHt1frJqdKspNOZNKAXSkCB2ftfwEAAP//jLTthw==")
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = landlock_create_ruleset(&(0x7f0000000140)={0x8b28, 0x3}, 0x18, 0x0)
landlock_restrict_self(r1, 0x1)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
openat$hwrng(0xffffffffffffff9c, 0x0, 0x1, 0x0)
syz_mount_image$hfs(&(0x7f0000000180), &(0x7f0000000100)='./file1\x00', 0x2000040, &(0x7f0000000000)={[{@codepage={'codepage', 0x3d, 'cp949'}}, {@uid}, {@iocharset={'iocharset', 0x3d, 'cp936'}}]}, 0x1, 0x302, &(0x7f00000008c0)="$eJzs3c9qE0EcB/DvTDZt+oe6thXBi6Va0Eux6qF4iUiu3j2J2qQQXCq2FdSLrXgUH8C7r+DFN/Ci+AJ6EgQfoLeR+e1sskl2J6Yk2bT9fiDpZnZm9zfsbHZ+C82CiM6se7Wfn279ti8FlFACcAfQACpAAOACLlZe7Ow396NG3behkrSwL4W4peqps7XTyGpq20kLJ7SfAsyny9JU75bpmIwxd38VHQQVTs7+DBqYduehrK+MOa5ROQAuFx3DuKUPsDrCEV5iocBwiIhoArjrv3aXiXkpUtAaWHOX/VN1/T8qOoDhuh31FBlvg9T1X2Z3Rtnje05WtfM9SbTsep1kif0CseOj3FU2hXhkdUwwVb+sUmLRM9vNAOtbh6hrvEXVSVVblvd6PHQTfaJdzchNPfK3Vsb92bg3MqPsloS03Ywa03YhFX8SwdJge/T44l/9x/1VX9V39VCF+Ih6a/4XGGUPkxypsOtI6bKN/0b+luekla0F17Fqtao7qpyXnVxye3D69LKSnZGkt5ncIDhoReCLU/a9iM7bCnHvNvq0WspqFbY+5bRa7mhVciNhfetZ5L2VMhpJF9UH9UCt4i8+o5aa/2sb3xpSZ6bvq15JTTcy4v5MZdcMpGbYc+Vony4rrQic6YH7RkDe3bIc7/EEm1jYe/X6aSmKGrt24XHGwvP5XeVKyu+AzDpDXgiize5VJXha4aBdYqw3xvzvvswou3N9qBu03x+7G4hL7OmTVdmeZa0SPdLDdIYXat/gG5CTtXCYHhJdC8YAOatG9j1FE2RPJQddPgaYKToiGjM771Jx/iczeTerkwTFvoWeebo/yUTHFjdaGVznVHBR3mcHyuDm8jM4t0fVjBo3c3JGybmuXAOupgoVvHsMXZynhKrhBx7x/j8RERERERERERERERERERERERER0Ukzjn9CKLqPREREREREREREREREREREREREREREREQn3bGe/5v1G/Hy/N9wwOf/xk+Kkp8DX2mX9nv+LxENx78AAAD//1Lod7w=")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x40001e0, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r5, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
bind$inet(r5, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$NL80211_CMD_JOIN_MESH(r5, &(0x7f00000001c0)={0x0, 0x3d, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[], 0x1a000}}, 0x0)
mount$nfs(&(0x7f00000001c0)='\xb2\x83\x87J9I\xc3i\xe4\x81\xc5:\xccLD\x9d\xd8\xc7\x90v\x8b\x82\x90\xa4\xdd\x98\xb8\rQh#\xfacl\x01\x8cC\x1f|\xa5\xcb\x8f\xe5WJ\x00>\xf2\xd6\t\xf4IE\xcb\x15A\xb5\xbbG\xa0\xea\xc4\x03\xf2\xf5\xf4\xa1\x98', &(0x7f0000000240)='./file0\x00', 0x0, 0x201008, 0x0)
open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)

9.770046596s ago: executing program 2 (id=840):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x94)
openat$tun(0xffffffffffffff9c, 0x0, 0x8000, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], 0x0, 0x3, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f0000000100)={0x0, 'erspan0\x00', {0x1}, 0x26})
read$FUSE(0xffffffffffffffff, &(0x7f0000009780)={0x2020}, 0x2020)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
gettid()
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$HCIINQUIRY(r3, 0x400448ca, 0x0)
ioctl$sock_bt_hci(r3, 0x400448c9, 0x0)
ioctl$BLKZEROOUT(0xffffffffffffffff, 0x127f, &(0x7f00000000c0)={0x0, 0x80600})
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10)
setsockopt$SO_BINDTODEVICE_wg(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000080)='wg1\x00', 0x4)
sendto$inet(0xffffffffffffffff, &(0x7f0000000040)="e5", 0xffffffe4, 0x0, 0x0, 0x0)

9.644482731s ago: executing program 3 (id=841):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x94)
openat$tun(0xffffffffffffff9c, 0x0, 0x8000, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x3, 0x0, 0x0, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f0000000100)={0x0, 'erspan0\x00', {0x1}, 0x26})
read$FUSE(0xffffffffffffffff, &(0x7f0000009780)={0x2020}, 0x2020)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
gettid()
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$HCIINQUIRY(r3, 0x400448ca, 0x0)
ioctl$sock_bt_hci(r3, 0x400448c9, 0x0)
ioctl$BLKZEROOUT(0xffffffffffffffff, 0x127f, &(0x7f00000000c0)={0x0, 0x80600})
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10)
setsockopt$SO_BINDTODEVICE_wg(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000080)='wg1\x00', 0x4)
sendto$inet(0xffffffffffffffff, &(0x7f0000000040)="e5", 0xffffffe4, 0x0, 0x0, 0x0)

7.819520725s ago: executing program 1 (id=842):
openat$uinput(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_io_uring_setup(0x3b, 0x0, 0x0, &(0x7f0000000100))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
ioctl$UI_DEV_SETUP(r3, 0x405c5503, &(0x7f0000000280)={{0x5}, 'syz1\x00', 0x10})
ioctl$UI_DEV_CREATE(r3, 0x5501)
ioctl$UI_DEV_DESTROY(r3, 0x5502)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_sys\x00', 0x275a, 0x0)
r5 = open(&(0x7f00009e1000)='./file0\x00', 0x48062, 0x0)
ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05640, &(0x7f0000000340)={0x9, @pix_mp={0xe9, 0x82, 0x32315659, 0x7, 0x0, [{}, {}, {0x0, 0x9}, {0x0, 0x320}, {0x0, 0x4}, {0x2, 0xfffffff9}, {0x0, 0x8}, {0x5b1, 0x3}], 0x0, 0x5, 0x8, 0x0, 0x6}})
fcntl$setlease(r5, 0x400, 0x0)

7.754968747s ago: executing program 3 (id=843):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x78}}, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xe}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r1, 0x0, 0xd}, 0x18)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB], 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r4 = dup(r3)
write$UHID_INPUT(r4, 0x0, 0x0)
syz_open_procfs(0x0, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0)
r5 = getpgid(0xffffffffffffffff)
syz_open_procfs(r5, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vxcan1\x00', <r6=>0x0})
connect$can_bcm(r0, &(0x7f0000000300)={0x1d, r6}, 0x10)
sendmsg$can_bcm(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000480)=ANY=[@ANYBLOB="05"], 0x48}}, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r8, 0x8933, &(0x7f00000000c0)={'vxcan0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x74, r9}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)
close(r0)

6.727198863s ago: executing program 4 (id=844):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0x8, &(0x7f0000000200)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0ff5b14104fe62cc60e413905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf2364149215108333719acd97cfa107d40224edc5465a93df8513a32ec450bebc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe511195418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4929330142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da8c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000dd11e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15f2a169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f000010000000000000905ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400bee3dfc8fb24f67c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341b74abaa7c95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb232bbdb9dc33cbd7643866fde41f94290c2a5ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595270fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f76dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d2e959efc71f665c4d75cf2458e3322c9062ece84c99a061997a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99f0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d164118e4cbe02400000000ff0700000000cc9d8046c216c1f895778cb25122a2a998de44aeadea2a40da8daccf080842a4867217373934bbd42dcb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcd62981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba495aea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b60000000000001700d6d5210d7560eb92d6a97a27602b81f76386f1535b1fad6ec9a31137abf9a404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294059323e7a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd704e4214de5946932d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1fc8df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1785eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba891cea599b079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be2f5656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fd78f9743af932cd6db49a47613808bad959719c0000000000378a921c7f7f6933c2e24c7e800003c9e8095e02985f28de0bbc76d58dd92606b1ef6486c85fa3e678f66422436f949e2ab8f162d7"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
symlink(&(0x7f0000000040)='.\x00', 0x0)
r1 = socket$igmp(0x2, 0x3, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x200000000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x1, &(0x7f0000000000)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x18)
sendmsg$inet(r1, &(0x7f0000000640)={&(0x7f0000000400)={0x2, 0x4e24, @remote}, 0x10, 0x0, 0x0, &(0x7f00000007c0)=[@ip_retopts={{0x14, 0x0, 0x7, {[@generic={0x44, 0x2}]}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x3}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @private=0xa010101, @dev={0xac, 0x14, 0x14, 0xe}}}}], 0x50}, 0xc014)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000dc0)='net/udp\x00')
readv(r7, &(0x7f0000003140)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9)
r8 = socket(0x10, 0x803, 0x0)
sendmsg$BATADV_CMD_GET_MESH(r8, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x32}}, 0x0)
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=@newlink={0x38, 0x10, 0x439, 0x70bd2c, 0xffffffea, {0x0, 0x0, 0xe403, r9, 0x40083, 0x602a}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @sit={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x8, 0x3, @dev={0xac, 0x14, 0x14, 0xd}}]}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x8000}, 0x4040)
io_setup(0x2, &(0x7f00000000c0))

5.608952343s ago: executing program 3 (id=845):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="44000000020601086c00000000740800010000080500050002000000050001000600000005a0c29c9c0000000900020073797a"], 0x44}, 0x1, 0x40afc, 0x0, 0x8010}, 0x0)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000480), r0)
epoll_create1(0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x200, 0x0)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r5 = dup(r4)
syz_clone3(0x0, 0x0)
ioctl$BINDER_GET_FROZEN_INFO(r2, 0xc00c620f, &(0x7f0000000740))
sendmsg$IEEE802154_LLSEC_DEL_SECLEVEL(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000003c0)={&(0x7f0000000240)={0x24, r1, 0x4, 0x70bd26, 0x25dfdbfe, {}, [@IEEE802154_ATTR_LLSEC_FRAME_TYPE={0x5}, @IEEE802154_ATTR_LLSEC_SECLEVELS={0x5, 0x35, 0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x200400c0}, 0x0)
ioctl$TIOCL_SETSEL(r5, 0x541c, 0x0)
openat$udambuf(0xffffffffffffff9c, &(0x7f0000000440), 0x2)
ioctl$VT_RESIZE(r5, 0x5609, &(0x7f0000000400)={0x4, 0x8, 0x7f})
memfd_create(&(0x7f00000009c0)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdbU\xb1\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\x90i\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14O\xf8\xb5C\x1f\xb6b8b\x06A2@D\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\x05\x00\x00\x00\x00\x00\x00\x00\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00\x88\xd1\x1eQB\x18\xc1-\xc4\x8fK\xf8\xfa\xb6\xf8\v;\xaa\x8fW\xcc\n\x17\x7f\x98\xb7\xcdqV\xd4\xf0)\xfa\x0fG\xc8\xbf\xfd\xe8>K\f\xcd+\xb0\x99Q\xba/\xa8\xb9`k\b\xd1\xcc\xfc\xeaA\"\v=\x83fC\x90%\xa1d\x91\xf8:\x16<\xad\xc2\x18\xdf\x01\xe2\x96\xfcj\xe9\xa4\x065m\x03\x05Np\xda\"\xf1\xb6\xbcP\x8fP\x8d\x89%\xf2\x12T\xd0\xc3\x15W\x9c\x87\x1b\x8c\xc9\xd9\xc6\xad\x96-d\xa2wFB\xcaB\xa5\x15\xf8,\x04\x1c*\xd98\x8bG\x90\x81`\x03\xe0\xde\x9c\x9a\x0f\x1b\x8f\xd2%*&$Wc\xb3\xa6\xc4TK1}2\xb3\xab\xf4\xb7\xb7\x85\apa\xaf\x1c\x10i\xb9\x9f\x06\xff4%\"7f \x0e\xf5Bk\r\xac\"\x13tNx\xc0$\x85\x9f', 0x3)
close(0x3)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x202, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r6 = syz_io_uring_setup(0x111, &(0x7f0000000140)={0x0, 0x9066, 0x0, 0x4000002, 0x180000}, &(0x7f0000000340)=<r7=>0x0, &(0x7f0000000000)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0, 0x0, 0xa, 0x0, {0x1}})
io_uring_enter(r6, 0x3516, 0x0, 0x0, 0x0, 0x0)

5.40101382s ago: executing program 4 (id=846):
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = gettid()
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
socket$packet(0x11, 0x2, 0x300)
capset(&(0x7f0000000200)={0x19980330, r1}, &(0x7f0000000040)={0x200000, 0x200004, 0x0, 0x0, 0x7, 0xa14e})
r2 = socket$netlink(0x10, 0x3, 0x4)
write(r2, &(0x7f0000000040)="2700000014000707030e0200120f0a001100000007dd8378626c5e43c93e7b1e469e0000000000", 0x27)
r3 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000140))
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x3})
readv(r3, &(0x7f0000000480)=[{&(0x7f0000000500)=""/235, 0xeb}], 0x1)
syz_io_uring_setup(0x0, &(0x7f0000000000)={0x0, 0xdb8d, 0x20}, &(0x7f0000c57000), 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00')
preadv(r4, &(0x7f0000000000)=[{&(0x7f0000000640)=""/147, 0x93}], 0x1, 0xfffe, 0xfff)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe2(&(0x7f0000000180)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
io_uring_enter(0xffffffffffffffff, 0x47f9, 0x0, 0x0, 0x0, 0x0)
r6 = openat$nullb(0xffffffffffffff9c, 0x0, 0x44000, 0x0)
preadv2(r6, 0x0, 0x0, 0x0, 0x0, 0x0)
getpgrp(r1)
vmsplice(r5, &(0x7f0000000140)=[{&(0x7f0000000100)}], 0x1, 0x0)
mount(&(0x7f0000000080)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000180)='qnx4\x00', 0x208000, 0x0)

4.499978192s ago: executing program 3 (id=847):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e21, @multicast1}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='nv\x00', 0x3)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0x8, 0x2001, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000004a40)={&(0x7f0000004880)=ANY=[@ANYBLOB], 0x0, 0x38, 0x0, 0x1, 0x9}, 0x28)
socket$l2tp(0x2, 0x2, 0x73)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
getsockopt$inet6_IPV6_IPSEC_POLICY(r2, 0x29, 0x22, &(0x7f0000000300)={{{@in6=@remote, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0}}, {{@in=@remote}, 0x0, @in6=@initdev}}, &(0x7f0000000400)=0xe8)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="340000001900020028bd7000fedbdf2502001081fc07c80b0030000008000700ffffffff08000500ffffffff08001900", @ANYRES32=r5, @ANYBLOB="75c6493d4337690a642217e9991537"], 0x34}, 0x1, 0x0, 0x0, 0x24000804}, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r6, 0x107, 0x14, &(0x7f0000000080)=0xfff, 0x4)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r7=>0xffffffffffffffff})
getpeername$packet(r7, &(0x7f0000000000)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmmsg(r6, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0x0, r8}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x36}], 0x1}}], 0x1, 0x0)

2.320022448s ago: executing program 4 (id=848):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0x8, &(0x7f0000000200)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0ff5b14104fe62cc60e413905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf2364149215108333719acd97cfa107d40224edc5465a93df8513a32ec450bebc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe511195418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4929330142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da8c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000dd11e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15f2a169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f000010000000000000905ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400bee3dfc8fb24f67c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341b74abaa7c95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb232bbdb9dc33cbd7643866fde41f94290c2a5ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595270fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f76dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d2e959efc71f665c4d75cf2458e3322c9062ece84c99a061997a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99f0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d164118e4cbe02400000000ff0700000000cc9d8046c216c1f895778cb25122a2a998de44aeadea2a40da8daccf080842a4867217373934bbd42dcb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcd62981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba495aea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b60000000000001700d6d5210d7560eb92d6a97a27602b81f76386f1535b1fad6ec9a31137abf9a404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294059323e7a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd704e4214de5946932d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1fc8df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1785eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba891cea599b079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be2f5656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fd78f9743af932cd6db49a47613808bad959719c0000000000378a921c7f7f6933c2e24c7e800003c9e8095e02985f28de0bbc76d58dd92606b1ef6486c85fa3e678f66422436f949e2ab8f162d7"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
symlink(&(0x7f0000000040)='.\x00', 0x0)
r1 = socket$igmp(0x2, 0x3, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x200000000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x1, &(0x7f0000000000)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x18)
sendmsg$inet(r1, &(0x7f0000000640)={&(0x7f0000000400)={0x2, 0x4e24, @remote}, 0x10, 0x0, 0x0, &(0x7f00000007c0)=[@ip_retopts={{0x14, 0x0, 0x7, {[@generic={0x44, 0x2}]}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x3}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @private=0xa010101, @dev={0xac, 0x14, 0x14, 0xe}}}}], 0x50}, 0xc014)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000dc0)='net/udp\x00')
readv(r7, &(0x7f0000003140)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9)
r8 = socket(0x10, 0x803, 0x0)
sendmsg$BATADV_CMD_GET_MESH(r8, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x32}}, 0x0)
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=@newlink={0x38, 0x10, 0x439, 0x70bd2c, 0xffffffea, {0x0, 0x0, 0xe403, r9, 0x40083, 0x602a}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @sit={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x8, 0x3, @dev={0xac, 0x14, 0x14, 0xd}}]}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x8000}, 0x4040)
io_setup(0x2, &(0x7f00000000c0))

2.201793303s ago: executing program 2 (id=849):
setsockopt$RXRPC_SECURITY_KEYRING(0xffffffffffffffff, 0x110, 0x2, 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
userfaultfd(0x801)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_VENDOR(r1, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_FTM_RESPONDER_STATS(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000000}, 0x8000)
read$FUSE(0xffffffffffffffff, &(0x7f0000000880)={0x2020, 0x0, 0x0, <r2=>0x0, <r3=>0x0, <r4=>0x0}, 0x2020)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[], &(0x7f00000003c0)=""/192, 0x1e, 0xc0, 0x0, 0x5b, 0x10000}, 0x28)
r5 = syz_open_dev$loop(0x0, 0x81, 0x0)
lchown(&(0x7f00000001c0)='./cgroup.cpu/cgroup.procs\x00', r2, r3)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/partitions\x00', 0x0, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000004900)={0x2020, 0x0, 0x0, <r7=>0x0}, 0xfffffffffffffd7d)
setreuid(0x0, r7)
fchown(r6, 0x0, 0x0)
ioctl$LOOP_CONFIGURE(r5, 0x4c0a, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809a1a93c5240f45f819e01177d3d458dd4992861ac000000150000000000000000000000000000001000", "90be8b1c551265406c7f306003d8a0f4bd00", [0x0, 0xfffffffffffffff8]}})
setpriority(0x2, r4, 0x7)

1.099372152s ago: executing program 2 (id=850):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x94)
openat$tun(0xffffffffffffff9c, 0x0, 0x8000, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x3, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f0000000100)={0x0, 'erspan0\x00', {0x1}, 0x26})
read$FUSE(0xffffffffffffffff, &(0x7f0000009780)={0x2020}, 0x2020)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
gettid()
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$HCIINQUIRY(r3, 0x400448ca, 0x0)
ioctl$sock_bt_hci(r3, 0x400448c9, 0x0)
ioctl$BLKZEROOUT(0xffffffffffffffff, 0x127f, &(0x7f00000000c0)={0x0, 0x80600})
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10)
setsockopt$SO_BINDTODEVICE_wg(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000080)='wg1\x00', 0x4)
sendto$inet(0xffffffffffffffff, &(0x7f0000000040)="e5", 0xffffffe4, 0x0, 0x0, 0x0)

1.005079275s ago: executing program 4 (id=851):
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000002380)='./file0\x00', 0x80000c, &(0x7f00000001c0)=ANY=[@ANYRES8=0x0, @ANYRESHEX=0x0, @ANYRES16, @ANYRESHEX=0x0, @ANYRES8, @ANYRESHEX=0x0, @ANYBLOB="2c747970653dd2100d1b2c7529643dd4f81c66210bbcbf82440a104ab956f2ba5e36e41ccb1b040fa8b829b0b87078de654c66ac22aebaa2c653ef127e38e0aa2229f9cf6a8503", @ANYRESDEC, @ANYBLOB='\x00\x00\x00\x00\x00', @ANYRESDEC, @ANYRESDEC=0x0], 0x2, 0x6ee, &(0x7f0000032440)="$eJzs3UtoHOcdAPD/rFYrrQqOnPiRlkCWGNJSUVuyUFr1UreUokMoIT30vNhyLLyWg6QU2ZRG6ePeQ049pQfdQg8lvRvac0NKyVXHQCGXnHSqyszO7EMa7a5s2do6v5+YnW/me8w3/3nt7CAmgK+tlbmoPookVube3E6n93YXWxO7i1N5disiahFRiai2R5GsR5Z7Ix/im+nMvHzSafhf/cv5cG357c+/2vuiPVXNh6x80ldvuNrRWTv5EI2ImMjHR00e0+Inhxff197NY9sbVXcN04BdKQIXf3qiVuGJHRyx08n7+N/Z56DqJzlugTGVtK+bR8xGzETEdET7qp+fHSrPtnenb+esOwAAAAAnVT95lRf2Yz+249zT6A4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8r/L3/yf5UCnSjUiK9//X8nmRp9tzx8rwFyF+NtUeP3r6nQEAAAAAAACAp+7V/diP7ThXTB8k2TP/13qe8X8j3ovNWI2NuBrb0Yyt2IqNWIiI2Z6GatvNra2NhaxmxIUBNa/HpyU1rx/fxxunvM4AAAAAAAAAMOaG/Sf+3clOcqdI/DZWus//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgHCQRE+1RNlwo0rNRqUbEdFFuJ+LTiKidbW9PJCmb+ejZ9wMAAACeyHT/ZDI9Qp0X3o/92I5zxfRBkt3zX8rul6fjvViPrViLrWjFatzK76HTu/7K3u5ia2938V46HG33x1+eqOtZi9H+7aF8yS9nJepxO9ayOVfjZiRxkKnkrby8t7uYju+V9+uDtE/Jj3IDejPRk76Vflz+JEv/sf9XhGp79N8TrelJVY7Nmc1yJzsRmc/7ltY4X0SgPBJ9W6dsN6kOXNJCVDq//FwYvKTymH8weJ1nDpUq/eXmTByOxPWodLbQpcGRiPj23z7+5Z3W+t07tzfnxmeVSr0/tMThSCz2ROLycxSJ4eazSFzsTK/Ez+IXMRdfTr0VG7EWv4pmbMVqo8hv5vtz+jk7OFKfzfROvTWsJ+kx2eicv8r61Ii+PkUjfpqlmvFatk3PxVokcT8iVuON7O96LHTOBt0tfHGEo74ywpm2x5XvZKNOmKJ+fNm/jNbkaUnjer4nrr3n3Nksr3dON0ovlkapuNaNfj3qUf1Wnkhb+N3A68OzdjgSCz2ReOm4/aUd0j9nV5PN1vrdjTvNd0dc3uv5OD2O/jBWV4l0bV6M6XzlzmefSXZMzWd5L3WusP3xquVPXNoqR/Iuduq1j9Sfx/241Xekfj+WYimWs9KXstKTR65Yad7lTkv95/A0L/2mVe082On9vnU/Wu3vQwCMt5nvztTq/6n/s/5R/ff1O/U3p38y9YOpV2ox+Y/JH1bnJ16vvJL8NT6K33Tv/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgMe3+eDh3WartbpRnqiUZyWDazVbB8WLxAaU6Usk+atyRiicbD54eDC0wcGJqbx7j1n9NBPFa/iGF24MbKf6RN1Idg5vr+nh26J4y9MIi0iOBDyt/NihK5bcnTM5BpvycKJxeg0WO2xP1sn33nrZ9pqIiLLCQ04cE6dx9gHO0rWte+9e23zw8Htr95rvrL6zuj65tLQ8v7z0xuK122ut1fn2Z0+F6hl2FjhVvV8nOmoR8erwugNe1AoAAAAAAAAAAAA8Rc/ifyHOeh0BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/28rc1F9FEkszF+dT6f3dhdb6VCkuyWrEVGJiOTXEcnfI25Ee4jZnuaS45bz4dry259/tfdFt61qUb4SsXNsvdHs5EM0ImIiH59WezeHt1frJqdKspNOZNKAXSkCB2ftfwEAAP//jLTthw==")
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = landlock_create_ruleset(&(0x7f0000000140)={0x8b28, 0x3}, 0x18, 0x0)
landlock_restrict_self(r1, 0x1)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
openat$hwrng(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x4, 0x0, 0x0, 0x4, 0x0, 0x0, 0x41100, 0x43, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x40001e0, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r6 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r6, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
bind$inet(r6, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$NL80211_CMD_JOIN_MESH(r6, &(0x7f00000001c0)={0x0, 0x3d, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[], 0x1a000}}, 0x0)
mount$nfs(&(0x7f00000001c0)='\xb2\x83\x87J9I\xc3i\xe4\x81\xc5:\xccLD\x9d\xd8\xc7\x90v\x8b\x82\x90\xa4\xdd\x98\xb8\rQh#\xfacl\x01\x8cC\x1f|\xa5\xcb\x8f\xe5WJ\x00>\xf2\xd6\t\xf4IE\xcb\x15A\xb5\xbbG\xa0\xea\xc4\x03\xf2\xf5\xf4\xa1\x98', &(0x7f0000000240)='./file0\x00', 0x0, 0x201008, 0x0)
open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)

899.985939ms ago: executing program 3 (id=852):
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x804}, 0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$kcm(0xa, 0x922000000003, 0x11)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r2 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000002000), 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x18, 0x3, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20}}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='contention_end\x00', r3}, 0x10)
ioctl$VIDIOC_LOG_STATUS(r2, 0x5646, 0x0)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x4f80}, 0x4000800)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r5, 0x0, 0x0)
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x9, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3fe, 0x5, 0x3, 0x9, 0x8, 0x45ff, 0x7ffffffc}, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000040)=[@in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x20}}]}, &(0x7f0000000100)=0x10)
getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(r0, 0x84, 0x1b, 0x0, &(0x7f00000005c0))
socket$nl_generic(0x10, 0x3, 0x10)

0s ago: executing program 4 (id=853):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00'})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000000000000600000000000000008500000010000000c5000000a0ef0100950d30e1a8fcd520b240356731e027fa099d9ec82d6a4f28b5d8f6d77871d055a677a40ac455cf99d4ad8e669c5293ee0050769d48d87cf23044b99ee1c4c849fe4fcaab344f6aed30d4a425396907ae96d622d7cbab9035b68382cc3c1709d49d1e9235517bd8aecde93265869f9bf784800ad6c26526fb38a1bee96c13c734c373c671b7350ec424a483"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x1d, '\x00', 0x0, 0x2}, 0x94)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB], 0x10}}, 0x4010880)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r3, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="000000001700"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000140)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x3, &(0x7f0000000000), 0xbc, 0x55a, &(0x7f0000000900)="$eJzs3V1rXGkdAPD/mcykSRtN1L1YhV2Lu9Au2qTZurtBZFtBvFtQVq9rSKchdJIpmcluExZJ8QMIIrrgjV55I/gBBOlHEGHBvRdXlKJdBfdC98h5maadztmkbWZGJr8fPHOe8/r/PzOT8z45AZxYZyPiSkRMRcRLETFfDq+VJfaLkk334b131rKSRJq++fckknJYNllSlsyZcraZojNQZ3fvxmqr1dwu+5e6mzeXOrt7FzY2V9eb682tS5eWX115beWVlYvH0s6sXa9/8y8//dGvvvX6777y9p+u/u38D7J858rxvXYct+I9aWTvxX31iNgeRrAxmCrb04jeCwAA/8+yffzPRsSX8v3/+ZjK9+aqTT9QT4aeHQAAAHAc0stz8Z8kIgUAAAAmVi2/BzapLZb3AsxFrba4WNzD+0ycrrXane6Xr7d3tq4V98ouRKN2faPVvFjeU7sQjSTrX75/RqHofzkfl5XkoXuAfzI/m49fXGvHtXGc8AAAAIAT6Ezf8f+/5ovjfwAAAGDCLIw7AQAAAGDoHP8DAADA5HuC4//pYeQBAAAADMW333gjK2nv+dfX3trdudF+68K1ZufG4ubO2uJae/vm4nq7vd5KT0VsHra8Vrt986uxtXNrqdvsdJc6u3tXN9s7W92rGw89AhsAAAAYoc988c77SUTsf202L9G7tj9VMYPfCsDEqB1xujR7+WC4uQCjVbWZByZf/ZNHu80XJlij6CTjzgMYn8NWADNVU/x+GNkAAADDcO7zd95Pk0ev/9cPzg0AE+qo1/+ByVNx/T+dH3UiwMgdcv0fmGANdwDCiXf49f8KxfX/K4dHSNNDlwUAAAzVXF6S2mJ5LXAuah+lhViIRnJ9o9W8GBGfjog/zjdOZf3L+ZyJHw0AAAAAAAAAAAAAAAAAAAAAAAAAwBGlaRLpE6g/0VwAAADAOETU/pqUz/86N//iXP/5genko/xRwB+nafr2z9/82a3Vbnd7ORv+j3z4dER03y2HvzyOMxgAAABAT+8p/8VxemPM2QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwqT68985ar4wy7t1vRMTCoPj1mMm7M9GIiNP/TKL+wHxJREwdQ/z92xHx7KD4SZZWLJRZ9MevRcRsnsXQ4z+XpunA+GeeOjqcbHey9c+VQX9/tTibdwf//deLcvlp41ev/2r3139T/fHrxfrvU0eM8YX3frP0QO/3DqqnivH1weufXvykYv37wqBg9UcHff+7e3tVuaW/jDg3cPuTPBRrqbt5c6mzu3dhY3N1vbne3Lp0afnVlddWXlm5uHR9o9UsXwfG+PFzv/24Kv7dsxGny/jTvZzKDctC0fl62f7V/va/mFUaVUs+8N/3bt37XFFt9C0i7t6OOP/C4M//2bw78P3/xb/TXL4dyMafK7cJyX5Rjyi/vhHx/K//8Hxl+2/PlLXH//zPH9703Evf+eGfjzgpADACnd29G6utVnN76JV30zQ92sTZXmnFqKlH50oi9vsnznbgjrkVsxFRMWpwrDjqkp+pTPWD2YjjbUWt/NifeoGXH2fi9NRjfdmS/ZF8IVUqKtP5F3KcayUAAGAYDvb+x50JAAAAAAAAAAAAAAAAAAAAnFyj+L9i/TH3x9NUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBP9L8AAAD///Cp0S0=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xf0667000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="02000000040000"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/mem_sleep', 0x101a02, 0x0)
copy_file_range(r7, &(0x7f0000000000)=0x7, r7, 0x0, 0x7, 0x0)
setsockopt$inet_IP_XFRM_POLICY(r3, 0x0, 0x11, &(0x7f00000002c0)={{{@in=@broadcast, @in6=@mcast1, 0x0, 0x0, 0xffff, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x2}, 0x0, 0x0, 0x1}, {{@in=@local, 0x2000000, 0x33}, 0x2, @in6=@loopback, 0x0, 0x3, 0x0, 0xb7, 0x0, 0x8000000}}, 0xe8)
sendmmsg(r3, &(0x7f0000007fc0), 0x800001d, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000200)='kmem_cache_free\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000b80)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50)

kernel console output (not intermixed with test programs):

face: batadv_slave_0
[   60.478964][ T5786] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   60.506447][ T5786] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   60.549065][ T5786] batman_adv: batadv0: Adding interface: batadv_slave_1
[   60.556143][ T5786] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   60.582545][ T5786] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   60.602289][ T5787] hsr_slave_0: entered promiscuous mode
[   60.608840][ T5787] hsr_slave_1: entered promiscuous mode
[   60.627547][ T5785] batman_adv: batadv0: Adding interface: batadv_slave_0
[   60.634797][ T5785] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   60.660983][ T5785] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   60.672594][ T5788] batman_adv: batadv0: Adding interface: batadv_slave_0
[   60.679905][ T5788] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   60.705882][ T5788] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   60.718882][ T5788] batman_adv: batadv0: Adding interface: batadv_slave_1
[   60.725889][ T5788] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   60.751796][ T5788] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   60.792454][ T5785] batman_adv: batadv0: Adding interface: batadv_slave_1
[   60.799514][ T5785] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   60.825924][ T5785] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   60.861279][ T5786] hsr_slave_0: entered promiscuous mode
[   60.867915][ T5786] hsr_slave_1: entered promiscuous mode
[   60.874744][ T5786] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   60.883093][ T5786] Cannot create hsr debugfs directory
[   60.962624][ T5785] hsr_slave_0: entered promiscuous mode
[   60.968893][ T5792] Bluetooth: hci3: command tx timeout
[   60.975169][ T5785] hsr_slave_1: entered promiscuous mode
[   60.981218][ T5785] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   60.989048][ T5785] Cannot create hsr debugfs directory
[   61.019398][ T5788] hsr_slave_0: entered promiscuous mode
[   61.026113][ T5788] hsr_slave_1: entered promiscuous mode
[   61.032179][ T5788] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   61.039909][ T5788] Cannot create hsr debugfs directory
[   61.053373][ T5792] Bluetooth: hci2: command tx timeout
[   61.054222][ T5799] Bluetooth: hci1: command tx timeout
[   61.058892][ T5794] Bluetooth: hci0: command tx timeout
[   61.369549][ T5787] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   61.389036][ T5787] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   61.404383][ T5787] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   61.414507][ T5787] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   61.463926][ T5786] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   61.476032][ T5786] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   61.488233][ T5786] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   61.525488][ T5786] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   61.562246][ T5785] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   61.571905][ T5785] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   61.582001][ T5785] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   61.601527][ T5785] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   61.676600][ T5788] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   61.686964][ T5788] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   61.702350][ T5788] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   61.733080][ T5788] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   61.809913][ T5787] 8021q: adding VLAN 0 to HW filter on device bond0
[   61.861648][ T5787] 8021q: adding VLAN 0 to HW filter on device team0
[   61.884965][ T3452] bridge0: port 1(bridge_slave_0) entered blocking state
[   61.892278][ T3452] bridge0: port 1(bridge_slave_0) entered forwarding state
[   61.921154][ T3452] bridge0: port 2(bridge_slave_1) entered blocking state
[   61.928278][ T3452] bridge0: port 2(bridge_slave_1) entered forwarding state
[   61.941968][ T5786] 8021q: adding VLAN 0 to HW filter on device bond0
[   61.966436][ T5786] 8021q: adding VLAN 0 to HW filter on device team0
[   61.993902][   T48] bridge0: port 1(bridge_slave_0) entered blocking state
[   62.001039][   T48] bridge0: port 1(bridge_slave_0) entered forwarding state
[   62.031487][   T48] bridge0: port 2(bridge_slave_1) entered blocking state
[   62.038738][   T48] bridge0: port 2(bridge_slave_1) entered forwarding state
[   62.054751][ T5785] 8021q: adding VLAN 0 to HW filter on device bond0
[   62.121951][ T5785] 8021q: adding VLAN 0 to HW filter on device team0
[   62.162010][ T2924] bridge0: port 1(bridge_slave_0) entered blocking state
[   62.169257][ T2924] bridge0: port 1(bridge_slave_0) entered forwarding state
[   62.196792][ T5788] 8021q: adding VLAN 0 to HW filter on device bond0
[   62.209110][ T1134] bridge0: port 2(bridge_slave_1) entered blocking state
[   62.216338][ T1134] bridge0: port 2(bridge_slave_1) entered forwarding state
[   62.318395][ T5788] 8021q: adding VLAN 0 to HW filter on device team0
[   62.366836][ T1134] bridge0: port 1(bridge_slave_0) entered blocking state
[   62.374011][ T1134] bridge0: port 1(bridge_slave_0) entered forwarding state
[   62.395012][ T1134] bridge0: port 2(bridge_slave_1) entered blocking state
[   62.402270][ T1134] bridge0: port 2(bridge_slave_1) entered forwarding state
[   62.481932][ T5788] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   62.503594][ T5788] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   62.529626][ T5787] 8021q: adding VLAN 0 to HW filter on device batadv0
[   62.656974][ T5787] veth0_vlan: entered promiscuous mode
[   62.699005][ T5787] veth1_vlan: entered promiscuous mode
[   62.714972][ T5785] 8021q: adding VLAN 0 to HW filter on device batadv0
[   62.732611][ T5786] 8021q: adding VLAN 0 to HW filter on device batadv0
[   62.812013][ T5787] veth0_macvtap: entered promiscuous mode
[   62.846497][ T5787] veth1_macvtap: entered promiscuous mode
[   62.873681][ T5786] veth0_vlan: entered promiscuous mode
[   62.899254][ T5785] veth0_vlan: entered promiscuous mode
[   62.911488][ T5786] veth1_vlan: entered promiscuous mode
[   62.932313][ T5787] batman_adv: batadv0: Interface activated: batadv_slave_0
[   62.971983][ T5787] batman_adv: batadv0: Interface activated: batadv_slave_1
[   62.981537][ T5785] veth1_vlan: entered promiscuous mode
[   62.990946][ T5788] 8021q: adding VLAN 0 to HW filter on device batadv0
[   63.006004][ T5787] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   63.016251][ T5787] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   63.025270][ T5787] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   63.034254][ T5787] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   63.043617][ T5794] Bluetooth: hci3: command tx timeout
[   63.051295][ T5786] veth0_macvtap: entered promiscuous mode
[   63.067816][ T5786] veth1_macvtap: entered promiscuous mode
[   63.123512][ T5794] Bluetooth: hci0: command tx timeout
[   63.125169][ T5799] Bluetooth: hci1: command tx timeout
[   63.134867][ T5792] Bluetooth: hci2: command tx timeout
[   63.146633][ T5786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   63.157685][ T5786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   63.170120][ T5786] batman_adv: batadv0: Interface activated: batadv_slave_0
[   63.213182][ T5786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   63.224632][ T5786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   63.236684][ T5786] batman_adv: batadv0: Interface activated: batadv_slave_1
[   63.248671][ T5785] veth0_macvtap: entered promiscuous mode
[   63.279028][ T5788] veth0_vlan: entered promiscuous mode
[   63.289466][ T5786] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   63.299341][ T5786] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   63.309662][ T5786] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   63.318418][ T5786] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   63.338614][ T5785] veth1_macvtap: entered promiscuous mode
[   63.350351][ T5788] veth1_vlan: entered promiscuous mode
[   63.381891][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   63.404021][ T5788] veth0_macvtap: entered promiscuous mode
[   63.415658][ T5788] veth1_macvtap: entered promiscuous mode
[   63.423666][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   63.483285][ T5785] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   63.496669][ T5785] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   63.508521][ T5785] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   63.519033][ T5785] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   63.530938][ T5785] batman_adv: batadv0: Interface activated: batadv_slave_0
[   63.545580][ T5785] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   63.556293][ T5785] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   63.566313][ T5785] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   63.576873][ T5785] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   63.588336][ T5785] batman_adv: batadv0: Interface activated: batadv_slave_1
[   63.605421][ T2924] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   63.614503][ T2924] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   63.626044][ T5788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   63.636743][ T5788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   63.650676][ T5788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   63.661435][ T5788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   63.671524][ T5788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   63.682126][ T5788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   63.700038][ T5788] batman_adv: batadv0: Interface activated: batadv_slave_0
[   63.709560][ T5785] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   63.718356][ T5785] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   63.727298][ T5785] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   63.736124][ T5785] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   63.770464][ T5788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   63.782004][ T5788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   63.791897][ T5788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   63.802345][ T5788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   63.812462][ T5788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   63.822982][ T5788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   63.834471][ T5788] batman_adv: batadv0: Interface activated: batadv_slave_1
[   63.854989][ T3452] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   63.872029][ T3452] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   63.885352][ T5788] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   63.896647][ T5788] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   63.908125][ T5788] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   63.916946][ T5788] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   63.962413][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   63.982317][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   64.095280][ T3479] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   64.127670][ T3479] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   64.209734][ T3479] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   64.251136][ T3479] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   65.258442][ T5792] Bluetooth: hci3: command tx timeout
[   65.264505][ T5792] Bluetooth: hci2: command tx timeout
[   65.270430][ T5799] Bluetooth: hci1: command tx timeout
[   65.276404][ T5792] Bluetooth: hci0: command tx timeout
[   65.756876][ T3523] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   65.772286][ T3523] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   65.780097][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   65.995706][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   66.005619][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   66.200781][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   66.303167][    T0] NOHZ tick-stop error: local softirq work is pending, handler #142!!!
[   66.311923][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   66.405292][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   66.414008][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   66.463237][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   66.471885][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   66.846429][ T3523] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.856635][ T3523] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   67.363177][ T5794] Bluetooth: hci0: command tx timeout
[   67.363291][ T5799] Bluetooth: hci2: command tx timeout
[   67.375225][ T5792] Bluetooth: hci1: command tx timeout
[   67.380798][ T5792] Bluetooth: hci3: command tx timeout
[   67.680618][ T5895] syz.2.7[5895]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[   67.703312][ T5895] loop2: detected capacity change from 0 to 2048
[   67.722938][ T5895] NILFS (loop2): invalid segment: Magic number mismatch
[   67.729997][ T5895] NILFS (loop2): trying rollback from an earlier position
[   67.801297][ T5895] NILFS (loop2): recovery complete
[   67.830429][ T5896] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   69.170364][ T5904] process 'syz.2.7' launched './file0' with NULL argv: empty string added
[   69.437165][ T5899] loop0: detected capacity change from 0 to 32768
[   71.594067][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[   71.600730][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[   71.744499][ T5799] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201'
[   71.755257][ T5799] CPU: 1 PID: 5799 Comm: kworker/u5:6 Not tainted 6.6.100-syzkaller #0
[   71.763536][ T5799] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   71.773622][ T5799] Workqueue: hci2 hci_rx_work
[   71.778352][ T5799] Call Trace:
[   71.781623][ T5799]  <TASK>
[   71.784567][ T5799]  dump_stack_lvl+0x16c/0x230
[   71.789240][ T5799]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[   71.794872][ T5799]  ? show_regs_print_info+0x20/0x20
[   71.800074][ T5799]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[   71.805720][ T5799]  sysfs_create_dir_ns+0x256/0x280
[   71.810836][ T5799]  ? sysfs_warn_dup+0xa0/0xa0
[   71.815563][ T5799]  ? do_raw_spin_unlock+0x121/0x230
[   71.820772][ T5799]  kobject_add_internal+0x6b8/0xc70
[   71.825975][ T5799]  kobject_add+0x156/0x220
[   71.830387][ T5799]  ? kobject_init+0x1e0/0x1e0
[   71.835065][ T5799]  ? _raw_spin_unlock+0x3a/0x40
[   71.839913][ T5799]  ? get_device_parent+0x366/0x390
[   71.845022][ T5799]  device_add+0x408/0xc20
[   71.849358][ T5799]  hci_conn_add_sysfs+0xd5/0x1e0
[   71.854300][ T5799]  le_conn_complete_evt+0xc37/0x1220
[   71.859610][ T5799]  ? hci_event_packet+0x4a7/0x1210
[   71.864814][ T5799]  ? hci_le_big_info_adv_report_evt+0x8e0/0x8e0
[   71.871089][ T5799]  ? __copy_skb_header+0xa7/0x550
[   71.876150][ T5799]  ? __mutex_unlock_slowpath+0x1a2/0x6a0
[   71.881827][ T5799]  ? skb_pull_data+0xfb/0x200
[   71.886582][ T5799]  hci_le_conn_complete_evt+0x187/0x440
[   71.892165][ T5799]  ? hci_remote_host_features_evt+0x160/0x160
[   71.898232][ T5799]  hci_event_packet+0x795/0x1210
[   71.903179][ T5799]  ? bis_list+0x290/0x290
[   71.907515][ T5799]  ? kcov_remote_start+0x2b/0x7f0
[   71.912539][ T5799]  ? hci_send_to_monitor+0xd7/0x4f0
[   71.917730][ T5799]  hci_rx_work+0x43a/0xd80
[   71.922149][ T5799]  ? process_scheduled_works+0x957/0x15b0
[   71.927870][ T5799]  process_scheduled_works+0xa45/0x15b0
[   71.933426][ T5799]  ? assign_work+0x400/0x400
[   71.938016][ T5799]  ? assign_work+0x39e/0x400
[   71.942597][ T5799]  worker_thread+0xa55/0xfc0
[   71.947189][ T5799]  kthread+0x2fa/0x390
[   71.951270][ T5799]  ? pr_cont_work+0x560/0x560
[   71.955939][ T5799]  ? kthread_blkcg+0xd0/0xd0
[   71.960512][ T5799]  ret_from_fork+0x48/0x80
[   71.964913][ T5799]  ? kthread_blkcg+0xd0/0xd0
[   71.969493][ T5799]  ret_from_fork_asm+0x11/0x20
[   71.974254][ T5799]  </TASK>
[   72.678911][ T5799] kobject: kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[   72.702135][ T5799] Bluetooth: hci2: failed to register connection device
[   73.015423][ T5899] JBD2: Ignoring recovery information on journal
[   74.516086][ T5899] JBD2: journal reset failed
[   74.520741][ T5899] (syz.0.8,5899,0):ocfs2_journal_load:1167 ERROR: Failed to load journal!
[   74.575840][ T5899] (syz.0.8,5899,1):ocfs2_check_volume:2434 ERROR: ocfs2 journal load failed! -4
[   74.720508][ T5926] vivid-001: =================  START STATUS  =================
[   74.730564][ T5926] vivid-001: Radio HW Seek Mode: Bounded
[   74.736417][ T5926] vivid-001: Radio Programmable HW Seek: false
[   74.742563][ T5926] vivid-001: RDS Rx I/O Mode: Block I/O
[   74.748131][ T5926] vivid-001: Generate RBDS Instead of RDS: false
[   74.754607][ T5926] vivid-001: RDS Reception: true
[   74.759564][ T5926] vivid-001: RDS Program Type: 0 inactive
[   74.765335][ T5926] vivid-001: RDS PS Name:  inactive
[   74.770552][ T5926] vivid-001: RDS Radio Text:  inactive
[   74.776121][ T5926] vivid-001: RDS Traffic Announcement: false inactive
[   74.783001][ T5926] vivid-001: RDS Traffic Program: false inactive
[   74.789336][ T5926] vivid-001: RDS Music: false inactive
[   74.794882][ T5926] vivid-001: ==================  END STATUS  ==================
[   74.866826][ T5780] I/O error, dev loop0, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   74.901138][ T5929] syz.1.14 uses old SIOCAX25GETINFO
[   75.876197][ T5934] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[   76.335115][ T5934] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[   78.675480][ T5952] loop0: detected capacity change from 0 to 128
[   78.912364][ T5952] qnx6: superblock #1 checksum error
[   79.453457][ T5959] loop1: detected capacity change from 0 to 512
[   79.507965][ T5959] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   79.583182][ T5959] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[   79.592224][ T5959] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[   79.663127][ T5789] usb 1-1: new full-speed USB device number 2 using dummy_hcd
[   79.678210][ T5959] EXT4-fs (loop1): warning: mounting unchecked fs, running e2fsck is recommended
[   79.706577][ T5959] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[   79.837438][ T5963] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   80.690610][ T5959] System zones: 0-2, 18-18, 34-35
[   80.710087][ T5789] usb 1-1: config 0 has no interfaces?
[   80.754642][ T5959] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   80.803295][ T5789] usb 1-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[   80.812337][ T5789] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   80.888515][ T5789] usb 1-1: Product: syz
[   80.912790][ T5789] usb 1-1: Manufacturer: syz
[   80.917436][ T5789] usb 1-1: SerialNumber: syz
[   80.989907][ T5966] mkiss: ax0: crc mode is auto.
[   80.999879][ T5789] usb 1-1: config 0 descriptor??
[   81.433666][ T5969] EXT4-fs error (device loop1): ext4_validate_block_bitmap:439: comm syz.1.18: bg 0: block 353: padding at end of block bitmap is not set
[   81.766602][   T28] cfg80211: failed to load regulatory.db
[   81.868041][ T5957] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   81.889863][ T5785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.974660][ T5957] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   82.213200][ T5981] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   84.137872][ T5993] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   84.149367][ T5993] overlayfs: "xino" feature enabled using 2 upper inode bits.
[   85.012633][ T5998] xt_policy: too many policy elements
[   86.853691][ T6008] kAFS: No cell specified
[   88.756462][ T5884] usb 1-1: USB disconnect, device number 2
[   89.897467][ T6012] loop2: detected capacity change from 0 to 128
[   90.209896][ T6012] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   90.238654][ T6012] ext4 filesystem being mounted at /11/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   91.404922][ T6027] loop1: detected capacity change from 0 to 32768
[   93.000784][ T5787] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   93.017017][ T6027] JBD2: Ignoring recovery information on journal
[   93.298040][ T6027] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[   93.890951][ T6046] netlink: 'syz.0.36': attribute type 12 has an invalid length.
[   93.898859][ T6046] netlink: 'syz.0.36': attribute type 29 has an invalid length.
[   93.906852][ T6046] netlink: 148 bytes leftover after parsing attributes in process `syz.0.36'.
[   93.915964][ T6046] netlink: 59 bytes leftover after parsing attributes in process `syz.0.36'.
[   93.929408][ T6046] Zero length message leads to an empty skb
[   94.599486][ T5785] ocfs2: Unmounting device (7,1) on (node local)
[   97.587558][ T6065] loop0: detected capacity change from 0 to 16
[   98.709212][ T6065] erofs: (device loop0): mounted with root inode @ nid 36.
[   98.955822][ T6069] loop1: detected capacity change from 0 to 512
[   99.081721][ T6069] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   99.312546][ T6069] ext4 filesystem being mounted at /9/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  100.101041][   T27] audit: type=1800 audit(1753736351.211:2): pid=6067 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.40" name="file1" dev="loop1" ino=15 res=0 errno=0
[  101.537995][ T5785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.615085][ T6092] warning: `syz.2.44' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  102.751608][ T6100] netlink: 16 bytes leftover after parsing attributes in process `syz.1.45'.
[  102.765952][ T6100] netlink: 4 bytes leftover after parsing attributes in process `syz.1.45'.
[  102.926309][ T6105] netlink: 4 bytes leftover after parsing attributes in process `syz.1.45'.
[  103.766578][ T6112] netlink: 'syz.2.46': attribute type 12 has an invalid length.
[  103.774480][ T6112] netlink: 'syz.2.46': attribute type 29 has an invalid length.
[  103.783337][ T6112] netlink: 148 bytes leftover after parsing attributes in process `syz.2.46'.
[  103.792269][ T6112] netlink: 59 bytes leftover after parsing attributes in process `syz.2.46'.
[  104.696928][ T6125] netlink: 16 bytes leftover after parsing attributes in process `syz.1.58'.
[  105.453446][ T6125] netlink: 4 bytes leftover after parsing attributes in process `syz.1.58'.
[  105.588738][ T6131] netlink: 4 bytes leftover after parsing attributes in process `syz.1.58'.
[  106.812748][ T6143] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  112.659215][ T6197] input: syz0 as /devices/virtual/input/input6
[  117.621252][ T6230] ax25_connect(): syz.1.67 uses autobind, please contact jreuter@yaina.de
[  117.965438][   T27] audit: type=1326 audit(1753736368.731:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6212 comm="syz.1.67" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf3db8e9a9 code=0x7ffc0000
[  118.130225][   T27] audit: type=1326 audit(1753736368.731:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6212 comm="syz.1.67" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf3db8e9a9 code=0x7ffc0000
[  118.150067][ T5799] Bluetooth: hci2: link tx timeout
[  118.152808][   T27] audit: type=1326 audit(1753736368.741:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6212 comm="syz.1.67" exe="/root/syz-executor" sig=0 arch=c000003e syscall=261 compat=0 ip=0x7fdf3db8e9a9 code=0x7ffc0000
[  118.157676][ T5799] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa
[  118.191161][ T5799] Bluetooth: hci2: killing stalled connection 00:00:00:00:00:00
[  118.215815][   T27] audit: type=1326 audit(1753736368.741:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6212 comm="syz.1.67" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf3db8e9a9 code=0x7ffc0000
[  118.246507][   T27] audit: type=1326 audit(1753736368.741:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6212 comm="syz.1.67" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf3db8e9a9 code=0x7ffc0000
[  119.190868][   T27] audit: type=1326 audit(1753736368.741:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6212 comm="syz.1.67" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7fdf3db8e9a9 code=0x7ffc0000
[  119.358333][   T27] audit: type=1326 audit(1753736368.751:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6212 comm="syz.1.67" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf3db8e9a9 code=0x7ffc0000
[  120.241443][ T5799] Bluetooth: hci2: link tx timeout
[  120.322615][   T27] audit: type=1326 audit(1753736368.751:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6212 comm="syz.1.67" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf3db8e9a9 code=0x7ffc0000
[  120.598617][ T5799] Bluetooth: hci2: killing stalled connection 00:00:00:00:00:00
[  120.607207][ T5799] Bluetooth: hci2: command 0x0406 tx timeout
[  120.637075][   T27] audit: type=1326 audit(1753736368.761:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6212 comm="syz.1.67" exe="/root/syz-executor" sig=0 arch=c000003e syscall=325 compat=0 ip=0x7fdf3db8e9a9 code=0x7ffc0000
[  120.756146][   T27] audit: type=1326 audit(1753736368.761:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6212 comm="syz.1.67" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf3db8e9a9 code=0x7ffc0000
[  121.274457][ T6263] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  121.583331][ T6266] input: syz0 as /devices/virtual/input/input8
[  122.228819][ T6273] loop0: detected capacity change from 0 to 256
[  122.585624][ T6273] =======================================================
[  122.585624][ T6273] WARNING: The mand mount option has been deprecated and
[  122.585624][ T6273]          and is ignored by this kernel. Remove the mand
[  122.585624][ T6273]          option from the mount to silence this warning.
[  122.585624][ T6273] =======================================================
[  122.655555][ T5799] Bluetooth: hci2: command 0x0406 tx timeout
[  122.668596][ T6273] FAT-fs (loop0): count of clusters too big (66845694)
[  122.676706][ T6273] FAT-fs (loop0): Can't find a valid FAT filesystem
[  123.135931][ T5778] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  123.142724][    C1] sched: RT throttling activated
[  123.319198][ T6280] loop3: detected capacity change from 0 to 64
[  125.728500][ T6285] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  126.810702][ T6307] loop0: detected capacity change from 0 to 1024
[  127.498248][ T6313] hfsplus: found bad thread record in catalog
[  127.885656][ T2919] hfsplus: b-tree write err: -5, ino 4
[  127.918301][ T6315] loop2: detected capacity change from 0 to 512
[  128.219501][ T6315] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  128.259116][ T6315] ext4 filesystem being mounted at /22/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  128.287336][ T6328] loop3: detected capacity change from 0 to 1024
[  128.349993][   T27] kauditd_printk_skb: 13 callbacks suppressed
[  128.350007][   T27] audit: type=1800 audit(1753736379.471:26): pid=6315 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.89" name="file1" dev="loop2" ino=15 res=0 errno=0
[  130.214064][ T5787] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.748333][ T6338] loop0: detected capacity change from 0 to 128
[  130.779974][ T6338] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  130.808577][ T6341] loop3: detected capacity change from 0 to 64
[  131.159847][ T6338] ext4 filesystem being mounted at /25/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  131.513866][ T6348] hfs: request for non-existent node -129 in B*Tree
[  131.520784][ T6348] hfs: request for non-existent node -129 in B*Tree
[  131.631959][   T27] audit: type=1800 audit(1753736382.741:27): pid=6347 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.94" name="file1" dev="loop3" ino=18 res=0 errno=0
[  131.778249][ T6342] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  132.968619][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  133.204966][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  133.382759][   T27] audit: type=1326 audit(1753736384.381:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6352 comm="syz.2.95" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f971e38e9a9 code=0x7fc00000
[  133.908137][ T6361] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  134.066572][ T5786] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  134.370029][   T27] audit: type=1326 audit(1753736385.491:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6352 comm="syz.2.95" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f971e38e9a9 code=0x7fc00000
[  135.475263][ T6379] netlink: 24 bytes leftover after parsing attributes in process `syz.3.101'.
[  135.603463][ T6379] netlink: 4 bytes leftover after parsing attributes in process `syz.3.101'.
[  135.814047][ T6385] netlink: 4 bytes leftover after parsing attributes in process `syz.3.101'.
[  135.827272][   T27] audit: type=1326 audit(1753736386.951:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6375 comm="syz.2.100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f971e38e9a9 code=0x7ffc0000
[  135.866240][ T6386] ax25_connect(): syz.2.100 uses autobind, please contact jreuter@yaina.de
[  136.043633][   T27] audit: type=1326 audit(1753736386.981:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6375 comm="syz.2.100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f971e38e9a9 code=0x7ffc0000
[  136.268439][   T27] audit: type=1326 audit(1753736386.981:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6375 comm="syz.2.100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=261 compat=0 ip=0x7f971e38e9a9 code=0x7ffc0000
[  136.449038][   T27] audit: type=1326 audit(1753736386.981:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6375 comm="syz.2.100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f971e38e9a9 code=0x7ffc0000
[  136.471280][   T27] audit: type=1326 audit(1753736386.981:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6375 comm="syz.2.100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f971e38e9a9 code=0x7ffc0000
[  136.493499][   T27] audit: type=1326 audit(1753736386.991:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6375 comm="syz.2.100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f971e38e9a9 code=0x7ffc0000
[  136.515644][   T27] audit: type=1326 audit(1753736387.011:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6375 comm="syz.2.100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f971e38e9a9 code=0x7ffc0000
[  136.537941][   T27] audit: type=1326 audit(1753736387.011:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6375 comm="syz.2.100" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f971e38e9a9 code=0x7ffc0000
[  138.275653][ T6407] input: syz1 as /devices/virtual/input/input9
[  138.318189][ T6411] loop1: detected capacity change from 0 to 128
[  138.493158][ T5780] udevd[5780]: setting owner of /dev/input/event4 to uid=0, gid=104 failed: No such file or directory
[  138.550384][ T6411] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  138.649366][ T6411] ext4 filesystem being mounted at /23/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  138.681073][    C1] vkms_vblank_simulate: vblank timer overrun
[  141.945686][ T5785] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  142.723063][ T6430] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  142.999610][ T6438] netlink: 4 bytes leftover after parsing attributes in process `syz.1.112'.
[  143.140948][ T6441] netlink: 4 bytes leftover after parsing attributes in process `syz.1.112'.
[  144.608896][ T6448] loop3: detected capacity change from 0 to 512
[  145.078664][ T6455] netlink: 324 bytes leftover after parsing attributes in process `syz.3.118'.
[  146.862211][ T6456] input: syz1 as /devices/virtual/input/input10
[  148.215582][ T6470] loop3: detected capacity change from 0 to 128
[  148.508608][ T6470] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  148.522901][ T6470] ext4 filesystem being mounted at /31/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  150.209213][   T42] Bluetooth: (null): Invalid header checksum
[  150.275728][   T42] Bluetooth: (null): Invalid header checksum
[  150.548814][ T6483] loop2: detected capacity change from 0 to 1024
[  150.631451][ T5788] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  150.831784][ T6490] loop3: detected capacity change from 0 to 512
[  150.886901][ T6488] hfsplus: found bad thread record in catalog
[  151.116176][ T6490] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  151.183514][ T6490] ext4 filesystem being mounted at /32/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  151.428244][ T2924] hfsplus: b-tree write err: -5, ino 4
[  152.706506][   T27] kauditd_printk_skb: 14 callbacks suppressed
[  152.706521][   T27] audit: type=1800 audit(1753736403.811:52): pid=6490 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.128" name="file1" dev="loop3" ino=15 res=0 errno=0
[  155.315748][ T5788] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  156.338948][ T6517] loop1: detected capacity change from 0 to 256
[  156.434098][ T6517] FAT-fs (loop1): count of clusters too big (66845694)
[  156.441005][ T6517] FAT-fs (loop1): Can't find a valid FAT filesystem
[  156.540000][ T6521] loop0: detected capacity change from 0 to 128
[  156.591997][ T5780] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  156.628630][ T6521] EXT4-fs warning (device loop0): ext4_init_metadata_csum:4634: metadata_csum and uninit_bg are redundant flags; please run fsck.
[  156.643355][ T6521] EXT4-fs (loop0): Encoding requested by superblock is unknown
[  158.300164][ T6529] input: syz1 as /devices/virtual/input/input11
[  159.132275][ T6538] loop1: detected capacity change from 0 to 512
[  159.161902][ T6538] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  159.184842][ T6538] EXT4-fs (loop1): orphan cleanup on readonly fs
[  159.192579][ T6538] EXT4-fs error (device loop1): ext4_orphan_get:1425: comm syz.1.141: bad orphan inode 15
[  159.204291][ T6538] ext4_test_bit(bit=14, block=18) = 1
[  159.209680][ T6538] is_bad_inode(inode)=0
[  159.213874][ T6538] NEXT_ORPHAN(inode)=1023
[  159.218205][ T6538] max_ino=32
[  159.221392][ T6538] i_nlink=0
[  159.227439][ T6538] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2983: inode #15: comm syz.1.141: corrupted xattr block 19: e_value size too large
[  159.242358][ T6538] EXT4-fs warning (device loop1): ext4_evict_inode:272: xattr delete (err -117)
[  159.253204][ T6538] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  159.510402][ T5785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  160.417525][ T6546] netlink: 4 bytes leftover after parsing attributes in process `syz.1.143'.
[  160.484763][ T6549] netlink: 4 bytes leftover after parsing attributes in process `syz.1.143'.
[  160.577093][ T6548] netlink: 4 bytes leftover after parsing attributes in process `syz.2.144'.
[  160.613181][ T6548] netlink: 16 bytes leftover after parsing attributes in process `syz.2.144'.
[  161.591990][ T6561] loop0: detected capacity change from 0 to 64
[  161.693086][   T27] audit: type=1800 audit(1753736412.811:53): pid=6561 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.148" name="file1" dev="loop0" ino=18 res=0 errno=0
[  162.043855][ T6557] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  162.682917][ T6567] loop1: detected capacity change from 0 to 1024
[  163.613934][ T6576] input: syz1 as /devices/virtual/input/input12
[  163.725855][   T11] hfsplus: b-tree write err: -5, ino 4
[  166.036842][ T6596] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  169.533555][ T6614] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  170.196499][ T6618] loop1: detected capacity change from 0 to 40427
[  170.552259][ T6618] F2FS-fs (loop1): invalid crc value
[  170.638039][ T6618] F2FS-fs (loop1): Found nat_bits in checkpoint
[  170.696033][ T6618] F2FS-fs (loop1): Start checkpoint disabled!
[  170.755566][ T6618] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  172.391765][ T3559] kworker/u4:14: attempt to access beyond end of device
[  172.391765][ T3559] loop1: rw=1, sector=45096, nr_sectors = 8 limit=40427
[  172.510375][   T11] kworker/u4:0: attempt to access beyond end of device
[  172.510375][   T11] loop1: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[  172.536673][   T11] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  172.609619][   T11] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  172.803412][   T11] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  173.811978][   T11] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  174.322732][ T6645] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  174.829701][ T6651] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  175.307765][ T6656] loop0: detected capacity change from 0 to 1024
[  175.363166][ T6660] loop2: detected capacity change from 0 to 8
[  175.636357][ T5799] Bluetooth: hci2: link tx timeout
[  175.641524][ T5799] Bluetooth: hci2: killing stalled connection 10:aa:aa:aa:aa:aa
[  175.946741][ T6663] hfsplus: found bad thread record in catalog
[  176.462046][   T48] hfsplus: b-tree write err: -5, ino 4
[  178.082739][ T5794] Bluetooth: hci2: command 0x0406 tx timeout
[  178.293874][ T6675] netlink: 4 bytes leftover after parsing attributes in process `syz.3.174'.
[  178.401280][ T6681] netlink: 4 bytes leftover after parsing attributes in process `syz.3.174'.
[  178.809754][ T6686] loop2: detected capacity change from 0 to 40427
[  178.841814][ T6686] F2FS-fs (loop2): invalid crc value
[  178.866420][ T6686] F2FS-fs (loop2): Found nat_bits in checkpoint
[  178.914914][ T6686] F2FS-fs (loop2): Start checkpoint disabled!
[  178.963036][ T6686] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  180.306877][ T6698] input: syz1 as /devices/virtual/input/input13
[  180.521552][ T6705] netlink: 16 bytes leftover after parsing attributes in process `syz.0.182'.
[  181.159968][ T6710] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  181.254843][ T5799] Bluetooth: hci3: command 0x0406 tx timeout
[  181.260934][ T5799] Bluetooth: hci1: command 0x0406 tx timeout
[  181.772005][ T2924] kworker/u4:9: attempt to access beyond end of device
[  181.772005][ T2924] loop2: rw=1, sector=45096, nr_sectors = 8 limit=40427
[  181.976238][ T2924] kworker/u4:9: attempt to access beyond end of device
[  181.976238][ T2924] loop2: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[  182.000582][ T2924] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  182.051678][ T2924] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  182.065492][ T2924] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  182.080799][ T2924] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  183.112558][ T6726] loop1: detected capacity change from 0 to 1024
[  184.280310][ T6737] loop3: detected capacity change from 0 to 128
[  184.333464][ T6736] netlink: 4 bytes leftover after parsing attributes in process `syz.0.189'.
[  184.705380][ T6737] EXT4-fs warning (device loop3): ext4_init_metadata_csum:4634: metadata_csum and uninit_bg are redundant flags; please run fsck.
[  184.769407][   T48] hfsplus: b-tree write err: -5, ino 4
[  185.009061][ T6737] EXT4-fs (loop3): Encoding requested by superblock is unknown
[  185.028796][ T6745] netlink: 4 bytes leftover after parsing attributes in process `syz.0.189'.
[  186.140318][ T6755] loop0: detected capacity change from 0 to 40427
[  186.155741][ T6755] F2FS-fs (loop0): invalid crc value
[  186.306386][ T6755] F2FS-fs (loop0): Found nat_bits in checkpoint
[  186.349727][ T6741] loop2: detected capacity change from 0 to 512
[  186.364610][ T6755] F2FS-fs (loop0): Start checkpoint disabled!
[  186.371353][ T6741] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  186.384431][ T6741] EXT4-fs (loop2): orphan cleanup on readonly fs
[  186.391392][ T6741] EXT4-fs error (device loop2): ext4_orphan_get:1425: comm syz.2.181: bad orphan inode 15
[  186.409640][ T6741] ext4_test_bit(bit=14, block=18) = 1
[  186.415421][ T6741] is_bad_inode(inode)=0
[  186.420097][ T6741] NEXT_ORPHAN(inode)=1023
[  186.424795][ T6741] max_ino=32
[  186.428181][ T6741] i_nlink=0
[  186.439487][ T6741] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2983: inode #15: comm syz.2.181: corrupted xattr block 19: e_value size too large
[  186.455155][ T6741] EXT4-fs warning (device loop2): ext4_evict_inode:272: xattr delete (err -117)
[  186.465090][ T6741] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  186.477761][ T6755] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  186.626869][ T6757] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  188.801219][ T5787] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  188.840661][ T2924] kworker/u4:9: attempt to access beyond end of device
[  188.840661][ T2924] loop0: rw=1, sector=45096, nr_sectors = 8 limit=40427
[  188.867083][ T6773] netlink: 892 bytes leftover after parsing attributes in process `syz.3.197'.
[  188.869947][ T2924] kworker/u4:9: attempt to access beyond end of device
[  188.869947][ T2924] loop0: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[  188.897793][ T2924] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  188.923628][ T2924] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  188.931819][ T2924] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  188.951062][ T2924] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  189.699973][ T6787] netlink: 4 bytes leftover after parsing attributes in process `syz.3.199'.
[  189.776513][ T6789] netlink: 4 bytes leftover after parsing attributes in process `syz.3.199'.
[  190.940908][ T6805] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  192.224165][ T6810] input: syz1 as /devices/virtual/input/input14
[  192.547562][ T6822] netlink: 892 bytes leftover after parsing attributes in process `syz.1.207'.
[  192.582365][ T6824] input: syz1 as /devices/virtual/input/input15
[  192.645662][ T6818] Bluetooth: MGMT ver 1.22
[  192.697616][ T6818] syz.3.206 uses obsolete (PF_INET,SOCK_PACKET)
[  194.648229][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  194.654647][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  195.137998][ T6850] input: syz1 as /devices/virtual/input/input16
[  195.384374][ T6855] netlink: 4 bytes leftover after parsing attributes in process `syz.1.212'.
[  195.474034][ T6856] netlink: 4 bytes leftover after parsing attributes in process `syz.1.212'.
[  196.751589][ T6866] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  197.173505][ T6878] ceph: No mds server is up or the cluster is laggy
[  197.193813][ T5789] libceph: connect (1)[c::]:6789 error -101
[  197.200704][ T5789] libceph: mon0 (1)[c::]:6789 connect error
[  197.668879][ T6893] loop1: detected capacity change from 0 to 1024
[  197.899346][ T6889] input: syz1 as /devices/virtual/input/input17
[  197.935283][ T6886] input: syz1 as /devices/virtual/input/input18
[  198.659336][ T2919] hfsplus: b-tree write err: -5, ino 4
[  201.050273][ T6927] input: syz1 as /devices/virtual/input/input19
[  201.555202][ T6929] netlink: 868 bytes leftover after parsing attributes in process `syz.1.225'.
[  201.692154][ T6932] io-wq is not configured for unbound workers
[  202.089858][ T6943] fuse: Bad value for 'fd'
[  202.289880][ T5870] Process accounting resumed
[  202.606440][ T6941] netlink: 'syz.2.226': attribute type 10 has an invalid length.
[  203.258305][ T6941] 8021q: adding VLAN 0 to HW filter on device bond0
[  203.288849][ T6941] team0: Port device bond0 added
[  204.468396][ T6951] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  205.319026][ T6951] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  206.582337][ T5853] libceph: connect (1)[c::]:6789 error -101
[  206.672233][ T5853] libceph: mon0 (1)[c::]:6789 connect error
[  207.609801][ T6970] loop0: detected capacity change from 0 to 32768
[  208.344254][    T8] libceph: connect (1)[c::]:6789 error -101
[  208.398253][    T8] libceph: mon0 (1)[c::]:6789 connect error
[  209.046726][    T8] libceph: connect (1)[c::]:6789 error -101
[  209.096101][    T8] libceph: mon0 (1)[c::]:6789 connect error
[  209.193396][ T6970] JBD2: Ignoring recovery information on journal
[  209.918485][ T6972] loop1: detected capacity change from 0 to 512
[  210.040496][    T8] libceph: connect (1)[c::]:6789 error -101
[  210.052816][    T8] libceph: mon0 (1)[c::]:6789 connect error
[  210.059689][ T6972] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  210.264977][    T8] libceph: connect (1)[c::]:6789 error -101
[  210.271048][    T8] libceph: mon0 (1)[c::]:6789 connect error
[  210.444717][ T6972] EXT4-fs (loop1): orphan cleanup on readonly fs
[  210.469388][ T6972] EXT4-fs error (device loop1): ext4_orphan_get:1425: comm syz.1.233: bad orphan inode 15
[  210.565423][ T5853] libceph: connect (1)[c::]:6789 error -101
[  210.571495][ T5853] libceph: mon0 (1)[c::]:6789 connect error
[  210.625833][ T6972] ext4_test_bit(bit=14, block=18) = 1
[  210.631255][ T6972] is_bad_inode(inode)=0
[  210.672968][ T6972] NEXT_ORPHAN(inode)=1023
[  210.695458][ T6972] max_ino=32
[  210.698706][ T6972] i_nlink=0
[  210.715315][ T6972] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2983: inode #15: comm syz.1.233: corrupted xattr block 19: e_value size too large
[  210.847561][ T6972] EXT4-fs warning (device loop1): ext4_evict_inode:272: xattr delete (err -117)
[  210.899690][ T6972] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  211.115358][ T5785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  211.133191][    T8] libceph: connect (1)[c::]:6789 error -101
[  211.143848][    T8] libceph: mon0 (1)[c::]:6789 connect error
[  211.382972][ T6986] overlayfs: missing 'lowerdir'
[  211.932714][ T6967] ceph: No mds server is up or the cluster is laggy
[  212.015459][    T8] libceph: connect (1)[c::]:6789 error -101
[  212.023697][ T6970] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  212.041359][    T8] libceph: mon0 (1)[c::]:6789 connect error
[  213.001152][ T7000] loop1: detected capacity change from 0 to 1024
[  213.262304][ T5786] ocfs2: Unmounting device (7,0) on (node local)
[  213.731340][ T7011] hfsplus: found bad thread record in catalog
[  214.164629][ T3559] hfsplus: b-tree write err: -5, ino 4
[  215.365278][ T7024] loop0: detected capacity change from 0 to 1024
[  216.120870][ T7034] hfsplus: found bad thread record in catalog
[  216.618665][ T7031] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  216.733231][ T3523] hfsplus: b-tree write err: -5, ino 4
[  217.621745][ T7047] input: syz1 as /devices/virtual/input/input20
[  218.902525][ T7056] input: syz1 as /devices/virtual/input/input21
[  223.730780][ T7053] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  225.009107][ T7075] loop1: detected capacity change from 0 to 256
[  225.963354][ T7080] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  229.334941][ T7100] binder: 7095:7100 ioctl c0306201 0 returned -14
[  229.413928][ T7102] fuse: Unknown parameter 'user_id00000000000000000000'
[  230.727560][ T7109] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  232.831291][ T7120] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  232.949623][ T7133] loop0: detected capacity change from 0 to 64
[  233.324482][ T7135] input: syz1 as /devices/virtual/input/input22
[  235.980705][ T7163] syz.3.272: attempt to access beyond end of device
[  235.980705][ T7163] nbd3: rw=0, sector=0, nr_sectors = 1 limit=0
[  235.996722][ T7163] (syz.3.272,7163,0):ocfs2_get_sector:1772 ERROR: status = -5
[  236.011318][ T7163] (syz.3.272,7163,0):ocfs2_sb_probe:749 ERROR: status = -5
[  236.020771][ T7163] (syz.3.272,7163,0):ocfs2_fill_super:990 ERROR: superblock probe failed!
[  236.034287][ T7163] (syz.3.272,7163,0):ocfs2_fill_super:1178 ERROR: status = -5
[  236.231775][ T7159] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  238.242960][ T7167] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  238.718413][ T7176] netlink: 4 bytes leftover after parsing attributes in process `syz.0.277'.
[  238.808550][ T7182] netlink: 4 bytes leftover after parsing attributes in process `syz.0.277'.
[  240.675077][ T7192] loop3: detected capacity change from 0 to 64
[  241.073341][ T7200] binder: 7196:7200 ioctl c0306201 0 returned -14
[  241.470867][ T7194] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  245.387135][ T7211] input: syz1 as /devices/virtual/input/input23
[  245.744802][ T7214] input: syz1 as /devices/virtual/input/input24
[  245.934617][ T7218] netlink: 4 bytes leftover after parsing attributes in process `syz.1.289'.
[  246.018801][ T7223] netlink: 4 bytes leftover after parsing attributes in process `syz.1.289'.
[  246.294522][ T7227] loop6: detected capacity change from 0 to 524287999
[  246.775315][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  246.784839][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  246.971115][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  246.980356][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  247.411994][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  247.421235][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  247.434929][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  247.444150][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  247.453099][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  247.462248][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  247.470990][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  247.480191][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  247.522926][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  247.532178][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  247.540436][ T7227] ldm_validate_partition_table(): Disk read failed.
[  247.553724][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  247.562952][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  247.573753][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  247.582957][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  247.592361][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  247.601595][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  247.610089][ T7227] Dev loop6: unable to read RDB block 0
[  247.653064][ T7227]  loop6: unable to read partition table
[  247.659383][ T7227] loop_reread_partitions: partition scan of loop6 (3Ÿ¾‚³˜) failed (rc=-5)
[  248.051138][ T7231] input: syz1 as /devices/virtual/input/input25
[  248.324849][ T7243] binder: 7237:7243 ioctl c0306201 0 returned -14
[  249.500072][ T7248] loop2: detected capacity change from 0 to 64
[  249.821159][ T7252] hub 8-0:1.0: USB hub found
[  249.827379][ T7252] hub 8-0:1.0: 1 port detected
[  251.415934][ T7256] input: syz1 as /devices/virtual/input/input26
[  252.127978][ T7262] binder: BINDER_SET_CONTEXT_MGR already set
[  252.134907][ T7262] binder: 7261:7262 ioctl 4018620d 200000000040 returned -16
[  252.764538][ T7266] mmap: syz.1.300 (7266) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  255.853051][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  255.871413][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  255.912091][ T7277] Bluetooth: MGMT ver 1.22
[  256.646090][ T7280] input: syz1 as /devices/virtual/input/input27
[  257.265661][ T7286] loop1: detected capacity change from 0 to 256
[  257.282682][ T7288] input: syz1 as /devices/virtual/input/input28
[  257.416555][ T7293] tmpfs: Unknown parameter 'smackfsroot'
[  258.187057][ T7286] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  258.202256][ T7286] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[  258.238056][ T7296] loop2: detected capacity change from 0 to 1024
[  258.279752][ T7286] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  258.649032][ T7300] hfsplus: found bad thread record in catalog
[  259.184333][ T1134] hfsplus: b-tree write err: -5, ino 4
[  259.407375][ T7303] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  259.494838][ T7305] input: syz1 as /devices/virtual/input/input29
[  260.794730][ T7316] pim6reg: entered allmulticast mode
[  260.828761][ T7316] pim6reg: left allmulticast mode
[  261.040508][ T7319] syz.0.315: attempt to access beyond end of device
[  261.040508][ T7319] loop0: rw=0, sector=0, nr_sectors = 8 limit=0
[  261.062680][ T7319] F2FS-fs (loop0): Unable to read 1th superblock
[  261.082688][ T7319] syz.0.315: attempt to access beyond end of device
[  261.082688][ T7319] loop0: rw=0, sector=8, nr_sectors = 8 limit=0
[  261.098341][ T7319] F2FS-fs (loop0): Unable to read 2th superblock
[  264.645921][ T7328] input: syz1 as /devices/virtual/input/input30
[  266.566166][ T7344] loop0: detected capacity change from 0 to 1024
[  266.848947][ T7346] input: syz1 as /devices/virtual/input/input31
[  267.139235][ T7348] loop3: detected capacity change from 0 to 16
[  267.187164][ T7348] erofs: (device loop3): mounted with root inode @ nid 36.
[  267.285086][ T7352] hfsplus: found bad thread record in catalog
[  267.643999][ T3559] hfsplus: b-tree write err: -5, ino 4
[  267.705960][ T7348] syz.3.324: attempt to access beyond end of device
[  267.705960][ T7348] loop3: rw=0, sector=8, nr_sectors = 16 limit=16
[  270.588128][ T7355] syz.3.324 (7355): drop_caches: 2
[  270.668168][ T7360] binder: BINDER_SET_CONTEXT_MGR already set
[  270.674296][ T7360] binder: 7358:7360 ioctl 4018620d 200000000040 returned -16
[  270.674632][ T7361] netlink: 4 bytes leftover after parsing attributes in process `syz.1.327'.
[  271.446967][ T7361] netlink: 4 bytes leftover after parsing attributes in process `syz.1.327'.
[  271.605986][ T7365] binder: BINDER_SET_CONTEXT_MGR already set
[  271.613623][ T7365] binder: 7364:7365 ioctl 4018620d 200000000040 returned -16
[  271.731726][ T7368] loop1: detected capacity change from 0 to 1024
[  272.993528][ T7382] hfsplus: found bad thread record in catalog
[  273.327789][   T48] hfsplus: b-tree write err: -5, ino 4
[  273.665873][ T7391] input: syz1 as /devices/virtual/input/input32
[  275.146959][ T7405] loop1: detected capacity change from 0 to 1024
[  275.208797][ T7405] hfsplus: bad catalog folder entry
[  275.563390][ T7407] ax25_connect(): syz.1.337 uses autobind, please contact jreuter@yaina.de
[  275.601368][   T28] IPVS: starting estimator thread 0...
[  276.132967][ T7408] IPVS: using max 19 ests per chain, 45600 per kthread
[  277.261735][ T7415] input: syz1 as /devices/virtual/input/input33
[  277.831801][ T7421] loop1: detected capacity change from 0 to 1024
[  278.225967][ T7431] hfsplus: found bad thread record in catalog
[  278.780075][ T2924] hfsplus: b-tree write err: -5, ino 4
[  278.843659][ T7432] pim6reg: entered allmulticast mode
[  278.886251][ T7432] pim6reg: left allmulticast mode
[  278.944208][ T7428] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  279.920545][ T7435] loop2: detected capacity change from 0 to 4096
[  280.934292][ T7435] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  280.952863][ T7435] ntfs3: loop2: Failed to load $Extend (-22).
[  280.959312][ T7435] ntfs3: loop2: Failed to initialize $Extend.
[  281.726229][ T7441] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  282.712122][ T7444] loop1: detected capacity change from 0 to 4096
[  282.844723][ T7446] loop0: detected capacity change from 0 to 1024
[  282.880280][ T7446] hfsplus: bad catalog folder entry
[  282.890764][ T7447] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  284.403238][ T7450] ax25_connect(): syz.0.347 uses autobind, please contact jreuter@yaina.de
[  285.908669][ T5777] IPVS: starting estimator thread 0...
[  286.126303][ T7451] IPVS: using max 18 ests per chain, 43200 per kthread
[  286.170883][ T5870] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  287.779583][ T7455] input: syz1 as /devices/virtual/input/input34
[  288.024265][ T7460] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  288.207661][ T5870] usb 2-1: device descriptor read/all, error -71
[  288.409187][ T7466] netlink: 180 bytes leftover after parsing attributes in process `syz.0.352'.
[  289.590820][ T7471] loop0: detected capacity change from 0 to 1024
[  290.664852][ T7478] hfsplus: found bad thread record in catalog
[  291.020076][ T1134] hfsplus: b-tree write err: -5, ino 4
[  291.285597][ T7485] loop2: detected capacity change from 0 to 32768
[  291.301785][ T7485] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.356 (7485)
[  291.329582][ T7485] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  291.340028][ T7485] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  291.348808][ T7485] BTRFS info (device loop2): setting nodatacow, compression disabled
[  291.356955][ T7485] BTRFS info (device loop2): max_inline at 0
[  291.362963][ T7485] BTRFS info (device loop2): enabling disk space caching
[  291.369974][ T7485] BTRFS info (device loop2): turning off barriers
[  291.376475][ T7485] BTRFS info (device loop2): turning on flush-on-commit
[  291.383600][ T7485] BTRFS info (device loop2): doing ref verification
[  291.390182][ T7485] BTRFS info (device loop2): force clearing of disk cache
[  291.397342][ T7485] BTRFS info (device loop2): enabling ssd optimizations
[  291.404333][ T7485] BTRFS info (device loop2): max_inline at 4096
[  291.410558][ T7485] BTRFS info (device loop2): disk space caching is enabled
[  291.466006][ T7485] BTRFS info (device loop2): auto enabling async discard
[  291.481947][ T7485] BTRFS info (device loop2): rebuilding free space tree
[  291.600277][ T7485] BTRFS info (device loop2): disabling free space tree
[  291.607296][ T7485] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  291.617267][ T7485] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  293.012652][ T7507] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  293.238618][ T7510] capability: warning: `syz.2.356' uses 32-bit capabilities (legacy support in use)
[  294.160495][ T5787] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  294.558048][ T7518] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  294.594846][ T7524] binder: BINDER_SET_CONTEXT_MGR already set
[  294.600874][ T7524] binder: 7523:7524 ioctl 4018620d 200000000040 returned -16
[  294.760766][ T7526] input: syz1 as /devices/virtual/input/input35
[  295.390607][ T7533] netlink: 180 bytes leftover after parsing attributes in process `syz.1.362'.
[  300.198144][ T7561] loop1: detected capacity change from 0 to 1024
[  301.153989][ T7562] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  301.375524][ T7568] hfsplus: found bad thread record in catalog
[  301.659270][ T2919] hfsplus: b-tree write err: -5, ino 4
[  302.182727][ T7575] binder: BINDER_SET_CONTEXT_MGR already set
[  302.189594][ T7575] binder: 7574:7575 ioctl 4018620d 200000000040 returned -16
[  302.695731][ T7587] block device autoloading is deprecated and will be removed.
[  304.512755][ T7596] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  304.765085][ T7594] input: syz1 as /devices/virtual/input/input36
[  305.802234][ T7611] loop3: detected capacity change from 0 to 1024
[  306.295794][ T7611] hfsplus: found bad thread record in catalog
[  307.358312][ T7618] input: syz1 as /devices/virtual/input/input37
[  307.365482][ T3523] hfsplus: b-tree write err: -5, ino 4
[  312.242764][ T5794] Bluetooth: hci2: command 0x0406 tx timeout
[  312.542890][ T7644] netlink: 12 bytes leftover after parsing attributes in process `syz.2.389'.
[  312.676476][ T7647] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  313.010146][ T7655] program syz.3.390 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  313.703246][ T7661] loop0: detected capacity change from 0 to 1024
[  313.953910][ T7654] netlink: 36 bytes leftover after parsing attributes in process `syz.3.390'.
[  314.365997][ T7661] hfsplus: found bad thread record in catalog
[  314.431191][   T48] hfsplus: b-tree write err: -5, ino 4
[  314.601258][ T7671] hub 8-0:1.0: USB hub found
[  314.612872][ T7671] hub 8-0:1.0: 1 port detected
[  315.193620][ T7670] input: syz1 as /devices/virtual/input/input38
[  315.379504][ T7679] netlink: 28 bytes leftover after parsing attributes in process `syz.3.396'.
[  317.295617][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  317.335271][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  317.615034][ T7699] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  318.171428][ T7710] netlink: 892 bytes leftover after parsing attributes in process `syz.1.398'.
[  318.257126][ T7711] netlink: 892 bytes leftover after parsing attributes in process `syz.1.398'.
[  319.662882][ T7725] input: syz1 as /devices/virtual/input/input39
[  320.744575][ T7732] netdevsim netdevsim0: Direct firmware load for ¼JÈöníñÆgkNšÄq>ä*x(Oˆ@Ä“Æ™¬aîWóÿfV!�Œˆ«_—)µAD‘I†µw•C7�;¹gB›|hÂV`f”?:VmÐUWX:SZ;žË©6h?AeÙÿ³iÛámç/Øî‘ÆS–Á6­Ò_C?ÚF failed with error -2
[  320.765240][ T7732] netdevsim netdevsim0: Falling back to sysfs fallback for: ¼JÈöníñÆgkNšÄq>ä*x(Oˆ@Ä“Æ™¬aîWóÿfV!�Œˆ«_—)µAD‘I†µw•C7�;¹gB›|hÂV`f”?:VmÐUWX:SZ;žË©6h?AeÙÿ³iÛámç/Øî‘ÆS–Á6­Ò_C?ÚF
[  320.808662][ T7733] tmpfs: Bad value for 'mpol'
[  321.236281][ T7736] loop3: detected capacity change from 0 to 1024
[  322.598339][ T7744] hfsplus: found bad thread record in catalog
[  322.805478][ T7747] loop2: detected capacity change from 0 to 8
[  322.836726][ T7748] loop0: detected capacity change from 0 to 1024
[  322.844395][ T3523] hfsplus: b-tree write err: -5, ino 4
[  323.373656][ T5780] udevd[5780]: incorrect cramfs checksum on /dev/loop2
[  323.703255][ T7756] netlink: 420 bytes leftover after parsing attributes in process `syz.3.409'.
[  323.770381][ T7758] hfsplus: found bad thread record in catalog
[  324.431455][ T7761] loop2: detected capacity change from 0 to 1024
[  324.589104][ T3559] hfsplus: b-tree write err: -5, ino 4
[  325.192773][   T54] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  325.350763][ T7767] hfsplus: found bad thread record in catalog
[  325.963962][ T3523] hfsplus: b-tree write err: -5, ino 4
[  325.981738][ T7771] netlink: 892 bytes leftover after parsing attributes in process `syz.1.415'.
[  326.067694][   T54] usb 4-1: Using ep0 maxpacket: 16
[  326.100000][ T7773] netlink: 892 bytes leftover after parsing attributes in process `syz.1.415'.
[  326.120583][   T54] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 8
[  326.181312][   T54] usb 4-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[  326.280580][   T54] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  326.323171][   T54] usb 4-1: Product: syz
[  326.327609][   T54] usb 4-1: Manufacturer: syz
[  326.332785][   T54] usb 4-1: SerialNumber: syz
[  326.372002][   T54] usb 4-1: config 0 descriptor??
[  326.410311][   T54] ftdi_sio 4-1:0.0: FTDI USB Serial Device converter detected
[  326.452309][   T54] usb 4-1: Detected FT232R
[  326.868066][   T54] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[  326.892098][   T54] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  326.909349][   T54] ftdi_sio 4-1:0.0: GPIO initialisation failed: -71
[  326.950343][   T54] usb 4-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  327.014608][   T54] usb 4-1: USB disconnect, device number 2
[  327.033838][   T54] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  327.056886][   T54] ftdi_sio 4-1:0.0: device disconnected
[  328.410797][ T7779] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  328.532435][ T7797] loop3: detected capacity change from 0 to 1024
[  328.773644][ T7798] hfsplus: found bad thread record in catalog
[  329.192974][ T7801] input: syz1 as /devices/virtual/input/input40
[  329.261901][ T7802] input: syz1 as /devices/virtual/input/input41
[  329.436451][ T2924] hfsplus: b-tree write err: -5, ino 4
[  329.848482][ T7807] input: syz1 as /devices/virtual/input/input42
[  330.455937][ T7809] netlink: 892 bytes leftover after parsing attributes in process `syz.2.424'.
[  331.083369][ T7809] netlink: 892 bytes leftover after parsing attributes in process `syz.2.424'.
[  331.164788][ T7816] netlink: 892 bytes leftover after parsing attributes in process `syz.0.425'.
[  331.230688][ T7817] netlink: 892 bytes leftover after parsing attributes in process `syz.0.425'.
[  331.289449][ T7819] netlink: 420 bytes leftover after parsing attributes in process `syz.2.426'.
[  331.984219][   T54] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  332.229908][   T54] usb 3-1: Using ep0 maxpacket: 16
[  332.343965][   T54] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 8
[  332.520166][   T54] usb 3-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[  332.660716][   T54] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  332.797597][   T54] usb 3-1: Product: syz
[  332.872428][   T54] usb 3-1: Manufacturer: syz
[  332.938569][   T54] usb 3-1: SerialNumber: syz
[  333.131154][   T54] usb 3-1: config 0 descriptor??
[  333.303190][   T54] ftdi_sio 3-1:0.0: FTDI USB Serial Device converter detected
[  335.573803][   T54] usb 3-1: Detected FT232R
[  336.971248][ T7829] loop1: detected capacity change from 0 to 32768
[  337.783200][    T9] libceph: connect (1)[c::]:6789 error -101
[  337.805942][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  338.247095][ T7829] JBD2: Ignoring recovery information on journal
[  338.397481][    T9] libceph: connect (1)[c::]:6789 error -101
[  338.537509][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  338.789726][ T7829] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  339.081065][    T9] libceph: connect (1)[c::]:6789 error -101
[  339.178853][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  339.466562][   T54] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[  339.726422][ T7842] loop3: detected capacity change from 0 to 128
[  339.788641][   T54] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  339.795920][ T7827] ceph: No mds server is up or the cluster is laggy
[  339.796713][   T54] ftdi_sio 3-1:0.0: GPIO initialisation failed: -71
[  339.803683][ T5870] libceph: connect (1)[c::]:6789 error -101
[  339.818964][   T54] usb 3-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  339.830154][   T54] usb 3-1: USB disconnect, device number 2
[  339.882109][ T7842] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  339.899130][ T7845] loop2: detected capacity change from 0 to 1024
[  339.903160][ T5870] libceph: mon0 (1)[c::]:6789 connect error
[  339.912157][   T54] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  339.936387][ T7842] ext4 filesystem being mounted at /108/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  340.007895][   T54] ftdi_sio 3-1:0.0: device disconnected
[  340.219733][ T7848] hfsplus: found bad thread record in catalog
[  340.351978][ T5785] ocfs2: Unmounting device (7,1) on (node local)
[  340.573186][ T7849] input: syz1 as /devices/virtual/input/input43
[  341.048575][ T3523] hfsplus: b-tree write err: -5, ino 4
[  341.105648][ T5788] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  341.985176][ T7860] loop1: detected capacity change from 0 to 1024
[  342.235681][ T7862] hfsplus: found bad thread record in catalog
[  342.744695][ T7867] input: syz1 as /devices/virtual/input/input44
[  342.876739][ T3523] hfsplus: b-tree write err: -5, ino 4
[  346.675662][ T7889] loop3: detected capacity change from 0 to 1024
[  346.885794][ T7890] hfsplus: found bad thread record in catalog
[  347.220019][ T7894] input: syz1 as /devices/virtual/input/input45
[  347.576796][   T48] hfsplus: b-tree write err: -5, ino 4
[  347.627886][ T7897] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  348.092340][ T7901] input: syz1 as /devices/virtual/input/input46
[  350.742637][ T7916] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  351.606484][ T7925] loop2: detected capacity change from 0 to 8192
[  351.687334][ T7925] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  351.721791][ T7925] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal
[  351.752162][ T7925] REISERFS (device loop2): using ordered data mode
[  351.803896][ T7925] reiserfs: using flush barriers
[  351.834949][ T7925] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  351.883963][ T7925] REISERFS (device loop2): checking transaction log (loop2)
[  351.933112][ T7925] REISERFS (device loop2): Using r5 hash to sort names
[  351.953326][ T7925] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage.
[  352.216210][ T7934] loop3: detected capacity change from 0 to 1024
[  352.697763][ T7938] hfsplus: found bad thread record in catalog
[  352.820898][ T7941] loop0: detected capacity change from 0 to 1024
[  353.166280][ T2924] hfsplus: b-tree write err: -5, ino 4
[  353.217798][ T7944] hfsplus: found bad thread record in catalog
[  354.367534][ T7951] input: syz1 as /devices/virtual/input/input47
[  354.433151][   T48] hfsplus: b-tree write err: -5, ino 4
[  356.319054][ T7962] loop0: detected capacity change from 0 to 256
[  357.415906][ T7962] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x205a2abe, utbl_chksum : 0xe619d30d)
[  361.157137][ T7980] binder: 7977:7980 ioctl c00c620f 200000000740 returned -22
[  361.727948][ T7986] loop0: detected capacity change from 0 to 1024
[  361.997142][ T7991] hfsplus: found bad thread record in catalog
[  363.123036][ T3523] hfsplus: b-tree write err: -5, ino 4
[  363.339774][ T7992] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  366.563205][ T5799] Bluetooth: hci2: command 0x0406 tx timeout
[  368.190428][ T8048] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  368.206736][ T8048] loop1: detected capacity change from 0 to 256
[  369.132030][ T8048] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  369.142749][ T8048] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[  369.329162][ T8048] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  369.643410][   T27] audit: type=1800 audit(1753736620.741:54): pid=8046 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.471" name="file1" dev="loop1" ino=1048607 res=0 errno=0
[  369.821021][ T8054] input: syz1 as /devices/virtual/input/input48
[  370.856887][ T8069] loop0: detected capacity change from 0 to 1024
[  371.886055][ T8076] hfsplus: found bad thread record in catalog
[  372.204123][ T1134] hfsplus: b-tree write err: -5, ino 4
[  373.414121][ T8083] netlink: 868 bytes leftover after parsing attributes in process `syz.0.481'.
[  373.528175][ T8088] netlink: 868 bytes leftover after parsing attributes in process `syz.0.481'.
[  375.612147][ T8108] loop2: detected capacity change from 0 to 1024
[  376.584275][ T8116] hfsplus: found bad thread record in catalog
[  377.044434][ T2924] hfsplus: b-tree write err: -5, ino 4
[  377.097270][ T8109] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  377.582413][ T8126] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  377.619113][ T8126] loop0: detected capacity change from 0 to 256
[  378.143603][ T8126] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  378.154468][ T8126] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[  378.239564][ T8126] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  378.731261][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  378.737731][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  378.785727][ T2919] sl1: compressed packet ignored
[  378.797424][ T2924] sl0: compressed packet ignored
[  380.544149][ T8139] netlink: 868 bytes leftover after parsing attributes in process `syz.2.494'.
[  380.711012][ T8145] netlink: 868 bytes leftover after parsing attributes in process `syz.2.494'.
[  381.463294][ T8148] CIFS mount error: No usable UNC path provided in device string!
[  381.463294][ T8148] 
[  381.473637][ T8148] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  381.973709][ T8150] netlink: 892 bytes leftover after parsing attributes in process `syz.0.498'.
[  382.089397][ T8156] netlink: 892 bytes leftover after parsing attributes in process `syz.0.498'.
[  382.962804][ T8159] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  383.279464][ T8164] loop0: detected capacity change from 0 to 1024
[  383.722332][ T8173] hfsplus: found bad thread record in catalog
[  383.853507][ T8166] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  384.298720][   T48] hfsplus: b-tree write err: -5, ino 4
[  384.682795][ T8174] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  384.690080][ T8174] comedi comedi3: 8255: I/O port conflict (0x2,4)
[  384.697045][ T8174] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  384.704083][ T8174] comedi comedi3: 8255: I/O port conflict (0x5c95239c,4)
[  384.711401][ T8174] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  384.718263][ T8174] comedi comedi3: 8255: I/O port conflict (0x3ff,4)
[  384.725460][ T8174] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  384.732161][ T8174] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  384.740012][ T8174] comedi comedi3: 8255: I/O port conflict (0x9,4)
[  384.746937][ T8174] comedi comedi3: 8255: I/O port conflict (0x6,4)
[  384.753707][ T8174] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  384.760381][ T8174] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  384.767416][ T8174] comedi comedi3: 8255: I/O port conflict (0xffffffff80000089,4)
[  384.775584][ T8174] comedi comedi3: 8255: I/O port conflict (0xfffffffffffffffe,4)
[  384.783634][ T8174] comedi comedi3: 8255: I/O port conflict (0xb,4)
[  384.790311][ T8174] comedi comedi3: 8255: I/O port conflict (0xfffffffffffffff5,4)
[  384.798522][ T8174] comedi comedi3: 8255: I/O port conflict (0xffffffffffffeadb,4)
[  384.806585][ T8174] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  384.813447][ T8174] comedi comedi3: 8255: I/O port conflict (0x8,4)
[  384.820694][ T8174] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  384.827512][ T8174] comedi comedi3: 8255: I/O port conflict (0x8000000,4)
[  384.834906][ T8174] comedi comedi3: 8255: I/O port conflict (0xffffffffdffffffa,4)
[  386.684744][ T8188] loop0: detected capacity change from 0 to 8
[  386.729883][ T5780] udevd[5780]: incorrect cramfs checksum on /dev/loop0
[  387.685392][ T8199] netlink: 892 bytes leftover after parsing attributes in process `syz.1.508'.
[  387.766300][ T8204] netlink: 892 bytes leftover after parsing attributes in process `syz.1.508'.
[  387.818098][ T8205] nbd0: detected capacity change from 0 to 127
[  387.903806][ T5799] block nbd0: Receive control failed (result -104)
[  388.017154][ T8206] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  389.623756][ T8219] loop1: detected capacity change from 0 to 1024
[  389.896399][ T8219] hfsplus: found bad thread record in catalog
[  389.986577][ T3523] hfsplus: b-tree write err: -5, ino 4
[  392.567526][   T27] audit: type=1326 audit(1753736643.681:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8236 comm="syz.1.518" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fdf3db8e9a9 code=0x0
[  392.606469][ T8241] netlink: 892 bytes leftover after parsing attributes in process `syz.0.519'.
[  392.684853][ T8243] netlink: 892 bytes leftover after parsing attributes in process `syz.0.519'.
[  393.710061][ T8255] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  393.844929][ T8249] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  395.184006][ T8275] binder: 8273:8275 ioctl c00c620f 200000000740 returned -22
[  397.557847][ T8288] netlink: 828 bytes leftover after parsing attributes in process `syz.0.528'.
[  398.416847][ T8284] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  398.713806][   T27] audit: type=1326 audit(1753736649.831:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8295 comm="syz.1.531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf3db8e9a9 code=0x7ffc0000
[  398.821823][   T27] audit: type=1326 audit(1753736649.831:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8295 comm="syz.1.531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf3db8e9a9 code=0x7ffc0000
[  399.202575][    C0] sl1: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 20460 ms
[  399.211354][    C0] sl1: transmit timed out, driver error?
[  399.217505][    C0] sl0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 20470 ms
[  399.225545][    C0] sl0: transmit timed out, driver error?
[  399.470925][   T27] audit: type=1326 audit(1753736649.831:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8295 comm="syz.1.531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fdf3db8e9a9 code=0x7ffc0000
[  400.483316][   T27] audit: type=1326 audit(1753736649.831:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8295 comm="syz.1.531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf3db8e9a9 code=0x7ffc0000
[  400.526257][   T27] audit: type=1326 audit(1753736649.831:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8295 comm="syz.1.531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf3db8e9a9 code=0x7ffc0000
[  400.559340][   T27] audit: type=1326 audit(1753736649.831:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8295 comm="syz.1.531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7fdf3db8e9a9 code=0x7ffc0000
[  401.265282][   T27] audit: type=1326 audit(1753736649.831:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8295 comm="syz.1.531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf3db8e9a9 code=0x7ffc0000
[  401.317885][   T27] audit: type=1326 audit(1753736649.831:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8295 comm="syz.1.531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf3db8e9a9 code=0x7ffc0000
[  401.340101][   T27] audit: type=1326 audit(1753736649.831:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8295 comm="syz.1.531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fdf3db8e9a9 code=0x7ffc0000
[  401.363079][   T27] audit: type=1326 audit(1753736649.831:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8295 comm="syz.1.531" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf3db8e9a9 code=0x7ffc0000
[  405.987186][ T8334] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  406.148855][ T8333] netlink: 860 bytes leftover after parsing attributes in process `syz.0.541'.
[  406.325734][ T8337] netlink: 860 bytes leftover after parsing attributes in process `syz.0.541'.
[  409.525640][ T8355] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  412.896776][ T8380] loop3: detected capacity change from 0 to 1024
[  412.961448][ T8381] input: syz1 as /devices/virtual/input/input49
[  413.524380][ T8383] hfsplus: found bad thread record in catalog
[  413.744187][ T2919] hfsplus: b-tree write err: -5, ino 4
[  415.160498][ T8390] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  418.860867][   T10] block nbd0: Possible stuck request ffff888021dc0000: control (read@0,1024B). Runtime 30 seconds
[  418.873584][   T10] block nbd0: Possible stuck request ffff888021dc0200: control (read@1024,1024B). Runtime 30 seconds
[  418.884960][   T10] block nbd0: Possible stuck request ffff888021dc0400: control (read@2048,1024B). Runtime 30 seconds
[  418.895966][   T10] block nbd0: Possible stuck request ffff888021dc0600: control (read@3072,1024B). Runtime 30 seconds
[  419.024148][ T8413] loop3: detected capacity change from 0 to 1024
[  419.156186][ T8414] input: syz1 as /devices/virtual/input/input50
[  419.349761][ T8421] input: syz0 as /devices/virtual/input/input51
[  419.356985][ T8420] hfsplus: found bad thread record in catalog
[  420.405115][ T2948] hfsplus: b-tree write err: -5, ino 4
[  421.016030][ T8425] loop3: detected capacity change from 0 to 1024
[  421.906582][ T8433] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  422.334394][ T8436] hfsplus: found bad thread record in catalog
[  422.526723][ T3523] hfsplus: b-tree write err: -5, ino 4
[  425.089271][ T8452] input: syz1 as /devices/virtual/input/input52
[  429.379135][ T8484] loop3: detected capacity change from 0 to 1024
[  429.462194][ T8477] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  430.686407][ T8489] hfsplus: found bad thread record in catalog
[  430.862125][ T2924] hfsplus: b-tree write err: -5, ino 4
[  432.591971][ T8502] netlink: 772 bytes leftover after parsing attributes in process `syz.3.579'.
[  432.698001][ T8507] netlink: 772 bytes leftover after parsing attributes in process `syz.3.579'.
[  433.912669][ T8512] netlink: 44 bytes leftover after parsing attributes in process `syz.0.581'.
[  434.316631][ T8524] input: syz1 as /devices/virtual/input/input53
[  435.804508][ T8533] tty tty20: ldisc open failed (-12), clearing slot 19
[  437.445348][ T8541] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  437.727445][ T8546] loop3: detected capacity change from 0 to 1024
[  438.060937][ T8548] hfsplus: found bad thread record in catalog
[  438.247910][ T8550] loop1: detected capacity change from 0 to 1024
[  438.260394][ T8552] netlink: 892 bytes leftover after parsing attributes in process `syz.2.590'.
[  438.704871][ T8556] hfsplus: found bad thread record in catalog
[  439.039169][ T8558] loop0: detected capacity change from 0 to 4096
[  439.046736][ T8558] ntfs3: Unknown parameter 'subj_type'
[  439.793379][ T5778] blk_print_req_error: 9 callbacks suppressed
[  439.793393][ T5778] I/O error, dev loop0, sector 3968 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  440.073414][ T8563] netlink: 772 bytes leftover after parsing attributes in process `syz.2.594'.
[  440.177825][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  440.184441][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  440.207740][   T48] sl0: compressed packet ignored
[  440.213697][ T2948] sl1: compressed packet ignored
[  440.416815][ T8566] netlink: 772 bytes leftover after parsing attributes in process `syz.2.594'.
[  440.503142][ T1134] hfsplus: b-tree write err: -5, ino 4
[  442.823198][   T48] hfsplus: b-tree write err: -5, ino 4
[  443.995399][ T8584] loop0: detected capacity change from 0 to 128
[  444.003623][ T8584] zonefs (loop0) ERROR: Not a zoned block device
[  446.031257][ T8590] input: syz1 as /devices/virtual/input/input54
[  446.737064][ T8575] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  448.351985][ T8604] input: syz0 as /devices/virtual/input/input55
[  449.193052][ T6587] block nbd0: Possible stuck request ffff888021dc0000: control (read@0,1024B). Runtime 60 seconds
[  449.203792][ T6587] block nbd0: Possible stuck request ffff888021dc0200: control (read@1024,1024B). Runtime 60 seconds
[  449.214738][ T6587] block nbd0: Possible stuck request ffff888021dc0400: control (read@2048,1024B). Runtime 60 seconds
[  449.225705][ T6587] block nbd0: Possible stuck request ffff888021dc0600: control (read@3072,1024B). Runtime 60 seconds
[  449.491760][ T8612] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  450.867297][ T8614] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  451.851490][ T8621] netlink: 772 bytes leftover after parsing attributes in process `syz.0.607'.
[  452.680453][ T8632] loop2: detected capacity change from 0 to 1024
[  452.721977][ T8621] netlink: 772 bytes leftover after parsing attributes in process `syz.0.607'.
[  454.812014][ T8647] hfsplus: found bad thread record in catalog
[  455.751538][ T8653] loop1: detected capacity change from 0 to 4096
[  455.758969][ T8653] ntfs3: Unknown parameter 'subj_type'
[  457.912351][ T8667] netlink: 44 bytes leftover after parsing attributes in process `syz.1.617'.
[  459.972107][ T8679] afs: Bad value for 'source'
[  460.202650][    C0] sl1: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 20010 ms
[  460.210741][    C0] sl1: transmit timed out, driver error?
[  460.216451][    C0] sl0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 20020 ms
[  460.224478][    C0] sl0: transmit timed out, driver error?
[  461.915001][ T3523] hfsplus: b-tree write err: -5, ino 4
[  462.591152][ T8700] syz.2.625: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz2,mems_allowed=0-1
[  462.759334][ T8700] CPU: 0 PID: 8700 Comm: syz.2.625 Not tainted 6.6.100-syzkaller #0
[  462.767367][ T8700] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  462.777455][ T8700] Call Trace:
[  462.780750][ T8700]  <TASK>
[  462.783701][ T8700]  dump_stack_lvl+0x16c/0x230
[  462.788407][ T8700]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  462.794066][ T8700]  ? show_regs_print_info+0x20/0x20
[  462.799275][ T8700]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  462.804948][ T8700]  warn_alloc+0x210/0x300
[  462.809309][ T8700]  ? stack_trace_save+0x9c/0xe0
[  462.814183][ T8700]  ? zone_watermark_ok_safe+0x230/0x230
[  462.819751][ T8700]  ? kasan_set_track+0x5f/0x70
[  462.824525][ T8700]  ? kasan_set_track+0x4e/0x70
[  462.829297][ T8700]  ? __kasan_kmalloc+0x8f/0xa0
[  462.834072][ T8700]  ? xsk_init_queue+0xb0/0x110
[  462.838847][ T8700]  ? xsk_setsockopt+0x43c/0x6f0
[  462.843714][ T8700]  ? do_sock_setsockopt+0x175/0x1a0
[  462.848925][ T8700]  ? __x64_sys_setsockopt+0x184/0x200
[  462.854315][ T8700]  __vmalloc_node_range+0x126/0x1320
[  462.859648][ T8700]  ? free_vm_area+0x50/0x50
[  462.864181][ T8700]  vmalloc_user+0x74/0x80
[  462.868536][ T8700]  ? xskq_create+0xbf/0x170
[  462.873048][ T8700]  xskq_create+0xbf/0x170
[  462.877393][ T8700]  xsk_init_queue+0xb0/0x110
[  462.881998][ T8700]  xsk_setsockopt+0x43c/0x6f0
[  462.886694][ T8700]  ? xsk_poll+0x670/0x670
[  462.891042][ T8700]  ? __fget_files+0x28/0x4d0
[  462.895649][ T8700]  ? bpf_lsm_socket_setsockopt+0x9/0x10
[  462.901209][ T8700]  ? security_socket_setsockopt+0x7e/0xa0
[  462.906938][ T8700]  ? xsk_poll+0x670/0x670
[  462.911288][ T8700]  do_sock_setsockopt+0x175/0x1a0
[  462.916332][ T8700]  ? __fdget+0x180/0x210
[  462.920591][ T8700]  __x64_sys_setsockopt+0x184/0x200
[  462.925807][ T8700]  do_syscall_64+0x55/0xb0
[  462.930232][ T8700]  ? clear_bhb_loop+0x40/0x90
[  462.934914][ T8700]  ? clear_bhb_loop+0x40/0x90
[  462.939601][ T8700]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  462.945511][ T8700] RIP: 0033:0x7f971e38e9a9
[  462.949952][ T8700] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  462.969574][ T8700] RSP: 002b:00007f971f229038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  462.978006][ T8700] RAX: ffffffffffffffda RBX: 00007f971e5b5fa0 RCX: 00007f971e38e9a9
[  462.985986][ T8700] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000007
[  462.993965][ T8700] RBP: 00007f971e410d69 R08: 0000000000000004 R09: 0000000000000000
[  463.001955][ T8700] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  463.009938][ T8700] R13: 0000000000000000 R14: 00007f971e5b5fa0 R15: 00007fff7aaedb38
[  463.017937][ T8700]  </TASK>
[  463.770004][ T8700] Mem-Info:
[  463.790781][ T8700] active_anon:8526 inactive_anon:0 isolated_anon:0
[  463.790781][ T8700]  active_file:785 inactive_file:40572 isolated_file:0
[  463.790781][ T8700]  unevictable:768 dirty:197 writeback:0
[  463.790781][ T8700]  slab_reclaimable:7772 slab_unreclaimable:95415
[  463.790781][ T8700]  mapped:29599 shmem:4226 pagetables:656
[  463.790781][ T8700]  sec_pagetables:0 bounce:0
[  463.790781][ T8700]  kernel_misc_reclaimable:0
[  463.790781][ T8700]  free:1353191 free_pcp:8897 free_cma:0
[  463.869657][ T8700] Node 0 active_anon:34056kB inactive_anon:0kB active_file:3140kB inactive_file:162088kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:118488kB dirty:820kB writeback:0kB shmem:15396kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11604kB pagetables:2628kB sec_pagetables:0kB all_unreclaimable? no
[  463.919465][ T8700] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  464.033228][ T8700] Node 0 DMA free:15344kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  464.147442][ T8700] lowmem_reserve[]: 0 2525 2526 2526 2526
[  464.153744][ T8700] Node 0 DMA32 free:1512180kB boost:0kB min:34676kB low:43344kB high:52012kB reserved_highatomic:0KB active_anon:32412kB inactive_anon:0kB active_file:3140kB inactive_file:160756kB unevictable:1536kB writepending:820kB present:3129332kB managed:2589600kB mlocked:0kB bounce:0kB free_pcp:11036kB local_pcp:472kB free_cma:0kB
[  464.208878][ T8700] lowmem_reserve[]: 0 0 1 1 1
[  464.214312][ T8700] Node 0 Normal free:4kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1332kB unevictable:0kB writepending:0kB present:1048576kB managed:1384kB mlocked:0kB bounce:0kB free_pcp:4kB local_pcp:0kB free_cma:0kB
[  464.271746][ T8712] __vm_enough_memory: pid: 8712, comm: syz.0.627, not enough memory for the allocation
[  464.401203][ T8700] lowmem_reserve[]: 0 0 0 0 0
[  464.901022][ T8700] Node 1 Normal free:3895480kB boost:0kB min:55208kB low:69008kB high:82808kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:4kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:19584kB local_pcp:9472kB free_cma:0kB
[  465.290559][ T8700] lowmem_reserve[]: 0 0 0 0 0
[  465.328856][ T8700] Node 0 DMA: 0*4kB 0*8kB 1*16kB (U) 1*32kB (U) 1*64kB (U) 1*128kB (U) 1*256kB (U) 1*512kB (U) 0*1024kB 1*2048kB (M) 3*4096kB (M) = 15344kB
[  465.367423][ T8700] Node 0 DMA32: 133*4kB (UME) 296*8kB (UME) 461*16kB (UME) 657*32kB (UME) 204*64kB (UME) 86*128kB (UME) 34*256kB (UME) 17*512kB (UME) 5*1024kB (UME) 5*2048kB (UME) 350*4096kB (M) = 1521732kB
[  465.400477][ T8700] Node 0 Normal: 1*4kB (M) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4kB
[  465.412749][ T8700] Node 1 Normal: 270*4kB (UME) 62*8kB (UME) 51*16kB (UME) 159*32kB (UME) 46*64kB (UME) 10*128kB (UME) 1*256kB (M) 1*512kB (E) 2*1024kB (UE) 1*2048kB (E) 947*4096kB (M) = 3895480kB
[  465.448783][ T8700] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  465.468436][ T8700] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  465.479152][ T8700] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  465.488956][ T8700] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  465.500115][ T8700] 42703 total pagecache pages
[  465.506552][ T8700] 8 pages in swap cache
[  465.510786][ T8700] Free swap  = 123668kB
[  465.518366][ T8700] Total swap = 124996kB
[  465.523342][ T8700] 2097051 pages RAM
[  465.527138][ T8700] 0 pages HighMem/MovableOnly
[  465.531790][ T8700] 416137 pages reserved
[  465.543954][ T8700] 0 pages cma reserved
[  466.431991][ T8731] netlink: 44 bytes leftover after parsing attributes in process `syz.2.629'.
[  467.893294][ T8745] fuse: Bad value for 'fd'
[  468.595523][ T8742] loop3: detected capacity change from 0 to 1024
[  468.804971][   T27] kauditd_printk_skb: 5 callbacks suppressed
[  468.804991][   T27] audit: type=1326 audit(1753736719.921:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8746 comm="syz.0.634" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f1494b8e9a9 code=0x0
[  469.935117][ T8754] hfsplus: found bad thread record in catalog
[  470.285502][ T8760] loop1: detected capacity change from 0 to 128
[  470.437618][ T8760] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  471.676567][ T8760] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  471.744958][ T8762] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  473.242597][ T8776] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  473.686134][ T3559] hfsplus: b-tree write err: -5, ino 4
[  473.760146][ T3559] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  475.548655][ T8797] loop2: detected capacity change from 0 to 128
[  476.944632][ T8806] loop3: detected capacity change from 0 to 16
[  476.995390][ T8806] erofs: (device loop3): mounted with root inode @ nid 36.
[  477.078242][ T8806] syz.3.646: attempt to access beyond end of device
[  477.078242][ T8806] loop3: rw=0, sector=8, nr_sectors = 16 limit=16
[  477.424623][ T8808] loop2: detected capacity change from 0 to 1024
[  478.577750][ T8813] syz.3.646: attempt to access beyond end of device
[  478.577750][ T8813] loop3: rw=0, sector=8, nr_sectors = 16 limit=16
[  479.587108][ T8822] hfsplus: found bad thread record in catalog
[  479.606770][ T8819] netlink: 4 bytes leftover after parsing attributes in process `syz.0.651'.
[  479.909770][ T8823] netlink: 4 bytes leftover after parsing attributes in process `syz.0.651'.
[  480.278328][ T6587] block nbd0: Possible stuck request ffff888021dc0000: control (read@0,1024B). Runtime 90 seconds
[  480.289123][ T6587] block nbd0: Possible stuck request ffff888021dc0200: control (read@1024,1024B). Runtime 90 seconds
[  480.300477][ T6587] block nbd0: Possible stuck request ffff888021dc0400: control (read@2048,1024B). Runtime 90 seconds
[  480.312114][ T6587] block nbd0: Possible stuck request ffff888021dc0600: control (read@3072,1024B). Runtime 90 seconds
[  481.651838][ T8837] loop1: detected capacity change from 0 to 1024
[  482.842865][ T8845] hfsplus: found bad thread record in catalog
[  483.584978][ T2919] hfsplus: b-tree write err: -5, ino 4
[  485.722971][ T3523] hfsplus: b-tree write err: -5, ino 4
[  487.170980][ T8861] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  489.772787][ T8882] afs: Bad value for 'source'
[  490.551255][ T8890] loop2: detected capacity change from 0 to 1024
[  492.670001][ T8896] hfsplus: found bad thread record in catalog
[  492.761068][ T8898] loop1: detected capacity change from 0 to 1024
[  493.186950][ T8902] hfsplus: found bad thread record in catalog
[  493.672899][   T27] audit: type=1800 audit(1753736744.791:72): pid=8900 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.670" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0
[  493.737355][ T2919] hfsplus: b-tree write err: -5, ino 4
[  494.297560][ T2919] hfsplus: b-tree write err: -5, ino 4
[  496.011588][ T8916] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  498.428212][ T8934] netlink: 4 bytes leftover after parsing attributes in process `syz.1.679'.
[  498.460687][ T8934] veth1_macvtap: left promiscuous mode
[  499.203350][ T8937] loop1: detected capacity change from 0 to 128
[  499.266725][ T8937] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  499.289243][ T8937] ext4 filesystem being mounted at /174/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  500.070423][ T8955] loop3: detected capacity change from 0 to 1024
[  500.518149][ T5785] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  500.839538][ T5794] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  500.849571][ T5794] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  500.859477][ T5794] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  500.878981][ T5794] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  500.888311][ T5794] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  500.895874][ T5794] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  501.768324][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  501.876393][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  501.893958][ T2919] sl0: compressed packet ignored
[  502.569546][ T8985] hfsplus: found bad thread record in catalog
[  502.882203][ T8956] chnl_net:caif_netlink_parms(): no params data found
[  502.972034][ T5794] Bluetooth: hci4: command tx timeout
[  504.000460][ T2924] hfsplus: b-tree write err: -5, ino 4
[  504.008086][ T8986] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  505.042856][ T5794] Bluetooth: hci4: command tx timeout
[  505.134838][ T8956] bridge0: port 1(bridge_slave_0) entered blocking state
[  505.146676][ T8956] bridge0: port 1(bridge_slave_0) entered disabled state
[  505.168832][ T8956] bridge_slave_0: entered allmulticast mode
[  505.185387][ T8956] bridge_slave_0: entered promiscuous mode
[  505.197795][ T9009] netlink: 8 bytes leftover after parsing attributes in process `syz.2.687'.
[  505.205632][ T8956] bridge0: port 2(bridge_slave_1) entered blocking state
[  505.344359][ T8956] bridge0: port 2(bridge_slave_1) entered disabled state
[  505.366348][ T8956] bridge_slave_1: entered allmulticast mode
[  505.367075][ T9016] netlink: 8 bytes leftover after parsing attributes in process `syz.2.687'.
[  505.386238][ T8956] bridge_slave_1: entered promiscuous mode
[  506.186865][ T8956] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  506.226439][ T8956] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  506.527151][ T8956] team0: Port device team_slave_0 added
[  506.540272][ T8956] team0: Port device team_slave_1 added
[  506.563986][ T9028] loop2: detected capacity change from 0 to 1024
[  506.621886][ T8956] batman_adv: batadv0: Adding interface: batadv_slave_0
[  506.692680][ T8956] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  506.736459][ T9030] input: syz1 as /devices/virtual/input/input56
[  506.892617][ T8956] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  507.014637][ T8956] batman_adv: batadv0: Adding interface: batadv_slave_1
[  507.085248][ T8956] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  507.133265][ T5794] Bluetooth: hci4: command tx timeout
[  507.915379][ T8956] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  508.821362][ T8956] hsr_slave_0: entered promiscuous mode
[  509.212817][ T5794] Bluetooth: hci4: command tx timeout
[  509.223949][ T8956] hsr_slave_1: entered promiscuous mode
[  509.590034][ T9047] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  509.677032][ T8956] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  509.685651][ T1134] hfsplus: b-tree write err: -5, ino 4
[  509.749804][ T8956] Cannot create hsr debugfs directory
[  510.992686][ T6587] block nbd0: Possible stuck request ffff888021dc0000: control (read@0,1024B). Runtime 120 seconds
[  511.006642][ T6587] block nbd0: Possible stuck request ffff888021dc0200: control (read@1024,1024B). Runtime 120 seconds
[  511.018142][ T6587] block nbd0: Possible stuck request ffff888021dc0400: control (read@2048,1024B). Runtime 120 seconds
[  511.032782][ T6587] block nbd0: Possible stuck request ffff888021dc0600: control (read@3072,1024B). Runtime 120 seconds
[  512.589424][ T9073] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  513.029631][ T8956] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  513.249565][ T8956] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  513.273881][ T8956] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  513.330230][ T8956] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  514.141335][ T8956] 8021q: adding VLAN 0 to HW filter on device bond0
[  514.161757][ T8956] 8021q: adding VLAN 0 to HW filter on device team0
[  514.253012][   T48] bridge0: port 1(bridge_slave_0) entered blocking state
[  514.260282][   T48] bridge0: port 1(bridge_slave_0) entered forwarding state
[  514.301433][   T48] bridge0: port 2(bridge_slave_1) entered blocking state
[  514.308762][   T48] bridge0: port 2(bridge_slave_1) entered forwarding state
[  515.670203][ T9103] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  516.201104][ T8956] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  519.160000][ T9121] loop3: detected capacity change from 0 to 1024
[  519.434375][ T8956] 8021q: adding VLAN 0 to HW filter on device batadv0
[  519.948489][ T9136] hfsplus: found bad thread record in catalog
[  521.280839][ T3523] hfsplus: b-tree write err: -5, ino 4
[  522.084388][    C0] sl0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 20200 ms
[  522.092550][    C0] sl0: transmit timed out, driver error?
[  524.624520][ T5162] udevd[5162]: worker [5780] /devices/virtual/block/nbd0 is taking a long time
[  524.826487][ T8956] veth0_vlan: entered promiscuous mode
[  524.877221][ T8956] veth1_vlan: entered promiscuous mode
[  524.957159][ T9148] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  524.988198][ T8956] veth0_macvtap: entered promiscuous mode
[  525.024812][ T8956] veth1_macvtap: entered promiscuous mode
[  525.663865][ T8956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  525.681725][ T8956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  525.702436][ T8956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  525.719389][ T8956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  525.729947][ T8956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  525.750322][ T8956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  525.766272][ T8956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  525.783146][ T8956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  525.799412][ T8956] batman_adv: batadv0: Interface activated: batadv_slave_0
[  525.818208][ T8956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  525.830147][ T8956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  525.840542][ T8956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  525.851964][ T8956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  525.866194][ T8956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  525.877013][ T8956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  525.887568][ T8956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  525.898401][ T8956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  525.996272][ T8956] batman_adv: batadv0: Interface activated: batadv_slave_1
[  526.019813][ T8956] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  526.030009][ T8956] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  526.039045][ T8956] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  526.048152][ T8956] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  526.213015][ T2924] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  526.220995][ T2924] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  526.262004][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  526.272148][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  526.645585][ T9167] loop1: detected capacity change from 0 to 256
[  526.664703][ T9167] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  526.675465][ T9167] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[  527.340863][ T9167] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  531.115321][ T9195] input: syz1 as /devices/virtual/input/input57
[  531.150884][ T9197] loop1: detected capacity change from 0 to 1024
[  531.547057][ T9204] input: syz1 as /devices/virtual/input/input58
[  532.436791][ T9208] hfsplus: found bad thread record in catalog
[  532.823573][   T48] hfsplus: b-tree write err: -5, ino 4
[  532.858190][ T9211] netlink: 4 bytes leftover after parsing attributes in process `syz.2.728'.
[  532.901249][ T9211] veth1_macvtap: left promiscuous mode
[  532.937897][ T9212] loop2: detected capacity change from 0 to 128
[  533.066586][ T9212] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  533.183856][ T9212] ext4 filesystem being mounted at /182/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  533.530582][ T5787] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  533.704814][ T9216] loop1: detected capacity change from 0 to 32768
[  533.880777][ T9224] fuse: Bad value for 'fd'
[  534.694830][ T9216] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  535.080910][ T9216] XFS (loop1): Ending clean mount
[  538.102949][ T9241] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  538.631386][   T27] audit: type=1800 audit(1753736789.681:73): pid=9243 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.729" name="file1" dev="loop1" ino=9286 res=0 errno=0
[  538.843762][ T9246] netlink: 8 bytes leftover after parsing attributes in process `syz.2.735'.
[  538.850042][ T5785] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  539.010714][ T9253] netlink: 8 bytes leftover after parsing attributes in process `syz.2.735'.
[  540.501899][ T9259] netlink: 4 bytes leftover after parsing attributes in process `syz.3.739'.
[  540.637953][ T9259] veth1_macvtap: left promiscuous mode
[  541.412088][ T9264] loop3: detected capacity change from 0 to 128
[  541.427920][ T9270] fuse: Bad value for 'fd'
[  541.504445][ T9271] input: syz1 as /devices/virtual/input/input59
[  541.517602][   T10] block nbd0: Possible stuck request ffff888021dc0000: control (read@0,1024B). Runtime 150 seconds
[  541.528524][   T10] block nbd0: Possible stuck request ffff888021dc0200: control (read@1024,1024B). Runtime 150 seconds
[  541.567964][   T10] block nbd0: Possible stuck request ffff888021dc0400: control (read@2048,1024B). Runtime 150 seconds
[  541.579756][   T10] block nbd0: Possible stuck request ffff888021dc0600: control (read@3072,1024B). Runtime 150 seconds
[  541.693199][ T9274] netlink: 12 bytes leftover after parsing attributes in process `syz.2.742'.
[  541.703268][ T9274] netlink: 48 bytes leftover after parsing attributes in process `syz.2.742'.
[  541.850447][ T9276] loop2: detected capacity change from 0 to 8
[  541.859056][ T9276] squashfs: Unknown parameter '00000000000000000000005'
[  543.483695][ T5800] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  543.505840][ T9264] EXT4-fs: error -4 creating inode table initialization thread
[  543.563045][ T9264] EXT4-fs (loop3): mount failed
[  548.662341][ T9314] loop2: detected capacity change from 0 to 128
[  548.767250][ T9314] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  549.054637][ T9314] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  552.928296][ T3559] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  554.391809][ T9354] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  555.160514][ T5799] Bluetooth: hci4: link tx timeout
[  555.166498][ T5799] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[  557.208964][ T5799] Bluetooth: hci4: command 0x0406 tx timeout
[  558.880794][ T9388] input: syz1 as /devices/virtual/input/input60
[  562.717179][ T9405] loop1: detected capacity change from 0 to 1024
[  562.727883][ T9405] EXT4-fs: Ignoring removed i_version option
[  562.741148][ T9405] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  562.892012][ T9405] EXT4-fs error (device loop1): ext4_map_blocks:608: inode #3: block 2: comm syz.1.775: lblock 2 mapped to illegal pblock 2 (length 1)
[  562.920943][ T9405] Quota error (device loop1): qtree_write_dquot: dquota write failed
[  562.962591][ T9405] EXT4-fs error (device loop1): ext4_map_blocks:608: inode #3: block 48: comm syz.1.775: lblock 0 mapped to illegal pblock 48 (length 1)
[  563.011552][ T9405] Quota error (device loop1): v2_write_file_info: Can't write info structure
[  563.022166][ T9405] EXT4-fs error (device loop1): ext4_acquire_dquot:6938: comm syz.1.775: Failed to acquire dquot type 0
[  563.063152][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  563.069593][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  563.120149][ T9405] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5902: Corrupt filesystem
[  563.143620][   T48] sl0: compressed packet ignored
[  563.196651][ T9405] EXT4-fs error (device loop1): ext4_evict_inode:252: inode #11: comm syz.1.775: mark_inode_dirty error
[  563.301436][ T9405] EXT4-fs warning (device loop1): ext4_evict_inode:255: couldn't mark inode dirty (err -117)
[  563.312138][ T9405] EXT4-fs (loop1): 1 orphan inode deleted
[  563.319365][ T9405] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  563.332880][ T2919] EXT4-fs error (device loop1): ext4_map_blocks:608: inode #3: block 1: comm kworker/u4:8: lblock 1 mapped to illegal pblock 1 (length 1)
[  563.377718][ T2919] Quota error (device loop1): remove_tree: Can't read quota data block 1
[  563.436343][ T2919] EXT4-fs error (device loop1): ext4_release_dquot:6974: comm kworker/u4:8: Failed to release dquot type 0
[  565.230613][ T9419] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  565.258769][ T5785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  565.401966][ T5785] EXT4-fs error (device loop1): __ext4_get_inode_loc:4483: comm syz-executor: Invalid inode table block 1 in block_group 0
[  565.516144][ T9411] smc: net device bond0 applied user defined pnetid SYZ2
[  565.554520][ T9412] smc: net device bond0 erased user defined pnetid SYZ2
[  565.574514][ T5785] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5902: Corrupt filesystem
[  565.664848][ T5785] EXT4-fs error (device loop1): ext4_quota_off:7222: inode #3: comm syz-executor: mark_inode_dirty error
[  567.294202][ T9438] loop4: detected capacity change from 0 to 32768
[  567.358492][ T9434] 9pnet_fd: Insufficient options for proto=fd
[  567.540367][ T9438] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  569.776127][ T9438] XFS (loop4): Ending clean mount
[  570.816393][ T9459] input: syz1 as /devices/virtual/input/input61
[  570.880412][   T27] audit: type=1800 audit(1753736821.901:74): pid=9460 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.777" name="file1" dev="loop4" ino=9286 res=0 errno=0
[  572.192614][ T6587] block nbd0: Possible stuck request ffff888021dc0000: control (read@0,1024B). Runtime 180 seconds
[  572.203523][ T6587] block nbd0: Possible stuck request ffff888021dc0200: control (read@1024,1024B). Runtime 180 seconds
[  572.214556][ T6587] block nbd0: Possible stuck request ffff888021dc0400: control (read@2048,1024B). Runtime 180 seconds
[  572.225555][ T6587] block nbd0: Possible stuck request ffff888021dc0600: control (read@3072,1024B). Runtime 180 seconds
[  572.960203][ T9473] sp0: Synchronizing with TNC
[  575.652706][ T9477] loop3: detected capacity change from 0 to 2048
[  576.403281][ T8956] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  580.859110][ T9498] input: syz1 as /devices/virtual/input/input62
[  581.343150][ T9504] 9pnet_fd: Insufficient options for proto=fd
[  583.533801][    C0] sl0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 20460 ms
[  583.541892][    C0] sl0: transmit timed out, driver error?
[  585.453047][ T9531] input: syz1 as /devices/virtual/input/input63
[  586.466601][ T9538] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  587.127008][ T9547] input: syz1 as /devices/virtual/input/input64
[  587.133697][ T9546] input: syz1 as /devices/virtual/input/input65
[  589.215200][ T9557] loop4: detected capacity change from 0 to 1024
[  589.535290][ T9565] hfsplus: found bad thread record in catalog
[  590.160140][ T9359] hfsplus: b-tree write err: -5, ino 4
[  592.242645][ T5794] Bluetooth: hci3: command 0x0406 tx timeout
[  595.224512][ T9580] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  597.707823][ T9594] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  600.111276][ T9608] input: syz1 as /devices/virtual/input/input67
[  600.205036][ T9610] veth0: entered promiscuous mode
[  600.221184][ T9610] loop2: detected capacity change from 0 to 8
[  600.252380][ T5778] udevd[5778]: incorrect cramfs checksum on /dev/loop2
[  600.261471][ T9610] MTD: Attempt to mount non-MTD device "/dev/loop2"
[  600.517477][ T9613] cramfs: Error -5 while decompressing!
[  600.525422][ T9613] cramfs: ffffffff96fd8308(26)->ffff88805bd1c000(4096)
[  600.532514][ T9613] cramfs: Error -3 while decompressing!
[  600.538199][ T9613] cramfs: ffffffff96fd8322(26)->ffff88805bd1d000(4096)
[  600.545452][ T9613] cramfs: Error -3 while decompressing!
[  600.557525][ T9613] cramfs: ffffffff96fd833c(16)->ffff88805bd1e000(4096)
[  600.565090][ T9613] cramfs: Error -5 while decompressing!
[  600.582686][ T9613] cramfs: ffffffff96fd8308(26)->ffff88805bd1c000(4096)
[  600.673723][   T27] audit: type=1800 audit(1753736851.711:75): pid=9613 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.813" name="file2" dev="loop2" ino=348 res=0 errno=0
[  600.905070][ T9613] genirq: Flags mismatch irq 7. 00000000 (ttyS3) vs. 00000000 (comedi_parport)
[  600.972322][ T9615] input: syz1 as /devices/virtual/input/input68
[  601.104393][ T5778] udevd[5778]: incorrect cramfs checksum on /dev/loop2
[  601.407103][ T9621] IPVS: sync thread started: state = MASTER, mcast_ifn = bridge_slave_0, syncid = 0, id = 0
[  602.190910][ T9609] veth0: left promiscuous mode
[  602.742577][ T9467] block nbd0: Possible stuck request ffff888021dc0000: control (read@0,1024B). Runtime 210 seconds
[  602.767339][ T9467] block nbd0: Possible stuck request ffff888021dc0200: control (read@1024,1024B). Runtime 210 seconds
[  602.814643][ T9467] block nbd0: Possible stuck request ffff888021dc0400: control (read@2048,1024B). Runtime 210 seconds
[  602.861145][ T9467] block nbd0: Possible stuck request ffff888021dc0600: control (read@3072,1024B). Runtime 210 seconds
[  603.467353][ T9628] loop1: detected capacity change from 0 to 1024
[  604.712528][ T9635] hfsplus: found bad thread record in catalog
[  605.697072][ T9634] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  605.842793][   T48] hfsplus: b-tree write err: -5, ino 4
[  607.434630][ T9647] loop1: detected capacity change from 0 to 1764
[  608.022538][   T27] audit: type=1326 audit(1753736858.981:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9643 comm="syz.1.820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf3db8e9a9 code=0x7ffc0000
[  608.189973][ T9647] block device autoloading is deprecated and will be removed.
[  608.207476][   T27] audit: type=1326 audit(1753736858.991:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9643 comm="syz.1.820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=261 compat=0 ip=0x7fdf3db8e9a9 code=0x7ffc0000
[  608.239253][ T9647] syz.1.820: attempt to access beyond end of device
[  608.239253][ T9647] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  608.343006][   T27] audit: type=1326 audit(1753736858.991:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9643 comm="syz.1.820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf3db8e9a9 code=0x7ffc0000
[  608.953370][   T27] audit: type=1326 audit(1753736858.991:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9643 comm="syz.1.820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf3db8e9a9 code=0x7ffc0000
[  609.361513][   T27] audit: type=1326 audit(1753736858.991:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9643 comm="syz.1.820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7fdf3db8e9a9 code=0x7ffc0000
[  609.460271][   T27] audit: type=1326 audit(1753736858.991:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9643 comm="syz.1.820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf3db8e9a9 code=0x7ffc0000
[  609.709535][   T27] audit: type=1326 audit(1753736858.991:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9643 comm="syz.1.820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=25 compat=0 ip=0x7fdf3db8e9a9 code=0x7ffc0000
[  610.251637][   T27] audit: type=1326 audit(1753736859.001:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9643 comm="syz.1.820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf3db8e9a9 code=0x7ffc0000
[  610.445882][   T27] audit: type=1326 audit(1753736859.001:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9643 comm="syz.1.820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf3db8e9a9 code=0x7ffc0000
[  610.578779][   T27] audit: type=1326 audit(1753736859.001:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9643 comm="syz.1.820" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fdf3db8e9a9 code=0x7ffc0000
[  612.429391][ T9676] loop1: detected capacity change from 0 to 1024
[  612.875235][ T9680] hfsplus: found bad thread record in catalog
[  613.485374][ T3559] hfsplus: b-tree write err: -5, ino 4
[  613.593592][ T9679] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  615.492720][ T9692] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  619.971455][ T9723] 9pnet_fd: Insufficient options for proto=fd
[  620.240630][ T9725] loop1: detected capacity change from 0 to 1024
[  620.811625][ T9735] hfsplus: found bad thread record in catalog
[  621.712508][ T9733] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  621.833665][ T2919] hfsplus: b-tree write err: -5, ino 4
[  621.992644][ T9739] netlink: 4 bytes leftover after parsing attributes in process `syz.3.843'.
[  623.382550][ T9744] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  624.264701][ T9752] binder: 9749:9752 ioctl c00c620f 200000000740 returned -22
[  625.035213][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  625.041664][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  625.056647][   T48] sl0: compressed packet ignored
[  625.127603][ T9753] input: syz1 as /devices/virtual/input/input69
[  628.658267][ T9773] loop4: detected capacity change from 0 to 1024
[  628.938397][ T9775] hfsplus: found bad thread record in catalog
[  629.600359][ T9359] hfsplus: b-tree write err: -5, ino 4
[  629.758165][ T9778] vivid-007: =================  START STATUS  =================
[  629.767356][ T9778] vivid-007: Enable Output Cropping: true
[  629.773857][ T9778] vivid-007: Enable Output Composing: true
[  629.779848][ T9778] vivid-007: Enable Output Scaler: true
[  629.785496][ T9778] vivid-007: Tx RGB Quantization Range: Automatic
[  629.792058][ T9778] vivid-007: Transmit Mode: HDMI
[  629.797256][ T9778] vivid-007: Display Present: true inactive
[  629.803391][ T9778] vivid-007: Hotplug Present: 0x00000001
[  629.823461][ T9778] vivid-007: RxSense Present: 0x00000001
[  629.829364][ T9778] vivid-007: EDID Present: 0x00000001
[  629.835184][ T9778] vivid-007: ==================  END STATUS  ==================
[  630.763027][   T29] INFO: task syz.0.657:8847 blocked for more than 143 seconds.
[  630.770618][   T29]       Not tainted 6.6.100-syzkaller #0
[  630.803639][ T9781] loop4: detected capacity change from 0 to 512
[  630.821722][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  630.850769][   T29] task:syz.0.657       state:D stack:26376 pid:8847  ppid:5786   flags:0x00004006
[  630.872496][   T29] Call Trace:
[  630.875857][   T29]  <TASK>
[  630.888881][ T9781] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  630.906194][   T29]  __schedule+0x14d2/0x44d0
[  630.936229][   T29]  ? asan.module_dtor+0x20/0x20
[  631.033614][ T9781] EXT4-fs (loop4): orphan cleanup on readonly fs
[  631.042531][   T29]  ? __mutex_lock+0x6b2/0xcc0
[  631.047311][   T29]  ? __mutex_trylock_common+0x84/0x250
[  631.077147][ T9781] EXT4-fs error (device loop4): ext4_orphan_get:1425: comm syz.4.853: bad orphan inode 15
[  631.109851][   T29]  ? trace_raw_output_contention_end+0xd0/0xd0
[  631.152722][   T29]  schedule+0xbd/0x170
[  631.162736][ T9781] ext4_test_bit(bit=14, block=18) = 1
[  631.168144][ T9781] is_bad_inode(inode)=0
[  631.169978][   T29]  schedule_preempt_disabled+0x13/0x20
[  631.172286][ T9781] NEXT_ORPHAN(inode)=1023
[  631.172321][ T9781] max_ino=32
[  631.172330][ T9781] i_nlink=0
[  631.212543][   T29]  __mutex_lock+0x6b7/0xcc0
[  631.217104][   T29]  ? __mutex_lock+0x4e8/0xcc0
[  631.221797][   T29]  ? blkdev_get_by_dev+0x121/0x600
[  631.273802][ T9781] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2983: inode #15: comm syz.4.853: corrupted xattr block 19: e_value size too large
[  631.288918][ T9784] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  631.312828][   T29]  ? mutex_lock_nested+0x20/0x20
[  631.317909][   T29]  ? iput+0x347/0x920
[  631.321993][   T29]  ? ilookup+0x1c4/0x200
[  631.348366][ T9781] EXT4-fs warning (device loop4): ext4_evict_inode:272: xattr delete (err -117)
[  631.362842][   T29]  ? disk_block_events+0xa7/0x120
[  631.367905][   T29]  ? blkdev_get_by_dev+0x101/0x600
[  631.385460][ T9781] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  631.412698][   T29]  blkdev_get_by_dev+0x121/0x600
[  631.417784][   T29]  bdev_open_by_dev+0x77/0x100
[  631.438189][   T29]  setup_bdev_super+0x59/0x660
[  631.448631][   T29]  get_tree_bdev+0x337/0x510
[  631.462945][   T29]  ? mtd_proc_show+0x260/0x260
[  631.467838][   T29]  ? romfs_reconfigure+0xa0/0xa0
[  631.482691][   T29]  ? setup_bdev_super+0x660/0x660
[  631.487854][   T29]  ? romfs_get_tree+0xe/0x50
[  631.513480][   T29]  vfs_get_tree+0x8c/0x280
[  631.518005][   T29]  do_new_mount+0x24b/0xa40
[  631.542784][   T29]  __se_sys_mount+0x2da/0x3c0
[  631.547603][   T29]  ? __x64_sys_mount+0xc0/0xc0
[  631.573101][   T29]  ? lockdep_hardirqs_on+0x98/0x150
[  631.578459][   T29]  ? __x64_sys_mount+0x20/0xc0
[  631.602901][   T29]  do_syscall_64+0x55/0xb0
[  631.607434][   T29]  ? clear_bhb_loop+0x40/0x90
[  631.612207][   T29]  ? clear_bhb_loop+0x40/0x90
[  631.653044][   T29]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  631.659087][   T29] RIP: 0033:0x7f1494b8e9a9
[  631.692635][   T29] RSP: 002b:00007f14959b1038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  631.701249][   T29] RAX: ffffffffffffffda RBX: 00007f1494db6160 RCX: 00007f1494b8e9a9
[  631.747988][   T29] RDX: 0000200000000040 RSI: 0000200000000140 RDI: 0000200000000180
[  631.768284][   T29] RBP: 00007f1494c10d69 R08: 0000000000000000 R09: 0000000000000000
[  631.808395][   T29] R10: 0000000000208090 R11: 0000000000000246 R12: 0000000000000000
[  631.832549][   T29] R13: 0000000000000000 R14: 00007f1494db6160 R15: 00007fffdce4b138
[  631.840581][   T29]  </TASK>
[  631.862574][   T29] 
[  631.862574][   T29] Showing all locks held in the system:
[  631.870329][   T29] 3 locks held by kworker/0:1/9:
[  631.902493][   T29]  #0: ffff888017872538 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0
[  631.928362][   T29]  #1: ffffc900000e7d00 ((work_completion)(&rew->rew_work)){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0
[  631.940541][   T29]  #2: ffff8880b8e3c458 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0xad/0x140
[  631.950583][   T29] 1 lock held by khungtaskd/29:
[  631.955527][   T29]  #0: ffffffff8cd2fba0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x290
[  631.965880][   T29] 2 locks held by getty/5553:
[  631.970564][   T29]  #0: ffff88814c6870a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  631.984998][   T29]  #1: ffffc9000328b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x425/0x1380
[  631.997374][   T29] 1 lock held by udevd/5780:
[  632.001978][   T29]  #0: ffff888021d704c8 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_get_by_dev+0x121/0x600
[  632.017938][   T29] 2 locks held by syz.2.386/7637:
[  632.023044][   T29]  #0: ffff88802f4e00a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_release+0x5c/0x200
[  632.038314][   T29]  #1: ffff88802f4e30a0 (&tty->ldisc_sem/1){+.+.}-{0:0}, at: tty_ldisc_release+0x80/0x200
[  632.049338][   T29] 1 lock held by syz.1.447/7922:
[  632.064054][   T29]  #0: ffffffff8cd35b78 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x360/0x830
[  632.078226][   T29] 1 lock held by syz.0.657/8847:
[  632.084336][   T29]  #0: ffff888021d704c8 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_get_by_dev+0x121/0x600
[  632.094627][   T29] 1 lock held by syz.2.850/9782:
[  632.099687][   T29]  #0: ffffffff8cd35b78 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x360/0x830
[  632.110887][   T29] 
[  632.117293][   T29] =============================================
[  632.117293][   T29] 
[  632.132889][   T29] NMI backtrace for cpu 1
[  632.135512][ T9781] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  632.137219][   T29] CPU: 1 PID: 29 Comm: khungtaskd Not tainted 6.6.100-syzkaller #0
[  632.154033][   T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  632.164084][   T29] Call Trace:
[  632.167353][   T29]  <TASK>
[  632.170268][   T29]  dump_stack_lvl+0x16c/0x230
[  632.174931][   T29]  ? show_regs_print_info+0x20/0x20
[  632.180114][   T29]  ? load_image+0x3b0/0x3b0
[  632.184612][   T29]  nmi_cpu_backtrace+0x39b/0x3d0
[  632.189535][   T29]  ? nmi_trigger_cpumask_backtrace+0x2f0/0x2f0
[  632.195669][   T29]  ? _printk+0xd0/0x110
[  632.199809][   T29]  ? load_image+0x3b0/0x3b0
[  632.204296][   T29]  ? load_image+0x3b0/0x3b0
[  632.208784][   T29]  ? arch_trigger_cpumask_backtrace+0x10/0x10
[  632.214839][   T29]  nmi_trigger_cpumask_backtrace+0x17a/0x2f0
[  632.220804][   T29]  watchdog+0xf41/0xf80
[  632.224942][   T29]  ? watchdog+0x1e1/0xf80
[  632.229253][   T29]  kthread+0x2fa/0x390
[  632.233301][   T29]  ? hungtask_pm_notify+0x90/0x90
[  632.238309][   T29]  ? kthread_blkcg+0xd0/0xd0
[  632.242882][   T29]  ret_from_fork+0x48/0x80
[  632.247277][   T29]  ? kthread_blkcg+0xd0/0xd0
[  632.251842][   T29]  ret_from_fork_asm+0x11/0x20
[  632.256597][   T29]  </TASK>
[  632.260863][   T29] Sending NMI from CPU 1 to CPUs 0:
[  632.266282][    C0] NMI backtrace for cpu 0
[  632.266296][    C0] CPU: 0 PID: 1134 Comm: kworker/u4:6 Not tainted 6.6.100-syzkaller #0
[  632.266312][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  632.266321][    C0] Workqueue: events_unbound nsim_dev_trap_report_work
[  632.266342][    C0] RIP: 0010:__sanitizer_cov_trace_const_cmp8+0x30/0x80
[  632.266363][    C0] Code: 04 24 65 48 8b 0d 30 20 7e 7e 65 8b 15 31 20 7e 7e 81 e2 00 01 ff 00 74 11 81 fa 00 01 00 00 75 57 83 b9 1c 16 00 00 00 74 4e <8b> 91 f8 15 00 00 83 fa 03 75 43 48 8b 91 00 16 00 00 44 8b 89 fc
[  632.266377][    C0] RSP: 0018:ffffc9000465f640 EFLAGS: 00000246
[  632.266389][    C0] RAX: ffffffff8132107a RBX: ffffc9000465f700 RCX: ffff888023b68000
[  632.266401][    C0] RDX: 0000000000000000 RSI: ffffffff88624867 RDI: 0000000000000000
[  632.266411][    C0] RBP: ffffc9000465f6d0 R08: ffff888023b68000 R09: 0000000000000003
[  632.266421][    C0] R10: 0000000000000004 R11: 0000000000000000 R12: ffffffff88624867
[  632.266431][    C0] R13: 0000000000000000 R14: ffffffff81747100 R15: ffffc9000465f648
[  632.266442][    C0] FS:  0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[  632.266456][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  632.266467][    C0] CR2: 00007f74ed571000 CR3: 000000002f27c000 CR4: 00000000003506f0
[  632.266480][    C0] Call Trace:
[  632.266486][    C0]  <TASK>
[  632.266491][    C0]  arch_stack_walk+0x12a/0x190
[  632.266509][    C0]  ? kmalloc_reserve+0x117/0x260
[  632.266531][    C0]  stack_trace_save+0x9c/0xe0
[  632.266548][    C0]  ? stack_trace_snprint+0xf0/0xf0
[  632.266568][    C0]  ? kasan_set_track+0x4e/0x70
[  632.266583][    C0]  ? __kasan_slab_alloc+0x6c/0x80
[  632.266599][    C0]  kasan_set_track+0x4e/0x70
[  632.266613][    C0]  ? kasan_set_track+0x4e/0x70
[  632.266626][    C0]  ? __kasan_kmalloc+0x8f/0xa0
[  632.266641][    C0]  ? __kmalloc_node_track_caller+0xb2/0x230
[  632.266682][    C0]  ? __kmem_cache_alloc_node+0x13e/0x260
[  632.266701][    C0]  ? __alloc_skb+0x138/0x2c0
[  632.266718][    C0]  __kasan_kmalloc+0x8f/0xa0
[  632.266734][    C0]  ? __alloc_skb+0x138/0x2c0
[  632.266751][    C0]  __kmalloc_node_track_caller+0xb2/0x230
[  632.266770][    C0]  ? rcu_is_watching+0x15/0xb0
[  632.266789][    C0]  ? __alloc_skb+0x138/0x2c0
[  632.266805][    C0]  kmalloc_reserve+0x117/0x260
[  632.266829][    C0]  __alloc_skb+0x138/0x2c0
[  632.266848][    C0]  nsim_dev_trap_report_work+0x293/0xb00
[  632.266874][    C0]  ? process_scheduled_works+0x957/0x15b0
[  632.266892][    C0]  process_scheduled_works+0xa45/0x15b0
[  632.266931][    C0]  ? assign_work+0x400/0x400
[  632.266953][    C0]  ? assign_work+0x39e/0x400
[  632.266971][    C0]  worker_thread+0xa55/0xfc0
[  632.267004][    C0]  kthread+0x2fa/0x390
[  632.267017][    C0]  ? pr_cont_work+0x560/0x560
[  632.267035][    C0]  ? kthread_blkcg+0xd0/0xd0
[  632.267050][    C0]  ret_from_fork+0x48/0x80
[  632.267067][    C0]  ? kthread_blkcg+0xd0/0xd0
[  632.267081][    C0]  ret_from_fork_asm+0x11/0x20
[  632.267106][    C0]  </TASK>
[  632.277078][   T29] Kernel panic - not syncing: hung_task: blocked tasks
[  632.277089][   T29] CPU: 0 PID: 29 Comm: khungtaskd Not tainted 6.6.100-syzkaller #0
[  632.277105][   T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  632.277115][   T29] Call Trace:
[  632.277121][   T29]  <TASK>
[  632.277128][   T29]  dump_stack_lvl+0x16c/0x230
[  632.277154][   T29]  ? show_regs_print_info+0x20/0x20
[  632.277173][   T29]  ? load_image+0x3b0/0x3b0
[  632.277204][   T29]  panic+0x2c0/0x710
[  632.277225][   T29]  ? schedule_preempt_disabled+0x20/0x20
[  632.277248][   T29]  ? bpf_jit_dump+0xd0/0xd0
[  632.277267][   T29]  ? __irq_work_queue_local+0x13a/0x3b0
[  632.277290][   T29]  ? nmi_trigger_cpumask_backtrace+0x2a4/0x2f0
[  632.277315][   T29]  watchdog+0xf80/0xf80
[  632.277337][   T29]  ? watchdog+0x1e1/0xf80
[  632.277362][   T29]  kthread+0x2fa/0x390
[  632.277377][   T29]  ? hungtask_pm_notify+0x90/0x90
[  632.277395][   T29]  ? kthread_blkcg+0xd0/0xd0
[  632.277411][   T29]  ret_from_fork+0x48/0x80
[  632.277429][   T29]  ? kthread_blkcg+0xd0/0xd0
[  632.277445][   T29]  ret_from_fork_asm+0x11/0x20
[  632.277476][   T29]  </TASK>
[  632.282040][   T29] Kernel Offset: disabled
[  632.666552][   T29] Rebooting in 86400 seconds..