last executing test programs:

13.471190953s ago: executing program 1 (id=1035):
fallocate(0xffffffffffffffff, 0x0, 0x400000000000000, 0x20007)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x275a, 0x0)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'veth1_to_bridge\x00', <r1=>0x0})
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_inet6_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000100)={@local, 0x0, r1})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_inet6_SIOCADDRT(r3, 0x890b, &(0x7f0000000140)={@mcast2, @mcast1, @private2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa0022})
ioctl$sock_inet6_SIOCADDRT(r3, 0x890b, &(0x7f0000000240)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @remote, @dev={0xfe, 0x80, '\x00', 0xe}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4400046, r1})
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_inet_SIOCSIFFLAGS(r4, 0x8914, &(0x7f0000000100)={'veth1_to_bridge\x00', 0x118})

13.247904921s ago: executing program 1 (id=1037):
openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000100), 0xfecc)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
r2 = eventfd(0x0)
ioctl$VHOST_SET_LOG_BASE(r1, 0x4008af04, &(0x7f0000000500)=&(0x7f0000000240))
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000540)={0x0, 0x0, 0x0, &(0x7f00000002c0)=""/138, 0x0})
ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000740)=r2)
ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000040)={0x1, r2})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000ac0))
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000000)=0x20000)
preadv(0xffffffffffffffff, &(0x7f00000001c0), 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000e, 0x20c44fb6edc09a38, r0, 0xe1cdc000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)

12.651257012s ago: executing program 4 (id=1041):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000240)={0xc, 0x0, <r2=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000280)={0x28, 0x2, r2, 0x0, &(0x7f00007ff000/0x800000)=nil, 0x800000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f0000000400)={0x48, 0x5, 0x0, 0x0, <r3=>0xffffffffffffffff, 0x1})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r1, 0x3ba0, &(0x7f0000000680)={0x8a, 0x7, r3, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x749bc})

12.31345569s ago: executing program 4 (id=1042):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x1c0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file0/file0\x00', 0x0, 0x2004c0a, &(0x7f00000000c0)={[{@grpquota_inode_hardlimit={'grpquota_inode_hardlimit', 0x3d, [0x30]}}]})

12.264977283s ago: executing program 3 (id=1043):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f00000003c0)=@filter={'filter\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="00000000000000000000000000000000000000100000000000000000000000000000002000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0100000003000000000000000000697036677265300000000000000000007465616d30000000000000000000000076657468305f746f5f626f6e6400000076657468305f746f5f626f6e64000000aaaaaaaaaa0000000000000024ffffffffff0000000000000000f0000000f0000000200100006c696d697400000000000000000000000000000000000000000000000000000020000000000000000000f4bd5979a5172e0700000000000000000000000000000000000000000000636c757374657200006db693c555d12b0101000000000000000000000000000010000000000000000000000000000000000000000000000041554449540000000000000000000000000000000000000000000000000000000800000000000000004493000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000feffffff0100000011000000000000000000766c616e3000000000000000000000006c6f0000000000000000000000000000726f736530000000000000000000000062726964676530000000000000000000ffffffffffff000000000000aaaaaaaaaa0000000000000000007000000070000000a000000041554449540000000000000000000000000000000000000000000000000000000800"/592]}, 0x2c8)
syz_emit_ethernet(0x3e, &(0x7f0000000940)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x19}, @void, {@ipv6={0x86dd, @generic={0x4, 0x6, "cfc2b8", 0x8, 0x1, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, {[@srh={0x1, 0x0, 0x4, 0x0, 0xba, 0x28, 0x200}]}}}}}, 0x0)

12.135470238s ago: executing program 4 (id=1045):
semget(0x2, 0x1, 0x52c)
r0 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
recvmmsg(r0, &(0x7f000000a900)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, 0x0, 0x0)

12.094857843s ago: executing program 3 (id=1046):
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x34324152, 0x0, 0xb}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000001240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)={0x48, 0x2, 0x6, 0x301, 0xa, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x1}]}, 0x48}, 0x1, 0x0, 0x0, 0x40}, 0x24008004)
sendmsg$NFT_BATCH(r1, 0x0, 0x200548d0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
write$binfmt_misc(r1, &(0x7f00000000c0)="87d34d64adcfba62ebda02365be94a453bb40914e7c0e48bea21", 0x1a)
close(r3)

11.169570904s ago: executing program 4 (id=1048):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000001c0)=ANY=[@ANYBLOB], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000001540)={0x24, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x22, 0xf, {[@main=@item_4={0x3, 0x0, 0x0, "a8407a73"}, @local=@item_4={0x3, 0x2, 0x0, "93bf0280"}, @main=@item_4={0x3, 0x0, 0x0, "00000080"}]}}, 0x0}, 0x0)
syz_open_dev$hiddev(&(0x7f0000000100), 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/4\x00')
ioctl$HIDIOCGCOLLECTIONINFO(r1, 0xc0104811, &(0x7f0000000140)={0x6, 0xfffffffc, 0x0, 0x1})

10.809153743s ago: executing program 3 (id=1049):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
add_key$user(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpu.stat\x00', 0x26e1, 0x0)
close(r4)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000001dc0))
ioctl$SIOCSIFHWADDR(r4, 0x8b19, &(0x7f0000000000)={'wlan0\x00', @random="7cf1e97c9e4f"})
r5 = accept4(r3, &(0x7f0000000300)=@nl=@proc, &(0x7f0000000380)=0x80, 0xc00)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r5, 0x89f1, &(0x7f0000000180)={'syztnl2\x00', &(0x7f00000000c0)={'syztnl2\x00', 0x0, 0x2f, 0xde, 0xf8, 0x10000100, 0x16, @private1, @remote, 0x40, 0x10, 0x0, 0x81}})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)

10.015732978s ago: executing program 0 (id=1050):
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
setrlimit(0x0, &(0x7f0000000280)={0x89c})
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000840)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x3, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000095000000000009f95cb9450000"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r4 = openat$dir(0xffffff9c, &(0x7f0000000380)='./file0\x00', 0x64a4c1, 0x0)
renameat2(r4, &(0x7f00000003c0)='./file0/file0\x00', 0xffffffffffffffff, 0x0, 0x5)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000800)={'syz1\x00', {}, 0x23, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x800200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x8000], [0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x4], [0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc]}, 0x45c)
r5 = eventfd(0x0)
r6 = epoll_create(0x80)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x300, r5, &(0x7f0000000080)={0x10000000})
ioctl$UI_DEV_CREATE(0xffffffffffffffff, 0x5501)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x3, 0xe, &(0x7f00000021c0)=ANY=[@ANYBLOB="b700000060000000bca3000000000000240300001afeffff620af0fff8ffffff69a4f0ff000000001f030000000000002e0a0200000000002604fdffffff000a61140800000000001d430000000000007a0a00fe0000001f6114040000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19b0161e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba3a54f0c33d39000d06a59ff616236fd9aa58f0177184b6a89adaf17b0a6041bdef728f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652db036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101ab062cd54e67051d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5901a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab51380d7b4ead35a385e0b4a26b702396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb1188883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcc536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d648532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0900000000000000ff0f4000000000f00700e89a56fe8e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fcdb4c1011e32f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a033a2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963342aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2869291b7d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ecab5d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068c5adfcb0d7fd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf799b3746979f99f6a1527f004f37e84fb478199dc1020f4beb98b8074bf7df8b5e783637daf121f175a81cffff4ac55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d54abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a274000000000000000000000000000000000000000000000009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4120260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c940000002b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb3928143be1c1023a375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d3b332240d450fdb0a9a69f432e277f3a0386eb2bd1305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07e18b04273bd4075ea38ab463bfa6a0d213c3ffad44d2a376def42e41e9fc3167a257e040fa7cf32c221aaac6cfdeb33c27500001a0000000000000000000017350000c11ae694b0f7a4f9c2f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d10522a7a945b93fb705b95b6aae27a8fab1e6984c8bdc12360627137ab6737b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481ffe46a4ce86be0b1f8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0b74903580ac987fd637c80d6c7d0de4614195e40d797c0348dd70f36a220e8b3710fb5358c27e90793bcb9ee6319342c4b239ca8cbc6fc83d32e6eb62ad92e43991f2447be9c2a1ae1119eafb901a43d57e885116d19aa152bfb89f8d0b2516f80120a1cddff771657f3d0288ec3899f1e3ba0151c4037148fb479de703fd52b6573349c28d1b107d859b4961324c17756dde99de1924a1d2b7095d34a55060f47f4407d89acf9f285b20c2e6b3d0491d0d3591b0d94713332b6b79c8297117b0d14eff64e0aca8a4b4aa773d8fba1217e9519952419bb9dd998d0ec870ff00b6d556018602738fbc6cec89d6dd13cf55b96f6fe9a137d2d6a56ad78e52c23541320d8579c5ab42bc261a781fd14126c146a0aac4221839a4b9bbf61e4bba695a41e2109eba8e40c370267cc51ffadbd15cafc97a4d3edfdcb9b5729307c6bdaf7b69325fb05fa8a9869de01fdee477d71bf3e36d1d9019edfa27aae24b632f251df210c86a18fae731ecb8b0d48357378caf2b6789509b1bacfd4fa812fc341875cfa5e798bbf59770000000000000000c8a594ea3c3347962d9113b1fecdfad5a8da641053f02e49456f5d21674521e67a5b18ea451eccf69dd6af928d2d68da9304a296c22fdcea26498d26229110b1aade386b113045033a6188d56e675564d8cb8d5b40114b0f5bf15dd64c9ece60b8588ee8777d0ea8f4713b2584e6c7d90f9e93348e17723ba9ab8ae790f74cc41ae5795d35f3cec40dff485d2802c08611454d9ea784a205bcc07ec26f906f3cf45bb37014ab6f22af6213618e242b283ea9d3f0677ee598072ec06f7170009d92bb7eddd12c378dfd3e74ec056ee83eef666423d934fc5908c9ff98715218a5964f1e00000000426ac9588e27aefe307f49662990ee823568bbc2f89596ced7c6c52d76b8096f1848410843b93fd404f535be474f456778b5ef85abb8fc2336abd5ea64a6efea8a5aca0015499b88ae780a7bae4df603bd3c72808cf300440b1b638a6640f7de8d0d82f386c4dd317e11c1e89fac1fa9bceb50fad686ffbb5f7d79565271add99821c3601653bf6d4091ce8e0af3ab3a82a2735abb21d675d21f0a65caeb3213db39c9d55a35c1d588a732ee0b3d3a09c7786bc50b014802027d1da4a2a0fde4672d8dccd9fa000000000000697d1f90ddf1f320292d9fa4d81dc97f9fd7088d29edb2473b5284227936edf9f00b6deddc45841b6c54cd3741c95fe628f31ae0bf7619817735688fa26ce52c368e5ac02bdd46f10eae05da628e8d"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff97, 0x10, &(0x7f00000000c0), 0xffffffffffffffc2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

9.850533689s ago: executing program 3 (id=1051):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000240)={0xc, 0x0, <r2=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000280)={0x28, 0x2, r2, 0x0, &(0x7f00007ff000/0x800000)=nil, 0x800000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f0000000400)={0x48, 0x5, 0x0, 0x0, <r3=>0xffffffffffffffff, 0x1})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r1, 0x3ba0, &(0x7f0000000680)={0x8a, 0x7, r3, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x749bc})

9.318941367s ago: executing program 1 (id=1052):
setsockopt$MRT6_TABLE(0xffffffffffffffff, 0x29, 0xcf, &(0x7f0000000280)=0xff, 0x4)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x38, r3, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x24, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1=0xac1414aa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}]}]}, 0x38}}, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x20010004, 0x0, 0x0)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x9)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r4, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r5, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000980)=ANY=[@ANYBLOB="84000000", @ANYRES16=r6, @ANYBLOB="010000000000fbdbdf25010000000800020000000000050005000000000008000300010000004800018005000200200000000600010002000000080006000a000000080003"], 0x84}}, 0x0)

9.303513325s ago: executing program 3 (id=1053):
r0 = socket(0x10, 0x3, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000540)='memory.swap.current\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000000), 0x208e24b)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000580)=ANY=[@ANYBLOB="12013f00000000407f04ffff0000000000010902"], 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0)
getsockname$packet(r0, 0x0, &(0x7f0000000200))

9.071764781s ago: executing program 0 (id=1054):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
mkdir(0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bd2)
r0 = getpgid(0xffffffffffffffff)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(r0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
pipe2$9p(0x0, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, 0x0, 0x0)
getsockopt$IP_VS_SO_GET_SERVICE(r2, 0x0, 0x483, 0x0, &(0x7f0000000180))
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x2000000, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{}, &(0x7f0000000080), 0x0}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f0000000140)=@raw={'raw\x00', 0x8, 0x3, 0x3f8, 0x1c0, 0x43, 0xa0, 0x0, 0x98, 0x360, 0x178, 0x178, 0x360, 0x178, 0x49, 0x0, {[{{@ip={@empty=0x5107, @multicast2, 0x0, 0x0, 'veth0_to_bond\x00', 'ip6erspan0\x00'}, 0x12a, 0x1a0, 0x1c0, 0x0, {0x0, 0x7a010000}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x8, 0x0, 'syz0\x00'}}, @common=@unspec=@connbytes={{0x38}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0x168, 0x1a0, 0x0, {}, [@common=@unspec=@connbytes={{0x38}}, @common=@unspec=@conntrack2={{0xc0}, {{@ipv4=@multicast1, [], @ipv6=@loopback, [], @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}, [], @ipv4=@multicast1}}}]}, @common=@inet=@SET3={0x38}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x468)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'ip6gretap0\x00'})
getsockopt$inet_IP_IPSEC_POLICY(r2, 0x0, 0x10, &(0x7f00000005c0)={{{@in=@private, @in=@multicast1}}, {{@in=@remote}, 0x0, @in6=@dev}}, &(0x7f0000000000)=0xe8)
socket(0xa, 0x2, 0x0)

8.677733488s ago: executing program 0 (id=1055):
socket$inet_smc(0x2b, 0x1, 0x0)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x6000}})
read$FUSE(r0, &(0x7f00000021c0)={0x2020}, 0x2020)
syz_fuse_handle_req(r0, 0x0, 0x0, 0x0)
write$FUSE_INIT(r0, 0x0, 0x0)
syz_fuse_handle_req(r0, &(0x7f0000008400)="44ea07862a07eefa4de37092cf4356f54454db90301c4d373d57166f794f169d63344840a37048638ffd5e30beade3fd768b18191001eb890277fad8bdfe3742686deeb34395963bcf7a870addd76c80aba9f771ebdf410c7d7542fc2b6ae9a458d79457755d94ba8a3248b01a2293d8a70e60815b90297002652966a6b836065bcae0b44f4b26be93dec3cd4cdcbbc84c5b916a1b0d8313340675d67fb0c785d0307f95e426546c9a4d0161a8f52b02b95f4da53ced705a658722091864d74ac0a3a5f3853a0ad71ddb29835680ca9ff30531f8df0f0ac66f7f1433c33d75fa8f0f022b175df093648a81af5ed701b2e7a14199c83b539e763dbe7228f2e184a02becd41bae305d3f34c72e8db93dd214ec203eee6e6dab26b41848c95fe1ece8ca157a90bb7a990dac5f3c64cf49c5c5aa8414b9153f82eca9df88d90a8d6c0e72eacd52f82939d46d41e0f5ccf708c03fccecea467f33f5a49888514787e42c0a12255bca89e82344ab01ac3b6c6158e3c1b34ad953eaf55f3a2c487efd9423a542e41dbd0058aa021cb6fdc5df88f807033edd31abaf5ff7e6a9578d2be6a2d925d98108fda2a7e56a0bbcdce0689fa9e2111b0be8f3e2807f7f3728489917a031f2187ad98a744f19851687adf59a4b4c328ad5c4f2eaa0d112041369319f6d3f928c22d05f9fd68b5c268da5e2f433d651bc602a65ee83752c0c92f7e29002faf9475fbb57788d725f6f8fd495a58d88d55ab8467a85d1f41db5964a19bdd45377c7c8c792de5e76e87da9296ff90e7fa9e57f09358d998c8779bb2348d651808e969e960763c5231c65a06ee16979f4d990dbe7e10b3a2392dfd6483bf2c7c5f6f3d941cc17663668cca83dcc38089b4342a801c74039b32550c2d9cf95a0236523933ce3e7538ff9da2b7b741f3cbf53e6084702d0a5dadab4350848f6e7ba46d4736c7a2ae702c480c30dd78f994a10b9c3157a17e9e29576a68139403300586eb0c673252a319aa1cb01efa777228d8242ebdbef9db5c03e4c8e09bf7a009b7eb19357d1ad6d1defc0dbb58c31d85b9f1035056615ad0b0ded12751273c8bb7810ccc5b2efe51d223894b141dda837e6b7ba21de9a978ac447d995394b800e1065906455af544b9d7f353d1eefcd3387d18e3611f3913926f3a4b87efb3a9707d6136dc00e49ea5e7a6d0bea17eb49cae93c0c4422374b0f46250e0d554e1087c1392716d368b04b1da85d271206b465608468802fae00c7ad9425974d822cffbc420e739f7617f59a879f791ab5dd7a6215298cc7dc6904679889e60a09114b0f421b6f1286d0a6ab3dc887c2d3a48d53a7611ec270530b07a83ae1a2bfa6da42ab38bec3eb8ed1e207d91c02e74a31c29abbd25f5779189f5f2494ea5c3f4b829b96de0c54b3851dd58610c2b9ddcc2960f34fb857c5ab1aa67e8eb10a59639db2ddebd0206ae7ee56b21ef484e3c66003af46326f1c456ad2ab5273d0c0b2bf412f71f820ae12723c74e1857e0ae3d5587a0427c1595e06b1d5ab5e815a5558302e0d9c50b8c6cbd599eb554df6f7323b01f1353b557c565dfe0de51032a88541b49ab682a7dbe4dccb9b952ba9c9ce3bbff80af01e47953666327b8acd7d2cf363c6f7172caaf01d8e3417f768ab08f2cfa7ff26efd219e25ef0f9a84c7b116978eeafe3410972490203dbe49aec33f14d5592a466a6efe630904db9c77ece20bec7552b3dfb48d4e0427ce5024fdc0aec7271e93c51aab19d7a40670add6ea5820f625831a593137f60543e424892856b3bb9e608e88e65cc6dca098d5139a38ada517cd788b9f13618d9c2c31d7918cac6cd669710692797e61f4df3938dd429d977cc11e7465a7a23740052039d9b31cd26b95efba17bfcefe121fcbb762d29287145b11a3abb3e0683b9216a8b5d9744baa75da5d840e70cb310c507c4f7eef1d6535d8e11079edcb51df7ea63a7204e314147eeb57916171ca33c0f5932916e4d568d9e7dd3555500ae119f0c63045658303e1f4ea99c896eaeff3ebf76b2def0ea856a3f24cd76dc437236b71dad9a26fbf3882e81565851eb6c5b265a0721be43f0844f4d0e4296011e280236a0ed7656f2eb906e6b2ec4a8e5bf91eb7e8be889ded6d8492bb72f1de26cf3973249ebcb5c993d1dfa896a658a528aadf57dc28a8db32656ed8e416f96e1f89ac24d4ba587df31f3d2d8d7809d06c8b2d68eb15b377918424499cd6a7fb62e49a78831f0e4b1476bef657fb34bd59e34793d21da3f7bd0278bbea8beed261c697ce17f36f1cbc1b94aef11dd1dbf1c68496765258f4cfc8b5fdc9197d7260b733d2061f399c861bc5912ac76cfb62b9218196fe054b92a295a9b9526871167d436b830a7b4944f527fb4d75a036acf3a71a1a710f609f4e794f1d764a5317ac067e8194666dbc73e32b2870eecf8776bb7641dcdd6d764f91dec83fbb53a97e6531211dd8b86bbb57f8acd637f4b1b66fd9705a200e3081ea382262d54edb161927eb1d85cf7b9373a24607c99f3d66b85e22d2cd5cfe24020d56e0552bd43d803882128317d9a56e63a4808ed6401b662187888a0d0b311364fbddad07911b5244877eeace22ab5bd8501d748ed5cb05809e1639678c4c6cc43a3c2fcdd5b0970332429c3cde09d9556c8360f26caa744ce5e57bfaabcf7d124b2d4fa97d7e72f16cdfc35f87493717e2a852b64fa344db5ec72dbdf22dbdfcd12ff796d515d5f3fd3cddbf53426183bbd92e2fd3e91fca8fee1c1ef4f8d59036df9c48fc7677f2c4905b6cf4adcf448029c6c6a2968b13e3b77d578e2661ae7d07ef84fa098bae9a564bc8c507a103990c00a0e6d2854a1689f7b095a100b7f38df028baf20bd56c843c24f8ca4a81130256b13636440836837429c1c86ae1668d3b250108406acdd21b40450399872c1da6178184bf9c2cc11ad80caa9997d3c6631f09ba2a4d96e6b74313f1e40fbf8a29962648f400dd256c4852c556deca2e3443b858efa43d53efcd496bf5037a82e14868b508632bdb2dde924ce2cd6c65f1708c18cf49073e536f09e8fcfa9a44fdbc349ae75e17205754d3bb82d3ee8a93c59aea1bd7ea6d124224b11405f815ed518a1cb9a80191249ac1cc0e5c1f9aab8fe67bb737cdfefac82a89a7d6ae08bb9e1f710cee451d851b35ba9b886dfd9c277dd67891331d43f36353c78c65e9f3524e1b9b229c9f91de7b5ab16a66017d171e2a4e185481d33cb5bd9c5e3d93c49d2c620c16467bf4db73621957f76d656e6d4cb4d59cacf1209da4e39352554cc2abcc8e82379b4f819fd6d261c6d7615f85f6c5d0b9f57976836493367e1bbb14c57983aa97c6e4e7c4fe2a166284c904ac4f70ef2e52e4e7dbd677ace683cd61aa60b702770aa0ddf14b694bf3cfaeb585f8fd8a85bee2f78400a0874dfb4c319be24a46d1914b6e902d5de8d8375c9ec786ef6eccf1ee7a003f83d2e163097980a06ab9fe23c4ae8e91755e4217d3c302111febfa9dce02a49b217aef709d183a5ab8ad1d39e9a697a79be303fdb2290c827279ce187d1c647cc28e20c0b3ebcab2b1c75850db46211150a8bc5d80d868141f885f7a5ef520ecee6d33842141003df4ce066090c8359b5dc32dd9ecb1039454d0b691d8f97932b69981be240804e860a88d1a047f46ff43609b41ea36dc276b28e87364049940ea7b6dc78848221b30dc6aa1b60f17942c96c46e347606d14ef02ed3ebddb20f7f4d28b9460f4af047b772927ca6a046b7de2a21b8ce79eadb74e4825af5e19ac2955999d7304a35851a4b9086ff922da8845da10a55fbb62fd13d98d45f60842d0d6301cd72e7cb97bc84393a414f671e5e0115a6c1c26054a80ddde10e0a83a4ffd123504c881a844bb7187c604f87588dd0d0f11930f9a3cfeb7098f38f84923637f1a9f6b3e3d0899a156d50d7e740b118c4865ec5e69aac247a930007452748bea9af0af511cc1129740510b13f48fe07ef1417ccc765b2cd0138cb51dd71fbdbe967fc321082a9ee4bbd1ea404cb24971de5a1ee7d7993b5d11d67d30e8ba94a9e943852675a07b88a51df6f4abb507cdaee96726023855e4dee6bccb3e26a2a88fb60d812e7856c13af5f4fcb6776ba8e27a35bffc5e46473b31a4b83ea1a3376f4549af87d03102413faccc3fc897ccae95d2700163f1fc5170a643554169018c5cfcf8f50c7981270995d8aaa9f923c0679b258aab60f79111627b71404e1ce8751228972cbb2bebbe25973cf98bf8fe8e63575950a0aaa1ff060f01e96791d128d0b7b40855126ef3910ed7d7a6d9490618da352ad7b889f7d905bca2214224e170f30a088cff91921917c937950926cb11c04fdc6bee776b9abd2aa286ea5074e72756482fcb6a7d072edc075f99e02747ea49a40b26b58118b6692fbe55b09b054a044d1f481173e8923a74806cb770c4c61ffa982077f82bc4db7fee4ae2beed4673e39f5ff0614072a771034174a0f052ce39e27450d18920664e924ee963c9bbc9852fe68f30a199ee4856c1dadc08c061165867438bd3bb73f5a50f5131b7867dc80e0c5d43eae80cc2874d48edc910e7f8f9b73e032a8ccd7c348e84b4179fa101d488c2fc16cdf953e269a9cf13c0dfe575e0da49d7d2c09293296c0232bca9fe0aa8199b21e19746c4783630e432b5c7e1e25864fcd4deae07c2b07782d155fe6e6b5d9eed4beb9db47bae4007753d8be56b10723b5467c64acb0eee4cb9050b4ef2b57b630f4608af96fbe484816454ff385aa3765051408779384c6585f2e24662fcc3008dc17abb07ba9cf96ff4c795c97811e73b06c65e1b5c66c2e1873191d972830b1f53bbfedf8b5e8a64a29fb3b3eca67f1791652f9ac037c2f87c6d1d9d453b12d5d2b0c070a8084aa15505e240bd0c61895383f23f0460027d60dd9efd8539807f717bc353f9b858b9bfd2acecf2190e280faf6a1603566ff8893dba33ad3300e10438241709ba7413fde84810b966b4556f9c8a51aef27f9b9010e7b6208715169a585e42bf3f7333209afb5b19c0de7722004850d53329d93e2e4909eced3da67dd7d2c82a4c9d0d7cb6f5ff7dbf195e8b39ba9cf0c1699ea1f8b6d1293509774ef3bf48597146a60aa5b6eff2bc8a64f9ae9a81becb9c398ab9676d2cecb14d28f819d08050269bb0ca9bcf59d5c9bd2fe2bcdfe82a8f037781c6275c9229b0729cd085e66e2712bdf22009440c4136c2daa54e547386e1acd16a1d30f3d55c1ef0fe10c108210b9d8894d31e5ef17b049106700bae524eef744ef4b3a69e9cfed4efa9b0c9262177f9fe16f5b1fe5bfe5fc6a611e6ffcb9c5f329d4e328cb69912f0dfb7f4a83d326cb20b053653663096870e7ad2753e992dced7405a00a39dc55e652eb6b2e1b1e9782b42f443890c4067b07376c6f0fb2ea6589e04a8eb39a94d913d9f4410d238e6880c167a0a23b266577c41ec3e0f513eb7fc948c12b26ea2646c0481488417d9911a0107ca0ae11c2c4b8c2eefa5144ecf8b149d22abbd26d1b2a3fe51016b9bbfd229c090fc2fbbca4803217c991e36f86d4720b45ae45e6b20f09fcd8e5decd79997e79177bd67de7433282c1d0be5d585a71c873e7171a133d9f5ea35ac0ac5c1a643279ca66a365d278d14eee3ea90961eebb3f6c098c00d051d4716853ec7069be2a4625cef4c0f72abae5309d2709901d05217fc3e52049c4aa16b50121e43ce491d1bc9adb01679ec25ab5009f746170c2517f0072f16c574cb447c6d8ce4a2e45426900463c5303413bf4fe7fd64c273b404cf936068cb3085c3a81b9872ad2cb79aa4c051e7ad97cd4e8c6b94bb0df87e4347ca6f11f155ea265762f81eb0e9fbaf3dc05157eb9f12596ccdf9193018a2226824db6bbebf4e89a070688f698bbf23f30dfb04db7c3d804a7587ad0fd03e68cff7e516e5109e328e1eb3b887a6aced15804f2c898f41c5452e160ca30e35843705c150bad932d2d3fbd791100b1535d9f3306dcf127fa49c1a36b172f46b1fb676ea8783c23edf89b2446560dc1b95b39f80eb9d0994c8dcac9a5a304c554133e1d6ba368468a17312167cda37932cbd4b93c58b7ef772d56d4311182a680e19da6fb938848aad40242856379310b61d6113de6814644092712133823ee2281639b52cec52ab0dbd65ddae631e7113ca75a5476797cde5f5456acbfe63c6ca8b83774690eaca3a019771ca0e742815ca5645418730ee17f52fa2531e5487c10da3ee080acd50fbd19710ed5cb924e28a18985132afbb7d2ff90f6c3855c56970854b9a48ec4f7566d2829e271af3f0ce26742602241fef70461a484499591a9079ed53aed113589fd74918146e1917a063514d7eaa7f4720a386eb2f32b6d35baaa5d36c2013eb405cec607202f19bda80bfeda8005c5d1582208b861437fff41ec0708a6a98f2b4b4463141c1c312a8115509e363a274864898be996176049d5f7e6cba76b3a37c9b2ee9553fc70f79503797464d736d97d0bb4741ea8ad14fde6f18fbb02ae97e5a77bc1527a13f18624927d79aa5b4df2dffde7fb5356e521c7a419209031df8138838151c7e90783c9af133b6961b44f8de89d6348b191cfa6c0ab652746b8582134537727b18c670691f3c1e8ca0e3cefcd26111bef476eb816482b7726399c86cbc98f0f06929c26cf831163bdbe1fa8d8f96a65d3bbb3d37657cec4b77516864cb32404996dae1d0d9f3c12b7f2698f07930b791813b7ccf0f0dcd3320b78833f077ee55aae156af804fa9a15e60c709fb30b06ac092bf97a4fe4732ea7bc93aa73232024c80434b4900cc30de20cbc1ea407746fb186a610fe31635766f5edaa8c9ae974ff8cecc4e7e391a50bdb34ca1dec15e7e8664d7bb59852cfc1fdb361b235c803d70cfc90c229078079619b4a8086a68d420ee1d7fac403b18c7f6aad91612e2f2b9e5e206bf897bd98a3b24a0637e2b986ae7f5d376bd63d63f6c4f151ce7eaa97a30d9d51f1a9207dca6b596831a9b92517b9d5571e72b4a06c07d5ff0d325896a1b32e9fb4f9d67a903946b205fba7beda108fde3fc503c7352c59c03bebc2891007fbe966a0441a7f4bc8320b901563ac8eadba643bdfc1636864d33549a1b9ad3ce01bec94b631ac6f46c453c57c62f2cf0f76d9f1e0731e266311624a138e607e699c91e37a33096117f418b4c92c66d96fa1b1324cfb569e3d558598ee65e69b8e0b9625d551af54a09db8082f2fa9da1386f92245aadaa13bfa3cf5c39fe455180bbb5e2427e4067bd2f5a5c755c31405477ba832dbbdd4af66acc7c11e576f700e24fb4c26160b4443b8c17805238519c7c732df774b92579e02a8da5e9a17e3c20e92afba7fab49000a7b83987ea48d5854a0411615462cabd245ab3f49ba375ef179c0a78059ffc14264177a6e45dc5f2fe6c957a313ba9889fef33b788933bb37a17943551db9cd08fd8d823fd0b35110ad589c3bb3af4f69bd1c7c7a3e726f933e4a0cb1209e75ff14910061c3750b9312de42c86838d5c35a681899c25220ea87aff02bf72fdd8745f5d751e6d62861496890c956143c08a222774974789bb46924b68a6e3138ce9dbca622e78c5aeed8215de4ee5c1f8312b6349a91ef1e210f18522b7a644700e90eff995e950c8eda05d0bb8e799ef32a7ddb8a87b4120a798a3f87cc78b6db0c7947b4786db1618c523203c097ef3d3dc0f4e1e87d0d597c4eaaac05a033a3fa91309c05cd8c14de649d7dd16d8ed81e5290950f66b66fd519a2a16fc6b3526f97aa1121b4fb52b30640122dfb50ff619fb5c88eb1c4e6ed7f6d09fd29e27b3375a1aad5b09f8175157018467f883ba385208fcd32a50a311b22f7951bd0e912d234364f8590e247dea604872f9bb847bb32b3906339f5698d6e7c0f2a3ed17b194239299091f5ee4ed51c75b76bc949cf05df5dd03cd8a553e7ec81881fdc1e15cef5e72eecd7843a981eff417682604769e302f378ff9519cdbd3ba2bfe50f85a903aa08b900118226889e9bc68124777f6e02fb26fff91d1f31d3828243cc46d4b4fa2965445774e0ddc521fe5fc9626fe3428403e746de0196a45e4ff75c5d6acef57f662faf27294be80fed39778a7585b41178ea38f64893f9a46334af6425a4aa46e25e92b0d77750c6737b237dff19913fd9e69ed92c4b6671b4226776b34ae2468907c654bb0f619b2c9b55920fb99e97bf32212f852b615689f3cf4c03d51d1587455b5720692430fe2684522bfe6dae871aa2ff5f00045861ffcfc219888fef8320bec1307236a7a42dd4a691cb6cd4d8436f31a3f2d642b05946dbfee692aee0da31419f9b8bc0e1dcf89a8ffd7856b21b1180ebc8ad75308b1370b93d680e968bcde7d235f601760a5d181f7b55daf330a001ae1da86c130c76fbd956442b6c705889d665560f8b34663390592d85ddde790e0f4f1f0df09c1c6f95477f9d72dc0894b2efe2c3d162ad80f80cae03a06548014293a02f00d6386723d42ab09052f019a1d71d88a78db27afead58bc516be8d23893f007a17ff47b32777752a15648d0ececd345aee1f36c58abb7efaff5567100c0bfa54f172c862e15872abc9d96cead6688f02ea8466fe1134bd3756c6f0df8903fe7935dbe3e635da368f13a10e3018cfb5557d38f859a983a54d660a02bdb3dac2922e7a37651677bfc664d58df59ea625e8e63ee776bcc2937b921f5544924b75cba04bf3cd0df831938f9e9c79572e8492d884646244990920400192c63e15024e2e1239f41390bf7c0e18f852e23d514256ccb8ccb2726710401c4306657fd75eba94a353987780a6d6219012cfe80858060e37652a84ae89d07f5d651fe82a2a8d0e8568492156713b1f76e89e12f76a0254da7d526df51a089600f5b7559afdc63d4872fe8d6ce00a8d0c9b00db5ee676ae2545e74fb7b39f8345a67913b234cfb4f6e3b4e2b1e1f4f1c7fcce8c09cdeb6a1a21bd2370004e583ef62971aec24ce0c6c049b6a2e22081d36854956a362b6cbad48049d7d5f90134d3e77febf87bf4a32c07cdeb36c9cc56b2b3cc8c8b47879a32ff00f3b2e977cee0acb30fc424dbfe24c88d1a08d047925cd7d65a5834e56db2b3e7e0a23dbf948c799db5a48fd4a5fdea43913b2b2c149ae9a98f452b797b55abe1dd44b30232387f466856d6c38ca735dd6175b455363dbf228ef52e443da22a1ee3a158ee304d9ca63c110a3d19ca3bab6d1745affd81c480ff8bcf5f8f7c1ea6d08a7b3c3958c324d42732711170e19523bd209134674b184d4d442a774e04d6eb4ac89a6d018cf0bb68a73da87abce127e57428cf73a5a551c85ea8c376ae951cb8357506f037d17d163172dc5764682c753050f35c6802fb269d7490b196d57bb8a1ada55da7550f82357320e14cf573ed39860f02a11bdad917b2ba2de885c7ea8b30dd62bdad207dfe10e97c8b71abbc8c5661a4483bb6f9488ada0f5885c471cfc1271b60d54f903317cca28ce977f4444cefac5c2ff233dc872d4e809091f8452de9c774ab3bbebf62de92cd6aa7421a41f7d1dea42e4f94bd3a4869c958f3940a99c88835ed2f4021114b9a5bb17240f468887b213814956f9f5e6344cbae19d8753b97c7ce2e9d0954a30dde23dea2748e1c9514672bf4ea3ec3e348a563d9649899e7227708e2e77d0fc5847dc16b59ac3dea9449c176dea2d2ff6b6af764d28dee5ccfd0dfd6e3100d97040657d7ac5da4032e3b7f6b0cef2ec55a83350c3045abb10200c264e6e68e3e03b68546ae48a538063b86315bb8073103a812717f2d8816534fa98d0e956e0f9a67bcdc522cacefc77b0be71832a69ffb72fa15ca4d8b15f7fe03da0f4b24c5fb68e5f3a2297bb0cb0b7bfdeeec4deb64bf71f57820d62c47276e2780b4341b6bc65ac49be09c94013783455a95de92c11d91b9e921a484ed69532b92e202d684d2293a2666709ee38d2114add4c5337bfeef31d481e12530c5c7e83a6c8aa2f580f6da2d735ee5260cf9a7185eff84eb22d6e0d5ac0e63fe6a3def819274a144be5ab90fa157bb7517a54c208aa82da926d5b09ba649e326a654fe8fa9dd7e6d83b0a66253526e5b5aa03e665f2eb4678e8293110420c9d7556df07c7dd1c3e817a4c7409890c4ff5044ecdb34eb652a4d7e20b4b0d596f46ee3c3dad675e958e91c3b40f2d22e671bae51518443042c529c31e343647d6ddeac7ec370970fcc71a24a0826b58d111e9b776ac0e2fa40b3099298ffd0d1c04d41ee1dd039425f52f9f8057ac1f206203f20e1ae9cbae356518ba2fe9e49b47e36942ed7204f3d7da9e71b8d69df3ae7b2de05a13a879af6a1ea6241c645ed73c139e15060aeab6f423c2180dd101863a24f1688ec1a33edc624c3f5e80a20e4cc5c86ab2c692c2d3d17d8a68bb3924efffb29c9fc3df937526452d82a8ca9a558c75d6b2504df1b66c91823216a1c3b3bc39dee0d22491b9c891b9eea193c8af8a992096d0cd74630f7222e9a3530034a582f40601a694cf1085fda7fb33b07332c6aebfa70e2ebb8d7ccf19a69dfb5e4c166add5e153504eeec92f4ea2fe47f291625e1c470b832a488f884692b8ec49b96df235f193027ed38fb4d8b88ed382825df8ffe5b0c6fab8db3e38d60d467f9da725023deb72c378258e911442afae4db650be3621a033a3b84eee65c4c0664ec6d5771cc138937434a6a361de3dc1c12a2a6735f080e94314ddf291516971af252e3cc56e1c65ba5cf8ac2538878b22034ba458e08db26205608ae941a42a27f2643ded87bde626387c2b791ce57991dd2ba08010237279cac2760e19cab9059b229ea002ce4d3b4afa495230e424752f289003a240f5cafc7a83112636321107918d582fad2606a4319199a06ef2cbeaa3e1a4d8c30501aab796f5cbe15453b61218a396b79c547d15d5c11033b3746b432b426404f7b0421b9daafd9e8558f1901283d58e173c4db0511ee826ddc6363eb51e0837c9be6b2078d808d2c05db7495d29322ee6af68b0d52c45f00a59731c0e5b2608ae046af8bcf830f001ffd2f955ea89bed216e71ccb5b44713e2abf5ee5438d63829c9aea34b57f7ab52b820c24a7e9fa138243e4afb2df93588e805e719c1767146a351debb34678a86dd19f0587af31195460a3aa3e68773859fe13b47b6b31a501b4a25c6660cfc47f3318b33b77b10ed4ba91086482db039a56fbd1490f440a6fbb280b62b6d2333afe1c42c3f16865b9c0e484a4f6f393b8bc34fbba856cc5ffad2fe423e79f691b95e7e0dbdb2b2757d9d4443f9a23a8b1bfdb16f8bffd81b4789f80f1fc4bf751627965755d008d134e2c35da34f54718615e9deaca0685396ae7e58121327e0c0696591f6af93f2999ebd3b4e03cfe2a48b2b94015eb06b2a1031ab5e129b2700648fd62ab75f77734b89abb402282635eee41606eb306619e2dae84488e2aac1df54f78460b36115072a2c28801fc122482f1d46de4b2eec07bbbbcf85f30ffb3829c5d0fdbdf3af8c6322d62f4c55ebe8fd52728e2d5d1a24f096fffcec6ff2e752f75", 0x2000, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e00)={0xa0, 0x0, 0x0, {{0x6, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0xee01}}}}, 0x0})
r1 = syz_io_uring_setup(0xd2, &(0x7f0000000480), &(0x7f0000000040)=<r2=>0x0, &(0x7f0000000080)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r1, 0x47ba, 0x0, 0x0, 0x0, 0x0)

8.583459733s ago: executing program 0 (id=1056):
r0 = syz_io_uring_setup(0x2dd9, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000380), &(0x7f0000000140)=<r1=>0x0)
syz_io_uring_setup(0x5e2, &(0x7f0000000280), &(0x7f0000000040)=<r2=>0x0, &(0x7f0000000180))
syz_io_uring_submit(r2, r1, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x4})
io_uring_enter(r0, 0x4e07, 0x0, 0x0, 0x0, 0x0)

8.483888028s ago: executing program 0 (id=1057):
semget(0x2, 0x1, 0x52c)
r0 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
recvmmsg(r0, &(0x7f000000a900)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, 0x0, 0x0)

8.412720531s ago: executing program 1 (id=1058):
syz_open_dev$ndb(&(0x7f00000004c0), 0x0, 0x88001)
syz_open_dev$ndb(&(0x7f0000000080), 0x0, 0x0)
epoll_create1(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000180)={0x10, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xe, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
userfaultfd(0x1)
socket$inet6_tcp(0xa, 0x1, 0x0)

8.008904864s ago: executing program 4 (id=1059):
r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0xfffffffffffffffc]}, 0x8, 0x80000)
read$snddsp(r0, &(0x7f0000000c80)=""/227, 0xe3)

8.008607606s ago: executing program 1 (id=1060):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x18, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="1800000008000000000000000000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='contention_end\x00', r0}, 0x10)
r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0)=<r2=>0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r3)
sendmsg$NFC_CMD_DEV_UP(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r4, 0x1, 0x0, 0x0, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r2}]}, 0x1c}}, 0x0)

7.910996951s ago: executing program 2 (id=1061):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f00000013c0)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000fdfdfff67a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040000010000400404000001f7ff04b7050000670000006a0a00fe00000000850000000b000000b70000000000000095000000000000009cc6b3fcd62c061c6207005d43a4505f80e39c9f3c530cf08e467b592f868ee3b0a435df0a0e8c1bf176db2a6b2feb4b77d3d5707bfd2d84aaa3b1d4e984c46ea7e2b347a36f5662403e1b2be4284322a4908a0d411a9872971c7c56f0979bd10b97163c066d0e196bf02f46c7953ab1abdaf9de9ca3c00cb9bf4e418d07fa22f0610a70f2bdf4000200000000b0c2c125080963f63223b7b80197aa3161f45346b100000000000000000089e399f6609876b588743794298b79dc192dff048fc207c81f28bdd3e26a1a8a0481e9f0da43bb6ca66e2f55a9ff19ffcafe3e64be06000000000000005064caec04a367c23d9fb6a6991ddb737d527d6acb15426406991c3b404984dfa2c6e94bd0339454c13ad3c328a182c15dc760a313e3b3ca5d3393404029e98fa883c71949a34d84030323e3d54fc5b29d27643453ad9211e3550ee5520211d9370175133f260c6882a146880b9387f1beb5418618bc83a3becf9bb5d80efd7da7ba8b913c685fc6700848dc6665d73248c1f74e08ad04ce905faf32706e0000249a028044ede964362cfb2f30a246c3b2f60000fc4deb91da1368b0960b8d69bd99c64893d44f962524429dc058528e7e541c903869d96989b9a986620cb2c95c83f2a082c52764f49e51188f9418b01bcd8ae164acdac95318ec8b2c6feacdcf4b528e5e58219bc54f6ad5679e7f430e6960ed048c46e1dccca05bfa1d67c83795eae2d31968c055d325a9c794ef88b30c2de4a274878b73c05ffa88b7073be648b12bb1fee58958d6a6f31bfe5682159fbde59dad00008a73b40f09cf018cd496b36050d7fd45e3620c28f76749262e33e16429a6da35ceb1a989de81c3f8b8bc348ef2ac3781b847611fcb0a26acafdd6d9a1b17dcb9f7c493d8f8cd344a1d470ca0d6f16ab0293774b5509fb0e7113936d59d5a60dbd84a938476adeebab9ff44f531bb0200000000000000cc1fbc455a64fd449284f71761092a0302000000000000008a05d36fd9b814b4292745418c92d94462d2d8f7e1d24cabe17ad4135d8872935ceac6eb4f046f2acc1b0efb4438abddcabb4e4e72a450aab72b589bec83bbb688e659fb426cb43d0ee993516fd4e867232cde69b6ffad447dcd92e0ef8234ff850ec3948dd1fa7afb77d951fe4abf618121b7894c106beb49a71c62df5544ef221973432ccc7e62b151eb898a01010a7ec5acd0a5dcb2de443880c8a682515d1da9a3048744acb44384d1591df789883c0560495cb0cb32283529926d25e5c7f481112ab8a82247e927fb6f256830dab3671f00500d36a17790bab7d0e89e6c15314f2b963bfc867953476b0505c7d728326d666f39e82cfcf7e7a85df288d75df24c5e4d529c349923f9a4fb882310391dd58b4cbd8def239a227724d39c3e6c40e20e07e68a22888a5c3941b7a765b92bcb37f302487bcbd93ccf3a104021ff34ddf7ffcca1a04eae963e25516a114573779b24a341dfb2e80f1f345c6d96493ffc2a18478b5bf3aab2ea59c51cf0678e1a57d0ea042d911548ff612002ddb2d54d42fbdde42b56887003d27468225b2594a05044baf314113e889468cf13dd92aa0d7744db6b56557a5adad95cb9a69d4de50642b4b9d6d3ba7eb534b00d0fea62f0a61535dfc4da06e7f8695be614c557caed7eb0120516e1351fed7d8ffa31c8f4be364185469cfc5f25c90d71bce745dd2d58a30e0844f12c4cbbdd7a08465e665c2620d78673dfb6d9263ed7def8924cfcd48a8a3534f1a3eac9ee9f18a18106ba3d7c7a62330f5c0e98cb7982dd7bad02c8dba9c13894185bfc4bd2520b6e2043fcb3fc5eb55ecf9e6e363ea2ac40a14a6f00f0ffffa0fdb6487c51ef12c27b30255bc4f8813be88beeb5aa6f6a4151cfb90644e50630ed474df7d1635afcb1ea3f6c47b5acbba2ce5099a9387c7acb9bbd1da497611ceda25049e48ddacccbb58dddaf9a3510d65383829a51e0f41e661fa80ca1eaaa6cf0824305ba4ec80400c50ffe83ccb0e6fef321190c58aca8c7c8c6d26ff5cbc2cadebda8e1219e04f8dacffd33db1a0a2e74c9eb978d80a12d0b5327bfd053000000000000000000be0d02a14708504412fa93d335992b2983c5addc191b4a21c7b340d0536b01958e15315eb5f3f9f4992c18f666359f40295fa73284c4b607669bae75bd68c3e2b770c324a0ab26b6065d7e95a7bd80052db57506ec7cc861bf3998d07484c66630ca8173fea3f06ed1dfc70a8b90418e2dc76137e0f68cb1c8a908aef9f0f85647dba54e05028c33d94d463fb20d2e7547184b8d3611e45dff02144387f342ef9b9bf650e9d049bf65258a7bc094a6965e24611c077e1ca0891362a9d68f3ec7610c0449acf18459500f024f9b75885cd79ba32776e4a511c8a4ad922b00000000000000a9241220dfbf7d02ef507ec6fc7f5d37d835f7bed71283c431b9d8cbd9003972bf1dc6a71bedad8e19efc3edd2a7a7e555d5f3176af69920471e6e5bcb8966c813c132d65e2b99d3015e06b372e1aefaae14ee3fbc6349af362c19b59c214de66912d1a9a98d92dc197a51c29443de62caca334c46d110e50896fe50d0477771d387f40c8ef05750ca651e6e69a237dcf78666d6ab2bda1f853525494e4efdd93be38bb5fc671f8794002d7a951fd336aaf4ed1166cb459df70218c571ba1c40b028234505e5477e268326af8812c2fbb8785a223fce0a0601c2a3b58bea8c6216eadabcabe86ab46e4cd3d58ef7ce8d3c4b0bc5952e81dfc0a490d8568db6f9c51fe703c6864fae0053d2f91f49e977cdc1962dbc28c29471a72199862bc8fc6e211d13d8579cab4fba94b2b613c9b8148d05e0690a4c4ab35aabc45801d2b82081e62b23a01b58b1ffb624f63ad2246796796160cd3682374364edac52f1becb7c6eff50823b75fb2ef516ec4ec1cb20a2535b504502d744f2099674e58f2c117c980cf0d041c8ea5c4f166bab4aa5ed200ef4dcff96f7c9c1ab8c22db0f439b23b04bcd41ffc3a0e01976ca1cf43e12d7d72f3faa4979faabd62e2dc54a980eae4d5e8c6498de331c3aba1144ef1190ea6cda641d9416c4560cab2d819eac7b04c70f141754c3ffd79da363fe8859afee531710caf1b2bf5a51142f4755cbb700c28083525a9093790096cb93417f1216000000000000000000000000000040ceb244e4cae2b65a76d41793aabccd3d0c50486eae6793e1f54814a8ee2779c14ca94759266200229b58c12279817869e831cade7b09ddffffff9d93e2ad25eed43c0b9ee4fd209b5b919a42f676b9d7236fc8dd5040899d0676291407ce9ac8101dd3512f5b3ac8cf8179d1749de324000030d0f942ec46edc18d5c287d1435956784003a53eb5fe535ead8857acf0166dbd9f30a9b9c8a9b9faf1356faf269cded935b07863e4fdad8aab52686c81babd1c08f6700a2fadd413443022ea5c774ffefdd426abed08d437a4db48611fc82a18ab9f54758a1aad86d95cd186ceb55fafa3930090467b8b7bb8adef47ede2076dc538bb97502b4b4350e633dc0a53c2fc9a01bc5cfae0245f1fab843c633446f5f3a43226109b7dafe7815773bd6969f04cbe15236b90000000000000000000000000000000000000000000000000000ff0779b9c005da21073c6d9680d4e547cb727addb2efe11b8b3a706569f1522b57d71bb0beccab7c8fe9e1330b2f501b2ac3cf4eba7ceda6ff8a0c8b18c5e9e2f505e833217557abb257d61af8e8c473a7585436730db75da167481ab8921fe051b250f8d8ef9c8481bb28a137d15040b0181c28dfad7c17b30c452a64c43a117cb948247c33abc765a6ba695c3cea5e32a4d1ae2dcbec2ff4268e03aad15efc6004e6b3d7f0edf8b5d4ae7846a6d43c16c90b7c5dc13ac2ff0439ab693498964cad2bb533bcd240778b7e49145c48efde42b44c01517f1a7c7707b4c4fc0900e7086ec40354504590696282286db9030f0320e2fcba8723939005347b3f744ff1973431000000000000000000000000000000000000003495d69aaf9a1d83e83511a3bf44fe753b8ad83bc34ea4d46b397e000ff267c50122aa5aaf8474ec2e57d960d963900bef84a4b3c7dd01ae4d6b5522aa8a35ae7996e298bcfe3f31a34e3e12c58cf172a4d3677a67b52041ec21ae8003aa1c9969178b1b00e4d12ac9745b3cabc908e623403c013907523c77f8acc20b9e2fd224ca8f21fab2b10991881e2112f4e1c4f54b9ca7c9a0c8298d60b8b6eaa023418992d6d62b0e9faca4a3b3a805e859137cd933ef5eb8db16f159f32505725da51414562d064b551246dacd586f42d06c790000087bb52ae4bc09f3846c785d1b278e661ed01fbc2415288bc9c808c4aef648d431b3029da0dec8886c3ee9cad996843d00a3b5eb54e270dd2e96c8f2fdb4c27c2d1bd467f2a14867dec67730d8a68329839d9feff688dfbe25c73f936338e7b057980da58a6303d95f17712d667d5a1066ae457ae32925ce658b559c1182a74e267da57fe25b19153f1cdebaddf3f7a3479c09f2303dff449c0513b552a75ed48215cc31264a6ff648a95daa0d599dbce303b3b5307572df30429a3b4b115cab0a018f2501272048dd9e69877535e20078e7c28a98f26ace2fa90c68166396a2398d7a266bdc15ce904f25ec7fb2434ee7b5b69bed702ba1e7ed72942f452f1a98a2d949450091075efa823b11f5f5eccd921c04c7c15a5a05750cd85b1300fc00ce275de7559e117f87cb6c3c9a4b9f96149e3fcffa44d7258e9fc818ab3d76ab660a254d998592c31017f816e01a21c08a17ac"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000780)={r0, 0x18000000000002a0, 0x10, 0x0, &(0x7f0000000000)="5aee41dea43e63a3f75e64fb7ff20700", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

7.801069634s ago: executing program 2 (id=1062):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000240)={0xc, 0x0, <r2=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000280)={0x28, 0x2, r2, 0x0, &(0x7f00007ff000/0x800000)=nil, 0x800000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f0000000400)={0x48, 0x5, 0x0, 0x0, <r3=>0xffffffffffffffff, 0x1})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r1, 0x3ba0, &(0x7f0000000680)={0x8a, 0x7, r3, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x749bc})

7.769333359s ago: executing program 2 (id=1063):
openat$fb0(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r0 = socket(0x2, 0x80805, 0x26c00000)
getsockopt$bt_hci(r0, 0x84, 0x1, &(0x7f0000001180)=""/4102, &(0x7f00000003c0)=0x1006)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r2 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SG_IO(r2, 0x2285, 0x0)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$SG_GET_PACK_ID(r3, 0x227c, &(0x7f00000002c0))

7.658458346s ago: executing program 2 (id=1064):
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180), 0x109842, 0x0)
r1 = syz_io_uring_setup(0x239, &(0x7f0000000300)={0x0, 0x0, 0x10100}, &(0x7f0000000180)=<r2=>0x0, &(0x7f00000001c0)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r1, 0x2def, 0x0, 0x0, 0x0, 0x0)
ioctl$SNDCTL_DSP_SYNC(r0, 0x5001, 0x0)

7.657890916s ago: executing program 0 (id=1065):
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
getpid()
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r4=>0x0})
sendmsg$BATADV_CMD_GET_NEIGHBORS(r2, &(0x7f0000004340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)={0x1c, r3, 0x331, 0x0, 0x0, {0x8}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r4}]}, 0x1c}}, 0x0)
pwritev(0xffffffffffffffff, 0x0, 0x0, 0x4000001, 0x0)
socket$rds(0x15, 0x5, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
socket$nl_route(0x10, 0x3, 0x0)

7.591782924s ago: executing program 2 (id=1066):
socket$inet_smc(0x2b, 0x1, 0x0)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x6000}})
read$FUSE(r0, &(0x7f00000021c0)={0x2020}, 0x2020)
syz_fuse_handle_req(r0, 0x0, 0x0, 0x0)
write$FUSE_INIT(r0, 0x0, 0x0)
syz_fuse_handle_req(r0, &(0x7f0000008400)="44ea07862a07eefa4de37092cf4356f54454db90301c4d373d57166f794f169d63344840a37048638ffd5e30beade3fd768b18191001eb890277fad8bdfe3742686deeb34395963bcf7a870addd76c80aba9f771ebdf410c7d7542fc2b6ae9a458d79457755d94ba8a3248b01a2293d8a70e60815b90297002652966a6b836065bcae0b44f4b26be93dec3cd4cdcbbc84c5b916a1b0d8313340675d67fb0c785d0307f95e426546c9a4d0161a8f52b02b95f4da53ced705a658722091864d74ac0a3a5f3853a0ad71ddb29835680ca9ff30531f8df0f0ac66f7f1433c33d75fa8f0f022b175df093648a81af5ed701b2e7a14199c83b539e763dbe7228f2e184a02becd41bae305d3f34c72e8db93dd214ec203eee6e6dab26b41848c95fe1ece8ca157a90bb7a990dac5f3c64cf49c5c5aa8414b9153f82eca9df88d90a8d6c0e72eacd52f82939d46d41e0f5ccf708c03fccecea467f33f5a49888514787e42c0a12255bca89e82344ab01ac3b6c6158e3c1b34ad953eaf55f3a2c487efd9423a542e41dbd0058aa021cb6fdc5df88f807033edd31abaf5ff7e6a9578d2be6a2d925d98108fda2a7e56a0bbcdce0689fa9e2111b0be8f3e2807f7f3728489917a031f2187ad98a744f19851687adf59a4b4c328ad5c4f2eaa0d112041369319f6d3f928c22d05f9fd68b5c268da5e2f433d651bc602a65ee83752c0c92f7e29002faf9475fbb57788d725f6f8fd495a58d88d55ab8467a85d1f41db5964a19bdd45377c7c8c792de5e76e87da9296ff90e7fa9e57f09358d998c8779bb2348d651808e969e960763c5231c65a06ee16979f4d990dbe7e10b3a2392dfd6483bf2c7c5f6f3d941cc17663668cca83dcc38089b4342a801c74039b32550c2d9cf95a0236523933ce3e7538ff9da2b7b741f3cbf53e6084702d0a5dadab4350848f6e7ba46d4736c7a2ae702c480c30dd78f994a10b9c3157a17e9e29576a68139403300586eb0c673252a319aa1cb01efa777228d8242ebdbef9db5c03e4c8e09bf7a009b7eb19357d1ad6d1defc0dbb58c31d85b9f1035056615ad0b0ded12751273c8bb7810ccc5b2efe51d223894b141dda837e6b7ba21de9a978ac447d995394b800e1065906455af544b9d7f353d1eefcd3387d18e3611f3913926f3a4b87efb3a9707d6136dc00e49ea5e7a6d0bea17eb49cae93c0c4422374b0f46250e0d554e1087c1392716d368b04b1da85d271206b465608468802fae00c7ad9425974d822cffbc420e739f7617f59a879f791ab5dd7a6215298cc7dc6904679889e60a09114b0f421b6f1286d0a6ab3dc887c2d3a48d53a7611ec270530b07a83ae1a2bfa6da42ab38bec3eb8ed1e207d91c02e74a31c29abbd25f5779189f5f2494ea5c3f4b829b96de0c54b3851dd58610c2b9ddcc2960f34fb857c5ab1aa67e8eb10a59639db2ddebd0206ae7ee56b21ef484e3c66003af46326f1c456ad2ab5273d0c0b2bf412f71f820ae12723c74e1857e0ae3d5587a0427c1595e06b1d5ab5e815a5558302e0d9c50b8c6cbd599eb554df6f7323b01f1353b557c565dfe0de51032a88541b49ab682a7dbe4dccb9b952ba9c9ce3bbff80af01e47953666327b8acd7d2cf363c6f7172caaf01d8e3417f768ab08f2cfa7ff26efd219e25ef0f9a84c7b116978eeafe3410972490203dbe49aec33f14d5592a466a6efe630904db9c77ece20bec7552b3dfb48d4e0427ce5024fdc0aec7271e93c51aab19d7a40670add6ea5820f625831a593137f60543e424892856b3bb9e608e88e65cc6dca098d5139a38ada517cd788b9f13618d9c2c31d7918cac6cd669710692797e61f4df3938dd429d977cc11e7465a7a23740052039d9b31cd26b95efba17bfcefe121fcbb762d29287145b11a3abb3e0683b9216a8b5d9744baa75da5d840e70cb310c507c4f7eef1d6535d8e11079edcb51df7ea63a7204e314147eeb57916171ca33c0f5932916e4d568d9e7dd3555500ae119f0c63045658303e1f4ea99c896eaeff3ebf76b2def0ea856a3f24cd76dc437236b71dad9a26fbf3882e81565851eb6c5b265a0721be43f0844f4d0e4296011e280236a0ed7656f2eb906e6b2ec4a8e5bf91eb7e8be889ded6d8492bb72f1de26cf3973249ebcb5c993d1dfa896a658a528aadf57dc28a8db32656ed8e416f96e1f89ac24d4ba587df31f3d2d8d7809d06c8b2d68eb15b377918424499cd6a7fb62e49a78831f0e4b1476bef657fb34bd59e34793d21da3f7bd0278bbea8beed261c697ce17f36f1cbc1b94aef11dd1dbf1c68496765258f4cfc8b5fdc9197d7260b733d2061f399c861bc5912ac76cfb62b9218196fe054b92a295a9b9526871167d436b830a7b4944f527fb4d75a036acf3a71a1a710f609f4e794f1d764a5317ac067e8194666dbc73e32b2870eecf8776bb7641dcdd6d764f91dec83fbb53a97e6531211dd8b86bbb57f8acd637f4b1b66fd9705a200e3081ea382262d54edb161927eb1d85cf7b9373a24607c99f3d66b85e22d2cd5cfe24020d56e0552bd43d803882128317d9a56e63a4808ed6401b662187888a0d0b311364fbddad07911b5244877eeace22ab5bd8501d748ed5cb05809e1639678c4c6cc43a3c2fcdd5b0970332429c3cde09d9556c8360f26caa744ce5e57bfaabcf7d124b2d4fa97d7e72f16cdfc35f87493717e2a852b64fa344db5ec72dbdf22dbdfcd12ff796d515d5f3fd3cddbf53426183bbd92e2fd3e91fca8fee1c1ef4f8d59036df9c48fc7677f2c4905b6cf4adcf448029c6c6a2968b13e3b77d578e2661ae7d07ef84fa098bae9a564bc8c507a103990c00a0e6d2854a1689f7b095a100b7f38df028baf20bd56c843c24f8ca4a81130256b13636440836837429c1c86ae1668d3b250108406acdd21b40450399872c1da6178184bf9c2cc11ad80caa9997d3c6631f09ba2a4d96e6b74313f1e40fbf8a29962648f400dd256c4852c556deca2e3443b858efa43d53efcd496bf5037a82e14868b508632bdb2dde924ce2cd6c65f1708c18cf49073e536f09e8fcfa9a44fdbc349ae75e17205754d3bb82d3ee8a93c59aea1bd7ea6d124224b11405f815ed518a1cb9a80191249ac1cc0e5c1f9aab8fe67bb737cdfefac82a89a7d6ae08bb9e1f710cee451d851b35ba9b886dfd9c277dd67891331d43f36353c78c65e9f3524e1b9b229c9f91de7b5ab16a66017d171e2a4e185481d33cb5bd9c5e3d93c49d2c620c16467bf4db73621957f76d656e6d4cb4d59cacf1209da4e39352554cc2abcc8e82379b4f819fd6d261c6d7615f85f6c5d0b9f57976836493367e1bbb14c57983aa97c6e4e7c4fe2a166284c904ac4f70ef2e52e4e7dbd677ace683cd61aa60b702770aa0ddf14b694bf3cfaeb585f8fd8a85bee2f78400a0874dfb4c319be24a46d1914b6e902d5de8d8375c9ec786ef6eccf1ee7a003f83d2e163097980a06ab9fe23c4ae8e91755e4217d3c302111febfa9dce02a49b217aef709d183a5ab8ad1d39e9a697a79be303fdb2290c827279ce187d1c647cc28e20c0b3ebcab2b1c75850db46211150a8bc5d80d868141f885f7a5ef520ecee6d33842141003df4ce066090c8359b5dc32dd9ecb1039454d0b691d8f97932b69981be240804e860a88d1a047f46ff43609b41ea36dc276b28e87364049940ea7b6dc78848221b30dc6aa1b60f17942c96c46e347606d14ef02ed3ebddb20f7f4d28b9460f4af047b772927ca6a046b7de2a21b8ce79eadb74e4825af5e19ac2955999d7304a35851a4b9086ff922da8845da10a55fbb62fd13d98d45f60842d0d6301cd72e7cb97bc84393a414f671e5e0115a6c1c26054a80ddde10e0a83a4ffd123504c881a844bb7187c604f87588dd0d0f11930f9a3cfeb7098f38f84923637f1a9f6b3e3d0899a156d50d7e740b118c4865ec5e69aac247a930007452748bea9af0af511cc1129740510b13f48fe07ef1417ccc765b2cd0138cb51dd71fbdbe967fc321082a9ee4bbd1ea404cb24971de5a1ee7d7993b5d11d67d30e8ba94a9e943852675a07b88a51df6f4abb507cdaee96726023855e4dee6bccb3e26a2a88fb60d812e7856c13af5f4fcb6776ba8e27a35bffc5e46473b31a4b83ea1a3376f4549af87d03102413faccc3fc897ccae95d2700163f1fc5170a643554169018c5cfcf8f50c7981270995d8aaa9f923c0679b258aab60f79111627b71404e1ce8751228972cbb2bebbe25973cf98bf8fe8e63575950a0aaa1ff060f01e96791d128d0b7b40855126ef3910ed7d7a6d9490618da352ad7b889f7d905bca2214224e170f30a088cff91921917c937950926cb11c04fdc6bee776b9abd2aa286ea5074e72756482fcb6a7d072edc075f99e02747ea49a40b26b58118b6692fbe55b09b054a044d1f481173e8923a74806cb770c4c61ffa982077f82bc4db7fee4ae2beed4673e39f5ff0614072a771034174a0f052ce39e27450d18920664e924ee963c9bbc9852fe68f30a199ee4856c1dadc08c061165867438bd3bb73f5a50f5131b7867dc80e0c5d43eae80cc2874d48edc910e7f8f9b73e032a8ccd7c348e84b4179fa101d488c2fc16cdf953e269a9cf13c0dfe575e0da49d7d2c09293296c0232bca9fe0aa8199b21e19746c4783630e432b5c7e1e25864fcd4deae07c2b07782d155fe6e6b5d9eed4beb9db47bae4007753d8be56b10723b5467c64acb0eee4cb9050b4ef2b57b630f4608af96fbe484816454ff385aa3765051408779384c6585f2e24662fcc3008dc17abb07ba9cf96ff4c795c97811e73b06c65e1b5c66c2e1873191d972830b1f53bbfedf8b5e8a64a29fb3b3eca67f1791652f9ac037c2f87c6d1d9d453b12d5d2b0c070a8084aa15505e240bd0c61895383f23f0460027d60dd9efd8539807f717bc353f9b858b9bfd2acecf2190e280faf6a1603566ff8893dba33ad3300e10438241709ba7413fde84810b966b4556f9c8a51aef27f9b9010e7b6208715169a585e42bf3f7333209afb5b19c0de7722004850d53329d93e2e4909eced3da67dd7d2c82a4c9d0d7cb6f5ff7dbf195e8b39ba9cf0c1699ea1f8b6d1293509774ef3bf48597146a60aa5b6eff2bc8a64f9ae9a81becb9c398ab9676d2cecb14d28f819d08050269bb0ca9bcf59d5c9bd2fe2bcdfe82a8f037781c6275c9229b0729cd085e66e2712bdf22009440c4136c2daa54e547386e1acd16a1d30f3d55c1ef0fe10c108210b9d8894d31e5ef17b049106700bae524eef744ef4b3a69e9cfed4efa9b0c9262177f9fe16f5b1fe5bfe5fc6a611e6ffcb9c5f329d4e328cb69912f0dfb7f4a83d326cb20b053653663096870e7ad2753e992dced7405a00a39dc55e652eb6b2e1b1e9782b42f443890c4067b07376c6f0fb2ea6589e04a8eb39a94d913d9f4410d238e6880c167a0a23b266577c41ec3e0f513eb7fc948c12b26ea2646c0481488417d9911a0107ca0ae11c2c4b8c2eefa5144ecf8b149d22abbd26d1b2a3fe51016b9bbfd229c090fc2fbbca4803217c991e36f86d4720b45ae45e6b20f09fcd8e5decd79997e79177bd67de7433282c1d0be5d585a71c873e7171a133d9f5ea35ac0ac5c1a643279ca66a365d278d14eee3ea90961eebb3f6c098c00d051d4716853ec7069be2a4625cef4c0f72abae5309d2709901d05217fc3e52049c4aa16b50121e43ce491d1bc9adb01679ec25ab5009f746170c2517f0072f16c574cb447c6d8ce4a2e45426900463c5303413bf4fe7fd64c273b404cf936068cb3085c3a81b9872ad2cb79aa4c051e7ad97cd4e8c6b94bb0df87e4347ca6f11f155ea265762f81eb0e9fbaf3dc05157eb9f12596ccdf9193018a2226824db6bbebf4e89a070688f698bbf23f30dfb04db7c3d804a7587ad0fd03e68cff7e516e5109e328e1eb3b887a6aced15804f2c898f41c5452e160ca30e35843705c150bad932d2d3fbd791100b1535d9f3306dcf127fa49c1a36b172f46b1fb676ea8783c23edf89b2446560dc1b95b39f80eb9d0994c8dcac9a5a304c554133e1d6ba368468a17312167cda37932cbd4b93c58b7ef772d56d4311182a680e19da6fb938848aad40242856379310b61d6113de6814644092712133823ee2281639b52cec52ab0dbd65ddae631e7113ca75a5476797cde5f5456acbfe63c6ca8b83774690eaca3a019771ca0e742815ca5645418730ee17f52fa2531e5487c10da3ee080acd50fbd19710ed5cb924e28a18985132afbb7d2ff90f6c3855c56970854b9a48ec4f7566d2829e271af3f0ce26742602241fef70461a484499591a9079ed53aed113589fd74918146e1917a063514d7eaa7f4720a386eb2f32b6d35baaa5d36c2013eb405cec607202f19bda80bfeda8005c5d1582208b861437fff41ec0708a6a98f2b4b4463141c1c312a8115509e363a274864898be996176049d5f7e6cba76b3a37c9b2ee9553fc70f79503797464d736d97d0bb4741ea8ad14fde6f18fbb02ae97e5a77bc1527a13f18624927d79aa5b4df2dffde7fb5356e521c7a419209031df8138838151c7e90783c9af133b6961b44f8de89d6348b191cfa6c0ab652746b8582134537727b18c670691f3c1e8ca0e3cefcd26111bef476eb816482b7726399c86cbc98f0f06929c26cf831163bdbe1fa8d8f96a65d3bbb3d37657cec4b77516864cb32404996dae1d0d9f3c12b7f2698f07930b791813b7ccf0f0dcd3320b78833f077ee55aae156af804fa9a15e60c709fb30b06ac092bf97a4fe4732ea7bc93aa73232024c80434b4900cc30de20cbc1ea407746fb186a610fe31635766f5edaa8c9ae974ff8cecc4e7e391a50bdb34ca1dec15e7e8664d7bb59852cfc1fdb361b235c803d70cfc90c229078079619b4a8086a68d420ee1d7fac403b18c7f6aad91612e2f2b9e5e206bf897bd98a3b24a0637e2b986ae7f5d376bd63d63f6c4f151ce7eaa97a30d9d51f1a9207dca6b596831a9b92517b9d5571e72b4a06c07d5ff0d325896a1b32e9fb4f9d67a903946b205fba7beda108fde3fc503c7352c59c03bebc2891007fbe966a0441a7f4bc8320b901563ac8eadba643bdfc1636864d33549a1b9ad3ce01bec94b631ac6f46c453c57c62f2cf0f76d9f1e0731e266311624a138e607e699c91e37a33096117f418b4c92c66d96fa1b1324cfb569e3d558598ee65e69b8e0b9625d551af54a09db8082f2fa9da1386f92245aadaa13bfa3cf5c39fe455180bbb5e2427e4067bd2f5a5c755c31405477ba832dbbdd4af66acc7c11e576f700e24fb4c26160b4443b8c17805238519c7c732df774b92579e02a8da5e9a17e3c20e92afba7fab49000a7b83987ea48d5854a0411615462cabd245ab3f49ba375ef179c0a78059ffc14264177a6e45dc5f2fe6c957a313ba9889fef33b788933bb37a17943551db9cd08fd8d823fd0b35110ad589c3bb3af4f69bd1c7c7a3e726f933e4a0cb1209e75ff14910061c3750b9312de42c86838d5c35a681899c25220ea87aff02bf72fdd8745f5d751e6d62861496890c956143c08a222774974789bb46924b68a6e3138ce9dbca622e78c5aeed8215de4ee5c1f8312b6349a91ef1e210f18522b7a644700e90eff995e950c8eda05d0bb8e799ef32a7ddb8a87b4120a798a3f87cc78b6db0c7947b4786db1618c523203c097ef3d3dc0f4e1e87d0d597c4eaaac05a033a3fa91309c05cd8c14de649d7dd16d8ed81e5290950f66b66fd519a2a16fc6b3526f97aa1121b4fb52b30640122dfb50ff619fb5c88eb1c4e6ed7f6d09fd29e27b3375a1aad5b09f8175157018467f883ba385208fcd32a50a311b22f7951bd0e912d234364f8590e247dea604872f9bb847bb32b3906339f5698d6e7c0f2a3ed17b194239299091f5ee4ed51c75b76bc949cf05df5dd03cd8a553e7ec81881fdc1e15cef5e72eecd7843a981eff417682604769e302f378ff9519cdbd3ba2bfe50f85a903aa08b900118226889e9bc68124777f6e02fb26fff91d1f31d3828243cc46d4b4fa2965445774e0ddc521fe5fc9626fe3428403e746de0196a45e4ff75c5d6acef57f662faf27294be80fed39778a7585b41178ea38f64893f9a46334af6425a4aa46e25e92b0d77750c6737b237dff19913fd9e69ed92c4b6671b4226776b34ae2468907c654bb0f619b2c9b55920fb99e97bf32212f852b615689f3cf4c03d51d1587455b5720692430fe2684522bfe6dae871aa2ff5f00045861ffcfc219888fef8320bec1307236a7a42dd4a691cb6cd4d8436f31a3f2d642b05946dbfee692aee0da31419f9b8bc0e1dcf89a8ffd7856b21b1180ebc8ad75308b1370b93d680e968bcde7d235f601760a5d181f7b55daf330a001ae1da86c130c76fbd956442b6c705889d665560f8b34663390592d85ddde790e0f4f1f0df09c1c6f95477f9d72dc0894b2efe2c3d162ad80f80cae03a06548014293a02f00d6386723d42ab09052f019a1d71d88a78db27afead58bc516be8d23893f007a17ff47b32777752a15648d0ececd345aee1f36c58abb7efaff5567100c0bfa54f172c862e15872abc9d96cead6688f02ea8466fe1134bd3756c6f0df8903fe7935dbe3e635da368f13a10e3018cfb5557d38f859a983a54d660a02bdb3dac2922e7a37651677bfc664d58df59ea625e8e63ee776bcc2937b921f5544924b75cba04bf3cd0df831938f9e9c79572e8492d884646244990920400192c63e15024e2e1239f41390bf7c0e18f852e23d514256ccb8ccb2726710401c4306657fd75eba94a353987780a6d6219012cfe80858060e37652a84ae89d07f5d651fe82a2a8d0e8568492156713b1f76e89e12f76a0254da7d526df51a089600f5b7559afdc63d4872fe8d6ce00a8d0c9b00db5ee676ae2545e74fb7b39f8345a67913b234cfb4f6e3b4e2b1e1f4f1c7fcce8c09cdeb6a1a21bd2370004e583ef62971aec24ce0c6c049b6a2e22081d36854956a362b6cbad48049d7d5f90134d3e77febf87bf4a32c07cdeb36c9cc56b2b3cc8c8b47879a32ff00f3b2e977cee0acb30fc424dbfe24c88d1a08d047925cd7d65a5834e56db2b3e7e0a23dbf948c799db5a48fd4a5fdea43913b2b2c149ae9a98f452b797b55abe1dd44b30232387f466856d6c38ca735dd6175b455363dbf228ef52e443da22a1ee3a158ee304d9ca63c110a3d19ca3bab6d1745affd81c480ff8bcf5f8f7c1ea6d08a7b3c3958c324d42732711170e19523bd209134674b184d4d442a774e04d6eb4ac89a6d018cf0bb68a73da87abce127e57428cf73a5a551c85ea8c376ae951cb8357506f037d17d163172dc5764682c753050f35c6802fb269d7490b196d57bb8a1ada55da7550f82357320e14cf573ed39860f02a11bdad917b2ba2de885c7ea8b30dd62bdad207dfe10e97c8b71abbc8c5661a4483bb6f9488ada0f5885c471cfc1271b60d54f903317cca28ce977f4444cefac5c2ff233dc872d4e809091f8452de9c774ab3bbebf62de92cd6aa7421a41f7d1dea42e4f94bd3a4869c958f3940a99c88835ed2f4021114b9a5bb17240f468887b213814956f9f5e6344cbae19d8753b97c7ce2e9d0954a30dde23dea2748e1c9514672bf4ea3ec3e348a563d9649899e7227708e2e77d0fc5847dc16b59ac3dea9449c176dea2d2ff6b6af764d28dee5ccfd0dfd6e3100d97040657d7ac5da4032e3b7f6b0cef2ec55a83350c3045abb10200c264e6e68e3e03b68546ae48a538063b86315bb8073103a812717f2d8816534fa98d0e956e0f9a67bcdc522cacefc77b0be71832a69ffb72fa15ca4d8b15f7fe03da0f4b24c5fb68e5f3a2297bb0cb0b7bfdeeec4deb64bf71f57820d62c47276e2780b4341b6bc65ac49be09c94013783455a95de92c11d91b9e921a484ed69532b92e202d684d2293a2666709ee38d2114add4c5337bfeef31d481e12530c5c7e83a6c8aa2f580f6da2d735ee5260cf9a7185eff84eb22d6e0d5ac0e63fe6a3def819274a144be5ab90fa157bb7517a54c208aa82da926d5b09ba649e326a654fe8fa9dd7e6d83b0a66253526e5b5aa03e665f2eb4678e8293110420c9d7556df07c7dd1c3e817a4c7409890c4ff5044ecdb34eb652a4d7e20b4b0d596f46ee3c3dad675e958e91c3b40f2d22e671bae51518443042c529c31e343647d6ddeac7ec370970fcc71a24a0826b58d111e9b776ac0e2fa40b3099298ffd0d1c04d41ee1dd039425f52f9f8057ac1f206203f20e1ae9cbae356518ba2fe9e49b47e36942ed7204f3d7da9e71b8d69df3ae7b2de05a13a879af6a1ea6241c645ed73c139e15060aeab6f423c2180dd101863a24f1688ec1a33edc624c3f5e80a20e4cc5c86ab2c692c2d3d17d8a68bb3924efffb29c9fc3df937526452d82a8ca9a558c75d6b2504df1b66c91823216a1c3b3bc39dee0d22491b9c891b9eea193c8af8a992096d0cd74630f7222e9a3530034a582f40601a694cf1085fda7fb33b07332c6aebfa70e2ebb8d7ccf19a69dfb5e4c166add5e153504eeec92f4ea2fe47f291625e1c470b832a488f884692b8ec49b96df235f193027ed38fb4d8b88ed382825df8ffe5b0c6fab8db3e38d60d467f9da725023deb72c378258e911442afae4db650be3621a033a3b84eee65c4c0664ec6d5771cc138937434a6a361de3dc1c12a2a6735f080e94314ddf291516971af252e3cc56e1c65ba5cf8ac2538878b22034ba458e08db26205608ae941a42a27f2643ded87bde626387c2b791ce57991dd2ba08010237279cac2760e19cab9059b229ea002ce4d3b4afa495230e424752f289003a240f5cafc7a83112636321107918d582fad2606a4319199a06ef2cbeaa3e1a4d8c30501aab796f5cbe15453b61218a396b79c547d15d5c11033b3746b432b426404f7b0421b9daafd9e8558f1901283d58e173c4db0511ee826ddc6363eb51e0837c9be6b2078d808d2c05db7495d29322ee6af68b0d52c45f00a59731c0e5b2608ae046af8bcf830f001ffd2f955ea89bed216e71ccb5b44713e2abf5ee5438d63829c9aea34b57f7ab52b820c24a7e9fa138243e4afb2df93588e805e719c1767146a351debb34678a86dd19f0587af31195460a3aa3e68773859fe13b47b6b31a501b4a25c6660cfc47f3318b33b77b10ed4ba91086482db039a56fbd1490f440a6fbb280b62b6d2333afe1c42c3f16865b9c0e484a4f6f393b8bc34fbba856cc5ffad2fe423e79f691b95e7e0dbdb2b2757d9d4443f9a23a8b1bfdb16f8bffd81b4789f80f1fc4bf751627965755d008d134e2c35da34f54718615e9deaca0685396ae7e58121327e0c0696591f6af93f2999ebd3b4e03cfe2a48b2b94015eb06b2a1031ab5e129b2700648fd62ab75f77734b89abb402282635eee41606eb306619e2dae84488e2aac1df54f78460b36115072a2c28801fc122482f1d46de4b2eec07bbbbcf85f30ffb3829c5d0fdbdf3af8c6322d62f4c55ebe8fd52728e2d5d1a24f096fffcec6ff2e752f75", 0x2000, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e00)={0xa0, 0x0, 0x0, {{0x6, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0xee01}}}}, 0x0})
r1 = syz_io_uring_setup(0xd2, &(0x7f0000000480), &(0x7f0000000040)=<r2=>0x0, &(0x7f0000000080)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r1, 0x47ba, 0x0, 0x0, 0x0, 0x0)

7.309243904s ago: executing program 3 (id=1067):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
mkdir(0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bd2)
r0 = getpgid(0xffffffffffffffff)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(r0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
pipe2$9p(0x0, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, 0x0, 0x0)
getsockopt$IP_VS_SO_GET_SERVICE(r2, 0x0, 0x483, 0x0, &(0x7f0000000180))
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x2000000, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{}, &(0x7f0000000080), 0x0}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f0000000140)=@raw={'raw\x00', 0x8, 0x3, 0x3f8, 0x1c0, 0x43, 0xa0, 0x0, 0x98, 0x360, 0x178, 0x178, 0x360, 0x178, 0x49, 0x0, {[{{@ip={@empty=0x5107, @multicast2, 0x0, 0x0, 'veth0_to_bond\x00', 'ip6erspan0\x00'}, 0x12a, 0x1a0, 0x1c0, 0x0, {0x0, 0x7a010000}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x8, 0x0, 'syz0\x00'}}, @common=@unspec=@connbytes={{0x38}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0x168, 0x1a0, 0x0, {}, [@common=@unspec=@connbytes={{0x38}}, @common=@unspec=@conntrack2={{0xc0}, {{@ipv4=@multicast1, [], @ipv6=@loopback, [], @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}, [], @ipv4=@multicast1}}}]}, @common=@inet=@SET3={0x38}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x468)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'ip6gretap0\x00'})
getsockopt$inet_IP_IPSEC_POLICY(r2, 0x0, 0x10, &(0x7f00000005c0)={{{@in=@private, @in=@multicast1}}, {{@in=@remote}, 0x0, @in6=@dev}}, &(0x7f0000000000)=0xe8)
socket(0xa, 0x2, 0x0)

7.220358457s ago: executing program 2 (id=1068):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00'})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0b00000005000000010001000900000001000000af7d813590674bbbc5eab2287d873783c6d9eb1347a07f7198e6649a7ad66515b5ced5a235ac881a1f79b0bf4c33a2ebbe28620e36f3773a76ad83b4", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
close(r1)
bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="1e000000070000000d0000000500000084000000", @ANYRES32=r1, @ANYBLOB='\t\x00'/15, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="05001900050000000300000000000bff00000400000000000000000064ce95156d06ef9a6d29e02381375eeaf4d2828cba925141cdea25f4a4ed5208258a31bbd8d90204ab61036f9582f3465e9e91b39c0ef559cc54d5a10f76"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="1802000001000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b70300000000000085000000040000001811", @ANYRES32=r1, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000140)={0x28, 0x0, 0x0, @hyper}, 0x10)
fcntl$setownex(r2, 0xf, &(0x7f0000000340)={0x1, 0xffffffffffffffff})
sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000900)=ANY=[], 0x34}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
socket$tipc(0x1e, 0x5, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f00000000c0)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f0000000380)=0x2)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000001340)=""/102378, 0x7706c522012798af)
add_key$keyring(0x0, &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)
r4 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000001880), 0x2, 0x0)
eventfd2(0x0, 0x0)
ioctl$VHOST_SET_OWNER(r4, 0xaf01, 0x0)
r5 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000016c0), 0x2, 0x0)
dup3(r5, r4, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r6 = socket(0x15, 0x800000003, 0x39ce)
ioctl$ifreq_SIOCGIFINDEX_team(r6, 0x8933, &(0x7f0000000600))

6.991574917s ago: executing program 4 (id=1069):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000001c0)=ANY=[@ANYBLOB], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000001540)={0x24, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x22, 0xf, {[@main=@item_4={0x3, 0x0, 0x0, "a8407a73"}, @local=@item_4={0x3, 0x2, 0x0, "93bf0280"}, @main=@item_4={0x3, 0x0, 0x0, "00000080"}]}}, 0x0}, 0x0)
syz_open_dev$hiddev(&(0x7f0000000100), 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/4\x00')
ioctl$HIDIOCGCOLLECTIONINFO(r1, 0xc0104811, &(0x7f0000000140)={0x6, 0xfffffffc, 0x0, 0x1})

0s ago: executing program 1 (id=1070):
syz_open_dev$video4linux(0x0, 0xf, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x6be00000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
map_shadow_stack(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x3ff)
write$P9_RRENAME(r1, 0x0, 0x0)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

icast mode
[  294.771009][ T7971] bridge_slave_0: entered promiscuous mode
[  294.779271][ T7971] bridge0: port 2(bridge_slave_1) entered blocking state
[  294.787792][ T7971] bridge0: port 2(bridge_slave_1) entered disabled state
[  294.795313][ T7971] bridge_slave_1: entered allmulticast mode
[  294.802797][ T7971] bridge_slave_1: entered promiscuous mode
[  294.874924][ T7971] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  294.901155][ T7971] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  294.938749][ T7971] team0: Port device team_slave_0 added
[  294.947332][ T7971] team0: Port device team_slave_1 added
[  294.973263][ T7971] batman_adv: batadv0: Adding interface: batadv_slave_0
[  294.980464][ T7971] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  295.008987][ T7971] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  295.022384][ T7971] batman_adv: batadv0: Adding interface: batadv_slave_1
[  295.029488][ T7971] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  295.058312][ T7971] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  295.099745][ T7971] hsr_slave_0: entered promiscuous mode
[  295.106444][ T7971] hsr_slave_1: entered promiscuous mode
[  295.125207][ T7971] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  295.133708][ T7971] Cannot create hsr debugfs directory
[  295.264933][ T7989] loop4: detected capacity change from 0 to 2048
[  295.317779][ T7989] iocharset iso8get not found
[  295.362158][ T7971] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  295.424614][ T7971] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  295.446471][ T7989] loop4: detected capacity change from 0 to 4096
[  295.463312][ T3453] usb 4-1: USB disconnect, device number 4
[  295.531367][ T7971] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  295.628363][ T7971] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  295.847760][ T7971] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  295.871198][ T7971] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  295.890697][ T7971] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  295.909873][ T7971] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  296.336257][ T5253] Bluetooth: hci7: command tx timeout
[  296.355615][ T8012] REISERFS warning (device nullb0): sh-2021 reiserfs_fill_super: can not find reiserfs on nullb0
[  296.722256][ T5253] Bluetooth: hci4: command tx timeout
[  296.767373][ T7971] 8021q: adding VLAN 0 to HW filter on device bond0
[  296.782883][ T7971] 8021q: adding VLAN 0 to HW filter on device team0
[  296.795756][   T61] bridge0: port 1(bridge_slave_0) entered blocking state
[  296.802918][   T61] bridge0: port 1(bridge_slave_0) entered forwarding state
[  296.853303][   T52] bridge0: port 2(bridge_slave_1) entered blocking state
[  296.860514][   T52] bridge0: port 2(bridge_slave_1) entered forwarding state
[  296.985794][ T8018] x_tables: unsorted underflow at hook 3
[  297.037859][ T8018] Bluetooth: MGMT ver 1.23
[  297.106545][ T8009] loop0: detected capacity change from 0 to 40427
[  297.141866][ T8009] F2FS-fs (loop0): build fault injection attr: rate: 690, type: 0x1fffff
[  297.150663][ T8009] F2FS-fs (loop0): Image doesn't support compression
[  297.190504][ T8009] F2FS-fs (loop0): Image doesn't support compression
[  297.224196][ T8009] F2FS-fs (loop0): invalid crc value
[  297.235977][ T8009] F2FS-fs (loop0): Found nat_bits in checkpoint
[  297.267490][ T7971] 8021q: adding VLAN 0 to HW filter on device batadv0
[  297.314305][ T7971] veth0_vlan: entered promiscuous mode
[  297.325621][ T7971] veth1_vlan: entered promiscuous mode
[  297.348665][ T7971] veth0_macvtap: entered promiscuous mode
[  297.357820][ T7971] veth1_macvtap: entered promiscuous mode
[  297.373052][ T7971] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  297.384597][ T7971] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.395140][ T7971] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  297.405653][ T7971] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.415790][ T7971] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  297.426295][ T7971] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.436289][ T7971] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  297.440709][ T8009] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  297.446854][ T7971] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.464250][ T7971] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  297.469128][ T8009] syz.0.442: attempt to access beyond end of device
[  297.469128][ T8009] loop0: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  297.474721][ T7971] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.474760][ T7971] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  297.474777][ T7971] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.475991][ T7971] batman_adv: batadv0: Interface activated: batadv_slave_0
[  297.530485][ T7971] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  297.541110][ T7971] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.550998][ T7971] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  297.561507][ T7971] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.571389][ T7971] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  297.582702][ T7971] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.593241][ T7971] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  297.603742][ T7971] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.613655][ T7971] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  297.624163][ T7971] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.634481][ T7971] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  297.644980][ T7971] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  297.655983][ T7971] batman_adv: batadv0: Interface activated: batadv_slave_1
[  297.679690][ T7971] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  297.690592][ T7971] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  297.699786][ T7167] syz-executor: attempt to access beyond end of device
[  297.699786][ T7167] loop0: rw=2049, sector=45112, nr_sectors = 8 limit=40427
[  297.714683][ T7971] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  297.723497][ T7167] F2FS-fs (loop0): Remounting filesystem read-only
[  297.730904][ T7971] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  297.854964][ T2919] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  297.870201][ T2919] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  298.016623][   T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  298.027897][   T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  298.411832][ T5253] Bluetooth: hci7: command tx timeout
[  298.995105][ T8055] overlayfs: unescaped trailing colons in lowerdir mount option.
[  299.746026][ T8070] netlink: 36 bytes leftover after parsing attributes in process `syz.3.455'.
[  299.883769][ T8070] netlink: 16 bytes leftover after parsing attributes in process `syz.3.455'.
[  299.893417][ T8070] netlink: 36 bytes leftover after parsing attributes in process `syz.3.455'.
[  299.902613][ T8070] netlink: 36 bytes leftover after parsing attributes in process `syz.3.455'.
[  300.144563][ T8066] loop0: detected capacity change from 0 to 40427
[  300.168151][ T8066] F2FS-fs (loop0): build fault injection attr: rate: 690, type: 0x1fffff
[  300.176985][ T8066] F2FS-fs (loop0): Image doesn't support compression
[  300.184180][ T8066] F2FS-fs (loop0): Image doesn't support compression
[  300.211482][ T8066] F2FS-fs (loop0): invalid crc value
[  300.225887][ T8066] F2FS-fs (loop0): Found nat_bits in checkpoint
[  300.290775][ T8081] netlink: 16 bytes leftover after parsing attributes in process `syz.1.459'.
[  300.305466][ T8066] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  300.321199][ T8066] syz.0.456: attempt to access beyond end of device
[  300.321199][ T8066] loop0: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  300.363970][ T7167] syz-executor: attempt to access beyond end of device
[  300.363970][ T7167] loop0: rw=2049, sector=45112, nr_sectors = 8 limit=40427
[  300.402253][ T7167] F2FS-fs (loop0): Remounting filesystem read-only
[  300.484965][ T5253] Bluetooth: hci7: command tx timeout
[  300.934529][ T8084] loop2: detected capacity change from 0 to 40427
[  301.042236][ T8084] F2FS-fs (loop2): Wrong SIT boundary, start(1536) end(50334208) blocks(1024)
[  301.071707][ T8084] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  301.112195][ T8084] F2FS-fs (loop2): invalid crc value
[  301.148853][ T8084] F2FS-fs (loop2): Found nat_bits in checkpoint
[  301.348721][ T8084] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  301.364796][ T8084] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  301.892048][ T7971] syz-executor: attempt to access beyond end of device
[  301.892048][ T7971] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  301.908847][ T7971] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  302.262788][ T8115] loop4: detected capacity change from 0 to 512
[  302.269644][ T8115] EXT4-fs: Ignoring removed nobh option
[  302.286977][ T8115] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  302.300677][ T8115] ext4 filesystem being mounted at /64/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  302.628004][ T8113] loop0: detected capacity change from 0 to 40427
[  302.670523][ T5253] Bluetooth: hci7: command tx timeout
[  302.678862][ T8113] F2FS-fs (loop0): build fault injection attr: rate: 690, type: 0x1fffff
[  302.709584][ T8113] F2FS-fs (loop0): Image doesn't support compression
[  302.726858][ T8113] F2FS-fs (loop0): Image doesn't support compression
[  302.759195][ T8113] F2FS-fs (loop0): invalid crc value
[  302.769202][ T8113] F2FS-fs (loop0): Found nat_bits in checkpoint
[  302.780101][ T8134] loop2: detected capacity change from 0 to 2048
[  302.838809][ T8113] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  302.840014][ T8134] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  302.855879][ T8113] syz.0.472: attempt to access beyond end of device
[  302.855879][ T8113] loop0: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  302.869020][ T8134] ext4 filesystem being mounted at /6/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  302.905486][ T7167] syz-executor: attempt to access beyond end of device
[  302.905486][ T7167] loop0: rw=2049, sector=45112, nr_sectors = 8 limit=40427
[  302.922564][ T7167] F2FS-fs (loop0): Remounting filesystem read-only
[  302.956841][ T7971] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  303.173300][ T6464] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  304.115067][ T8153] loop4: detected capacity change from 0 to 32768
[  304.128024][ T8153] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.483 (8153)
[  304.153959][ T8153] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  304.168250][ T8153] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  304.184662][ T8153] BTRFS info (device loop4): using free-space-tree
[  304.426019][ T8187] BTRFS info (device loop4): scrub: started on devid 1
[  304.509683][ T8187] BTRFS info (device loop4): scrub: finished on devid 1 with status: 0
[  304.850410][ T8197] loop3: detected capacity change from 0 to 512
[  304.859602][ T8197] EXT4-fs: Ignoring removed nobh option
[  304.925254][ T8197] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  304.937958][ T8197] ext4 filesystem being mounted at /88/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  305.022229][ T8210] overlayfs: unescaped trailing colons in lowerdir mount option.
[  305.292796][ T6464] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  305.373480][ T8190] loop2: detected capacity change from 0 to 40427
[  305.390873][ T8190] F2FS-fs (loop2): build fault injection attr: rate: 690, type: 0x1fffff
[  305.399628][ T8190] F2FS-fs (loop2): Image doesn't support compression
[  305.406642][ T8190] F2FS-fs (loop2): Image doesn't support compression
[  305.416297][ T8190] F2FS-fs (loop2): invalid crc value
[  305.427542][ T8190] F2FS-fs (loop2): Found nat_bits in checkpoint
[  305.517957][ T8190] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  305.618782][ T7971] F2FS-fs (loop2): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_submit_page_write+0x58a/0x1ca0
[  305.631870][ T7971] F2FS-fs (loop2): invalid blkaddr: 1028, type: 10, run fsck to fix.
[  305.723801][ T8227] netlink: 12 bytes leftover after parsing attributes in process `syz.4.502'.
[  305.831910][ T8212] loop0: detected capacity change from 0 to 32768
[  305.844645][ T8212] XFS: noikeep mount option is deprecated.
[  305.860192][ T8212] XFS: noikeep mount option is deprecated.
[  305.886969][ T6114] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  305.903207][ T8212] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  306.018221][ T8212] XFS (loop0): Ending clean mount
[  306.020522][ T8241] kvm: emulating exchange as write
[  306.028965][ T8212] XFS (loop0): Quotacheck needed: Please wait.
[  306.067809][ T8212] XFS (loop0): Quotacheck: Done.
[  306.102892][ T8212] netlink: 'syz.0.497': attribute type 9 has an invalid length.
[  306.129106][ T8212] netlink: 134660 bytes leftover after parsing attributes in process `syz.0.497'.
[  306.296711][ T7167] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  306.456499][ T8251] pimreg: entered allmulticast mode
[  306.512174][ T8251] pimreg: left allmulticast mode
[  307.732150][    T9] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  307.760019][ T8283] overlayfs: unescaped trailing colons in lowerdir mount option.
[  307.874980][ T8279] loop2: detected capacity change from 0 to 40427
[  307.903295][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  307.914542][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  307.939957][    T9] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  307.965427][ T8279] F2FS-fs (loop2): build fault injection attr: rate: 690, type: 0x1fffff
[  307.968026][    T9] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  308.017964][ T8279] F2FS-fs (loop2): invalid crc value
[  308.030742][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  308.034589][ T8279] F2FS-fs (loop2): Found nat_bits in checkpoint
[  308.091368][    T9] usb 4-1: config 0 descriptor??
[  308.134529][ T8290] netlink: 1 bytes leftover after parsing attributes in process `syz.4.522'.
[  308.134997][ T8279] F2FS-fs (loop2): Start checkpoint disabled!
[  308.151030][ T8289] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  308.156223][ T8279] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  308.261807][   T25] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  308.271026][   T52] kworker/u8:3: attempt to access beyond end of device
[  308.271026][   T52] loop2: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  308.285698][   T52] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  308.296676][   T52] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  308.422830][   T25] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  308.442230][   T25] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  308.454117][   T25] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  308.469749][   T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  308.509841][ T8287] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  308.529491][    T9] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  308.533676][   T25] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[  308.547896][    T9] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  308.582144][    T9] plantronics 0003:047F:FFFF.0002: No inputs registered, leaving
[  308.628437][    T9] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  308.817348][   T25] usb 1-1: USB disconnect, device number 5
[  308.852936][   T46] usb 4-1: USB disconnect, device number 5
[  308.899953][ T8305] fuse: Unknown parameter '00000000000000000000'
[  309.201760][ T5250] Bluetooth: hci6: command 0x0406 tx timeout
[  310.294803][ T8325] xt_connbytes: Forcing CT accounting to be enabled
[  310.294961][ T8325] --map-set only usable from mangle table
[  310.498904][ T8326] loop2: detected capacity change from 0 to 2048
[  310.530570][ T8326] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  310.532092][ T8328] overlayfs: unescaped trailing colons in lowerdir mount option.
[  310.572922][ T8326] ext4 filesystem being mounted at /20/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  310.666845][   T29] audit: type=1800 audit(1728483726.602:26): pid=8326 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.531" name="file0" dev="loop2" ino=13 res=0 errno=0
[  311.122171][ T5324] libceph: connect (1)[c::]:6789 error -101
[  311.134476][ T7971] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  311.137875][ T5324] libceph: mon0 (1)[c::]:6789 connect error
[  311.180046][ T8353] tipc: Started in network mode
[  311.185185][ T8353] tipc: Node identity aaaaaaaaaa41, cluster identity 4711
[  311.195343][ T8353] tipc: Enabled bearer <eth:geneve1>, priority 10
[  311.237725][   T29] audit: type=1326 audit(1728483727.182:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8358 comm="syz.3.539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf4837dff9 code=0x7ffc0000
[  311.249581][ T8344] ceph: No mds server is up or the cluster is laggy
[  311.277169][   T29] audit: type=1326 audit(1728483727.212:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8358 comm="syz.3.539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf4837dff9 code=0x7ffc0000
[  311.300224][   T29] audit: type=1326 audit(1728483727.222:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8358 comm="syz.3.539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fcf4837c990 code=0x7ffc0000
[  311.384069][   T29] audit: type=1326 audit(1728483727.222:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8358 comm="syz.3.539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fcf4837f827 code=0x7ffc0000
[  311.426550][   T29] audit: type=1326 audit(1728483727.222:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8358 comm="syz.3.539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fcf4837dff9 code=0x7ffc0000
[  311.458074][    T9] libceph: connect (1)[c::]:6789 error -101
[  311.470784][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  311.471985][   T29] audit: type=1326 audit(1728483727.222:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8358 comm="syz.3.539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fcf4837f827 code=0x7ffc0000
[  311.510862][   T29] audit: type=1326 audit(1728483727.222:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8358 comm="syz.3.539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fcf4837cc8a code=0x7ffc0000
[  311.654723][   T29] audit: type=1326 audit(1728483727.222:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8358 comm="syz.3.539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf4837dff9 code=0x7ffc0000
[  311.684351][   T29] audit: type=1326 audit(1728483727.222:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8358 comm="syz.3.539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf4837dff9 code=0x7ffc0000
[  311.785877][   T25] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  312.249831][ T8370] netlink: 4 bytes leftover after parsing attributes in process `syz.1.543'.
[  312.265304][ T3453] tipc: Node number set to 15444650
[  312.478545][ T8376] overlayfs: unescaped trailing colons in lowerdir mount option.
[  312.577506][   T25] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  312.599979][   T25] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  312.669459][   T25] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  312.696245][ T8387] loop0: detected capacity change from 0 to 2048
[  312.728012][   T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  312.818605][ T8357] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  312.827184][ T8387] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  312.834480][   T25] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  312.851952][ T8387] ext4 filesystem being mounted at /69/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  313.300929][ T7167] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  314.151235][ T8406] loop3: detected capacity change from 0 to 4096
[  314.469893][ T5324] usb 3-1: USB disconnect, device number 3
[  314.714540][ T8413] overlayfs: unescaped trailing colons in lowerdir mount option.
[  314.759292][ T8409] loop0: detected capacity change from 0 to 40427
[  314.772778][ T8409] F2FS-fs (loop0): build fault injection attr: rate: 690, type: 0x1fffff
[  314.816111][ T1033] block nbd2: Possible stuck request ffff888025770000: control (read@0,4096B). Runtime 30 seconds
[  314.840097][ T8409] F2FS-fs (loop0): invalid crc value
[  314.860517][ T8409] F2FS-fs (loop0): Found nat_bits in checkpoint
[  314.953633][ T8409] F2FS-fs (loop0): Start checkpoint disabled!
[  314.970266][ T8409] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  315.037277][ T8409] syz.0.557: attempt to access beyond end of device
[  315.037277][ T8409] loop0: rw=524288, sector=45072, nr_sectors = 24 limit=40427
[  315.057372][ T8409] syz.0.557: attempt to access beyond end of device
[  315.057372][ T8409] loop0: rw=0, sector=45072, nr_sectors = 8 limit=40427
[  316.319279][ T8440] netlink: 28 bytes leftover after parsing attributes in process `syz.0.568'.
[  316.342399][ T8440] netlink: 28 bytes leftover after parsing attributes in process `syz.0.568'.
[  316.359911][ T8440] gretap0: entered promiscuous mode
[  316.402411][ T8440] batadv_slave_1: entered promiscuous mode
[  316.494978][ T8432] loop2: detected capacity change from 0 to 32768
[  316.502944][ T8450] overlayfs: unescaped trailing colons in lowerdir mount option.
[  316.576721][ T8432] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  316.660651][ T8432] XFS (loop2): Ending clean mount
[  316.667460][ T8432] XFS (loop2): Quotacheck needed: Please wait.
[  316.827969][ T8468] loop3: detected capacity change from 0 to 4096
[  316.849712][ T8466] loop0: detected capacity change from 0 to 512
[  316.856692][ T8466] EXT4-fs: Ignoring removed nobh option
[  316.878773][ T8432] XFS (loop2): Quotacheck: Done.
[  316.917563][ T7971] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  317.025951][ T8466] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  317.039563][ T8466] ext4 filesystem being mounted at /76/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  317.558804][ T8480] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 224: padding at end of block bitmap is not set
[  317.574108][ T1266] ieee802154 phy0 wpan0: encryption failed: -22
[  317.580661][ T1266] ieee802154 phy1 wpan1: encryption failed: -22
[  317.619591][ T8480] EXT4-fs (loop0): Remounting filesystem read-only
[  317.654563][ T8485] loop4: detected capacity change from 0 to 4096
[  317.685719][ T8485] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512).
[  317.697040][ T7167] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  317.778316][ T8485] ntfs3(loop4): Inode r=19 is not in use!
[  317.784830][ T8485] ntfs3(loop4): Mark volume as dirty due to NTFS errors
[  317.865467][ T8489] overlayfs: unescaped trailing colons in lowerdir mount option.
[  318.263833][   T29] kauditd_printk_skb: 4 callbacks suppressed
[  318.263856][   T29] audit: type=1326 audit(1728483734.192:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8503 comm="syz.1.588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa23417dff9 code=0x7ffc0000
[  318.293695][   T29] audit: type=1326 audit(1728483734.192:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8503 comm="syz.1.588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=48 compat=0 ip=0x7fa23417dff9 code=0x7ffc0000
[  318.316053][   T29] audit: type=1326 audit(1728483734.192:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8503 comm="syz.1.588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa23417dff9 code=0x7ffc0000
[  318.341979][   T29] audit: type=1326 audit(1728483734.192:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8503 comm="syz.1.588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa23417dff9 code=0x7ffc0000
[  318.562316][ T5253] Bluetooth: hci3: command 0x0405 tx timeout
[  319.082897][ T8502] loop2: detected capacity change from 0 to 32768
[  319.152075][ T8502] sysfs: cannot create duplicate filename '/fs/gfs2/syz:syz'
[  319.165410][ T8502] CPU: 0 UID: 0 PID: 8502 Comm: syz.2.589 Not tainted 6.12.0-rc2-next-20241008-syzkaller #0
[  319.175541][ T8502] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  319.185652][ T8502] Call Trace:
[  319.188969][ T8502]  <TASK>
[  319.191934][ T8502]  dump_stack_lvl+0x241/0x360
[  319.196664][ T8502]  ? __pfx_dump_stack_lvl+0x10/0x10
[  319.201917][ T8502]  ? __pfx__printk+0x10/0x10
[  319.206554][ T8502]  ? __kmalloc_cache_noprof+0x243/0x390
[  319.212162][ T8502]  ? sysfs_create_dir_ns+0x28a/0x3a0
[  319.217581][ T8502]  sysfs_create_dir_ns+0x2ce/0x3a0
[  319.222751][ T8502]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  319.228441][ T8502]  kobject_add_internal+0x435/0x8d0
[  319.233680][ T8502]  kobject_init_and_add+0x124/0x190
[  319.238906][ T8502]  ? __pfx_lockdep_init_map_type+0x10/0x10
[  319.244741][ T8502]  ? __pfx_kobject_init_and_add+0x10/0x10
[  319.250473][ T8502]  ? __init_swait_queue_head+0xae/0x150
[  319.256033][ T8502]  gfs2_sys_fs_add+0x23b/0x4a0
[  319.260807][ T8502]  ? __pfx_gfs2_sys_fs_add+0x10/0x10
[  319.266134][ T8502]  ? __pfx_alloc_workqueue+0x10/0x10
[  319.271424][ T8502]  ? read_word_at_a_time+0xe/0x20
[  319.276451][ T8502]  ? sized_strscpy+0x8d/0x220
[  319.281131][ T8502]  gfs2_fill_super+0x11ee/0x24d0
[  319.286096][ T8502]  ? __pfx_gfs2_fill_super+0x10/0x10
[  319.291410][ T8502]  ? snprintf+0xda/0x120
[  319.295671][ T8502]  ? __pfx_lock_release+0x10/0x10
[  319.300695][ T8502]  ? do_raw_spin_lock+0x14f/0x370
[  319.305730][ T8502]  ? __pfx_snprintf+0x10/0x10
[  319.310437][ T8502]  ? sb_set_blocksize+0x98/0xf0
[  319.315484][ T8502]  ? setup_bdev_super+0x4e6/0x5d0
[  319.320569][ T8502]  get_tree_bdev+0x3f7/0x570
[  319.325206][ T8502]  ? __pfx_gfs2_fill_super+0x10/0x10
[  319.330629][ T8502]  ? __pfx_get_tree_bdev+0x10/0x10
[  319.335813][ T8502]  gfs2_get_tree+0x54/0x220
[  319.340381][ T8502]  vfs_get_tree+0x90/0x2b0
[  319.344931][ T8502]  do_new_mount+0x2be/0xb40
[  319.349475][ T8502]  ? __pfx_do_new_mount+0x10/0x10
[  319.354555][ T8502]  __se_sys_mount+0x2d6/0x3c0
[  319.359289][ T8502]  ? __pfx___se_sys_mount+0x10/0x10
[  319.364575][ T8502]  ? rcu_is_watching+0x15/0xb0
[  319.369390][ T8502]  ? __x64_sys_mount+0x20/0xc0
[  319.374208][ T8502]  do_syscall_64+0xf3/0x230
[  319.378749][ T8502]  ? clear_bhb_loop+0x35/0x90
[  319.383467][ T8502]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  319.389394][ T8502] RIP: 0033:0x7f6562f7f79a
[  319.393850][ T8502] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  319.413584][ T8502] RSP: 002b:00007f6563ddce68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  319.422036][ T8502] RAX: ffffffffffffffda RBX: 00007f6563ddcef0 RCX: 00007f6562f7f79a
[  319.430045][ T8502] RDX: 0000000020000100 RSI: 0000000020037f80 RDI: 00007f6563ddceb0
[  319.438059][ T8502] RBP: 0000000020000100 R08: 00007f6563ddcef0 R09: 0000000000000000
[  319.446070][ T8502] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000020037f80
[  319.454071][ T8502] R13: 00007f6563ddceb0 R14: 0000000000037f14 R15: 0000000020000400
[  319.462095][ T8502]  </TASK>
[  319.475558][ T8502] kobject: kobject_add_internal failed for syz:syz with -EEXIST, don't try to register things with the same name in the same directory.
[  319.490972][ T8502] gfs2: fsid=syz:syz: error -17 adding sysfs files
[  321.459736][   T29] audit: type=1326 audit(1728483737.402:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8557 comm="syz.1.606" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa23417dff9 code=0x0
[  321.490301][ T8555] loop2: detected capacity change from 0 to 512
[  321.497295][ T8555] EXT4-fs: Ignoring removed nobh option
[  321.516559][ T8561] geneve0: entered promiscuous mode
[  321.551964][ T8561] macvlan2: entered promiscuous mode
[  321.562735][ T8555] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  321.575137][ T8561] macvlan2: entered allmulticast mode
[  321.576660][ T8555] ext4 filesystem being mounted at /30/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  321.600953][ T8561] geneve0: entered allmulticast mode
[  321.721525][ T8564] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  321.888619][ T7971] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  321.931732][ T8577] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth1_macvtap, syncid = 0, id = 0
[  321.954422][ T8575] IPVS: stopping backup sync thread 8577 ...
[  322.376519][   T46] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  322.820809][ T8579] loop3: detected capacity change from 0 to 40427
[  322.836393][ T8579] F2FS-fs (loop3): build fault injection attr: rate: 690, type: 0x1fffff
[  322.851685][ T8579] F2FS-fs (loop3): Image doesn't support compression
[  322.858463][ T8579] F2FS-fs (loop3): Image doesn't support compression
[  322.893595][ T8579] F2FS-fs (loop3): invalid crc value
[  322.910956][ T8579] F2FS-fs (loop3): Found nat_bits in checkpoint
[  322.973905][   T46] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  322.991382][   T46] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  323.002643][   T46] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  323.016006][   T46] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  323.025427][   T46] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  323.068364][ T8587] loop0: detected capacity change from 0 to 32768
[  323.091655][ T8579] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  323.124401][ T8587] JBD2: Ignoring recovery information on journal
[  323.144604][   T46] usb 3-1: config 0 descriptor??
[  323.165028][ T8587] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  323.226928][ T6114] F2FS-fs (loop3): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_submit_page_write+0x58a/0x1ca0
[  323.239015][ T6114] F2FS-fs (loop3): invalid blkaddr: 1028, type: 10, run fsck to fix.
[  323.601015][   T46] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  323.608817][   T46] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  323.616841][   T46] plantronics 0003:047F:FFFF.0003: No inputs registered, leaving
[  323.628193][   T46] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  323.696732][ T8627] netem: change failed
[  323.862923][ T5289] usb 3-1: USB disconnect, device number 4
[  324.346705][ T7167] ocfs2: Unmounting device (7,0) on (node local)
[  324.444496][ T8641] REISERFS warning (device nullb0): sh-2021 reiserfs_fill_super: can not find reiserfs on nullb0
[  324.867789][ T8648] loop0: detected capacity change from 0 to 40427
[  324.911764][ T8648] F2FS-fs (loop0): build fault injection attr: rate: 690, type: 0x1fffff
[  324.920557][ T8648] F2FS-fs (loop0): Image doesn't support compression
[  324.928293][ T8648] F2FS-fs (loop0): Image doesn't support compression
[  324.981810][ T8648] F2FS-fs (loop0): invalid crc value
[  325.059353][ T8648] F2FS-fs (loop0): Found nat_bits in checkpoint
[  325.107812][ T8648] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  325.198245][ T7167] F2FS-fs (loop0): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_submit_page_write+0x58a/0x1ca0
[  325.231282][ T7167] F2FS-fs (loop0): invalid blkaddr: 1028, type: 10, run fsck to fix.
[  325.390522][ T8661] Illegal XDP return value 4294967274 on prog  (id 76) dev N/A, expect packet loss!
[  325.908472][ T8661] Cannot find add_set index 0 as target
[  326.158561][ T8665] netlink: 8 bytes leftover after parsing attributes in process `syz.3.638'.
[  326.170959][ T8665] 8021q: adding VLAN 0 to HW filter on device ipvlan4
[  326.915385][ T8675] loop3: detected capacity change from 0 to 32768
[  326.924198][ T8675] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.641 (8675)
[  326.943924][ T8675] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  326.961088][ T8675] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  326.996698][ T8675] BTRFS info (device loop3): using free-space-tree
[  327.144814][ T6114] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  327.722469][ T6010] gfs2: fsid=syz:syz.0: 2 left-over quota data objects
[  327.774990][ T8705] input: syz0 as /devices/virtual/input/input9
[  327.836657][ T8399] gfs2: fsid=syz:syz.0: Error -5 syncing glock 
[  327.845205][ T8399] gfs2: fsid=syz:syz.0: G:  s:EX n:3/2090 f:lDpfiao t:UN d:UN/10000 a:0 v:0 r:2 m:20 p:0
[  327.855405][ T8399] gfs2: fsid=syz:syz.0:  R: n:8336 f:90000000 b:7001/6999 i:6 q:0 r:0 e:7032
[  327.997284][   T26] gfs2: fsid=syz:syz.0: Error -5 syncing glock 
[  328.007071][   T26] gfs2: fsid=syz:syz.0: G:  s:EX n:2/24a1 f:lDpfia t:UN d:UN/10000 a:0 v:0 r:1 m:20 p:1
[  328.016999][   T26] gfs2: fsid=syz:syz.0: Error -5 syncing glock 
[  328.023327][   T26] gfs2: fsid=syz:syz.0: G:  s:EX n:2/2093 f:lDpfia t:UN d:UN/30000 a:0 v:0 r:1 m:20 p:260
[  328.033407][   T26] gfs2: fsid=syz:syz.0: Error -5 syncing glock 
[  328.040555][   T26] gfs2: fsid=syz:syz.0: G:  s:EX n:2/208e f:lDpfia t:UN d:UN/40000 a:0 v:0 r:1 m:20 p:1
[  328.454893][ T8707] loop4: detected capacity change from 0 to 32768
[  328.485290][ T8707] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  328.587370][ T8707] XFS (loop4): Ending clean mount
[  328.634757][ T8704] kexec: Could not allocate control_code_buffer
[  328.676566][ T8707] XFS (loop4): Quotacheck needed: Please wait.
[  328.691505][ T8707] XFS (loop4): Quotacheck: Done.
[  328.722424][ T8699] loop0: detected capacity change from 0 to 32768
[  328.766823][ T8699] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  328.809965][ T6464] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  329.228558][ T7167] ocfs2: Unmounting device (7,0) on (node local)
[  329.671766][ T5324] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  329.831754][ T5324] usb 2-1: Using ep0 maxpacket: 8
[  329.843972][ T5324] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[  329.851448][ T5324] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  329.863771][ T5324] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  329.877157][ T8735] loop4: detected capacity change from 0 to 32768
[  329.894902][ T5324] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  329.926143][ T5324] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  329.954508][ T5324] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[  329.966731][ T5324] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  329.980650][ T5324] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  329.993150][ T8735] XFS (loop4): Mounting V5 Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6
[  329.996353][ T5324] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  330.019647][ T5324] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  330.067666][ T5324] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[  330.076546][ T5324] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  330.113614][ T5324] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  330.177695][ T5324] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  330.191341][ T5324] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  330.210848][ T5324] usb 2-1: string descriptor 0 read error: -22
[  330.217384][ T5324] usb 2-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  330.230155][ T5324] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  330.260218][ T5324] adutux 2-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  330.287555][ T8755] loop0: detected capacity change from 0 to 32768
[  330.307703][ T8755] JBD2: Ignoring recovery information on journal
[  330.377219][ T8735] XFS (loop4): Ending clean mount
[  330.387554][ T8735] XFS (loop4): Quotacheck needed: Please wait.
[  330.399974][ T8735] XFS (loop4): Quotacheck: Done.
[  330.406435][ T8755] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  330.439058][ T6464] XFS (loop4): Unmounting Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6
[  331.000923][    T9] usb 2-1: USB disconnect, device number 6
[  331.247990][   T29] audit: type=1326 audit(1728483747.192:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8775 comm="syz.4.665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a7637dff9 code=0x7ffc0000
[  331.281240][   T29] audit: type=1326 audit(1728483747.222:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8775 comm="syz.4.665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a7637dff9 code=0x7ffc0000
[  331.306505][   T29] audit: type=1326 audit(1728483747.222:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8775 comm="syz.4.665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=83 compat=0 ip=0x7f9a7637dff9 code=0x7ffc0000
[  331.328791][   T29] audit: type=1326 audit(1728483747.222:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8775 comm="syz.4.665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a7637dff9 code=0x7ffc0000
[  331.352314][   T29] audit: type=1326 audit(1728483747.222:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8775 comm="syz.4.665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a7637dff9 code=0x7ffc0000
[  331.376391][   T29] audit: type=1326 audit(1728483747.222:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8775 comm="syz.4.665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f9a7637dff9 code=0x7ffc0000
[  331.386621][ T8778] process 'syz.3.664' launched './file1' with NULL argv: empty string added
[  331.402256][   T29] audit: type=1326 audit(1728483747.222:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8775 comm="syz.4.665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a7637dff9 code=0x7ffc0000
[  331.434501][   T29] audit: type=1326 audit(1728483747.222:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8775 comm="syz.4.665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a7637dff9 code=0x7ffc0000
[  331.457335][   T29] audit: type=1326 audit(1728483747.222:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8775 comm="syz.4.665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f9a7637dff9 code=0x7ffc0000
[  331.480645][   T29] audit: type=1326 audit(1728483747.322:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8775 comm="syz.4.665" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a7637dff9 code=0x7fc00000
[  331.590038][ T8784] overlayfs: unescaped trailing colons in lowerdir mount option.
[  332.022065][ T8779] netlink: 'syz.4.665': attribute type 1 has an invalid length.
[  332.122478][ T8779] netlink: 'syz.4.665': attribute type 2 has an invalid length.
[  332.262757][ T8779] netlink: 4 bytes leftover after parsing attributes in process `syz.4.665'.
[  332.362505][ T7167] ocfs2: Unmounting device (7,0) on (node local)
[  332.385876][ T8793] loop3: detected capacity change from 0 to 512
[  332.392932][ T8793] EXT4-fs: Ignoring removed nobh option
[  332.430133][ T8793] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  332.442932][ T8793] ext4 filesystem being mounted at /132/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  333.969381][ T8797] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 224: padding at end of block bitmap is not set
[  334.156885][ T8797] EXT4-fs (loop3): Remounting filesystem read-only
[  334.282437][ T6114] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  334.476566][ T8821] overlayfs: unescaped trailing colons in lowerdir mount option.
[  334.730261][ T8806] loop4: detected capacity change from 0 to 32768
[  334.827722][ T8806] XFS (loop4): Mounting V5 Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6
[  334.956611][ T8806] XFS (loop4): Ending clean mount
[  334.992389][ T8806] XFS (loop4): Quotacheck needed: Please wait.
[  335.051831][ T8806] XFS (loop4): Quotacheck: Done.
[  335.116839][ T6464] XFS (loop4): Unmounting Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6
[  335.268727][    T9] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  335.893352][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  335.907626][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  335.939608][    T9] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  335.971780][    T9] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  335.991178][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  336.012205][    T9] usb 4-1: config 0 descriptor??
[  336.138705][ T5253] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  336.154510][ T5253] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  336.163939][ T5253] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  336.191765][ T5253] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  336.199608][ T5253] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3
[  336.209030][ T5253] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  336.528747][    T9] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  336.536297][    T9] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  336.544331][    T9] plantronics 0003:047F:FFFF.0004: No inputs registered, leaving
[  336.701967][    T9] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  336.735935][   T46] usb 4-1: USB disconnect, device number 6
[  336.821384][ T8849] netlink: 'syz.1.687': attribute type 9 has an invalid length.
[  336.829363][ T8849] netlink: 134672 bytes leftover after parsing attributes in process `syz.1.687'.
[  336.838985][ T8849] openvswitch: netlink: Key 2 has unexpected len 20 expected 4
[  337.050533][ T8859] chnl_net:caif_netlink_parms(): no params data found
[  337.315494][ T8859] bridge0: port 1(bridge_slave_0) entered blocking state
[  337.324776][ T8859] bridge0: port 1(bridge_slave_0) entered disabled state
[  337.332480][ T8859] bridge_slave_0: entered allmulticast mode
[  337.338901][ T8883] fuse: Bad value for 'fd'
[  337.344403][ T8859] bridge_slave_0: entered promiscuous mode
[  337.352293][ T8859] bridge0: port 2(bridge_slave_1) entered blocking state
[  337.360482][ T8859] bridge0: port 2(bridge_slave_1) entered disabled state
[  337.367608][ T8867] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  337.373752][ T8867] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  337.380560][ T8867] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  337.386616][ T8867] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  337.394042][ T8867] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  337.400088][ T8867] Bluetooth: hci6: Opcode 0x0406 failed: -4
[  337.407177][ T8867] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  337.413293][ T8867] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  337.421199][ T8867] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  337.427263][ T8867] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  337.436164][ T8867] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  337.442990][ T8867] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  337.448966][ T8867] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  337.455716][ T8867] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  337.462256][ T8867] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  337.468187][ T8867] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  337.475074][ T8867] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  337.481986][ T8867] Bluetooth: hci7: Opcode 0x0c1a failed: -4
[  337.487962][ T8867] Bluetooth: hci7: Opcode 0x0406 failed: -4
[  337.494598][ T8867] Bluetooth: hci7: Opcode 0x0406 failed: -4
[  337.502493][ T8867] Bluetooth: hci8: Opcode 0x0c1a failed: -4
[  337.508469][ T8867] Bluetooth: hci8: Opcode 0x0406 failed: -4
[  337.515607][ T8867] Bluetooth: hci8: Opcode 0x0406 failed: -4
[  337.554939][ T8859] bridge_slave_1: entered allmulticast mode
[  337.562002][ T8859] bridge_slave_1: entered promiscuous mode
[  337.587190][ T8859] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  337.598686][ T8859] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  337.723040][ T8875] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  337.729214][ T8875] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  337.735272][ T8875] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  337.741231][ T8875] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  337.747278][ T8875] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  337.753273][ T8875] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  337.759226][ T8875] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  337.765372][ T8875] Bluetooth: hci7: Opcode 0x0c1a failed: -4
[  337.771343][ T8875] Bluetooth: hci8: Opcode 0x0c1a failed: -4
[  337.888524][ T8859] team0: Port device team_slave_0 added
[  338.028636][ T8859] team0: Port device team_slave_1 added
[  338.410070][ T8859] batman_adv: batadv0: Adding interface: batadv_slave_0
[  338.420067][ T8859] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  338.497425][ T8859] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  338.533990][ T8859] batman_adv: batadv0: Adding interface: batadv_slave_1
[  338.555459][ T8859] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  338.609642][ T8859] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  338.954973][ T8859] hsr_slave_0: entered promiscuous mode
[  339.057799][ T8859] hsr_slave_1: entered promiscuous mode
[  339.171186][ T8859] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  339.179236][ T8859] Cannot create hsr debugfs directory
[  339.622942][ T8904] loop3: detected capacity change from 0 to 32768
[  339.628411][    C1] TCP: request_sock_TCP: Possible SYN flooding on port [::]:2. Sending cookies.
[  339.630582][ T8904] XFS: noikeep mount option is deprecated.
[  339.646771][ T8904] XFS: noikeep mount option is deprecated.
[  339.659725][ T8859] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  339.681750][ T5253] Bluetooth: hci2: command 0x0406 tx timeout
[  339.695901][ T8895] loop0: detected capacity change from 0 to 40427
[  339.705134][ T8904] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  339.722664][ T8895] F2FS-fs (loop0): build fault injection attr: rate: 690, type: 0x1fffff
[  339.734253][ T8895] F2FS-fs (loop0): invalid crc value
[  339.741233][ T8895] F2FS-fs (loop0): Found nat_bits in checkpoint
[  339.750063][ T8859] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  339.800386][ T8859] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  339.813507][ T8895] F2FS-fs (loop0): Start checkpoint disabled!
[  339.820995][ T8895] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  339.836430][ T8904] XFS (loop3): Ending clean mount
[  339.846003][ T8904] XFS (loop3): Quotacheck needed: Please wait.
[  339.852350][ T5243] Bluetooth: hci7: command 0x0c1a tx timeout
[  339.852403][ T5243] Bluetooth: hci4: command 0x0c1a tx timeout
[  339.852431][ T5243] Bluetooth: hci1: command 0x0c1a tx timeout
[  339.852457][ T5243] Bluetooth: hci0: command 0x0c1a tx timeout
[  339.852517][ T5243] Bluetooth: hci3: command 0x0405 tx timeout
[  339.852544][ T5243] Bluetooth: hci6: command 0x0406 tx timeout
[  339.852602][ T5243] Bluetooth: hci5: command 0x0406 tx timeout
[  339.852836][ T5253] Bluetooth: hci8: command 0x041b tx timeout
[  339.884936][ T8904] XFS (loop3): Quotacheck: Done.
[  339.909393][ T8859] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  339.914883][ T8904] netlink: 'syz.3.702': attribute type 9 has an invalid length.
[  339.929375][ T8904] netlink: 134672 bytes leftover after parsing attributes in process `syz.3.702'.
[  339.940990][ T8904] openvswitch: netlink: Key 2 has unexpected len 20 expected 4
[  339.961119][ T3004] kworker/u8:9: attempt to access beyond end of device
[  339.961119][ T3004] loop0: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  339.976111][ T3004] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  339.983760][ T3004] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  339.986248][ T6114] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  340.021835][    T9] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  340.131231][ T8859] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  340.142738][ T8859] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  340.153716][ T8859] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  340.164290][ T8859] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  340.185416][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  340.211855][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  340.241818][    T9] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  340.249253][ T8859] 8021q: adding VLAN 0 to HW filter on device bond0
[  340.272098][    T9] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  340.293955][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  340.297600][ T8859] 8021q: adding VLAN 0 to HW filter on device team0
[  340.313437][    T9] usb 2-1: config 0 descriptor??
[  340.344438][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  340.351551][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  340.378735][ T3004] bridge0: port 2(bridge_slave_1) entered blocking state
[  340.385917][ T3004] bridge0: port 2(bridge_slave_1) entered forwarding state
[  340.663553][ T8950] netlink: 'syz.0.713': attribute type 1 has an invalid length.
[  340.674364][ T8950] netlink: 48 bytes leftover after parsing attributes in process `syz.0.713'.
[  340.727845][    T9] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[  340.749410][    T9] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[  340.769940][    T9] plantronics 0003:047F:FFFF.0005: No inputs registered, leaving
[  340.815628][ T8859] 8021q: adding VLAN 0 to HW filter on device batadv0
[  340.835308][    T9] plantronics 0003:047F:FFFF.0005: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  340.908293][ T8859] veth0_vlan: entered promiscuous mode
[  340.928422][    T9] usb 2-1: USB disconnect, device number 7
[  340.974676][ T8859] veth1_vlan: entered promiscuous mode
[  341.061250][ T8859] veth0_macvtap: entered promiscuous mode
[  341.083240][ T8859] veth1_macvtap: entered promiscuous mode
[  341.138403][ T8859] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  341.169644][ T8859] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.179782][ T8859] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  341.191670][ T8859] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.206945][ T8859] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  341.217957][ T8859] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.228219][ T8859] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  341.252659][ T8859] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.263265][ T8859] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  341.286665][ T8859] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.317745][ T8859] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  341.330463][ T8859] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.343989][ T8859] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  341.355596][ T8859] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.372808][ T8859] batman_adv: batadv0: Interface activated: batadv_slave_0
[  341.408100][ T8859] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  341.442173][ T8859] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.468102][ T8859] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  341.517417][ T8956] loop0: detected capacity change from 0 to 32768
[  341.524245][ T8859] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.535959][ T8859] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  341.546780][ T8859] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.559037][ T8859] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  341.573464][ T8859] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.587253][ T8956] JBD2: Ignoring recovery information on journal
[  341.620685][ T8859] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  341.637512][ T8956] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  341.652199][ T8859] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.702747][ T8859] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  341.713472][ T8859] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.725075][ T8859] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  341.736237][ T8859] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  341.748185][ T8859] batman_adv: batadv0: Interface activated: batadv_slave_1
[  341.763778][ T5250] Bluetooth: hci2: command 0x0406 tx timeout
[  341.774048][ T8859] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  341.783419][ T8859] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  341.794799][ T8859] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  341.804950][ T8859] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  341.830962][ T8956] OCFS2: ERROR (device loop0): int ocfs2_claim_suballoc_bits(struct ocfs2_alloc_context *, handle_t *, u32, u32, struct ocfs2_suballoc_result *): Chain allocator dinode 23 has 4294967295 used bits but only 16777215 total
[  341.857360][ T8956] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  341.870214][ T8956] OCFS2: Returning error to the calling process.
[  341.888138][ T8956] (syz.0.714,8956,1):ocfs2_claim_suballoc_bits:2038 ERROR: status = -5
[  341.899739][ T8956] (syz.0.714,8956,1):__ocfs2_claim_clusters:2412 ERROR: status = -5
[  341.909349][ T8956] (syz.0.714,8956,1):__ocfs2_claim_clusters:2420 ERROR: status = -5
[  341.921844][ T5253] Bluetooth: hci5: command 0x0406 tx timeout
[  341.927657][ T8956] (syz.0.714,8956,1):ocfs2_local_alloc_new_window:1216 ERROR: status = -5
[  341.928041][ T5235] Bluetooth: hci6: command 0x0406 tx timeout
[  341.939105][ T8956] (syz.0.714,8956,1):ocfs2_local_alloc_new_window:1241 ERROR: status = -5
[  341.943036][ T5243] Bluetooth: hci3: command 0x0405 tx timeout
[  341.951689][ T5241] Bluetooth: hci0: command 0x0c1a tx timeout
[  341.958051][ T5253] Bluetooth: hci1: command 0x0c1a tx timeout
[  341.970349][   T54] Bluetooth: hci4: command 0x0c1a tx timeout
[  341.976462][ T5241] Bluetooth: hci7: command 0x0c1a tx timeout
[  341.982869][ T5250] Bluetooth: hci8: command 0x041b tx timeout
[  341.984426][ T8956] (syz.0.714,8956,0):ocfs2_local_alloc_slide_window:1315 ERROR: status = -5
[  342.003003][ T2903] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  342.013841][ T2903] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  342.037196][ T6499] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  342.048576][ T6499] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  342.066586][ T8956] (syz.0.714,8956,0):ocfs2_local_alloc_slide_window:1334 ERROR: status = -5
[  342.100789][ T8956] (syz.0.714,8956,0):ocfs2_reserve_local_alloc_bits:672 ERROR: status = -5
[  342.128427][ T8956] (syz.0.714,8956,0):ocfs2_reserve_local_alloc_bits:710 ERROR: status = -5
[  342.174930][ T8956] (syz.0.714,8956,0):ocfs2_reserve_clusters_with_limit:1170 ERROR: status = -5
[  342.193976][ T8956] (syz.0.714,8956,0):ocfs2_reserve_clusters_with_limit:1219 ERROR: status = -5
[  342.204075][ T8956] (syz.0.714,8956,0):ocfs2_lock_allocators:2749 ERROR: status = -5
[  342.212743][ T8956] (syz.0.714,8956,0):ocfs2_write_begin_nolock:1742 ERROR: status = -5
[  342.221281][ T8956] (syz.0.714,8956,0):__ocfs2_page_mkwrite:97 ERROR: status = -5
[  344.111649][ T5250] Bluetooth: hci4: command 0x0c1a tx timeout
[  344.120002][   T54] Bluetooth: hci1: command 0x0c1a tx timeout
[  344.126070][ T5250] Bluetooth: hci8: command 0x041b tx timeout
[  344.141784][ T5250] Bluetooth: hci7: command 0x0c1a tx timeout
[  344.147840][ T5250] Bluetooth: hci0: command 0x0c1a tx timeout
[  344.244011][ T8999] loop3: detected capacity change from 0 to 512
[  344.250955][ T8999] EXT4-fs: Ignoring removed nobh option
[  344.345981][ T7167] ocfs2: Unmounting device (7,0) on (node local)
[  344.368156][ T8999] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  344.381704][ T8999] ext4 filesystem being mounted at /144/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  344.405023][ T9009] loop7: detected capacity change from 0 to 16384
[  344.697522][   T29] kauditd_printk_skb: 2 callbacks suppressed
[  344.697540][   T29] audit: type=1326 audit(1728483760.642:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9018 comm="syz.2.729" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1fb717dff9 code=0x0
[  344.754093][ T9012] loop7: detected capacity change from 16384 to 16383
[  344.912149][ T1033] block nbd2: Possible stuck request ffff888025770000: control (read@0,4096B). Runtime 60 seconds
[  344.973879][ T9022] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  345.031728][    T9] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  345.076591][ T7288] Buffer I/O error on dev loop7, logical block 2047, async page read
[  345.183496][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  345.196158][ T9009] Buffer I/O error on dev loop7, logical block 2047, async page read
[  345.204021][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  345.217516][ T9009] Buffer I/O error on dev loop7, logical block 2047, async page read
[  345.231117][ T9009] Buffer I/O error on dev loop7, logical block 2047, async page read
[  345.233938][    T9] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  345.269993][ T7288] Buffer I/O error on dev loop7, logical block 2047, async page read
[  345.300662][    T9] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  345.321621][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  345.341090][    T9] usb 1-1: config 0 descriptor??
[  345.442820][ T9007] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 224: padding at end of block bitmap is not set
[  345.463311][ T9007] EXT4-fs (loop3): Remounting filesystem read-only
[  345.473818][ T6114] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  345.777769][    T9] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  345.900020][    T9] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  346.130366][    T9] plantronics 0003:047F:FFFF.0006: No inputs registered, leaving
[  346.163815][   T54] Bluetooth: hci8: command 0x041b tx timeout
[  346.182740][    T9] plantronics 0003:047F:FFFF.0006: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  346.263814][    T9] usb 1-1: USB disconnect, device number 6
[  347.731251][ T9052] loop3: detected capacity change from 0 to 40427
[  347.758803][ T9052] F2FS-fs (loop3): build fault injection attr: rate: 690, type: 0x1fffff
[  347.775883][ T9052] F2FS-fs (loop3): invalid crc value
[  347.789065][ T9052] F2FS-fs (loop3): Found nat_bits in checkpoint
[  347.860850][ T9052] F2FS-fs (loop3): Start checkpoint disabled!
[  347.876945][ T9052] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  348.006020][ T2903] kworker/u8:6: attempt to access beyond end of device
[  348.006020][ T2903] loop3: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  348.024471][ T2903] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  348.033729][ T2903] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  348.245700][ T5253] Bluetooth: hci8: command 0x041b tx timeout
[  349.751745][ T5289] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  349.811236][ T9086] loop2: detected capacity change from 0 to 32768
[  349.826895][ T9086] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.748 (9086)
[  349.860986][ T9096] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  349.871412][ T9086] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  349.881766][ T9086] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  349.890512][ T9086] BTRFS info (device loop2): using free-space-tree
[  349.904257][ T5289] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  349.924820][ T5289] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  349.956668][ T5289] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  349.999443][ T5289] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  350.039193][ T5289] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  350.049793][ T5289] usb 5-1: config 0 descriptor??
[  350.295927][ T9116] BTRFS info (device loop2): scrub: started on devid 1
[  350.321804][ T5253] Bluetooth: hci8: command 0x041b tx timeout
[  350.402053][ T9116] BTRFS info (device loop2): scrub: finished on devid 1 with status: 0
[  350.470849][ T5289] usbhid 5-1:0.0: can't add hid device: -71
[  350.483326][ T9094] loop0: detected capacity change from 0 to 32768
[  350.490482][ T5289] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  350.519669][ T5289] usb 5-1: USB disconnect, device number 8
[  350.540911][ T9094] BTRFS: device /dev/loop0 (7:0) using temp-fsid 64c8e35a-4d63-474c-90c6-4299758a8238
[  350.566264][ T9094] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.751 (9094)
[  350.617151][ T9094] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  350.634028][   T29] audit: type=1804 audit(1728483766.582:58): pid=9121 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.754" name="/newroot/83/bus/file1" dev="overlay" ino=475 res=1 errno=0
[  350.640480][ T9094] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  350.756172][ T9094] BTRFS info (device loop0): using free-space-tree
[  351.658571][ T8859] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  351.802447][ T5253] Bluetooth: hci4: unexpected event for opcode 0x2005
[  352.227570][ T9154] loop3: detected capacity change from 0 to 40427
[  352.237091][ T9154] F2FS-fs (loop3): build fault injection attr: rate: 690, type: 0x1fffff
[  352.247413][ T9154] F2FS-fs (loop3): Image doesn't support compression
[  352.255468][ T9154] F2FS-fs (loop3): Image doesn't support compression
[  352.268321][ T9154] F2FS-fs (loop3): invalid crc value
[  352.285395][ T5289] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  352.316548][ T9154] F2FS-fs (loop3): Found nat_bits in checkpoint
[  352.386029][ T9154] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  352.401680][ T5253] Bluetooth: hci8: command 0x041b tx timeout
[  352.431751][ T6114] syz-executor: attempt to access beyond end of device
[  352.431751][ T6114] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  352.447435][ T6114] F2FS-fs (loop3): Remounting filesystem read-only
[  352.474921][ T5289] usb 1-1: config 0 has no interfaces?
[  352.492000][ T5289] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  352.503071][ T5289] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  352.520424][ T5289] usb 1-1: config 0 descriptor??
[  352.755387][ T5289] usb 1-1: USB disconnect, device number 7
[  352.792902][ T9181] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  353.211692][    T9] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  353.233262][ T9205] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  353.239928][ T9205] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  353.252305][ T9205] vhci_hcd vhci_hcd.0: Device attached
[  353.261197][ T9205] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(7)
[  353.267767][ T9205] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  353.277629][ T9205] vhci_hcd vhci_hcd.0: Device attached
[  353.299596][ T9209] usbip_core: unknown command
[  353.304518][ T9209] vhci_hcd: unknown pdu 0
[  353.315002][ T9209] usbip_core: unknown command
[  353.331496][ T2919] vhci_hcd: stop threads
[  353.339688][ T2919] vhci_hcd: release socket
[  353.347593][ T7167] BTRFS info (device loop0): last unmount of filesystem 64c8e35a-4d63-474c-90c6-4299758a8238
[  353.350348][ T2919] vhci_hcd: disconnect device
[  353.369880][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  353.444786][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  353.541669][ T5289] usb 14-1: SetAddress Request (2) to port 0
[  353.544258][    T9] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  353.571673][ T5289] usb 14-1: new SuperSpeed USB device number 2 using vhci_hcd
[  353.601444][    T9] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  353.610885][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  353.637822][    T9] usb 2-1: config 0 descriptor??
[  354.117574][    T9] usbhid 2-1:0.0: can't add hid device: -71
[  354.313354][    T9] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  354.342018][    T9] usb 2-1: USB disconnect, device number 8
[  354.366159][ T9199] loop3: detected capacity change from 0 to 32768
[  354.444095][ T9206] vhci_hcd: connection reset by peer
[  354.470692][  T435] vhci_hcd: stop threads
[  354.488294][ T5253] Bluetooth: hci8: command 0x041b tx timeout
[  354.502005][ T9244] netlink: 'syz.0.776': attribute type 5 has an invalid length.
[  354.512912][ T9199] JBD2: Ignoring recovery information on journal
[  354.544116][  T435] vhci_hcd: release socket
[  354.556827][  T435] vhci_hcd: disconnect device
[  354.574549][ T9244] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  354.761269][ T9199] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  354.850571][ T9252] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  355.163486][ T9250] OCFS2: ERROR (device loop3): int ocfs2_claim_suballoc_bits(struct ocfs2_alloc_context *, handle_t *, u32, u32, struct ocfs2_suballoc_result *): Chain allocator dinode 23 has 4294967295 used bits but only 16777215 total
[  355.483759][ T9250] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  355.494203][ T9250] OCFS2: Returning error to the calling process.
[  355.500551][ T9250] (syz.3.764,9250,0):ocfs2_claim_suballoc_bits:2038 ERROR: status = -5
[  355.513827][ T9250] (syz.3.764,9250,0):__ocfs2_claim_clusters:2412 ERROR: status = -5
[  355.527168][ T9250] (syz.3.764,9250,0):__ocfs2_claim_clusters:2420 ERROR: status = -5
[  355.538720][ T9250] (syz.3.764,9250,0):ocfs2_local_alloc_new_window:1216 ERROR: status = -5
[  355.564969][ T9239] kexec: Could not allocate control_code_buffer
[  355.631910][ T9250] (syz.3.764,9250,1):ocfs2_local_alloc_new_window:1241 ERROR: status = -5
[  355.678466][ T9250] (syz.3.764,9250,1):ocfs2_local_alloc_slide_window:1315 ERROR: status = -5
[  355.711843][ T9250] (syz.3.764,9250,1):ocfs2_local_alloc_slide_window:1334 ERROR: status = -5
[  355.720792][ T9250] (syz.3.764,9250,1):ocfs2_reserve_local_alloc_bits:672 ERROR: status = -5
[  355.780211][ T9250] (syz.3.764,9250,0):ocfs2_reserve_local_alloc_bits:710 ERROR: status = -5
[  355.789242][ T9250] (syz.3.764,9250,0):ocfs2_reserve_clusters_with_limit:1170 ERROR: status = -5
[  355.799270][ T9250] (syz.3.764,9250,0):ocfs2_reserve_clusters_with_limit:1219 ERROR: status = -5
[  355.810267][ T9250] (syz.3.764,9250,0):ocfs2_lock_allocators:2749 ERROR: status = -5
[  355.818751][ T9250] (syz.3.764,9250,0):ocfs2_write_begin_nolock:1742 ERROR: status = -5
[  355.827337][ T9250] (syz.3.764,9250,0):__ocfs2_page_mkwrite:97 ERROR: status = -5
[  356.245153][ T6114] ocfs2: Unmounting device (7,3) on (node local)
[  356.455614][ T9274] netlink: 'syz.2.786': attribute type 10 has an invalid length.
[  356.602618][ T9274] syz_tun: entered promiscuous mode
[  356.626479][ T9274] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  356.821780][   T29] audit: type=1326 audit(1728483772.752:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9275 comm="syz.3.787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf4837dff9 code=0x7ffc0000
[  356.858847][   T29] audit: type=1326 audit(1728483772.752:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9275 comm="syz.3.787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf4837dff9 code=0x7ffc0000
[  356.895403][ T9263] loop4: detected capacity change from 0 to 32768
[  356.911109][ T9263] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.783 (9263)
[  356.913596][ T9260] loop0: detected capacity change from 0 to 32768
[  356.955103][ T9263] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  356.963867][   T29] audit: type=1326 audit(1728483772.762:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9275 comm="syz.3.787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7fcf4837dff9 code=0x7ffc0000
[  356.972259][ T9263] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  357.006630][ T9260] BTRFS: device /dev/loop0 (7:0) using temp-fsid 7bb7547b-76f7-4695-8911-8010fd433b94
[  357.027053][ T9263] BTRFS info (device loop4): using free-space-tree
[  357.036326][   T29] audit: type=1326 audit(1728483772.762:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9275 comm="syz.3.787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf4837dff9 code=0x7ffc0000
[  357.065281][ T9260] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.781 (9260)
[  357.083647][   T29] audit: type=1326 audit(1728483772.762:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9275 comm="syz.3.787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf4837dff9 code=0x7ffc0000
[  357.139171][   T29] audit: type=1326 audit(1728483772.762:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9275 comm="syz.3.787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7fcf4837dff9 code=0x7ffc0000
[  357.314175][   T29] audit: type=1326 audit(1728483772.762:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9275 comm="syz.3.787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf4837dff9 code=0x7ffc0000
[  357.468448][ T9260] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  357.561671][   T29] audit: type=1326 audit(1728483772.762:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9275 comm="syz.3.787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=29 compat=0 ip=0x7fcf4837dff9 code=0x7ffc0000
[  357.615128][ T9260] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  357.676078][   T29] audit: type=1326 audit(1728483772.762:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9275 comm="syz.3.787" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf4837dff9 code=0x7ffc0000
[  357.706049][ T9260] BTRFS info (device loop0): using free-space-tree
[  358.248666][ T9300] kexec: Could not allocate control_code_buffer
[  358.563851][ T9260] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR
[  358.565633][ T9260] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR
[  358.654974][ T9260] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[  358.693780][ T6464] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  358.724016][ T5289] usb 14-1: device descriptor read/8, error -110
[  358.937263][ T9260] BTRFS error (device loop0): open_ctree failed
[  359.142557][ T5289] usb usb14-port1: attempt power cycle
[  359.292900][ T9351] input: syz1 as /devices/virtual/input/input10
[  360.184519][ T5289] usb usb14-port1: unable to enumerate USB device
[  360.738303][ T9372] netlink: 'syz.1.809': attribute type 16 has an invalid length.
[  360.746433][ T9372] netlink: 'syz.1.809': attribute type 3 has an invalid length.
[  360.754909][ T9372] netlink: 64066 bytes leftover after parsing attributes in process `syz.1.809'.
[  360.952833][ T5253] Bluetooth: hci5: ACL packet for unknown connection handle 200
[  363.123784][ T9410] tmpfs: Bad value for 'grpquota_inode_hardlimit'
[  364.618561][ T9430] netlink: 28 bytes leftover after parsing attributes in process `syz.3.827'.
[  364.644654][ T9430] random: crng reseeded on system resumption
[  366.021691][ T5328] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  366.174708][ T5328] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  366.187754][ T5328] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  366.200481][ T5328] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  366.214475][ T5328] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  366.224127][ T5328] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  366.239376][ T5328] usb 2-1: config 0 descriptor??
[  366.480676][   T54] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[  366.488440][   T54] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[  366.504725][   T54] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[  366.512965][   T54] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[  366.520575][   T54] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3
[  366.528426][   T54] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[  366.661022][ T5328] usbhid 2-1:0.0: can't add hid device: -71
[  366.667348][ T5328] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  366.731733][ T5328] usb 2-1: USB disconnect, device number 9
[  366.943431][ T9465] chnl_net:caif_netlink_parms(): no params data found
[  367.034741][ T9465] bridge0: port 1(bridge_slave_0) entered blocking state
[  367.042359][ T9465] bridge0: port 1(bridge_slave_0) entered disabled state
[  367.058000][ T9465] bridge_slave_0: entered allmulticast mode
[  367.069286][ T9465] bridge_slave_0: entered promiscuous mode
[  367.087064][ T9465] bridge0: port 2(bridge_slave_1) entered blocking state
[  367.113579][ T9465] bridge0: port 2(bridge_slave_1) entered disabled state
[  367.121010][ T9465] bridge_slave_1: entered allmulticast mode
[  367.128768][ T9465] bridge_slave_1: entered promiscuous mode
[  367.200523][ T9465] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  367.228292][ T9465] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  367.297702][ T9465] team0: Port device team_slave_0 added
[  367.308038][ T9465] team0: Port device team_slave_1 added
[  367.336899][ T9465] batman_adv: batadv0: Adding interface: batadv_slave_0
[  367.344069][ T9465] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  367.370434][ T9465] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  367.385810][ T9465] batman_adv: batadv0: Adding interface: batadv_slave_1
[  367.393393][ T9465] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  367.422413][ T9465] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  367.853244][ T9465] hsr_slave_0: entered promiscuous mode
[  367.963545][ T9465] hsr_slave_1: entered promiscuous mode
[  367.969781][ T9465] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  367.977579][ T9465] Cannot create hsr debugfs directory
[  368.566023][ T5253] Bluetooth: hci9: command tx timeout
[  368.718229][ T9465] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  368.787192][ T9465] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  368.844018][ T9465] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  368.999939][ T9465] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  369.055311][ T9543] netlink: 12 bytes leftover after parsing attributes in process `syz.3.857'.
[  369.117904][ T9465] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  369.127702][ T9465] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  369.150580][ T9465] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  369.171722][ T9465] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  369.197874][ T9545] netlink: 128 bytes leftover after parsing attributes in process `syz.1.859'.
[  369.343277][ T9465] 8021q: adding VLAN 0 to HW filter on device bond0
[  369.372247][ T9465] 8021q: adding VLAN 0 to HW filter on device team0
[  369.407724][  T435] bridge0: port 1(bridge_slave_0) entered blocking state
[  369.414892][  T435] bridge0: port 1(bridge_slave_0) entered forwarding state
[  369.429940][  T435] bridge0: port 2(bridge_slave_1) entered blocking state
[  369.437131][  T435] bridge0: port 2(bridge_slave_1) entered forwarding state
[  369.446879][ T5289] libceph: connect (1)[c::]:6789 error -101
[  369.458802][ T5289] libceph: mon0 (1)[c::]:6789 connect error
[  369.708757][ T9547] ceph: No mds server is up or the cluster is laggy
[  369.722258][ T5289] libceph: connect (1)[c::]:6789 error -101
[  369.728319][ T5289] libceph: mon0 (1)[c::]:6789 connect error
[  369.851009][ T9465] 8021q: adding VLAN 0 to HW filter on device batadv0
[  369.941452][ T9465] veth0_vlan: entered promiscuous mode
[  369.970934][ T9465] veth1_vlan: entered promiscuous mode
[  370.033378][ T9465] veth0_macvtap: entered promiscuous mode
[  370.055316][ T9465] veth1_macvtap: entered promiscuous mode
[  370.103761][ T9465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  370.122587][ T9465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  370.141701][ T9465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  370.168208][ T9465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  370.184647][ T9465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  370.207091][ T9465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  370.233324][ T9465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  370.261684][ T9465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  370.281694][ T9465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  370.306129][ T9465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  370.316052][ T9465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  370.327163][ T9465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  370.337731][ T9465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  370.348421][ T9465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  370.371635][ T9465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  370.401636][ T9465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  370.412864][ T9465] batman_adv: batadv0: Interface activated: batadv_slave_0
[  370.452875][ T9465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  370.471835][ T9465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  370.482342][ T9465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  370.493759][ T9465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  370.504524][ T9465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  370.515171][ T9465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  370.525250][ T9465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  370.535867][ T9465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  370.546072][ T9465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  370.556746][ T9465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  370.566916][ T9465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  370.577520][ T9465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  370.587420][ T9465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  370.598720][ T9465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  370.609168][ T9465] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  370.619641][ T9465] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  370.630948][ T9465] batman_adv: batadv0: Interface activated: batadv_slave_1
[  370.645284][   T54] Bluetooth: hci9: command tx timeout
[  370.663773][ T9465] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  370.672600][ T9465] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  370.681373][ T9465] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  370.690335][ T9465] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  370.790797][ T9582] overlayfs: failed to resolve './file1': -2
[  370.810706][   T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  370.811360][ T9565] loop3: detected capacity change from 0 to 32768
[  370.829173][   T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  370.871051][ T6499] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  370.913568][ T6499] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  370.950703][ T9565] sysfs: cannot create duplicate filename '/fs/gfs2/syz:syz'
[  370.959371][ T9565] CPU: 0 UID: 0 PID: 9565 Comm: syz.3.864 Not tainted 6.12.0-rc2-next-20241008-syzkaller #0
[  370.963625][ T9590] netlink: 40 bytes leftover after parsing attributes in process `syz.1.874'.
[  370.969465][ T9565] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  370.988448][ T9565] Call Trace:
[  370.991761][ T9565]  <TASK>
[  370.994714][ T9565]  dump_stack_lvl+0x241/0x360
[  370.999434][ T9565]  ? __pfx_dump_stack_lvl+0x10/0x10
[  371.004674][ T9565]  ? __pfx__printk+0x10/0x10
[  371.009278][ T9565]  ? __kmalloc_cache_noprof+0x243/0x390
[  371.014842][ T9565]  ? sysfs_create_dir_ns+0x28a/0x3a0
[  371.020177][ T9565]  sysfs_create_dir_ns+0x2ce/0x3a0
[  371.025302][ T9565]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  371.030955][ T9565]  kobject_add_internal+0x435/0x8d0
[  371.036169][ T9565]  kobject_init_and_add+0x124/0x190
[  371.041487][ T9565]  ? __pfx_lockdep_init_map_type+0x10/0x10
[  371.047312][ T9565]  ? __pfx_kobject_init_and_add+0x10/0x10
[  371.053047][ T9565]  ? __init_swait_queue_head+0xae/0x150
[  371.058609][ T9565]  gfs2_sys_fs_add+0x23b/0x4a0
[  371.063388][ T9565]  ? __pfx_gfs2_sys_fs_add+0x10/0x10
[  371.068692][ T9565]  ? __pfx_alloc_workqueue+0x10/0x10
[  371.073988][ T9565]  ? read_word_at_a_time+0xe/0x20
[  371.079023][ T9565]  ? sized_strscpy+0x8d/0x220
[  371.083715][ T9565]  gfs2_fill_super+0x11ee/0x24d0
[  371.088669][ T9565]  ? __pfx_gfs2_fill_super+0x10/0x10
[  371.093971][ T9565]  ? snprintf+0xda/0x120
[  371.098224][ T9565]  ? __pfx_lock_release+0x10/0x10
[  371.103273][ T9565]  ? do_raw_spin_lock+0x14f/0x370
[  371.108312][ T9565]  ? __pfx_snprintf+0x10/0x10
[  371.113024][ T9565]  ? sb_set_blocksize+0x98/0xf0
[  371.117881][ T9565]  ? setup_bdev_super+0x4e6/0x5d0
[  371.122914][ T9565]  get_tree_bdev+0x3f7/0x570
[  371.127515][ T9565]  ? __pfx_gfs2_fill_super+0x10/0x10
[  371.132806][ T9565]  ? __pfx_get_tree_bdev+0x10/0x10
[  371.137933][ T9565]  gfs2_get_tree+0x54/0x220
[  371.142455][ T9565]  vfs_get_tree+0x90/0x2b0
[  371.146885][ T9565]  do_new_mount+0x2be/0xb40
[  371.151402][ T9565]  ? __pfx_do_new_mount+0x10/0x10
[  371.156443][ T9565]  __se_sys_mount+0x2d6/0x3c0
[  371.161139][ T9565]  ? __pfx___se_sys_mount+0x10/0x10
[  371.166359][ T9565]  ? rcu_is_watching+0x15/0xb0
[  371.171134][ T9565]  ? __x64_sys_mount+0x20/0xc0
[  371.175913][ T9565]  do_syscall_64+0xf3/0x230
[  371.180425][ T9565]  ? clear_bhb_loop+0x35/0x90
[  371.185117][ T9565]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  371.191021][ T9565] RIP: 0033:0x7fcf4837f79a
[  371.195435][ T9565] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  371.215065][ T9565] RSP: 002b:00007fcf49232e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  371.223494][ T9565] RAX: ffffffffffffffda RBX: 00007fcf49232ef0 RCX: 00007fcf4837f79a
[  371.231472][ T9565] RDX: 0000000020000100 RSI: 0000000020037f80 RDI: 00007fcf49232eb0
[  371.239448][ T9565] RBP: 0000000020000100 R08: 00007fcf49232ef0 R09: 0000000000000000
[  371.247443][ T9565] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000020037f80
[  371.255417][ T9565] R13: 00007fcf49232eb0 R14: 0000000000037f14 R15: 0000000020000400
[  371.263403][ T9565]  </TASK>
[  371.269587][ T9565] kobject: kobject_add_internal failed for syz:syz with -EEXIST, don't try to register things with the same name in the same directory.
[  371.296042][ T9565] gfs2: fsid=syz:syz: error -17 adding sysfs files
[  372.090938][ T9614] block device autoloading is deprecated and will be removed.
[  372.725720][   T54] Bluetooth: hci9: command tx timeout
[  372.768866][ T9644] netlink: 'syz.4.896': attribute type 2 has an invalid length.
[  372.809449][ T9639] netlink: 8 bytes leftover after parsing attributes in process `syz.2.894'.
[  373.016037][ T9633] loop3: detected capacity change from 0 to 32768
[  373.039702][ T9633] sysfs: cannot create duplicate filename '/fs/gfs2/syz:syz'
[  373.064390][ T9633] CPU: 1 UID: 0 PID: 9633 Comm: syz.3.890 Not tainted 6.12.0-rc2-next-20241008-syzkaller #0
[  373.074523][ T9633] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  373.084615][ T9633] Call Trace:
[  373.087924][ T9633]  <TASK>
[  373.090899][ T9633]  dump_stack_lvl+0x241/0x360
[  373.095589][ T9633]  ? __pfx_dump_stack_lvl+0x10/0x10
[  373.100788][ T9633]  ? __pfx__printk+0x10/0x10
[  373.105382][ T9633]  ? __kmalloc_cache_noprof+0x243/0x390
[  373.110938][ T9633]  ? sysfs_create_dir_ns+0x28a/0x3a0
[  373.116249][ T9633]  sysfs_create_dir_ns+0x2ce/0x3a0
[  373.121369][ T9633]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  373.127014][ T9633]  kobject_add_internal+0x435/0x8d0
[  373.132396][ T9633]  kobject_init_and_add+0x124/0x190
[  373.137598][ T9633]  ? __pfx_lockdep_init_map_type+0x10/0x10
[  373.143454][ T9633]  ? __pfx_kobject_init_and_add+0x10/0x10
[  373.149269][ T9633]  ? __init_swait_queue_head+0xae/0x150
[  373.154841][ T9633]  gfs2_sys_fs_add+0x23b/0x4a0
[  373.159710][ T9633]  ? __pfx_gfs2_sys_fs_add+0x10/0x10
[  373.165266][ T9633]  ? __pfx_alloc_workqueue+0x10/0x10
[  373.170550][ T9633]  ? read_word_at_a_time+0xe/0x20
[  373.175660][ T9633]  ? sized_strscpy+0x8d/0x220
[  373.180336][ T9633]  gfs2_fill_super+0x11ee/0x24d0
[  373.185368][ T9633]  ? __pfx_gfs2_fill_super+0x10/0x10
[  373.190646][ T9633]  ? snprintf+0xda/0x120
[  373.194890][ T9633]  ? __pfx_lock_release+0x10/0x10
[  373.199908][ T9633]  ? do_raw_spin_lock+0x14f/0x370
[  373.204960][ T9633]  ? __pfx_snprintf+0x10/0x10
[  373.209738][ T9633]  ? sb_set_blocksize+0x98/0xf0
[  373.214585][ T9633]  ? setup_bdev_super+0x4e6/0x5d0
[  373.219693][ T9633]  get_tree_bdev+0x3f7/0x570
[  373.224304][ T9633]  ? __pfx_gfs2_fill_super+0x10/0x10
[  373.229850][ T9633]  ? __pfx_get_tree_bdev+0x10/0x10
[  373.234970][ T9633]  gfs2_get_tree+0x54/0x220
[  373.239731][ T9633]  vfs_get_tree+0x90/0x2b0
[  373.244155][ T9633]  do_new_mount+0x2be/0xb40
[  373.248663][ T9633]  ? __pfx_do_new_mount+0x10/0x10
[  373.253690][ T9633]  __se_sys_mount+0x2d6/0x3c0
[  373.258395][ T9633]  ? __pfx___se_sys_mount+0x10/0x10
[  373.263611][ T9633]  ? rcu_is_watching+0x15/0xb0
[  373.268381][ T9633]  ? __x64_sys_mount+0x20/0xc0
[  373.273156][ T9633]  do_syscall_64+0xf3/0x230
[  373.277842][ T9633]  ? clear_bhb_loop+0x35/0x90
[  373.282528][ T9633]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  373.288418][ T9633] RIP: 0033:0x7fcf4837f79a
[  373.292830][ T9633] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  373.312438][ T9633] RSP: 002b:00007fcf49232e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  373.320934][ T9633] RAX: ffffffffffffffda RBX: 00007fcf49232ef0 RCX: 00007fcf4837f79a
[  373.328907][ T9633] RDX: 0000000020000100 RSI: 0000000020037f80 RDI: 00007fcf49232eb0
[  373.336963][ T9633] RBP: 0000000020000100 R08: 00007fcf49232ef0 R09: 0000000000000000
[  373.344933][ T9633] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000020037f80
[  373.353017][ T9633] R13: 00007fcf49232eb0 R14: 0000000000037f14 R15: 0000000020000400
[  373.360998][ T9633]  </TASK>
[  373.364150][    C1] vkms_vblank_simulate: vblank timer overrun
[  373.382854][ T9633] kobject: kobject_add_internal failed for syz:syz with -EEXIST, don't try to register things with the same name in the same directory.
[  373.835963][ T9633] gfs2: fsid=syz:syz: error -17 adding sysfs files
[  374.091038][ T9675] netlink: 134744 bytes leftover after parsing attributes in process `syz.1.908'.
[  374.537295][ T9694] fuse: Bad value for 'fd'
[  374.802352][   T54] Bluetooth: hci9: command tx timeout
[  374.987683][ T1033] block nbd2: Possible stuck request ffff888025770000: control (read@0,4096B). Runtime 90 seconds
[  375.665049][ T9729] fuse: Bad value for 'fd'
[  375.841084][ T9708] loop4: detected capacity change from 0 to 32768
[  375.957003][ T9708] sysfs: cannot create duplicate filename '/fs/gfs2/syz:syz'
[  375.964965][ T9708] CPU: 1 UID: 0 PID: 9708 Comm: syz.4.919 Not tainted 6.12.0-rc2-next-20241008-syzkaller #0
[  375.975172][ T9708] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  375.985345][ T9708] Call Trace:
[  375.988655][ T9708]  <TASK>
[  375.991607][ T9708]  dump_stack_lvl+0x241/0x360
[  375.996328][ T9708]  ? __pfx_dump_stack_lvl+0x10/0x10
[  376.001562][ T9708]  ? __pfx__printk+0x10/0x10
[  376.006187][ T9708]  ? __kmalloc_cache_noprof+0x243/0x390
[  376.011775][ T9708]  ? sysfs_create_dir_ns+0x28a/0x3a0
[  376.017096][ T9708]  sysfs_create_dir_ns+0x2ce/0x3a0
[  376.022247][ T9708]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  376.027921][ T9708]  kobject_add_internal+0x435/0x8d0
[  376.033169][ T9708]  kobject_init_and_add+0x124/0x190
[  376.038409][ T9708]  ? __pfx_lockdep_init_map_type+0x10/0x10
[  376.044268][ T9708]  ? __pfx_kobject_init_and_add+0x10/0x10
[  376.050027][ T9708]  ? __init_swait_queue_head+0xae/0x150
[  376.055635][ T9708]  gfs2_sys_fs_add+0x23b/0x4a0
[  376.060453][ T9708]  ? __pfx_gfs2_sys_fs_add+0x10/0x10
[  376.065785][ T9708]  ? __pfx_alloc_workqueue+0x10/0x10
[  376.071148][ T9708]  ? read_word_at_a_time+0xe/0x20
[  376.076211][ T9708]  ? sized_strscpy+0x8d/0x220
[  376.080926][ T9708]  gfs2_fill_super+0x11ee/0x24d0
[  376.085910][ T9708]  ? __pfx_gfs2_fill_super+0x10/0x10
[  376.091225][ T9708]  ? snprintf+0xda/0x120
[  376.095507][ T9708]  ? __pfx_lock_release+0x10/0x10
[  376.100566][ T9708]  ? do_raw_spin_lock+0x14f/0x370
[  376.105664][ T9708]  ? __pfx_snprintf+0x10/0x10
[  376.110386][ T9708]  ? sb_set_blocksize+0x98/0xf0
[  376.115279][ T9708]  ? setup_bdev_super+0x4e6/0x5d0
[  376.120345][ T9708]  get_tree_bdev+0x3f7/0x570
[  376.124980][ T9708]  ? __pfx_gfs2_fill_super+0x10/0x10
[  376.130303][ T9708]  ? __pfx_get_tree_bdev+0x10/0x10
[  376.135462][ T9708]  gfs2_get_tree+0x54/0x220
[  376.140000][ T9708]  vfs_get_tree+0x90/0x2b0
[  376.144436][ T9708]  do_new_mount+0x2be/0xb40
[  376.148962][ T9708]  ? __pfx_do_new_mount+0x10/0x10
[  376.154009][ T9708]  __se_sys_mount+0x2d6/0x3c0
[  376.158705][ T9708]  ? __pfx___se_sys_mount+0x10/0x10
[  376.163918][ T9708]  ? rcu_is_watching+0x15/0xb0
[  376.168690][ T9708]  ? __x64_sys_mount+0x20/0xc0
[  376.173468][ T9708]  do_syscall_64+0xf3/0x230
[  376.177984][ T9708]  ? clear_bhb_loop+0x35/0x90
[  376.182677][ T9708]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  376.188577][ T9708] RIP: 0033:0x7f9a7637f79a
[  376.193009][ T9708] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  376.212724][ T9708] RSP: 002b:00007f9a77103e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  376.221148][ T9708] RAX: ffffffffffffffda RBX: 00007f9a77103ef0 RCX: 00007f9a7637f79a
[  376.229128][ T9708] RDX: 0000000020000100 RSI: 0000000020037f80 RDI: 00007f9a77103eb0
[  376.237139][ T9708] RBP: 0000000020000100 R08: 00007f9a77103ef0 R09: 0000000000000000
[  376.245118][ T9708] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000020037f80
[  376.253096][ T9708] R13: 00007f9a77103eb0 R14: 0000000000037f14 R15: 0000000020000400
[  376.261099][ T9708]  </TASK>
[  376.264285][    C1] vkms_vblank_simulate: vblank timer overrun
[  376.862181][ T9708] kobject: kobject_add_internal failed for syz:syz with -EEXIST, don't try to register things with the same name in the same directory.
[  376.917388][ T9708] gfs2: fsid=syz:syz: error -17 adding sysfs files
[  377.285705][ T9754] No buffer was provided with the request
[  377.735963][ T9767] fuse: Bad value for 'fd'
[  378.044542][ T9773] xt_connbytes: Forcing CT accounting to be enabled
[  378.051676][ T9773] Cannot find add_set index 0 as target
[  378.202038][   T29] audit: type=1326 audit(1728483794.142:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9774 comm="syz.1.944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa23417dff9 code=0x7ffc0000
[  378.271713][   T29] audit: type=1326 audit(1728483794.142:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9774 comm="syz.1.944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=105 compat=0 ip=0x7fa23417dff9 code=0x7ffc0000
[  378.309655][   T29] audit: type=1326 audit(1728483794.142:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9774 comm="syz.1.944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa23417dff9 code=0x7ffc0000
[  378.337485][   T29] audit: type=1326 audit(1728483794.142:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9774 comm="syz.1.944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa23417dff9 code=0x7ffc0000
[  378.365586][   T29] audit: type=1326 audit(1728483794.282:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9776 comm="syz.4.946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a7637dff9 code=0x7ffc0000
[  378.422236][   T29] audit: type=1326 audit(1728483794.282:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9776 comm="syz.4.946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a7637dff9 code=0x7ffc0000
[  378.445936][   T29] audit: type=1326 audit(1728483794.312:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9776 comm="syz.4.946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f9a7637dff9 code=0x7ffc0000
[  378.484307][   T29] audit: type=1326 audit(1728483794.312:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9776 comm="syz.4.946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a7637dff9 code=0x7ffc0000
[  378.522947][   T29] audit: type=1326 audit(1728483794.312:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9776 comm="syz.4.946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a7637dff9 code=0x7ffc0000
[  378.522992][   T29] audit: type=1326 audit(1728483794.332:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9776 comm="syz.4.946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=444 compat=0 ip=0x7f9a7637dff9 code=0x7ffc0000
[  378.641855][ T5289] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  378.678626][ T9763] loop0: detected capacity change from 0 to 32768
[  378.679188][ T9763] XFS: noikeep mount option is deprecated.
[  378.679216][ T9763] XFS: noikeep mount option is deprecated.
[  378.714673][ T9791] wireguard0: entered promiscuous mode
[  378.718272][ T9791] wireguard0: entered allmulticast mode
[  378.722893][ T9763] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  378.809858][ T1266] ieee802154 phy0 wpan0: encryption failed: -22
[  378.816394][ T1266] ieee802154 phy1 wpan1: encryption failed: -22
[  378.826305][ T5289] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  378.896606][ T5289] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  379.050585][ T5289] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  379.063892][ T5289] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  379.073078][ T5289] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  379.185682][ T5289] usb 4-1: config 0 descriptor??
[  379.219364][ T9763] XFS (loop0): Ending clean mount
[  379.231410][ T9763] XFS (loop0): Quotacheck needed: Please wait.
[  379.247828][ T9763] XFS (loop0): Quotacheck: Done.
[  379.261264][ T9763] netlink: 'syz.0.941': attribute type 9 has an invalid length.
[  379.269536][ T9763] netlink: 134672 bytes leftover after parsing attributes in process `syz.0.941'.
[  379.282211][ T9763] openvswitch: netlink: Key 2 has unexpected len 20 expected 4
[  379.319390][ T7167] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  379.504750][ T9818] xt_connbytes: Forcing CT accounting to be enabled
[  379.513966][ T9818] Cannot find add_set index 0 as target
[  379.750061][ T5289] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  379.759400][ T5289] plantronics 0003:047F:FFFF.0007: No inputs registered, leaving
[  379.788547][ T5289] plantronics 0003:047F:FFFF.0007: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  380.074180][ T9830] overlay: Unknown parameter ':#�'
[  380.271668][ T5289] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  380.421845][ T5289] usb 2-1: device descriptor read/64, error -71
[  380.487881][ T9840] netlink: 'syz.0.963': attribute type 16 has an invalid length.
[  380.509396][ T9840] netlink: 'syz.0.963': attribute type 17 has an invalid length.
[  380.638072][ T9840] bridge0: port 2(bridge_slave_1) entered disabled state
[  380.645538][ T9840] bridge0: port 1(bridge_slave_0) entered disabled state
[  380.692876][ T5289] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  380.725651][ T9840] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  380.749604][ T9840] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  380.810269][ T9840] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  380.819599][ T9840] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  380.829029][ T9840] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  380.839285][ T9840] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  380.840981][ T5289] usb 2-1: device descriptor read/64, error -71
[  380.967410][ T5289] usb usb2-port1: attempt power cycle
[  381.371716][ T5289] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  381.392264][ T5289] usb 2-1: device descriptor read/8, error -71
[  381.646823][ T5289] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  381.689975][ T5289] usb 2-1: device descriptor read/8, error -71
[  381.811921][ T5289] usb usb2-port1: unable to enumerate USB device
[  381.866402][ T9853] loop0: detected capacity change from 0 to 32768
[  381.882783][ T9853] XFS: noikeep mount option is deprecated.
[  381.888668][ T9853] XFS: noikeep mount option is deprecated.
[  381.912814][ T9853] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  381.967273][ T9853] XFS (loop0): Ending clean mount
[  381.975201][ T9853] XFS (loop0): Quotacheck needed: Please wait.
[  381.992926][ T9853] XFS (loop0): Quotacheck: Done.
[  382.008671][ T9853] netlink: 'syz.0.967': attribute type 9 has an invalid length.
[  382.017820][ T9853] netlink: 134672 bytes leftover after parsing attributes in process `syz.0.967'.
[  382.030771][ T9853] openvswitch: netlink: Key 2 has unexpected len 20 expected 4
[  382.078140][ T7167] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  382.202466][ T5287] usb 4-1: USB disconnect, device number 7
[  382.218644][ T9879] overlay: Unknown parameter ':#�'
[  382.961678][ T3453] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  383.181885][ T3453] usb 1-1: Using ep0 maxpacket: 8
[  383.205623][ T3453] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  383.241243][ T3453] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2
[  383.250354][ T3453] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  383.261724][ T3453] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  383.273585][ T3453] usb 1-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  383.285858][ T3453] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  383.302243][ T3453] hub 1-1:1.0: bad descriptor, ignoring hub
[  383.308264][ T3453] hub 1-1:1.0: probe with driver hub failed with error -5
[  383.315852][ T3453] cdc_wdm 1-1:1.0: skipping garbage
[  383.321124][ T3453] cdc_wdm 1-1:1.0: skipping garbage
[  383.338753][ T3453] cdc_wdm 1-1:1.0: cdc-wdm0: USB WDM device
[  383.344964][ T3453] cdc_wdm 1-1:1.0: Unknown control protocol
[  383.523096][ T9908] overlay: Unknown parameter ':#�'
[  383.558287][ T9891] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  383.579447][ T9891] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  383.876694][ T9904] loop3: detected capacity change from 0 to 32768
[  383.899932][ T9904] XFS: noikeep mount option is deprecated.
[  383.906788][ T9904] XFS: noikeep mount option is deprecated.
[  384.060535][ T9904] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  384.168137][ T9904] XFS (loop3): Ending clean mount
[  384.179302][ T9904] XFS (loop3): Quotacheck needed: Please wait.
[  384.196197][ T9904] XFS (loop3): Quotacheck: Done.
[  384.230379][ T9904] netlink: 'syz.3.982': attribute type 9 has an invalid length.
[  384.260053][ T9904] netlink: 134672 bytes leftover after parsing attributes in process `syz.3.982'.
[  384.275309][ T9904] openvswitch: netlink: Key 2 has unexpected len 20 expected 4
[  384.339651][ T6114] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  384.684562][   T54] Bluetooth: hci3: SCO packet for unknown connection handle 200
[  384.685215][   T54] Bluetooth: hci3: SCO packet for unknown connection handle 0
[  384.695116][   T54] Bluetooth: hci3: SCO packet for unknown connection handle 1039
[  384.882106][   T46] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  385.032004][   T46] usb 4-1: device descriptor read/64, error -71
[  385.272141][   T46] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  385.411880][   T46] usb 4-1: device descriptor read/64, error -71
[  385.525890][ T3453] usb 1-1: USB disconnect, device number 8
[  385.598395][   T46] usb usb4-port1: attempt power cycle
[  385.951622][   T46] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  385.972127][   T46] usb 4-1: device descriptor read/8, error -71
[  386.211636][   T46] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  386.232142][   T46] usb 4-1: device descriptor read/8, error -71
[  386.321804][ T3453] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  386.341868][   T46] usb usb4-port1: unable to enumerate USB device
[  386.473006][ T3453] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  386.501598][ T3453] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  386.522475][ T3453] usb 5-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  386.542391][ T3453] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  386.581467][ T3453] usb 5-1: config 0 descriptor??
[  386.694610][T10013] netlink: 'syz.1.1001': attribute type 9 has an invalid length.
[  386.702913][T10013] netlink: 134672 bytes leftover after parsing attributes in process `syz.1.1001'.
[  386.713114][T10013] openvswitch: netlink: Key 2 has unexpected len 20 expected 4
[  387.069645][ T3453] cm6533_jd 0003:0D8C:0022.0008: unknown main item tag 0x0
[  387.077462][ T3453] cm6533_jd 0003:0D8C:0022.0008: unknown main item tag 0x0
[  387.093836][ T3453] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:0D8C:0022.0008/input/input11
[  387.146230][ T3453] cm6533_jd 0003:0D8C:0022.0008: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.4-1/input0
[  388.362202][ T5328] usb 5-1: reset high-speed USB device number 9 using dummy_hcd
[  388.941826][ T3453] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  389.061645][ T6010] gfs2: fsid=syz:syz.0: 2 glocks left after 61 seconds; still waiting
[  389.151656][ T3453] usb 1-1: config 0 has no interfaces?
[  389.157239][ T3453] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  389.191595][ T3453] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  389.242309][ T3453] usb 1-1: config 0 descriptor??
[  389.276335][ T5253] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1
[  389.283872][ T5253] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9
[  389.291266][ T5253] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9
[  389.292080][  T937] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  389.312557][ T5253] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4
[  389.320472][ T5253] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3
[  389.328087][ T5253] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2
[  389.441779][  T937] usb 4-1: device descriptor read/64, error -71
[  389.490371][ T5289] usb 1-1: USB disconnect, device number 9
[  389.570819][T10112] chnl_net:caif_netlink_parms(): no params data found
[  389.681474][T10112] bridge0: port 1(bridge_slave_0) entered blocking state
[  389.689950][T10112] bridge0: port 1(bridge_slave_0) entered disabled state
[  389.698447][T10112] bridge_slave_0: entered allmulticast mode
[  389.704896][  T937] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  389.706938][T10112] bridge_slave_0: entered promiscuous mode
[  389.720517][T10112] bridge0: port 2(bridge_slave_1) entered blocking state
[  389.727724][T10112] bridge0: port 2(bridge_slave_1) entered disabled state
[  389.736690][T10112] bridge_slave_1: entered allmulticast mode
[  389.745319][T10112] bridge_slave_1: entered promiscuous mode
[  389.767824][T10112] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  389.779872][T10112] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  389.807781][T10112] team0: Port device team_slave_0 added
[  389.816267][T10112] team0: Port device team_slave_1 added
[  389.836180][T10112] batman_adv: batadv0: Adding interface: batadv_slave_0
[  389.843319][  T937] usb 4-1: device descriptor read/64, error -71
[  389.843331][T10112] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  389.887084][T10112] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  389.900305][T10112] batman_adv: batadv0: Adding interface: batadv_slave_1
[  389.911887][T10112] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  389.943680][T10112] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  389.982239][T10112] hsr_slave_0: entered promiscuous mode
[  389.989009][T10112] hsr_slave_1: entered promiscuous mode
[  389.991880][  T937] usb usb4-port1: attempt power cycle
[  390.000834][T10112] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  390.008881][T10112] Cannot create hsr debugfs directory
[  390.130593][T10141] input: syz1 as /devices/virtual/input/input12
[  390.162580][    T9] usb 5-1: USB disconnect, device number 9
[  390.371774][T10144] --map-set only usable from mangle table
[  390.390928][T10112] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  390.392709][  T937] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  390.492146][  T937] usb 4-1: device descriptor read/8, error -71
[  390.736622][T10112] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  390.763699][  T937] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  390.806837][  T937] usb 4-1: device descriptor read/8, error -71
[  390.905555][T10112] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  391.016663][  T937] usb usb4-port1: unable to enumerate USB device
[  391.203884][T10112] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  391.247194][T10163] Cannot find add_set index 0 as target
[  391.475393][   T54] Bluetooth: hci10: command tx timeout
[  391.528445][T10112] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  391.537833][T10112] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  391.551288][T10112] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  391.562204][T10112] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  391.638162][T10112] 8021q: adding VLAN 0 to HW filter on device bond0
[  391.656333][T10112] 8021q: adding VLAN 0 to HW filter on device team0
[  391.674929][   T52] bridge0: port 1(bridge_slave_0) entered blocking state
[  391.682082][   T52] bridge0: port 1(bridge_slave_0) entered forwarding state
[  391.690322][   T46] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  391.749439][T10167] veth1_to_bridge: entered promiscuous mode
[  391.767633][  T435] bridge0: port 2(bridge_slave_1) entered blocking state
[  391.774832][  T435] bridge0: port 2(bridge_slave_1) entered forwarding state
[  391.788298][  T435] bridge0: port 2(bridge_slave_1) entered disabled state
[  391.864557][   T46] usb 1-1: config 0 has no interfaces?
[  391.870101][   T46] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  391.880299][   T46] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  391.896217][   T46] usb 1-1: config 0 descriptor??
[  392.364013][  T937] usb 1-1: USB disconnect, device number 10
[  392.543642][T10185] Cannot find add_set index 0 as target
[  392.768085][T10112] 8021q: adding VLAN 0 to HW filter on device batadv0
[  392.900598][T10112] veth0_vlan: entered promiscuous mode
[  392.914164][T10112] veth1_vlan: entered promiscuous mode
[  393.067661][T10112] veth0_macvtap: entered promiscuous mode
[  393.111574][T10112] veth1_macvtap: entered promiscuous mode
[  393.485486][T10112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  393.522271][   T54] Bluetooth: hci10: command tx timeout
[  393.527935][T10112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  393.616622][T10112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  393.630800][T10112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  393.642633][T10112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  393.654739][T10112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  393.668407][T10112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  393.699279][T10112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  393.723784][T10112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  393.749488][T10112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  393.766146][T10112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  393.795252][T10112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  393.818662][T10112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  393.839804][T10112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  393.863956][T10112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  393.883713][T10112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  393.901290][T10112] batman_adv: batadv0: Interface activated: batadv_slave_0
[  393.984866][T10112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  394.033984][T10112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  394.053529][T10112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  394.071684][T10112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  394.087616][T10112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  394.098488][T10112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  394.109092][T10112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  394.120286][T10112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  394.130491][T10112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  394.141241][T10112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  394.155135][T10112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  394.170976][T10112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  394.191298][T10112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  394.211618][T10112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  394.222465][T10112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  394.231777][    T9] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  394.256358][T10112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  394.276740][T10112] batman_adv: batadv0: Interface activated: batadv_slave_1
[  394.352317][T10112] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  394.381634][    T9] usb 5-1: device descriptor read/64, error -71
[  394.479515][T10112] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  395.002529][T10112] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  395.031894][T10112] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  395.051641][    T9] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  395.184648][    T9] usb 5-1: device descriptor read/64, error -71
[  395.611773][   T54] Bluetooth: hci10: command tx timeout
[  395.630390][  T435] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  395.757870][    T9] usb usb5-port1: attempt power cycle
[  395.765733][  T435] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  395.793833][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  395.808339][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  395.973686][T10230] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1052'.
[  396.008019][T10230] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1052'.
[  396.035238][T10230] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1052'.
[  396.243547][T10234] --map-set only usable from mangle table
[  396.361657][T10230] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1052'.
[  396.404632][    T9] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  396.432130][    T9] usb 5-1: device descriptor read/8, error -71
[  396.471633][ T5328] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  396.626845][T10227] loop2: detected capacity change from 0 to 32768
[  396.635241][ T5328] usb 4-1: config 0 has no interfaces?
[  396.637406][T10227] XFS: noikeep mount option is deprecated.
[  396.641939][ T5328] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  396.650233][T10227] XFS: noikeep mount option is deprecated.
[  396.673387][    T9] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  396.699033][ T5328] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  396.702938][T10227] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  396.709056][    T9] usb 5-1: device descriptor read/8, error -71
[  396.725769][ T5328] usb 4-1: config 0 descriptor??
[  396.833066][    T9] usb usb5-port1: unable to enumerate USB device
[  396.924687][T10227] XFS (loop2): Ending clean mount
[  396.936553][T10227] XFS (loop2): Quotacheck needed: Please wait.
[  397.099289][T10227] XFS (loop2): Quotacheck: Done.
[  397.122127][T10227] netlink: 'syz.2.1014': attribute type 9 has an invalid length.
[  397.130647][T10227] netlink: 134672 bytes leftover after parsing attributes in process `syz.2.1014'.
[  397.140851][T10227] openvswitch: netlink: Key 2 has unexpected len 20 expected 4
[  397.177864][   T46] usb 4-1: USB disconnect, device number 16
[  397.178813][T10112] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  397.681683][   T54] Bluetooth: hci10: command tx timeout
[  403.803677][    T9] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  405.092562][ T1033] block nbd2: Possible stuck request ffff888025770000: control (read@0,4096B). Runtime 120 seconds
[  406.151401][ T4691] udevd[4691]: worker [6540] /devices/virtual/block/nbd2 is taking a long time
[  424.894523][   T30] INFO: task syz.1.318:7524 blocked for more than 144 seconds.
[  426.282265][   T30]       Not tainted 6.12.0-rc2-next-20241008-syzkaller #0
[  426.289496][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  426.470481][   T30] task:syz.1.318       state:D stack:25360 pid:7524  tgid:7523  ppid:7283   flags:0x00000004
[  427.699464][   T30] Call Trace:
[  427.782450][   T30]  <TASK>
[  427.806889][   T30]  __schedule+0x1895/0x4b30
[  427.929717][   T30]  ? rcu_is_watching+0x15/0xb0
[  428.634062][   T30]  ? kernel_text_address+0xa7/0xe0
[  428.639617][   T30]  ? schedule+0x90/0x320
[  428.705579][   T30]  ? schedule+0x90/0x320
[  428.710051][   T30]  ? lock_release+0xbf/0xa30
[  428.786891][   T30]  ? __pfx___schedule+0x10/0x10
SYZFAIL: failed to send rpc
fd=3 want=184 sent=0 n=-1 (errno 32: Broken pipe)
[  430.586282][   T30]  ? __pfx_lock_release+0x10/0x10
[  430.602123][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  430.608609][   T30]  ? _raw_spin_lock_irq+0xdf/0x120
[  430.635103][   T30]  ? schedule+0x90/0x320
[  430.639481][   T30]  schedule+0x14b/0x320
[  430.658704][   T30]  ? down_read+0x6a5/0xa40
[  430.677096][   T30]  schedule_preempt_disabled+0x13/0x30
[  430.701883][   T30]  down_read+0x705/0xa40
[  430.711044][   T30]  ? __se_sys_quotactl+0x277/0xa30
[  430.716446][   T30]  ? do_syscall_64+0xf3/0x230
[  430.721241][   T30]  ? __pfx_down_read+0x10/0x10
[  430.726236][   T30]  ? rcu_is_watching+0x15/0xb0
[  430.731147][   T30]  ? rcu_is_watching+0x15/0xb0
[  430.736149][   T30]  ? lock_release+0xbf/0xa30
[  430.740845][   T30]  super_lock+0x27c/0x400
[  430.745355][   T30]  ? __pfx_super_lock+0x10/0x10
[  430.750344][   T30]  ? do_raw_spin_unlock+0x13c/0x8b0
[  430.759269][   T30]  user_get_super+0xd2/0x180
[  430.764144][   T30]  __se_sys_quotactl+0x527/0xa30
[  430.769278][   T30]  ? __pfx___se_sys_quotactl+0x10/0x10
[  430.774890][   T30]  ? rcu_is_watching+0x15/0xb0
[  430.779781][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  430.786271][   T30]  ? rcu_is_watching+0x15/0xb0
[  430.791157][   T30]  ? rcu_is_watching+0x15/0xb0
[  430.796102][   T30]  do_syscall_64+0xf3/0x230
[  430.800718][   T30]  ? clear_bhb_loop+0x35/0x90
[  430.806083][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  430.813495][   T30] RIP: 0033:0x7fd7d937dff9
[  430.818000][   T30] RSP: 002b:00007fd7da19c038 EFLAGS: 00000246 ORIG_RAX: 00000000000000b3
[  430.826580][   T30] RAX: ffffffffffffffda RBX: 00007fd7d9535f80 RCX: 00007fd7d937dff9
[  430.834684][   T30] RDX: 0000000000000000 RSI: 0000000020000340 RDI: ffffffff80000800
[  430.861808][   T30] RBP: 00007fd7d93f0296 R08: 0000000000000000 R09: 0000000000000000
[  430.871289][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  431.020065][   T30] R13: 0000000000000000 R14: 00007fd7d9535f80 R15: 00007ffc642a1888
[  431.031601][   T30]  </TASK>
[  431.051448][   T30] INFO: lockdep is turned off.
[  432.034072][   T30] NMI backtrace for cpu 1
[  432.038503][   T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc2-next-20241008-syzkaller #0
[  432.048603][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  432.058688][   T30] Call Trace:
[  432.062000][   T30]  <TASK>
[  432.064949][   T30]  dump_stack_lvl+0x241/0x360
[  432.069661][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  432.074892][   T30]  ? __pfx__printk+0x10/0x10
[  432.079519][   T30]  nmi_cpu_backtrace+0x49c/0x4d0
[  432.084493][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  432.090950][   T30]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  432.096461][   T30]  ? rcu_is_watching+0x15/0xb0
[  432.101269][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  432.107291][   T30]  nmi_trigger_cpumask_backtrace+0x198/0x320
[  432.113317][   T30]  watchdog+0xff4/0x1040
[  432.117604][   T30]  ? watchdog+0x1ea/0x1040
[  432.122066][   T30]  ? __pfx_watchdog+0x10/0x10
[  432.126780][   T30]  kthread+0x2f0/0x390
[  432.130867][   T30]  ? __pfx_watchdog+0x10/0x10
[  432.135563][   T30]  ? __pfx_kthread+0x10/0x10
[  432.140161][   T30]  ret_from_fork+0x4b/0x80
[  432.144594][   T30]  ? __pfx_kthread+0x10/0x10
[  432.149192][   T30]  ret_from_fork_asm+0x1a/0x30
[  432.153986][   T30]  </TASK>
[  432.158080][   T30] Sending NMI from CPU 1 to CPUs 0:
[  432.163993][    C0] NMI backtrace for cpu 0
[  432.164008][    C0] CPU: 0 UID: 0 PID: 8819 Comm: syz.0.677 Not tainted 6.12.0-rc2-next-20241008-syzkaller #0
[  432.164029][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  432.164041][    C0] RIP: 0010:__kernel_text_address+0x34/0x40
[  432.164069][    C0] Code: 00 00 00 85 c0 0f 95 c0 48 c7 c1 00 30 7c 91 48 39 cb 0f 93 c1 48 c7 c2 9f 0b 97 91 48 39 d3 0f 92 c2 20 ca 08 c2 0f b6 c2 5b <c3> cc cc cc cc 0f 1f 80 00 00 00 00 90 90 90 90 90 90 90 90 90 90
[  432.164084][    C0] RSP: 0018:ffffc9000d2ef518 EFLAGS: 00000202
[  432.164101][    C0] RAX: 0000000000000001 RBX: ffffc9000d2ef588 RCX: ffffffff917c3000
[  432.164114][    C0] RDX: ffffffff91970b01 RSI: ffffc9000d2e8000 RDI: ffffffff81efb10b
[  432.164128][    C0] RBP: ffffc9000d2ef5d0 R08: ffffc9000d2ef868 R09: 0000000000000000
[  432.164141][    C0] R10: ffffc9000d2ef590 R11: fffff52001a5deb4 R12: ffff88802c69da00
[  432.164154][    C0] R13: ffffffff8180a490 R14: dffffc0000000000 R15: 1ffff92001a5deb1
[  432.164169][    C0] FS:  0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[  432.164184][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  432.164196][    C0] CR2: 00007ff7fad36018 CR3: 00000000313d6000 CR4: 00000000003526f0
[  432.164212][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  432.164233][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  432.164245][    C0] Call Trace:
[  432.164250][    C0]  <NMI>
[  432.164257][    C0]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[  432.164283][    C0]  ? __pfx_lock_acquire+0x10/0x10
[  432.164301][    C0]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  432.164334][    C0]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  432.164360][    C0]  ? nmi_handle+0x14f/0x5a0
[  432.164379][    C0]  ? nmi_handle+0x2a/0x5a0
[  432.164399][    C0]  ? __kernel_text_address+0x34/0x40
[  432.164420][    C0]  ? default_do_nmi+0x63/0x160
[  432.164445][    C0]  ? exc_nmi+0x123/0x1f0
[  432.164468][    C0]  ? end_repeat_nmi+0xf/0x53
[  432.164489][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  432.164516][    C0]  ? __init_begin+0x41000/0x41000
[  432.164537][    C0]  ? no_hash_pointers_enable+0xb1/0xe0
[  432.164556][    C0]  ? free_unref_page+0xcfb/0xf20
[  432.164574][    C0]  ? __kernel_text_address+0x34/0x40
[  432.164602][    C0]  ? __kernel_text_address+0x34/0x40
[  432.164625][    C0]  ? no_hash_pointers_enable+0xb1/0xe0
[  432.164643][    C0]  ? __kernel_text_address+0x34/0x40
[  432.164664][    C0]  </NMI>
[  432.164670][    C0]  <TASK>
[  432.164676][    C0]  unwind_get_return_address+0x4d/0x90
[  432.164695][    C0]  arch_stack_walk+0xfd/0x150
[  432.164717][    C0]  ? free_unref_page+0xcfb/0xf20
[  432.164737][    C0]  stack_trace_save+0x118/0x1d0
[  432.164758][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  432.164787][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  432.164809][    C0]  ? rcu_is_watching+0x15/0xb0
[  432.164830][    C0]  ? lock_acquire+0xe3/0x550
[  432.164849][    C0]  save_stack+0xfb/0x1f0
[  432.164869][    C0]  ? __pfx_save_stack+0x10/0x10
[  432.164901][    C0]  ? rcu_read_lock_held+0xa/0x50
[  432.164925][    C0]  __reset_page_owner+0x76/0x430
[  432.164949][    C0]  free_unref_page+0xcfb/0xf20
[  432.164972][    C0]  vfree+0x186/0x2e0
[  432.164990][    C0]  kcov_close+0x28/0x50
[  432.165014][    C0]  ? __pfx_kcov_close+0x10/0x10
[  432.165037][    C0]  __fput+0x23f/0x880
[  432.165070][    C0]  task_work_run+0x24f/0x310
[  432.165089][    C0]  ? rcu_is_watching+0x15/0xb0
[  432.165111][    C0]  ? __pfx_task_work_run+0x10/0x10
[  432.165131][    C0]  ? do_exit+0xa2a/0x28e0
[  432.165148][    C0]  ? kmem_cache_free+0x1a2/0x420
[  432.165174][    C0]  ? do_exit+0xa2a/0x28e0
[  432.165194][    C0]  do_exit+0xa2f/0x28e0
[  432.165213][    C0]  ? rcu_is_watching+0x15/0xb0
[  432.165239][    C0]  ? __pfx_do_exit+0x10/0x10
[  432.165256][    C0]  ? preempt_schedule+0xe1/0xf0
[  432.165274][    C0]  ? preempt_schedule_common+0x84/0xd0
[  432.165292][    C0]  ? preempt_schedule+0xe1/0xf0
[  432.165309][    C0]  ? __pfx_preempt_schedule+0x10/0x10
[  432.165333][    C0]  do_group_exit+0x207/0x2c0
[  432.165354][    C0]  get_signal+0x16a3/0x1740
[  432.165384][    C0]  ? __pfx_get_signal+0x10/0x10
[  432.165406][    C0]  ? __pfx_hrtimer_nanosleep+0x10/0x10
[  432.165429][    C0]  arch_do_signal_or_restart+0x96/0x860
[  432.165456][    C0]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  432.165487][    C0]  ? rcu_is_watching+0x15/0xb0
[  432.165509][    C0]  syscall_exit_to_user_mode+0xc9/0x370
[  432.165530][    C0]  do_syscall_64+0x100/0x230
[  432.165549][    C0]  ? clear_bhb_loop+0x35/0x90
[  432.165571][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  432.165590][    C0] RIP: 0033:0x7f1fc7db00e5
[  432.165604][    C0] Code: Unable to access opcode bytes at 0x7f1fc7db00bb.
[  432.165612][    C0] RSP: 002b:00007f1fc8c50f80 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6
[  432.165630][    C0] RAX: fffffffffffffdfc RBX: 00007f1fc7f35f80 RCX: 00007f1fc7db00e5
[  432.165643][    C0] RDX: 00007f1fc8c50fc0 RSI: 0000000000000000 RDI: 0000000000000000
[  432.165654][    C0] RBP: 00007f1fc7df0296 R08: 0000000000000000 R09: 0000000000000000
[  432.165666][    C0] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  432.165677][    C0] R13: 0000000000000000 R14: 00007f1fc7f35f80 R15: 00007ffcca244d38
[  432.165697][    C0]  </TASK>
[  432.873457][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[  432.880468][   T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc2-next-20241008-syzkaller #0
[  432.890496][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  432.900582][   T30] Call Trace:
[  432.903870][   T30]  <TASK>
[  432.906808][   T30]  dump_stack_lvl+0x241/0x360
[  432.911587][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  432.916790][   T30]  ? __pfx__printk+0x10/0x10
[  432.921419][   T30]  ? vscnprintf+0x5d/0x90
[  432.925757][   T30]  panic+0x349/0x880
[  432.929660][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  432.935825][   T30]  ? __pfx_panic+0x10/0x10
[  432.940245][   T30]  ? tick_nohz_tick_stopped+0x82/0xb0
[  432.945624][   T30]  ? __irq_work_queue_local+0x137/0x410
[  432.951183][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[  432.956662][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  432.962917][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d4/0x320
[  432.969086][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d9/0x320
[  432.975250][   T30]  watchdog+0x1033/0x1040
[  432.979592][   T30]  ? watchdog+0x1ea/0x1040
[  432.984022][   T30]  ? __pfx_watchdog+0x10/0x10
[  432.988711][   T30]  kthread+0x2f0/0x390
[  432.993201][   T30]  ? __pfx_watchdog+0x10/0x10
[  432.997907][   T30]  ? __pfx_kthread+0x10/0x10
[  433.002518][   T30]  ret_from_fork+0x4b/0x80
[  433.006960][   T30]  ? __pfx_kthread+0x10/0x10
[  433.011578][   T30]  ret_from_fork_asm+0x1a/0x30
[  433.016395][   T30]  </TASK>
[  433.019582][   T30] Kernel Offset: disabled
[  433.023917][   T30] Rebooting in 86400 seconds..