last executing test programs:

3m40.678886742s ago: executing program 1 (id=71):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
semget(0x0, 0x3, 0x3)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000240)='smaps\x00')
pread64(r3, &(0x7f0000000280)=""/70, 0x46, 0xbbf9)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c0000001d00100028bd7000ffdbdf25070000", @ANYRES32=0x0, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)

3m38.893910948s ago: executing program 1 (id=79):
r0 = socket$inet(0x2, 0x2, 0x0)
getsockopt$SO_TIMESTAMP(r0, 0x1, 0xe, 0x0, &(0x7f0000000100))
r1 = socket$inet(0x2, 0x801, 0x0)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r1, 0x0, 0xffffffffffffffb5, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r1, &(0x7f0000000180)="24aabceb44a9a3c91fe11e18d79a8411c53cf952b2a9900123d437108d8e0054a2a5501a840fe9395380bc1766b821b3fa49c5df0a4e9cbbde1af00d06a1af5081a4b4e57b21ee1cf2e01cc4400358254c4d1a665c8dc738b1a92cfd569e88a63c2bdf8b6bc2e6afd420370300956316a1b9e06a16021ae67ff71e9bdaae126ad1d138e29171210a97d40122d00525349edb0d8c10b5b6593788b014c3ff4e242a42bccbff8b55a93bcee6b8cbdd04b466068d742b6fc22440c843a7ef8a20a2ba5646a4", 0xfffffffffffffc23, 0x40800, 0x0, 0x0)
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESDEC, @ANYRESOCT])
pipe2(&(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080), 0x220140, 0x0)
unshare(0x20000400)
inotify_add_watch(r3, 0x0, 0x104)
splice(r1, 0x0, r2, 0x0, 0x3, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, 0x0)

3m36.815942773s ago: executing program 1 (id=85):
r0 = accept$alg(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$alg(r0, 0x0, 0x0, 0x4080)
syz_init_net_socket$rose(0xb, 0x5, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x26e1, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8b26, &(0x7f0000000200)={'wlan1\x00', @random="ffffff0d00"})
syz_emit_ethernet(0xbe, 0x0, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, 0x0, &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r2}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x4000010)
r3 = socket(0x2000000000000021, 0x2, 0x10000000000002)
connect$rxrpc(r3, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x8, @multicast2}}, 0x24)
sendmmsg(r3, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18, 0xe000}, 0x5}], 0x1, 0x0)
recvmmsg(r3, &(0x7f0000000d00), 0xf000, 0x10002, 0x0)

3m28.56544367s ago: executing program 1 (id=108):
mkdir(&(0x7f0000002880)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r1 = landlock_create_ruleset(&(0x7f0000000040)={0x0, 0x3}, 0x10, 0x0)
landlock_restrict_self(r1, 0x0)
landlock_restrict_self(r1, 0x0)
landlock_restrict_self(r1, 0x0)
landlock_restrict_self(r1, 0x0)
landlock_restrict_self(r1, 0x0)
landlock_restrict_self(r1, 0x0)
landlock_restrict_self(r1, 0x0)
landlock_restrict_self(r1, 0x0)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000280)='./file0/file0\x00', 0x0)

3m28.353384761s ago: executing program 1 (id=110):
syz_open_dev$sndctrl(0x0, 0x1, 0x0)
r0 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7816, 0x2, 0x0, 0x81, 0x801ff, 0x1, 0x1}, 0x1c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
recvmmsg$unix(r0, &(0x7f0000000f40)=[{{0x0, 0x0, &(0x7f0000001480)=[{&(0x7f0000000300)=""/41, 0x29}], 0x1}}, {{0x0, 0x0, &(0x7f0000000e40)=[{&(0x7f0000000000)=""/87, 0x57}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x6}}], 0x2, 0x2101, 0x0)
sendmmsg(r0, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)

3m27.97076343s ago: executing program 1 (id=113):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000400)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000540)=@abs={0x0, 0x0, 0x400}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = shmget$private(0x0, 0x4000, 0x54001800, &(0x7f0000000000/0x4000)=nil)
shmat(r3, &(0x7f0000000000/0x4000)=nil, 0xffffffffffffcfff)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600600, 0x200000, 0x3, &(0x7f0000a00000/0x600000)=nil)

3m26.701002768s ago: executing program 32 (id=113):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000400)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000540)=@abs={0x0, 0x0, 0x400}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = shmget$private(0x0, 0x4000, 0x54001800, &(0x7f0000000000/0x4000)=nil)
shmat(r3, &(0x7f0000000000/0x4000)=nil, 0xffffffffffffcfff)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600600, 0x200000, 0x3, &(0x7f0000a00000/0x600000)=nil)

3m12.009185715s ago: executing program 0 (id=145):
getpid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$int_in(0xffffffffffffffff, 0x5452, 0x0)
r3 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000940)=@framed={{0x18, 0x9}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r3}}]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000007c0)={r3, &(0x7f0000000780)}, 0x20)

3m11.412515979s ago: executing program 2 (id=148):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
ioctl$PPPIOCSFLAGS1(r0, 0x40047459, 0x0)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x1, 0x12, r0, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000300))
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000004c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0xffffff9c, 0x0, 0x0})
r3 = dup3(r2, r1, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1, 0x11, r4, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x208a})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000580)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x1800, &(0x7f00000007c0)='b'})

3m10.526928036s ago: executing program 0 (id=150):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5}}, &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_icmp(0x2, 0x2, 0x1)
socket$inet_sctp(0x2, 0x5, 0x84)
socket(0x2, 0x80805, 0x0)
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$RDMA_NLDEV_CMD_SYS_SET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB="300000000714010000000000000000000800", @ANYRES32=r1], 0x30}, 0x1, 0x0, 0x0, 0x800}, 0x0)

3m8.507809514s ago: executing program 0 (id=153):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$inet(r5, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000900), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmsg$inet(r7, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg(r6, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001dc0)=""/4096, 0x1000}, 0x0)
close(r6)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)

3m7.313997228s ago: executing program 2 (id=155):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x9)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0100000000000000000001000000280001801400040000000000000000000000ffffac1414aa060001000a0080000800060003"], 0x3c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000000)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r4, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000980)=ANY=[@ANYBLOB="84000000", @ANYRES16=r5, @ANYBLOB="010000000000fbdbdf250100000008000200000000000500050000000000080003000100000048000180050002002000000006000100020000000800060003000000080003"], 0x84}}, 0x20000000)

3m6.727041901s ago: executing program 2 (id=158):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r3, 0x0, 0x10, &(0x7f0000000080)="170000000200020000ffbe8c5ee17688a2003c000303000afdff02a257fc5ad90200bb6a880000d6c9db0000db00000200df01800a0000ebfc0607bdff59100ac45761547a681f009cee4a5acba400001fb700674f00c88ebbf9315033bf79ac2dfc061f15003901dee2ffffffffe9000000000000000062068f5ee50ce5af9b1c568302ffff02ff0331dd3bab0840024f0298e9e90539062a80e605007f71174ab498a30b3e5a1b47b63a6323ded2aa084cd36276a3afff", 0xb8)
sendto$inet(r3, 0x0, 0x0, 0x20064854, &(0x7f0000000040)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0xd}}, 0x10)

3m5.20213554s ago: executing program 2 (id=161):
socket$l2tp6(0xa, 0x2, 0x73)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_io_uring_setup(0x10d, &(0x7f0000000980)={0x0, 0x5885, 0x80}, &(0x7f0000000340)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0})
io_uring_enter(r3, 0x3516, 0x0, 0x0, 0x0, 0x0)

3m4.789188809s ago: executing program 0 (id=162):
syz_mount_image$exfat(&(0x7f0000001500), &(0x7f0000001540)='./file1\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="6572726f72733d636f6e74696e75652c00a3a2a4e7417e941910c27d130b55ac2d5f7a61e59ec6d5de07239091924c32eeb367d16409d6d3ec1fb755f9a7989ebc4e96918e268f0b7acebf67c07bc4731250f87d27b5e9e61000e70f0c6a4e2432073d0d3e18f864e9ef64637d14e5485f36e53c821cb5898685c055a367ea51b653eff6581710f6c3824bc667bd24219163c60803099f985567be0d978e301b4f6603628606afadb04eee58f42f1853f2e8598a5e250e0f4c9a"], 0x1, 0x14fe, &(0x7f0000002ac0)="$eJzs3QuYjtX6MPB1r7UexjTxNslhWPe6H940WCZJckiSQ5IkSZJTQtIkSUJiyCkJSchxkhyGkBwmJo3z+ZBz0mRLkiSnnML6rqndtve//b/s/e39//y/Pffvutb1rvtaz72etd6beZ/nuebwQ9fhtZrUrt6IiMS/BH57SRFCxAghBgkh8gkhAiFE+fjy8dnjeRSk/GsnYf9ej6Zd6xWwa4nrn7Nx/XM2rn/OxvXP2bj+ORvXP2fj+udsXH/GcrKtMwvfwC3ntn/9+X/Mby/8/P//Q/z5n7Nx/f/TnM7zzxzN9f9Pctl7/89lcP1zNq5/zsb1z9m4/jkb1z9n4/ozlpNd6+fP3K5tu9b//hhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOM5Qzn/BVaCPF7/1qvizHGGGOMMcYYY/8+Pve1XgFjjDHGGGOMMcb+54GQQgktApFL5BYxIo+IFdeJOHG9yCvyiYi4QcSLG0V+cZMoIAqKQqKwSBBFRFFhBAorSISimCguouJmUULcIhJFSVFKlBZOlBFJ4lZRVtwmyonbRXlxh6gg7hQVRSVRWVQRd4mq4m5RTdwjqot7RQ1RU9QStcV9oo64X9QVD4h64kFRXzwkGoiHRUPxiGgkHhWNxWOiiXhcNBVPiGaiuWghWopW/1f5r4ie4lXRS/QWKaKP6CteE/1EfzFADBSDxOtisHhDDBFviqFimBgu3hIjxNtipHhHjBKjxRjxrhgrxonxYoKYKCaJVPGemCzeF1PEB2KqmCamixkiTcwUs8SHYraYI+aKj8Q88bGYLxaIhWKRSBefiMViicgQn4ql4jORKZaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Co+F9vEdrFD7BS7xG6xR3wh9oovxT7xlcgSX/+T+Wf/S343ECBAggQNGnJBLoiBGIiFWIiDOMgLeSECEYiHeMgP+aEAFIBCUAgSIAGKQlFAQCAgKAbFIApRKAElIBESoRSUAgcOkiAJysJtUA7KQXkoDxWgAlSESlAJqkAVqApVoRpUg+pQHWpADagFteA+uA/uh7pQF+pBPagP9aEBNICG0BAaQSNoDI2hCTSBptAUmkEzaAEtoBW0gtbQGtpAG2gH7aA9tIcO0AGSIRk6QkfoBJ2gM3SGLtAFukJX6AbdoTu8Aq/Aq/Aq9IYasg/0hb7QD/rBABgIA+F1GAxvwBvwJgyFYTAc3oK34G0YCWdgFIyGMTAGqspxMB4mAMlJkAqpMBkmwxSYAlNhGkyDGZAGM2EWzILZMAfmwEcwDz6Gj2EBLIBFkA7psBiWQAZkwFI4C5mwDJbDClgJq2AlrIG1sAbWwwZYD5tgE2yBLfA5fA7bYTvshJ2wG3bDF/AFfAlfwlDIgizYD/vhAByAg3AQDsEhOAyH4QgcgaNwFI7BMTgOJ+AknIDTcBrOwFk4B+fgAlyAi3ARLsPl7P/8MpuWWuaSuWSMjJGxMlbGyTiZV+aVERmR8TJe5pf5ZQFZQBaShWSCTJBFZVGJEiXJUBaTxWRURmUJWUImykRZSpaSTjqZJJNkWVlWlpPlZHl5h6wg75QVZSXZ1lWRVWRV2c5Vk/fI6rK6rCFrylqytqwt68g6sq6sK+vJerK+rC8byIdlQ9kHBsCjMrsyTeQwaCqHQzPZXLaQLeXb8KRsLUdCG9lWtpNPy9EwCjrI1i5ZPic7yvHQSb4gJ8CLsoucBF3ly7Kb7C57yFdkT9nG9ZK95VToI/vKGdBP9pcD5EA5G2rK7IrVkm/KoXKYHC7fkovgbTlSviNHydFyjHxXjpXj5Hg5QU6Uk2SqfE9Olu/LKfIDOVVOk9PlDJkmZ8pZ8kM5W86Rc+VHcp78WM6XC+RCuUimy0/kYrlEZshP5VL5mcyUy+RyuUKulKvkarlGrpXr5Hq5QW6Um+RmuUVulZ/LbXK73CF3yl1yt9wjv5B75Zdyn/xKZsmv5X75J3lAfiMPym/lIfmdPCy/l0fkD/Ko/FEekz/J4/KEPClPydPyZ3lGnpXn5Hl5Qf4iL8pL8rL0UihQUimlVaByqdwqRuVRseo6FaeuV3lVPhVRN6h4daPKr25SBVRBVUgVVgmqiCqqjEJlFalQFVPFVVTdrEqoW1SiKqlKqdLKqTIqSd2qyqrbVDl1uyqv7lAV1J2qoqqkKqsq6i5VVd2tqql7VHV1r6qhaqpaqra6T9VR96u66gFVTz2o6quHVAP1sGqoHlGN1KOqsXpMNVGPq6bqCdVMNVctVEvVSj2pWqunVBvVVrVTT6v26hnVQT2rktVzqqN6XnVSL6jO6kXVRb2kuqqXVTfVXfVQl9Rl5VUv1VulqD6qr3pN9VP91QA1UA1Sr6vB6g01RL2phqpharh6S41Qb6uR6h01So1WY9S7aqwap8arCWqimqRS1XtqsnpfTVEfqKlqmpquZqg0NVMN+PNMc/+B/Pf/Tv6QX8++RW1Vn6ttarvaoXaqXWq32qP2qL1qr9qn9qkslaX2q/3qgDqgDqqD6pA6pA6rw+qIOqKOqqPqmDqmjqsT6rw6pU6rn9UZdVadVefVBXVBXfzzeyA0aKmV1jrQuXRuHaPz6Fh9nY7T1+u8Op+O6Bt0vL5R59c36QK6oC6kC+sEXUQX1Uajtpp0qIvp4jqqb9Yl9C06UZfUpXRp7XQZnaRv/Zfzr7a+VrqVbq1b6za6jW6n2+n2ur3uoDvoZJ2sO+qOupPupDvrzrqL7qK76q66m+6me+geuqfuqb0QIkWn6L76Nd1P99cD9EA9SL+uB+vBeogeoofqoXq4Hq5H6BF6pB6pR+lReoweo8fqsXq8Hq8n6ok6VafqyXqynqKn6Kl6qp6up+s0naZn6Vl6tp6t5+q5ep6ep+fr+XqhXqjTdbperBfrDJ2hl+qlOlMv08v0Cr1Cr9Kr9Bq9Rq/T6/QGvUFv0pt0pv79GzR36B16l96l9+g9eq/eq/fpfTpLZ+n9er8+oA/og/qgPqQP6cP6sD6ij+ij+qg+po/p4/q4PqlP6tP6tD6jz+hz+py+oC/oi/qivqwvZ1/2BTKQgQ50kCvIFcQEMUFsEBvEBXFB3iBvEAkiQXwQH+QPbgoKBAWDQkHhICEoEhQNTICBDSgIg2JB8SAa3ByUCG4JEoOSQamgdOCCMkFScGtQNrgtKBfcHpQP7ggqBHcGFYNKQeWgSnBXUDW4O6gW3BNUD+4NagQ1g1pB7eC+oE5wf1A3eCCoFzwY1A8eChoEDwcNg0eCRsGjQePgsaBJ8HjQNHgiaBY0D1oELYNW/9b5vT9T8CnXy/Q2KaaP6WteM/1MfzPADDSDzOtmsHnDDDFvmqFmmBlu3jIjzNtmpHnHjDKjzRjzrhlrxpnxZoKZaCaZVPOemWzeN1PMB2aqmWammxkmzcw0s8yHZraZY+aaj8w887GZbxaYhWaRSTefmMVmickwn5ql5jOTaZaZ5WaFWWlWmdVmjVlr1pn1ZoPZaDaZzWaL2Wo+N9vMdrPD7DS7zG6zx3xh9povzT7zlckyX5v95k/mgPnGHDTfmkPmO3PYfG+OmB/MUfOjOWZ+MsfNCXPSnDKnzc/mjDlrzpnz5oL5xVw0l8xl47Mv7rM/3lGjxlyYC2MwBmMxFuMwDvNiXoxgBOMxHvNjfiyABbAQFsIETMCiWBSzERIWw2IYxSiWwBKYiIlYCkuhQ4dJmIRlsSyWw3JYHstjBayAFbEiVsbs+5G78G68G+/Be/BevBdrYk2sjbWxDtbBulgX62E9rI/1sQE2wIbYEBthI2yMjbEJNsGm2BSbYTNsgS2wFbbC1tga22AbbIftsD22xw7YAZMxGTtiR+yEnbAzdsYu2AW7Ylfsht2wB/bAntgTe2EvTMEU7It9sR/2wwE4AAfhIByMg3EIDsGhOBSH43AcgSNwJI7EUTgax+C7OBbH4XicgBNxEqZiKk7GyTgFp+BUnIrTcTqmYRrOwlk4G2fjXJyL83Aezsf5uBAXYjqm42JcjBmYgUtxKWZiJi7H5bgSV+JqXI1rcS2ux/W4ETfiZtyMW3ErbsNtuAN34C7chXtwD+7FvbgP92EWZuF+3I8H8AAexIN4CA/hYTyMR/AIHsWjeAyP4XE8DifxJJ7G03gGz+A5PIcX8Be8iJfwMnqMsXlsrL3OxtnrbV6bz8bYPL2FEH+JC9nCNsEWsUWtsQVswb+J0VqbaEvaUra0dbaMTbK3/iGuaCvZyraKvctWtXfban+I69j7bV37gK1nH7S17X1/E9e3D9kG9nHb0D5hG9nmtrFtaZvYx21T+4RtZpvbFralbW+fsR3sszbZPmc72uf/EC+2S+xau86utxvsXvulPWfP2yP2B3vB/mJ72d52kH3dDrZv2CH2TTvUDvtDPMa+a8facXa8nWAn2kl/iKfbGTbNzrSz7Id2tp3zhzjdfmLn2Qw73y6wC+2iX+PsNWXYT+1S+5nNtMvscrvCrrSr7Gq75i9rXWE32c12i91jv7Db7Ha7w+60u+zuX+PsfeyzX9ks+7U9bL+3B+w39qA9ag/Z736Ns/d31P5oj9mf7HF7wp60p+xp+7M9Y8/+uv/svZ+yl+xl660gIEmKNAWUi3JTDOWhWLqO4uh6ykv5KEI3UDzdSPnpJipABakQFaYEKkJFyRCSJaKQilFxitLNVIJuoUQqSaWoNDkqQ0l0K5Wl26gc3U7l6Q6qQHdSRapElakK3UVV6W6qRvdQdbqXalBNqkW16T6qQ/dTXXqA6tGDVJ8eogb0MDWkR6gRPUqN6TFqQo9TU3qCmlFzakEtqRU9Sa3pKWpDbakdPU3t6RnqQM9SMj1HHel56kQvUGd6kbrQS9SVXqZu1J160CvUk16lXtSbUqgP9aXXqB/1pwE0kAbR6zSY3qAh9CYNpWE0nN6iEfQ2jaR3aBSNpjH0Lo2lcTSeJtBEmkSp9B5NpvdpCn1AU2kaTacZlEYzaRZ9SLNpDs2lj2gefUzzaQEtpEWUTp/QYlpCGfQpLaXPKJOW0XJaQStpFa2mNbSW1tF62kAbaRNtpi20lT6nbbSddtBO2kW7aQ99QXvpS9pHX1EWfU376U90gL6hg/QtHaLv6DB9T0foBzpKP9Ix+omO0wk6SafoNP1MZ+gsnaPzdIF+oYt0iS6TJxFCKEMV6jAIc4W5w5gwTxgbXhfGhdeHecN8YSS8IYwPbwzzhzeFBcKCYaGwcJgQFgmLhibE0IYUhmGxsHgYDW8OS4S3hIlhybBUWDp0YZkwKbw1LBveFpYLbw/Lh3eEFcI7w4phpbByWCW8K6wa3h1WC+8Jq4f3hjXCmmGtsHZ4X1gnvD+sGz4Q1gsfDMuFD4UNwofDhuEjYaPw0bBx+FjYJHw8bBo+ETYLm4ctwpZhq/DJsHX4VNgmbBu2C58O24fPhB3CZ8Pk8LmwY/j8VcdTwj5h3/C18LXQ+wfUwuiiaHr0k+ji6JJoRvTT6NLoZ9HM6LLo8uiK6Mroqujq6Jro2ui66ProhujG6Kbo5uiWqPe1cwsHTjrltAtcLpfbxbg8LtZd5+Lc9S6vy+ci7gYX7250+d1NroAr6Aq5wi7BFXFFnXHorCMXumKuuIu6m10Jd4tLdCVdKVfaOVfGJbmWrpVr5Vq7p1wb19a1c0+7p90z7hn3rHvWPec6uuddJ/eC6+xedF3cS+4l97Lr5rq7Hu4V19O96nq53i7Fpbi+rq/r5/q5AW6AG+QGucFusBvihrihbqgb7oa7EW6EG+lGulFulBvjxrixbqwb78a7iW6iS3WpbrKb7Ka4KW6qm+qmu+kuzaW5WW6Wm+1mu7lurpvn5rn5br5b6Ba6dJfuFrvFLsNluKVuqct0mW65W+5WupVutVvt1rq1br1b7za6jW6z2+y2uq1um9vmdrgdbpfb5fa4PW6v2+v2uX0uy2W5/W6/O+AOuIPuW3fIfecOu+/dEfeDO+p+dMfcT+64O+FOulPutPvZnXFn3Tl33l1wv7iL7pK77LxLjbwXmRx5PzIl8kFkamRaZHpkRiQtMjMyK/JhZHZkTmRu5KPIvMjHkfmRBZGFkUWR9MgnkcWRJZGMyKeRpZHPIpmRZZHlkRWRlZFVEe+LbAt9MV/cR/3NvoS/xSf6kr6UL+2dL+OT/K2+rL/Nl/O3+/L+Dl/B3+kr+kq+sn/CN/PNfQvf0rfyT/rW/infxrf17fzTvr1/xnfwz/pk/5zv6J/3nfwLvrN/0XfxL/mu/mXfzXf3Pfwrvqd/1ffyvX2K7+P7+td8P9/fD/AD/SD/uh/s3/BD/Jt+qB/mh/u3/Aj/th/p3/Gj/Gg/xr/rx/pxfryf4Cf6ST7Vv+cn+/f9FP+Bn+qn+el+hk/zM/0s/6Gf7ef4uf4jP89/7Of7BX6hX+TT/Sd+sV/iM/ynfqn/zGf6ZX65X+FX+lV+tV/j1/p1fr3f4Df6TX6z3+K3+s/9Nr/d7/A7/S6/2+/xX/i9/ku/z3/ls/zXfr//kz/gv/EH/bf+kP/OH/bf+yP+B3/U/+iP+Z/8cX/Cn/Sn/Gn/sz/jz/pz/ry/4H/xF/0lf5l/Zo0xxhhj7B+irjLe57/JkX/u9xVCXL+98KH/Or6xwG/9/rkT2keEEM/17vro761GjZSUlD8fm6lEUHyBECJyJT+XuBIvE+3EMyJZtBVl/zIe81fn6i+7X6CrzB+9Q4jYv8rJzv89vjL/bX93//3luHlXnX+BEInFr+TkEVfiK/OX+2/mL9j6KvPn+SZViDZ/lRMnrsRX5k8ST4nnRfLfHMkYY4wxxhhjjP2mv6zc+Wr3t9n35wn6Sk5ucSX+e/fnjDHGGGOMMcYY+9/lxe49nn0yObltZ+78T3V8vt/e6v8t6+EOd/6BzrX+ysQYY4wxxhj7d7ty0X+tV8IYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjOVc/y9+ndjv57ra3xpkjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHG/lP9nwAAAP//sjE7Eg==")
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpu.stat\x00', 0x275a, 0x0)
creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000005c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_serviced_recursive\x00', 0x275a, 0x0)
io_setup(0x202, &(0x7f0000000200)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0xe7030000, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x7f000}])
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)

3m3.394761535s ago: executing program 2 (id=164):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800700, &(0x7f00000002c0)={[{@usrjquota}, {@journal_dev={'journal_dev', 0x3d, 0x8000}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@minixdf}, {@resgid}, {@grpquota}, {@stripe}, {@journal_dev={'journal_dev', 0x3d, 0xdcc}}]}, 0x3, 0x455, &(0x7f0000000880)="$eJzs289vFFUcAPDvTH+g/GpF/AGiVomx8UdLCyoHLxpNPGA00QPerNtCCAs1tCZCiFRj8GJiSPRsPJr4F3jzYtSTiVe9GxKiXEBPNTM7Q7fLbmlhu1u7n08y8N7O27733Tdv58282QB61kj2TxKxPSJ+j4ihWnZ5gZHaf9evnq/8c/V8JYnFxbf+SvJy166er5RFy/dtKzKjaUT6aVJUstzc2XMnp6rVmTNFfnz+1Pvjc2fPPXvi1NTxmeMzpycPHz50cOKF5yefa0ucWVzX9n40u2/Pa+9cer1y9NJ7P3+XtXd7sb8+jnYZyQL/ezHXuO+JdlfWZTvq0kl/FxvCmvRFRNZdA/n4H4q+WOq8oXj1k642DlhX2blpS+vdC4vAJpZEt1sAdEd5os+uf8utQ1OPDeHKS7ULoCzu68VW29MfaVFmoOH6tp1GIuLowr9fZ1us030IAIB6n1e+OhLPNJv/pXF/XbmdxRrKcETcExG7IuLeiNgdEfdF5GUfiIgH11h/49LQzfOf9PJtBbZK2fzvxWJta/n8r5z9xXBfkduRxz+QHDtRnTlQfCajMbAly0+sUMcPr/z2Rat99fO/bMvqL+eCRTsu9zfcoJuemp/KJ6VtcOXjiL39zeJPbqwEJBGxJyL2rq3SnWXixFPf7mtV6Nbxr6AN60yL30Q8Wev/hWiIv5SsvD45fldUZw6Ml0fFzX759eKbreq/o/jbIOv/rcuP/8Yiw0n9eu3c2uu4+MdnLa9pbvf4H0zezvtlsHjtw6n5+TMTEYPJkTy/7PXJpfeW+bJ8Fv/o/ubjf1fxnuTdiIciIjuIH46IRyLi0aLtj0XE4xGxf4X4f3q59b6N0P/TTb//bhz/Df2/9kTfyR+/b1X/6vr/UJ4aLV7Jv/9uYbUNvJPPDgAAAP4v0vwZ+CQdu5FO07Gx2jP8u2NrWp2dm3/62OwHp6drz8oPx0Ba3ukaqrsfOpEsFH+xlp8s7hWX+w8W942/7Ls7z49VZqvTXY4det22FuM/82dft1sHrLtm62iTg11oCNBxjeM/f/Rhaa3/whudbhDQMX6vDb3rFuM/7VQ7gM5z/ofe1Wz8X2jIWwuAzcn5H3qX8Q+9y/iH3mX8Q0+6k9/1S2zSxMBqCke6EZq6aRLbNkYzlhLd/mYCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABoj/8CAAD//2wj7mI=")
chdir(&(0x7f0000000140)='./file0\x00')
creat(0x0, 0x0)
mount(0x0, 0x0, 0x0, 0x63d014, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x40012102)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000000)={0xd2f0, 0x0, 0x2, 0xfffff932})
socket$inet(0x2, 0x200000003, 0x84)
r1 = openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000080), 0x4)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r2, 0x0)
ioctl$RTC_SET_TIME(r1, 0x5452, &(0x7f0000000000))

3m2.736344643s ago: executing program 2 (id=169):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000040)={'batadv0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=@setlink={0x3c, 0x13, 0x1, 0x0, 0x0, {}, [@IFLA_MASTER={0x8, 0xa, r2}, @IFLA_ALT_IFNAME={0x14, 0x35, 'dummy0\x00'}]}, 0x3c}}, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r3, 0x890b, &(0x7f0000000000)={0x4000000, {0x2, 0x4e22}, {0x2, 0x0, @local}, {0x2, 0x0, @empty}, 0x200, 0x0, 0x0, 0x0, 0xfff8, 0x0, 0x0, 0x5})
socket$inet_tcp(0x2, 0x1, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r4, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4)
connect$inet6(r4, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r4, 0x6, 0x1f, &(0x7f0000000540), 0x3c)
setsockopt$inet6_tcp_TLS_TX(r4, 0x11a, 0x1, &(0x7f0000000000)=@gcm_256={{0x304}, "41328ac34a4ad2ba", "e8582491a0c4050000000000f6542a9b680000000000000000a45b4e00", "0000ff00", "dfa27021fe106750"}, 0x38)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
setsockopt$sock_int(r4, 0x1, 0x7, &(0x7f0000000040), 0x4)

3m1.838485716s ago: executing program 0 (id=170):
prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000001000/0x4000)=nil)
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xe, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
semctl$SEM_INFO(0x0, 0x0, 0x13, &(0x7f0000000840)=""/18)
syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file1\x00', 0x200000, &(0x7f0000000c00), 0x1, 0xb80, &(0x7f00000017c0)="$eJzs3MtrXFUYAPDv3jyaNrGTiqgtggGpFcVp2hSFrlrXooIuuuyYTErI9GEmggldpHWvLkRcFKR/guDeunAluKgLrX9BEYsU3bQuInce6dBkktjO9PTx+8GZe86c6XzfN5fOPQfmJoAn1kTxkEfsjYiTWUSp9XweEcON3kjESvN1t2+eny5aFqur7/+VRRYRt26en26/V9Y6jrYGIxFx9a0snv50fdz60vJ8pVarLrTGBxdPnztYX1p+fe505VT1VPXMkak3j0y9MTXVw1qvn/vw6xd+eefli5c/m3z3q90/ZXEsxlpznXX0ykRMrH0mnQYjotLrYIkMtOrprDMbTJgQAACbyjvWcM9GKQbizuKtFD/+mjQ5AAAAoCdWByJWAQAAgMdcZv8PAAAAj7n27wBu3Tw/3W5pf5HwYN04HhHjzfrb9zc3ZwZjpXEciaGI2PV3Fp23tWbNf3bfJopI3/1cLVr06T7kzaxciIjnNzr/WaP+8cZd3OvrzyNisgfxJ+4aP0r1H+tB/NT1A/BkunK8eSFbf/3L19Y/scH1b3CDa9e9SH39a6//bq9b/92pf6DL+u+9bcbY9++rV7vNda7/Tnz++0wRvzjeV1H/w40LEfsGN6o/W6s/61L/yW3GGJ2+fqnbXFF/UW+7Pej6Vy9H7I+N62/LNvv7RAdn52rVyeZjlxj7fzhxoFv8zvNftCJ+ey/wIBTnf1eX+rc6/+e2GWP8uT/3dpvbuv78j+Hsg0ZvuPXMJ5XFxYVDEcPZ2+ufP7x5Lu3XtN+jqP+Vlzb//79R/cV3wkrrcyj2Ahdax2J88a6Yo/sPf3vv9fdXUf/MPZ7/L7YZ45vvL33UbS51/QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8GvKIGIssL6/187xcjhiNiGdiV147W198bfbsx2dmirmI8RjKZ+dq1cmIKDXHWTE+1OjfGR++azwVEXsi4svSzsa4PH22NpO6eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANaMRsRYZHk5IvKI+KeU5+Vy6qwAAACAnhtPnQAAAADQd/b/AAAA8Piz/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDP9rx45VoWEStHdzZaYbg1N5Q0M6Df8tQJAMkMpE4ASGYwdQJAMvb4QLbF/EjXmR09zwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh9eBvVeuZRGxcnRnoxWGW3NDSTMD+i1PnQCQzEDqBIBkBlMnACRjjw9kW8yPdJ3Z0fNcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHh4jTValpcjIm/087xcjngqIsZjKJudq1UnI2J3RPxWGtpRjA+lThoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICeqy8tz1dqteqCjo6Ozlon9TcTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp1JeW5yu1WnWhnjoTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAILX60vJ8pVarLvSxk7pGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADS+S8AAP//szUGGQ==")
ptrace(0x10, 0x1)

2m58.409406526s ago: executing program 0 (id=177):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYBLOB], 0x15)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x67d2, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
close(0xffffffffffffffff)
ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000340))
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$EVIOCGPROP(r2, 0x40047438, &(0x7f0000000180)=""/246)
ioctl$PPPIOCSFLAGS1(r2, 0x4004743a, &(0x7f0000000300))
write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0xfce1)
ioctl$TCFLSH(r0, 0x540b, 0x2)

2m46.715367102s ago: executing program 33 (id=169):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000040)={'batadv0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=@setlink={0x3c, 0x13, 0x1, 0x0, 0x0, {}, [@IFLA_MASTER={0x8, 0xa, r2}, @IFLA_ALT_IFNAME={0x14, 0x35, 'dummy0\x00'}]}, 0x3c}}, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r3, 0x890b, &(0x7f0000000000)={0x4000000, {0x2, 0x4e22}, {0x2, 0x0, @local}, {0x2, 0x0, @empty}, 0x200, 0x0, 0x0, 0x0, 0xfff8, 0x0, 0x0, 0x5})
socket$inet_tcp(0x2, 0x1, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r4, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4)
connect$inet6(r4, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r4, 0x6, 0x1f, &(0x7f0000000540), 0x3c)
setsockopt$inet6_tcp_TLS_TX(r4, 0x11a, 0x1, &(0x7f0000000000)=@gcm_256={{0x304}, "41328ac34a4ad2ba", "e8582491a0c4050000000000f6542a9b680000000000000000a45b4e00", "0000ff00", "dfa27021fe106750"}, 0x38)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
setsockopt$sock_int(r4, 0x1, 0x7, &(0x7f0000000040), 0x4)

2m42.111840927s ago: executing program 34 (id=177):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYBLOB], 0x15)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x67d2, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
close(0xffffffffffffffff)
ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000340))
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$EVIOCGPROP(r2, 0x40047438, &(0x7f0000000180)=""/246)
ioctl$PPPIOCSFLAGS1(r2, 0x4004743a, &(0x7f0000000300))
write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0xfce1)
ioctl$TCFLSH(r0, 0x540b, 0x2)

2m32.668336801s ago: executing program 5 (id=216):
mkdir(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = getpgrp(0x0)
r4 = syz_pidfd_open(r3, 0x0)
r5 = syz_clone(0x20002000, 0x0, 0x0, 0x0, 0x0, 0x0)
kcmp$KCMP_EPOLL_TFD(r3, r5, 0x7, r4, &(0x7f0000000040)={0xffffffffffffffff, r4})

2m31.289603458s ago: executing program 5 (id=218):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae091f75cd9701ffa62891f686bfbb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c3405000000000000003875c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a31b16ac5fb73fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953f88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a5fe1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9d66ebbc8bab4ea81232fbef665f6212f875b2a00000000000000aceb111b66a500ca52fd8f848088c67ee65dfdcc4c580e9bc18c1699dca07d019bf1bf9dd3da480d6c155d7e60674ce88ab5ae07a9d16e22792d99986b531ab4e592ab5925da779e700cf20309a2137877690dc5c07956fc82d7b3bb46d3138041af18508938c9be4e5d0a98073463a5cff6c146d020743da474cb81677a6f389f0e00c33b70b7f8bab95435c27167f365a29fb09cbf35bf192f6a65616fa2ad9a6c7ca3a3ecd96aaecd993e8badb40e7eb8a22b0015e70c885cd519e28448168c6d914265998bff74ea1b0e651a6cae9419096248a0e41573827ad60fafce6e6540734c1f23f75337d836c31497e8112969a039d65aa297e2b046b5f4d11116a89f9f65693d4dc3e70fbfe0b2044fdb3f87e887d1daae8e38a0c19f668f776e19a02bb2449ee4384f6536879c85d7e41bc0276ee2b125d41ff358323311703ec01d64a573bdeb75bdcc87d01de38365ab9222713d2d1640a742d62fefb5403b2ed9969c32a0841e8c36b0107bb888eb14ac62e6d4bdfaeb9ee7436b97bf3825a19d6c8997ce285edf1d277ed703f560460417bfe702af833e83c5b987befb6d1fcf765ab7ea537d9dafb622a1ba8686cb9b1c63b84470364942e90d1cf856cead864f5e38c83b9e"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
pipe2$9p(&(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15)
r3 = dup(r2)
write$FUSE_BMAP(r3, &(0x7f0000000000)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r3, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_GETXATTR(r3, &(0x7f00000000c0)={0x18, 0x0, 0x0, {0x10}}, 0x18)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',cache=fscache,'])
utime(&(0x7f0000000200)='./file0\x00', 0x0)
r4 = memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x0)
write$binfmt_script(r4, &(0x7f0000000440)={'#! ', './file0'}, 0xb)
execveat(r4, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

2m30.836082811s ago: executing program 5 (id=219):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000000)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004", @ANYRES32=0x0, @ANYBLOB, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00'], 0x48)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_le_meta={{0x3e, 0x1d}, @hci_evt_le_cis_established={{}, {0xfd, 0xc9, "0a51b0", "98c92c", '\rgt', "ed2f70", 0x6, 0x3, 0x7, 0x0, 0x7, 0x1, 0x8, 0x10, 0x6, 0x5}}}}, 0x20)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
syz_open_procfs(0x0, 0x0)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x6)

2m29.723922692s ago: executing program 5 (id=221):
r0 = syz_usb_connect(0x3, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="12012000f1048108cd060202d4921f01000109021b1901000000f30904150001da0900000905", @ANYRES32], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
r2 = eventfd(0x8040001)
ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240)=r2)
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f00000006c0))
ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f00000005c0)={0x1, r2})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f00000003c0)={0x0, 0x0, 0x0, &(0x7f0000000080)=""/62, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/73, &(0x7f0000000880)=""/72})
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000000)=0x1)
syz_emit_vhci(0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)

2m26.897938466s ago: executing program 5 (id=225):
setgid(0xee00)
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000700)={0x3, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800"/13, @ANYRES64=r0, @ANYRESOCT=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x9, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x18)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$binfmt_aout(r3, &(0x7f0000000340)=ANY=[], 0xff2e)
gettid()
writev(r3, &(0x7f0000000440)=[{&(0x7f00000002c0)='/', 0x1}], 0x1)
r4 = syz_pidfd_open(r0, 0x0)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r4, 0xff04, 0x0)

2m24.929857235s ago: executing program 5 (id=231):
creat(&(0x7f0000000240)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000004c0), 0x10400, &(0x7f0000000700)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',cache=mmap'])
chmod(&(0x7f0000000140)='./file0\x00', 0x0)
r3 = open$dir(&(0x7f0000000140)='./file0\x00', 0x1, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_wait_time\x00', 0x275a, 0x0)
ftruncate(r4, 0x2000009)
sendfile(r3, r4, 0x0, 0x7ffff000)
mincore(&(0x7f0000ffc000/0x4000)=nil, 0x4000, &(0x7f0000000300)=""/171)
utimes(&(0x7f0000000180)='./file0\x00', 0x0)

2m9.809311513s ago: executing program 35 (id=231):
creat(&(0x7f0000000240)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000004c0), 0x10400, &(0x7f0000000700)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',cache=mmap'])
chmod(&(0x7f0000000140)='./file0\x00', 0x0)
r3 = open$dir(&(0x7f0000000140)='./file0\x00', 0x1, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_wait_time\x00', 0x275a, 0x0)
ftruncate(r4, 0x2000009)
sendfile(r3, r4, 0x0, 0x7ffff000)
mincore(&(0x7f0000ffc000/0x4000)=nil, 0x4000, &(0x7f0000000300)=""/171)
utimes(&(0x7f0000000180)='./file0\x00', 0x0)

46.660558518s ago: executing program 3 (id=391):
socket(0xa, 0x40000000002, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
r0 = syz_io_uring_setup(0x24fd, &(0x7f0000000180)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
epoll_create1(0x80000)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f00000000c0)=ANY=[@ANYRES16=r3], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

45.319178061s ago: executing program 3 (id=394):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000300)={[{@user_xattr}, {@nouser_xattr}, {@minixdf}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x7e}}, {@nombcache}, {@init_itable_val={'init_itable', 0x3d, 0x5}}, {@user_xattr}, {@errors_remount}]}, 0xfe, 0x58a, &(0x7f0000001300)="$eJzs3c9vFFUcAPDvbH9QfiglIUQ9mCYcxCBb2voDEw94NEok0Ttu2qUh3bKkuyW0kggHuXAxRKNGEuMf4J0j8R/wryBREmJIowcvNbOdLUt3t13Kwq7s55MMvLfztm/ezLw337ez7QQwsCbSf3IRr0bEN0nEwYZ1w5GtnNgot/bw6my6JLG+/tlfSSTZa/XySfb//izzSkT89nXE8VxzvZWV1YVCqVRcyvKT1cVLk5WV1RMXFgvzxfnixemZmVPvzEy//967XWvrm2f/+fHTux+dunl07ftf7x+6lcTpOJCta2zHU7jWmJmIiWyfjMTpLQWnulBZP0l6vQHsylDWz0ciHQMOxlDW64EX31cRsQ4MqET/hwFVjwPqc/suzYP/Nx58uDEBam7/8MZnIzFWmxvtW0semxml893xLtSf1nHnz9u30iW69zkEwI6uXY+Ik8PDzeNfko1/Mbrbn32ygzITW/LGP3h+7qbxz1ut4p/cZvwTLeKf/S367m7s3P9z91u8LenWp9Rp/PdBy/h386bV+FCWe6kW840k5y+UiunY9nJEHIuRPWl+u/s5p9burbdb1xj/pUtafz0WzLbj/vCex98zV6gWnqbNjR5cj3itOf4dejT+j9Vi3a3HP90fZzus40jx9uvt1u3c/mdr9JeIN1oe/yTizqNJ0jb3Jydr58Nk/axo9veNI7+3q7/X7U+P/7527d8wnjTer608eR0/j/1bbLdu+/YPtT3/R5PPa+l6cHKlUK0uTUWMJp80vz796L31fL182v5jR7cf/1qd/3sj4osO23/j8I22Rfvh+M890fF/8sS9j7/8qV39nY1/b9dSx7JXOhn/Ot3Ap9l3AAAAAAAA0G9yEXEgklx+M53L5fMb3+84HPtypXKlevx8efniXNR+V3Y8RnL1O90HG74PMZV9H7aen96Sn4mIQxHx7dDeWj4/Wy7N9brxAAAAAAAAAAAAAAAAAAAA0Cf2t/n9/9QfQ4+Xzf4i+K6fBwP0mdHNB/0Dg2jH/t+NJz0Bfcn1HwbXLvr/d89iO4Dnz/UfBtRIrzcA6CXXfxhcaf+/3uuNAHrC9R8Gl/4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAXXX2zJl0WV97eHU2zc9dXlleKF8+MVesLOQXl2fzs+WlS/n5cnm+VMzPlhd3+nmlcvnS1HQsX5msFivVycrK6rnF8vLF6rkLi4X54rmipw0BAAAAAAAAAAAAAAAAAABAs8rK6kKhVCouvbCJH3rZ0lxWea93wjNMDHdYeM+LvBP6LHGzC+f8loFi7DkOSgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwxX8BAAD//1sHNrs=")
r0 = socket(0x80000000000000a, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xffffffff}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000200)={0x1, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0xa4ffffff, @rand_addr=' \x01\x00'}}}, 0x15a)
close(0x3)
mknodat(0xffffffffffffffff, 0x0, 0x0, 0x0)

43.934653968s ago: executing program 3 (id=398):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000400)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = openat$sequencer2(0xffffff9c, &(0x7f00000011c0), 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$SNDCTL_SEQ_NRMIDIS(r3, 0xc0045103, &(0x7f0000000040))

42.917568343s ago: executing program 3 (id=400):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffed850000006d"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = syz_open_dev$usbfs(0x0, 0xb2, 0x408301)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYRES64=r1, @ANYBLOB, @ANYBLOB="2a59631e77079a92fa035c3eaa74163e945fd1047673a8596e399396bc4eea3248f81df1c40d3a6e79"], 0x50)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121)
r3 = dup(r2)
socket$nl_netfilter(0x10, 0x3, 0xc)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
r4 = syz_io_uring_setup(0x38fe, &(0x7f0000000300)={0x0, 0x200000, 0x10100, 0x0, 0x31d}, &(0x7f0000000180)=<r5=>0x0, &(0x7f0000000780)=<r6=>0x0)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0xd, 0x0, 0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000140)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r2})
io_uring_enter(r4, 0x2def, 0x4000, 0x0, 0x0, 0x0)
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
readv(r7, &(0x7f0000001340)=[{&(0x7f0000001380)=""/151, 0x97}], 0x1)

40.866518256s ago: executing program 3 (id=404):
socket$nl_route(0x10, 0x3, 0x0)
r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x800000001fe, 0x20682)
rseq(0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, 0x0, 0x0)
r3 = dup(r0)
ioctl$USBDEVFS_CONTROL(r3, 0xc0185500, &(0x7f0000000000)={0x0, 0x3, 0x1, 0x0, 0x0, 0xfa5, 0x0})
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)

40.819709646s ago: executing program 6 (id=405):
bind$tipc(0xffffffffffffffff, &(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0xfffffffd}}, 0x10)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000002800), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000140))
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x0, 0x0, 0x0, &(0x7f0000000340)=""/185, &(0x7f0000000140)=""/92})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000002780)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001500)=ANY=[], 0x1c}}, 0x0)
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f00000000c0)=0x1)
sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='(\x00\x00\x00\x00\x00\x00\x00)\x00\x00\x009'], 0x28}, 0x4000840)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000240)={@my=0x1})
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000004b80)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)=""/57, 0x0, &(0x7f0000000500)=""/4096})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)

39.099568925s ago: executing program 6 (id=407):
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs2/custom0\x00', 0x0, 0x0)
r0 = socket(0xa, 0x2, 0x0)
close(r0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000020c0)=[@in6={0xa, 0x623, 0x0, @remote, 0x34}]}, &(0x7f00000001c0)=0x10)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x21, &(0x7f0000000300)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x2000}, &(0x7f0000003c00)=0x90)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, 0x0, 0x0)
waitid$P_PIDFD(0x3, 0xffffffffffffffff, 0x0, 0x1, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0)
epoll_create(0x1)

36.579106715s ago: executing program 3 (id=410):
socket$nl_netfilter(0x10, 0x3, 0xc)
creat(&(0x7f0000000240)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
socket(0x1e, 0x2, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000004c0), 0x10400, &(0x7f0000000700)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',cache=mmap'])
chmod(&(0x7f0000000140)='./file0\x00', 0x0)
r3 = open$dir(&(0x7f0000000140)='./file0\x00', 0x1, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_wait_time\x00', 0x275a, 0x0)
ftruncate(r4, 0x2000009)
sendfile(r3, r4, 0x0, 0x7ffff000)
lstat(&(0x7f00000002c0)='./file0\x00', 0x0)

35.232448426s ago: executing program 6 (id=412):
socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f0000000380), 0x0, 0x0)
read$msr(r0, &(0x7f0000032680)=""/102392, 0x18ff8)
ioctl$USBDEVFS_CONTROL(0xffffffffffffffff, 0xc0185500, 0x0)
openat$ubi_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x39, 0x0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
r2 = accept4(r1, 0x0, 0x0, 0x0)
recvfrom(r2, &(0x7f00000005c0)=""/176, 0xb0, 0x40002000, 0x0, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000500)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)

34.216045313s ago: executing program 6 (id=414):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/pids.max\x00', 0x2, 0x195)
write$cgroup_pid(r3, &(0x7f0000000140), 0x12)
r4 = syz_io_uring_setup(0x10d, &(0x7f0000000140), &(0x7f0000000340)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0xc, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x49c781})
io_uring_enter(r4, 0x3516, 0x4, 0x0, 0x0, 0x0)

32.882377532s ago: executing program 6 (id=415):
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000d40)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x34}, 0x1, 0x0, 0x0, 0x44800}, 0x40004)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = syz_io_uring_setup(0x110, &(0x7f0000000140)={0x0, 0xfad6}, &(0x7f0000000240)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r0, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r4, 0x6213, 0x0, 0x0, 0x0, 0x0)

32.45996482s ago: executing program 6 (id=416):
syz_open_dev$vbi(&(0x7f0000000000), 0x2, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000380)=@abs={0x0, 0x0, 0xfffffffb}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
inotify_add_watch(0xffffffffffffffff, 0x0, 0xa4000960)
r3 = syz_io_uring_setup(0x7dca, &(0x7f0000000340)={0x0, 0x0, 0x10100}, &(0x7f0000000140)=<r4=>0x0, &(0x7f0000000100)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0})
io_uring_enter(r3, 0x184c, 0x0, 0x0, 0x0, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)

20.760052004s ago: executing program 36 (id=410):
socket$nl_netfilter(0x10, 0x3, 0xc)
creat(&(0x7f0000000240)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
socket(0x1e, 0x2, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000004c0), 0x10400, &(0x7f0000000700)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',cache=mmap'])
chmod(&(0x7f0000000140)='./file0\x00', 0x0)
r3 = open$dir(&(0x7f0000000140)='./file0\x00', 0x1, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_wait_time\x00', 0x275a, 0x0)
ftruncate(r4, 0x2000009)
sendfile(r3, r4, 0x0, 0x7ffff000)
lstat(&(0x7f00000002c0)='./file0\x00', 0x0)

5.031249612s ago: executing program 4 (id=448):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendto(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f00000001c0)={0x1, &(0x7f0000000040)=[{0x6, 0x6, 0x0, 0x5}]}, 0x10)
write$binfmt_aout(r3, &(0x7f0000000000)=ANY=[], 0x9ffc)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x89f0, &(0x7f0000000080)={'bridge0\x00', 0x0})

3.763246547s ago: executing program 4 (id=449):
socket$nl_route(0x10, 0x3, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
open$dir(0x0, 0x4240, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10)
process_vm_readv(0x0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
ioctl$TCSETSW(r1, 0x5403, &(0x7f0000000000)={0x7fffffff, 0x0, 0x0, 0xffffffff, 0x0, "ff3f66fa733f1b33e356d25b90c98fe587b88a"})
write$binfmt_aout(r1, &(0x7f00000000c0)=ANY=[], 0xff2e)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba0700000000ebffffff0000f7ffff00"})
r2 = syz_open_pts(r1, 0x0)
r3 = dup3(r2, r1, 0x0)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000180))
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$PIO_UNIMAP(r4, 0x4b67, &(0x7f0000000400)={0x41e2, &(0x7f0000000000)=[{}]})

3.647178319s ago: executing program 4 (id=450):
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc000, &(0x7f00000006c0), 0x2, 0x251, &(0x7f0000000840)="$eJzs3T9oJFUcB/DvzO565m6RUxtB/AMiooFwdoLNiaBwIMchIqhwImKjJEJM0CprZWOhtUoqmyB2RktJE2wUwSpqitgIGiwMFlqs7E4iMVlRs+uOl/l8YDIzmffm94ad79ttZjdAY51PcjFJK8lskk6S4nCDO6vl/P7u6szm1aTff/ynYtiu2q8c9DuXpJfkgSQbZZEX28ny+tM7v2w9es+bS527319/amaqF7lvd2f7sb33Lr/x0aX7l7/46ofLRS6m+6frmrxixP/aRXLTf1Hsf6Jo1z0C/okrr3749SD3Nye5a5j/TspUL95bi9dtdHLfu3/V9+0fv7x1mmMFJq/f7wzeA3t9oHHKJN0U5VySarss5+aqz/DftM6WLy0svjL7wsLS/PN1z1TApHST7Uc+OfPxuSP5/75V5R84vQb5f+LK2reD7b1W3aMBpuK2ajXI/+yzK/dmjPy/9vAkBwZMyyTyD1yb5B+aS/6hueQfmkv+obnkH06xzsFGb+Rh+Yfmkn9oLvmH5jqcfwCgWfpn6n4CGahL3fMPAAAAAAAAAAAAAAAAAABw3OrM5tWDZVo1P3sn2X0oSXtU/dbw94iT64d/z/5cDJr9oai6jeWZO8Y8wZg+qPnp6xu+q7f+57fXW39lPum9nuRCu338/iv277+Tu/FvjneeG7PAv1Qc2X/wyenWP+q3tXrrX9pKPh3MPxdGzT9lbhmuR88/3cNfsXxCL/865gkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYmt8DAAD//1yhbog=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
open(&(0x7f0000007fc0)='./bus\x00', 0x60142, 0x0)
open(&(0x7f0000000380)='./file1\x00', 0x42042, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
getsockname(r3, 0x0, 0x0)

2.40594367s ago: executing program 4 (id=451):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=@encrypted_new={'new ', 'default', 0x20, 'user:', 'syz', 0x20, 0xffd}, 0x2a, 0x0)
r3 = add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0x5ba8, 0xfffffffffffffffd)
keyctl$read(0xb, r3, &(0x7f0000000240)=""/112, 0x349b7f55)

1.175832865s ago: executing program 4 (id=452):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000340)={0x28, 0x0, 0x8, 0x3, 0x0, 0x0, {0x7}, [@CTA_TIMEOUT_NAME={0x9, 0x1, 'syz1\x00'}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x8809}]}, 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x4000)
openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x80)
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f0000000640)={[{@iocharset={'iocharset', 0x3d, 'maciceland'}}, {@umask={'umask', 0x3d, 0x5}}, {@utf8}, {@errors_continue}, {@iocharset={'iocharset', 0x3d, 'maccenteuro'}}, {@discard}, {@iocharset={'iocharset', 0x3d, 'cp860'}}, {@errors_remount}, {@errors_continue}, {@errors_continue}]}, 0x1, 0x1524, &(0x7f0000002280)="$eJzs3AuYTlXbOPD7XmvtMSbpaZLDsNa6N09yWCZJckiSQ5IkSZJTQtIkryQkhpyShiQkhyE5DCE5TEwa5/P5kJAkTZKE5JSs/yX8vb31fu/7fm/f67u+uX/XtS/rfva+1773cz+HvbeZ+a7zkBqNalZtQETwb8GL/yQDQCwADACA6wAgAICy8WXjL6zPKTH539sJ+3M9kna1K2BXE/c/e+P+Z2/c/+yN+5+9cf+zN+5/9sb9z964/4xlZ5umFbiel+y78P3/7Iy///8PySo15qs1pW7sAhDzz6Zw/7M37v//WcE/sxH3P3vj/mdXsVe7APa/AL//s4Mcf3cN9z974/4zlp1d7fvPV3uBSPZ+Dq72648xxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGWPZw2l+hAODy+GrXxRhjjDHGGGOMsT+Pz3G1K2CMMcYYY4wxxtj/PAQBEhQEEAM5IBZyQhwIALgWcsN1EIHrIR5ugDxwI+SFfJAfCkACFIRCoMGABYIQCkMRiMJNUBRuhmJQHEpASXBQChLhFigNt0IZuA3Kwu1QDu6A8lABKkIluBMqw11QBe6GqnAPVIPqUANqwr1QC+6D2nA/1IEHoC48CPXgIagPD0MDeAQawqPQCB6DxvA4NIGm0AyaQ4v/Vv5L0B1ehh7QE5KhF/SGV6AP9IV+0B8GwKswEF6DQfA6pMBgGAJvwFB4E4bBWzAcRsBIeBtGwTswGsbAWBgHqTAeJsC7MBHeg0kwGabAVEiDaTAd3ocZMBNmwQcwGz6EOTAX5sF8SIePYAEshAz4GBbBJ5AJi2EJLIVlsBxWwEpYBathDayFdbAeNsBG2ASbYQtshW2wHXbAp7ATPoNdsBv2wOewF774F/NP/U1+FwQEFChQocIYjMFYjMU4jMNcmAtzY26MYATjMR7zYB7Mi3kxP+bHBEzAQlgIDRokJCyMhTGKUSyKRbEYFsMSWAIdOkzERCyNt2IZLINlsSyWw3JYHitgBayElbAyVsYqWAWrYlWshtWwBtbAe/Fe7IW1sTbWwTpYF+tevj2FDbABNsSG2AgbYWNsjE2wCTbDZtgCW2BLbImtsBW2wTbYFttiO2yHSZiE7bE9dsAO2BE7YifshJ2xM3bBrtg166UcgC/jy9gTq4le2Bt7Yx9MydEP+2N/fBUH4mv4Gr6OKTgYh+Ab+Aa+icPwJA7HETgSR2Jl8Q6OxjFIYhymYipOwAk4ESfiJJyMk3EqpuE0nI7TcQbOxJn4Ac7GD/FDnItzcT6mYzouwIWYgRm4CE9hJi7GJbgUl+FyXIYrcRWuxDW4FtfgelyPG3EjbsbNuBW34nbcjp+iAsDPcDfuxhTci3txH+7D/bgfD+ABzMIsPIgH8RAewsN4GI/gETyKx/A4HsMTeAJP4ik8jafxLJ7Fc/hCwjcNPy2+OgXEBUooESNiRKyIFXEiTuQSuURukVtERETEi3iRR+QReUVekV/kFwkiQRQShYQRRpAIYwBAREVUFBVFRTFRTJQQJYQTTiSKRFFalBZlRBlRVtwuyok7RHlRQbR2lUQlUVm0cVXE3aKqqCqqieqihqgpaopaopaoLWqLOqKOqCvqinriIVFf9MJ++Ii40JlGYjA2FkOwiWgq5KVPsJZiGLYSrUUb8ZQYgcOxnWjpksSzor0YjR3EX8QYfF50EuOws3hRdBFdRTfxkuguWrkeoqeYhL1EbzEV+4i+op/oL2ZgdfEBzs5ZQ7wuUsRgMUS8Iebjm2KYeEsMFyPESPG2GCXeEaPFGDFWjBOpYryYIN4VE8V7YpKYLKaIqSJNTBPTxftihpgpZokPxGzxoZgj5op5Yr5IFx+JBWKhyBAfi0XiE5EpFoslYqlYJpaLFWKlWCVWizVirVgn1osNYqPYJDaLLWKr2Ca2ix3iU7FTfCZ2id1ij/hc7BVfiH3iS7FffCUOiK9FlvhGHBTfikPiO3FYfC+OiB/EUXFMHBc/ihPiJ3FSnBKnxRlxVvwszolfxHnhBUiUQkqpZCBjZA4ZK3PKOHmNzCWDS8/u9TJe3iDzyBtlXplP5pcFZIIsKAtJLY20kmQoC8siMipvkkXlzbKYLC5LyJLSyVIyUd4iS8tbZRl5mywrb5fl5B2yvKwgK8pK8k5ZWd4lIXJxH9VkdVlD1pT3ymS4T9aW98s68gFZVz4o68mHZH35sGwgH5EN5aOykXxMNpaPyyayqWwmm8sW8gnZUj4pW8nWso18SraVT8t28hmZJJ+V7aW/9BJ5XnaSL8jO8kXZRXaV3eQv8rz0sofsKaEXyN7yFdlH9pX9ZH85QL4qB8rX5CD5ukyRg+UQ+YYcKt+Uw+RbcrgcIUfKt+Uo+Y4cLcfIsXKcTJXj5QT5rpwo35OT5GQ5RU6VaXKa7HdppllS/sP8d/8gf9Cve98oN8nNcovcKrfJ7XKH/FTulDvlLrlL7pF75F65V+6T++R+uV8ekAdklsySB+VBeUgekoflYXlEHpFH5TF5Rv4oT8if5El5Sp6SZ+RZeVaeu/QcgEIllFRKBSpG5VCxKqeKU9eoXOpalVtdpyLqehWvblB51I0qr8qn8qsCKkEVVIWUVkZZRSpUhVURFVU34aUXjCqhSiqnSqlEdcu/kq+KqptVMVX8N/mX60v+O/W1UC1US9VStVKtVBvVRrVVbVU71U4lqSTVXrVXHVQH1VF1VJ1UJ9VZdVZdVBfVTXVT3VV31UP1UMkqWfVWr6g+qq/qp/qrAepVNVANVIPUIJWiUtQQNUQNVUPVMDVMDVfD1Ug1Uo1So9RoNVqNVWNVqkpVE9QENVFNVJPUJDVFTVFpKk1NV9PVDDVDzVKz1Gw1W81Rc9Q8NU+lq3S1QC1QGSpDLVKLVKZarBarpWqpWq6Wq5VqpVqtVqu1aq1ar9arTLVJbVJb1Ba1TW1TO9QOtVPtVLvULrVH7VF71V61T+1T+9V+dUAdUFkqSx1UB9UhdUgdVofVEXVEHVVH1XF1XJ1QJ9RJdVKdVqfVWXVWnVPn1Hl1/sJpXyACEahABTFBTBAbxAZxQVyQK8gV5A5yB5EgEsQH8UGe4MYgb5AvyB8UCBKCgkGhQAcmsIG41PRocFNQNLg5KBYUD0oEJQMXlAoSg1uC0sGtQZngtqBscHtQLrgjKB9UCCoGlYI7g8rBXUGV4O6ganBPUC2oHtQIagb3BrWC+4Lawf1BneCBoG7wYFAveCioHzwcNAgeCRoGjwaNgseCxsHjQZOgadAsaB60+FPn9/5kviddD91TJ+teurd+RffRfXU/3V8P0K/qgfo1PUi/rlP0YD1Ev6GH6jf1MP2WHq5H6JH6bT1Kv6NH6zF6rB6nU/V4PUG/qyfq9/QkPVlP0VN1mp6mp+v39Qw9U8/SH+jZ+kM9R8/V8/R8na4/0gv0Qp2hP9aL9Cc6Uy/WS/RSvUwv1yv0Sr1Kr9Zr9Fq9Tq/XG/RGvUlv1lv0Vr1Nb9c79Kd6p/5M79K79R79ud6rv9D79Jd6v/5KH9Bf6yz9jT6ov9WH9Hf6sP5eH9E/6KP6mD6uf9Qn9E/6pD6lT+sz+qz+WZ/Tv+jz2l84ub/w9W6UUSbGxJhYE2viTJzJZXKZ3Ca3iZiIiTfxJo/JY/KavCa/yW8STIIpZAqZC8iQKWwKm6iJmqKmqClmipkSpoRxxplEk2hKm9KmjCljypqyppwpZ8qb8qaiqWjuNHeau8xd5m5zt7nH3GOqm+qmpqlpaplaprapbeqYOqauqWvqmXqmvqlvGpgGpqFpaBqZRqaxaWyamCammWlmWpgWpqVpaVqZVqaNaWPamramnWlnkkySaW/amw6mg+loOppOppPpbDqbLqaL6Wa6me6mu+lhephkk2x6m96mj+lj+pl+ZoAZYAaagWaQGWRSTIoZYoaYoWaoGWaGmeFmhBl54UTVvGNGmzFmrBlnUk2qmWAmmIlmoplkJpkpZopJM2lmupluZpgZZpaZZWab2WaOmWPmmXkm3aSbBWaByTAZZpFZZDJNpllilphlZplZYVaYVWaVWWPWmHWwzmwwG8wms8lsMVvMNrPN7DA7zE6z0+wyu8wes8fsNXvNPrPP7Df7zQFzwGSZLHPQHDSHzCFz2Bw2R8wRc9QcNcfNcXPCnDAnzUlz2pw2Z02+S9+X3sTanDbOXmNz2Wttbnud/ds4vy1gE2xBW8hqm9fm+01srLXFbHFbwpa0zpayifaW38XlbQVb0Vayd9rK9i5b5XdxLXufrW3vt3XsA7amvfc3cV37oK1nH7P1EQFsU9vQNreN7GO2sX3cNrFNbTPb3La1T9t29hmbZJ+17e1zv4sX2IV2lV1t19i1dpfdbU/bM/aQ/c6etT/bHranHWBftQPta3aQfd2m2MG/i0fat+0o+44dbcfYsXbc7+IpdqpNs9PsdPu+nWFn/i5Otx/Z2TbDzrFz7Tw7/9f4Qk0Z9mO7yH5iM20AS+xSu8wutyvsyv9f61K73m6wG+1O+5ndYrfabXa73XH5RNjutnvs53av/cIetN/a/fYre8Aetln2m1/jC8d32H5vj9gf7FF7zB63P9oT9id1OfvCsf9of7HnrbdASECSFAUUQzkolnJSHF1Duehayk3XUYSup3i6gfLQjZSX8lF+KkAJVJAKkSZDlohCKkxFKEo30eXySlBJclSKEukWKk23Uhm6jcrS7VSO7qDyVIEqUiW6kyrTXVSF7qaqdA9Vo+pUg2rSvVSL7qPadD/VoQeoLj1I9eghqk8PUwN6hBrSo9SIHqPG9Dg1oabUjJpTC3qCWtKT1IpaUxt6itrS09SOnqEkepba03PUgf5CHel56kQvUGd6kbpQV+pGL1F3epl6UE9Kpl7Um16hPtSX+lF/GkCv0kB6jQbR65RCg2kIvUFD6U0aRm/RcBpBI+ltGkXv0GgaQ2NpHKXSeJpA79JEeo8m0WSaQlMpjabRdHqfZtBMmkUf0Gz6kObQXJpH8ymdPqIFtJAy6GNaRJ9QJi2mJbSUltFyWkEraRWtpjW0ltbRetpAG2kTbaYttJW20XbaQZ/STvqMdtFu2kOf0176gvbRl7SfvqID9DVl0Td0kL6lQ/QdHabvfU/6gY7SMTpOP9IJ+olO0ik6TWfoLP1M5+gXOk+eIMRQhDJUYRDGhDnC2DBnGBdeE+YKrw1zh9eFkfD6MD68IcwT3hjmDfOF+cMCYUJYMCwU6tCENqQwDAuHRcJoeFNYNLw5LBYWD0uEJUMXlgoTw1vC0uGtYZnwtrBseHtYLrwjLB9WCB97oFJ4Z1g5vCusEt4dVg3vCauF1cMaYc3w3rBWeF9YO7w/rBM+EJYJHwzrhQ+F9cOHwwbhI2HD8NGwUfhY2Dh8PGwSNg2bhc3DFuETYcvwybBV2DpsEz4Vtg2fDtuFz4RJ4bNh+/C5X9c/uPDvr08Oe4W9w1fCV0Lv75fzovOj6dGPoguiC6MZ0Y+ji6KfRDOji6NLokujy6LLoyuiK6Oroquja6Jro+ui66Mbohuj3tfMAQ6dcNIpF7gYl8PFupwuzl3jcrlrXW53nYu46128u8HlcTe6vC6fy+8KuARX0BVy2hlnHbnQFXZFXNTd5Iq6m10xV9yVcCWdc6VcomvuWrgWrqV70rVyrV0b95R7yj3tnnbPuGfcs669e851cH9xHd3zrpN7wb3gXnRdXFfXzb3kurvxuS++J5Ndb9fb9XF9XD/Xzw1wA9xAN9ANcoNciktxQ9wQN9QNdcPcMDfcDXcj3Ug3yo1yo91oN9aNdaku1U1wE9xEN9FNcpPcFDfFpbk0N91NdzPcDFd55sW9zHFz3Dw3z6W7dLfAXThnzHCL3CKX6TLdErfELXPL3Aq3wq1yq9wat8atc+vcBrfBbXKb3Ba3xW1z29wOt8PtdDvdLn/dxUndXrfP7XP73X53wH3tstw37qD71h1y37nD7nt3xP3gjrpj7rj70Z1wP7mT7pQ77c64s+5nd8794s4771Ij4yMTIu9GJkbei0yKTI5MiUyNpEWmRaZH3o/MiMyMzIp8EJkd+TAyJzI3Mi8yP5Ie+SiyILIwkhH5OLIo8kkkM7I4siSyNLIssjzifcEtoS/si/iov8kX9Tf7Yr64L+FLeudL+UR/iy/tb/Vl/G2+rL/dl/N3+PK+gq/oH/dNfFPfzDf3LfwTvqV/0rfyrX0b/5Rv65/27fwzPsk/69v753wH/xff0T/vO/kXfGf/ou/iu/pu/iXf3b/se/iePtn38r39K76P7+v7+f5+gH/VD/Sv+UH+dZ/iB/sh/g0/1L/ph/m3/HA/wo+MeduPunyJDON8qh/vJ/h3/UT/np/kJ/spfqpP89P8dP++n+Fn+ln+Az/bf+jn+Ll+np/v0/1HfoFf6DP8x36R/8Rn+sWXbyr7FX6lX+VX+zV+rV/n1/sNfqPf5Df7LX6r3+a3+x3+U7/Tf+Z3+d1+j//c7/Vf+H3+S7/ff+UP+K99lv/GH/Tf+kP+O3/Yf++P+B/8UX/MH/c/+hP+J3/Sn/Kn/Rl/1v/sz/lf/Hn+nTXGGGOMsX/K+CtD8ds1F2/n9/qDHPFXG/cGgGu3Fsj66/UXzijX5b047isS2kYA4NmenR+5vFSrlpycfGnbTAlBkbkAl/8n6IIYuBIvhjbwNCRBayj9h/X3FV3P0j+YP3o7QNxf5cTClfjK/F8CYPIfzP/EUyMXlAtPx/8X888FKFbkSk5OuBIvhja/3l9pDWX+Tv35Wv6D+nN+lQrQ6q9ycsGV+Er9ifAkPAdJv9mSMcYYY4wxxhi7qK+o2PHy9efln/j8o+vzBHUlJwdcif/R9TljjDHGGGOMMcauvue7dnvmiaSk1h3/9UGV/1bWPz1oDP9TM/PgDwfeA1x+RAHAvzkhwIWB/E8exeb/yL5SLr11/nbVsjM+gP8drfwzBlf5g4kxxhhjjDH2p7ty0v/bx9XVKogxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGMuG/hN/TuxqHyNjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDF2tf2/AAAA//9IVQM5")

0s ago: executing program 4 (id=453):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r3, &(0x7f00000002c0)={0x2, 0x0, @loopback}, 0x10)
setsockopt$SO_TIMESTAMP(r3, 0x1, 0x3f, &(0x7f0000000000)=0x3500, 0x4)
bind$inet(r3, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x57)
sendmsg$xdp(r3, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
recvmmsg(r3, &(0x7f0000000b40)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=""/11, 0xb}}], 0x5df, 0x2, 0x0)

kernel console output (not intermixed with test programs):

Interface activated: batadv_slave_1
[   82.909069][ T5844] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   82.922379][ T5844] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   82.931306][ T5844] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   82.940836][ T5844] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   82.973330][ T5829] 8021q: adding VLAN 0 to HW filter on device batadv0
[   83.016988][ T5843] veth0_vlan: entered promiscuous mode
[   83.049919][ T5828] veth0_vlan: entered promiscuous mode
[   83.064909][ T5834] veth0_vlan: entered promiscuous mode
[   83.074073][ T5830] veth0_vlan: entered promiscuous mode
[   83.089338][ T5843] veth1_vlan: entered promiscuous mode
[   83.108966][ T5828] veth1_vlan: entered promiscuous mode
[   83.139532][ T5834] veth1_vlan: entered promiscuous mode
[   83.168327][ T5830] veth1_vlan: entered promiscuous mode
[   83.175740][ T5829] veth0_vlan: entered promiscuous mode
[   83.284075][ T5829] veth1_vlan: entered promiscuous mode
[   83.296400][ T5834] veth0_macvtap: entered promiscuous mode
[   83.329925][ T5843] veth0_macvtap: entered promiscuous mode
[   83.345246][   T71] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   83.354797][ T5830] veth0_macvtap: entered promiscuous mode
[   83.370412][   T71] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   83.373671][ T5828] veth0_macvtap: entered promiscuous mode
[   83.395038][ T5843] veth1_macvtap: entered promiscuous mode
[   83.419233][ T5834] veth1_macvtap: entered promiscuous mode
[   83.441399][ T5828] veth1_macvtap: entered promiscuous mode
[   83.460550][ T5830] veth1_macvtap: entered promiscuous mode
[   83.499112][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   83.510754][  T988] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   83.518359][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.530678][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_0
[   83.532098][  T988] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   83.558510][ T5828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   83.574001][ T5828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.585004][ T5828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   83.595762][ T5828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.608615][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_0
[   83.626635][ T5834] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   83.637466][ T5834] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.648925][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_1
[   83.668205][ T5830] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   83.680395][ T5830] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.692418][ T5830] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   83.702916][ T5830] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.712966][ T5830] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   83.724262][ T5830] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.737021][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_0
[   83.747071][ T5828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   83.758070][ T5828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.770156][ T5828] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   83.781314][ T5828] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.794339][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_1
[   83.813668][ T5828] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   83.823360][ T5828] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   83.832787][ T5828] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   83.842829][ T5828] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   83.869779][ T5830] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   83.869999][ T5844] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   83.880466][ T5830] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.880492][ T5830] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   83.880514][ T5830] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.880531][ T5830] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   83.880549][ T5830] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.881868][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_1
[   83.959711][ T5843] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   83.970555][ T5843] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   83.980750][ T5843] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   83.992017][ T5843] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.002052][ T5843] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   84.012609][ T5843] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.022649][ T5843] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   84.033180][ T5843] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.044336][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_0
[   84.070376][ T5830] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   84.087890][ T5830] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   84.111972][ T5830] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   84.120720][ T5830] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   84.136469][ T5940] loop3: detected capacity change from 0 to 512
[   84.158212][ T5834] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   84.167503][ T5834] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   84.177928][ T5834] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   84.188644][ T5834] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   84.189500][ T5940] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   84.210639][ T5940] ext4 filesystem being mounted at /0/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   84.216816][ T5843] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   84.233713][ T5843] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.243799][ T5843] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   84.243972][ T5940] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.254544][ T5843] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.285476][ T5843] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   84.306126][ T5843] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.322519][ T5843] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   84.333281][ T5843] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   84.346019][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_1
[   84.360980][ T5829] veth0_macvtap: entered promiscuous mode
[   84.387403][   T29] audit: type=1326 audit(1737446880.239:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5939 comm="syz.3.4" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3c5185d29 code=0x7ffc0000
[   84.423138][   T29] audit: type=1326 audit(1737446880.239:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5939 comm="syz.3.4" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc3c5185d29 code=0x7ffc0000
[   84.476728][ T5843] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   84.486527][   T29] audit: type=1326 audit(1737446880.239:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5939 comm="syz.3.4" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3c5185d29 code=0x7ffc0000
[   84.499434][ T5843] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   84.527413][   T29] audit: type=1326 audit(1737446880.239:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5939 comm="syz.3.4" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc3c5185d29 code=0x7ffc0000
[   84.552684][ T5843] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   84.560799][   T29] audit: type=1326 audit(1737446880.239:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5939 comm="syz.3.4" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3c5185d29 code=0x7ffc0000
[   84.581865][ T5843] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   84.617507][   T29] audit: type=1326 audit(1737446880.249:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5939 comm="syz.3.4" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3c5185d29 code=0x7ffc0000
[   84.643559][   T29] audit: type=1326 audit(1737446880.249:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5939 comm="syz.3.4" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc3c5185d29 code=0x7ffc0000
[   84.669703][   T29] audit: type=1326 audit(1737446880.249:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5939 comm="syz.3.4" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3c5185d29 code=0x7ffc0000
[   84.670606][ T5829] veth1_macvtap: entered promiscuous mode
[   84.696212][   T29] audit: type=1326 audit(1737446880.289:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5939 comm="syz.3.4" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3c5185d29 code=0x7ffc0000
[   84.721565][   T29] audit: type=1326 audit(1737446880.289:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5939 comm="syz.3.4" exe="/root/syz-executor" sig=0 arch=c000003e syscall=197 compat=0 ip=0x7fc3c5185d29 code=0x7ffc0000
[   84.785289][ T5849] Bluetooth: hci2: command tx timeout
[   84.847808][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   84.862667][ T5849] Bluetooth: hci5: command tx timeout
[   84.868704][ T5838] Bluetooth: hci3: command tx timeout
[   84.875933][ T5838] Bluetooth: hci1: command tx timeout
[   84.882305][ T5849] Bluetooth: hci0: command tx timeout
[   84.888173][ T5846] Bluetooth: hci4: command tx timeout
[   84.898681][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   85.030159][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   85.038833][ T5829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   85.060100][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   85.085470][ T5829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.106594][ T5829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   85.125702][ T5829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.138469][ T5829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   85.154159][ T5829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.168923][ T5829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   85.186176][ T5829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.207077][ T5829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   85.221260][ T5829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.237583][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_0
[   85.319050][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   85.331717][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   85.352727][ T5829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   85.367702][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   85.375390][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   85.391719][ T5829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.416202][ T5829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   85.507707][ T5829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.533846][ T5829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   85.567611][ T5829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.588310][ T5829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   85.638189][ T5949] loop3: detected capacity change from 0 to 2048
[   85.644853][ T5829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.664817][ T5829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   85.699422][ T5949] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[   85.718460][ T5829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.763161][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_1
[   85.818206][ T5829] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   85.855544][ T5829] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   85.877528][ T5829] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   85.896261][ T5829] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   85.960927][  T988] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   86.010247][  T988] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   86.324645][  T988] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   86.401838][  T988] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   86.443403][ T5956] loop5: detected capacity change from 0 to 47
[   86.477041][ T5956] =======================================================
[   86.477041][ T5956] WARNING: The mand mount option has been deprecated and
[   86.477041][ T5956]          and is ignored by this kernel. Remove the mand
[   86.477041][ T5956]          option from the mount to silence this warning.
[   86.477041][ T5956] =======================================================
[   86.608551][    T8] cfg80211: failed to load regulatory.db
[   86.643684][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   86.651567][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   86.702268][ T5958] loop3: detected capacity change from 0 to 1024
[   86.797366][   T71] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   86.813231][   T71] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   87.125458][ T5958] hfsplus: request for non-existent node 33423360 in B*Tree
[   87.480724][ T5958] hfsplus: request for non-existent node 33423360 in B*Tree
[   87.618753][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   87.643982][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   87.647864][ T5958] hfsplus: request for non-existent node 33423360 in B*Tree
[   87.731099][ T5958] hfsplus: request for non-existent node 33423360 in B*Tree
[   87.778145][ T2954] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   87.874976][ T2954] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   87.914008][ T5965] hfsplus: request for non-existent node 33423360 in B*Tree
[   87.930978][ T5965] hfsplus: request for non-existent node 33423360 in B*Tree
[   88.370443][ T5973] loop5: detected capacity change from 0 to 256
[   88.395304][ T5967] hfsplus: request for non-existent node 33423360 in B*Tree
[   88.495867][ T5967] hfsplus: request for non-existent node 33423360 in B*Tree
[   88.505774][ T5973] netlink: 4 bytes leftover after parsing attributes in process `syz.5.11'.
[   88.670901][ T5971] hfsplus: request for non-existent node 33423360 in B*Tree
[   88.754611][ T5971] hfsplus: request for non-existent node 33423360 in B*Tree
[   88.890643][ T5980] loop2: detected capacity change from 0 to 1024
[   88.972998][ T5958] hfsplus: request for non-existent node 33423360 in B*Tree
[   89.007761][ T5980] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   89.120689][ T5958] hfsplus: request for non-existent node 33423360 in B*Tree
[   89.209243][ T5965] hfsplus: request for non-existent node 33423360 in B*Tree
[   89.217174][ T5965] hfsplus: request for non-existent node 33423360 in B*Tree
[   89.546227][ T5977] hfsplus: request for non-existent node 33423360 in B*Tree
[   90.013971][ T5977] hfsplus: request for non-existent node 33423360 in B*Tree
[   90.185011][   T29] kauditd_printk_skb: 3 callbacks suppressed
[   90.185033][   T29] audit: type=1804 audit(1737446886.049:15): pid=5997 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.3" name="/newroot/0/file1/file1" dev="loop2" ino=15 res=1 errno=0
[   91.752077][   T29] audit: type=1804 audit(1737446887.599:16): pid=5980 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.3" name="/newroot/0/file1/file1" dev="loop2" ino=15 res=1 errno=0
[   92.876577][ T6012] loop0: detected capacity change from 0 to 128
[   94.218178][ T6012] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[   94.955009][ T5843] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.122099][ T6046] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  100.657367][ T6068] loop3: detected capacity change from 0 to 1024
[  102.629942][ T2991] hfsplus: b-tree write err: -5, ino 4
[  104.088733][ T5897] usb 2-1: new full-speed USB device number 2 using dummy_hcd
[  104.206830][ T5840] Bluetooth: Unexpected continuation frame (len 7)
[  104.269832][ T5897] usb 2-1: config 0 has an invalid interface number: 69 but max is 0
[  104.341385][ T5897] usb 2-1: config 0 has no interface number 0
[  104.353624][ T5897] usb 2-1: config 0 interface 69 altsetting 0 endpoint 0x8 has invalid maxpacket 1023, setting to 64
[  104.367209][ T5897] usb 2-1: config 0 interface 69 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  104.430992][ T5897] usb 2-1: config 0 interface 69 altsetting 0 endpoint 0x82 has invalid maxpacket 1024, setting to 64
[  104.449297][ T5897] usb 2-1: New USB device found, idVendor=0c4b, idProduct=0100, bcdDevice=d7.ca
[  104.471759][ T5897] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  104.523289][ T5897] usb 2-1: Product: syz
[  104.543414][ T5897] usb 2-1: Manufacturer: syz
[  104.554721][ T5897] usb 2-1: SerialNumber: syz
[  104.573926][ T6109] loop5: detected capacity change from 0 to 8192
[  104.585748][ T5897] usb 2-1: config 0 descriptor??
[  104.611113][ T6094] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  104.667946][ T6094] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  104.696818][ T6109]  loop5: AHDI p2 p3 p4
[  104.728250][ T5897] cyberjack 2-1:0.69: Reiner SCT Cyberjack USB card reader converter detected
[  104.825886][ T5897] usb 2-1: Reiner SCT Cyberjack USB card reader converter now attached to ttyUSB0
[  105.029232][ T5897] usb 2-1: USB disconnect, device number 2
[  105.088941][ T5897] cyberjack ttyUSB0: Reiner SCT Cyberjack USB card reader converter now disconnected from ttyUSB0
[  105.315266][ T5897] cyberjack 2-1:0.69: device disconnected
[  105.487114][ T6126] loop0: detected capacity change from 0 to 512
[  105.817910][ T6126] EXT4-fs: Ignoring removed orlov option
[  106.723826][ T6134] xt_CONNSECMARK: invalid mode: 0
[  107.415345][ T6126] EXT4-fs (loop0): Test dummy encryption mode enabled
[  107.455197][ T6138] netlink: 24 bytes leftover after parsing attributes in process `syz.1.50'.
[  107.486724][ T6126] EXT4-fs (loop0): bad geometry: first data block is 0 with a 1k block and cluster size
[  107.882193][ T6143] netlink: 4 bytes leftover after parsing attributes in process `syz.1.50'.
[  111.654857][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  111.663578][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  111.672320][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  111.680912][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  111.689818][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  111.722268][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  112.619040][ T6180] loop0: detected capacity change from 0 to 764
[  112.695308][ T6186] netlink: 'syz.5.62': attribute type 10 has an invalid length.
[  112.753788][ T6180] rock: directory entry would overflow storage
[  112.762708][ T6186] team0: Failed to send options change via netlink (err -105)
[  112.779176][ T6180] rock: sig=0x4654, size=5, remaining=4
[  112.797019][ T6186] team0: Port device netdevsim0 added
[  112.881734][ T6191] loop2: detected capacity change from 0 to 512
[  112.995338][ T6015] team0: Failed to send port change of device netdevsim0 via netlink (err -105)
[  113.377371][    T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!!
[  113.547522][    T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!!
[  113.809888][ T6191] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.64: invalid indirect mapped block 256 (level 2)
[  113.831312][ T6191] EXT4-fs (loop2): Remounting filesystem read-only
[  113.838546][ T6191] EXT4-fs (loop2): 2 truncates cleaned up
[  113.846448][ T6191] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  114.058836][ T5843] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.292024][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  115.451975][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  116.053596][ T6213] trusted_key: encrypted_key: insufficient parameters specified
[  117.343365][ T6221] process 'syz.0.70' launched './file0' with NULL argv: empty string added
[  118.333054][   T29] audit: type=1800 audit(1737446914.159:17): pid=6221 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.70" name="/" dev="fuse" ino=0 res=0 errno=0
[  118.473760][ T6227] loop2: detected capacity change from 0 to 1024
[  119.962143][ T6247] 9pnet_fd: Insufficient options for proto=fd
[  120.029451][ T6252] loop0: detected capacity change from 0 to 64
[  120.748864][ T6254] xt_bpf: check failed: parse error
[  120.950053][ T6259] loop2: detected capacity change from 0 to 1024
[  121.101450][ T6259] EXT4-fs: Ignoring removed orlov option
[  121.153639][ T6259] EXT4-fs: Ignoring removed nomblk_io_submit option
[  121.270723][ T6259] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  121.284101][   T29] audit: type=1326 audit(1737446917.139:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6267 comm="syz.5.87" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f86ebb85d29 code=0x0
[  122.027857][ T6272] netlink: 4 bytes leftover after parsing attributes in process `syz.0.86'.
[  122.224932][ T6273] syz.5.87: attempt to access beyond end of device
[  122.224932][ T6273] loop11: rw=0, sector=0, nr_sectors = 1 limit=0
[  122.334180][ T6273] FAT-fs (loop11): unable to read boot sector
[  123.104440][ T6273] loop5: detected capacity change from 0 to 1024
[  123.157201][ T6273] EXT4-fs: Ignoring removed bh option
[  123.211881][ T6273] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  123.325878][ T6273] Quota error (device loop5): v2_read_file_info: Block with free entry 1 out of range (1, 6).
[  123.345308][ T5843] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  123.430705][ T6273] EXT4-fs warning (device loop5): ext4_enable_quotas:7156: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  123.742369][ T6273] EXT4-fs (loop5): mount failed
[  125.977872][ T6313] loop3: detected capacity change from 0 to 128
[  126.033482][ T6313] vfat: Unknown parameter 'vfat'
[  127.215669][ T6317] Unknown options in mask 6000
[  127.790172][ T6326] loop3: detected capacity change from 0 to 512
[  127.818496][ T6326] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  127.995125][ T6326] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  128.519994][ T6326] EXT4-fs (loop3): 1 truncate cleaned up
[  128.673456][ T6326] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  128.970629][ T6338] Zero length message leads to an empty skb
[  129.123423][ T6340] netlink: 28 bytes leftover after parsing attributes in process `syz.0.107'.
[  129.162010][ T6340] netlink: 28 bytes leftover after parsing attributes in process `syz.0.107'.
[  129.200397][ T6343] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2240: inode #15: comm syz.3.103: corrupted in-inode xattr: overlapping e_value 
[  129.226434][ T6343] EXT4-fs warning (device loop3): ext4_xattr_set_entry:1772: inode #15: comm syz.3.103: unable to update i_inline_off
[  129.260492][ T6340] bridge0: entered promiscuous mode
[  129.280072][ T6340] syz_tun: entered promiscuous mode
[  129.296417][ T6343] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2863: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  129.348288][ T6343] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2240: inode #15: comm syz.3.103: corrupted in-inode xattr: overlapping e_value 
[  129.497120][ T6347] netlink: 4 bytes leftover after parsing attributes in process `syz.4.111'.
[  129.574606][ T6347] geneve1: entered promiscuous mode
[  129.582834][ T6347] geneve1: entered allmulticast mode
[  129.675834][ T6350] syz.0.112 uses obsolete (PF_INET,SOCK_PACKET)
[  130.003232][ T5844] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.505103][   T35] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  132.077467][ T6369] loop5: detected capacity change from 0 to 512
[  132.090722][ T6368] loop4: detected capacity change from 0 to 512
[  132.147268][   T35] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  132.183610][ T6369] EXT4-fs: Ignoring removed nomblk_io_submit option
[  132.190424][ T6369] EXT4-fs: Ignoring removed mblk_io_submit option
[  132.309806][ T6368] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  132.323275][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  132.329987][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  132.379563][ T6368] ext4 filesystem being mounted at /22/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  132.394953][ T6369] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -2
[  132.403210][ T6369] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -2
[  132.427250][ T6369] EXT4-fs (loop5): 1 truncate cleaned up
[  132.443608][ T6369] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  132.780990][ T5828] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.847011][   T35] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  132.941008][ T6380] EXT4-fs error (device loop5): ext4_map_blocks:671: inode #2: block 4: comm syz.5.118: lblock 0 mapped to illegal pblock 4 (length 1)
[  133.410901][ T6380] EXT4-fs (loop5): Remounting filesystem read-only
[  134.785913][   T35] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  135.118775][ T5830] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.430460][ T6396] loop4: detected capacity change from 0 to 1024
[  135.491555][ T6396] hfsplus: request for non-existent node 3 in B*Tree
[  135.499913][ T6396] hfsplus: request for non-existent node 3 in B*Tree
[  135.592876][ T5849] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  135.635719][ T5849] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  135.649214][ T5849] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  135.663114][ T5849] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  135.674671][ T5849] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  135.688306][ T5849] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  135.859709][   T35] bridge_slave_1: left allmulticast mode
[  135.915444][   T35] bridge_slave_1: left promiscuous mode
[  135.972715][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[  136.462231][ T6409] loop0: detected capacity change from 0 to 64
[  137.480320][   T35] bridge_slave_0: left allmulticast mode
[  137.583622][   T35] bridge_slave_0: left promiscuous mode
[  137.640311][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[  137.743147][ T5840] Bluetooth: hci1: command tx timeout
[  137.765718][ T6414] af_packet: tpacket_rcv: packet too big, clamped from 42 to 4294967286. macoff=82
[  138.210983][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  138.223824][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  138.236650][   T35] bond0 (unregistering): Released all slaves
[  138.261513][ T6403] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  138.270685][ T6403] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  138.279766][ T6403] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  138.288522][ T6403] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  138.299912][ T6403] bond0: (slave vxlan0): Enslaving as an active interface with an up link
[  138.311752][ T6411] netlink: 96 bytes leftover after parsing attributes in process `syz.4.130'.
[  140.244148][ T5840] Bluetooth: hci1: command tx timeout
[  142.220294][ T6446] loop2: detected capacity change from 0 to 8
[  142.779401][ T5840] Bluetooth: hci1: command tx timeout
[  145.197443][ T5840] Bluetooth: hci1: command tx timeout
[  145.593669][ T6466] loop4: detected capacity change from 0 to 512
[  145.600661][ T6466] ext3: Unknown parameter 'obj_user'
[  145.724188][ T6466] loop4: detected capacity change from 0 to 128
[  145.831389][ T6463] loop2: detected capacity change from 0 to 1024
[  146.014908][ T6470] loop3: detected capacity change from 0 to 1024
[  146.093009][ T6470] EXT4-fs: Ignoring removed mblk_io_submit option
[  146.639759][ T6470] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  147.302713][ T6488] binder: 6486:6488 ioctl c0306201 20000080 returned -14
[  148.532040][ T6488] binder: 6486:6488 ioctl c0306201 20000140 returned -14
[  148.546316][ T6484] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  149.052305][ T6502] ptrace attach of "./syz-executor exec"[5830] was attempted by "./syz-executor exec"[6502]
[  149.353788][ T6388] chnl_net:caif_netlink_parms(): no params data found
[  149.411457][ T5844] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  150.521317][ T6511] loop4: detected capacity change from 0 to 512
[  150.580867][   T35] hsr_slave_0: left promiscuous mode
[  150.588050][ T6513] netlink: 36 bytes leftover after parsing attributes in process `syz.2.155'.
[  150.623256][ T6511] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.156: bg 0: block 5: invalid block bitmap
[  150.643161][ T6513] netlink: 16 bytes leftover after parsing attributes in process `syz.2.155'.
[  150.647466][ T6518] loop3: detected capacity change from 0 to 8
[  150.661843][ T6511] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  150.671962][ T6513] netlink: 36 bytes leftover after parsing attributes in process `syz.2.155'.
[  150.721748][ T6511] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.156: invalid indirect mapped block 3 (level 2)
[  150.735638][   T35] hsr_slave_1: left promiscuous mode
[  150.743872][ T6513] netlink: 36 bytes leftover after parsing attributes in process `syz.2.155'.
[  150.787033][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  150.802309][ T6511] EXT4-fs (loop4): 1 orphan inode deleted
[  150.812095][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[  150.819968][ T6511] EXT4-fs (loop4): 1 truncate cleaned up
[  150.834661][ T6511] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  150.856518][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  150.889186][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[  150.983768][   T35] veth1_macvtap: left promiscuous mode
[  150.989677][   T35] veth0_macvtap: left promiscuous mode
[  151.022622][   T35] veth1_vlan: left promiscuous mode
[  151.028209][   T35] veth0_vlan: left promiscuous mode
[  151.074328][ T5828] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  153.151165][ T6536] loop0: detected capacity change from 0 to 256
[  154.289328][ T6536] exFAT-fs (loop0): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  154.345153][ T6542] loop2: detected capacity change from 0 to 512
[  154.439905][ T6542] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm syz.2.164: corrupted in-inode xattr: invalid ea_ino
[  154.536881][ T6542] EXT4-fs error (device loop2): ext4_orphan_get:1394: comm syz.2.164: couldn't read orphan inode 15 (err -117)
[  154.582770][ T6542] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  154.900606][ T6554] loop5: detected capacity change from 0 to 1024
[  154.958075][ T5843] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  155.773716][ T6554] EXT4-fs: Ignoring removed orlov option
[  155.853820][ T6554] EXT4-fs (loop5): stripe (7) is not aligned with cluster size (16), stripe is disabled
[  157.312258][ T6554] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  157.490460][ T6569] loop0: detected capacity change from 0 to 4096
[  157.924828][ T6569] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  157.941899][ T6569] ptrace attach of "./syz-executor exec"[5834] was attempted by "                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
[  158.153144][ T5830] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  158.330221][ T6585] loop4: detected capacity change from 0 to 1024
[  159.290688][ T5834] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  161.174498][ T5925] hfsplus: b-tree write err: -5, ino 4
[  161.881432][ T5925] hfsplus: b-tree write err: -5, ino 8
[  162.529159][ T6617] netlink: 12 bytes leftover after parsing attributes in process `syz.4.180'.
[  163.313215][ T6619] netlink: 187320 bytes leftover after parsing attributes in process `syz.5.181'.
[  163.322840][ T6619] netlink: zone id is out of range
[  163.327997][ T6619] netlink: zone id is out of range
[  163.408179][   T35] team0 (unregistering): Port device team_slave_1 removed
[  164.068881][   T35] team0 (unregistering): Port device team_slave_0 removed
[  167.439938][ T6642] loop4: detected capacity change from 0 to 764
[  167.536396][ T6642] Symlink component flag not implemented
[  167.543247][ T6642] Symlink component flag not implemented (116)
[  171.085102][   T29] audit: type=1326 audit(1737446966.949:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6659 comm="syz.5.192" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f86ebb85d29 code=0x0
[  171.370387][ T6665] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  171.393122][ T6665] SET target dimension over the limit!
[  172.467935][ T6562] batman_adv: batadv0: Adding interface: dummy0
[  172.497131][ T6562] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  173.517785][ T6562] batman_adv: batadv0: Interface activated: dummy0
[  173.815186][ T6677] infiniband syz0: set down
[  173.820393][ T6677] infiniband syz0: added ipvlan1
[  174.247990][ T6677] RDS/IB: syz0: added
[  174.252955][ T6677] smc: adding ib device syz0 with port count 1
[  174.259260][ T6677] smc:    ib device syz0 port 1 has pnetid 
[  175.688354][ T5849] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  175.698087][ T5849] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  175.705849][ T5849] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  176.118923][ T6691] loop5: detected capacity change from 0 to 16
[  176.291500][ T5849] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  176.325064][ T5849] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  176.372130][ T5849] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  176.975300][ T6388] bridge0: port 1(bridge_slave_0) entered blocking state
[  177.106680][ T6388] bridge0: port 1(bridge_slave_0) entered disabled state
[  177.186484][ T6388] bridge_slave_0: entered allmulticast mode
[  177.226747][ T6388] bridge_slave_0: entered promiscuous mode
[  177.307615][ T6388] bridge0: port 2(bridge_slave_1) entered blocking state
[  177.388360][ T6388] bridge0: port 2(bridge_slave_1) entered disabled state
[  177.430816][ T6388] bridge_slave_1: entered allmulticast mode
[  177.443083][ T6388] bridge_slave_1: entered promiscuous mode
[  178.788651][ T5849] Bluetooth: hci6: command tx timeout
[  179.236227][ T6601] syz_tun (unregistering): left promiscuous mode
[  179.304590][ T5840] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  179.347073][ T5840] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  179.349368][ T6388] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  179.380900][ T5840] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  179.453286][ T5840] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  179.469242][ T5840] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  179.476730][ T5840] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  179.501540][ T6388] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  180.596307][ T6388] team0: Port device team_slave_0 added
[  180.693834][ T6717] vlan2: entered promiscuous mode
[  180.728302][ T6717] bridge0: port 3(vlan2) entered blocking state
[  180.761504][ T6717] bridge0: port 3(vlan2) entered disabled state
[  180.771401][ T6717] vlan2: entered allmulticast mode
[  180.828657][ T6388] team0: Port device team_slave_1 added
[  180.861911][ T5840] Bluetooth: hci6: command tx timeout
[  181.802112][ T6733] sctp: failed to load transform for md5: -2
[  182.007671][ T5840] Bluetooth: hci3: command tx timeout
[  182.057723][ T6388] batman_adv: batadv0: Adding interface: batadv_slave_0
[  182.065084][ T6388] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  182.474839][ T6388] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  182.742759][ T6388] batman_adv: batadv0: Adding interface: batadv_slave_1
[  182.749770][ T6388] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  182.850260][ T6388] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  182.941725][ T5840] Bluetooth: hci6: command tx timeout
[  184.063678][ T5840] Bluetooth: hci3: command tx timeout
[  184.516968][ T6388] hsr_slave_0: entered promiscuous mode
[  185.011816][ T6388] hsr_slave_1: entered promiscuous mode
[  185.026342][ T5840] Bluetooth: hci6: command tx timeout
[  185.042255][ T6388] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  185.049873][ T6388] Cannot create hsr debugfs directory
[  185.078614][ T6762] loop3: detected capacity change from 0 to 512
[  185.166773][ T6762] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  185.188480][ T6762] EXT4-fs (loop3): orphan cleanup on readonly fs
[  185.209635][ T6762] EXT4-fs warning (device loop3): ext4_enable_quotas:7156: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  185.234086][ T6762] EXT4-fs (loop3): Cannot turn on quotas: error -22
[  185.241277][ T6762] EXT4-fs error (device loop3): ext4_orphan_get:1389: inode #16: comm syz.3.215: iget: immutable or append flags not allowed on symlinks
[  185.271136][ T6762] EXT4-fs error (device loop3): ext4_orphan_get:1394: comm syz.3.215: couldn't read orphan inode 16 (err -117)
[  185.295618][ T6762] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  185.421931][   T35] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  186.226446][ T5840] Bluetooth: hci3: command tx timeout
[  186.284790][ T5844] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  186.638770][   T35] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  186.923484][   T35] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  187.102746][ T5840] Bluetooth: hci2: Unable to find connection with handle 0x00c9
[  188.249569][   T35] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  189.214789][ T5840] Bluetooth: hci3: command tx timeout
[  189.291784][ T5898] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  189.502824][ T5898] usb 6-1: Using ep0 maxpacket: 8
[  189.522972][ T5898] usb 6-1: config index 0 descriptor too short (expected 6427, got 27)
[  189.531296][ T5898] usb 6-1: config 0 has an invalid interface number: 21 but max is 0
[  189.537305][ T6686] chnl_net:caif_netlink_parms(): no params data found
[  189.556876][ T5898] usb 6-1: config 0 has no interface number 0
[  189.580522][ T5898] usb 6-1: config 0 interface 21 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  189.595734][ T6710] chnl_net:caif_netlink_parms(): no params data found
[  189.619570][ T5898] usb 6-1: config 0 interface 21 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  189.644062][ T5898] usb 6-1: config 0 interface 21 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  189.701802][ T5898] usb 6-1: string descriptor 0 read error: -71
[  189.708094][ T5898] usb 6-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4
[  189.741842][ T5898] usb 6-1: New USB device strings: Mfr=31, Product=1, SerialNumber=0
[  189.769770][ T5898] usb 6-1: config 0 descriptor??
[  189.777250][ T5898] usb 6-1: can't set config #0, error -71
[  189.795309][ T5898] usb 6-1: USB disconnect, device number 2
[  189.844351][ T6804] loop4: detected capacity change from 0 to 256
[  189.894466][ T6388] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  190.314408][ T6388] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  191.267056][   T29] audit: type=1326 audit(1737446987.119:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6823 comm="syz.5.225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86ebb85d29 code=0x7ffc0000
[  191.303235][ T6388] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  191.341961][   T29] audit: type=1326 audit(1737446987.119:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6823 comm="syz.5.225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86ebb85d29 code=0x7ffc0000
[  191.373938][ T6388] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  191.389756][   T29] audit: type=1326 audit(1737446987.129:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6823 comm="syz.5.225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f86ebb85d29 code=0x7ffc0000
[  191.471978][   T29] audit: type=1326 audit(1737446987.129:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6823 comm="syz.5.225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86ebb85d29 code=0x7ffc0000
[  191.541785][   T29] audit: type=1326 audit(1737446987.129:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6823 comm="syz.5.225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f86ebb85d29 code=0x7ffc0000
[  191.921090][ T6840] netlink: 'syz.3.227': attribute type 2 has an invalid length.
[  191.928919][ T6840] netlink: 'syz.3.227': attribute type 9 has an invalid length.
[  191.936679][ T6840] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.227'.
[  192.449926][   T29] audit: type=1326 audit(1737446987.129:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6823 comm="syz.5.225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86ebb85d29 code=0x7ffc0000
[  192.622971][   T29] audit: type=1326 audit(1737446987.129:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6823 comm="syz.5.225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f86ebb85d29 code=0x7ffc0000
[  192.647187][   T35] bridge_slave_1: left allmulticast mode
[  192.661727][   T35] bridge_slave_1: left promiscuous mode
[  192.667593][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[  192.792357][   T35] bridge_slave_0: left allmulticast mode
[  192.805806][   T35] bridge_slave_0: left promiscuous mode
[  192.828194][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[  193.089588][ T5849] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  193.107983][ T5849] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  193.126324][ T5849] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  193.135540][ T5849] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  193.143790][ T5849] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  193.152659][ T5849] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  193.319731][ T6855] netlink: 'syz.4.232': attribute type 10 has an invalid length.
[  193.357057][   T35] bridge0 (unregistering): left promiscuous mode
[  193.499366][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  193.510488][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  193.520770][   T35] bond0 (unregistering): Released all slaves
[  193.534811][ T6710] bridge0: port 1(bridge_slave_0) entered blocking state
[  193.550612][ T6710] bridge0: port 1(bridge_slave_0) entered disabled state
[  193.558131][ T6710] bridge_slave_0: entered allmulticast mode
[  193.565639][ T6710] bridge_slave_0: entered promiscuous mode
[  193.575700][ T6686] bridge0: port 1(bridge_slave_0) entered blocking state
[  193.583429][ T6686] bridge0: port 1(bridge_slave_0) entered disabled state
[  193.598799][ T6686] bridge_slave_0: entered allmulticast mode
[  193.614480][ T6686] bridge_slave_0: entered promiscuous mode
[  193.744955][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  193.751428][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  193.770398][ T6855] 8021q: adding VLAN 0 to HW filter on device batadv0
[  193.798871][ T6855] team0: Port device batadv0 added
[  193.807176][ T6710] bridge0: port 2(bridge_slave_1) entered blocking state
[  193.822727][ T6710] bridge0: port 2(bridge_slave_1) entered disabled state
[  193.828476][ T6859] loop3: detected capacity change from 0 to 2048
[  193.840314][ T6710] bridge_slave_1: entered allmulticast mode
[  193.866225][ T6710] bridge_slave_1: entered promiscuous mode
[  193.943268][ T6686] bridge0: port 2(bridge_slave_1) entered blocking state
[  193.945547][ T6862] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  193.960986][ T6686] bridge0: port 2(bridge_slave_1) entered disabled state
[  193.969600][ T6686] bridge_slave_1: entered allmulticast mode
[  193.996342][ T6686] bridge_slave_1: entered promiscuous mode
[  194.087916][ T6862] NILFS (loop3): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3)
[  194.100066][ T6862] NILFS error (device loop3): nilfs_bmap_propagate: broken bmap (inode number=4)
[  194.125395][ T6862] Remounting filesystem read-only
[  194.141576][ T5844] NILFS (loop3): disposed unprocessed dirty file(s) when stopping log writer
[  194.209960][ T6710] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  194.254438][ T6686] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  194.461471][ T6710] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  194.504204][ T6686] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  195.181979][ T5849] Bluetooth: hci1: command tx timeout
[  195.250801][ T6710] team0: Port device team_slave_0 added
[  195.299854][ T6686] team0: Port device team_slave_0 added
[  195.319135][ T6686] team0: Port device team_slave_1 added
[  195.540438][ T6710] team0: Port device team_slave_1 added
[  196.527053][ T6886] netlink: 28 bytes leftover after parsing attributes in process `syz.4.240'.
[  196.536019][ T6886] netlink: 28 bytes leftover after parsing attributes in process `syz.4.240'.
[  196.651357][ T6886] team0: entered promiscuous mode
[  196.658222][ T6886] team_slave_0: entered promiscuous mode
[  196.671158][ T6886] team_slave_1: entered promiscuous mode
[  196.691039][ T6886] batadv0: entered promiscuous mode
[  196.725151][ T6886] bridge0: entered promiscuous mode
[  196.759064][ T6686] batman_adv: batadv0: Adding interface: batadv_slave_0
[  196.781658][ T6686] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  196.826806][ T6686] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  196.878561][ T6710] batman_adv: batadv0: Adding interface: batadv_slave_0
[  196.904950][ T6710] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  196.980848][ T6710] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  197.005497][ T6710] batman_adv: batadv0: Adding interface: batadv_slave_1
[  197.020488][ T6710] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  197.057903][ T6710] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  197.116524][   T35] hsr_slave_0: left promiscuous mode
[  197.136117][   T35] hsr_slave_1: left promiscuous mode
[  197.195420][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  197.241784][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[  197.261841][ T5849] Bluetooth: hci1: command tx timeout
[  197.262501][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  197.277051][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[  198.142390][   T35] veth1_macvtap: left promiscuous mode
[  198.148366][   T35] veth0_macvtap: left promiscuous mode
[  198.165513][   T35] veth1_vlan: left promiscuous mode
[  198.174632][   T35] veth0_vlan: left promiscuous mode
[  198.317799][ T6904] loop3: detected capacity change from 0 to 256
[  198.334288][ T6904] exfat: Deprecated parameter 'namecase'
[  198.359167][ T6904] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe3f33698, utbl_chksum : 0xe619d30d)
[  199.127356][   T35] team0 (unregistering): Port device team_slave_1 removed
[  199.341825][ T5838] Bluetooth: hci1: command tx timeout
[  199.366422][   T35] team0 (unregistering): Port device team_slave_0 removed
[  199.402621][ T6917] loop3: detected capacity change from 0 to 128
[  200.946839][ T5838] Bluetooth: hci5: command 0x0406 tx timeout
[  200.950556][ T5851] Bluetooth: hci2: command 0x0406 tx timeout
[  200.953230][ T5838] Bluetooth: hci0: command 0x0406 tx timeout
[  201.070468][   T29] audit: type=1326 audit(1737446996.929:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6927 comm="syz.3.252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3c5185d29 code=0x7ffc0000
[  201.127501][   T29] audit: type=1326 audit(1737446996.929:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6927 comm="syz.3.252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3c5185d29 code=0x7ffc0000
[  201.156911][   T29] audit: type=1326 audit(1737446996.929:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6927 comm="syz.3.252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7fc3c5185d29 code=0x7ffc0000
[  201.184853][   T29] audit: type=1326 audit(1737446996.929:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6927 comm="syz.3.252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3c5185d29 code=0x7ffc0000
[  201.211664][   T29] audit: type=1326 audit(1737446996.929:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6927 comm="syz.3.252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3c5185d29 code=0x7ffc0000
[  201.237144][   T29] audit: type=1326 audit(1737446996.929:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6927 comm="syz.3.252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc3c5185d29 code=0x7ffc0000
[  201.261394][   T29] audit: type=1326 audit(1737446996.929:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6927 comm="syz.3.252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3c5185d29 code=0x7ffc0000
[  201.284572][   T29] audit: type=1326 audit(1737446996.929:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6927 comm="syz.3.252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc3c5185d29 code=0x7ffc0000
[  201.322852][   T29] audit: type=1326 audit(1737446996.929:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6927 comm="syz.3.252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3c5185d29 code=0x7ffc0000
[  201.348270][   T29] audit: type=1326 audit(1737446996.929:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6927 comm="syz.3.252" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc3c5185d29 code=0x7ffc0000
[  201.422378][ T5840] Bluetooth: hci1: command tx timeout
[  201.917675][ T6686] batman_adv: batadv0: Adding interface: batadv_slave_1
[  201.924881][ T6686] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  202.012682][ T6686] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  202.403373][ T6710] hsr_slave_0: entered promiscuous mode
[  202.564384][ T6939] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method
[  203.388262][ T6710] hsr_slave_1: entered promiscuous mode
[  203.862033][ T6710] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  203.902456][ T6710] Cannot create hsr debugfs directory
[  203.913934][ T6686] hsr_slave_0: entered promiscuous mode
[  204.117557][ T6686] hsr_slave_1: entered promiscuous mode
[  204.210574][ T6686] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  204.275758][ T6686] Cannot create hsr debugfs directory
[  205.057718][ T6950] loop3: detected capacity change from 0 to 256
[  205.229663][ T6950] FAT-fs (loop3): Directory bread(block 64) failed
[  205.264535][ T6950] FAT-fs (loop3): Directory bread(block 65) failed
[  205.271946][ T6950] FAT-fs (loop3): Directory bread(block 66) failed
[  205.278701][ T6950] FAT-fs (loop3): Directory bread(block 67) failed
[  205.285501][ T6950] FAT-fs (loop3): Directory bread(block 68) failed
[  205.292737][ T6950] FAT-fs (loop3): Directory bread(block 69) failed
[  205.299449][ T6950] FAT-fs (loop3): Directory bread(block 70) failed
[  205.316673][ T6852] chnl_net:caif_netlink_parms(): no params data found
[  205.323642][ T6950] FAT-fs (loop3): Directory bread(block 71) failed
[  205.343087][ T6950] FAT-fs (loop3): Directory bread(block 72) failed
[  205.349687][ T6950] FAT-fs (loop3): Directory bread(block 73) failed
[  206.925537][ T6852] bridge0: port 1(bridge_slave_0) entered blocking state
[  206.940866][ T6852] bridge0: port 1(bridge_slave_0) entered disabled state
[  206.950692][ T6852] bridge_slave_0: entered allmulticast mode
[  206.980097][ T6852] bridge_slave_0: entered promiscuous mode
[  207.661982][ T6852] bridge0: port 2(bridge_slave_1) entered blocking state
[  207.669125][ T6852] bridge0: port 2(bridge_slave_1) entered disabled state
[  207.692741][ T6852] bridge_slave_1: entered allmulticast mode
[  207.710039][ T6852] bridge_slave_1: entered promiscuous mode
[  207.843262][ T6686] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  207.920710][ T6686] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  208.145935][ T6852] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  208.184341][ T6686] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  208.211426][ T6686] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  208.263027][ T6852] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  208.555653][ T5849] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  208.570910][ T5849] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  208.583066][ T5849] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  208.591948][ T5849] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  208.600351][ T5849] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  208.607730][ T5849] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  208.671103][ T6852] team0: Port device team_slave_0 added
[  209.655641][ T6852] team0: Port device team_slave_1 added
[  209.692772][ T6710] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  209.776693][ T6710] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  209.779309][ T6993] Process accounting resumed
[  209.803279][ T6710] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  209.836334][   T35] bridge_slave_1: left allmulticast mode
[  209.844075][   T35] bridge_slave_1: left promiscuous mode
[  209.851104][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[  209.892709][   T35] bridge_slave_0: left allmulticast mode
[  209.898421][   T35] bridge_slave_0: left promiscuous mode
[  209.912625][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[  210.000079][ T7000] tipc: Failed to remove unknown binding: 66,1,1/0:2179126253/2179126255
[  210.177092][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  210.194538][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  210.213997][   T35] bond0 (unregistering): Released all slaves
[  210.269648][ T6710] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  210.329059][ T6852] batman_adv: batadv0: Adding interface: batadv_slave_0
[  210.339446][ T6852] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  210.366136][ T6852] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  210.403900][ T6852] batman_adv: batadv0: Adding interface: batadv_slave_1
[  210.410898][ T6852] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  210.463758][ T6852] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  210.653249][ T7008] tipc: Failed to remove unknown binding: 66,1,1/0:2179126253/2179126255
[  210.662343][ T7008] tipc: Failed to remove unknown binding: 66,1,1/0:2179126253/2179126255
[  210.702219][ T5849] Bluetooth: hci4: command tx timeout
[  210.771982][   T35] hsr_slave_0: left promiscuous mode
[  210.789011][   T35] hsr_slave_1: left promiscuous mode
[  210.799680][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[  210.945619][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[  212.421905][ T7018] netlink: 194488 bytes leftover after parsing attributes in process `syz.3.269'.
[  212.921707][ T5849] Bluetooth: hci4: command tx timeout
[  213.202017][   T35] team0 (unregistering): Port device team_slave_1 removed
[  213.359700][   T35] team0 (unregistering): Port device team_slave_0 removed
[  214.636250][ T6852] hsr_slave_0: entered promiscuous mode
[  214.663464][ T6852] hsr_slave_1: entered promiscuous mode
[  214.671684][ T6852] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  214.679284][ T6852] Cannot create hsr debugfs directory
[  214.946201][ T5849] Bluetooth: hci4: command tx timeout
[  215.048734][ T6686] 8021q: adding VLAN 0 to HW filter on device bond0
[  215.155676][ T6686] 8021q: adding VLAN 0 to HW filter on device team0
[  215.295913][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  215.303118][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  215.387417][ T6982] chnl_net:caif_netlink_parms(): no params data found
[  215.517977][ T5925] bridge0: port 2(bridge_slave_1) entered blocking state
[  215.525958][ T5925] bridge0: port 2(bridge_slave_1) entered forwarding state
[  215.754650][   T35] Bluetooth: hci7: Frame reassembly failed (-84)
[  216.345067][ T6710] 8021q: adding VLAN 0 to HW filter on device bond0
[  216.415405][ T6710] 8021q: adding VLAN 0 to HW filter on device team0
[  216.478503][ T6982] bridge0: port 1(bridge_slave_0) entered blocking state
[  216.492080][ T6982] bridge0: port 1(bridge_slave_0) entered disabled state
[  216.499349][ T6982] bridge_slave_0: entered allmulticast mode
[  216.510063][ T6982] bridge_slave_0: entered promiscuous mode
[  216.570868][ T6982] bridge0: port 2(bridge_slave_1) entered blocking state
[  216.586087][ T6982] bridge0: port 2(bridge_slave_1) entered disabled state
[  216.593651][ T6982] bridge_slave_1: entered allmulticast mode
[  216.600823][ T6982] bridge_slave_1: entered promiscuous mode
[  216.637210][ T5925] bridge0: port 1(bridge_slave_0) entered blocking state
[  216.644423][ T5925] bridge0: port 1(bridge_slave_0) entered forwarding state
[  216.695949][ T6982] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  216.708735][ T6982] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  216.732394][ T5925] bridge0: port 2(bridge_slave_1) entered blocking state
[  216.739613][ T5925] bridge0: port 2(bridge_slave_1) entered forwarding state
[  216.797393][ T6852] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  216.820977][ T6982] team0: Port device team_slave_0 added
[  216.834825][ T6852] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  216.849957][ T6982] team0: Port device team_slave_1 added
[  216.856442][ T6852] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  216.916406][ T6852] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  216.995246][ T6982] batman_adv: batadv0: Adding interface: batadv_slave_0
[  217.004340][ T6982] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  217.031382][ T5840] Bluetooth: hci4: command tx timeout
[  217.037898][ T6982] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  217.061172][ T6982] batman_adv: batadv0: Adding interface: batadv_slave_1
[  217.078493][ T6982] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  217.119486][ T6982] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  217.283757][ T6982] hsr_slave_0: entered promiscuous mode
[  217.291141][ T6982] hsr_slave_1: entered promiscuous mode
[  217.299856][ T6982] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  217.308986][ T6982] Cannot create hsr debugfs directory
[  217.557680][ T6686] 8021q: adding VLAN 0 to HW filter on device batadv0
[  217.587418][ T5840] Bluetooth: hci0: unexpected event for opcode 0x2078
[  217.821965][ T5840] Bluetooth: hci7: command 0x1003 tx timeout
[  217.822058][ T5849] Bluetooth: hci7: Opcode 0x1003 failed: -110
[  217.931321][ T7097] Driver unsupported XDP return value 0 on prog  (id 71) dev N/A, expect packet loss!
[  218.947431][ T6852] 8021q: adding VLAN 0 to HW filter on device bond0
[  219.037160][ T6710] 8021q: adding VLAN 0 to HW filter on device batadv0
[  220.106964][ T6982] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  220.183446][ T7116] overlayfs: failed to clone upperpath
[  220.184492][ T6852] 8021q: adding VLAN 0 to HW filter on device team0
[  220.247356][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  220.254541][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  220.317622][ T6982] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  220.377869][ T6982] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  220.444441][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  220.451700][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  220.593325][ T6982] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  221.589150][ T6686] veth0_vlan: entered promiscuous mode
[  221.788420][ T6686] veth1_vlan: entered promiscuous mode
[  221.997287][ T6686] veth0_macvtap: entered promiscuous mode
[  222.094685][ T6710] veth0_vlan: entered promiscuous mode
[  222.208281][ T6686] veth1_macvtap: entered promiscuous mode
[  222.468331][ T6710] veth1_vlan: entered promiscuous mode
[  222.574389][ T6982] 8021q: adding VLAN 0 to HW filter on device bond0
[  222.585489][ T6686] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  222.610584][ T6686] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  222.625481][ T6686] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  222.636133][ T6686] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  223.017623][ T6686] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  223.031431][ T6686] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  223.041671][ T6686] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  223.052411][ T6686] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  223.071566][ T6686] batman_adv: batadv0: Interface activated: batadv_slave_0
[  224.034288][ T6686] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  224.101796][ T6686] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  224.131742][ T6686] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  224.161695][ T6686] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  224.171563][ T6686] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  224.202706][ T6686] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  224.415198][ T6686] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  224.435037][ T6686] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  224.447858][ T6686] batman_adv: batadv0: Interface activated: batadv_slave_1
[  225.425385][ T6686] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  225.434530][ T6686] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  225.443378][ T6686] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  226.604706][ T6686] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  226.673700][ T6852] 8021q: adding VLAN 0 to HW filter on device batadv0
[  227.168515][ T7175] netlink: 'syz.3.293': attribute type 9 has an invalid length.
[  227.176789][ T7175] netlink: 'syz.3.293': attribute type 6 has an invalid length.
[  228.650112][ T6982] 8021q: adding VLAN 0 to HW filter on device team0
[  228.692251][ T6710] veth0_macvtap: entered promiscuous mode
[  228.794782][ T6710] veth1_macvtap: entered promiscuous mode
[  228.829306][ T2954] bridge0: port 1(bridge_slave_0) entered blocking state
[  228.836608][ T2954] bridge0: port 1(bridge_slave_0) entered forwarding state
[  228.933876][ T6196] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  228.971768][   T29] kauditd_printk_skb: 2 callbacks suppressed
[  228.971791][   T29] audit: type=1326 audit(1737447024.819:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7181 comm="syz.3.295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3c5185d29 code=0x7ffc0000
[  229.015287][ T6196] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  229.099668][ T6710] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  229.111249][ T6710] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  229.131669][ T6710] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  229.133374][   T29] audit: type=1326 audit(1737447024.819:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7181 comm="syz.3.295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3c5185d29 code=0x7ffc0000
[  229.151720][ T6710] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  229.176043][ T6710] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  229.186650][ T6710] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  229.196988][ T6710] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  229.207647][ T6710] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  229.218015][ T6710] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  229.295736][ T6710] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  229.319035][   T29] audit: type=1326 audit(1737447024.859:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7181 comm="syz.3.295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=318 compat=0 ip=0x7fc3c5185d29 code=0x7ffc0000
[  229.416782][ T6710] batman_adv: batadv0: Interface activated: batadv_slave_0
[  229.677966][   T29] audit: type=1326 audit(1737447024.859:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7181 comm="syz.3.295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3c5185d29 code=0x7ffc0000
[  230.049586][   T29] audit: type=1326 audit(1737447024.859:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7181 comm="syz.3.295" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc3c5185d29 code=0x7ffc0000
[  230.132188][ T6196] bridge0: port 2(bridge_slave_1) entered blocking state
[  230.139373][ T6196] bridge0: port 2(bridge_slave_1) entered forwarding state
[  230.240795][ T6982] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  230.251636][ T6982] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  230.271547][ T6196] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  230.279476][ T6196] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  230.308900][ T6710] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  230.347470][ T6710] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  230.376698][ T6710] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  230.651671][ T6710] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  230.662151][ T6710] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  230.672981][ T6710] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  231.652020][ T6710] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  232.947339][ T6710] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  233.951845][ T6710] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  234.001862][ T6710] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  234.118124][ T6710] batman_adv: batadv0: Interface activated: batadv_slave_1
[  235.244782][ T6710] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  235.300364][ T6710] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  235.381774][ T6710] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  235.425078][ T6710] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  235.762737][ T6852] veth0_vlan: entered promiscuous mode
[  235.831176][ T6852] veth1_vlan: entered promiscuous mode
[  236.003991][ T6852] veth0_macvtap: entered promiscuous mode
[  236.065544][ T6852] veth1_macvtap: entered promiscuous mode
[  236.125730][ T6982] 8021q: adding VLAN 0 to HW filter on device batadv0
[  236.262025][ T6852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  236.265592][ T5840] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  236.289129][ T5840] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  236.300397][ T5840] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  236.310641][ T5840] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  236.327223][ T5840] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  236.335207][ T6852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.335484][ T5840] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  236.423031][ T6852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  236.501946][ T6852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.512466][ T6852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  236.544528][ T6852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.575546][ T6852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  236.631804][ T6852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.655226][ T6852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  236.711928][ T6852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.738545][ T6852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  236.771818][ T6852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  236.863875][ T6852] batman_adv: batadv0: Interface activated: batadv_slave_0
[  236.906545][ T5840] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  236.916987][ T5840] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  236.926141][ T5840] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  236.934269][ T5840] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  236.944432][ T5840] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3
[  236.951899][ T5840] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  237.067245][ T6852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  237.295224][ T6852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  237.868988][ T6852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  237.894934][ T6852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  237.917339][ T6852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  237.973762][ T6852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  237.984629][ T6852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  237.995143][ T6852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  238.005042][ T6852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  238.015616][ T6852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  238.025489][ T6852] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  238.036074][ T6852] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  238.062910][ T6852] batman_adv: batadv0: Interface activated: batadv_slave_1
[  238.347822][ T6852] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  238.386616][ T6852] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  238.404105][ T6852] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  238.428875][ T6852] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  238.461988][ T5840] Bluetooth: hci7: command tx timeout
[  238.591030][ T2991] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  238.642091][ T5833] usb 4-1: new full-speed USB device number 2 using dummy_hcd
[  238.723563][ T2991] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  238.824393][ T5833] usb 4-1: config 0 has no interfaces?
[  238.831667][ T2991] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  238.846161][ T5833] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  238.867675][ T5833] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  238.888604][ T5833] usb 4-1: SerialNumber: syz
[  238.920510][ T5833] usb 4-1: config 0 descriptor??
[  238.927776][ T2991] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  238.956387][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  238.982143][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  239.031949][ T5840] Bluetooth: hci8: command tx timeout
[  239.042937][ T6982] veth0_vlan: entered promiscuous mode
[  239.143067][ T2954] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  239.168749][ T2954] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  239.187493][ T5833] usb 4-1: USB disconnect, device number 2
[  239.202329][ T6982] veth1_vlan: entered promiscuous mode
[  239.574039][ T2991] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  239.651564][ T6982] veth0_macvtap: entered promiscuous mode
[  239.816959][ T7298] input: syz0 as /devices/virtual/input/input5
[  239.865769][ T2991] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  240.003055][ T6982] veth1_macvtap: entered promiscuous mode
[  240.021335][ T7305] overlayfs: failed to clone upperpath
[  240.042751][ T7298] loop6: detected capacity change from 0 to 2048
[  240.094427][ T7298] Alternate GPT is invalid, using primary GPT.
[  240.101088][ T7298]  loop6: p1 p2 p3
[  240.488431][ T2991] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  240.554438][ T5840] Bluetooth: hci7: command tx timeout
[  240.668573][ T7238] chnl_net:caif_netlink_parms(): no params data found
[  240.800210][ T2991] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  241.837925][ T5840] Bluetooth: hci8: command tx timeout
[  241.947211][ T6982] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  241.967032][ T6982] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  241.989061][ T6982] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  242.015050][ T6982] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  242.111745][ T6982] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  242.126814][ T7317] loop6: detected capacity change from 0 to 256
[  242.141375][ T6982] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  242.226920][ T6982] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  242.266525][ T6982] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  242.321245][ T6982] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  242.628968][ T6982] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  242.702224][ T5840] Bluetooth: hci7: command tx timeout
[  242.805034][ T6982] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  243.214746][   T29] audit: type=1326 audit(1737447038.869:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7318 comm="syz.4.316" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0a7c585d29 code=0x0
[  243.262810][ T6982] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  243.516072][ T7327] xt_nfacct: accounting object `syz0' does not exists
[  243.833555][ T6982] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  243.861730][ T6982] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  243.873524][ T6982] batman_adv: batadv0: Interface activated: batadv_slave_0
[  243.902002][ T5840] Bluetooth: hci8: command tx timeout
[  244.867964][ T5840] Bluetooth: hci7: command tx timeout
[  246.601758][ T5840] Bluetooth: hci8: command tx timeout
[  247.338502][ T6982] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  247.381804][ T6982] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  247.391751][ T6982] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  247.403105][ T6982] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  247.413020][ T6982] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  247.423569][ T6982] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  247.433465][ T6982] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  247.444166][ T6982] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  247.454128][ T6982] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  247.474755][ T6982] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  247.501459][ T6982] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  247.501576][ T7351] capability: warning: `syz.6.323' uses deprecated v2 capabilities in a way that may be insecure
[  247.528713][ T6982] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  247.548798][ T6982] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  247.581650][ T6982] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  247.593603][ T6982] batman_adv: batadv0: Interface activated: batadv_slave_1
[  247.615754][ T6982] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  247.638110][ T6982] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  247.648350][ T7351] usb usb4: usbfs: process 7351 (syz.6.323) did not claim interface 0 before use
[  247.668393][ T6982] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  247.695188][ T6982] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  247.924944][ T7252] chnl_net:caif_netlink_parms(): no params data found
[  247.965430][ T7238] bridge0: port 1(bridge_slave_0) entered blocking state
[  247.983349][ T7238] bridge0: port 1(bridge_slave_0) entered disabled state
[  247.990756][ T7238] bridge_slave_0: entered allmulticast mode
[  248.000923][ T7238] bridge_slave_0: entered promiscuous mode
[  248.144777][ T7238] bridge0: port 2(bridge_slave_1) entered blocking state
[  248.174329][ T7238] bridge0: port 2(bridge_slave_1) entered disabled state
[  248.189282][ T7238] bridge_slave_1: entered allmulticast mode
[  248.209239][ T7238] bridge_slave_1: entered promiscuous mode
[  249.638583][ T2991] bridge_slave_1: left allmulticast mode
[  249.658249][ T2991] bridge_slave_1: left promiscuous mode
[  249.675620][ T2991] bridge0: port 2(bridge_slave_1) entered disabled state
[  249.737836][ T2991] bridge_slave_0: left allmulticast mode
[  249.772877][ T2991] bridge_slave_0: left promiscuous mode
[  249.787152][ T2991] bridge0: port 1(bridge_slave_0) entered disabled state
[  249.814960][ T2991] bridge_slave_1: left allmulticast mode
[  249.831077][ T2991] bridge_slave_1: left promiscuous mode
[  249.851556][ T2991] bridge0: port 2(bridge_slave_1) entered disabled state
[  249.893459][ T2991] bridge_slave_0: left allmulticast mode
[  249.915333][ T2991] bridge_slave_0: left promiscuous mode
[  249.941557][ T2991] bridge0: port 1(bridge_slave_0) entered disabled state
[  250.136207][ T7386] loop6: detected capacity change from 0 to 16
[  250.240789][ T7386] erofs (device loop6): mounted with root inode @ nid 36.
[  250.273518][ T7386] syz.6.331: attempt to access beyond end of device
[  250.273518][ T7386] loop6: rw=0, sector=14546590680, nr_sectors = 8 limit=16
[  250.288485][ T7386] erofs (device loop6): failed to decompress -2 in[1, 1440] out[1677]
[  250.297329][ T7386] erofs (device loop6): read error -5 @ 87 of nid 36
[  250.304315][ T7386] erofs (device loop6): fail to readdir of logical block 87 of nid 36
[  251.410334][ T7395] syz.4.333[7395] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  251.410444][ T7395] syz.4.333[7395] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  251.432019][ T7395] syz.4.333[7395] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  251.986211][ T7399] xt_hashlimit: invalid rate
[  253.329624][ T7407] loop3: detected capacity change from 0 to 2048
[  253.754137][ T7407] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  253.781208][ T7407] ext4 filesystem being mounted at /94/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  255.451034][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  255.464797][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  259.611094][   T29] audit: type=1400 audit(1737447055.469:45): apparmor="DENIED" operation="setprocattr" info="invalid" error=-22 profile="unconfined" pid=7445 comm="syz.6.345"
[  259.795816][ T5844] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  260.703560][ T2991] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  261.763250][ T2991] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  261.800302][ T2991] bond0 (unregistering): Released all slaves
[  261.868140][ T7461] F2FS-fs (loop9): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  261.876355][ T7461] F2FS-fs (loop9): Can't find valid F2FS filesystem in 1th superblock
[  261.885266][ T7461] F2FS-fs (loop9): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  261.893137][ T7461] F2FS-fs (loop9): Can't find valid F2FS filesystem in 2th superblock
[  264.045174][ T7471] ubi0: attaching mtd0
[  264.051475][ T7471] ubi0: scanning is finished
[  264.056189][ T7471] ubi0: empty MTD device detected
[  264.224476][ T7471] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB)
[  264.232095][ T7471] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  264.239326][ T7471] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1
[  264.246333][ T7471] ubi0: VID header offset: 64 (aligned 64), data offset: 128
[  264.253760][ T7471] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  264.260522][ T7471] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23
[  264.268567][ T7471] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 1104712715
[  264.278632][ T7471] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  264.291575][ T7477] ubi0: background thread "ubi_bgt0d" started, PID 7477
[  265.521899][ T2991] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  266.657129][ T2991] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  266.755235][ T2991] bond0 (unregistering): Released all slaves
[  266.771400][ T7494] loop6: detected capacity change from 0 to 16
[  266.803185][ T7494] erofs (device loop6): mounted with root inode @ nid 36.
[  266.814102][ T7238] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  266.914932][ T7238] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  269.970569][ T5849] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  269.980351][ T5849] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  269.989161][ T5849] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  270.001922][ T5849] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  270.020449][ T5849] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  270.030795][ T5849] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  270.800912][ T7238] team0: Port device team_slave_0 added
[  270.818256][ T7252] bridge0: port 1(bridge_slave_0) entered blocking state
[  271.811841][ T7252] bridge0: port 1(bridge_slave_0) entered disabled state
[  272.960272][ T5840] Bluetooth: hci3: command tx timeout
[  272.980912][ T7252] bridge_slave_0: entered allmulticast mode
[  273.068117][ T7252] bridge_slave_0: entered promiscuous mode
[  273.130876][ T7252] bridge0: port 2(bridge_slave_1) entered blocking state
[  273.138647][ T7252] bridge0: port 2(bridge_slave_1) entered disabled state
[  273.146940][ T7252] bridge_slave_1: entered allmulticast mode
[  273.154681][ T7252] bridge_slave_1: entered promiscuous mode
[  275.295482][ T5840] Bluetooth: hci3: command tx timeout
[  275.490643][ T7238] team0: Port device team_slave_1 added
[  275.858275][ T7548] netlink: 4 bytes leftover after parsing attributes in process `syz.3.368'.
[  275.934431][ T7252] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  276.117059][ T7238] batman_adv: batadv0: Adding interface: batadv_slave_0
[  276.128226][ T7238] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  276.156241][ T7238] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  276.172564][ T7548] bridge_slave_1: left allmulticast mode
[  276.180554][ T7548] bridge_slave_1: left promiscuous mode
[  276.187703][ T7548] bridge0: port 2(bridge_slave_1) entered disabled state
[  276.206961][ T7548] bridge_slave_0: left allmulticast mode
[  276.214111][ T7548] bridge_slave_0: left promiscuous mode
[  276.220172][ T7548] bridge0: port 1(bridge_slave_0) entered disabled state
[  277.351209][ T5849] Bluetooth: hci3: command tx timeout
[  278.210164][ T7252] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  278.474783][ T7238] batman_adv: batadv0: Adding interface: batadv_slave_1
[  278.521696][ T7238] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  278.689295][ T7238] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  278.730921][ T7566] loop6: detected capacity change from 0 to 1024
[  278.888423][ T7566] syz.6.374: attempt to access beyond end of device
[  278.888423][ T7566] loop6: rw=0, sector=5778, nr_sectors = 2 limit=1024
[  279.421685][ T5849] Bluetooth: hci3: command tx timeout
[  280.700809][ T7252] team0: Port device team_slave_0 added
[  281.088210][ T7591] loop3: detected capacity change from 0 to 512
[  281.182440][ T7591] EXT4-fs error (device loop3): ext4_orphan_get:1389: inode #15: comm syz.3.378: casefold flag without casefold feature
[  281.251352][ T7591] EXT4-fs error (device loop3): ext4_orphan_get:1394: comm syz.3.378: couldn't read orphan inode 15 (err -117)
[  281.379028][ T7591] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  283.152469][ T7252] team0: Port device team_slave_1 added
[  283.284047][ T2991] hsr_slave_0: left promiscuous mode
[  283.296826][ T5844] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  283.327677][ T2991] hsr_slave_1: left promiscuous mode
[  283.337244][ T2991] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  283.392339][ T2991] batman_adv: batadv0: Removing interface: batadv_slave_0
[  283.425505][ T2991] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  283.460023][ T2991] batman_adv: batadv0: Removing interface: batadv_slave_1
[  283.489781][ T2991] hsr_slave_0: left promiscuous mode
[  283.503981][ T7614] netlink: 28 bytes leftover after parsing attributes in process `syz.3.383'.
[  283.513245][ T7614] netlink: 28 bytes leftover after parsing attributes in process `syz.3.383'.
[  283.531214][ T2991] hsr_slave_1: left promiscuous mode
[  283.537499][ T2991] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  283.545588][ T2991] batman_adv: batadv0: Removing interface: batadv_slave_0
[  283.572431][ T2991] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  283.581147][ T2991] batman_adv: batadv0: Removing interface: batadv_slave_1
[  283.637287][ T2991] veth1_macvtap: left promiscuous mode
[  283.642986][ T2991] veth0_macvtap: left promiscuous mode
[  283.648547][ T2991] veth1_vlan: left promiscuous mode
[  283.655755][ T2991] veth0_vlan: left promiscuous mode
[  283.681971][ T2991] veth1_macvtap: left promiscuous mode
[  283.687498][ T2991] veth0_macvtap: left promiscuous mode
[  283.701809][ T2991] veth1_vlan: left promiscuous mode
[  283.707130][ T2991] veth0_vlan: left promiscuous mode
[  284.420128][ T7619] loop6: detected capacity change from 0 to 512
[  284.448503][ T7619] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  284.501285][ T7619] EXT4-fs (loop6): 1 truncate cleaned up
[  284.512601][ T7619] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  285.708931][ T6852] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  285.963743][ T2991] team0 (unregistering): Port device team_slave_1 removed
[  286.091002][ T2991] team0 (unregistering): Port device team_slave_0 removed
[  287.346100][ T7631] F2FS-fs (loop13): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  287.354355][ T7631] F2FS-fs (loop13): Can't find valid F2FS filesystem in 1th superblock
[  287.363203][ T7631] F2FS-fs (loop13): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  287.371091][ T7631] F2FS-fs (loop13): Can't find valid F2FS filesystem in 2th superblock
[  289.312063][ T2991] team0 (unregistering): Port device team_slave_1 removed
[  289.449386][ T2991] team0 (unregistering): Port device team_slave_0 removed
[  290.695893][ T7608] vlan2: entered promiscuous mode
[  290.800932][ T7614] macvlan1: entered promiscuous mode
[  290.839690][ T7614] team0: entered promiscuous mode
[  290.851976][ T7614] team_slave_0: entered promiscuous mode
[  290.858055][ T7614] team_slave_1: entered promiscuous mode
[  290.870819][ T7614] debugfs: Directory 'hsr1' with parent 'hsr' already present!
[  290.878639][ T7614] Cannot create hsr debugfs directory
[  290.954225][ T7238] hsr_slave_0: entered promiscuous mode
[  290.981912][ T7238] hsr_slave_1: entered promiscuous mode
[  291.261687][ T7238] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  291.281491][ T7238] Cannot create hsr debugfs directory
[  291.357904][ T7646] xt_NFQUEUE: number of total queues is 0
[  292.352133][ T7252] batman_adv: batadv0: Adding interface: batadv_slave_0
[  292.369946][ T7252] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  292.399914][ T7655] loop3: detected capacity change from 0 to 1024
[  292.429678][ T7655] ext4: Unknown parameter 'nouser_xattr'
[  292.473465][ T7252] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  292.713598][ T7252] batman_adv: batadv0: Adding interface: batadv_slave_1
[  292.752518][ T7252] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  292.779763][ T7252] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  293.779352][ T7252] hsr_slave_0: entered promiscuous mode
[  293.795716][ T7252] hsr_slave_1: entered promiscuous mode
[  293.804114][ T7252] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  293.825992][ T7252] Cannot create hsr debugfs directory
[  295.040303][ T7515] chnl_net:caif_netlink_parms(): no params data found
[  295.349916][ T7688] loop6: detected capacity change from 0 to 1024
[  296.962150][   T36] hfsplus: b-tree write err: -5, ino 4
[  298.273928][ T7515] bridge0: port 1(bridge_slave_0) entered blocking state
[  298.305749][ T7515] bridge0: port 1(bridge_slave_0) entered disabled state
[  298.337831][ T7515] bridge_slave_0: entered allmulticast mode
[  298.385829][ T5840] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  298.403969][ T5840] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  298.412604][ T5840] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  298.420643][ T5840] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  298.428434][ T5840] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  298.436002][ T5840] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  298.468179][ T7515] bridge_slave_0: entered promiscuous mode
[  300.771881][ T5849] Bluetooth: hci4: command tx timeout
[  300.821858][ T5897] IPVS: starting estimator thread 0...
[  300.832300][ T5849] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  301.051295][ T5849] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  301.069944][ T5849] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  301.077952][ T5849] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  301.087403][ T5849] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  301.094774][ T5849] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  301.239993][ T7735] IPVS: using max 24 ests per chain, 57600 per kthread
[  301.992194][ T7515] bridge0: port 2(bridge_slave_1) entered blocking state
[  302.032944][ T7515] bridge0: port 2(bridge_slave_1) entered disabled state
[  302.062598][ T7515] bridge_slave_1: entered allmulticast mode
[  302.069782][ T7515] bridge_slave_1: entered promiscuous mode
[  302.217833][ T7515] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  302.381551][ T7515] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  302.515130][ T7515] team0: Port device team_slave_0 added
[  302.613316][ T7515] team0: Port device team_slave_1 added
[  302.792060][ T5849] Bluetooth: hci4: command tx timeout
[  303.327163][ T2991] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  303.460700][ T7515] batman_adv: batadv0: Adding interface: batadv_slave_0
[  303.501758][ T7515] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  303.510197][ T5849] Bluetooth: hci6: command tx timeout
[  303.551793][ T7515] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  303.705537][ T2991] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  303.835134][ T7515] batman_adv: batadv0: Adding interface: batadv_slave_1
[  303.853043][ T7515] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  303.946828][ T7771] cgroup: fork rejected by pids controller in /syz6
[  304.641690][ T7515] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  304.830206][ T2991] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  304.862005][ T5849] Bluetooth: hci4: command tx timeout
[  305.019388][ T2991] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  305.087045][ T7515] hsr_slave_0: entered promiscuous mode
[  305.095838][ T7515] hsr_slave_1: entered promiscuous mode
[  305.107577][ T7515] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  305.115551][ T7515] Cannot create hsr debugfs directory
[  305.584210][ T5849] Bluetooth: hci6: command tx timeout
[  305.624141][ T2991] bridge_slave_1: left allmulticast mode
[  305.629850][ T2991] bridge_slave_1: left promiscuous mode
[  305.677385][ T2991] bridge0: port 2(bridge_slave_1) entered disabled state
[  305.723753][ T2991] bridge_slave_0: left allmulticast mode
[  305.729464][ T2991] bridge_slave_0: left promiscuous mode
[  305.741799][ T2991] bridge0: port 1(bridge_slave_0) entered disabled state
[  305.760845][ T2991] bridge_slave_1: left allmulticast mode
[  305.782028][ T2991] bridge_slave_1: left promiscuous mode
[  305.787801][ T2991] bridge0: port 2(bridge_slave_1) entered disabled state
[  305.817188][ T2991] bridge_slave_0: left allmulticast mode
[  305.832477][ T5840] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  305.834886][ T2991] bridge_slave_0: left promiscuous mode
[  305.844328][ T5840] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  305.857466][ T5840] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  305.866484][ T5840] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  305.874004][ T2991] bridge0: port 1(bridge_slave_0) entered disabled state
[  305.874786][ T5840] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  305.891084][ T5840] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  305.917149][ T2991] bridge_slave_1: left allmulticast mode
[  305.938327][ T2991] bridge_slave_1: left promiscuous mode
[  305.946015][ T2991] bridge0: port 2(bridge_slave_1) entered disabled state
[  305.955771][ T2991] bridge_slave_0: left allmulticast mode
[  305.961459][ T2991] bridge_slave_0: left promiscuous mode
[  305.971897][ T2991] bridge0: port 1(bridge_slave_0) entered disabled state
[  306.586190][ T2991] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  306.621166][ T2991] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  306.637904][ T2991] bond0 (unregistering): Released all slaves
[  306.663930][ T2991] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  306.712497][ T2991] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  306.734563][ T2991] bond0 (unregistering): Released all slaves
[  306.996273][ T5840] Bluetooth: hci4: command tx timeout
[  307.513592][ T2991] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  307.537832][ T2991] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  307.559087][ T2991] bond0 (unregistering): Released all slaves
[  307.604437][ T7731] chnl_net:caif_netlink_parms(): no params data found
[  307.662036][ T5840] Bluetooth: hci6: command tx timeout
[  307.983117][ T5840] Bluetooth: hci1: command tx timeout
[  308.634023][ T7720] chnl_net:caif_netlink_parms(): no params data found
[  309.741884][ T5840] Bluetooth: hci6: command tx timeout
[  310.062085][ T5840] Bluetooth: hci1: command tx timeout
[  310.082482][ T2991] hsr_slave_0: left promiscuous mode
[  310.088809][ T2991] hsr_slave_1: left promiscuous mode
[  310.095339][ T2991] batman_adv: batadv0: Removing interface: batadv_slave_0
[  310.115413][ T2991] batman_adv: batadv0: Removing interface: batadv_slave_1
[  310.138137][ T2991] hsr_slave_0: left promiscuous mode
[  310.152107][ T2991] hsr_slave_1: left promiscuous mode
[  310.158535][ T2991] batman_adv: batadv0: Removing interface: batadv_slave_0
[  310.169044][ T2991] batman_adv: batadv0: Removing interface: batadv_slave_1
[  310.188624][ T2991] hsr_slave_0: left promiscuous mode
[  310.195232][ T2991] hsr_slave_1: left promiscuous mode
[  310.201403][ T2991] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  310.208990][ T2991] batman_adv: batadv0: Removing interface: batadv_slave_0
[  310.220013][ T2991] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  310.228039][ T2991] batman_adv: batadv0: Removing interface: batadv_slave_1
[  310.255007][ T2991] veth1_macvtap: left promiscuous mode
[  310.260596][ T2991] veth0_macvtap: left promiscuous mode
[  310.266282][ T2991] veth1_vlan: left promiscuous mode
[  310.271660][ T2991] veth0_vlan: left promiscuous mode
[  310.531093][ T2991] team0 (unregistering): Port device team_slave_1 removed
[  310.568469][ T2991] team0 (unregistering): Port device team_slave_0 removed
[  310.891963][ T2991] team0 (unregistering): Port device team_slave_1 removed
[  310.940809][ T2991] team0 (unregistering): Port device team_slave_0 removed
[  311.534722][ T2991] team0 (unregistering): Port device team_slave_1 removed
[  311.576966][ T2991] team0 (unregistering): Port device team_slave_0 removed
[  311.995692][ T7720] bridge0: port 1(bridge_slave_0) entered blocking state
[  312.003460][ T7720] bridge0: port 1(bridge_slave_0) entered disabled state
[  312.010803][ T7720] bridge_slave_0: entered allmulticast mode
[  312.019184][ T7720] bridge_slave_0: entered promiscuous mode
[  312.055904][ T7720] bridge0: port 2(bridge_slave_1) entered blocking state
[  312.078343][ T7720] bridge0: port 2(bridge_slave_1) entered disabled state
[  312.089183][ T7720] bridge_slave_1: entered allmulticast mode
[  312.104303][ T7720] bridge_slave_1: entered promiscuous mode
[  312.143989][ T7731] bridge0: port 1(bridge_slave_0) entered blocking state
[  312.144281][ T5840] Bluetooth: hci1: command tx timeout
[  312.151199][ T7731] bridge0: port 1(bridge_slave_0) entered disabled state
[  312.166667][ T7731] bridge_slave_0: entered allmulticast mode
[  312.173901][ T7731] bridge_slave_0: entered promiscuous mode
[  312.317603][ T7720] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  312.343905][ T7731] bridge0: port 2(bridge_slave_1) entered blocking state
[  312.354115][ T7731] bridge0: port 2(bridge_slave_1) entered disabled state
[  312.533189][ T7731] bridge_slave_1: entered allmulticast mode
[  312.541025][ T7731] bridge_slave_1: entered promiscuous mode
[  312.898319][ T7720] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  312.923316][ T7887] chnl_net:caif_netlink_parms(): no params data found
[  313.472528][ T7731] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  313.560522][ T7720] team0: Port device team_slave_0 added
[  313.585286][ T7720] team0: Port device team_slave_1 added
[  313.648811][ T7731] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  313.975676][ T7731] team0: Port device team_slave_0 added
[  314.054682][ T7515] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  314.068957][ T7515] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  314.084596][ T7720] batman_adv: batadv0: Adding interface: batadv_slave_0
[  314.092018][ T7720] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  314.119139][ T7720] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  314.146200][ T7731] team0: Port device team_slave_1 added
[  314.182919][ T7515] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  314.204481][ T7515] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  314.216874][ T7720] batman_adv: batadv0: Adding interface: batadv_slave_1
[  314.224367][ T7720] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  314.250597][ T5840] Bluetooth: hci1: command tx timeout
[  314.256196][ T7720] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  314.303847][ T7731] batman_adv: batadv0: Adding interface: batadv_slave_0
[  314.312591][ T7731] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  314.338863][ T7731] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  314.352725][ T7731] batman_adv: batadv0: Adding interface: batadv_slave_1
[  314.359765][ T7731] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  314.387295][ T7731] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  314.466575][ T7887] bridge0: port 1(bridge_slave_0) entered blocking state
[  314.485422][ T7887] bridge0: port 1(bridge_slave_0) entered disabled state
[  314.497858][ T7887] bridge_slave_0: entered allmulticast mode
[  314.509770][ T7887] bridge_slave_0: entered promiscuous mode
[  314.550180][ T7887] bridge0: port 2(bridge_slave_1) entered blocking state
[  314.557610][ T7887] bridge0: port 2(bridge_slave_1) entered disabled state
[  314.565403][ T7887] bridge_slave_1: entered allmulticast mode
[  314.582212][ T7887] bridge_slave_1: entered promiscuous mode
[  314.620665][ T7720] hsr_slave_0: entered promiscuous mode
[  314.640068][ T7720] hsr_slave_1: entered promiscuous mode
[  314.647020][ T7720] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  314.655441][ T7720] Cannot create hsr debugfs directory
[  314.706253][ T7887] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  314.810226][ T7887] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  314.853440][ T7731] hsr_slave_0: entered promiscuous mode
[  314.862734][ T7731] hsr_slave_1: entered promiscuous mode
[  314.869312][ T7731] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  314.877086][ T7731] Cannot create hsr debugfs directory
[  314.982926][ T7945] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  314.982926][ T7945] The task syz.4.427 (7945) triggered the difference, watch for misbehavior.
[  315.024365][ T7887] team0: Port device team_slave_0 added
[  315.035851][ T7887] team0: Port device team_slave_1 added
[  315.152286][ T7887] batman_adv: batadv0: Adding interface: batadv_slave_0
[  315.160110][ T7887] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  315.187256][ T7887] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  315.202512][ T7887] batman_adv: batadv0: Adding interface: batadv_slave_1
[  315.209567][ T7887] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  315.236227][ T7887] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  315.509964][ T7887] hsr_slave_0: entered promiscuous mode
[  315.518036][ T7887] hsr_slave_1: entered promiscuous mode
[  315.524675][ T7887] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  315.532787][ T7887] Cannot create hsr debugfs directory
[  315.629572][ T7515] 8021q: adding VLAN 0 to HW filter on device bond0
[  315.680712][ T2991] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  315.872823][ T7515] 8021q: adding VLAN 0 to HW filter on device team0
[  316.013082][ T2991] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  316.263927][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[  316.271136][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[  316.407902][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[  316.415264][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[  316.802838][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  316.809204][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  317.270392][ T2991] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  317.287804][ T5849] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  317.299513][ T5849] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  317.307745][ T5849] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  317.320806][ T5849] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  317.330583][ T5849] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  317.371254][ T5849] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  318.135113][ T7720] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  318.196189][ T7720] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  318.285321][ T2991] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  318.495289][ T7720] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  319.374512][ T7720] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  319.431860][ T5849] Bluetooth: hci7: command tx timeout
[  320.625017][ T7515] 8021q: adding VLAN 0 to HW filter on device batadv0
[  320.969678][ T2991] bridge_slave_1: left allmulticast mode
[  320.979382][ T2991] bridge_slave_1: left promiscuous mode
[  320.990342][ T2991] bridge0: port 2(bridge_slave_1) entered disabled state
[  321.017906][ T2991] bridge_slave_0: left allmulticast mode
[  321.025087][ T2991] bridge_slave_0: left promiscuous mode
[  321.042105][ T2991] bridge0: port 1(bridge_slave_0) entered disabled state
[  321.518292][ T5849] Bluetooth: hci7: command tx timeout
[  322.449114][ T2991] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  322.517764][ T2991] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  322.537349][ T2991] bond0 (unregistering): Released all slaves
[  323.428933][ T7953] chnl_net:caif_netlink_parms(): no params data found
[  323.525976][ T7720] 8021q: adding VLAN 0 to HW filter on device bond0
[  323.601823][ T5849] Bluetooth: hci7: command tx timeout
[  323.854234][ T7953] bridge0: port 1(bridge_slave_0) entered blocking state
[  323.865156][ T7953] bridge0: port 1(bridge_slave_0) entered disabled state
[  323.875358][ T7953] bridge_slave_0: entered allmulticast mode
[  323.894789][ T7953] bridge_slave_0: entered promiscuous mode
[  323.924691][ T7720] 8021q: adding VLAN 0 to HW filter on device team0
[  323.936316][ T7953] bridge0: port 2(bridge_slave_1) entered blocking state
[  323.945030][ T7953] bridge0: port 2(bridge_slave_1) entered disabled state
[  323.962069][ T7953] bridge_slave_1: entered allmulticast mode
[  324.004281][ T7953] bridge_slave_1: entered promiscuous mode
[  324.056409][ T7953] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  324.073572][ T7953] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  324.087510][ T2991] hsr_slave_0: left promiscuous mode
[  324.094083][ T2991] hsr_slave_1: left promiscuous mode
[  324.105967][ T2991] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  324.113631][ T2991] batman_adv: batadv0: Removing interface: batadv_slave_0
[  324.122304][ T2991] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  324.130062][ T2991] batman_adv: batadv0: Removing interface: batadv_slave_1
[  324.150802][ T2991] veth1_macvtap: left promiscuous mode
[  324.156627][ T2991] veth0_macvtap: left promiscuous mode
[  324.162499][ T2991] veth1_vlan: left promiscuous mode
[  324.167799][ T2991] veth0_vlan: left promiscuous mode
[  324.793317][ T2991] team0 (unregistering): Port device team_slave_1 removed
[  324.890420][ T2991] team0 (unregistering): Port device team_slave_0 removed
[  325.661901][ T5849] Bluetooth: hci7: command tx timeout
[  327.384299][ T8008] rdma_rxe: rxe_newlink: failed to add ipvlan1
[  329.684516][ T5840] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  329.695790][ T5840] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  329.704574][ T5840] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  329.718107][ T5840] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  329.725943][ T5840] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3
[  329.733671][ T5840] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  330.022795][   T35] bridge0: port 1(bridge_slave_0) entered blocking state
[  330.029971][   T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[  330.835520][ T7953] team0: Port device team_slave_0 added
[  330.880206][ T7953] team0: Port device team_slave_1 added
[  331.025768][  T988] bridge0: port 2(bridge_slave_1) entered blocking state
[  331.033021][  T988] bridge0: port 2(bridge_slave_1) entered forwarding state
[  331.065842][ T7731] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  331.102893][ T7731] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  331.166563][ T7731] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  331.185835][ T7731] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  331.216138][ T7953] batman_adv: batadv0: Adding interface: batadv_slave_0
[  331.223307][ T7953] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  331.243891][ T8029] Invalid source name
[  331.259115][ T7953] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  331.279783][ T8029] UBIFS error (pid: 8029): cannot open "./file0", error -22
[  331.290751][ T7953] batman_adv: batadv0: Adding interface: batadv_slave_1
[  331.323956][ T7953] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  331.354431][ T7953] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  331.530583][ T7953] hsr_slave_0: entered promiscuous mode
[  331.549345][ T7953] hsr_slave_1: entered promiscuous mode
[  331.558359][ T7953] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  331.566280][ T7953] Cannot create hsr debugfs directory
[  331.668064][ T7887] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  331.739847][ T7887] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  331.807297][ T7887] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  331.818695][ T7887] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  331.986097][ T5840] Bluetooth: hci8: command tx timeout
[  332.506839][ T7731] 8021q: adding VLAN 0 to HW filter on device bond0
[  332.564711][ T8018] chnl_net:caif_netlink_parms(): no params data found
[  332.603878][ T7720] 8021q: adding VLAN 0 to HW filter on device batadv0
[  333.955629][ T7731] 8021q: adding VLAN 0 to HW filter on device team0
[  334.132350][ T5840] Bluetooth: hci8: command tx timeout
[  334.228035][ T7887] 8021q: adding VLAN 0 to HW filter on device bond0
[  335.180324][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  335.187582][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  335.216249][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  335.223519][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  335.545105][ T8018] bridge0: port 1(bridge_slave_0) entered blocking state
[  335.558758][ T8018] bridge0: port 1(bridge_slave_0) entered disabled state
[  335.566327][ T8018] bridge_slave_0: entered allmulticast mode
[  335.576552][ T8018] bridge_slave_0: entered promiscuous mode
[  335.618176][ T2991] bridge_slave_1: left allmulticast mode
[  335.624274][ T2991] bridge_slave_1: left promiscuous mode
[  335.632136][ T2991] bridge0: port 2(bridge_slave_1) entered disabled state
[  335.734278][ T2991] bridge_slave_0: left allmulticast mode
[  335.800253][ T2991] bridge_slave_0: left promiscuous mode
[  335.904714][ T2991] bridge0: port 1(bridge_slave_0) entered disabled state
[  336.349910][ T5840] Bluetooth: hci8: command tx timeout
[  337.741974][   T30] INFO: task kworker/u8:14:6197 blocked for more than 144 seconds.
[  337.752562][   T30]       Not tainted 6.13.0-syzkaller-00603-g3d3a9c8b89d4 #0
[  337.770487][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  337.791045][   T30] task:kworker/u8:14   state:D stack:21560 pid:6197  tgid:6197  ppid:2      flags:0x00004000
[  337.831740][   T30] Workqueue: events_unbound netfs_write_collection_worker
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  337.841517][   T30] Call Trace:
[  337.884748][   T30]  <TASK>
[  337.887861][   T30]  __schedule+0x1850/0x4c30
[  337.971665][   T30]  ? __pfx___schedule+0x10/0x10
[  337.976621][   T30]  ? __pfx_lock_release+0x10/0x10
[  338.314948][   T30]  ? schedule+0x90/0x320
[  338.384227][ T5840] Bluetooth: hci8: command tx timeout
[  338.420836][   T30]  ? wq_worker_sleeping+0x66/0x240
[  338.783591][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  338.789628][   T30]  ? schedule+0x90/0x320
[  338.844993][   T30]  schedule+0x14b/0x320
[  338.849304][   T30]  bit_wait+0x12/0xd0
[  338.861998][   T30]  __wait_on_bit+0xb2/0x2f0
[  338.866701][   T30]  ? __pfx_bit_wait+0x10/0x10
[  338.871482][   T30]  out_of_line_wait_on_bit+0x1d5/0x260
[  338.884229][   T30]  ? __pfx_bit_wait+0x10/0x10
[  338.889130][   T30]  ? __pfx_out_of_line_wait_on_bit+0x10/0x10
[  338.895363][   T30]  ? __pfx_wake_bit_function+0x10/0x10
[  338.900937][   T30]  netfs_retry_writes+0x16e/0x19b0
[  338.906262][   T30]  ? __pfx_validate_chain+0x10/0x10
[  338.911885][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  338.917617][   T30]  ? stack_trace_save+0x118/0x1d0
[  338.922979][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  338.928661][   T30]  ? __pfx_netfs_retry_writes+0x10/0x10
[  338.934318][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  338.939959][   T30]  ? lockdep_unlock+0x16a/0x300
[  338.948651][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  338.954584][   T30]  netfs_write_collection_worker+0x2f90/0x3bb0
[  338.960832][   T30]  ? process_scheduled_works+0x976/0x1840
[  338.966748][   T30]  process_scheduled_works+0xa68/0x1840
[  338.972408][   T30]  ? __pfx_process_scheduled_works+0x10/0x10
[  338.978514][   T30]  ? assign_work+0x364/0x3d0
[  338.985502][   T30]  worker_thread+0x870/0xd30
[  338.990240][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  338.996111][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  339.002439][   T30]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  339.008387][   T30]  ? __kthread_parkme+0x169/0x1d0
[  339.015374][   T30]  ? __pfx_worker_thread+0x10/0x10
[  339.020709][   T30]  kthread+0x2f2/0x390
[  339.025181][   T30]  ? __pfx_worker_thread+0x10/0x10
[  339.030334][   T30]  ? __pfx_kthread+0x10/0x10
[  339.035134][   T30]  ret_from_fork+0x4d/0x80
[  339.039574][   T30]  ? __pfx_kthread+0x10/0x10
[  339.044334][   T30]  ret_from_fork_asm+0x1a/0x30
[  339.050290][   T30]  </TASK>
[  339.053543][   T30] INFO: task syz.5.231:6849 blocked for more than 145 seconds.
[  339.061186][   T30]       Not tainted 6.13.0-syzkaller-00603-g3d3a9c8b89d4 #0
[  339.068656][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  339.077476][   T30] task:syz.5.231       state:D stack:24912 pid:6849  tgid:6848  ppid:5830   flags:0x00004006
[  339.087732][   T30] Call Trace:
[  339.091008][   T30]  <TASK>
[  339.094831][   T30]  __schedule+0x1850/0x4c30
[  339.099410][   T30]  ? __pfx___schedule+0x10/0x10
[  339.104436][   T30]  ? __pfx_lock_release+0x10/0x10
[  339.109487][   T30]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[  339.115519][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  339.121178][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  339.126971][   T30]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  339.132982][   T30]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  339.139345][   T30]  ? schedule+0x90/0x320
[  339.143732][   T30]  schedule+0x14b/0x320
[  339.147930][   T30]  schedule_preempt_disabled+0x13/0x30
[  339.155457][   T30]  __mutex_lock+0x7e7/0xee0
[  339.160040][   T30]  ? __mutex_lock+0x5ef/0xee0
[  339.164887][   T30]  ? netfs_writepages+0x12b/0x9e0
[  339.169959][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  339.175110][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  339.180859][   T30]  netfs_writepages+0x12b/0x9e0
[  339.185792][   T30]  ? mark_lock+0x9a/0x360
[  339.190149][   T30]  ? __pfx_lock_release+0x10/0x10
[  339.195285][   T30]  ? __lock_acquire+0x1397/0x2100
[  339.200333][   T30]  ? __pfx_netfs_writepages+0x10/0x10
[  339.205886][   T30]  ? __pfx_netfs_writepages+0x10/0x10
[  339.211291][   T30]  do_writepages+0x361/0x880
[  339.216674][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  339.222449][   T30]  ? __pfx_do_writepages+0x10/0x10
[  339.227619][   T30]  ? filemap_fdatawrite+0x1e8/0x2a0
[  339.232925][   T30]  ? do_raw_spin_lock+0x14f/0x370
[  339.237964][   T30]  ? __pfx_lock_release+0x10/0x10
[  339.243114][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  339.248774][   T30]  ? do_raw_spin_unlock+0x13c/0x8b0
[  339.255318][   T30]  ? wbc_attach_and_unlock_inode+0x561/0x580
[  339.261357][   T30]  filemap_fdatawrite+0x1f3/0x2a0
[  339.266507][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  339.272410][   T30]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  339.278006][   T30]  ? kmem_cache_free+0x30e/0x410
[  339.283141][   T30]  ? __pfx_ima_file_free+0x10/0x10
[  339.288287][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  339.294114][   T30]  v9fs_dir_release+0x151/0x560
[  339.298985][   T30]  ? __pfx___might_resched+0x10/0x10
[  339.304371][   T30]  ? __pfx_v9fs_dir_release+0x10/0x10
[  339.309768][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  339.315884][   T30]  ? __pfx_call_rcu+0x10/0x10
[  339.320707][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  339.326531][   T30]  ? evm_file_release+0x105/0x1e0
[  339.331684][   T30]  ? __pfx_v9fs_dir_release+0x10/0x10
[  339.337112][   T30]  __fput+0x23e/0xa50
[  339.341140][   T30]  task_work_run+0x251/0x310
[  339.346302][   T30]  ? __phys_addr+0xba/0x170
[  339.350846][   T30]  ? __pfx_task_work_run+0x10/0x10
[  339.357259][   T30]  ? task_work_add+0x321/0x490
[  339.362129][   T30]  get_signal+0x15f7/0x1750
[  339.366692][   T30]  ? fput+0x1fa/0x290
[  339.370715][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  339.376480][   T30]  ? __pfx_get_signal+0x10/0x10
[  339.381399][   T30]  arch_do_signal_or_restart+0x96/0x860
[  339.396390][   T30]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  339.402729][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  339.408772][   T30]  ? syscall_exit_to_user_mode+0xa3/0x340
[  339.414633][   T30]  syscall_exit_to_user_mode+0xce/0x340
[  339.420219][   T30]  do_syscall_64+0x100/0x230
[  339.424972][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  339.430900][   T30] RIP: 0033:0x7f86ebb85d29
[  339.435409][   T30] RSP: 002b:00007f86ec8f1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  339.444034][   T30] RAX: 0000000000140000 RBX: 00007f86ebd75fa0 RCX: 00007f86ebb85d29
[  339.452140][   T30] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000007
[  339.461426][   T30] RBP: 00007f86ebc01b08 R08: 0000000000000000 R09: 0000000000000000
[  339.469498][   T30] R10: 000000007ffff000 R11: 0000000000000246 R12: 0000000000000000
[  339.477624][   T30] R13: 0000000000000000 R14: 00007f86ebd75fa0 R15: 00007ffdf5336c88
[  339.485692][   T30]  </TASK>
[  339.488810][   T30] 
[  339.488810][   T30] Showing all locks held in the system:
[  339.506032][ T2991] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  339.549954][ T2991] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  339.569801][ T2991] bond0 (unregistering): Released all slaves
[  339.592324][ T8018] bridge0: port 2(bridge_slave_1) entered blocking state
[  339.599472][ T8018] bridge0: port 2(bridge_slave_1) entered disabled state
[  339.614242][   T30] 3 locks held by kworker/u8:1/12:
[  339.619388][   T30]  #0: ffff88801ac81148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1840
[  339.644815][ T8018] bridge_slave_1: entered allmulticast mode
[  339.665838][ T8018] bridge_slave_1: entered promiscuous mode
[  339.671975][   T30]  #1: ffffc90000117d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1840
[  339.699124][   T30]  #2: ffffffff8fcc0188 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0xe/0x60
[  339.714885][   T30] 1 lock held by khungtaskd/30:
[  339.719772][   T30]  #0: ffffffff8e937da0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x55/0x2a0
[  339.732212][   T30] 3 locks held by kworker/u8:5/988:
[  339.737458][   T30]  #0: ffff88814d923948 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1840
[  339.749325][   T30]  #1: ffffc90003bdfd00 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1840
[  339.762589][   T30]  #2: ffffffff8fcc0188 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_dad_work+0xd0/0x16f0
[  339.772866][   T30] 2 locks held by kworker/u8:6/1098:
[  339.778186][   T30]  #0: ffff88801ac81148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1840
[  339.790067][   T30]  #1: ffffc90003eefd00 ((work_completion)(&rreq->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1840
[  339.803588][   T30] 4 locks held by kworker/u8:8/2991:
[  339.808899][   T30]  #0: ffff88801baed948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1840
[  339.820068][   T30]  #1: ffffc9000bdd7d00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1840
[  339.830847][   T30]  #2: ffffffff8fcb3cd0 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0x16a/0xd50
[  339.842574][   T30]  #3: ffffffff8e93d180 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x530
[  339.852647][   T30] 2 locks held by dhcpcd/5492:
[  339.857446][   T30]  #0: ffffffff8fca5848 (vlan_ioctl_mutex){+.+.}-{4:4}, at: sock_ioctl+0x661/0x8e0
[  339.866885][   T30]  #1: ffffffff8fcc0188 (rtnl_mutex){+.+.}-{4:4}, at: vlan_ioctl_handler+0x112/0x9d0
[  339.876939][   T30] 2 locks held by getty/5586:
[  339.881950][   T30]  #0: ffff88814f0480a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  339.891852][   T30]  #1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x6a6/0x1e00
[  339.902358][   T30] 2 locks held by kworker/1:3/5896:
[  339.907587][   T30]  #0: ffff88801ac78948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1840
[  339.919049][   T30]  #1: ffffc90004c0fd00 (free_ipc_work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1840
[  339.929474][   T30] 3 locks held by kworker/1:5/5898:
[  339.934718][   T30]  #0: ffff88801ac78948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1840
[  339.945890][   T30]  #1: ffffc90004c2fd00 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1840
[  339.957805][   T30]  #2: ffffffff8fcc0188 (rtnl_mutex){+.+.}-{4:4}, at: switchdev_deferred_process_work+0xe/0x20
[  339.968352][   T30] 2 locks held by kworker/u8:11/6016:
[  339.974248][   T30] 2 locks held by kworker/u8:14/6197:
[  339.979636][   T30]  #0: ffff88801ac81148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1840
[  339.993515][   T30]  #1: ffffc900033e7d00 ((work_completion)(&rreq->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1840
[  340.005461][   T30] 1 lock held by syz.5.231/6849:
[  340.010419][   T30]  #0: ffff88807c380500 (&ctx->wb_lock){+.+.}-{4:4}, at: netfs_writepages+0x12b/0x9e0
[  340.020104][   T30] 3 locks held by syz.5.231/6850:
[  340.025522][   T30]  #0: ffff88807d684420 (sb_writers#22){.+.+}-{0:0}, at: mnt_want_write+0x3f/0x90
[  340.034992][   T30]  #1: ffff88807c380148 (&sb->s_type->i_mutex_key#31){++++}-{4:4}, at: vfs_utimes+0x44d/0x770
[  340.045422][   T30]  #2: ffff88807c380500 (&ctx->wb_lock){+.+.}-{4:4}, at: netfs_writepages+0xcf/0x9e0
[  340.055053][   T30] 1 lock held by syz-executor/7720:
[  340.060265][   T30]  #0: ffffffff8fcc0188 (rtnl_mutex){+.+.}-{4:4}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  340.069912][   T30] 1 lock held by syz-executor/7731:
[  340.075917][   T30]  #0: ffffffff8fcc0188 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x47e/0x1bd0
[  340.085476][   T30] 1 lock held by syz.3.410/7743:
[  340.090443][   T30]  #0: ffff88805a430500 (&ctx->wb_lock){+.+.}-{4:4}, at: netfs_writepages+0x12b/0x9e0
[  340.100123][   T30] 1 lock held by syz.3.410/7746:
[  340.105257][   T30]  #0: ffff88805a430500 (&ctx->wb_lock){+.+.}-{4:4}, at: netfs_writepages+0xcf/0x9e0
[  340.114886][   T30] 1 lock held by syz-executor/7887:
[  340.120095][   T30]  #0: ffffffff8fcc0188 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x47e/0x1bd0
[  340.129681][   T30] 7 locks held by syz-executor/7953:
[  340.135319][   T30]  #0: ffff888034faa420 (sb_writers#8){.+.+}-{0:0}, at: vfs_write+0x225/0xd30
[  340.144594][   T30]  #1: ffff88804d7b4088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x1ea/0x500
[  340.154497][   T30]  #2: ffff888144b30968 (kn->active#49){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x20e/0x500
[  340.164676][   T30]  #3: ffffffff8f56bbc8 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xfc/0x480
[  340.175081][   T30]  #4: ffff88805b1310e8 (&dev->mutex){....}-{4:4}, at: device_release_driver_internal+0xce/0x7c0
[  340.186068][   T30]  #5: ffff88805b132250 (&devlink->lock_key#5){+.+.}-{4:4}, at: nsim_drv_remove+0x50/0x160
[  340.196418][   T30]  #6: ffffffff8e93d2b8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x381/0x830
[  340.207487][   T30] 3 locks held by syz.4.446/8045:
[  340.212600][   T30]  #0: ffff888034414d80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_unregister_dev+0x203/0x510
[  340.222729][   T30]  #1: ffff888034414078 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x5c8/0x11c0
[  340.232587][   T30]  #2: ffffffff8e93d2b8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x451/0x830
[  340.244035][   T30] 
[  340.248800][   T30] =============================================
[  340.248800][   T30] 
[  340.294218][   T30] NMI backtrace for cpu 0
[  340.298788][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.13.0-syzkaller-00603-g3d3a9c8b89d4 #0
[  340.308961][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  340.319037][   T30] Call Trace:
[  340.322330][   T30]  <TASK>
[  340.325448][   T30]  dump_stack_lvl+0x241/0x360
[  340.330177][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  340.335403][   T30]  ? __pfx__printk+0x10/0x10
[  340.340045][   T30]  nmi_cpu_backtrace+0x49c/0x4d0
[  340.345013][   T30]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  340.350492][   T30]  ? _printk+0xd5/0x120
[  340.354675][   T30]  ? __pfx__printk+0x10/0x10
[  340.359277][   T30]  ? __wake_up_klogd+0xcc/0x110
[  340.364140][   T30]  ? __pfx__printk+0x10/0x10
[  340.368829][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  340.374468][   T30]  ? __rcu_read_unlock+0xa1/0x110
[  340.379589][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  340.385579][   T30]  nmi_trigger_cpumask_backtrace+0x198/0x320
[  340.391576][   T30]  watchdog+0xff6/0x1040
[  340.395840][   T30]  ? watchdog+0x1ea/0x1040
[  340.400273][   T30]  ? __pfx_watchdog+0x10/0x10
[  340.404961][   T30]  kthread+0x2f2/0x390
[  340.409043][   T30]  ? __pfx_watchdog+0x10/0x10
[  340.413729][   T30]  ? __pfx_kthread+0x10/0x10
[  340.418333][   T30]  ret_from_fork+0x4d/0x80
[  340.422758][   T30]  ? __pfx_kthread+0x10/0x10
[  340.427617][   T30]  ret_from_fork_asm+0x1a/0x30
[  340.432395][   T30]  </TASK>
[  340.436692][   T30] Sending NMI from CPU 0 to CPUs 1:
[  340.442265][    C1] NMI backtrace for cpu 1
[  340.442280][    C1] CPU: 1 UID: 0 PID: 8018 Comm: syz-executor Not tainted 6.13.0-syzkaller-00603-g3d3a9c8b89d4 #0
[  340.442304][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  340.442318][    C1] RIP: 0010:debug_check_no_obj_freed+0x2cc/0x580
[  340.442358][    C1] Code: 00 00 49 89 c4 49 89 c5 49 c1 ed 03 48 b8 00 00 00 00 00 fc ff df 41 80 7c 05 00 00 74 08 4c 89 e7 e8 48 0a 38 fd 49 8b 04 24 <48> 89 44 24 38 49 8d 5c 24 18 48 89 d8 48 c1 e8 03 48 b9 00 00 00
[  340.442377][    C1] RSP: 0018:ffffc90003d3f6e0 EFLAGS: 00000046
[  340.442402][    C1] RAX: ffff8880591015b0 RBX: 1ffffffff34b5d5f RCX: 0000000000000001
[  340.442418][    C1] RDX: dffffc0000000000 RSI: 0000000000000004 RDI: ffffc90003d3f5c0
[  340.442434][    C1] RBP: ffffc90003d3f838 R08: 0000000000000003 R09: fffff520007a7eb8
[  340.442449][    C1] R10: dffffc0000000000 R11: fffff520007a7eb8 R12: ffff888028a62f18
[  340.442466][    C1] R13: 1ffff1100514c5e3 R14: 0000000000000000 R15: 0000000000000000
[  340.442483][    C1] FS:  0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[  340.442501][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  340.442516][    C1] CR2: 000055c3e5e02b38 CR3: 000000000e736000 CR4: 0000000000350ef0
[  340.442533][    C1] Call Trace:
[  340.442542][    C1]  <NMI>
[  340.442550][    C1]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[  340.442579][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  340.442610][    C1]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  340.442637][    C1]  ? nmi_handle+0x2a/0x5a0
[  340.442675][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  340.442697][    C1]  ? nmi_handle+0x151/0x5a0
[  340.442723][    C1]  ? nmi_handle+0x2a/0x5a0
[  340.442751][    C1]  ? debug_check_no_obj_freed+0x2cc/0x580
[  340.442786][    C1]  ? default_do_nmi+0x63/0x160
[  340.442812][    C1]  ? exc_nmi+0x123/0x1f0
[  340.442837][    C1]  ? end_repeat_nmi+0xf/0x53
[  340.442866][    C1]  ? debug_check_no_obj_freed+0x2cc/0x580
[  340.442902][    C1]  ? debug_check_no_obj_freed+0x2cc/0x580
[  340.442938][    C1]  ? debug_check_no_obj_freed+0x2cc/0x580
[  340.442973][    C1]  </NMI>
[  340.442981][    C1]  <TASK>
[  340.442997][    C1]  ? __pfx_debug_check_no_obj_freed+0x10/0x10
[  340.443035][    C1]  ? page_ext_get+0x20/0x2a0
[  340.443062][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  340.443086][    C1]  ? page_ext_get+0x1d6/0x2a0
[  340.443117][    C1]  free_unref_page+0x4cb/0x1010
[  340.443147][    C1]  vfree+0x1c3/0x360
[  340.443174][    C1]  kcov_close+0x28/0x50
[  340.443201][    C1]  ? __pfx_kcov_close+0x10/0x10
[  340.443226][    C1]  __fput+0x23e/0xa50
[  340.443266][    C1]  task_work_run+0x251/0x310
[  340.443301][    C1]  ? __pfx_task_work_run+0x10/0x10
[  340.443331][    C1]  ? do_exit+0xa25/0x28e0
[  340.443358][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  340.443386][    C1]  ? do_exit+0xa25/0x28e0
[  340.443414][    C1]  do_exit+0xa2a/0x28e0
[  340.443442][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  340.443467][    C1]  ? __pfx_do_exit+0x10/0x10
[  340.443493][    C1]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  340.443518][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  340.443541][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  340.443570][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  340.443596][    C1]  ? _raw_spin_lock_irq+0xdf/0x120
[  340.443628][    C1]  do_group_exit+0x207/0x2c0
[  340.443654][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  340.443681][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  340.443704][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[  340.443737][    C1]  get_signal+0x16b2/0x1750
[  340.443777][    C1]  ? __pfx___sys_sendto+0x10/0x10
[  340.443801][    C1]  ? __pfx_get_signal+0x10/0x10
[  340.443840][    C1]  arch_do_signal_or_restart+0x96/0x860
[  340.443877][    C1]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  340.443912][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  340.443947][    C1]  ? syscall_exit_to_user_mode+0xa3/0x340
[  340.443981][    C1]  syscall_exit_to_user_mode+0xce/0x340
[  340.444016][    C1]  do_syscall_64+0x100/0x230
[  340.444052][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  340.444086][    C1] RIP: 0033:0x7f9e25d87bbc
[  340.444103][    C1] Code: Unable to access opcode bytes at 0x7f9e25d87b92.
[  340.444114][    C1] RSP: 002b:00007ffdc2b016a0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  340.444136][    C1] RAX: 0000000000000028 RBX: 00007f9e26aa4620 RCX: 00007f9e25d87bbc
[  340.444151][    C1] RDX: 0000000000000028 RSI: 00007f9e26aa4670 RDI: 0000000000000003
[  340.444166][    C1] RBP: 0000000000000000 R08: 00007ffdc2b016f4 R09: 000000000000000c
[  340.444179][    C1] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[  340.444193][    C1] R13: 0000000000000000 R14: 00007f9e26aa4670 R15: 0000000000000000
[  340.444217][    C1]  </TASK>
[  340.914155][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[  340.921063][   T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.13.0-syzkaller-00603-g3d3a9c8b89d4 #0
[  340.931237][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  340.941307][   T30] Call Trace:
[  340.944615][   T30]  <TASK>
[  340.947558][   T30]  dump_stack_lvl+0x241/0x360
[  340.952275][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  340.957507][   T30]  ? __pfx__printk+0x10/0x10
[  340.962124][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  340.968136][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  340.973787][   T30]  ? vscnprintf+0x5d/0x90
[  340.978166][   T30]  panic+0x349/0x880
[  340.982165][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  340.987806][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  340.993975][   T30]  ? __pfx_panic+0x10/0x10
[  340.998406][   T30]  ? tick_nohz_tick_stopped+0x82/0xb0
[  341.003802][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  341.009442][   T30]  ? __irq_work_queue_local+0x137/0x410
[  341.014997][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  341.020636][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[  341.026067][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  341.032236][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d4/0x320
[  341.038402][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  341.044040][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d9/0x320
[  341.050207][   T30]  watchdog+0x1035/0x1040
[  341.054549][   T30]  ? watchdog+0x1ea/0x1040
[  341.058980][   T30]  ? __pfx_watchdog+0x10/0x10
[  341.063667][   T30]  kthread+0x2f2/0x390
[  341.067745][   T30]  ? __pfx_watchdog+0x10/0x10
[  341.072429][   T30]  ? __pfx_kthread+0x10/0x10
[  341.077029][   T30]  ret_from_fork+0x4d/0x80
[  341.081448][   T30]  ? __pfx_kthread+0x10/0x10
[  341.086049][   T30]  ret_from_fork_asm+0x1a/0x30
[  341.090831][   T30]  </TASK>
[  341.094093][   T30] Kernel Offset: disabled
[  341.098420][   T30] Rebooting in 86400 seconds..