last executing test programs:

3m47.412853183s ago: executing program 4 (id=444):
socket$netlink(0x10, 0x3, 0x15)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs, 0x6e)
socket$nl_audit(0x10, 0x3, 0x9)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb4c, 0x9, 0x6, 0x0, 0x3}, 0x0)
sendmsg$NL80211_CMD_NEW_STATION(0xffffffffffffffff, 0x0, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380), 0xe8000, 0x0)
ioctl$TCSETS(r3, 0x40045431, &(0x7f0000000140)={0x4000, 0xdffffffd, 0x80, 0x0, 0x0, "8100e1c8e80b598c36ff000800"})
syz_open_pts(r3, 0x141601)
r4 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000380), 0x101040)
r5 = msgget(0x1, 0xefea72844cf5e2b4)
msgrcv(r5, 0x0, 0x0, 0x3, 0x0)
msgctl$IPC_RMID(r5, 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r4, 0x40345410, &(0x7f0000000300)={{0x0, 0x2}})
ioctl$SNDRV_TIMER_IOCTL_SELECT(r4, 0x40345410, &(0x7f0000000000)={{0x0, 0x3, 0xfffffff9, 0x1, 0x3ff}})
r6 = syz_genetlink_get_family_id$tipc(&(0x7f0000001ec0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(0xffffffffffffffff, &(0x7f0000001f80)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001f00)={0x30, r6, 0x1, 0x0, 0x0, {{}, {}, {0x14, 0x19, {0x80000000, 0x1, 0x1, 0x5}}}}, 0x30}}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(r0, 0x89f9, &(0x7f0000000040)={'sit0\x00', &(0x7f0000000000)={@remote, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x2008, 0xe}})
r7 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r7, 0xc4c85512, &(0x7f0000000040)={{}, 0x0, [0x0, 0x0, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x6, 0xffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x769, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9]})
r8 = syz_open_dev$evdev(&(0x7f0000000000), 0x2, 0x0)
ioctl$EVIOCGMASK(r8, 0x80104592, &(0x7f0000000300)={0x0, 0xffffffffffffff36, &(0x7f0000000200)="952bb3e006ae9a4c3a"})

3m44.291369619s ago: executing program 4 (id=453):
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000100)='./bus\x00', 0x1000840, &(0x7f00000004c0)=ANY=[@ANYBLOB='shortname=mixed,sys_immutable,nfs,iocharset=cp936,shortname=lower,rodir,nocase,codepage=860,shortname=lower,shortname=lower,shortname=win95,uid=', @ANYRESHEX=0x0, @ANYBLOB="2c646973636172642c73686f72746e616d653d77696e39352c756e695f786c6174653d302c0061a98eed20cb46078e5a4a40eed4c77e7462b84482aa7061236bf6bf5f48d7580feb45e35df449cbc10bccc2d8eb7a405ecd33c7efe0552ac1485c1dc47fec07062af97740e17f7fed7c51b26811fd16e28ca3f29cfad88fc4c5504243392e01cbdde7b5c763979598f95f09d45d2c45628665902b30ddfbf9bbd38185eabec1312bac0ff85a3b9b3ac212f453253bf5fcac7dd1e683bf671e2c5362e5a701db45df522801ffbf8e5faa1778f0eff73a03e231bb8031912bc25c08c213dbf866aecba07308a5c84732b9ba16275178d55dbce6e68fa7c1740c0021d1cd351a4ef57cb782b0ca2780431eb03ec804619e284369a22503d4b83e29272dd5c7"], 0x43, 0x357, &(0x7f0000000140)="$eJzs3U9om/UbAPAne9OkHezXHn4wFIRXb4KWteJBTy2jg2EuKsE/BzG4TqWpgwaD3aFZvYhHwaOevHnQg+DOIijizYNXJ8hUPOhuA4evJHnzr0m6Tkxl7PM5hGff7/Pk+7zLS/P2Lfnm5bXYujAXF2/cuB7z84Uorp1di5uFWIok4kR0XIlxpQljAMDd4WaWxR9Z1xFLCjNuCQCYsc77/6unhkbe/qofFsfzM+/+AHDXy3//X5iaUIqYnzZ3aVZdAQCzNHb//6GR6dLon/qLkRx3gwDAv+7ZF158ar0S8UyazkVsv9OsNqvx5GB+/WK8HvXYjDOxGLciuhcK7YdC5/Hc+crGmTRNW/HzUlTbFc1qxHarWe1eKawnnfpyrMRiLOX1+dVGlmXJuc8qGytpR0RcaXXWj+1CszoXJ/P1fzgZm7Eaafx/rD7ifGVjNc2foLrdq29F7A/uW7T7X47F+O6VuBT1uBDt2t5lTWVjbyVNz2aVkfpmtdzJ65p6BwQAAAAAAAAAAAAAAAAAAAAAAP6R5bRvqb//TTbYv2d5ecJ8Z3+cbn2+P9B+d3+grJxFlv3+1qPVd5MY2R/o4P48zWqx9/WCAAAAAAAAAAAAAAAAAAAAcM9r7JaiVq9v7jR2L28NB62dxu6JiGiPvPHNJ18uxHjObYJivsbQVJoPXd6qZUkvOUtGcvIgaS/eG/n4ar/j4Zxy/ygmtlGePlWvn3rwpw8GIw8kvWf+a5CTxOQDTA60MRxs/6/b0p38R/WD1dvkXMuybFr53kvjVVGIKN75C3d4kLWDr6+/dt9jjdOPd0a+yLoefmTxuWvvf/TrVq3eXjk6r2Bpp3Er26rl/558sk0PkqHzpxDdoDB8JhQPK98fHal9/v1vz9//3rdHWz0bHnlzQk7SPZxPD06VukG7zQNTC5PWmptw8s8gOP3hWu3q3o+/HLVq6IeEjToAAAAAAAAAAAAAAAAAAOBYDH1WPJd/2HfusKonnp59ZwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwfAbf/z8U7I+NHCX4sxXjU+XNnUZE6b8+TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7nF/BwAA//9qyG81")
openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000040), 0x210000, 0x0)
syz_mount_image$udf(&(0x7f0000000500), &(0x7f00000000c0)='./file0\x00', 0x8010, &(0x7f0000000100)=ANY=[@ANYBLOB='noadinicb,nostrict,mode=00000000000000000000004,uid=forget,noadinicb,umask=00000000000000040002000,lastblock=00000000000000000013,undelete,partition=00000000000000000005,\x00'], 0x43, 0xc11, &(0x7f0000001dc0)="$eJzs3V1oXOl5B/DnnSOtRto00WYTb9Jm04GUxCi18VdsBZcgZxW1AccbIit0r6LRh51h5ZGR5MabtkFtSQu9Cd2b0psimi4t5KJX3V5WabaQUAol5CK9KAiaLHvRC10ECi0bhXPmHWlky7ayXlvS7u+3zP7PnHnO+P0YnzkCvzoBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAER89nOXTp1OB90KAOBxujL5pVNnff8DwLvKVT//AwAAAAAAAAAAAADAYZeiiGORYujVzTRdPe+oX261b92eGp/Y+7DBFClqUVT15aN++szZc586f2G0m/c//u324Xh+8uqlxnOLN24uzS8vz881ptqt2cW5+X2/w8Mef6eRagAaN168NXft2nLjzMmzu16+Pfz6wJPHhi9eOHF+tFs7NT4xMdlT09f/lv/0u9xrhccTUUQzUrw5/EZqRkQtHn4sHvDZedQGq06MVJ2YGp+oOrLQarZXyhdTLVfVIho9B411x+gxzMVDGYtYLZtfNnik7N7kzeZSc2ZhvvHF5tJKa6W12E61TmvL/jSiFqMpYi0iNgbufrv+KOKjkeLlU5tpJiKK7jh8sloY/OD21B5BH/ehbGejP2KtdgTm7BAbiCKuRIqfvXY8Zssxy4/4eMQXynw14pUyPxORyg/GuYif7vE54mjqiyL+PVIsps00V50PuueVy19ufL59bbGntnteOfLfD4/TIT831aOImeqMv5ne+sUOAAAAAAAAAAAAAAAAAG+3wSji25HiT579vWpdcVTr0t93cfQ9L/x275rxZx7wPmXtyYhYre1vTW5/XjqcauV/j6Bj7Es9ivhGXv/3RwfdGAAAAAAAAAAAAAAAAAAAgHe1Il6IFF85cTytRe89xVvt642rzZmFzl1hu/f+7d4zfWtra6uROjmWczrnas61nOs5N3JGLR+fcyzndM7VnGs513Nu5IwiH59zLOd0ztWcaznXc27kjL58fM6xnNM5V3Ou5VzPuZEzDsm9ewEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3klqUcTPI8W3vraZIkXEWMR0dHJ94KBbBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACU6qmIk5Fi/YV69XytFnE1In6+tbXVfUTEZpkP66D7CgAAAAAAAAAAAAAAAAAAAIdWKuJjkeLp/9tMjYi4Pfz6wJPHhi9eOHF+tIgiUlnSW//85NVLjecWb9xcml9enp9rTLVbs4tz8/v94+qXW+1bt6fGJx5JZx5o8BG3f7D+3OLNl5Za17+6sufrQ/VLM8srS83ZvV+OwahFTPfuGakaPDU+UTV6odVsV4em2j0aWIsY229nAAAAAAAAAAAAAAAAAAAAODSGUhGfixQ/+a9zqbtuvK+z5v9XOs+K7dpX/mDndwEs3JFdvb8/YD/bab8NHakW3jemxicmJnt29/XfXVq2KaUinokUn3j5Q9V6+BRDe66NL+veW9bdOJfrhn+trFvdVVUfmRqfaFxZbJ+4tLCwONtcac4szDcmbzZn9/2LAwAAAAAAAAAAAAAAAAAAAOA+hlIRP4oU//P3/5G6953P6//7Os961v//VrWEvlJPu3Nbtbb/vdXa/s72+y6ODn302XvtfxTr/8s2pVTENyPF2R99qLqffnf9//QdtWXdn0WKN579SK6rPVHWNbvd6bzjtdbC/Kmy9q8jxa+/2a2NqvZ6rn16p/Z0WTsYKf5yc3ftV3PtB3Zqz5S1xyPF9/5779oP7tSeLWt/Ein+6e8a3dqhsvb3c+2xndqTs4sLcw8a1nL+vxMp/vbK76Run+85/z2//2H1jtx215zff/vtmv/hnn2reV7/NM9/8wHzfz5SfKf+kVzXGfuZ/PpT1f935v8TkeI//2137bVc+/6d2tP77dZBK+f/25Hiu3/14+0+5/nPI7szQ73z/6t9u3P7U3JA8/9Uz77h3K7ZX3Is3o2WX/r6i82FhfklGzZs2NjeOOgzE49D+f3/55Hi/48VqXsdk7//39N5tnP997/f2Pn+v3hHbjug7//39+y7mK9a+vsi6is3bvY/E1FffunrJ1o3mtfnr8+3z5w+9elPnz996vT5/ie6F3c7W/seu3eCcv5/ECl++A8/3P45Zvf1397X/0N35LYDmv+ne/u067pm30PxrlTO/99Eiqc+++Ptnzfvd/3f/fn/+Md25/bfvwOa/w/07BvO7Wr9kmMBAAAAAAAAAABwlAylIv4iUvzuH/9m6q4h2s+//5u7I7cd0L//Otazb+4xrWvY9yADABwi5fXfByPFP299f3st9+7rv/iNbm3v9d+9HIb7/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFGXoog/jBRDr26m9YHyeUf9cqt96/bU+MTehw2mSFGLoqovH/XTZ86e+9T5C6PdvP/xb7cPx/OTVy81nlu8cXNpfnl5fq4x1W7NLs7N7/sdHvb4O41UA9C48eKtuWvXlhtnTp7d9fLt4dcHnjw2fPHCifOj3dqp8YmJyZ6avv63/KffJd1j/xNRxPcjxZvDb6TvDkTU4uHH4gGfnUdtsOrESNWJqfGJqiMLrWZ7pXwx1XJVLaLRc9BYd4wew1w8lLGI1bL5ZYNHyu5N3mwuNWcW5htfbC6ttFZai+1U67S27E8jajGaItYiYmPg7rfrjyK+GSlePrWZ/mUgouiOwyevTH7p1NkHt6f2CPq4D2U7G/0Ra7UjMGeH2EAU8Y+R4mevHY/vDUT0RecRH4/4QpmvRrxS5mciUvnBOBfx0z0+RxxNfVHEuUixmDbTawPl+aB7Xrn85cbn29cWe2q755Uj//3wOB3yc1M9ivhBdcbfTP/q7zUAAAAAAAAAAAAAAADAIVLEWqT4yonjqVofvL2muNW+3rjanFnoLOvrrv3rrpne2traaqROjuWczrmacy3nes6NnFHLx+ccyzmdczXnWs71nBs5o8jH5xzLOZ1zNedazvWcGzmjLx+fcyzndM7VnGs513Nu5IxDsnYPAAAAAAAAAAAAAAAAAAB4Z6lFUd3F/Vtf20xbA537S09HJ9fdD/Qd7xcBAAD//0kCdPc=")
fsconfig$FSCONFIG_CMD_RECONFIGURE(0xffffffffffffffff, 0x7, 0x0, 0x0, 0x0)
socket(0x2a, 0x5, 0x8)
r0 = openat(0xffffffffffffffff, &(0x7f0000000640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/../file0\x00', 0x600100, 0x80)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6a72c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0)
r4 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r4, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x20000}}, {{0xa, 0x0, 0x40000, @dev={0xfe, 0x80, '\x00', 0x26}}}}, 0x108)
setsockopt$inet6_group_source_req(r4, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @loopback}}}, 0x108)
openat$random(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(0xffffffffffffffff, &(0x7f0000000880)=ANY=[@ANYRES8=r0, @ANYBLOB="1265de4fcaa387401cb86ff9f115f83a9df3bcca2a0039ad81ada9f6ef07f404686ede8535eb2d9f47f32480f090797b47ee04ce38bba6db3501f5e4ad283957eed471f834d77a8f5abb54b7ff4719eb19f46bca6f4b2b8d15ae50d87900ac79f797a33a0c64b660b8b8c84eeedb7e0b563f947d20877f16928e56a8b2169c558bf62a13aa5705463e9cdc2579fab81db4b2804947690aa6fa0103951325bdcbe443dc7bbf984d0aab254ae1519669cd5fc3430a37dda31d7a3ec3d13b978b02822390506d47ff9c32"], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r5, 0x0)

3m41.958759317s ago: executing program 4 (id=454):
syz_mount_image$exfat(&(0x7f0000000080), &(0x7f0000000240)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0xa1008a, &(0x7f00000003c0)=ANY=[], 0x21, 0x1517, &(0x7f0000002780)="$eJzs3AuYTlX7MPD7XmttxjTxNMlhWGvdmycNlkOSHJLkkCTJK0lOCaFJkoTEOEsakiTHSXIYQnKYxqRxPh9yTpKkSZKQkLC+S3993rf30Pf+/32f63vn/l3Xvqz72c+99r2fez/2s/dzPfNdj1F1mtWt2YSI4H8E/+ufZACIAYBhAJAPAAIAqBhfMf7y+jwSk/9nG2F/rofTrnUF7Fri/uds3P+cjfufs3H/czbuf87G/c/ZuP85G/efsZxs2+zCN/CScxe+/5+T8fn/P0h2mUlfbShzU89/I4X7n7Nx/3M27n/Oxv3P2bj/ORv3P2fj/uds3H/GcrL//r1j/u7gP2G51scfY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjLGc4Zy/SgHAb+NrXRdjjDHGGGOMMcb+PD73ta6AMcYYY4wxxhhj//chCJCACJALckMM5IFYuA7i4HrIC/kgAjdAPNwI+eEmKAAFoRAUhgQoAkVBgwELBCEUg+IQhZuhBNwCiVASSkFpcFAGykI5KA+3QgW4DSrC7VAJ7oDKUAWqQjW4E6rDXVAD7oaacA/UgtpQB+rCvVAP7oP6cD80gAegITwIjeAhaAx/gSbwMDSFR6AZPArN4TFoAS2hFbSGNv+t/BehD7wEfaEfJEN/GAADYRAMhiEwFIbByzAcXoER8CqkwEgYBa/BaHgdxsAbMBbehHHwFoyHCTARJsFkmAKp8DZMhXdgGrwL02EGzIRZkAazYQ68B3NhHsyH92EBfAALYREshiWQDh9CBiyFTPgIlsHHkAXLYQWshFWwGtbAWlgH62EDbIRNsBm2wFbYBp/AdtgBO2EX7IY9sBc+hX3wGeyHz+EAfPFv5p/9XX5PBAQUKFChwlyYC2MwBmMxFuMwDvNiXoxgBOMxHvNjfiyABbAQFsIETMCiWBQNGiQkVFeOpBJYAhMxEUthKXTosCyWxfJ4K1bAClgRK2IlrISVsQpWwWpYDatjdayBNbAm1sRaWAvrYB28F+/F+7A+1scG2AAbYkNshI2wMTbGJtgEm2JTbIbNsDk2xxbYAlthK2yDbbAttsV22A47YAfsiB2xM3bGJEzCLtgFu2JX7IbdsDt2xx7YA3tiL+yFL+KL+BK+hP2wluiPA3AADsJBOASH4lB8GYfjK/gKvoopOBJH4Wv4Gr6OY/AMjsU3cRyOw+piAk7ESUhiCqZiKk7FqTgNp+F0nIEzcBam4Wycg3NwLs7Defg+LsAP8ANchItwCaZjOmbgUszETFyGZzELl+MKXImrcDWuwrW4DtfiBtyIG3AzbsatuBU/wU9wB+7AXbgL91x+rfFT/Aw/wxQ8gAfwIB7EQ3gID+NhzMZsPIJH8CgexWN4DI/jcTyBJ/EUnsTTeBrP4Fk8h+fwPJ7HC/h8wjdN95RcnwLiMiWUyCVyiRgRI2JFrIgTcSKvyCsiIiLiRbzIL/KLAqKAKCQKiQSRIIqKosIII0iEopgoJqIiKkqIEiJRJIpSopRwwomyoqwoL8qLCqKCqChuF5XEHaKyqCLau2qimqguOrga4m5RU9QUtURtUUfUFXVFPVFP1Bf1RQPRQDQUDUUj8ZBoLPrjEHxYXO5MMzESm4tR2EK0FK1Ea/E6Pi7aijHYTrQXHcST4k0ci51FW5cknhZdxETsKp4Vk/A50V1MwR7iBdFT9BK9xYuij2jn+op+Yjr2FwPELBwkBoshYqiYi7XF5Y7VEa+KFDFSjBKviSX4uvjtGB8n3hLjxQQxUUwSk8UUkSreFlPFO2KaeFdMFzPETDFLpInZYo54T8wV88R88b5YID4QC8UisVgsEeniQ5EhlopM8ZFYJj4WWWK5WCFWilVitVgj1op1Yr3YIDaKTWKz2CK2im3iE7Fd7BA7xS6xW+wRe8WnYp/4TOwXn4sD4gtxUHwpDomvxGHxtcgW34gj4ltxVHwnjonvxXHxgzghTopT4kdxWvwkzoiz4pz4WZwXv4gL4qK4JLwAiVJIKZUMZC6ZW8bIPDJWXifj5PUyr8wnI/IGGS9vlPnlTbKALCgLycIyQRaRRaWWRlpJMpTFZHEZlTfLEvIWmShLylKytHSyjCwry8ny8lZZQd4mK8rbZSV5h6wsq8iqspq8U1aXd8ka8m5ZU94ja8naso6sK++V9eR9sr68XzaQD8iG8kHZSD4kG8u/yCbyYdlUPiKbyUdlc/mYbCFbylaytWwjH5dt5ROynWwvO8gnZUfZSXaWT8kk+bTsIp+RXeWzspt8TnaXz8se8gXZU/aSveVFeUl62Vf2k8myvxwgB8pBcrAcIofKYfJlOVy+IkfIV2VKDADI1+Ro+bocI9+QY+Wbcpx8S46XE+REOUlOllNkqnxbTpXvyGnyXTldzpAz5SyZJmfLIVdmmv9/kP/OP8gfIVPkSLlVbpOfyO1yh9wpd8ndco/cK/fKfXKf3C/3ywPygDwoD8pD8pA8LA/LbJktj8gj8qg8Ko/JY/K4PC5PyJPyZ/mjPC1/kmfkWXlW/izPy/PywpXXABQqoaRSKlC5VG4Vo/KoWHWdilPXq7wqn4qoG1S8ulHlVzepAqqgKqQKqwRVRBVVWhllFalQFVPFVVTdjFfeIqqUKq2cKqPKqnL/Tr4qoW5Riark3+T/UX1tVBvVVrVV7VQ71UF1UB1VR9VZdVZJKkl1UV1UV9VVdVPdVHfVXfVQPVRP1VP1Vr1VH9VH9VV9VbJKVgPUQDVIDVZD1FA1rD+o4Wq4GqFGqBSVokapUWq0Gq3GqDFqrBqrxqlxarwaryaqiWqymqxSVaqaqqaqaWqamq6mq5lqpkpTaWqOmqPmqrlqvpqvFqgFaqFaqBarxSpdpasMlaEyVaZappapLLVcLVcr1Uq1Wq1Wa9VatV6tVxvVRrVZbVZZapvaprar7Wqn2ql2q91qr9qr9ql9ar/arw6oA+qgOqgOqUPqsDqsslW2OqKOqKPqqDqmjqnj6rg6oU6oU+qUOq1OqzPqjDqnzqnz6ry6oC6oS+qSggACEYhABSrIFeQKYoKYIDaIDeKCuCBvkDeIBJEgPogP8gc3BQWCgkGhoHCQEBQJigY6MIENKAiDYkHxIBrcHJQIbgkSg5JBqaB04IIyQdmgXFA+uDWoENwWVAxuDyoFdwSVgypB1aBacGdQPbgrqBHcHdQM7glqBbWDOkHd4N6gXnBfUD+4P2gQPBA0DB4MGgUPBY2DvwRNgoeDpsEjQbPg0aB58FjQImgZtApaB23+rPkVBE0D788UfML11f10su6vB+iBepAerIfooXqYflkP16/oEfpVnaJH6lH6NT1av67H6Df0WP2mHqff0uP1BD1RT9KT9RSdqt/WU/U7epp+V0/XM/RMPUun6dl6jn5Pz9Xz9Hz9vl6gP9AL9SK9WC/R6fpDnaGX6kz9kV6mP9ZZerleoVfqVXq1XqPX6nV6vd6gN+pNerPeorfqbfoTvV3v0Dv1Lr1b79F79ad6n/5M79ef6wP6C31Qf6kP6a/0Yf21ztbf6CP6W31Uf6eP6e/1cf2DPqFP6lP6R31a/6TP6LP6nP5Zn9e/6Av6or6k/eUP95dP70YZZXKZXCbGxJhYE2viTJzJa/KaiImYeBNv8pv8poApYAqZQibBJJiipqi5jAyZYqaYiZqoKWFKmESTaEqZUsYZZ8qasqa8KW8qmAqmoqloKplKprKpbKqaquZOc6e5y9xl7jZ3m3vMPaa2qW3qmrqmnqln6pv6poFpYBqahqaRaWQam8amiWlimpqmpplpZpqb5qaFaWFamVamjWlj2pq2pp1pZzqYDqaj6Wg6m84mySSZLqaL6Wq6mm6mm+luupsepofpaXqa3qa36WP6mL6mr0k2yWaAGWAGmUFmiBlihplhZrgZbkaYESbFpJhRZpQZbUabMWaMGWveNOPMW2a8mWAmmklmspliUk2qmWqmmmlmmpluppuZZqZJM2lmjplj5pq5Zr6ZbxaYBWahWWgWm8Um3aSbDJNhMk2mWWaWmSyTZVaYFWaVWWXWmDVmnVlnNpgNZpPZZLaYLWab2Wa2m+1mp9lpdpvdZq/Za/aZfWa/2W8OmAPmoDnoEcAcNodNtsk2R8wRc9QcNcfMMXPcHDcnzAlzypwyp81pc8acMefMOXPe/GIumIvmkvEmxuaxsfY6G2evt3ltPvv7uJAtbBNsEVvUalvAFvyb2FhrE21JW+q3S0xbziZePpfa0tbZMrasLWcr2yq2qq1m77TV7V22xu/jfGDvs/Xt/baBfcDWtffaen8VN7QP2kb2UdvYPmab2Ja2qW1tm9lHbXP7mG1hW9pWtrXtaDvZzvYpm2Sftl3sM38XZ9ildp1dbzfYjXaf/cyesz/bo/Y7e97+YvvafnaYfdkOt6/YEfZVm2JH/l08zr5lx9sJdqKdZCfbKX8Xz7SzbJqdbefY9+xcO+/v4nT7oV1gM+1Cu8gutkt+jS/XlGk/ssvsxzbLLrcr7Eq7yq62a+za/13rSrvZbrFb7V77qd1ud9iddpfdbff8Gl/ej/32c3vAfmGP2G/tIfuVPWyP2Wz7za/x5f07Zr+3x+0P9oQ9aU/ZH+1p+5M9Y89e3n9/ed9/tBftJestEJIgSYoCykW5KYbyUCxdR3F0PeWlfBShGyiebqT8dBMVoIJUiApTAhWhoqTJkCWikIpRcYrSzVSCbqFEKkmlqDQ5KkNlqRyVp1upAt1GFel2qkR3UGWqQlWpGt1J1ekuqkF3U026h2pRbapDdeleqkf3UX26nxrQA9SQHqRG9BA1pr9QE3qYmtIj1Iwepeb0GLWgltSKWlMbepza0hPUjtpTB3qSOlIn6kxPURI9TV3oGepKz1I3eo660/PUg16gntSLetOL1Ideor7Uj5KpPw2ggTSIBtMQGkrD6GUaTq/QCHqVUmgkjaLXaDS9TmPoDRpLb9I4eovG0wSaSJNoMk2hVHqbptI7NI3epek0g2bSLEqj2TSH3qO5NI/m0/u0gD6ghbSIFtMSSqcPKYOWUiZ9RMvoY8qi5bSCVtIqWk1raC2to/W0gTbSJtpMW2grbaNPaDvtoJ20i3bTHtpLn9I+ynPlDfcFHaQv6RB9RYfpa8qmb+gIfUtH6Ts6Rt/TcfqBTtBJOkU/0mn6ic7QWTpHP9N5+oUu0EW6RJ4gxFCEMlRhEOYKc4cxYZ4wNrwujAuvD/OG+cJIeEMYH94Y5g9vCguEBcNCYeEwISwSFg11aEIbUhiGxcLiYTS8OSwR3hImhiXDUmHp0IVlwrJhubB8eGtYIbwtrBjeHlYK7wgrh1XCRx+oFt4ZVg/vCmuEd4c1w3vCWmHtsE5YN7w3rBfeF9YP7w8bhA+EFcIHw0bhQyFc+b1K0/CRsFn4aNg8fCxsEbYMW4Wtwzbh42Hb8ImwXdg+7BA+GXYMO4Wdw6fCpPDpsEv4zB+uTw77hwPCgeHA0Pv75eLokmh69MNoRnRpNDP6UXRZ9ONoVnR5dEV0ZXRVdHV0TXRtdF10fXRDdGN0U3RzdEt0a9T7urnBoRNOOuUCl8vldjEuj4t117k4d73L6/K5iLvBxbsbXX53kyvgCrpCrrBLcEVcUaedcdaRC10xV9xF3c2uhLvFJbqSrpQr7Zwr48q61q6Na+PauidcO9fedXBPuiddJ9fJPeWeck+7Lu4Z19U967q551x397x73r3gerperrd70fVxL7m+rp9LdslugBvgBrlBbogb4oa5YW64G+5GuBEuxaW4UW6UG+1GuzFujBvrxrpxbpwb78a7iW6im+wmu1SX6qa6qW6am+YCAJjpZro0l+bmuDlurpvr5rv5bkHiArfQLXSL3WKX7tJdhstwmS7TLXPLXJbLcivcCrfKrXJr3Bq3zq1zG9wGt8ltclvcFrfNbXPb3Xa30+10u91ut9ftdfvcPrff7XcH3AF30B10h9whd9h97bLdN+6I+9Yddd+5Y+57d9z94E64k+6U+9Gddj+5M+6sO+d+dufdL+6Cu+guOe9SI29HpkbeiUyLvBuZHpkRmRmZFUmLzI7MibwXmRuZF5kfeT+yIPJBZGFkUWRxZEkkPfJhJCOyNJIZ+SiyLPJxJCuyPLIisjKyKrJagS+yPfTFfHEf9Tf7Ev4Wn+hL+lK+tHe+jM/ty/ny/lZfwd/mK/rbfSV/h6/sq/iq/jHfwrf0rXxr38Y/7tv6J3w739538E/6jr6T7+yf8kn+ad/FP+O7+md9N/+c7+6f9z38C76n7+V7+xd9H/+S7+v7+WTf3w/wA/0gP9gP8UP9MP+yH+5f8SP8qz7Fj/Sj/Gt+tH/dj/Fv+LH+TT/Ov+XH+wl+op/kJ/spPtW/7af6d/w0/66f7mf4mX6WT/Oz/Rz/np/r5/n5/n2/wH/gF/pFfrFf4tP9hz7DL/WZ/iO/zH/ss/xyv8Kv9Kv8ar/Gr/Xr/Hq/wW/0m/xmv8Vv9dv8J3673+F3+l1+t9/j9/pP/T7/md/vP/cH/Bf+oP/SH/Jf+cP+a5/tv/FHsr71R/13/pj/3h/3P/gT/qQ/5X/0p/1P/ow/68/5n/15/4u/4C/6S//mb9Zq/xm3zhljjDHG/j808A/W9/8HjykAEFfGv3jvr99ROPuv10sA2FTgv8aDRULHCAA83a/Hw78ttWolJydfeW6WhKD4IgCI/G4DV+Ll0AE6QRK0h/L/sL7Botd5+hfzZ4yhydHbAWL/KicGrsZX5//yn8z/+JPjMiqF5+L/ef3RRQCJxa/mXL4K/y1eDh1+/eqwPVT4J/MXbPuv6s+SkOerVIB2f5UTBwDt8vy+/rLwBDwDSX/zzAb/cJuMMcYYY4wxxnKewaJqtz+4/vz1+jxBXc3JDVfjP7o+Z4wxxhhjjDHG2LX3XK/eTz2elNS+Gw94wIMcNuj0L55zrf9nYowxxhhjjP3Zrn7ov/pYnmtZEGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxlgP9v/hLY9d6HxljjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjLFr7X8FAAD//8HaM+M=")
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000340)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc0ed000e, &(0x7f0000000540)={[{@data_err_abort}, {@data_err_abort}, {@dax}, {@noload}, {@mblk_io_submit}, {@commit={'commit', 0x3d, 0x5}}, {@init_itable_val={'init_itable', 0x3d, 0x601}}, {@debug}]}, 0xf6, 0x47a, &(0x7f0000000680)="$eJzs3M1vFOUfAPDvzLbl7cevFfEFBKmikfjS0vIiBy8aTThoYqIHjKfaFlJZqKE1EUK0esCjIfFu/C+MJ70Y9aKJV70bEmK4gHpZMzszpSy7ZVu2Xeh+Psl0n2fn6T7Pd2ae2Wfm2d0AetZw9ieJ+F9E/B4Rg3n21gLD+cONaxcn/752cTKJWu2tv5J6uevXLk6WRcv/25ZnarUiv6lJvZfejZioVqfPFfnR+TMfjM6dv/DCzJmJU9Onps+OHzt2+NDegaPjRzoSZxbX9d0fz+7Zdfydy29Mnrj83k9JX+RxR0McnTKcb92mnu50ZV22fUm6vmEX7fvlZrrZkUA3VSIi21399f4/GJXYsrhuMF77rKuNA9ZUrVarLXNWXqgBG1gS3W4B0B3lG312/Vsu6zT0uCdcfTm/AMrivlEs+Zq+SPPEvv6G69tOGo6IEwv/fJUtsUb3IQAAlvouG/8832z8l8bDeWIg+/P/Yg5lKCIeiIgdEfFgROyMiIci6mUfiYhHV1h/4wzJ7eOf9Mqqg2tDNv57qZjbunX8l5ZFhipFbns9/v5YOr1xIPo3nZxJpseWqeP7V3/7otW6peO/bMnqL8eCRTuu9DXcoJuamJ9YTazNXP00Yndfs/iTxTiTiNgVEbtXWcfMs30t1905/mW0ftm21b6OeCbf/wvREH8paTk/Ofbi0fEjo5ujOn1w9ORMdfpg0zp+/vXSm63qX3X8HZpKy/b/1qbH/2L8Q8nmiLnzF07X52vnVl7HpT8+b3lNs8Lj//j24vgfSN6un48GihUfTczPnxuLGEher+dveX785quV+bJ8Fv+B/c37/464uSUei4g9EbE3Ih7PLgqLtj8REU9GxP5l4v/xlafeX3n86zNXmsU/daf9H0v3/8oTldM/fNtQbeX2+DdHRKv9f7ieOlA80875r90G3u32AwAAgPtBWv8MfJKOLKbTdGQk/wz/ztiaVmfn5p87Ofvh2an8s/JD0Z+Wd7ry+8H9SZYfK+4Nl/nxhvyh4r7xl5Ut9fzI5Gx1qtvBQ4/b1qL/Z/6sdLt1wJrrwDwacJ/S/6F36f/QmxL9H3qa/g+9q1n//6Rl6ZFv1rQxwLry/g+9q43+v5A/tB4VAPcn7//Qu/R/6Ektvxuf3tVX/tc98W/xe4b3Sns2fiLSe6IZGz/R1/aPWZy/cLrs13cqXBvMy2XPbGpaposnJQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgA76LwAA///J9uCF")
getpid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f076bbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
execve(&(0x7f00000190c0)='./file0\x00', 0x0, 0x0)
openat$udambuf(0xffffffffffffff9c, 0x0, 0x2)
r3 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000440)='rose0\x00', 0x10)
connect$inet6(r3, &(0x7f0000000100)={0xa, 0x0, 0x0, @private1, 0x200000}, 0x1c)
r4 = socket$inet6(0xa, 0x1, 0x0)
sendto$inet6(r4, &(0x7f00000001c0)='O', 0x1, 0x80, 0x0, 0x0)
syz_open_dev$video(&(0x7f00000002c0), 0x793e, 0x100)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r3, 0x84, 0x7b, &(0x7f0000000080)={0x0, 0x1}, 0x8)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r3, 0x84, 0x7c, &(0x7f00000000c0), &(0x7f0000000180)=0x8)
openat(0xffffffffffffff9c, 0x0, 0x8042, 0x0)
rename(&(0x7f0000000000)='./file1\x00', &(0x7f00000000c0)='./file0/file0\x00')
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
getsockopt$bt_hci(0xffffffffffffffff, 0x84, 0x7d, &(0x7f0000000840)=""/4127, &(0x7f0000000000)=0x101f)

3m40.900568232s ago: executing program 4 (id=456):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002000), 0x2, 0x0)
syz_mount_image$fuse(&(0x7f0000002040), &(0x7f00000020c0)='./file0\x00', 0x8402, &(0x7f00000021c0)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}, 0x0, 0x0, 0x0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, 0x0, 0x0)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x9801)
move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$fuseblk(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x24000, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)

3m39.562210696s ago: executing program 4 (id=462):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000080)="a2", 0x1}], 0x1}, 0x4006041)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="0f00000004000000040000001600000000000000", @ANYRES32, @ANYBLOB="fdffffff00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000000000000000f66bd342bd2fa010701ef59c14b45be08e7d9fc1a14a2e836409e796f66ec703cbcc65a64d627e366a9af53f5e90e0b554956c0f197a094bd15b0edc0d26ea719765316a81d8d3fd83cf91690d6077d0bd9089170b9ec8a30f2560edf8a8555508228b852e89e48b32fb3bdc18f9775ce416d5dfe55851bfb25962fdb06f2bd1edfd0ee03f8581b5ed5f3b067175699db770ea29221f2316645cbdc645aacc51addfd73de4ec2dc801a88f5b860f0afb4387c8c1e8a4b0a80ddb008e1dd440e555482199f009664ffd106247d500"/246], 0x50)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002e00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x80)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000180)=ANY=[@ANYRES32=r2, @ANYRES32=r3, @ANYBLOB="05"], 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r2}, &(0x7f00000006c0), &(0x7f0000000700)=r1}, 0x20)
sendmsg$inet(r0, &(0x7f0000000980)={0x0, 0x0, 0x0}, 0x3)

3m38.352535836s ago: executing program 4 (id=464):
socket$nl_route(0x10, 0x3, 0x0)
ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42f82, 0x0)
ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, 0x0)
r1 = socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x1, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x50, 0x0, &(0x7f0000000040)=0x54)
write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x1}, 0x2)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan1\x00'})
sendmsg$NL80211_CMD_NEW_INTERFACE(r1, 0x0, 0x0)
r4 = syz_open_dev$vim2m(&(0x7f0000000080), 0x100000001, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r4, 0xc0d05605, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
prctl$PR_SET_SECCOMP(0x4e, 0x1, 0x0)
prctl$PR_SET_SECCOMP(0x4e, 0x1, 0x0)
r5 = socket$inet(0x2, 0x2000000000003, 0x2)
connect$inet(r5, &(0x7f00000001c0)={0x2, 0x4e24, @remote}, 0x10)
r6 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000100)="4c000000150097f87059ae08060c040002ff0f020000000000000187ac1414aaa69d35a2cca84708f7abca1bac1414aabd7c493872f750375ed08a560400000003c48f93b82a03000000461e", 0x4c}], 0x1}, 0x0)

3m36.586601249s ago: executing program 32 (id=464):
socket$nl_route(0x10, 0x3, 0x0)
ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42f82, 0x0)
ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, 0x0)
r1 = socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x1, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x50, 0x0, &(0x7f0000000040)=0x54)
write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x1}, 0x2)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan1\x00'})
sendmsg$NL80211_CMD_NEW_INTERFACE(r1, 0x0, 0x0)
r4 = syz_open_dev$vim2m(&(0x7f0000000080), 0x100000001, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r4, 0xc0d05605, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
prctl$PR_SET_SECCOMP(0x4e, 0x1, 0x0)
prctl$PR_SET_SECCOMP(0x4e, 0x1, 0x0)
r5 = socket$inet(0x2, 0x2000000000003, 0x2)
connect$inet(r5, &(0x7f00000001c0)={0x2, 0x4e24, @remote}, 0x10)
r6 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000100)="4c000000150097f87059ae08060c040002ff0f020000000000000187ac1414aaa69d35a2cca84708f7abca1bac1414aabd7c493872f750375ed08a560400000003c48f93b82a03000000461e", 0x4c}], 0x1}, 0x0)

14.815780978s ago: executing program 3 (id=902):
r0 = syz_open_dev$vbi(&(0x7f00000001c0), 0x1, 0x2)
fcntl$dupfd(r0, 0x0, r0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r2, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
ftruncate(r1, 0x9)
quotactl$Q_GETFMT(0xffffffff80000400, &(0x7f00000001c0)=@nbd={'/dev/nbd', 0x0}, 0xee01, &(0x7f0000000200))
lseek(0xffffffffffffffff, 0x1000000000931f, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000e40), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ENABLE(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000001080)={&(0x7f0000000000)={0x6c, r4, 0x1, 0x0, 0x25dfdbfe, {}, [@TIPC_NLA_BEARER={0x58, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x0, 0x0, @loopback={0x5f12}, 0x20000}}, {0x20, 0x2, @in6={0xa, 0xfffd, 0x0, @remote}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}]}]}, 0x6c}}, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0)
r6 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/compact_memory\x00', 0x1, 0x0)
sendfile(r6, r5, &(0x7f00000000c0)=0x58, 0x5)

11.768444044s ago: executing program 5 (id=907):
syz_open_dev$vbi(&(0x7f0000000780), 0x0, 0x2)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$procfs(0xffffff9c, &(0x7f00000000c0)='/proc/keys\x00', 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(0xffffffffffffffff, 0x40a45323, &(0x7f0000000640)={{0xa, 0xc}, 'port0\x00', 0x92, 0x0, 0x2, 0x80000001, 0x4c, 0x6, 0x9, 0x0, 0x3, 0xf7})
r2 = syz_io_uring_setup(0x239, &(0x7f0000000980)={0x0, 0x0, 0x10100}, &(0x7f0000000180)=<r3=>0x0, &(0x7f0000000000)=<r4=>0x0)
set_mempolicy(0x3, &(0x7f00000000c0)=0x3, 0x5)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x0, 0x0, @fd_index=0x3})
r6 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r6, 0xc04064a0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000380)=[<r7=>0x0], 0x0, 0x0, 0x0, 0x1})
io_uring_setup(0x31e4, &(0x7f0000000100)={0x0, 0x5b70, 0x10, 0x1, 0x2ee, 0x0, r2})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r6, 0xc05064a7, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)=[0x0, 0x0], &(0x7f0000000340), 0x0, 0x2, 0x0, 0x0, r7})

10.395788043s ago: executing program 3 (id=911):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/crypto\x00', 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newsa={0x140, 0x10, 0x413, 0x0, 0x0, {{@in=@multicast1, @in6=@empty, 0x0, 0x0, 0x4e24, 0x0, 0x2, 0x0, 0x20, 0x0, 0x0, 0xee00}, {@in6=@ipv4={'\x00', '\xff\xff', @remote}, 0x4d4, 0x32}, @in=@dev, {0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x20000000008}, {0x0, 0x8, 0xcc}, {0xf6}, 0x0, 0x0, 0xa, 0x1, 0x1}, [@algo_aead={0x4e, 0x12, {{'rfc4309(ccm(aes))\x00'}, 0x10, 0x80, "bed4"}}]}, 0x140}}, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r4, 0x6, 0x12, &(0x7f0000000180)=0x7a, 0x4)
sendmsg$TIPC_NL_KEY_SET(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)={0x54, r2, 0x1, 0x0, 0x0, {0x3}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x100, @dev={0xac, 0x14, 0x14, 0x41}}}, {0x14, 0x2, @in={0x2, 0x0, @multicast2}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0xffffffffffffffb0}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
fcntl$setstatus(r0, 0x4, 0x4000)
socket$vsock_stream(0x28, 0x1, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
unshare(0x2c020400)
msgget$private(0x0, 0x722)
msgsnd(0x0, &(0x7f0000000400)=ANY=[@ANYRESHEX], 0x2000, 0x0)
r8 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000080), 0x22002, 0x0)
ioctl$FBIOBLANK(r8, 0x4611, 0x2)
msgctl$IPC_RMID(0x0, 0x0)
syz_usb_connect_ath9k(0x3, 0x0, 0x0, 0x0)

9.032435174s ago: executing program 5 (id=912):
openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/crypto\x00', 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newsa={0x140, 0x10, 0x413, 0x0, 0x0, {{@in=@multicast1, @in6=@empty, 0x0, 0x0, 0x4e24, 0x0, 0x2, 0x0, 0x20, 0x0, 0x0, 0xee00}, {@in6=@ipv4={'\x00', '\xff\xff', @remote}, 0x4d4, 0x32}, @in=@dev, {0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x20000000008}, {0x0, 0x8, 0xcc}, {0xf6}, 0x0, 0x0, 0xa, 0x1, 0x1}, [@algo_aead={0x4f, 0x12, {{'rfc4309(ccm(aes))\x00'}, 0x18, 0x80, "bed40c"}}]}, 0x140}}, 0x0)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r2, 0x6, 0x12, &(0x7f0000000180)=0x7a, 0x4)
sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
unshare(0x2c020400)
msgget$private(0x0, 0x722)
msgsnd(0x0, &(0x7f0000000400)=ANY=[@ANYRESHEX], 0x2000, 0x0)
r6 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000080), 0x22002, 0x0)
ioctl$FBIOBLANK(r6, 0x4611, 0x2)
msgctl$IPC_RMID(0x0, 0x0)

8.962975256s ago: executing program 2 (id=913):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000001c0)={0x34, r2, 0x1, 0x70bd25, 0x0, {{0x2}, {@val={0x8, 0x3, r1}, @void}}, [@chandef_params=[@NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x6}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x9b4}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x6}]]}, 0x34}, 0x1, 0x0, 0x0, 0x4c854}, 0x4040000)

8.694022929s ago: executing program 2 (id=914):
r0 = syz_open_dev$vbi(&(0x7f00000001c0), 0x1, 0x2)
fcntl$dupfd(r0, 0x0, r0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r2, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
ftruncate(r1, 0x9)
quotactl$Q_GETFMT(0xffffffff80000400, &(0x7f00000001c0)=@nbd={'/dev/nbd', 0x0}, 0xee01, &(0x7f0000000200))
lseek(0xffffffffffffffff, 0x1000000000931f, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000e40), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ENABLE(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000001080)={&(0x7f0000000000)={0x6c, r4, 0x1, 0x0, 0x25dfdbfe, {}, [@TIPC_NLA_BEARER={0x58, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x0, 0x0, @loopback={0x5f12}, 0x20000}}, {0x20, 0x2, @in6={0xa, 0xfffd, 0x0, @remote}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}]}]}, 0x6c}}, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0)
r6 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/compact_memory\x00', 0x1, 0x0)
sendfile(r6, r5, &(0x7f00000000c0)=0x58, 0x5)

7.97083447s ago: executing program 5 (id=915):
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x50, 0xffffffffffffffff, 0x0)
socket(0x2b, 0x9, 0x3e)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000180)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0x4}, 0x0)
write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, 0x0, 0x0)
madvise(&(0x7f000058d000/0x3000)=nil, 0x3000, 0xe)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
syz_genetlink_get_family_id$nl80211(&(0x7f00000018c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r2, &(0x7f0000001b40)={0x0, 0x0, &(0x7f0000001b00)={&(0x7f0000000740)=ANY=[], 0x28}, 0x1, 0x0, 0x0, 0x40000}, 0x20000004)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000563000/0x2000)=nil)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x8, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x94)
socketpair$tipc(0x1e, 0x1, 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x5)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x5)
r5 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r5, 0x3b81, &(0x7f00000002c0)={0xc, 0x0, <r6=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r5, 0x3b85, &(0x7f0000000100)={0x28, 0x7, r6, 0x0, &(0x7f0000ffc000/0x3000)=nil, 0x3000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r5, 0x3ba0, &(0x7f00000001c0)={0x48, 0x5, r6, 0x0, <r7=>0xffffffffffffffff})
ioctl$IOMMU_TEST_OP_ACCESS_RW(r5, 0x3ba0, &(0x7f0000000540)={0x48, 0x8, r7, 0x0, 0x2fff, 0x1, &(0x7f00000000c0)='z', 0x4})
recvmsg(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{0x0}], 0x1}, 0x1f00)
sendmsg$tipc(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
syz_emit_ethernet(0x70, &(0x7f00000006c0)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @remote, @val={@void}, {@ipv4={0x800, @tipc={{0xd, 0x4, 0x1, 0x2, 0x5e, 0x64, 0x0, 0xb, 0x6, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast, {[@ssrr={0x89, 0x1f, 0xad, [@remote, @multicast2, @remote, @initdev={0xac, 0x1e, 0x0, 0x0}, @initdev={0xac, 0x1e, 0x1, 0x0}, @multicast1, @dev={0xac, 0x14, 0x14, 0x42}]}]}}, @payload_direct={{{{0x2a, 0x0, 0x1, 0x0, 0x1, 0x8, 0x2, 0x2, 0xfffc, 0x0, 0x1, 0x6, 0x1, 0x3, 0xe, 0x2, 0x1, 0x4e21, 0x4e24}, 0x2, 0x4}}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}}}}}, 0x0)

6.950530042s ago: executing program 3 (id=917):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
dup(0xffffffffffffffff)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0xffffffffffffff2b, 0x0)
ioctl$RTC_AIE_ON(0xffffffffffffffff, 0x7001)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$packet(0x11, 0x7a6f938d2aadffed, 0x300)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000180)='hugetlbfs\x00', 0x800001, 0x0)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)="5c00000026006bab9a3fe3d86e17aa31106b876c1d0000007ea60864160af36504001a0038001d004231a0e69ee5", 0x2e}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x4080)
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x3000008, 0x12, 0xffffffffffffffff, 0xabb35000)
recvmsg$kcm(r3, &(0x7f0000000940)={0x0, 0x0, 0x0}, 0x40000100)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x13, &(0x7f0000000240)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$AUDIT_USER_AVC(0xffffffffffffffff, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="043ef502"], 0xf8)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2010008, &(0x7f00000001c0), 0xff, 0x52e, &(0x7f0000000640)="$eJzs3cFvI1cZAPBvvHE22c02KXCASi2FFmUrWDtpaBtxKEVCcKqEKPclJE4UxYmj2Gk3UQXZvwAJIUDiBBcuSPwBSGglLhwRUiW4AlIRCMEWJDhAB9keJ8EZJ96tE+86v580O+/NeOb7njdvPON5GgdwaT0bEa9FxPtpmr4QEdPZ8kI2xUF7ar7uvftvLzenJNL0jb8lkWTLOvtKsvn1bLOJiPjqlyO+kZyMW9/b31iqVis7Wb3c2Nwu1/f2b61vLq1V1ipbCwvzLy++svjS4txA2nkjIl794p++9+2ffOnVX3zmrT/e/svNbzbTmsrWH2/HAxo7bWW76cWrE10b7DxksEdRsz3FTmWyv23unmM+AAD01jzH/1BEfDIiXojpuHL66SwAAADwGEo/PxX/SSLSfOM9lgMAAACPkUJrDGxSKGVjAaaiUCiV2mN4PxLXCtVavfHp1dru1kp7rOxMFAur69XKXDZWeCaKSbM+3yof1V/sqi9ExJMR8d3pyVa9tFyrrgz7yw8AAAC4JK53Xf//c7p9/Q8AAACMmJlhJwAAAACcO9f/AAAAMPpc/wMAAMBI+8rrrzen33d+/3rlzb3djdqbt1Yq9Y3S5u5yabm2s11aq9XWWs/s2zxrf9VabfuzsbV7p9yo1Bvl+t7+7c3a7lbj9npMXEiDAAAAgBOe/Pi93yURcfC5ydbUND7spIALMXZYSrJ5Tu//wxPt+bsXlBRwIa708Zp3r+Yvd54Aj7ex7gU9+joweorDTgAYuuSM9T0H7/w6m39isPkAAACDN/ux/Pv/Z10PRBwULiA94BzpxHB5dd3/T6eHlQhw4Vr3//sdyONkAUZKsa8RgMAo+8D3/8+Upg+UEAAAMHBTrSkplLKv96aiUCiVIm60fhagmKyuVytzEfFERPx2uni1WZ9vbZn0MUYAAAAAAAAAAAAAAAAAAAAAAAAAAIjWU7mTSAEAAICRFlH4c/LL9rP8Z6efn+r+fmA8+XfrJ4HHI+KtH77x/TtLjcbOfHP53w+XN36QLX9xGN9gAAAAAN061+mt+b+GnQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAo+a9+28vd6Y+Xj45qLh//UJEzOTFH4uJ1nwiihFx7R9JjB3bLomIKwOIf3A3Ij6aFz9ppnUYMi/+IN6EM+LHTPYu5MW/PoD4cJndax5/Xsvrf4V4tjXP739jEf9Xf1i9j39xePy70qP/3+gzxlPv/KzcM/7diKfG8o8/nfhJj/jP9Rn/61/b3++1Lv1RxGzn86d1xDse4ahUbmxul+t7+7fWN5fWKmuVrYWF+ZcXX1l8aXGuvLperWT/5sb4ztM/f/+09l/L/fxLsmx6t//5nP3lfSb995079z/cqRycjH/zuZz4v/px9oqT8QtZnE9l5eb62U75oF0+7pmf/uaZ09q/ctT+4oP8/9/stdNuJzrK0/3+6QAA56C+t7+xVK1Wdka20LxKfwTSUHgEC98a6A7TNE2bfSpn1b2I6Gc/SQy4pYX8fI4KPY8Awz4yAQAAg3Z00j/sTAAAAAAAAAAAAAAAAAAAAODyuoinrHXHPHoEcjKIR2gDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAzE/wIAAP//uEzT3A==")
write$cgroup_int(r4, &(0x7f0000000000)=0xfe8e, 0x12)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@textreal={0x8, &(0x7f0000000140)="0f2013d8422dba4300b83f22ef26f30f1efc66660f38800a0f78ac7400660f21fc0f43dff32e0f08", 0x28}], 0x0, 0x2e, 0x0, 0x0)

5.825656517s ago: executing program 0 (id=918):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x305200, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0xb}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0xa, 0x7f61, 0x1, 0xc5, 0xe23, 0x1, 0x1, 0x7fff, 0x1}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20008001}, 0x8080)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

5.601488945s ago: executing program 3 (id=919):
fsopen(0x0, 0x1)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
openat$zero(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f00000021c0)={0x2020, 0x0, <r2=>0x0, <r3=>0x0, <r4=>0x0}, 0x2020)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000004200)={0x50, 0x0, r2, {0x7, 0x29, 0xfffffffe, 0x2045404a, 0x0, 0x40, 0x2, 0x0, 0x0, 0x0, 0x20, 0x76}}, 0x50)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000d00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)={0x90, 0xfffffffffffffffe, 0x4000000a74e, {0x1, 0x0, 0x0, 0xffff, 0xfffffff8, 0x84, {0x2, 0x5, 0x7, 0x74, 0xffd, 0xffff, 0x7d59, 0x7fff, 0x4, 0x2000, 0x7f, r3, r4, 0x78002, 0xff}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f00000004c0)={'vlan1\x00', &(0x7f0000000480)=@ethtool_eee={0x17}})
quotactl$Q_GETINFO(0xffffffff80000501, &(0x7f0000000040)=@nbd={'/dev/nbd', 0x0}, r3, 0x0)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x3)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r6, 0x29, 0x1b, &(0x7f00000000c0)={@ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x1, 0x0, 0x0, 0x0, 0x400, 0x7cb}, 0x20)
syz_open_dev$usbmon(&(0x7f0000000000), 0x80000001, 0x82002)
r7 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r7, @ANYBLOB=',wfdno=', @ANYRESHEX=r7, @ANYBLOB='D\x00'])
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000600)=[{&(0x7f0000001800)=""/216, 0xd8}], 0x1})
io_uring_enter(0xffffffffffffffff, 0x847ba, 0x0, 0xe, 0x0, 0x0)
r8 = openat$fb0(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$FBIOBLANK(r8, 0x4611, 0x4)

5.485054285s ago: executing program 2 (id=920):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000004c0)='dctcp\x00', 0x6)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x2, 0x200, @loopback, 0x7}, 0x1c)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r0, &(0x7f0000000280)='2', 0x1, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0xffff, @loopback, 0x3}, 0x1c)
r1 = syz_usb_connect(0x0, 0x24, &(0x7f0000001040)={{0x12, 0x1, 0x0, 0x40, 0x15, 0x42, 0x20, 0x5a9, 0x1550, 0xe4bb, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x8e, 0xc4, 0x6f}}]}}]}}, 0x0)
syz_usb_control_io$uac1(r1, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000600)={0x3, &(0x7f00000005c0)=[{0x80, 0x8, 0x7, 0x800}, {0x81, 0x5, 0xc3, 0xffffffff}, {0x6, 0x6, 0x8}]})

5.146118152s ago: executing program 5 (id=921):
fsopen(0x0, 0x1)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
openat$zero(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f00000021c0)={0x2020, 0x0, <r2=>0x0, <r3=>0x0, <r4=>0x0}, 0x2020)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000004200)={0x50, 0x0, r2, {0x7, 0x29, 0xfffffffe, 0x2045404a, 0x0, 0x40, 0x2, 0x0, 0x0, 0x0, 0x20, 0x76}}, 0x50)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000d00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)={0x90, 0xfffffffffffffffe, 0x4000000a74e, {0x1, 0x0, 0x0, 0xffff, 0xfffffff8, 0x84, {0x2, 0x5, 0x7, 0x74, 0xffd, 0xffff, 0x7d59, 0x7fff, 0x4, 0x2000, 0x7f, r3, r4, 0x78002, 0xff}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f00000004c0)={'vlan1\x00', &(0x7f0000000480)=@ethtool_eee={0x17}})
quotactl$Q_GETINFO(0xffffffff80000501, &(0x7f0000000040)=@nbd={'/dev/nbd', 0x0}, r3, 0x0)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x3)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r6, 0x29, 0x1b, &(0x7f00000000c0)={@ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x1, 0x0, 0x0, 0x0, 0x400, 0x7cb}, 0x20)
syz_open_dev$usbmon(&(0x7f0000000000), 0x80000001, 0x82002)
r7 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r7, @ANYBLOB=',wfdno=', @ANYRESHEX=r7, @ANYBLOB='D\x00'])
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000600)=[{&(0x7f0000001800)=""/216, 0xd8}], 0x1})
io_uring_enter(0xffffffffffffffff, 0x847ba, 0x0, 0xe, 0x0, 0x0)
r8 = openat$fb0(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$FBIOBLANK(r8, 0x4611, 0x4)

4.946665166s ago: executing program 0 (id=922):
socketpair$unix(0x1, 0x3, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x68c81, 0x0)
getsockopt$bt_hci(0xffffffffffffffff, 0x84, 0x7d, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r4 = dup(r3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r4, 0x2000)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x0, 0x0})
ioctl$KVM_PRE_FAULT_MEMORY(r2, 0xc040aed5, &(0x7f00000000c0)={0xf000, 0x118000})

4.179503785s ago: executing program 0 (id=923):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r1 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000a, 0x13, r1, 0x2000)
syz_emit_ethernet(0x3a, &(0x7f00000001c0)=ANY=[@ANYBLOB="0180c200000ee43f6642531e08004800002c0000e000021190780000000000000000440c2d100000476d0000800100004e20000c90786110000111b2b3de921697d0af8efed06d18705c9f214ec6117167d2096902390587fb173601db6e1ca79cecc881a125662e9d9682bd1999e082d8c7d006a86aaba17d393b9faf93bc3f7e3a19e65d45e38dde96a7b80a55cb4eb025774583843c3544f140f850578c33583e37a4d5c63e47fab68debfe83653a65e83032b81c29dc40d4c45cb528339f6cd2978241592990454faab4c30a186a92ae19"], 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f000009df00)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x3ff, 0x1}, 0x20)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r3 = dup(r2)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r6, 0x84, 0x9, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r6, 0x84, 0x9, 0x0, 0x0)
bind$inet6(r6, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r6, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
shutdown(0xffffffffffffffff, 0x0)
r7 = syz_io_uring_setup(0x10d, &(0x7f0000000000)={0x0, 0xa83b, 0x10, 0x2, 0x400000, 0x0, r3}, &(0x7f0000000100)=<r8=>0x0, &(0x7f00000000c0)=<r9=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r8, r9, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x40, 0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x80000})
io_uring_enter(r7, 0x3516, 0x0, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17)
write$binfmt_aout(r3, 0x0, 0xffffffdb)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)

3.70141961s ago: executing program 3 (id=924):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
socket(0x2a, 0x2, 0x0)
pwritev2(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000280)="d8", 0x1}], 0x1, 0x81, 0x4, 0x82)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x4, 0x8001, 0x0, 0xb49, 0x200000000002, 0x7, 0x8, 0x3}, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x12)
mbind(&(0x7f0000763000/0x2000)=nil, 0x2000, 0x8003, &(0x7f0000000140)=0x2, 0x5, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)={0x5c, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}]}, 0x5c}}, 0x0)

3.538753116s ago: executing program 1 (id=925):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SIGNAL_MASK(r2, 0x4004ae8b, &(0x7f0000000040)=ANY=[])
ioctl$KVM_RUN(r2, 0xae80, 0x0)

3.245331419s ago: executing program 1 (id=926):
io_uring_setup(0x177d, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000300)=<r1=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r1, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0xca3e9000)
syz_io_uring_setup(0x229, 0x0, &(0x7f0000000600), &(0x7f0000000100))
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x40, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1, 0x0, 0x9}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}, @NFTA_HOOK_HOOKNUM={0x8}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @socket={{0xb}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_SOCKET_KEY={0x8}, @NFTA_SOCKET_DREG={0x8, 0x2, 0x1, 0x0, 0x17}]}}}]}]}], {0x14}}, 0xd8}, 0x1, 0x0, 0x0, 0x50}, 0x4000040)

3.230520401s ago: executing program 5 (id=927):
socket$inet_sctp(0x2, 0x1, 0x84)
syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000200)='./file0\x00', 0xa00010, &(0x7f0000000840)=ANY=[@ANYBLOB='nodecompose,decompose,nobarrier,gid=', @ANYRESHEX=0xee01, @ANYBLOB="2c6e6c733d69736f383835392d310000000072726965722c00bcd0f0b5c4e2957974ff5d7ea3c3dcee087e4983684e8a4c4e4e87b134e30ce77162b12885b964b3506ff3eae0f3599447b17861d19be78079e5dd7bdc7f1eb36e31ac14de48349767164f5f6431bbdeaef96a4f2bce64b5cfa76ce3a2c4302374bc5535d7e2eb8dfb2e5d58a37b7e37836597c21f51bcdf6df4cad825cfd9ef5ee9e89e04b15cd3cea9e152d67b9a7eedc5dfe6d85a3ce7c342da8cc969b552197cb8bcc4a1009f38f4a85b7c742101ba5bc03115feca2b994c699812"], 0x6, 0x635, &(0x7f0000000c80)="$eJzs3c1rHOcdB/DvrFZryQVHSezELYGKGNJSUVsvKK16iVtK0SGUkB56FrYcC6+VIClFCaWo79BTD/kD0oNuPRV6N6Tn9parjoFCLznppjKzs9LaWil6s1ZqPx/z7PM888w888xvZ2Zndi0mwP+t+Yk0n6TI/MTb62V9a3OmvbU5c6Vubicpy42k2clSLCfFZ8nddFK+Xk6s5y8OWs8nS3Pvfv7l1hedWrNO1fyNw5Y7mo06ZTzJUJ0/o/Wn4/Q33CmU/dzr398xFLtbWAbsVjdwMGg7+2wcZ/FTHrfARVB0Pjf3GUuuJhmprwNSnx0a5zu6s3essxwAAABcUi9sZzvruTbocQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBlUj//v6hTo1seT9F9/n+rnpa6fKk9GfQAAAAAAAAAAOAMfHM721nPtW59p6h+83+9qlyvXr+WD7OaxazkdtazkLWsZSVTScZ6OmqtL6ytrUwdYcnpvktOn8/2AgAAAAAAAMD/qN9kfu/3fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGKShOi86xaJO17vlsTSaSUaStMr5NpJ/dcuXRNFv4pPzHwcAAACcysgJlnlhO9tZz7Vufaeo7vlfqe6XR/JhlrOWpaylncXcr++hy7v+xtbmTHtrc+Zxmfb3+8P/HGsYVY+7X0P0W/PNao7RPMhSNeV27lWDuZ9GtWTpZnc8/cf163JMxVu1I47sfp2XK/vzQd8iDMRYFZHh3YhM1mMro/Hi4ZH4yneneeiaptLY/ebn+nOI+dU6L7fnDxcz5o1UkZju2fteOTwSybf+/tefP2wvP3r4YHXi4mzSCT27T8z0ROLVSx2J5jHnn6wicWO3Pp+f5GeZyHjeyUqW8ossZC2L2anbF+r9uXwdOzxSd5+qvfNVI2nV70vnLHqUMY3nx1VpIa9Xy17LUoq8n/tZzJvVv+lM5XuZzWzmet7hGweOu9q26qhvHO+ov/XtujCa5I91Pmidj9Qyri/2xLX3nDtWtfVO2YvSS2d/bmx+oy6U6/htnV8Mz0ZiqicSLx8eib9Ux8Zqe/nRysOFDw7of+OZ+ht1Xu5xv79QnxLl/vJSRuozydN7R9n28u5Z5ul4tepfXDptjX1tN6q2ougeqT898Eht1ddw+3uartpe7ds2U7Xd7Gl76nor76e9ez0EwAV29TtXW6P/Hv3n6Kejvxt9OPr2yI+ufP/Ka60M/2P4B83JoTcarxV/y6f51d79PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcHKrH338aKHdXlzpX2gc3HS2haJ+kM95rEth0IXuQwRP3eHdC7E5l7owlKRfU/0WneThosClcGft8Qd3Vj/6+LtLjxfeW3xvcXl4dnZucm72zZk7D5bai5Od10GPEnge9j70+7cXF+oBmwAAAAAAAAAAAECO9vc2O/X//zvxXxoMehsBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAy21+Is0nKTI1eXuyrG9tzrTL1C3vzdlM0mgkxS+T4rPkbjopYz3dFW8dsJ5Plube/fzLrS/2+mpW85ed1vkpbNQp40mG6vys+rt36v6K3S0sA3arGzgYtP8GAAD//+IHAOM=")
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000000)={0x1, [<r0=>0x0]}, &(0x7f0000000080)=0x8)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(0xffffffffffffffff, 0x84, 0x70, &(0x7f0000000600)={r0, @in={{0x2, 0x4e23, @remote}}, [0x10, 0x40, 0x6, 0x2, 0x2, 0xb6, 0x6, 0x6, 0xc0000000000, 0x9, 0x1, 0x7ff, 0xfc5, 0x1000001, 0x100000005]}, &(0x7f0000000500)=0x100)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
lsm_get_self_attr(0x64, &(0x7f0000000000), &(0x7f0000001280)=0xdb, 0x0)
statx(0xffffffffffffffff, 0x0, 0x4000, 0x12, 0x0)
syz_mount_image$hfs(&(0x7f0000000080), &(0x7f0000000040)='./file0\x00', 0x1041802, &(0x7f0000001540)=ANY=[@ANYBLOB="636f6465706167653d63703933322c706172743d3078303030303030303030303030243037642c756d61736b3d05000000303030303030303030303030303030303030362c696f636861727365743d6d616363656c7469632c7569643d", @ANYBLOB="4dfb27a01192a5a9969a7284f90c0abb695e7125ab37992c023fae23aba51821d675bdc5e44d38dc118003e058a051f291ffd15beee9cea3cc7680fedfe4896b6cec49f77f4aecfa6e5c7ae72224adfb66e810344f01b3b2500c05fbe905cf87e021d5c8e4dc7ea4b9b8a836518330e09b3f42cae1735984cd40ef71019d3eacf09d8ccd9252aed7dbb2cf7d883d35336fa93bb0883dc331a0b0c2972ec3b1a98250f0df3dae12563856b773ae551b534d5a", @ANYRESDEC, @ANYRES32=r0, @ANYBLOB="2c0020471af9a6c12f192a54d23d4279cdd8438ac4b2bd3012e397ffe7ad8a401007144fe56f257e3ac332d5712051275cb8150bd024c33c8c4d6c0cb5a6adacd516b6d776c62d5bcce938271e826799cff16aa315f3de60b57fc873f3a868fd1253b0ba16d483b0effd2b91948e6df99a79ed07a801fdd8df095bb5368224413478d14e86874d5b2c1791352acce6d07e78204c9f3fc24dbf11f2b7a423ce56fbdbe96727e7b83f6dfc9ca019650b77bb41a4dbce0952485e312181af9a447290865a7dfa4f7571e90943deecef276a42477c624f353cf7e6fc442b2ae5b6f5bcd39a24af91c07f31828f0e416c01aeb419c5f71fbed1caff892d2097009689f27979a758e7be1807ac2835a642de972f8b80d3b9ae27dfda058142d92fb48d7c0d038f9c600c19c1fd0bedbf857c8f513987d7d372b7b20a82cbdf1476e061410c3eaa"], 0x0, 0x2e3, &(0x7f0000001980)="$eJzs3c1u00oYxvFnnKRNP9Tj0/boSGxAhUqwqSiwQGyCULbsWSGgSaWKqIi2SMCmBbFEXAB7boGLYAPiBmDFigvozmjGE8dOHadFTdyP/09q5ExmPK81nsy8liACcG7da/74dPOX/TNSRRVJd6RAUl2qSvpP/9dfbO5s7HTaraITVVwL+2cUtzQH6qxttvOa2nauhRfad1XNpsswGlEU3f1ZdhAonZv9OQJp0s9D93l9zHGNyp50sewYxi09wGZf+3qpuRLDAQCcAH79D/wyMeuKjIJAWvbL/pla//fLDuB43eocKIoKG6TWf7e7i4wd33/cR718z6Vw9vOgmyUeJpha3/sJxXdWZoNphmWVLpZgan2jqpW1N2oFequGl6q26F5b8a3bNSTapZzctMDgs9V0fzq+Grej7OdD2l3vdpcT/0Jhj5NHifNwzBfzzTw0oT6qlez/qpGxw+RGKuwbqaC2vtFpXx98xhnXytaST/sbjUaQqfKv6+SC78EbMkr1/Iwkfc7uA4K9JIKiOF3f88o+VoivbnVIq4W8VmHybkCrxUwrezW2r5W1Z53CRymj0b1E88E8MEv6rc9qpvb/gY1vWamZWfRVb1xNf2fE1zORX7PqaoYHVo7edLmUROCN4KY/D472tOy9nui25rZfvX5a6XTaW/bgcebAyB48n90yvqT2TuqrM66DigrqaK9XElm7UXTYM0ejDP7asZ7Qfn8kJXb65FW2sywpCcY9TOfloPlVRTdk0UFkSptEvQPTvZGiSBpQZ2TfUzhBto0d69TSMVVmNCiB3XeZOP9zO3m/q3M5i30JC/bpxUmmMmdcTTK47FZw3r1OHymDmxmcwaV6vDEgZ3Q51+Wr0pVUoVFhj6GP84wwTX3XI57/AwAAAAAAAAAAAAAAAAAAnDbj+CcHZV8jAAAAAAAAAAAAAAAAAAAAAACn3V/9/m/e/xHvfv835Pd/gVPkTwAAAP//fMpzyA==")
r4 = syz_open_procfs(0x0, &(0x7f0000000040)='fd/3\x00')
r5 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r5, &(0x7f0000000140)=[{0x0}, {&(0x7f0000000180)="abd9296f", 0x4}], 0x2)
getdents64(r4, &(0x7f0000002f40)=""/4098, 0x1002)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
r6 = syz_open_dev$sndpcmp(&(0x7f00000032c0), 0x1, 0x20000)
ioctl$SNDRV_PCM_IOCTL_STATUS32(r6, 0x806c4120, &(0x7f0000003300))
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xe, 0x4, 0x8, 0x7}, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

3.030857952s ago: executing program 2 (id=928):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioprio_set$pid(0x1, 0x0, 0x4004)
socket$nl_route(0x10, 0x3, 0x0)
r2 = open(&(0x7f0000000580)='./bus\x00', 0x84242, 0x1df2a23c5997fa5f)
write$FUSE_CREATE_OPEN(r2, 0x0, 0x0)
sendfile(r2, r2, &(0x7f0000000080), 0x7ffff000)
io_uring_setup(0x191a, 0x0)

2.557476823s ago: executing program 1 (id=929):
socket$nl_xfrm(0x10, 0x3, 0x6)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10138, 0x2, 0x0)
r3 = inotify_init()
syz_clone3(&(0x7f00000002c0)={0x8040000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
ioctl$VFAT_IOCTL_READDIR_SHORT(r3, 0x82307202, &(0x7f0000000380)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x8, 0x0, 0x5, 0x2, &(0x7f0000000180), 0x101, 0x0, 0x0, {0x2}})
r4 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x8002)
ioctl$SCSI_IOCTL_GET_PCI(r4, 0x5393, &(0x7f0000000000))
socket$inet_sctp(0x2, 0x7, 0x84)
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, &(0x7f0000000100))
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETCRTC(0xffffffffffffffff, 0xc06864a1, &(0x7f0000000300)={0x0})

978.623183ms ago: executing program 3 (id=930):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r1 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000a, 0x13, r1, 0x2000)
syz_emit_ethernet(0x3a, &(0x7f00000001c0)=ANY=[@ANYBLOB="0180c200000ee43f6642531e08004800002c0000e000021190780000000000000000440c2d100000476d0000800100004e20000c90786110000111b2b3de921697d0af8efed06d18705c9f214ec6117167d2096902390587fb173601db6e1ca79cecc881a125662e9d9682bd1999e082d8c7d006a86aaba17d393b9faf93bc3f7e3a19e65d45e38dde96a7b80a55cb4eb025774583843c3544f140f850578c33583e37a4d5c63e47fab68debfe83653a65e83032b81c29dc40d4c45cb528339f6cd2978241592990454faab4c30a186a92ae19"], 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f000009df00)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x3ff, 0x1}, 0x20)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r3 = dup(r2)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r6, 0x84, 0x9, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r6, 0x84, 0x9, 0x0, 0x0)
bind$inet6(r6, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r6, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
shutdown(0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x10d, &(0x7f0000000000)={0x0, 0xa83b, 0x10, 0x2, 0x400000, 0x0, r3}, &(0x7f0000000100)=<r7=>0x0, &(0x7f00000000c0)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x40, 0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x80000})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
socket(0x10, 0x803, 0x0)

742.558631ms ago: executing program 1 (id=931):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

633.433958ms ago: executing program 0 (id=932):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000640)='/sys/power/pm_test', 0x42, 0x0)
io_setup(0x20, &(0x7f0000001140)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000001c0)=[&(0x7f0000000d80)={0xf, 0x400000000000, 0x0, 0x1, 0x0, r0, &(0x7f0000000c40)="0d32818e", 0x4}])

474.436657ms ago: executing program 2 (id=933):
socketpair$unix(0x1, 0x3, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x68c81, 0x0)
getsockopt$bt_hci(0xffffffffffffffff, 0x84, 0x7d, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r4 = dup(r3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r4, 0x2000)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x0, 0x0})
ioctl$KVM_PRE_FAULT_MEMORY(r2, 0xc040aed5, &(0x7f00000000c0)={0xf000, 0x118000})

356.571361ms ago: executing program 0 (id=934):
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000100), 0x121240, 0x0)
read$FUSE(r0, &(0x7f0000000240)={0x2020}, 0x2020)

321.651481ms ago: executing program 1 (id=935):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={0x0, 0xbc}}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SIGNAL_MASK(r2, 0x4004ae8b, &(0x7f0000000040)=ANY=[@ANYBLOB])
ioctl$KVM_RUN(r2, 0xae80, 0x0)

185.626132ms ago: executing program 0 (id=936):
socket$nl_route(0x10, 0x3, 0x0)
ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42f82, 0x0)
ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, 0x0)
r1 = socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x1, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x1}, 0x2)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan1\x00'})
sendmsg$NL80211_CMD_NEW_INTERFACE(r1, 0x0, 0x0)
r4 = syz_open_dev$vim2m(&(0x7f0000000080), 0x100000001, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r4, 0xc0d05605, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(r4, 0xc0145608, &(0x7f0000000040)={0x80000001, 0x1, 0x4})
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
prctl$PR_SET_SECCOMP(0x4e, 0x1, 0x0)
prctl$PR_SET_SECCOMP(0x4e, 0x1, 0x0)
r5 = socket$inet(0x2, 0x2000000000003, 0x2)
connect$inet(r5, &(0x7f00000001c0)={0x2, 0x4e24, @remote}, 0x10)
r6 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000100)="4c000000150097f87059ae08060c040002ff0f020000000000000187ac1414aaa69d35a2cca84708f7abca1bac1414aabd7c493872f750375ed08a560400000003c48f93b82a03000000461e", 0x4c}], 0x1}, 0x0)

62.446321ms ago: executing program 5 (id=937):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_SIGNAL_MASK(r2, 0x4004ae8b, &(0x7f0000000040)=ANY=[])
ioctl$KVM_RUN(r2, 0xae80, 0x0)

58.835454ms ago: executing program 2 (id=938):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet_sctp(0x2, 0x1, 0x84)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c)
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c)
syz_open_procfs(0xffffffffffffffff, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r2)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x1000)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
close(r3)
execve(&(0x7f0000000180)='./file0\x00', 0x0, &(0x7f0000000800)={[&(0x7f0000000940)='\x7f\xb7\xc3\x7f\xa5a\xd6A*c\x9b\xd8R\xf02b\xefA|uiWb\x8f\xee\x1c\xc5\xdb^\x11\x16h\x83\x94y<yN\xfbXh[\xe9\xa9\x1702\x7f\x9e\xf0\x99\xad\xdc;p\x98R\a\xb1\x9d^\x0f\x121\xb3\xab7P\xd6\xcb\x06\xfe2~W\xd9\xad\x80\xd9!\x89%\xb80\xa3l;\x1eK\x90\x15\xc6\x11A\xfc\x7f\xc6\xed\xe7\xa3\x9f\xb4\xce\"\xef\xa8\x86F\x15\xb9\rj\f\xafa\xb0}\xde\'E\x84\xb2bO\xd2\xd4\x85F\xde1e\xe0\xf2\xa0/\xd3<\xda\xfe\x04,\xfa\x97\xb6\xf4\xcf\x0el\xf2\xbd\x18\x88\xd7\x02\xce\x99\x1f\xadj\x89\xd9\xb7\xae9\xb0\xb0{n.\xd7\x87C\x0eh|KZG\x108l\n\xcd\xe9\x04\xafM\xbf\x83#>\x89\xf1Y{\x87\xd5\xf3\xccMr\xc5\xbdT\x9e\xc4\x84\x06\xcd\x8b\xcd\t\x01', &(0x7f0000000a40)='\x7f\xb7\xc3\x7f\xa5a\xd6A*c\x9b\xd8R\xf02b\xefA|uiWb\x8f\xee\x1c\xc5\xdb^\x11\x16h\x83\x94y<yN\xfbXh[\xe9\xa9\x1702\x7f\x9e\xf0\x99\xad\xdc;p\x98R\a\xb1\x9d^\x0f\x121\xb3\xab7P\xd6\xcb\x06\xfe2~W\xd9\xad\x80\xd9!\x89%\xb80\xa3l;\x1eK\x90\x15\xc6\x11A\xfc\x7f\xc6\xed\xe7\xa3\x9f\xb4\xce\"\xef\xa8\x86F\x15\xb9\rj\f\xafa\xb0}\xde\'E\x84\xb2bO\xd2\xd4\x85F\xde1e\xe0\xf2\xa0/\xd3<\xda\xfe\x04,\xfa\x97\xb6\xf4\xcf\x0el\xf2\xbd\x18\x88\xd7\x02\xce\x99\x1f\xadj\x89\xd9\xb7\xae9\xb0\xb0{n.\xd7\x87C\x0eh|KZG\x108l\n\xcd\xe9\x04\xafM\xbf\x83#>\x89\xf1Y{\x87\xd5\xf3\xccMr\xc5\xbdT\x9e\xc4\x84\x06\xcd\x8b\xcd\t\x01']})
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x10)
setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f00000000c0)='westwood\x00', 0x9)
socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$vim2m(&(0x7f0000002c80), 0x3, 0x2)

0s ago: executing program 1 (id=939):
socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x80)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x4, 0x8001, 0x0, 0xb49, 0x200000000002, 0x7, 0x8, 0x3}, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x12)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r2 = io_uring_setup(0x3450, &(0x7f0000000080)={0x0, 0x0, 0x10000})
r3 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r3, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r3, 0x7a0, &(0x7f0000000000)={@my=0x0})
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r3, 0x7a5, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="f00000001000000328bd700000000000ac1e4101000000000000000000000000ac1414aa0000000000000000000000004e230001000000000a0000002c"], 0xf0}, 0x1, 0x0, 0x0, 0xc0}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=@newtaction={0x48, 0x30, 0x53b, 0x0, 0x0, {0x9}, [{0x34, 0x1, [@m_sample={0x30, 0x1, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc}, {0xc, 0x4, {0x3}}}}]}]}, 0x48}}, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)=ANY=[@ANYBLOB="3800000054000100010000000000000007000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="010002006401010000000000000000000000000086dd"], 0x38}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003f000b05d25a806c8c6394f90324fc60100002000a000300053582c137153e3704020180fc0b09000c00", 0x33fe0}], 0x1}, 0x0)
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r3, 0x7a5, &(0x7f00000000c0)={{@my=0x0}, 0x1})
timer_create(0x3, 0x0, &(0x7f0000044000))
timer_settime(0x0, 0x236bd4336e4642df, &(0x7f0000000300)={{0x0, 0x1}, {0x0, 0xe4c}}, 0x0)
timer_settime(0x0, 0xffffffffffffffff, &(0x7f0000000080)={{}, {0x0, 0x9}}, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
mremap(&(0x7f00003eb000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000003000/0x1000)=nil)

kernel console output (not intermixed with test programs):

 T6379]  ? ieee80211_register_hw+0x1481/0x40a0
[  140.749228][ T6379]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  140.749243][ T6379]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  140.749264][ T6379]  ? __hrtimer_setup+0x187/0x210
[  140.749279][ T6379]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  140.749295][ T6379]  mac80211_hwsim_new_radio+0x2f0e/0x5340
[  140.749324][ T6379]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  140.749333][ T6379]  ? trace_kmalloc+0x1f/0xd0
[  140.749346][ T6379]  ? __kmalloc_node_track_caller_noprof+0x587/0x800
[  140.749359][ T6379]  ? __x64_sys_sendmsg+0x19b/0x260
[  140.749371][ T6379]  ? kstrndup+0xbf/0x160
[  140.749387][ T6379]  hwsim_new_radio_nl+0xea4/0x1b10
[  140.749401][ T6379]  ? __pfx___nla_validate_parse+0x10/0x10
[  140.749421][ T6379]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  140.749436][ T6379]  ? rcu_is_watching+0x15/0xb0
[  140.749448][ T6379]  ? __nla_parse+0x40/0x60
[  140.749460][ T6379]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[  140.749480][ T6379]  genl_family_rcv_msg_doit+0x212/0x300
[  140.749498][ T6379]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  140.749519][ T6379]  ? bpf_lsm_capable+0x9/0x20
[  140.749532][ T6379]  ? security_capable+0x7e/0x2e0
[  140.749551][ T6379]  genl_rcv_msg+0x60e/0x790
[  140.749568][ T6379]  ? __pfx_genl_rcv_msg+0x10/0x10
[  140.749580][ T6379]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  140.749600][ T6379]  ? __asan_memcpy+0x40/0x70
[  140.749612][ T6379]  ? __pfx_ref_tracker_free+0x10/0x10
[  140.749627][ T6379]  netlink_rcv_skb+0x208/0x470
[  140.749636][ T6379]  ? __lock_acquire+0xab9/0xd20
[  140.749652][ T6379]  ? __pfx_genl_rcv_msg+0x10/0x10
[  140.749666][ T6379]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  140.749688][ T6379]  ? down_read+0x1ad/0x2e0
[  140.749702][ T6379]  genl_rcv+0x28/0x40
[  140.749713][ T6379]  netlink_unicast+0x82c/0x9e0
[  140.749735][ T6379]  ? __pfx_netlink_unicast+0x10/0x10
[  140.749750][ T6379]  ? netlink_sendmsg+0x642/0xb30
[  140.749760][ T6379]  ? skb_put+0x11b/0x210
[  140.749773][ T6379]  netlink_sendmsg+0x805/0xb30
[  140.749789][ T6379]  ? __pfx_netlink_sendmsg+0x10/0x10
[  140.749802][ T6379]  ? aa_sock_msg_perm+0xf1/0x1d0
[  140.749813][ T6379]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  140.749823][ T6379]  ? __pfx_netlink_sendmsg+0x10/0x10
[  140.749834][ T6379]  __sock_sendmsg+0x219/0x270
[  140.749851][ T6379]  ____sys_sendmsg+0x505/0x830
[  140.749867][ T6379]  ? __pfx_____sys_sendmsg+0x10/0x10
[  140.749884][ T6379]  ? import_iovec+0x74/0xa0
[  140.749900][ T6379]  ___sys_sendmsg+0x21f/0x2a0
[  140.749913][ T6379]  ? __pfx____sys_sendmsg+0x10/0x10
[  140.749947][ T6379]  ? __fget_files+0x2a/0x420
[  140.749961][ T6379]  ? __fget_files+0x3a0/0x420
[  140.749981][ T6379]  __x64_sys_sendmsg+0x19b/0x260
[  140.749995][ T6379]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  140.750018][ T6379]  ? do_syscall_64+0xbe/0xfa0
[  140.750031][ T6379]  do_syscall_64+0xfa/0xfa0
[  140.750041][ T6379]  ? lockdep_hardirqs_on+0x9c/0x150
[  140.750051][ T6379]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  140.750061][ T6379]  ? clear_bhb_loop+0x60/0xb0
[  140.750073][ T6379]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  140.750083][ T6379] RIP: 0033:0x7fbb4fb8ebe9
[  140.750107][ T6379] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  140.750121][ T6379] RSP: 002b:00007fbb50aa6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  140.750139][ T6379] RAX: ffffffffffffffda RBX: 00007fbb4fdc5fa0 RCX: 00007fbb4fb8ebe9
[  140.750152][ T6379] RDX: 0000000000000310 RSI: 0000200000000040 RDI: 0000000000000004
[  140.750162][ T6379] RBP: 00007fbb4fc11e19 R08: 0000000000000000 R09: 0000000000000000
[  140.750173][ T6379] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  140.750183][ T6379] R13: 00007fbb4fdc6038 R14: 00007fbb4fdc5fa0 R15: 00007fff82237d68
[  140.750208][ T6379]  </TASK>
[  142.616569][ T6387] loop3: detected capacity change from 0 to 1024
[  143.494602][ T6398] loop2: detected capacity change from 0 to 128
[  143.707567][ T6398] EXT4-fs warning (device loop2): ext4_init_metadata_csum:4633: metadata_csum and uninit_bg are redundant flags; please run fsck.
[  143.755538][ T5915] udevd[5915]: incorrect jbd checksum on /dev/loop2
[  143.775744][ T6398] EXT4-fs (loop2): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
[  143.837016][ T5915] udevd[5915]: incorrect jbd checksum on /dev/loop2
[  144.341308][ T6403] loop2: detected capacity change from 0 to 1024
[  144.361553][   T30] kauditd_printk_skb: 30 callbacks suppressed
[  144.361589][   T30] audit: type=1326 audit(1757083322.484:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6397 comm="syz.2.96" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8de38ebe9 code=0x7ffc0000
[  144.867179][   T30] audit: type=1326 audit(1757083322.484:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6397 comm="syz.2.96" exe="/root/syz-executor" sig=0 arch=c000003e syscall=99 compat=0 ip=0x7ff8de38ebe9 code=0x7ffc0000
[  144.928270][ T6410] debugfs: '!' already exists in 'ieee80211'
[  145.143646][   T30] audit: type=1326 audit(1757083322.484:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6397 comm="syz.2.96" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8de38ebe9 code=0x7ffc0000
[  145.407931][   T30] audit: type=1326 audit(1757083322.484:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6397 comm="syz.2.96" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7ff8de38ebe9 code=0x7ffc0000
[  145.450581][   T30] audit: type=1326 audit(1757083322.484:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6397 comm="syz.2.96" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8de38ebe9 code=0x7ffc0000
[  145.475488][   T30] audit: type=1326 audit(1757083322.494:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6397 comm="syz.2.96" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff8de38ebe9 code=0x7ffc0000
[  145.506964][   T30] audit: type=1326 audit(1757083322.494:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6397 comm="syz.2.96" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8de38ebe9 code=0x7ffc0000
[  145.660913][   T30] audit: type=1326 audit(1757083322.494:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6397 comm="syz.2.96" exe="/root/syz-executor" sig=0 arch=c000003e syscall=116 compat=0 ip=0x7ff8de38ebe9 code=0x7ffc0000
[  145.692304][   T30] audit: type=1326 audit(1757083322.494:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6397 comm="syz.2.96" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8de38ebe9 code=0x7ffc0000
[  145.752076][   T30] audit: type=1326 audit(1757083322.494:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6397 comm="syz.2.96" exe="/root/syz-executor" sig=0 arch=c000003e syscall=323 compat=0 ip=0x7ff8de38ebe9 code=0x7ffc0000
[  146.471252][ T6413] nvme_fabrics: missing parameter 'transport=%s'
[  146.580562][ T6413] nvme_fabrics: missing parameter 'nqn=%s'
[  146.635418][ T5998] IPVS: starting estimator thread 0...
[  146.750332][ T6431] IPVS: using max 27 ests per chain, 64800 per kthread
[  146.888043][ T6437] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  147.856763][ T6447] loop4: detected capacity change from 0 to 1024
[  148.328298][    T9] hid_parser_main: 4 callbacks suppressed
[  148.328313][    T9] hid-generic 00A0:1006:0003.0003: unknown main item tag 0x0
[  148.399391][    T9] hid-generic 00A0:1006:0003.0003: unknown main item tag 0x0
[  148.425020][    T9] hid-generic 00A0:1006:0003.0003: unknown main item tag 0x0
[  148.476056][    T9] hid-generic 00A0:1006:0003.0003: unknown main item tag 0x0
[  148.606393][    T9] hid-generic 00A0:1006:0003.0003: unknown main item tag 0x0
[  148.637511][    T9] hid-generic 00A0:1006:0003.0003: unknown main item tag 0x0
[  148.770409][ T5860] usb 2-1: new full-speed USB device number 3 using dummy_hcd
[  148.975401][    T9] hid-generic 00A0:1006:0003.0003: unknown main item tag 0x0
[  148.980954][ T5860] usb 2-1: config 0 has no interfaces?
[  148.988388][ T5860] usb 2-1: New USB device found, idVendor=04f3, idProduct=0754, bcdDevice= 0.00
[  148.997681][ T5860] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  149.168394][ T5860] usb 2-1: config 0 descriptor??
[  149.169151][    T9] hid-generic 00A0:1006:0003.0003: unknown main item tag 0x0
[  149.791551][    T9] hid-generic 00A0:1006:0003.0003: unknown main item tag 0x0
[  149.799010][    T9] hid-generic 00A0:1006:0003.0003: unknown main item tag 0x0
[  150.164365][    T9] hid-generic 00A0:1006:0003.0003: hidraw0: <UNKNOWN> HID v800000.01 Device [syz1] on syz0
[  150.437817][ T6464] o2cb: This node has not been configured.
[  150.445548][ T6464] o2cb: Cluster check failed. Fix errors before retrying.
[  150.454839][ T6464] (syz.4.111,6464,1):user_dlm_register:674 ERROR: status = -22
[  150.473576][ T6464] (syz.4.111,6464,0):dlmfs_mkdir:438 ERROR: Error -22 could not register domain "bus"
[  150.790417][ T5930] usb 5-1: new low-speed USB device number 2 using dummy_hcd
[  151.014466][ T5930] usb 5-1: New USB device found, idVendor=13d8, idProduct=0001, bcdDevice=da.df
[  151.038409][ T5930] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  151.088958][ T5930] usb 5-1: config 0 descriptor??
[  151.182263][ T5930] usb 5-1: selecting invalid altsetting 3
[  151.244420][ T5930] comedi comedi5: could not set alternate setting 3 in high speed
[  151.282818][ T5930] usbdux 5-1:0.0: driver 'usbdux' failed to auto-configure device.
[  151.327805][ T5915] udevd[5915]: setting mode of /dev/comedi5 to 020600 failed: No such file or directory
[  151.334760][ T5930] usbdux 5-1:0.0: probe with driver usbdux failed with error -22
[  151.554412][ T5860] usb 2-1: can't set config #0, error -71
[  151.562387][ T5915] udevd[5915]: setting owner of /dev/comedi5 to uid=0, gid=0 failed: No such file or directory
[  152.382717][ T5860] usb 2-1: USB disconnect, device number 3
[  153.676704][ T6487] overlayfs: overlapping lowerdir path
[  154.048311][ T6484] netlink: 8 bytes leftover after parsing attributes in process `syz.2.113'.
[  154.318811][ T6491] loop0: detected capacity change from 0 to 32768
[  154.515759][ T6491] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.116 (6491)
[  154.594204][ T6491] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  154.604726][ T6491] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[  154.733198][ T6491] BTRFS info (device loop0): enabling ssd optimizations
[  154.740367][ T6491] BTRFS info (device loop0): enabling free space tree
[  154.792375][ T6491] netlink: 84 bytes leftover after parsing attributes in process `syz.0.116'.
[  155.400370][ T5860] usb 5-1: USB disconnect, device number 2
[  155.778172][ T5859] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  156.817024][ T6520] loop0: detected capacity change from 0 to 512
[  156.850354][ T5860] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  156.875883][ T6520] journal_path: Lookup failure for './file0'
[  156.899310][ T6520] EXT4-fs: error: could not find journal device path
[  158.543375][ T5860] usb 3-1: config index 0 descriptor too short (expected 23569, got 27)
[  158.580262][ T5860] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  158.696838][ T6531] 9pnet_fd: Insufficient options for proto=fd
[  159.260169][   T30] kauditd_printk_skb: 31 callbacks suppressed
[  159.260187][   T30] audit: type=1326 audit(1757083337.504:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6529 comm="syz.1.122" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f291838ebe9 code=0x0
[  159.363490][ T5860] usb 3-1: string descriptor 0 read error: -71
[  159.437470][ T5860] usb 3-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  159.465061][ T5860] usb 3-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  159.551961][ T5860] usb 3-1: config 0 descriptor??
[  159.612726][ T5860] usb 3-1: can't set config #0, error -71
[  159.612959][ T6534] nvme_fabrics: missing parameter 'transport=%s'
[  159.639215][ T6534] nvme_fabrics: missing parameter 'nqn=%s'
[  159.663732][ T5860] usb 3-1: USB disconnect, device number 2
[  160.732879][ T6542] netlink: 44 bytes leftover after parsing attributes in process `syz.4.126'.
[  160.939615][ T6545] loop0: detected capacity change from 0 to 2048
[  161.039233][ T6545] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  163.381064][ T6562] loop2: detected capacity change from 0 to 32768
[  163.410518][ T6562] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.128 (6562)
[  163.428819][ T6562] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  163.439144][ T6562] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm
[  163.681870][ T6579] loop1: detected capacity change from 0 to 512
[  163.692251][ T6579] journal_path: Lookup failure for './file0'
[  163.698304][ T6579] EXT4-fs: error: could not find journal device path
[  163.847198][  T983] hid_parser_main: 4 callbacks suppressed
[  163.847220][  T983] hid-generic 00A0:1006:0003.0004: unknown main item tag 0x0
[  165.458339][ T6562] BTRFS error (device loop2): open_ctree failed: -4
[  165.500238][  T983] hid-generic 00A0:1006:0003.0004: unknown main item tag 0x0
[  165.524700][  T983] hid-generic 00A0:1006:0003.0004: unknown main item tag 0x0
[  165.540245][  T983] hid-generic 00A0:1006:0003.0004: unknown main item tag 0x0
[  165.566913][  T983] hid-generic 00A0:1006:0003.0004: unknown main item tag 0x0
[  165.665374][  T983] hid-generic 00A0:1006:0003.0004: unknown main item tag 0x0
[  165.715764][  T983] hid-generic 00A0:1006:0003.0004: unknown main item tag 0x0
[  165.751260][ T6598] debugfs: '!' already exists in 'ieee80211'
[  165.792144][  T983] hid-generic 00A0:1006:0003.0004: unknown main item tag 0x0
[  165.839758][  T983] hid-generic 00A0:1006:0003.0004: unknown main item tag 0x0
[  165.972374][  T983] hid-generic 00A0:1006:0003.0004: unknown main item tag 0x0
[  166.040597][  T983] hid-generic 00A0:1006:0003.0004: hidraw0: <UNKNOWN> HID v800000.01 Device [syz1] on syz0
[  166.208404][ T6600] fido_id[6600]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  166.831953][ T6607] loop0: detected capacity change from 0 to 2048
[  166.864032][ T6607] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  167.695953][ T6614] netlink: 44 bytes leftover after parsing attributes in process `syz.4.140'.
[  167.700912][ T6616] netlink: 68 bytes leftover after parsing attributes in process `syz.1.134'.
[  168.225235][ T6621] loop1: detected capacity change from 0 to 8192
[  168.331861][ T5998] hid-generic 00A0:1006:0003.0005: hidraw0: <UNKNOWN> HID v800000.01 Device [syz1] on syz0
[  168.345985][ T6621] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  169.861206][ T6640] loop4: detected capacity change from 0 to 32768
[  169.880377][ T6640] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.145 (6640)
[  169.921685][ T6640] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  169.931970][ T6640] BTRFS info (device loop4): using sha256 (sha256-lib) checksum algorithm
[  170.208697][ T6656] netlink: 'syz.2.146': attribute type 2 has an invalid length.
[  170.240561][ T6656] netlink: 'syz.2.146': attribute type 1 has an invalid length.
[  171.235515][ T6640] BTRFS info (device loop4): enabling ssd optimizations
[  171.243179][ T6640] BTRFS info (device loop4): enabling free space tree
[  171.520033][ T6640] netlink: 84 bytes leftover after parsing attributes in process `syz.4.145'.
[  171.940084][ T6672] loop3: detected capacity change from 0 to 512
[  172.101767][ T6672] EXT4-fs warning (device loop3): ext4_multi_mount_protect:318: fsck is running on the filesystem
[  172.205062][ T6672] EXT4-fs warning (device loop3): ext4_multi_mount_protect:318: MMP failure info: last update time: 1669132786, last update node: dvyukov-desk.muc.corp.google.com, last update device: loop4
[  172.315489][ T5865] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  172.393682][ T6670] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  173.909728][ T6684] netlink: 44 bytes leftover after parsing attributes in process `syz.2.152'.
[  174.090216][ T5930] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  174.490707][ T5930] usb 5-1: Using ep0 maxpacket: 16
[  174.718455][ T5930] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  174.741290][ T5930] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  174.935101][ T5930] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  174.983349][ T5930] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  175.589065][ T5930] usb 5-1: Product: syz
[  175.618602][ T5930] usb 5-1: Manufacturer: syz
[  175.632191][ T5930] usb 5-1: SerialNumber: syz
[  175.657808][ T5930] usb 5-1: config 0 descriptor??
[  175.678419][ T5930] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  175.705600][ T5930] em28xx 5-1:0.0: Audio interface 0 found (Vendor Class)
[  175.772882][ T6695] 9pnet_fd: Insufficient options for proto=fd
[  176.305836][ T5930] em28xx 5-1:0.0: unknown em28xx chip ID (0)
[  176.312417][ T5930] em28xx 5-1:0.0: Config register raw data: 0xfffffffb
[  176.645466][ T5930] em28xx 5-1:0.0: AC97 chip type couldn't be determined
[  176.654469][ T5930] em28xx 5-1:0.0: No AC97 audio processor
[  176.958729][ T6702] overlayfs: overlapping lowerdir path
[  176.988431][ T5930] usb 5-1: USB disconnect, device number 3
[  177.000363][ T6702] netlink: 8 bytes leftover after parsing attributes in process `syz.3.156'.
[  177.026713][ T5930] em28xx 5-1:0.0: Disconnecting em28xx
[  177.038875][ T5930] em28xx 5-1:0.0: Freeing device
[  178.815691][ T6723] netlink: 68 bytes leftover after parsing attributes in process `syz.4.160'.
[  179.762402][ T6727] sysfs: cannot create duplicate filename '/class/ieee80211/!'
[  179.790375][ T6727] CPU: 1 UID: 0 PID: 6727 Comm: syz.4.161 Not tainted syzkaller #0 PREEMPT(full) 
[  179.790555][ T6727] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  179.790563][ T6727] Call Trace:
[  179.790572][ T6727]  <TASK>
[  179.790578][ T6727]  dump_stack_lvl+0x189/0x250
[  179.790610][ T6727]  ? __pfx_dump_stack_lvl+0x10/0x10
[  179.790623][ T6727]  ? __pfx__printk+0x10/0x10
[  179.790648][ T6727]  ? kernfs_path_from_node+0x2f/0x290
[  179.790659][ T6727]  ? kernfs_path_from_node+0x250/0x290
[  179.790669][ T6727]  ? kernfs_path_from_node+0x2f/0x290
[  179.790681][ T6727]  sysfs_warn_dup+0x8e/0xa0
[  179.790693][ T6727]  sysfs_do_create_link_sd+0xc0/0x110
[  179.790705][ T6727]  device_add_class_symlinks+0x1cf/0x240
[  179.790723][ T6727]  device_add+0x475/0xb50
[  179.790740][ T6727]  wiphy_register+0x1c81/0x2aa0
[  179.790767][ T6727]  ? __pfx_wiphy_register+0x10/0x10
[  179.790778][ T6727]  ? minstrel_ht_alloc+0x6dd/0x7e0
[  179.790796][ T6727]  ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0
[  179.790811][ T6727]  ieee80211_register_hw+0x3442/0x40a0
[  179.790834][ T6727]  ? ieee80211_register_hw+0x1481/0x40a0
[  179.790853][ T6727]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  179.790869][ T6727]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  179.790889][ T6727]  ? __hrtimer_setup+0x187/0x210
[  179.790904][ T6727]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  179.790920][ T6727]  mac80211_hwsim_new_radio+0x2f0e/0x5340
[  179.790958][ T6727]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  179.790974][ T6727]  ? trace_kmalloc+0x1f/0xd0
[  179.790987][ T6727]  ? __kmalloc_node_track_caller_noprof+0x587/0x800
[  179.791001][ T6727]  ? __x64_sys_sendmsg+0x19b/0x260
[  179.791014][ T6727]  ? kstrndup+0xbf/0x160
[  179.791030][ T6727]  hwsim_new_radio_nl+0xea4/0x1b10
[  179.791044][ T6727]  ? __pfx___nla_validate_parse+0x10/0x10
[  179.791064][ T6727]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  179.791080][ T6727]  ? rcu_is_watching+0x15/0xb0
[  179.791091][ T6727]  ? __nla_parse+0x40/0x60
[  179.791105][ T6727]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[  179.791124][ T6727]  genl_family_rcv_msg_doit+0x212/0x300
[  179.791142][ T6727]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  179.791164][ T6727]  ? bpf_lsm_capable+0x9/0x20
[  179.791176][ T6727]  ? security_capable+0x7e/0x2e0
[  179.791196][ T6727]  genl_rcv_msg+0x60e/0x790
[  179.791213][ T6727]  ? __pfx_genl_rcv_msg+0x10/0x10
[  179.791225][ T6727]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  179.791237][ T6727]  ? __asan_memcpy+0x40/0x70
[  179.791249][ T6727]  ? __pfx_ref_tracker_free+0x10/0x10
[  179.791264][ T6727]  netlink_rcv_skb+0x208/0x470
[  179.791273][ T6727]  ? __lock_acquire+0xab9/0xd20
[  179.791287][ T6727]  ? __pfx_genl_rcv_msg+0x10/0x10
[  179.791306][ T6727]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  179.791333][ T6727]  ? down_read+0x1ad/0x2e0
[  179.791347][ T6727]  genl_rcv+0x28/0x40
[  179.791359][ T6727]  netlink_unicast+0x82c/0x9e0
[  179.791386][ T6727]  ? __pfx_netlink_unicast+0x10/0x10
[  179.791402][ T6727]  ? netlink_sendmsg+0x642/0xb30
[  179.791412][ T6727]  ? skb_put+0x11b/0x210
[  179.791428][ T6727]  netlink_sendmsg+0x805/0xb30
[  179.791445][ T6727]  ? __pfx_netlink_sendmsg+0x10/0x10
[  179.791457][ T6727]  ? aa_sock_msg_perm+0xf1/0x1d0
[  179.791468][ T6727]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  179.791478][ T6727]  ? __pfx_netlink_sendmsg+0x10/0x10
[  179.791490][ T6727]  __sock_sendmsg+0x219/0x270
[  179.791507][ T6727]  ____sys_sendmsg+0x505/0x830
[  179.791531][ T6727]  ? __pfx_____sys_sendmsg+0x10/0x10
[  179.791549][ T6727]  ? import_iovec+0x74/0xa0
[  179.791565][ T6727]  ___sys_sendmsg+0x21f/0x2a0
[  179.791580][ T6727]  ? __pfx____sys_sendmsg+0x10/0x10
[  179.791615][ T6727]  ? __fget_files+0x2a/0x420
[  179.791629][ T6727]  ? __fget_files+0x3a0/0x420
[  179.791650][ T6727]  __x64_sys_sendmsg+0x19b/0x260
[  179.791664][ T6727]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  179.791687][ T6727]  ? do_syscall_64+0xbe/0xfa0
[  179.791700][ T6727]  do_syscall_64+0xfa/0xfa0
[  179.791710][ T6727]  ? lockdep_hardirqs_on+0x9c/0x150
[  179.791719][ T6727]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  179.791730][ T6727]  ? clear_bhb_loop+0x60/0xb0
[  179.791742][ T6727]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  179.791752][ T6727] RIP: 0033:0x7fcc03b8ebe9
[  179.791772][ T6727] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  179.791786][ T6727] RSP: 002b:00007fcc04a3e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  179.791802][ T6727] RAX: ffffffffffffffda RBX: 00007fcc03dc5fa0 RCX: 00007fcc03b8ebe9
[  179.791810][ T6727] RDX: 0000000000000310 RSI: 0000200000000040 RDI: 0000000000000006
[  179.791824][ T6727] RBP: 00007fcc03c11e19 R08: 0000000000000000 R09: 0000000000000000
[  179.791836][ T6727] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  179.791846][ T6727] R13: 00007fcc03dc6038 R14: 00007fcc03dc5fa0 R15: 00007ffde1f758d8
[  179.791879][ T6727]  </TASK>
[  182.362214][ T6746] netlink: 8 bytes leftover after parsing attributes in process `syz.4.164'.
[  182.932298][ T6741] loop3: detected capacity change from 0 to 8192
[  183.004089][ T6741] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  185.273294][ T6768] loop0: detected capacity change from 0 to 512
[  185.736378][ T6768] EXT4-fs warning (device loop0): ext4_multi_mount_protect:318: fsck is running on the filesystem
[  185.747294][ T6768] EXT4-fs warning (device loop0): ext4_multi_mount_protect:318: MMP failure info: last update time: 1669132786, last update node: dvyukov-desk.muc.corp.google.com, last update device: loop4
[  185.805276][ T6766] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  186.084172][ T6773] serio: Serial port ptm0
[  186.175103][ T6777] sysfs: cannot create duplicate filename '/class/ieee80211/!'
[  186.184411][ T6777] CPU: 1 UID: 0 PID: 6777 Comm: syz.3.172 Not tainted syzkaller #0 PREEMPT(full) 
[  186.184441][ T6777] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  186.184453][ T6777] Call Trace:
[  186.184462][ T6777]  <TASK>
[  186.184471][ T6777]  dump_stack_lvl+0x189/0x250
[  186.184504][ T6777]  ? __pfx_dump_stack_lvl+0x10/0x10
[  186.184530][ T6777]  ? __pfx__printk+0x10/0x10
[  186.184565][ T6777]  ? kernfs_path_from_node+0x2f/0x290
[  186.184585][ T6777]  ? kernfs_path_from_node+0x250/0x290
[  186.184604][ T6777]  ? kernfs_path_from_node+0x2f/0x290
[  186.184629][ T6777]  sysfs_warn_dup+0x8e/0xa0
[  186.184648][ T6777]  sysfs_do_create_link_sd+0xc0/0x110
[  186.184669][ T6777]  device_add_class_symlinks+0x1cf/0x240
[  186.184700][ T6777]  device_add+0x475/0xb50
[  186.184729][ T6777]  wiphy_register+0x1c81/0x2aa0
[  186.184762][ T6777]  ? __pfx_wiphy_register+0x10/0x10
[  186.184778][ T6777]  ? minstrel_ht_alloc+0x6dd/0x7e0
[  186.184806][ T6777]  ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0
[  186.184830][ T6777]  ieee80211_register_hw+0x3442/0x40a0
[  186.184865][ T6777]  ? ieee80211_register_hw+0x1481/0x40a0
[  186.184894][ T6777]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  186.184922][ T6777]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  186.184955][ T6777]  ? __hrtimer_setup+0x187/0x210
[  186.184978][ T6777]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  186.185003][ T6777]  mac80211_hwsim_new_radio+0x2f0e/0x5340
[  186.185049][ T6777]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  186.185065][ T6777]  ? trace_kmalloc+0x1f/0xd0
[  186.185083][ T6777]  ? __kmalloc_node_track_caller_noprof+0x587/0x800
[  186.185105][ T6777]  ? __x64_sys_sendmsg+0x19b/0x260
[  186.185123][ T6777]  ? kstrndup+0xbf/0x160
[  186.185150][ T6777]  hwsim_new_radio_nl+0xea4/0x1b10
[  186.185170][ T6777]  ? __pfx___nla_validate_parse+0x10/0x10
[  186.185202][ T6777]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  186.185240][ T6777]  ? rcu_is_watching+0x15/0xb0
[  186.185259][ T6777]  ? __nla_parse+0x40/0x60
[  186.185280][ T6777]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[  186.185316][ T6777]  genl_family_rcv_msg_doit+0x212/0x300
[  186.185345][ T6777]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  186.185380][ T6777]  ? bpf_lsm_capable+0x9/0x20
[  186.185406][ T6777]  ? security_capable+0x7e/0x2e0
[  186.185435][ T6777]  genl_rcv_msg+0x60e/0x790
[  186.185470][ T6777]  ? __pfx_genl_rcv_msg+0x10/0x10
[  186.185490][ T6777]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  186.185509][ T6777]  ? __asan_memcpy+0x40/0x70
[  186.185528][ T6777]  ? __pfx_ref_tracker_free+0x10/0x10
[  186.185552][ T6777]  netlink_rcv_skb+0x208/0x470
[  186.185567][ T6777]  ? __lock_acquire+0xab9/0xd20
[  186.185590][ T6777]  ? __pfx_genl_rcv_msg+0x10/0x10
[  186.185612][ T6777]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  186.185646][ T6777]  ? down_read+0x1ad/0x2e0
[  186.185674][ T6777]  genl_rcv+0x28/0x40
[  186.185693][ T6777]  netlink_unicast+0x82c/0x9e0
[  186.185733][ T6777]  ? __pfx_netlink_unicast+0x10/0x10
[  186.185759][ T6777]  ? netlink_sendmsg+0x642/0xb30
[  186.185774][ T6777]  ? skb_put+0x11b/0x210
[  186.185795][ T6777]  netlink_sendmsg+0x805/0xb30
[  186.185822][ T6777]  ? __pfx_netlink_sendmsg+0x10/0x10
[  186.185842][ T6777]  ? aa_sock_msg_perm+0xf1/0x1d0
[  186.185860][ T6777]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  186.185876][ T6777]  ? __pfx_netlink_sendmsg+0x10/0x10
[  186.185894][ T6777]  __sock_sendmsg+0x219/0x270
[  186.185925][ T6777]  ____sys_sendmsg+0x505/0x830
[  186.185950][ T6777]  ? __pfx_____sys_sendmsg+0x10/0x10
[  186.185978][ T6777]  ? import_iovec+0x74/0xa0
[  186.186007][ T6777]  ___sys_sendmsg+0x21f/0x2a0
[  186.186029][ T6777]  ? __pfx____sys_sendmsg+0x10/0x10
[  186.186084][ T6777]  ? __fget_files+0x2a/0x420
[  186.186106][ T6777]  ? __fget_files+0x3a0/0x420
[  186.186138][ T6777]  __x64_sys_sendmsg+0x19b/0x260
[  186.186160][ T6777]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  186.186195][ T6777]  ? do_syscall_64+0xbe/0xfa0
[  186.186231][ T6777]  do_syscall_64+0xfa/0xfa0
[  186.186247][ T6777]  ? lockdep_hardirqs_on+0x9c/0x150
[  186.186263][ T6777]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  186.186279][ T6777]  ? clear_bhb_loop+0x60/0xb0
[  186.186310][ T6777]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  186.186328][ T6777] RIP: 0033:0x7fbb4fb8ebe9
[  186.186345][ T6777] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  186.186359][ T6777] RSP: 002b:00007fbb50a85038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  186.186378][ T6777] RAX: ffffffffffffffda RBX: 00007fbb4fdc6090 RCX: 00007fbb4fb8ebe9
[  186.186391][ T6777] RDX: 0000000000000310 RSI: 0000200000000040 RDI: 0000000000000006
[  186.186401][ T6777] RBP: 00007fbb4fc11e19 R08: 0000000000000000 R09: 0000000000000000
[  186.186412][ T6777] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  186.186426][ T6777] R13: 00007fbb4fdc6128 R14: 00007fbb4fdc6090 R15: 00007fff82237d68
[  186.186456][ T6777]  </TASK>
[  188.034817][ T6791] netlink: 8 bytes leftover after parsing attributes in process `syz.2.171'.
[  188.107879][ T6770] overlayfs: overlapping lowerdir path
[  188.426992][ T6797] 9pnet_fd: Insufficient options for proto=fd
[  188.768004][ T6801] netlink: 8 bytes leftover after parsing attributes in process `syz.1.178'.
[  189.723341][ T6805] netlink: 68 bytes leftover after parsing attributes in process `syz.4.175'.
[  190.100044][ T6810] loop2: detected capacity change from 0 to 512
[  190.161555][ T6810] journal_path: Lookup failure for './file0'
[  190.190316][ T6810] EXT4-fs: error: could not find journal device path
[  192.220500][ T5998] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  192.280448][ T5930] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  192.393137][ T5998] usb 4-1: config 0 has an invalid interface number: 25 but max is 0
[  192.411689][ T5998] usb 4-1: config 0 has no interface number 0
[  192.418014][ T5998] usb 4-1: config 0 interface 25 altsetting 0 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  192.458251][ T5998] usb 4-1: New USB device found, idVendor=1b3b, idProduct=2951, bcdDevice=9e.ee
[  192.470976][ T5930] usb 2-1: Using ep0 maxpacket: 32
[  192.470982][ T5998] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  192.471004][ T5998] usb 4-1: Product: syz
[  192.493893][ T5930] usb 2-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[  192.508310][ T5998] usb 4-1: Manufacturer: syz
[  192.513400][ T5998] usb 4-1: SerialNumber: syz
[  192.534657][ T5998] usb 4-1: config 0 descriptor??
[  192.547239][ T5998] usb 4-1: Found UVC 0.00 device syz (1b3b:2951)
[  192.578678][ T5998] usb 4-1: No valid video chain found.
[  192.707220][ T5930] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  192.729915][ T5930] usb 2-1: config 0 descriptor??
[  192.740686][ T5930] gspca_main: vc032x-2.14.0 probing 0ac8:0321
[  193.436176][ T5930] gspca_vc032x: reg_r err -110
[  193.460391][ T5930] gspca_vc032x: I2c Bus Busy Wait 00
[  193.465916][ T5930] gspca_vc032x: I2c Bus Busy Wait 00
[  193.475472][  T980] usb 4-1: USB disconnect, device number 4
[  193.489617][ T5930] gspca_vc032x: I2c Bus Busy Wait 00
[  193.510167][ T5930] gspca_vc032x: I2c Bus Busy Wait 00
[  193.522596][ T5930] gspca_vc032x: I2c Bus Busy Wait 00
[  193.542060][ T5930] gspca_vc032x: I2c Bus Busy Wait 00
[  193.547392][ T5930] gspca_vc032x: I2c Bus Busy Wait 00
[  193.562120][ T5930] gspca_vc032x: I2c Bus Busy Wait 00
[  193.567607][ T5930] gspca_vc032x: I2c Bus Busy Wait 00
[  193.573639][ T5930] gspca_vc032x: I2c Bus Busy Wait 00
[  193.579069][ T5930] gspca_vc032x: I2c Bus Busy Wait 00
[  193.587793][ T5930] gspca_vc032x: I2c Bus Busy Wait 00
[  193.593571][ T5930] gspca_vc032x: I2c Bus Busy Wait 00
[  193.599050][ T5930] gspca_vc032x: I2c Bus Busy Wait 00
[  193.604748][ T5930] gspca_vc032x: I2c Bus Busy Wait 00
[  193.610563][ T5930] gspca_vc032x: I2c Bus Busy Wait 00
[  193.616749][ T5930] gspca_vc032x: I2c Bus Busy Wait 00
[  193.622734][ T5930] gspca_vc032x: I2c Bus Busy Wait 00
[  193.628166][ T5930] gspca_vc032x: Unknown sensor...
[  193.634427][ T5930] vc032x 2-1:0.0: probe with driver vc032x failed with error -22
[  194.574797][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  194.582992][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  195.889961][ T5998] usb 2-1: USB disconnect, device number 4
[  197.249524][ T6859] loop1: detected capacity change from 0 to 512
[  197.356484][ T6859] journal_path: Lookup failure for './file0'
[  197.565951][ T6859] EXT4-fs: error: could not find journal device path
[  199.227321][   T30] audit: type=1326 audit(1757083377.484:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6868 comm="syz.4.193" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fcc03b8ebe9 code=0x0
[  199.640058][  T983] IPVS: starting estimator thread 0...
[  199.845400][ T6874] IPVS: using max 49 ests per chain, 117600 per kthread
[  203.340450][ T6892] loop0: detected capacity change from 0 to 8192
[  203.568036][ T6892] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  203.780335][ T6904] netlink: 8 bytes leftover after parsing attributes in process `syz.4.200'.
[  206.339592][ T6922] netlink: 8 bytes leftover after parsing attributes in process `syz.3.205'.
[  206.712552][ T5863] Bluetooth: hci4: command 0x0406 tx timeout
[  206.723646][ T5878] Bluetooth: hci2: command 0x0406 tx timeout
[  206.730290][ T5863] Bluetooth: hci3: command 0x0406 tx timeout
[  206.736969][ T5863] Bluetooth: hci1: command 0x0406 tx timeout
[  207.102869][ T6931] 9pnet_fd: Insufficient options for proto=fd
[  209.619897][ T6947] loop0: detected capacity change from 0 to 736
[  211.095896][ T6953] loop2: detected capacity change from 0 to 256
[  211.262948][ T6955] loop3: detected capacity change from 0 to 1024
[  211.454305][ T6953] FAT-fs (loop2): Directory bread(block 64) failed
[  211.640421][ T6953] FAT-fs (loop2): Directory bread(block 65) failed
[  212.035825][ T6953] FAT-fs (loop2): Directory bread(block 66) failed
[  212.044059][ T6953] FAT-fs (loop2): Directory bread(block 67) failed
[  212.051106][ T6953] FAT-fs (loop2): Directory bread(block 68) failed
[  212.057870][ T6953] FAT-fs (loop2): Directory bread(block 69) failed
[  212.065414][ T6953] FAT-fs (loop2): Directory bread(block 70) failed
[  212.101527][ T6953] FAT-fs (loop2): Directory bread(block 71) failed
[  212.113399][ T6953] FAT-fs (loop2): Directory bread(block 72) failed
[  212.120687][ T6953] FAT-fs (loop2): Directory bread(block 73) failed
[  213.994630][ T6976] netlink: 68 bytes leftover after parsing attributes in process `syz.0.218'.
[  215.757422][ T6979] loop4: detected capacity change from 0 to 2048
[  215.820725][ T6979] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=18576, location=18576
[  216.249829][ T6979] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  216.357257][ T6985] sysfs: cannot create duplicate filename '/class/ieee80211/!'
[  216.365133][ T6985] CPU: 0 UID: 0 PID: 6985 Comm: syz.0.221 Not tainted syzkaller #0 PREEMPT(full) 
[  216.365183][ T6985] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  216.365204][ T6985] Call Trace:
[  216.365211][ T6985]  <TASK>
[  216.365220][ T6985]  dump_stack_lvl+0x189/0x250
[  216.365251][ T6985]  ? __pfx_dump_stack_lvl+0x10/0x10
[  216.365272][ T6985]  ? __pfx__printk+0x10/0x10
[  216.365301][ T6985]  ? kernfs_path_from_node+0x2f/0x290
[  216.365319][ T6985]  ? kernfs_path_from_node+0x250/0x290
[  216.365334][ T6985]  ? kernfs_path_from_node+0x2f/0x290
[  216.365355][ T6985]  sysfs_warn_dup+0x8e/0xa0
[  216.365371][ T6985]  sysfs_do_create_link_sd+0xc0/0x110
[  216.365389][ T6985]  device_add_class_symlinks+0x1cf/0x240
[  216.365416][ T6985]  device_add+0x475/0xb50
[  216.365445][ T6985]  wiphy_register+0x1c81/0x2aa0
[  216.365478][ T6985]  ? __pfx_wiphy_register+0x10/0x10
[  216.365493][ T6985]  ? minstrel_ht_alloc+0x6dd/0x7e0
[  216.365520][ T6985]  ? ieee80211_init_rate_ctrl_alg+0x56d/0x5f0
[  216.365544][ T6985]  ieee80211_register_hw+0x3442/0x40a0
[  216.365579][ T6985]  ? ieee80211_register_hw+0x1481/0x40a0
[  216.365609][ T6985]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  216.365632][ T6985]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  216.365664][ T6985]  ? __hrtimer_setup+0x187/0x210
[  216.365687][ T6985]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  216.365721][ T6985]  mac80211_hwsim_new_radio+0x2f0e/0x5340
[  216.365767][ T6985]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  216.365783][ T6985]  ? trace_kmalloc+0x1f/0xd0
[  216.365803][ T6985]  ? __kmalloc_node_track_caller_noprof+0x587/0x800
[  216.365824][ T6985]  ? __x64_sys_sendmsg+0x19b/0x260
[  216.365843][ T6985]  ? kstrndup+0xbf/0x160
[  216.365868][ T6985]  hwsim_new_radio_nl+0xea4/0x1b10
[  216.365888][ T6985]  ? __pfx___nla_validate_parse+0x10/0x10
[  216.365919][ T6985]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  216.365943][ T6985]  ? rcu_is_watching+0x15/0xb0
[  216.365961][ T6985]  ? __nla_parse+0x40/0x60
[  216.365982][ T6985]  ? genl_family_rcv_msg_attrs_parse+0x1c9/0x2a0
[  216.366011][ T6985]  genl_family_rcv_msg_doit+0x212/0x300
[  216.366039][ T6985]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  216.366072][ T6985]  ? bpf_lsm_capable+0x9/0x20
[  216.366096][ T6985]  ? security_capable+0x7e/0x2e0
[  216.366126][ T6985]  genl_rcv_msg+0x60e/0x790
[  216.366153][ T6985]  ? __pfx_genl_rcv_msg+0x10/0x10
[  216.366173][ T6985]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  216.366193][ T6985]  ? __asan_memcpy+0x40/0x70
[  216.366211][ T6985]  ? __pfx_ref_tracker_free+0x10/0x10
[  216.366234][ T6985]  netlink_rcv_skb+0x208/0x470
[  216.366248][ T6985]  ? __lock_acquire+0xab9/0xd20
[  216.366270][ T6985]  ? __pfx_genl_rcv_msg+0x10/0x10
[  216.366292][ T6985]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  216.366326][ T6985]  ? down_read+0x1ad/0x2e0
[  216.366347][ T6985]  genl_rcv+0x28/0x40
[  216.366365][ T6985]  netlink_unicast+0x82c/0x9e0
[  216.366397][ T6985]  ? __pfx_netlink_unicast+0x10/0x10
[  216.366423][ T6985]  ? netlink_sendmsg+0x642/0xb30
[  216.366437][ T6985]  ? skb_put+0x11b/0x210
[  216.366458][ T6985]  netlink_sendmsg+0x805/0xb30
[  216.366484][ T6985]  ? __pfx_netlink_sendmsg+0x10/0x10
[  216.366504][ T6985]  ? aa_sock_msg_perm+0xf1/0x1d0
[  216.366521][ T6985]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  216.366537][ T6985]  ? __pfx_netlink_sendmsg+0x10/0x10
[  216.366554][ T6985]  __sock_sendmsg+0x219/0x270
[  216.366580][ T6985]  ____sys_sendmsg+0x505/0x830
[  216.366605][ T6985]  ? __pfx_____sys_sendmsg+0x10/0x10
[  216.366632][ T6985]  ? import_iovec+0x74/0xa0
[  216.366656][ T6985]  ___sys_sendmsg+0x21f/0x2a0
[  216.366677][ T6985]  ? __pfx____sys_sendmsg+0x10/0x10
[  216.366735][ T6985]  ? __fget_files+0x2a/0x420
[  216.366757][ T6985]  ? __fget_files+0x3a0/0x420
[  216.366790][ T6985]  __x64_sys_sendmsg+0x19b/0x260
[  216.366812][ T6985]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  216.366847][ T6985]  ? do_syscall_64+0xbe/0xfa0
[  216.366868][ T6985]  do_syscall_64+0xfa/0xfa0
[  216.366882][ T6985]  ? lockdep_hardirqs_on+0x9c/0x150
[  216.366898][ T6985]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  216.366914][ T6985]  ? clear_bhb_loop+0x60/0xb0
[  216.366934][ T6985]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  216.366950][ T6985] RIP: 0033:0x7fb79558ebe9
[  216.366966][ T6985] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  216.366980][ T6985] RSP: 002b:00007fb7963e4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  216.366998][ T6985] RAX: ffffffffffffffda RBX: 00007fb7957c6090 RCX: 00007fb79558ebe9
[  216.367010][ T6985] RDX: 0000000000000310 RSI: 0000200000000040 RDI: 0000000000000006
[  216.367020][ T6985] RBP: 00007fb795611e19 R08: 0000000000000000 R09: 0000000000000000
[  216.367030][ T6985] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  216.367040][ T6985] R13: 00007fb7957c6128 R14: 00007fb7957c6090 R15: 00007ffe21e6ed38
[  216.367069][ T6985]  </TASK>
[  217.196327][ T6990] loop3: detected capacity change from 0 to 512
[  217.654528][ T6990] EXT4-fs warning (device loop3): ext4_multi_mount_protect:318: fsck is running on the filesystem
[  217.665347][ T6990] EXT4-fs warning (device loop3): ext4_multi_mount_protect:318: MMP failure info: last update time: 1669132786, last update node: dvyukov-desk.muc.corp.google.com, last update device: loop4
[  217.712307][ T6988] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  218.425846][ T6997] loop0: detected capacity change from 0 to 1024
[  219.237504][    T9] hid_parser_main: 18 callbacks suppressed
[  219.237518][    T9] hid-generic 00A0:1006:0003.0006: unknown main item tag 0x0
[  219.255893][    T9] hid-generic 00A0:1006:0003.0006: unknown main item tag 0x0
[  219.265359][    T9] hid-generic 00A0:1006:0003.0006: unknown main item tag 0x0
[  219.277819][    T9] hid-generic 00A0:1006:0003.0006: unknown main item tag 0x0
[  219.325441][    T9] hid-generic 00A0:1006:0003.0006: unknown main item tag 0x0
[  219.348789][    T9] hid-generic 00A0:1006:0003.0006: unknown main item tag 0x0
[  219.446983][    T9] hid-generic 00A0:1006:0003.0006: unknown main item tag 0x0
[  219.490395][ T5998] usb 5-1: new full-speed USB device number 4 using dummy_hcd
[  219.609570][    T9] hid-generic 00A0:1006:0003.0006: unknown main item tag 0x0
[  219.660416][    T9] hid-generic 00A0:1006:0003.0006: unknown main item tag 0x0
[  219.678976][    T9] hid-generic 00A0:1006:0003.0006: unknown main item tag 0x0
[  219.694263][ T5998] usb 5-1: config 0 has no interfaces?
[  219.699838][ T5998] usb 5-1: New USB device found, idVendor=04f3, idProduct=0754, bcdDevice= 0.00
[  219.731031][    T9] hid-generic 00A0:1006:0003.0006: hidraw0: <UNKNOWN> HID v800000.01 Device [syz1] on syz0
[  219.761486][ T5998] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  219.831646][ T5998] usb 5-1: config 0 descriptor??
[  220.458679][ T7024] netlink: 9 bytes leftover after parsing attributes in process `syz.2.231'.
[  220.508559][ T7024] gretap0: entered promiscuous mode
[  222.540297][ T5860] usb 4-1: new full-speed USB device number 5 using dummy_hcd
[  223.037818][ T5860] usb 4-1: config 0 has no interfaces?
[  223.043460][ T5860] usb 4-1: New USB device found, idVendor=04f3, idProduct=0754, bcdDevice= 0.00
[  223.053799][ T5860] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  223.063833][ T5860] usb 4-1: config 0 descriptor??
[  223.529391][ T7044] loop0: detected capacity change from 0 to 2048
[  223.533793][  T980] usb 5-1: USB disconnect, device number 4
[  223.638556][ T7044] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=18576, location=18576
[  223.761511][ T7044] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  223.925463][ T7050] loop2: detected capacity change from 0 to 1024
[  224.650334][ T5860] usb 4-1: USB disconnect, device number 5
[  224.889460][  T983] usb 2-1: new full-speed USB device number 5 using dummy_hcd
[  225.157281][  T983] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  225.825361][  T983] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 2
[  226.273609][  T983] usb 2-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  226.299555][  T983] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  226.327627][  T983] usb 2-1: config 0 descriptor??
[  226.365431][  T983] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  226.386101][  T983] dvb-usb: bulk message failed: -22 (3/0)
[  226.443580][  T983] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  226.475002][  T983] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  226.490924][  T983] usb 2-1: media controller created
[  226.509199][  T983] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  226.568017][ T7051] dibusb: i2c wr: len=61 is too big!
[  226.568017][ T7051] 
[  226.603423][  T983] dvb-usb: bulk message failed: -22 (6/0)
[  226.627692][  T983] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  226.675882][  T983] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb2/2-1/input/input5
[  226.742391][  T983] dvb-usb: schedule remote query interval to 150 msecs.
[  226.761086][  T983] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  226.813958][  T983] usb 2-1: USB disconnect, device number 5
[  227.042964][  T983] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  232.022357][ T7116] loop6: detected capacity change from 0 to 7
[  232.037687][ T7116] Dev loop6: unable to read RDB block 7
[  232.044424][ T7116]  loop6: AHDI p3 p4
[  232.048442][ T7116] loop6: partition table partially beyond EOD, truncated
[  232.061911][ T7116] loop6: p3 start 1886353253 is beyond EOD, truncated
[  232.281587][ T7118] netlink: 332 bytes leftover after parsing attributes in process `syz.2.252'.
[  235.753495][ T7148] loop0: detected capacity change from 0 to 32768
[  235.773409][ T7148] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.261 (7148)
[  235.809954][ T7148] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  235.820329][ T7148] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[  235.911641][ T7148] BTRFS info (device loop0): enabling ssd optimizations
[  235.918634][ T7148] BTRFS info (device loop0): enabling free space tree
[  236.783253][ T5859] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  238.719995][ T7178] loop4: detected capacity change from 0 to 8192
[  238.825084][ T7178] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  239.234580][ T7193] capability: warning: `syz.0.267' uses deprecated v2 capabilities in a way that may be insecure
[  240.538507][ T7205] syz_tun: entered allmulticast mode
[  242.335780][ T7212] program syz.4.273 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  242.864228][ T7223] loop6: detected capacity change from 0 to 7
[  242.888770][ T7223] Dev loop6: unable to read RDB block 7
[  242.925477][ T7223]  loop6: unable to read partition table
[  243.037453][ T7223] loop6: partition table beyond EOD, truncated
[  243.110814][ T7223] loop_reread_partitions: partition scan of loop6 (þ被xü—ŸÑà– ) failed (rc=-5)
[  243.455004][ T7231] loop4: detected capacity change from 0 to 128
[  243.555098][ T7231] EXT4-fs warning (device loop4): ext4_init_metadata_csum:4633: metadata_csum and uninit_bg are redundant flags; please run fsck.
[  243.625249][ T7231] EXT4-fs (loop4): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
[  243.651578][ T5915] udevd[5915]: incorrect jbd checksum on /dev/loop4
[  244.011316][   T30] audit: type=1326 audit(1757083422.264:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7229 comm="syz.4.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc03b8ebe9 code=0x7ffc0000
[  244.033562][    C0] vkms_vblank_simulate: vblank timer overrun
[  244.057453][ T7231] loop4: detected capacity change from 0 to 1024
[  244.282036][   T30] audit: type=1326 audit(1757083422.274:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7229 comm="syz.4.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc03b8ebe9 code=0x7ffc0000
[  244.343372][   T30] audit: type=1326 audit(1757083422.274:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7229 comm="syz.4.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=99 compat=0 ip=0x7fcc03b8ebe9 code=0x7ffc0000
[  244.384664][ T7242] netlink: 4 bytes leftover after parsing attributes in process `syz.3.279'.
[  244.520809][ T7242] netlink: 4 bytes leftover after parsing attributes in process `syz.3.279'.
[  244.573111][   T30] audit: type=1326 audit(1757083422.274:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7229 comm="syz.4.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc03b8ebe9 code=0x7ffc0000
[  244.602281][   T30] audit: type=1326 audit(1757083422.274:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7229 comm="syz.4.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc03b8ebe9 code=0x7ffc0000
[  244.626591][   T30] audit: type=1326 audit(1757083422.304:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7229 comm="syz.4.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7fcc03b8ebe9 code=0x7ffc0000
[  244.649667][   T30] audit: type=1326 audit(1757083422.304:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7229 comm="syz.4.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc03b8ebe9 code=0x7ffc0000
[  244.674179][   T30] audit: type=1326 audit(1757083422.304:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7229 comm="syz.4.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc03b8ebe9 code=0x7ffc0000
[  244.726029][   T30] audit: type=1326 audit(1757083422.304:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7229 comm="syz.4.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fcc03b8ebe9 code=0x7ffc0000
[  245.349624][ T7242] netlink: 4 bytes leftover after parsing attributes in process `syz.3.279'.
[  245.386671][ T7242] netlink: 4 bytes leftover after parsing attributes in process `syz.3.279'.
[  245.420359][   T30] audit: type=1326 audit(1757083422.304:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7229 comm="syz.4.278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc03b8ebe9 code=0x7ffc0000
[  245.510197][ T5860] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  245.805691][ T5860] usb 3-1: config 127 has an invalid descriptor of length 0, skipping remainder of the config
[  245.863392][ T5860] usb 3-1: config 127 has 0 interfaces, different from the descriptor's value: 1
[  245.958359][ T7242] netlink: 4 bytes leftover after parsing attributes in process `syz.3.279'.
[  245.969192][ T5860] usb 3-1: New USB device found, idVendor=046d, idProduct=08b6, bcdDevice=ca.8e
[  246.010290][ T7242] netlink: 4 bytes leftover after parsing attributes in process `syz.3.279'.
[  246.041364][ T5860] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  248.002359][ T7271] loop1: detected capacity change from 0 to 2048
[  248.015275][ T7271] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  248.184105][ T7272] netlink: 332 bytes leftover after parsing attributes in process `syz.3.286'.
[  248.442620][    T9] usb 3-1: USB disconnect, device number 3
[  248.868142][ T7281] loop6: detected capacity change from 0 to 7
[  248.885884][ T7281] Dev loop6: unable to read RDB block 7
[  248.892398][ T7281]  loop6: unable to read partition table
[  248.903734][ T7281] loop6: partition table beyond EOD, truncated
[  248.909924][ T7281] loop_reread_partitions: partition scan of loop6 (þ被xü—ŸÑà– ) failed (rc=-5)
[  249.534736][ T7284] loop1: detected capacity change from 0 to 2048
[  249.562471][ T7284] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=18576, location=18576
[  249.686491][ T7284] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  250.878912][ T7302] loop3: detected capacity change from 0 to 256
[  251.588521][ T7312] exFAT-fs (loop3): start_clu is invalid cluster(0x400)
[  253.018565][ T7292] loop0: detected capacity change from 0 to 32768
[  253.621596][ T7324] loop3: detected capacity change from 0 to 2048
[  253.646789][ T7324] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  254.063577][ T7332] netlink: 332 bytes leftover after parsing attributes in process `syz.0.300'.
[  255.804700][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  255.812646][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  256.729057][ T7346] loop3: detected capacity change from 0 to 32768
[  256.754374][ T7346] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.304 (7346)
[  256.770766][ T7346] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  256.780964][ T7346] BTRFS info (device loop3): using sha256 (sha256-lib) checksum algorithm
[  257.124259][ T7346] BTRFS info (device loop3): enabling ssd optimizations
[  257.131563][ T7346] BTRFS info (device loop3): enabling free space tree
[  257.765098][ T7346] netlink: 84 bytes leftover after parsing attributes in process `syz.3.304'.
[  258.460792][ T5866] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  258.944720][ T5951] hid_parser_main: 4 callbacks suppressed
[  258.944737][ T5951] hid-generic 00A0:1006:0003.0007: unknown main item tag 0x0
[  258.976893][ T5951] hid-generic 00A0:1006:0003.0007: unknown main item tag 0x0
[  259.045053][ T5951] hid-generic 00A0:1006:0003.0007: unknown main item tag 0x0
[  259.046225][ T7378] loop0: detected capacity change from 0 to 1024
[  259.120221][ T5951] hid-generic 00A0:1006:0003.0007: unknown main item tag 0x0
[  259.134770][ T5951] hid-generic 00A0:1006:0003.0007: unknown main item tag 0x0
[  259.195702][ T5951] hid-generic 00A0:1006:0003.0007: unknown main item tag 0x0
[  259.226177][ T5951] hid-generic 00A0:1006:0003.0007: unknown main item tag 0x0
[  259.250199][  T983] usb 5-1: new full-speed USB device number 5 using dummy_hcd
[  259.304255][ T5951] hid-generic 00A0:1006:0003.0007: unknown main item tag 0x0
[  259.335114][ T5951] hid-generic 00A0:1006:0003.0007: unknown main item tag 0x0
[  259.343604][ T5951] hid-generic 00A0:1006:0003.0007: unknown main item tag 0x0
[  259.377483][ T5951] hid-generic 00A0:1006:0003.0007: hidraw0: <UNKNOWN> HID v800000.01 Device [syz1] on syz0
[  259.637191][  T983] usb 5-1: config 0 has no interfaces?
[  259.654389][  T983] usb 5-1: New USB device found, idVendor=04f3, idProduct=0754, bcdDevice= 0.00
[  259.685687][  T983] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  259.709410][  T983] usb 5-1: config 0 descriptor??
[  260.709294][ T7392] kvm: vcpu 0: requested 3328 ns lapic timer period limited to 200000 ns
[  261.649602][ T7401] netlink: 8 bytes leftover after parsing attributes in process `syz.3.313'.
[  263.921621][ T7409] loop2: detected capacity change from 0 to 736
[  264.198272][  T980] usb 5-1: USB disconnect, device number 5
[  264.253028][ T7413] loop0: detected capacity change from 0 to 736
[  264.648224][   T30] kauditd_printk_skb: 49 callbacks suppressed
[  264.648242][   T30] audit: type=1326 audit(1757083442.904:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7417 comm="syz.2.318" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff8de38ebe9 code=0x0
[  265.013936][ T5860] IPVS: starting estimator thread 0...
[  265.310392][ T7428] IPVS: using max 30 ests per chain, 72000 per kthread
[  266.372445][ T7433] netlink: 8 bytes leftover after parsing attributes in process `syz.0.320'.
[  266.461973][ T7437] program syz.1.321 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  267.893877][ T7455] loop2: detected capacity change from 0 to 128
[  268.235618][ T7461] syz.2.328: attempt to access beyond end of device
[  268.235618][ T7461] loop2: rw=3, sector=137, nr_sectors = 7 limit=128
[  268.249504][ T7461] syz.2.328: attempt to access beyond end of device
[  268.249504][ T7461] loop2: rw=2051, sector=144, nr_sectors = 897 limit=128
[  269.588257][ T7470] loop2: detected capacity change from 0 to 2048
[  270.013090][ T7470] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  270.057154][   T30] audit: type=1800 audit(1757083448.314:189): pid=7469 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.329" name="file1" dev="loop2" ino=1415 res=0 errno=0
[  271.699580][ T7478] loop2: detected capacity change from 0 to 2048
[  272.124285][ T7478] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  272.175954][   T30] audit: type=1800 audit(1757083450.434:190): pid=7477 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.332" name="file1" dev="loop2" ino=1415 res=0 errno=0
[  274.286245][ T7496] loop3: detected capacity change from 0 to 32768
[  274.330591][ T7496] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.338 (7496)
[  274.436991][ T7496] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  274.447219][ T7496] BTRFS info (device loop3): using sha256 (sha256-lib) checksum algorithm
[  274.928041][ T7496] BTRFS info (device loop3): enabling ssd optimizations
[  274.935097][ T7496] BTRFS info (device loop3): enabling free space tree
[  275.784095][ T7529] o2cb: This node has not been configured.
[  275.790373][ T7529] o2cb: Cluster check failed. Fix errors before retrying.
[  275.803104][ T7529] (syz.1.341,7529,0):user_dlm_register:674 ERROR: status = -22
[  275.817510][ T5866] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  275.849225][ T7529] (syz.1.341,7529,0):dlmfs_mkdir:438 ERROR: Error -22 could not register domain "bus"
[  276.110212][ T5983] usb 2-1: new low-speed USB device number 6 using dummy_hcd
[  276.432507][ T5983] usb 2-1: config 0 has an invalid interface number: 207 but max is 0
[  277.011706][ T5983] usb 2-1: config 0 has no interface number 0
[  277.017948][ T5983] usb 2-1: New USB device found, idVendor=13d8, idProduct=0001, bcdDevice=da.df
[  277.143316][ T5983] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  277.245476][ T5983] usb 2-1: config 0 descriptor??
[  277.272983][ T7538] 9pnet_fd: Insufficient options for proto=fd
[  278.101206][ T5983] usb 2-1: selecting invalid altsetting 3
[  278.106998][ T5983] comedi comedi5: could not set alternate setting 3 in high speed
[  278.385171][ T5983] usbdux 2-1:0.207: driver 'usbdux' failed to auto-configure device.
[  278.435554][ T5983] usbdux 2-1:0.207: probe with driver usbdux failed with error -22
[  278.930371][ T5860] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  279.319735][ T5860] usb 3-1: config 0 has no interfaces?
[  279.390682][ T5860] usb 3-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  279.569551][ T5860] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  279.578784][ T5860] usb 3-1: Product: syz
[  279.584814][ T5860] usb 3-1: Manufacturer: syz
[  279.589456][ T5860] usb 3-1: SerialNumber: syz
[  279.628236][ T5860] usb 3-1: config 0 descriptor??
[  279.725200][ T5951] usb 2-1: USB disconnect, device number 6
[  279.975318][ T7557] loop6: detected capacity change from 0 to 7
[  280.097431][ T7557] Dev loop6: unable to read RDB block 7
[  280.210272][ T7557]  loop6: unable to read partition table
[  280.240090][ T7557] loop6: partition table beyond EOD, truncated
[  280.281730][ T7557] loop_reread_partitions: partition scan of loop6 (þ被xü—ŸÑà– ) failed (rc=-5)
[  281.345637][ T5983] usb 3-1: USB disconnect, device number 4
[  285.453810][ T7585] loop3: detected capacity change from 0 to 2048
[  285.471732][ T7585] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  286.319061][ T7594] 9pnet_fd: Insufficient options for proto=fd
[  290.010333][    T9] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  290.170535][    T9] usb 4-1: Using ep0 maxpacket: 32
[  290.185815][    T9] usb 4-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  290.195572][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  290.214253][    T9] usb 4-1: config 0 descriptor??
[  290.530696][    T9] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  290.588853][    T9] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  290.714945][    T9] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  290.750302][    T9] usb 4-1: media controller created
[  290.787319][    T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  290.922426][    T9] az6027: usb out operation failed. (-71)
[  290.938902][    T9] az6027: usb out operation failed. (-71)
[  290.960639][    T9] stb0899_attach: Driver disabled by Kconfig
[  290.966650][    T9] az6027: no front-end attached
[  290.966650][    T9] 
[  290.994214][    T9] az6027: usb out operation failed. (-71)
[  291.086906][    T9] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  291.140475][    T9] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input6
[  291.204116][    T9] dvb-usb: schedule remote query interval to 400 msecs.
[  291.230688][  T980] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  291.238350][    T9] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  291.270512][    T9] usb 4-1: USB disconnect, device number 6
[  291.357500][    T9] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  291.400422][  T980] usb 1-1: Using ep0 maxpacket: 32
[  291.420358][  T980] usb 1-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[  291.687233][  T980] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  292.689800][ T5923] hid_parser_main: 5 callbacks suppressed
[  292.689825][ T5923] hid-generic 00A0:1006:0003.0008: unknown main item tag 0x0
[  292.703391][ T7641] netlink: 332 bytes leftover after parsing attributes in process `syz.3.369'.
[  292.953887][  T980] usb 1-1: config 0 descriptor??
[  293.085024][  T980] gspca_main: vc032x-2.14.0 probing 0ac8:0321
[  293.092905][ T5923] hid-generic 00A0:1006:0003.0008: unknown main item tag 0x0
[  293.130320][ T5923] hid-generic 00A0:1006:0003.0008: unknown main item tag 0x0
[  293.137779][ T5923] hid-generic 00A0:1006:0003.0008: unknown main item tag 0x0
[  293.200284][    T9] usb 5-1: new full-speed USB device number 6 using dummy_hcd
[  293.290460][ T5923] hid-generic 00A0:1006:0003.0008: unknown main item tag 0x0
[  293.299726][ T5923] hid-generic 00A0:1006:0003.0008: unknown main item tag 0x0
[  293.309443][ T5923] hid-generic 00A0:1006:0003.0008: unknown main item tag 0x0
[  293.317064][ T5923] hid-generic 00A0:1006:0003.0008: unknown main item tag 0x0
[  293.324612][ T5923] hid-generic 00A0:1006:0003.0008: unknown main item tag 0x0
[  293.332146][ T5923] hid-generic 00A0:1006:0003.0008: unknown main item tag 0x0
[  293.432137][ T5923] hid-generic 00A0:1006:0003.0008: hidraw0: <UNKNOWN> HID v800000.01 Device [syz1] on syz0
[  293.549538][    T9] usb 5-1: config 0 has no interfaces?
[  293.625700][    T9] usb 5-1: New USB device found, idVendor=04f3, idProduct=0754, bcdDevice= 0.00
[  293.666034][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  293.683783][    T9] usb 5-1: config 0 descriptor??
[  294.531579][  T980] gspca_vc032x: reg_w err -71
[  294.539602][  T980] gspca_vc032x: I2c Bus Busy Wait 00
[  294.546225][  T980] gspca_vc032x: I2c Bus Busy Wait 00
[  294.553294][  T980] gspca_vc032x: I2c Bus Busy Wait 00
[  294.558718][  T980] gspca_vc032x: I2c Bus Busy Wait 00
[  294.565243][  T980] gspca_vc032x: I2c Bus Busy Wait 00
[  294.577355][  T980] gspca_vc032x: I2c Bus Busy Wait 00
[  294.595449][  T980] gspca_vc032x: I2c Bus Busy Wait 00
[  294.615669][  T980] gspca_vc032x: I2c Bus Busy Wait 00
[  294.645636][  T980] gspca_vc032x: I2c Bus Busy Wait 00
[  294.662140][  T980] gspca_vc032x: I2c Bus Busy Wait 00
[  294.677531][  T980] gspca_vc032x: I2c Bus Busy Wait 00
[  295.024174][  T980] gspca_vc032x: I2c Bus Busy Wait 00
[  295.032949][  T980] gspca_vc032x: I2c Bus Busy Wait 00
[  295.050189][  T980] gspca_vc032x: I2c Bus Busy Wait 00
[  295.078969][  T980] gspca_vc032x: I2c Bus Busy Wait 00
[  295.096789][  T980] gspca_vc032x: I2c Bus Busy Wait 00
[  295.199256][  T980] gspca_vc032x: I2c Bus Busy Wait 00
[  295.214832][  T980] gspca_vc032x: I2c Bus Busy Wait 00
[  295.430292][  T980] gspca_vc032x: Unknown sensor...
[  295.435451][  T980] vc032x 1-1:0.0: probe with driver vc032x failed with error -22
[  295.547357][  T980] usb 1-1: USB disconnect, device number 2
[  295.763627][ T7705] netlink: 4 bytes leftover after parsing attributes in process `syz.3.372'.
[  295.919205][ T7705] netlink: 4 bytes leftover after parsing attributes in process `syz.3.372'.
[  296.012379][  T980] usb 5-1: USB disconnect, device number 6
[  296.403434][ T7716] erofs (device nbd4): cannot find valid erofs superblock
[  302.711715][ T7773] loop2: detected capacity change from 0 to 2048
[  303.117407][ T7773] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  303.160783][   T30] audit: type=1800 audit(1757083481.424:191): pid=7772 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.389" name="file1" dev="loop2" ino=1415 res=0 errno=0
[  303.511977][ T7776] loop2: detected capacity change from 0 to 2048
[  303.520084][ T7776] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=18576, location=18576
[  303.570445][ T7776] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  304.591623][    T9] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  304.647037][ T7787] kvm: pic: non byte write
[  304.751947][    T9] usb 5-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  304.767216][    T9] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  304.779933][    T9] usb 5-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  304.804090][    T9] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  304.841251][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  305.120748][    T9] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  305.150840][    T9] usb 5-1: invalid MIDI out EP 0
[  305.395385][ T7781] loop4: detected capacity change from 0 to 1024
[  306.294591][    T9] snd-usb-audio 5-1:27.0: probe with driver snd-usb-audio failed with error -22
[  306.367811][    T9] usb 5-1: USB disconnect, device number 7
[  306.804507][ T7670] hfsplus: b-tree write err: -5, ino 4
[  307.117387][ T7812] netlink: 332 bytes leftover after parsing attributes in process `syz.4.399'.
[  307.246614][ T7800] loop1: detected capacity change from 0 to 32768
[  307.476297][ T7816] Zero length message leads to an empty skb
[  307.712437][ T7821] loop0: detected capacity change from 0 to 32768
[  308.153084][ T7821] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.401 (7821)
[  308.319783][ T7821] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  308.330088][ T7821] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[  308.522672][ T7821] BTRFS info (device loop0): enabling ssd optimizations
[  308.529685][ T7821] BTRFS info (device loop0): enabling free space tree
[  308.664241][ T5859] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  309.081315][ T7843] loop6: detected capacity change from 0 to 7
[  309.091796][ T5915] Dev loop6: unable to read RDB block 7
[  309.097445][ T5915]  loop6: unable to read partition table
[  309.107029][ T5915] loop6: partition table beyond EOD, truncated
[  309.128206][ T7843] Dev loop6: unable to read RDB block 7
[  309.134338][ T7843]  loop6: unable to read partition table
[  309.140852][ T7843] loop6: partition table beyond EOD, truncated
[  309.147206][ T7843] loop_reread_partitions: partition scan of loop6 (þ被xü—ŸÑà– ) failed (rc=-5)
[  309.286121][ T7846] loop1: detected capacity change from 0 to 1024
[  310.327006][ T7857] netlink: 8 bytes leftover after parsing attributes in process `syz.1.408'.
[  310.985546][ T7864] loop0: detected capacity change from 0 to 2048
[  311.027465][ T7864] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=18576, location=18576
[  311.085496][ T7864] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  313.032947][ T7881] netlink: 40 bytes leftover after parsing attributes in process `syz.0.413'.
[  313.445549][ T7888] loop0: detected capacity change from 0 to 128
[  313.500094][ T6482] udevd[6482]: incorrect jbd checksum on /dev/loop0
[  313.517123][ T7888] EXT4-fs warning (device loop0): ext4_init_metadata_csum:4633: metadata_csum and uninit_bg are redundant flags; please run fsck.
[  313.676534][ T6482] udevd[6482]: incorrect jbd checksum on /dev/loop0
[  313.772545][ T7888] EXT4-fs (loop0): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
[  313.785203][ T6482] udevd[6482]: incorrect jbd checksum on /dev/loop0
[  314.163404][ T7892] loop0: detected capacity change from 0 to 1024
[  316.892531][ T7922] loop2: detected capacity change from 0 to 2048
[  316.906364][ T7922] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=18576, location=18576
[  316.964984][ T7922] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  317.261678][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  317.268089][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  317.819219][ T7925] kvm: pic: non byte write
[  318.400412][   T43] usb 2-1: new full-speed USB device number 7 using dummy_hcd
[  318.569692][   T43] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  318.815781][   T43] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  318.831906][   T43] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  318.880416][   T43] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  318.900241][   T43] usb 2-1: Product: syz
[  318.904439][   T43] usb 2-1: Manufacturer: syz
[  318.918981][   T43] usb 2-1: SerialNumber: syz
[  319.085677][ T7936] loop2: detected capacity change from 0 to 1024
[  320.602873][ T5983] hid_parser_main: 5 callbacks suppressed
[  320.602894][ T5983] hid-generic 00A0:1006:0003.0009: unknown main item tag 0x0
[  320.639714][   T43] usb 2-1: 0:2 : does not exist
[  320.707271][ T5983] hid-generic 00A0:1006:0003.0009: unknown main item tag 0x0
[  320.741315][ T5983] hid-generic 00A0:1006:0003.0009: unknown main item tag 0x0
[  320.759456][ T5983] hid-generic 00A0:1006:0003.0009: unknown main item tag 0x0
[  320.773203][ T5983] hid-generic 00A0:1006:0003.0009: unknown main item tag 0x0
[  320.789053][ T7954] netlink: 4 bytes leftover after parsing attributes in process `syz.2.432'.
[  320.799204][ T5983] hid-generic 00A0:1006:0003.0009: unknown main item tag 0x0
[  320.807252][ T5983] hid-generic 00A0:1006:0003.0009: unknown main item tag 0x0
[  320.820807][ T5983] hid-generic 00A0:1006:0003.0009: unknown main item tag 0x0
[  320.829965][ T5983] hid-generic 00A0:1006:0003.0009: unknown main item tag 0x0
[  320.846989][ T5983] hid-generic 00A0:1006:0003.0009: unknown main item tag 0x0
[  320.860309][ T5923] usb 5-1: new full-speed USB device number 8 using dummy_hcd
[  320.886485][ T5983] hid-generic 00A0:1006:0003.0009: hidraw0: <UNKNOWN> HID v800000.01 Device [syz1] on syz0
[  321.236446][ T5923] usb 5-1: config 0 has no interfaces?
[  321.242131][ T5923] usb 5-1: New USB device found, idVendor=04f3, idProduct=0754, bcdDevice= 0.00
[  321.253424][ T5923] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  321.255364][   T43] usb 2-1: USB disconnect, device number 7
[  321.324989][ T7954] syz_tun (unregistering): left allmulticast mode
[  321.677462][ T5923] usb 5-1: config 0 descriptor??
[  322.237942][ T6482] udevd[6482]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  323.856131][ T7979] netlink: 332 bytes leftover after parsing attributes in process `syz.3.437'.
[  323.977556][ T5951] usb 5-1: USB disconnect, device number 8
[  324.127014][ T7981] netlink: 4 bytes leftover after parsing attributes in process `syz.2.438'.
[  324.157368][ T7981] netlink: 4 bytes leftover after parsing attributes in process `syz.2.438'.
[  328.408444][ T8032] loop2: detected capacity change from 0 to 2048
[  328.860380][ T8032] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  328.958842][   T30] audit: type=1800 audit(1757083507.194:192): pid=8028 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.449" name="file1" dev="loop2" ino=1415 res=0 errno=0
[  329.716742][ T8043] loop4: detected capacity change from 0 to 256
[  329.947521][ T8043] FAT-fs (loop4): Directory bread(block 64) failed
[  330.290346][ T8043] FAT-fs (loop4): Directory bread(block 65) failed
[  330.297911][ T8043] FAT-fs (loop4): Directory bread(block 66) failed
[  330.558367][ T8043] FAT-fs (loop4): Directory bread(block 67) failed
[  330.677418][ T8043] FAT-fs (loop4): Directory bread(block 68) failed
[  330.840236][ T8043] FAT-fs (loop4): Directory bread(block 69) failed
[  330.873353][ T8043] FAT-fs (loop4): Directory bread(block 70) failed
[  330.896504][ T8043] FAT-fs (loop4): Directory bread(block 71) failed
[  330.926861][ T8043] FAT-fs (loop4): Directory bread(block 72) failed
[  331.007472][ T8043] FAT-fs (loop4): Directory bread(block 73) failed
[  331.924592][ T8053] loop4: detected capacity change from 0 to 256
[  332.387955][ T8057] exFAT-fs (loop4): start_clu is invalid cluster(0x400)
[  335.160028][ T5865] syz_tun (unregistering): left allmulticast mode
[  335.623990][ T7672] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  337.198259][ T7672] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  337.620573][ T8126] 9pnet_fd: Insufficient options for proto=fd
[  338.242294][ T7672] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  338.523664][ T7672] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  339.125322][ T8136] loop3: detected capacity change from 0 to 32768
[  339.153884][ T8136] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.470 (8136)
[  339.192245][   T52] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  339.224180][ T8136] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  339.234827][ T8136] BTRFS info (device loop3): using sha256 (sha256-lib) checksum algorithm
[  339.253115][   T52] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  339.262292][   T52] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  339.282292][   T52] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  339.289988][   T52] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  339.645501][ T8136] BTRFS info (device loop3): enabling ssd optimizations
[  339.652576][ T8136] BTRFS info (device loop3): enabling free space tree
[  340.132913][ T7672] bridge_slave_1: left allmulticast mode
[  340.220283][ T7672] bridge_slave_1: left promiscuous mode
[  340.228496][ T7672] bridge0: port 2(bridge_slave_1) entered disabled state
[  340.264744][ T7672] bridge_slave_0: left allmulticast mode
[  340.282523][ T7672] bridge_slave_0: left promiscuous mode
[  340.300921][ T5866] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  340.310665][ T7672] bridge0: port 1(bridge_slave_0) entered disabled state
[  341.321343][ T5873] Bluetooth: hci4: command tx timeout
[  343.400996][ T5873] Bluetooth: hci4: command tx timeout
[  343.686130][ T7672] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  343.699087][ T7672] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  343.709949][ T7672] bond0 (unregistering): Released all slaves
[  344.033019][ T8225] 9pnet_fd: Insufficient options for proto=fd
[  345.480554][ T5873] Bluetooth: hci4: command tx timeout
[  346.358963][ T7672] hsr_slave_0: left promiscuous mode
[  346.368216][ T7672] hsr_slave_1: left promiscuous mode
[  346.378994][ T7672] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  346.388862][ T7672] batman_adv: batadv0: Removing interface: batadv_slave_0
[  346.407238][ T7672] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  346.417356][ T7672] batman_adv: batadv0: Removing interface: batadv_slave_1
[  346.460148][ T7672] veth1_macvtap: left promiscuous mode
[  346.466009][ T7672] veth0_macvtap: left promiscuous mode
[  346.471996][ T7672] veth1_vlan: left promiscuous mode
[  346.477517][ T7672] veth0_vlan: left promiscuous mode
[  346.571157][ T5951] usb 2-1: new full-speed USB device number 8 using dummy_hcd
[  346.726423][ T5951] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  346.737292][ T5951] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  346.754767][ T5951] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  346.764264][ T5951] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  346.772432][ T5951] usb 2-1: Product: syz
[  346.776609][ T5951] usb 2-1: Manufacturer: syz
[  346.781692][ T5951] usb 2-1: SerialNumber: syz
[  346.980623][ T7672] team0 (unregistering): Port device team_slave_1 removed
[  347.029552][ T7672] team0 (unregistering): Port device team_slave_0 removed
[  347.214218][ T5951] usb 2-1: 0:2 : does not exist
[  347.468376][ T5951] usb 2-1: USB disconnect, device number 8
[  347.519199][ T6482] udevd[6482]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  347.570269][ T5873] Bluetooth: hci4: command tx timeout
[  347.680079][ T8140] chnl_net:caif_netlink_parms(): no params data found
[  348.265143][ T8265] netlink: 332 bytes leftover after parsing attributes in process `syz.2.483'.
[  348.331910][ T7672] IPVS: stop unused estimator thread 0...
[  348.574682][ T8140] bridge0: port 1(bridge_slave_0) entered blocking state
[  348.628044][ T8140] bridge0: port 1(bridge_slave_0) entered disabled state
[  348.860191][ T8140] bridge_slave_0: entered allmulticast mode
[  348.937672][ T8140] bridge_slave_0: entered promiscuous mode
[  349.451444][ T8140] bridge0: port 2(bridge_slave_1) entered blocking state
[  349.459399][ T8140] bridge0: port 2(bridge_slave_1) entered disabled state
[  349.467463][ T8140] bridge_slave_1: entered allmulticast mode
[  349.489521][ T8140] bridge_slave_1: entered promiscuous mode
[  349.796124][ T8140] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  349.854087][ T8140] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  350.361088][ T8140] team0: Port device team_slave_0 added
[  350.449399][ T8140] team0: Port device team_slave_1 added
[  350.599503][ T8140] batman_adv: batadv0: Adding interface: batadv_slave_0
[  350.637353][ T8140] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  350.668595][ T8297] netlink: 8 bytes leftover after parsing attributes in process `syz.1.488'.
[  350.692635][ T8140] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  350.869604][ T8140] batman_adv: batadv0: Adding interface: batadv_slave_1
[  350.876798][ T8140] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  351.068599][ T8310] loop0: detected capacity change from 0 to 2048
[  351.485691][ T8140] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  351.522694][ T8310] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  351.973238][ T8140] hsr_slave_0: entered promiscuous mode
[  351.989471][ T8140] hsr_slave_1: entered promiscuous mode
[  352.055262][ T8140] debugfs: 'hsr0' already exists in 'hsr'
[  352.247915][ T8140] Cannot create hsr debugfs directory
[  352.465031][ T8321] netlink: 332 bytes leftover after parsing attributes in process `syz.0.492'.
[  352.732013][ T8329] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  352.732013][ T8329] The task syz.1.494 (8329) triggered the difference, watch for misbehavior.
[  354.102432][ T8140] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  354.251340][ T8140] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  354.422630][ T8140] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  354.568618][ T8140] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  355.232634][ T8140] 8021q: adding VLAN 0 to HW filter on device bond0
[  355.431072][ T8140] 8021q: adding VLAN 0 to HW filter on device team0
[  355.474986][ T2990] bridge0: port 1(bridge_slave_0) entered blocking state
[  355.482136][ T2990] bridge0: port 1(bridge_slave_0) entered forwarding state
[  355.502344][ T2990] bridge0: port 2(bridge_slave_1) entered blocking state
[  355.509459][ T2990] bridge0: port 2(bridge_slave_1) entered forwarding state
[  356.203314][ T5951] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  356.951197][ T8140] 8021q: adding VLAN 0 to HW filter on device batadv0
[  357.121022][ T5951] usb 4-1: config index 0 descriptor too short (expected 23569, got 27)
[  357.160283][ T5951] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  357.212602][ T5951] usb 4-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  357.233706][ T5951] usb 4-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  357.284422][ T5951] usb 4-1: Manufacturer: syz
[  357.363807][ T5951] usb 4-1: config 0 descriptor??
[  357.820207][ T5951] rc_core: IR keymap rc-hauppauge not found
[  357.847396][ T5951] Registered IR keymap rc-empty
[  357.925168][ T5951] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0
[  357.975830][ T5951] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input7
[  358.683064][    C1] igorplugusb 4-1:0.0: Error: urb status = -32
[  358.704369][ T5951] usb 4-1: USB disconnect, device number 7
[  359.108714][ T8140] veth0_vlan: entered promiscuous mode
[  359.124155][ T8140] veth1_vlan: entered promiscuous mode
[  359.157130][ T8140] veth0_macvtap: entered promiscuous mode
[  359.166330][ T8140] veth1_macvtap: entered promiscuous mode
[  359.202202][ T8140] batman_adv: batadv0: Interface activated: batadv_slave_0
[  359.227448][ T8140] batman_adv: batadv0: Interface activated: batadv_slave_1
[  359.252562][   T50] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  359.291182][   T50] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  359.319990][   T50] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  359.386202][   T50] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  359.429599][   T50] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  359.439016][   T50] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  359.748326][   T50] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  359.784915][   T50] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  360.123677][ T8427] serio: Serial port ptm0
[  363.756764][ T8463] netlink: 332 bytes leftover after parsing attributes in process `syz.0.515'.
[  363.873660][ T8462] netlink: 'syz.3.516': attribute type 2 has an invalid length.
[  363.881516][ T8462] netlink: 'syz.3.516': attribute type 1 has an invalid length.
[  367.840903][ T8517] netlink: 332 bytes leftover after parsing attributes in process `syz.2.527'.
[  368.233541][ T8526] syz_tun: entered allmulticast mode
[  370.990829][   T43] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  371.260378][   T43] usb 6-1: Using ep0 maxpacket: 32
[  371.425250][   T43] usb 6-1: config index 0 descriptor too short (expected 29220, got 36)
[  371.442486][   T43] usb 6-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  371.465728][   T43] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 81
[  371.505021][   T43] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  371.527187][   T43] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  371.548210][   T43] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  371.575822][   T43] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  371.597265][   T43] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  371.645070][   T43] usb 6-1: config 0 descriptor??
[  371.916040][   T43] usblp 6-1:0.0: usblp0: USB Bidirectional printer dev 2 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  372.113899][ T8551] netlink: 12 bytes leftover after parsing attributes in process `syz.5.536'.
[  372.202843][    T9] usb 6-1: USB disconnect, device number 2
[  372.239247][    T9] usblp0: removed
[  373.290202][   T30] audit: type=1326 audit(1757083551.524:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8589 comm="syz.5.542" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd126b8ebe9 code=0x0
[  373.347380][ T8594] netlink: 'syz.3.541': attribute type 2 has an invalid length.
[  373.442789][ T5930] IPVS: starting estimator thread 0...
[  373.464016][ T8594] netlink: 'syz.3.541': attribute type 1 has an invalid length.
[  373.542648][ T8602] IPVS: using max 48 ests per chain, 115200 per kthread
[  373.567218][ T8597] nvme_fabrics: missing parameter 'transport=%s'
[  373.576087][ T8597] nvme_fabrics: missing parameter 'nqn=%s'
[  378.187030][    T9] hid_parser_main: 4 callbacks suppressed
[  378.187051][    T9] hid-generic 00A0:1006:0003.000A: unknown main item tag 0x0
[  378.223919][    T9] hid-generic 00A0:1006:0003.000A: unknown main item tag 0x0
[  378.268176][    T9] hid-generic 00A0:1006:0003.000A: unknown main item tag 0x0
[  378.335163][    T9] hid-generic 00A0:1006:0003.000A: unknown main item tag 0x0
[  378.428805][ T8668] loop3: detected capacity change from 0 to 2048
[  378.460381][ T5998] usb 3-1: new full-speed USB device number 5 using dummy_hcd
[  378.497971][    T9] hid-generic 00A0:1006:0003.000A: unknown main item tag 0x0
[  378.544736][    T9] hid-generic 00A0:1006:0003.000A: unknown main item tag 0x0
[  378.685042][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  378.691722][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  379.392101][    T9] hid-generic 00A0:1006:0003.000A: unknown main item tag 0x0
[  379.399573][    T9] hid-generic 00A0:1006:0003.000A: unknown main item tag 0x0
[  379.430196][    T9] hid-generic 00A0:1006:0003.000A: unknown main item tag 0x0
[  379.437644][    T9] hid-generic 00A0:1006:0003.000A: unknown main item tag 0x0
[  379.470642][    T9] hid-generic 00A0:1006:0003.000A: hidraw0: <UNKNOWN> HID v800000.01 Device [syz1] on syz0
[  379.573007][ T5998] usb 3-1: config 0 has no interfaces?
[  379.610264][ T5998] usb 3-1: New USB device found, idVendor=04f3, idProduct=0754, bcdDevice= 0.00
[  379.677075][ T5998] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  379.771100][ T5998] usb 3-1: config 0 descriptor??
[  383.009383][ T8705] loop0: detected capacity change from 0 to 32768
[  383.028532][ T8705] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.563 (8705)
[  383.061148][ T8705] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  383.071415][ T8705] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[  383.350803][ T5951] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  383.380402][ T8705] BTRFS info (device loop0): enabling ssd optimizations
[  383.387394][ T8705] BTRFS info (device loop0): enabling free space tree
[  383.941775][ T5951] usb 6-1: config index 0 descriptor too short (expected 23569, got 27)
[  383.963241][ T5951] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  383.964045][ T5998] usb 3-1: USB disconnect, device number 5
[  383.987741][ T5951] usb 6-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  384.064606][ T5951] usb 6-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  384.109649][ T5951] usb 6-1: Manufacturer: syz
[  384.138416][ T5859] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  384.177508][ T5951] usb 6-1: config 0 descriptor??
[  384.500465][ T5951] rc_core: IR keymap rc-hauppauge not found
[  384.523291][ T5951] Registered IR keymap rc-empty
[  384.644543][ T5951] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0
[  384.657687][ T5951] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0/input8
[  384.693003][    C1] igorplugusb 6-1:0.0: Error: urb status = -32
[  384.728351][ T5983] usb 6-1: USB disconnect, device number 3
[  386.145394][ T8746] loop1: detected capacity change from 0 to 2048
[  391.726926][ T8793] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  396.040612][ T5923] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  396.230756][ T5923] usb 6-1: Using ep0 maxpacket: 16
[  396.238936][ T5923] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  396.253086][ T5923] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  396.269827][ T5923] usb 6-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  396.285891][ T5923] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  396.302016][ T5923] usb 6-1: Product: syz
[  396.318432][ T5923] usb 6-1: Manufacturer: syz
[  396.335256][ T5923] usb 6-1: SerialNumber: syz
[  396.392866][ T5923] usb 6-1: config 0 descriptor??
[  396.471017][ T5923] em28xx 6-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  396.580448][ T5923] em28xx 6-1:0.0: Audio interface 0 found (Vendor Class)
[  396.651887][ T8830] loop0: detected capacity change from 0 to 1024
[  397.036487][ T5923] em28xx 6-1:0.0: unknown em28xx chip ID (0)
[  397.051309][ T5923] em28xx 6-1:0.0: Config register raw data: 0xfffffffb
[  397.195859][ T5923] em28xx 6-1:0.0: AC97 chip type couldn't be determined
[  397.566825][ T5923] em28xx 6-1:0.0: No AC97 audio processor
[  397.935642][ T5923] usb 6-1: USB disconnect, device number 4
[  397.982510][ T5923] em28xx 6-1:0.0: Disconnecting em28xx
[  398.080056][ T5923] em28xx 6-1:0.0: Freeing device
[  400.913588][ T8862] 9pnet_fd: Insufficient options for proto=fd
[  408.428236][ T8938] tipc: Started in network mode
[  408.433205][ T8938] tipc: Node identity ee46d4e45c73, cluster identity 4711
[  408.440583][ T8938] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  408.448848][ T8938] syzkaller0: entered promiscuous mode
[  408.460633][ T8938] syzkaller0: entered allmulticast mode
[  408.501705][ T8938] tipc: Resetting bearer <eth:syzkaller0>
[  408.519037][ T8936] tipc: Resetting bearer <eth:syzkaller0>
[  408.670572][ T8936] tipc: Disabling bearer <eth:syzkaller0>
[  409.511968][ T5923] tipc: Node number set to 2989872356
[  412.731931][ T5930] hid_parser_main: 4 callbacks suppressed
[  412.731946][ T5930] hid-generic 00A0:1006:0003.000B: unknown main item tag 0x0
[  412.884492][ T5930] hid-generic 00A0:1006:0003.000B: unknown main item tag 0x0
[  412.947299][ T5930] hid-generic 00A0:1006:0003.000B: unknown main item tag 0x0
[  412.983468][ T5930] hid-generic 00A0:1006:0003.000B: unknown main item tag 0x0
[  412.991164][ T5951] usb 6-1: new full-speed USB device number 5 using dummy_hcd
[  413.168210][ T5930] hid-generic 00A0:1006:0003.000B: unknown main item tag 0x0
[  413.209138][ T5930] hid-generic 00A0:1006:0003.000B: unknown main item tag 0x0
[  413.257459][ T5930] hid-generic 00A0:1006:0003.000B: unknown main item tag 0x0
[  413.277386][ T5930] hid-generic 00A0:1006:0003.000B: unknown main item tag 0x0
[  413.297654][ T5930] hid-generic 00A0:1006:0003.000B: unknown main item tag 0x0
[  413.340377][ T5951] usb 6-1: config 0 has no interfaces?
[  413.345867][ T5951] usb 6-1: New USB device found, idVendor=04f3, idProduct=0754, bcdDevice= 0.00
[  413.380497][ T5930] hid-generic 00A0:1006:0003.000B: unknown main item tag 0x0
[  413.728021][ T5951] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  413.748573][ T5930] hid-generic 00A0:1006:0003.000B: hidraw0: <UNKNOWN> HID v800000.01 Device [syz1] on syz0
[  413.818920][ T5951] usb 6-1: config 0 descriptor??
[  416.573536][ T5923] usb 6-1: USB disconnect, device number 5
[  421.593774][ T9052] loop0: detected capacity change from 0 to 1024
[  424.982688][    T9] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  425.140814][    T9] usb 3-1: Using ep0 maxpacket: 32
[  425.154637][    T9] usb 3-1: config index 0 descriptor too short (expected 29220, got 36)
[  425.195862][    T9] usb 3-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  425.237640][    T9] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 81
[  425.301381][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  425.433330][    T9] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  425.550048][    T9] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  425.580339][    T9] usb 3-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  425.603763][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  425.618380][    T9] usb 3-1: config 0 descriptor??
[  425.780227][ T5923] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  425.891323][    T9] usblp 3-1:0.0: usblp0: USB Bidirectional printer dev 6 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  425.951884][ T5923] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  425.971575][ T5923] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  426.033557][ T5923] usb 2-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  426.054033][ T5923] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  426.090563][ T5923] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  426.098729][ T5923] usb 2-1: Product: syz
[  426.108087][ T9077] netlink: 12 bytes leftover after parsing attributes in process `syz.2.648'.
[  426.130360][ T5923] usb 2-1: Manufacturer: syz
[  426.141130][ T5998] usb 3-1: USB disconnect, device number 6
[  426.151814][ T5998] usblp0: removed
[  426.162656][ T5923] usb 2-1: SerialNumber: syz
[  427.728057][ T5923] cdc_mbim 2-1:1.0: bind() failure
[  427.737925][ T5923] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found
[  427.751426][ T5923] cdc_ncm 2-1:1.1: bind() failure
[  428.237549][ T9114] loop5: detected capacity change from 0 to 32768
[  428.266910][ T9114] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.659 (9114)
[  428.297286][ T9114] BTRFS info (device loop5): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  428.307719][ T9114] BTRFS info (device loop5): using sha256 (sha256-lib) checksum algorithm
[  428.985030][ T9114] BTRFS info (device loop5): enabling ssd optimizations
[  428.992157][ T9114] BTRFS info (device loop5): enabling free space tree
[  429.110585][ T5860] usb 2-1: USB disconnect, device number 9
[  429.656343][ T8140] BTRFS info (device loop5): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  431.343185][ T5998] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  431.542006][ T5998] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  431.576544][ T5998] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  431.633460][ T5998] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  431.680204][ T5998] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  431.816885][ T5998] usb 4-1: config 0 descriptor??
[  432.317743][ T5998] pyra 0003:1E7D:2CF6.000C: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.3-1/input0
[  432.362199][ T9162] netlink: 212376 bytes leftover after parsing attributes in process `syz.2.667'.
[  432.372050][ T9162] openvswitch: netlink: Message has 512 unknown bytes.
[  432.442729][ T5998] pyra 0003:1E7D:2CF6.000C: couldn't init struct pyra_device
[  432.463565][ T5998] pyra 0003:1E7D:2CF6.000C: couldn't install mouse
[  432.522434][ T5998] pyra 0003:1E7D:2CF6.000C: probe with driver pyra failed with error -71
[  432.554881][ T5998] usb 4-1: USB disconnect, device number 8
[  432.827591][ T9163] fido_id[9163]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory
[  435.122665][ T5923] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  435.632965][ T5923] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  435.663997][ T5923] usb 3-1: config 0 has no interfaces?
[  435.676634][ T5923] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  435.788572][ T5923] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  435.867548][ T5923] usb 3-1: config 0 descriptor??
[  437.610227][ T5951] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  437.659003][ T5923] usb 3-1: USB disconnect, device number 7
[  437.932496][ T5951] usb 6-1: Using ep0 maxpacket: 32
[  437.945167][ T5951] usb 6-1: config index 0 descriptor too short (expected 29220, got 36)
[  437.961371][ T5951] usb 6-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  437.992812][ T5951] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 81
[  438.003499][ T5951] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  438.014377][ T5951] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  438.025138][ T5951] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  438.039464][ T5951] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  438.116157][ T9221] netlink: 332 bytes leftover after parsing attributes in process `syz.3.682'.
[  438.180320][ T5951] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  438.221818][ T5951] usb 6-1: config 0 descriptor??
[  439.087159][ T5951] usblp 6-1:0.0: usblp0: USB Bidirectional printer dev 6 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  439.239110][ T9206] netlink: 12 bytes leftover after parsing attributes in process `syz.5.678'.
[  439.369550][   T43] usb 6-1: USB disconnect, device number 6
[  439.419208][   T43] usblp0: removed
[  440.125667][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  440.132146][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  444.490251][ T5998] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  444.657546][ T5998] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  444.726411][ T5998] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  444.737892][ T5998] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  444.759539][ T5998] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  444.791967][ T9283] 9pnet_fd: Insufficient options for proto=fd
[  444.817602][ T5998] usb 4-1: config 0 descriptor??
[  445.444061][ T5998] pyra 0003:1E7D:2CF6.000D: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.3-1/input0
[  445.479099][ T5998] pyra 0003:1E7D:2CF6.000D: couldn't init struct pyra_device
[  445.492071][ T5998] pyra 0003:1E7D:2CF6.000D: couldn't install mouse
[  445.504358][ T5998] pyra 0003:1E7D:2CF6.000D: probe with driver pyra failed with error -71
[  445.533271][ T5998] usb 4-1: USB disconnect, device number 9
[  445.630554][ T9286] netlink: 56 bytes leftover after parsing attributes in process `syz.2.696'.
[  445.793078][ T9285] fido_id[9285]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory
[  448.617242][ T9309] loop2: detected capacity change from 0 to 2048
[  448.684061][ T9309] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  449.108734][ T9312] netlink: 'syz.2.702': attribute type 11 has an invalid length.
[  449.280760][ T9312] netlink: 36 bytes leftover after parsing attributes in process `syz.2.702'.
[  449.281143][ T9315] loop5: detected capacity change from 0 to 736
[  449.391916][ T9318] erofs (device nbd0): cannot find valid erofs superblock
[  453.871935][ T9358] loop0: detected capacity change from 0 to 2048
[  454.067064][ T9358] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  454.891375][ T9370] netlink: 'syz.1.716': attribute type 2 has an invalid length.
[  454.899050][ T9370] netlink: 'syz.1.716': attribute type 1 has an invalid length.
[  454.964717][ T9373] loop5: detected capacity change from 0 to 736
[  455.537172][ T9382] netlink: 9 bytes leftover after parsing attributes in process `syz.2.712'.
[  459.848063][ T9408] loop2: detected capacity change from 0 to 2048
[  459.869421][ T9408] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  460.870321][ T5930] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  461.192097][ T5930] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  461.212049][ T5930] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  461.319805][ T5930] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  461.453932][ T5930] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  461.492775][ T5930] usb 4-1: config 0 descriptor??
[  461.905379][ T5930] usbhid 4-1:0.0: can't add hid device: -71
[  461.941878][ T5930] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  461.994643][ T5930] usb 4-1: USB disconnect, device number 10
[  462.680317][   T52] Bluetooth: hci4: command 0x0406 tx timeout
[  462.813818][ T9427] loop3: detected capacity change from 0 to 1024
[  464.786217][ T9449] loop1: detected capacity change from 0 to 2048
[  464.795775][ T9447] loop2: detected capacity change from 0 to 736
[  464.911934][ T9449] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  466.141698][ T9469] netlink: 332 bytes leftover after parsing attributes in process `syz.0.744'.
[  467.005861][ T9477] 9pnet_fd: Insufficient options for proto=fd
[  470.710369][ T9507] loop2: detected capacity change from 0 to 736
[  471.378784][ T9511] loop0: detected capacity change from 0 to 2048
[  471.397616][ T9511] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  471.730216][ T5998] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  471.931852][ T5998] usb 6-1: Using ep0 maxpacket: 32
[  471.948293][ T5998] usb 6-1: unable to get BOS descriptor or descriptor too short
[  471.973471][ T5998] usb 6-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[  472.014997][ T5998] usb 6-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice=5a.bb
[  472.110319][ T5998] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  472.120597][ T5998] usb 6-1: Product: syz
[  472.124785][ T5998] usb 6-1: Manufacturer: syz
[  472.129473][ T5998] usb 6-1: SerialNumber: syz
[  472.554958][ T5998] usb 6-1: Cannot retrieve CPort count: -71
[  472.560959][ T5998] usb 6-1: Cannot retrieve CPort count: -71
[  472.567089][ T5998] es2_ap_driver 6-1:7.0: probe with driver es2_ap_driver failed with error -71
[  472.930412][ T5998] usb 6-1: USB disconnect, device number 7
[  473.273185][ T5983] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  475.260820][ T5983] usb 2-1: Using ep0 maxpacket: 32
[  475.270760][ T5983] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  475.288133][ T5983] usb 2-1: New USB device found, idVendor=05e1, idProduct=0408, bcdDevice=25.11
[  475.297604][ T5983] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  475.317649][ T5983] usb 2-1: Product: syz
[  475.446245][ T5983] usb 2-1: Manufacturer: syz
[  475.596603][ T5983] usb 2-1: SerialNumber: syz
[  475.622638][ T5983] usb 2-1: config 0 descriptor??
[  475.636639][ T5983] usb 2-1: no audio or video endpoints found
[  475.911292][ T5983] usb 2-1: USB disconnect, device number 10
[  476.705933][ T9549] netlink: 4 bytes leftover after parsing attributes in process `syz.1.763'.
[  476.876227][ T9549] syz_tun (unregistering): left allmulticast mode
[  477.180290][ T5998] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  477.346354][ T9558] loop0: detected capacity change from 0 to 2048
[  477.367358][ T9558] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  477.480370][ T5998] usb 4-1: Using ep0 maxpacket: 8
[  477.564484][ T5998] usb 4-1: config 0 has an invalid interface number: 55 but max is 0
[  477.599909][ T5998] usb 4-1: config 0 has no interface number 0
[  477.612843][ T5998] usb 4-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  477.624462][ T5998] usb 4-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  477.656872][ T5998] usb 4-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  477.784136][ T5998] usb 4-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  477.886234][ T5998] usb 4-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  477.928236][ T5998] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  478.735749][ T5998] usb 4-1: config 0 descriptor??
[  478.804427][ T5998] ldusb 4-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  479.017170][ T5998] usb 4-1: USB disconnect, device number 11
[  479.069264][ T5998] ldusb 4-1:0.55: LD USB Device #0 now disconnected
[  479.483708][ T9578] loop0: detected capacity change from 0 to 512
[  479.866537][ T9579] 9pnet_fd: Insufficient options for proto=fd
[  479.968732][ T9578] EXT4-fs warning (device loop0): ext4_multi_mount_protect:318: fsck is running on the filesystem
[  479.979510][ T9578] EXT4-fs warning (device loop0): ext4_multi_mount_protect:318: MMP failure info: last update time: 1669132786, last update node: dvyukov-desk.muc.corp.google.com, last update device: loop4
[  480.028146][ T9576] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  484.208018][ T9616] netlink: 332 bytes leftover after parsing attributes in process `syz.1.775'.
[  485.150205][ T5998] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  485.527218][ T5998] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  485.543328][ T5998] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  486.107648][ T5998] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  486.116830][ T5998] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  486.130766][ T5998] usb 1-1: config 0 descriptor??
[  486.566415][ T5998] usbhid 1-1:0.0: can't add hid device: -71
[  486.704123][ T5998] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  486.741673][ T9638] loop3: detected capacity change from 0 to 2048
[  486.779128][ T5998] usb 1-1: USB disconnect, device number 3
[  486.805276][ T9638] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  488.666304][ T9666] netlink: 8 bytes leftover after parsing attributes in process `syz.3.784'.
[  491.120349][ T5923] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  491.377907][ T5923] usb 2-1: config index 0 descriptor too short (expected 23569, got 27)
[  491.400449][ T5923] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  491.434273][ T5923] usb 2-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  491.558291][ T5923] usb 2-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  491.740338][ T5923] usb 2-1: Manufacturer: syz
[  492.350599][ T5923] usb 2-1: config 0 descriptor??
[  492.528909][ T9704] netlink: 8 bytes leftover after parsing attributes in process `syz.3.791'.
[  492.613354][ T5923] rc_core: IR keymap rc-hauppauge not found
[  492.619260][ T5923] Registered IR keymap rc-empty
[  492.627057][ T5923] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0
[  492.648858][ T5923] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input9
[  492.730710][    C0] igorplugusb 2-1:0.0: Error: urb status = -32
[  493.018657][ T5930] usb 2-1: USB disconnect, device number 11
[  493.971773][ T9727] loop0: detected capacity change from 0 to 2048
[  494.061569][ T9727] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  495.490275][ T5923] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  495.525646][ T9751] 9pnet_fd: Insufficient options for proto=fd
[  495.751637][ T5923] usb 1-1: Using ep0 maxpacket: 8
[  496.095523][ T5923] usb 1-1: config 0 has an invalid interface number: 55 but max is 0
[  496.120418][ T5923] usb 1-1: config 0 has no interface number 0
[  496.126839][ T5923] usb 1-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  496.158386][ T5923] usb 1-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  496.170370][ T5923] usb 1-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  496.181533][ T5923] usb 1-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  496.206828][ T5923] usb 1-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  496.246165][ T5923] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  496.267243][ T5923] usb 1-1: config 0 descriptor??
[  496.283906][ T5923] ldusb 1-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  497.443627][  T980] usb 1-1: USB disconnect, device number 4
[  497.492354][  T980] ldusb 1-1:0.55: LD USB Device #0 now disconnected
[  498.796763][ T9778] netlink: 8 bytes leftover after parsing attributes in process `syz.5.805'.
[  500.830212][ T5951] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  501.082307][ T5951] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  501.127680][ T5951] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  501.571010][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  501.871336][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  501.890605][ T5951] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  501.899894][ T5951] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  501.914309][ T5951] usb 3-1: config 0 descriptor??
[  502.336394][ T5951] usbhid 3-1:0.0: can't add hid device: -71
[  502.364463][ T5951] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  502.493828][ T5951] usb 3-1: USB disconnect, device number 8
[  502.534188][ T9826] kvm: pic: non byte write
[  507.000714][ T5930] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  507.113596][ T5860] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  507.222172][ T5930] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  507.295241][ T5930] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  507.343549][ T5860] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  507.371381][ T5930] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  507.381221][ T5860] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  507.402177][ T5930] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  507.433711][ T5860] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  507.464876][ T5930] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  507.482244][ T5860] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  507.490359][ T5930] usb 3-1: Product: syz
[  507.510315][ T5930] usb 3-1: Manufacturer: syz
[  507.514950][ T5930] usb 3-1: SerialNumber: syz
[  507.527191][ T5860] usb 4-1: config 0 descriptor??
[  507.988073][ T9878] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  508.100289][ T9890] erofs (device nbd0): cannot find valid erofs superblock
[  508.632791][ T5860] usbhid 4-1:0.0: can't add hid device: -71
[  508.638925][ T5860] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  508.787011][ T9894] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  508.804962][ T5860] usb 4-1: USB disconnect, device number 12
[  509.058745][ T5930] cdc_mbim 3-1:1.0: bind() failure
[  510.027960][ T5930] cdc_ncm 3-1:1.1: CDC Union missing and no IAD found
[  510.065465][ T5930] cdc_ncm 3-1:1.1: bind() failure
[  510.119552][ T9906] netlink: 'syz.3.835': attribute type 2 has an invalid length.
[  510.137665][ T9906] netlink: 'syz.3.835': attribute type 1 has an invalid length.
[  510.291723][ T5930] usb 3-1: USB disconnect, device number 9
[  512.010426][ T5923] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  512.292447][ T5923] usb 3-1: config 0 has no interfaces?
[  512.323589][ T5923] usb 3-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  512.341324][ T5923] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  512.349515][ T5923] usb 3-1: Product: syz
[  512.353858][ T5923] usb 3-1: Manufacturer: syz
[  512.366665][ T5923] usb 3-1: SerialNumber: syz
[  512.386684][ T5923] usb 3-1: config 0 descriptor??
[  512.500803][   T43] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  512.555133][ T9937] kvm: pic: non byte write
[  512.755638][   T43] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  512.790302][   T43] usb 6-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  512.900516][   T43] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  513.072891][   T43] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  513.132784][   T43] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  513.165612][   T43] usb 6-1: Product: syz
[  513.174362][   T43] usb 6-1: Manufacturer: syz
[  513.184511][   T43] usb 6-1: SerialNumber: syz
[  513.422627][ T9931] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  514.982747][ T9948] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  515.319849][   T43] cdc_mbim 6-1:1.0: bind() failure
[  515.353473][   T43] cdc_ncm 6-1:1.1: CDC Union missing and no IAD found
[  515.361044][   T43] cdc_ncm 6-1:1.1: bind() failure
[  515.393191][ T9952] netlink: 8 bytes leftover after parsing attributes in process `syz.5.850'.
[  515.467899][   T43] usb 6-1: USB disconnect, device number 8
[  515.657566][ T5923] usb 3-1: USB disconnect, device number 10
[  520.337180][ T9994] loop0: detected capacity change from 0 to 128
[  520.354999][ T9994] EXT4-fs warning (device loop0): ext4_init_metadata_csum:4633: metadata_csum and uninit_bg are redundant flags; please run fsck.
[  520.454456][ T9994] EXT4-fs (loop0): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
[  520.535214][ T6482] udevd[6482]: incorrect jbd checksum on /dev/loop0
[  520.875741][   T30] audit: type=1326 audit(1757083699.094:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9993 comm="syz.0.862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb79558ebe9 code=0x7ffc0000
[  521.653492][   T30] audit: type=1326 audit(1757083699.094:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9993 comm="syz.0.862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=99 compat=0 ip=0x7fb79558ebe9 code=0x7ffc0000
[  521.950418][   T30] audit: type=1326 audit(1757083699.094:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9993 comm="syz.0.862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb79558ebe9 code=0x7ffc0000
[  522.093324][   T30] audit: type=1326 audit(1757083699.094:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9993 comm="syz.0.862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7fb79558ebe9 code=0x7ffc0000
[  522.198121][   T30] audit: type=1326 audit(1757083699.094:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9993 comm="syz.0.862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb79558ebe9 code=0x7ffc0000
[  522.335508][   T30] audit: type=1326 audit(1757083699.104:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9993 comm="syz.0.862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb79558ebe9 code=0x7ffc0000
[  522.544283][   T30] audit: type=1326 audit(1757083699.104:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9993 comm="syz.0.862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb79558ebe9 code=0x7ffc0000
[  522.710315][   T30] audit: type=1326 audit(1757083699.104:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9993 comm="syz.0.862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=116 compat=0 ip=0x7fb79558ebe9 code=0x7ffc0000
[  522.941353][   T30] audit: type=1326 audit(1757083699.104:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9993 comm="syz.0.862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb79558ebe9 code=0x7ffc0000
[  523.792870][   T30] audit: type=1326 audit(1757083699.104:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9993 comm="syz.0.862" exe="/root/syz-executor" sig=0 arch=c000003e syscall=323 compat=0 ip=0x7fb79558ebe9 code=0x7ffc0000
[  524.367162][T10028] loop1: detected capacity change from 0 to 1024
[  531.022007][T10091] loop3: detected capacity change from 0 to 736
[  533.480460][ T5998] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  533.572477][T10113] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  533.824332][ T5998] usb 1-1: Using ep0 maxpacket: 8
[  533.865290][ T5998] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  533.876674][ T5998] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  533.895366][ T5998] usb 1-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  533.910502][ T5951] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  533.935116][ T5998] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  534.105665][ T5998] usb 1-1: config 0 descriptor??
[  534.147575][ T5951] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  534.158034][ T5951] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  534.302215][ T5951] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  534.336382][ T5998] usb 1-1: USB disconnect, device number 5
[  534.448889][ T5951] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  534.458734][ T5951] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  534.468531][ T5951] usb 3-1: Product: syz
[  534.473435][ T5951] usb 3-1: Manufacturer: syz
[  534.480069][ T5951] usb 3-1: SerialNumber: syz
[  534.496760][ T5951] hub 3-1:1.0: bad descriptor, ignoring hub
[  534.513105][ T5951] hub 3-1:1.0: probe with driver hub failed with error -5
[  534.718336][ T5951] usblp 3-1:1.0: usblp0: USB Unidirectional printer dev 11 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  535.048311][T10123] loop0: detected capacity change from 0 to 256
[  535.220637][ T5951] usb 3-1: USB disconnect, device number 11
[  535.229547][ T5951] usblp0: removed
[  535.635778][T10126] exFAT-fs (loop0): start_clu is invalid cluster(0x400)
[  536.149090][T10130] loop1: detected capacity change from 0 to 128
[  536.176730][T10130] EXT4-fs warning (device loop1): ext4_init_metadata_csum:4633: metadata_csum and uninit_bg are redundant flags; please run fsck.
[  536.446991][ T6482] udevd[6482]: incorrect jbd checksum on /dev/loop1
[  536.466906][T10130] EXT4-fs (loop1): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
[  539.118886][T10130] loop1: detected capacity change from 0 to 1024
[  539.473329][   T30] kauditd_printk_skb: 16 callbacks suppressed
[  539.473347][   T30] audit: type=1326 audit(1757083717.274:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10128 comm="syz.1.895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f291838ebe9 code=0x7ffc0000
[  539.510454][   T30] audit: type=1326 audit(1757083717.274:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10128 comm="syz.1.895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=99 compat=0 ip=0x7f291838ebe9 code=0x7ffc0000
[  539.536695][   T30] audit: type=1326 audit(1757083717.284:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10128 comm="syz.1.895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f291838ebe9 code=0x7ffc0000
[  539.620730][   T30] audit: type=1326 audit(1757083717.284:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10128 comm="syz.1.895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f291838ebe9 code=0x7ffc0000
[  539.701612][   T30] audit: type=1326 audit(1757083717.284:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10128 comm="syz.1.895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f291838ebe9 code=0x7ffc0000
[  539.726249][   T30] audit: type=1326 audit(1757083717.284:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10128 comm="syz.1.895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f291838ebe9 code=0x7ffc0000
[  539.750347][   T30] audit: type=1326 audit(1757083717.284:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10128 comm="syz.1.895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f291838ebe9 code=0x7ffc0000
[  539.772809][   T30] audit: type=1326 audit(1757083717.284:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10128 comm="syz.1.895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=116 compat=0 ip=0x7f291838ebe9 code=0x7ffc0000
[  539.795889][   T30] audit: type=1326 audit(1757083717.284:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10128 comm="syz.1.895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f291838ebe9 code=0x7ffc0000
[  539.824807][   T30] audit: type=1326 audit(1757083717.284:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10128 comm="syz.1.895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=323 compat=0 ip=0x7f291838ebe9 code=0x7ffc0000
[  540.051743][T10166] netlink: 332 bytes leftover after parsing attributes in process `syz.5.903'.
[  540.332849][T10169] tipc: Started in network mode
[  540.339000][T10169] tipc: Node identity 0000000000005f120000000000000001, cluster identity 4711
[  540.509011][T10169] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  546.149339][T10222] tipc: Started in network mode
[  546.154375][T10222] tipc: Node identity 0000000000005f120000000000000001, cluster identity 4711
[  546.163681][T10222] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  547.490624][T10231] loop3: detected capacity change from 0 to 512
[  547.880616][T10231] EXT4-fs warning (device loop3): ext4_multi_mount_protect:318: fsck is running on the filesystem
[  547.891382][T10231] EXT4-fs warning (device loop3): ext4_multi_mount_protect:318: MMP failure info: last update time: 1669132786, last update node: dvyukov-desk.muc.corp.google.com, last update device: loop4
[  547.946488][T10229] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  548.293932][T10234] tipc: Started in network mode
[  548.298845][T10234] tipc: Node identity 4a6fbb8446d7, cluster identity 4711
[  548.415677][T10240] 9pnet_fd: Insufficient options for proto=fd
[  548.438068][T10234] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  548.531614][T10244] tipc: Resetting bearer <eth:syzkaller0>
[  548.537917][T10239] syzkaller0: entered promiscuous mode
[  548.546292][T10239] syzkaller0: entered allmulticast mode
[  548.586389][T10233] tipc: Resetting bearer <eth:syzkaller0>
[  548.633560][T10233] tipc: Disabling bearer <eth:syzkaller0>
[  548.742350][T10248] 9pnet_fd: Insufficient options for proto=fd
[  548.757286][ T5930] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  549.179495][ T5930] usb 3-1: Using ep0 maxpacket: 32
[  549.390263][ T5930] usb 3-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[  549.432359][ T5930] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  549.563909][ T5930] usb 3-1: Product: syz
[  549.578263][ T5930] usb 3-1: Manufacturer: syz
[  549.590186][ T5930] usb 3-1: SerialNumber: syz
[  549.614261][ T5930] usb 3-1: config 0 descriptor??
[  549.645962][ T5930] gspca_main: ov534_9-2.14.0 probing 05a9:1550
[  550.055245][   T30] kauditd_printk_skb: 36 callbacks suppressed
[  550.055258][   T30] audit: type=1326 audit(1757083728.304:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10242 comm="syz.2.920" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff8de38ebe9 code=0x0
[  550.135585][ T5930] gspca_ov534_9: reg_w failed -71
[  550.670223][ T5930] gspca_ov534_9: Unknown sensor 0000
[  550.670326][ T5930] ov534_9 3-1:0.0: probe with driver ov534_9 failed with error -22
[  550.686584][ T5930] usb 3-1: USB disconnect, device number 12
[  550.751313][T10266] loop5: detected capacity change from 0 to 1024
[  554.536278][T10311] netlink: 212376 bytes leftover after parsing attributes in process `syz.1.939'.
[  554.546990][T10311] openvswitch: netlink: Message has 512 unknown bytes.
[  554.656523][T10311] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] SMP KASAN PTI
[  554.668546][T10311] KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]
[  554.676997][T10311] CPU: 1 UID: 0 PID: 10311 Comm: syz.1.939 Not tainted syzkaller #0 PREEMPT(full) 
[  554.686271][T10311] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  554.696421][T10311] RIP: 0010:io_check_coalesce_buffer+0x354/0xb60
[  554.702891][T10311] Code: f7 e8 30 5f 63 fd 4c 89 74 24 28 48 8b 44 24 18 4c 8b 74 d8 08 49 8d 6e 08 48 89 e8 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <80> 3c 08 00 74 08 48 89 ef e8 fe 5e 63 fd 48 8b 6d 00 48 89 ee 48
[  554.722547][T10311] RSP: 0018:ffffc90003acfa38 EFLAGS: 00010202
[  554.728613][T10311] RAX: 0000000000000001 RBX: 00000000000001ff RCX: dffffc0000000000
[  554.736641][T10311] RDX: ffffc9000e782000 RSI: 0000000000007bad RDI: 0000000000007bae
[  554.744605][T10311] RBP: 0000000000000008 R08: ffffea00013e8007 R09: 1ffffd400027d000
[  554.752563][T10311] R10: dffffc0000000000 R11: fffff9400027d001 R12: ffff88805408cff8
[  554.760628][T10311] R13: 0000000000000200 R14: 0000000000000000 R15: ffffea00013e8000
[  554.768600][T10311] FS:  00007f29192626c0(0000) GS:ffff888125af9000(0000) knlGS:0000000000000000
[  554.777611][T10311] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  554.784287][T10311] CR2: 0000200000123030 CR3: 0000000021b9c000 CR4: 00000000003526f0
[  554.792340][T10311] Call Trace:
[  554.795604][T10311]  <TASK>
[  554.798521][T10311]  io_sqe_buffer_register+0x1ef/0x20a0
[  554.803984][T10311]  ? __pfx_io_sqe_buffer_register+0x10/0x10
[  554.809870][T10311]  ? trace_kmalloc+0x1f/0xd0
[  554.814573][T10311]  ? __kvmalloc_node_noprof+0x5ed/0x910
[  554.820146][T10311]  ? rcu_is_watching+0x15/0xb0
[  554.824961][T10311]  ? io_sqe_buffers_register+0x138/0x8e0
[  554.830588][T10311]  ? iovec_from_user+0x1ba/0x250
[  554.835524][T10311]  io_sqe_buffers_register+0x3b9/0x8e0
[  554.840994][T10311]  ? __pfx_io_sqe_buffers_register+0x10/0x10
[  554.847055][T10311]  ? __se_sys_io_uring_register+0xb6e/0x11b0
[  554.853045][T10311]  __se_sys_io_uring_register+0xb85/0x11b0
[  554.858841][T10311]  ? __se_sys_futex+0x36f/0x400
[  554.863687][T10311]  ? __pfx___se_sys_io_uring_register+0x10/0x10
[  554.869925][T10311]  ? rcu_is_watching+0x15/0xb0
[  554.874705][T10311]  ? do_syscall_64+0xbe/0xfa0
[  554.879373][T10311]  do_syscall_64+0xfa/0xfa0
[  554.883867][T10311]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  554.889946][T10311]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  554.895570][T10311]  ? clear_bhb_loop+0x60/0xb0
[  554.900243][T10311]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  554.906188][T10311] RIP: 0033:0x7f291838ebe9
[  554.910596][T10311] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  554.930275][T10311] RSP: 002b:00007f2919262038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab
[  554.938677][T10311] RAX: ffffffffffffffda RBX: 00007f29185c6180 RCX: 00007f291838ebe9
[  554.946818][T10311] RDX: 00002000000002c0 RSI: 0000000000000000 RDI: 0000000000000006
[  554.954785][T10311] RBP: 00007f2918411e19 R08: 0000000000000000 R09: 0000000000000000
[  554.962797][T10311] R10: 100000000000011a R11: 0000000000000246 R12: 0000000000000000
[  554.970757][T10311] R13: 00007f29185c6218 R14: 00007f29185c6180 R15: 00007ffdc83947f8
[  554.978914][T10311]  </TASK>
[  554.981949][T10311] Modules linked in:
[  554.986004][T10311] ---[ end trace 0000000000000000 ]---
[  555.298357][T10311] RIP: 0010:io_check_coalesce_buffer+0x354/0xb60
[  555.305666][T10311] Code: f7 e8 30 5f 63 fd 4c 89 74 24 28 48 8b 44 24 18 4c 8b 74 d8 08 49 8d 6e 08 48 89 e8 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <80> 3c 08 00 74 08 48 89 ef e8 fe 5e 63 fd 48 8b 6d 00 48 89 ee 48
[  555.337896][T10311] RSP: 0018:ffffc90003acfa38 EFLAGS: 00010202
[  555.344197][T10311] RAX: 0000000000000001 RBX: 00000000000001ff RCX: dffffc0000000000
[  555.383490][T10311] RDX: ffffc9000e782000 RSI: 0000000000007bad RDI: 0000000000007bae
[  555.393596][T10311] RBP: 0000000000000008 R08: ffffea00013e8007 R09: 1ffffd400027d000
[  555.402630][T10311] R10: dffffc0000000000 R11: fffff9400027d001 R12: ffff88805408cff8
[  555.414535][T10311] R13: 0000000000000200 R14: 0000000000000000 R15: ffffea00013e8000
[  555.427304][T10311] FS:  00007f29192626c0(0000) GS:ffff8881259f9000(0000) knlGS:0000000000000000
[  555.437416][T10311] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  555.448924][T10311] CR2: 000055558ab655c8 CR3: 0000000021b9c000 CR4: 00000000003526f0
[  555.459732][T10311] Kernel panic - not syncing: Fatal exception
[  555.466121][T10311] Kernel Offset: disabled
[  555.470439][T10311] Rebooting in 86400 seconds..