last executing test programs:

29.984709111s ago: executing program 4 (id=174):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000009e00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='virtio_transport_alloc_pkt\x00', r0}, 0x10)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10)

27.113066986s ago: executing program 4 (id=181):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000001540)=ANY=[@ANYBLOB="b702000008000000bfa300000000000007030000ffffffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000001404000001007d60b7030000000000006a0a00fe40000900850000001f000000b70000000000000095000000000000006623848adf1dc9a764ab51a064caff0c9b27a26293fddf0180000071ff31f1622271d5518193e09483c5a020c334f8c76334d8ce8303b81ddaa52e8756ad60a07d6f27c125e16d024098f755d8583da60f27c162dbba0700002ac9170f50f2568836077b7f711a18ebf608d87b885297b6b6981978d51514b00dcc4a2748b376358c33c9753beab62bdf27dc04e4cb4bc598affd989b1ca58949a54d5827df14feecea46408a05d572077f1252fbb72c3d099c501bc4ded6fca17a3447222c95edb47b770009524edd5fa5c53e9c37251709f1ff7f0000f07bf7f53ce129a9ecd3b4dd15100f2b450f98526a0d8cac7c97fc2f64015306a1bd88345710fb6379b4c53cf55eefb4c0974486a8d25a363adbd83b49e13fbd1757b27020bd9b8cff3f48c9411670c34f23ab8caf7851b290feb3045a1b622f20c4383a0280f040de7667f8b1d0842835e81c35af41e5b5b924275cb1749289b44e9728e7a73f148ac8206afe120c1437490d9900000011000003971b32fdffffffffffffffaf580278e1342aabd1b623f6c4f128858e4eb6b42f2173184c2b99b645f6ec0e14e5d7c95a0008000000f30f6c0000000000ff0000b8f5001a1d2a34dc0973ec302bc23211d3e3b6e6dad65a51e5497a3419cecec38126247b27113ad4c7915c8f82c333a7b350802f0311807010d1ed50c18411aa6900daccc02f4ba4b078f07e41f781eee222c7d071d5a94d82ca9a0846c1af59cee16639b4970f8f0a82c6a712fd5722d677d406160ffaffffffb4e0bde6749aa52c408b74251914c5d3255fd88a42e7ebb69ebcd8eee623e51dbb1f1b548c91a6825c0686fdc16be1cbb72c217fda18bd746253ca66093daf35923300b600000000ac376e0a4649a8a84e1d293a6b109c5e59b366bca5cc3d936c53d4a48c05099e6fc37e5aa23bff8cce0600000000000300a568a8532623d12b40b50ac26f2e8255470a04bfbe7acb581b90991d965a01d1f84cb6b973558e1e3f8118c77ccf0b3c6eb6443870004da10c75723b65f83769ad1f0e4ef6b9ef1cec23264fd8fdac6264af1cb467020bdc12b797b6c156c439105829d2ae1c45f7cfa40df68f536a03353a55a8a8e176e5d48887d31c8e0f77f2c1e68ec7c01bd5a2028a8fc107007f5f4c67600a6ade3deb1f200abe1f753754678dae8b4e3ba3d086d4b95dfc5817e3dafae2d38b522f942cc750399d9029f071fdb1e05882f8a4b8fbd219ccac3a895828b4f22b6527ce31ceb02b7b2b4492510134552f0b076b168394f8417f25cc82ae04007193cbe69de8bf35e4bebd15412426b2020ab1f05fc44ae9ae094c1b81d3ef947692b44d2afb09c7498dedf0f87c38bbcab7357836f03e8a7c392e535694a3ead2de11e6b1781e2a017ac341fda2e563ee95085742f5fee9f95f4741b226e428d20b00bc140000e4b2f5efd0a0b1ceba000830ba8634b5aa26bdbe91614e92fae3c7349531df9bf4c01ebf5d8eb7d53e5f30647661623fbdb3f6c3652c423ce6ecc1be5d4e8133fc32f68ea86a2df1e7df98a0ae216c405d0ae9eed114ff2d6fe27dfdff1cf9194849c4cc0da9533e5983863e526a7dc0d8728f3b573ca4427bdb44df9341e9b8420e896598a156c935c800436a312e7ae3c011e46851ac599f0427729ab9c55ae0ab4c0000000000000000000000000000c87bcc2ac5aed9467b51d92e0993af4beaf1f3d47dcdfab9165f98155d93e383d6b85158b54675c1585037508c1e9461a1c3d1a6e2402045cae150a7016f716eebbdf6afc4414d900be0bdf19f4a273f44f4357380b4387f1c8b104f0e406b2f04e5ed88631be6411f9927fe9f83412b7c5a676ceec8b454ebf6481c98e86b6933a02daea0b4ec0be5b3d916bd70208b4588626c27c318475802e2c62681bd1a331422a6e47bbd40857d52c4894944fae5c5000000000000000000000000e0c47613e950b6aefeae054fc723f62ac7d13941de11b018f1f48ac50335df91c771729f81929128135b2803562c1171ee00a3f4a31281aa363e087d53d86dd85e3ff979a7e72d16fdd7e1a0f07a1c8e6085d280d760f74975ceb3a5be6cfb4da8e0aeb769b8b75f4aad803ed77d34872eed2711aa40a3b38099dc2752e8ec9b520faf39e416752aa0830206736570f5d41a4df848c9052551cf8dcb1be000000000eb2577188e8e96bd825d462350905d3eb916b397d2a46a64081e85661d7a5a2716cc87cb1976d15d9b6418e94f165911803e43830432226c660f4da67bb7c8ceb3755c07197d8b80b8d16b12c2ec63bebe107aa2350a7ae564bf69a6c52a2da1496016dd66a1c1b112"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000880), 0xfffffffffffffddd}, 0x48)
r1 = getpid()
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x1, 0x8008, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_BIND_MAP(0xa, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='net/ipv6_route\x00')
preadv(r2, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/7, 0x7}], 0x1, 0xffffffbf, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x8, 0xb, 0x0, &(0x7f0000000000)='GPL\x00', 0x2, 0xf6, &(0x7f0000000040)=""/246}, 0x90)
syz_open_dev$loop(0x0, 0x0, 0x0)
ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, 0x0)
socket$inet(0x2, 0x200000003, 0x84)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_proto_private(r3, 0x89e9, &(0x7f0000000040))
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
ioctl$sock_SIOCGIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(r3, 0x8982, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0xe, 0x0, &(0x7f0000000140)="3d6ee2e04b91ab10143d9abe86dd", 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

26.580095442s ago: executing program 3 (id=184):
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
rt_sigprocmask(0x0, &(0x7f0000000480)={[0xfffffffffffffffd]}, 0x0, 0x8)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000100)={0x3, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="020300021c000000000000000000000012000800"], 0xe0}, 0x1, 0x7}, 0x0)

25.828591826s ago: executing program 3 (id=188):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r4, r1, 0x25, 0x0, @val=@tcx}, 0x40)
syz_emit_ethernet(0xd86, &(0x7f0000000a40)={@local, @multicast, @val={@void}, {@ipv6={0x86dd, @udp={0x2, 0x6, "a341d0", 0xd4c, 0x11, 0x1, @private2, @dev={0xfe, 0x80, '\x00', 0x2e}, {[@hopopts={0x2e, 0x1a2, '\x00', [@calipso={0x7, 0x18, {0x2, 0x4, 0x6, 0x6, [0x2, 0x688]}}, @jumbo={0xc2, 0x4, 0xff}, @jumbo={0xc2, 0x4, 0xd18}, @padn={0x1, 0x4, [0x0, 0x0, 0x0, 0x0]}, @calipso={0x7, 0x10, {0x1, 0x2, 0x1, 0x3ff, [0x3]}}, @jumbo={0xc2, 0x4, 0x1}, @generic={0x60, 0x55, "6ef5f583969e06dbff857f0a5612da1f10ca72595ecffc6faa775e3a48b14fe6ad2c208142826eddbf40573daf41a1984f348534437514cb7dd08f8526765003963ccf051ab6cbcbd6b8144c3245ca15e92002352c"}, @generic={0x10, 0xc74, "764c10cceb754266c504b5955e943c260d79ef9b95389cb0eb2b32f6050a42cc682680361ab05b148836efc1df6c370e4eea13beba553e199aaaaedef60bb05785411050154a1f3709c40442c63b69f8145e34f175a1b361ca11cb6e936f45c6e13d61d3d97570506b3c73e7e2a881b803ccf0617138d4a24521acd3694a6169c18b6e2c7748423d39fa6bb892db5dd33d734a3a4da64d4bcf0239fe91a3a2106a151b06b2dcac34b3796f72e3ce47638b3663c593d631faca95d5c2a9fa3212cf80f926d7e906cbbfc5fb04948b4c7e34df26a794e45af0e104faf205d97aca7c650c4a7b551895f0a3b48da3ee455f359948b62bda9c45af884d22fbb1e8d97935bc1cbcbb59b491b25e68bda05cce2208cc7903b04ac2b00adf56499c07aee3cdc64f956d380f1a9c6946ec02af4e828f04c787415bfaa4cfdf57cd2aa5bd9cdec42bf2b5380b9aa67fdca67c64b1879641e8aa4f5886cfe20982ada35b7817f97de6d0dd51888c522013c5c5862ed27e6f07d2218219a872160817fc89b52939ecde04b308e451b6d4e9c5c8c81f1b984b0fe1ec85bd337ee9ba3d64204515c0cc7f5a84d87ad639ce8965f93900269f9d33823cdd95cd9b7e73ee98c199013fad338360fc7cbec3a5fa8e83d7bfaec14b1719060774e1469800140203b1aaebd2bf0b535b9a76659d28c02d3b5cd2fb6984a417db28f2c43f218fbe669ccd2b8ecb4dcae17745350857790d8c07e943a7167b8bb8c85e091098b06ef0437b4e294dbb851e2882f0621c068a3da0fe1753fa920a81038dea2cee6c6252b2e5be5e0ae23e0c27d15de32c8912f4baa7bce1fa570356bf589a67055684b3dafe97632c5decb61d8b84786817eaca68f10694121e6d8e3db4be49251d0891ee5453b48ab72e350a509833f6754e0ad8a03df8a73442cda38fff95caf4761f4e612be9605a00238f8137c1aff6a75d34a349b141210de6a28ca1a762f8abc01a3d887376a8f28d49d14182601b7051c465f2a01f6b5702419e6b960f44f0ec984a1dedc35f5b43416e4cff2adb72d64124f5261f65599f2a9daf632fcb633da572ed021c60504c8fa2613623f0d721f1d231f022a17ec4ab0c1af8b251ac205c87e26a7fff8157778d590da524fdec2422a2f6bd321676ff2c7ce368f68155b9050a61ce50ab9f71a74178cfddb2c2884c2d758ae57e83bcaf1e7fdede71ec6ef063d99db6b0b8e772b60224a6b352d5e3cb1166dda8af66286adbc2041e99ad36b855297f577ca9d91d053627cc56137e591a3ccb1328dad92fef00201a0ca7b66568eb5c6c4e67490edc3b465928a6e5a21393b0b287f2718bba6f53511f742e202f811f739672f5acb46d277fda9398ad9046972b0b36bbe84a995ca5257afe52d0a5d2743b53f872555cd70d0f0731952ccfafe51876bf57073c8ffcb7eb01f07580a43dd376646c38c92904636445102084593ee6192a20d525bbb2702231806473829efb836eb2148735296bce1dd2fa838507f538be265922a728ae9710f56101118db1ec64caa4a39531de27b56f8e06e62bd49236e663078e434e90b4dbf8c254c6f5c8f2b775f8eb6a78d5b2987a54296f7916f0824eb39396f6ce240d19ccecfbd031578b87e24d42be97c58ab3e834015b0994060b72997a7f3bd1dd63fd7ad73afa38bd5c781315d5b363975fbfefb32ba601b11432bffa33263e48cf718067d01277eaf3d1591dba117ac2334eeeaeb14a313fd1d276b86d2fe64d374774cd355bceeedfbfe8677ec6b7f7f905e79f17cb538d3c4ad2f65c71331bf687d0d37499ae8007fde3ec315b34b332968e8be05f170cce3175e91fa0ecb986c976e687b85aad81f0950d77d614d29fd0cb85df99ee05c1597721c2b5ec0b955adec9486485bd5135957e69d28c3715c65ab1b84f9bc8f96f06d3d65115b88bef5732ba76f36d0953deaf3421c1a4fd9a41187202e3ea6ac7a40cc700b81c1779d680e7076ffe2873b07fbb18701aca4be362fafdad3af37d63a2fcc4a227590493d473024b0cd5e9245b02cc694767497cfe93ea18b79b3aeaff83c5173d35156fa79b9e5d04d6bae612d017f24fafac1a2fcdf87d53acf7f0f3cbf0c9d0ecb3a66b578b683775f89fcdcbec880189025b9da70f8bbdefffdaf40e352b1fe25571360761d92fc883a3fa9d411347aea73a57c5e62468ef5a4f03615f7c6435510a25fdd60bcc79f5b04f7cb74e7cff1ef4811c43a1a546dd96bb877628e577724407d8d80b436198678729f34a19da453ff63f08bc8df9e0314c696bc301b7b9042d271cbbd49122746a381c61353ce42e3e4be597c992c5064ed266a1261880383c9be1b5f7719ff010dbe5d3b29f9c81cbb9a52dc921d09b5f17cb0dd11cdcd9954f5fc751dd89af42cab233312d3f2f6766a9e9ae13632c73ebb6a76109bc1072c785a28eb087a563d5355e91925f84e9bd8c20abb76951dce0f4240b1c9ca8eb6025840535fa3aaf8a907b7db820b40275ec9174a90e731e089dc9ecfe04da9697e0cce7360315afa772cc8adfd1099ddc0912ee62887ed721dc89e3b82f0e0a6a3dd1183a49780914dc21afb324ffbb702f15dd9ff0ad1e7e620585c474ec2addea3280642e4415813f6d21eb5f125bd22c65488e338fc3f85c0e40a0ab18b490ee88c38addcd62a89e1ef5984645e58d3f288906060c930b24d5e8ffb3cab6f6a69218ba27d27d24e73941f6e40518d68ae67651e9c0b3c5c7f0690c7d65c92f3f627efeb64e0431a3022298768d91e4eb27c0c0e45d8593df6abe218571eade5a16f201f1136194ad5ba5fc4bd48274aa700c5555936c638e51750b68e06bf02d8a491e68e90cf4500fef5700ffa2e80d5f7783999c36732db7d4814cf42704c0f8675dce6a75ea72e431357b026e80b097682220039875bfaf02a04f78a43b390de8a9489a4eee132c3990d35fdc03e8907e0f2a3c44fadeac0e635a8f5747d9668ad63ebd790a07648f882012943969a822803f23534aac5f4f775d9519bdac5c2ecc312d2d040ca3bde8db02de9bb557781ed9e02fc224035347a26c43bb990ca27fb656884b59a1d506f435e6f9974bd9f550e359f34ccdb0b33aebdef0e2ce480fb870eaa610e0cbae4c74a5d2eccc5c5f3003b76ff5a5badc9da4b5ad9fbfb9e3344e95a2f415a6a24fc3bdd07623a8b70840e6c736d474253488706429a2e1ab46666e513741f1128c3399111df7ab19bac700d802222bcc30954e01af5f3d0132db67e9a75ee514b1b45ad0ed6e0ccb8942562c92d3eeed45edc9f3233e48efc783d9ced3504161253836305ce5c551fa257a43131f49d538bebf0187edc6784adac7d4755b652e175c0443d84d1099495cc617d4f3639363b6a9740650de2595efcbc517363e2180fa7222d09bbfb64a084f098eef5cedf6e56d1b6dcd91c297e3f50be4d4b778475edd72d076ab922dd5d4eb50df664af21e12d12b17b0083a666499606db910c596be0a552b5c7c9f7b6846b5518176c70105945aaf573a2d93ab568eeb3d01218232f5d629c6c0efc85aba78dc14596d06b964628eddd0898564ce0077ca582a4c5ffb4ba0f3cb6cf92b3642a04e6e785663d9739cf56167bff9a3db25bba25ac1793929701f225eb86e4653657f6a859c93b5e6e070fedfead7038837cf3ac2c862746430949e8334e76820495ca941912864baa5042d3b071acb52027649d4dba6cd61ff715f15814ef48b4addb2233f60c53b40aade03bf4738fc0529de96d1375a0c6e73ff292e648a7519d68d9a2436ac30b844085199f76236c7802f4cd2e955acebddbcffdbddd3b8f23711079ea5b6d95b4ce94fa6dfdb4fdf68875c87587b7a4e97ef2b8db010f8b0e416a5de546b6684f88ea9cc8074ea72395c79a59dbbebd3cd311b5c55d059e233e06d643ecb0178a87c167813b35c4de3088e54ff51b03c842eb3e379b19cb12a0544083d41c993b0ac3b56a03b160e4e9be31e284fa6d0fc26641f2eee49960158460f6f19f9e2535471f35a635bfa08cf2e436c09d88f97783ec5b20dd8fd5c04c2332c8c1646dbda04f2861ea9115be9dddba2465b66bfbff53bdf1cee7dcea7df23dc562c9e01a33a7c6af553715e8f667e0f4e33470b342059ebda0cebf26fcb60c55b98545d3a8202fc38dbb77bfcc5d1549392f60a3e2dccdc0a827f9db8ee0bd4704372642896c6af532f1e214f6d0ce17e03e9f4954616beb4cfb273cb3d06fb5ecc58732ddef653c74636d2651117012406253a4296f9d60e64465f2f42e6c10a897c956514106739a5105a7a3e4bd70f41ad0bd551ea636393c298d627a1262b686044bf94177cda1e55c1f09c0313926d260f4f28a49d558d9884169ce8b283fffd0a29ba1075bdda869823db78044642bfa2421ccbaed23f6f5475d5e7a7cf97b65f21fea394b284a2558750212e772c0a1148d43028c9bef780d34041b515e351c8277eeedfbb41a91f2868"}]}], {0x4e20, 0x4e23, 0x2c, 0x0, @opaque="d8e1be4755597a467eeb954ba9b9d41a9a4bf65428c8ce53bcd5a52b2be1ee44e94aa6f9"}}}}}}, 0x0)

4.793578851s ago: executing program 3 (id=189):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYRESOCT], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7fffffff}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
sendmsg$NL80211_CMD_GET_KEY(0xffffffffffffffff, 0x0, 0x4020801)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000640)=ANY=[@ANYRESHEX=r0, @ANYRES32, @ANYBLOB="0c8882e9cee242c261d719923b879957cd37136c725e682e724b8d", @ANYRES16=r2, @ANYRESOCT=r2], 0x114}], 0x1}, 0x0)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x2000, 0x0)
mount(0x0, 0x0, &(0x7f0000000040)='squashfs\x00', 0x0, 0x0)
set_mempolicy(0x6, &(0x7f00000003c0)=0x8000000000000001, 0xe0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
r4 = gettid()
process_vm_writev(r4, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{0x0}], 0x1, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f0000f81000/0x3000)=nil)
r5 = gettid()
process_vm_writev(r5, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
ioctl$VIDIOC_G_SELECTION(0xffffffffffffffff, 0xc040565e, &(0x7f0000001a80))
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
mprotect(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0)

4.074845972s ago: executing program 0 (id=237):
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, 0x0)
mremap(&(0x7f000062b000/0x2000)=nil, 0x1d5000, 0x40000000, 0x3, &(0x7f00009f6000/0x3000)=nil)
io_submit(0x0, 0x0, &(0x7f0000000080))
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="040e390023200000000000e8e75c68fa"], 0xb)
setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local, @local}, 0xc)
syz_emit_ethernet(0x36, 0x0, 0x0)

3.940535764s ago: executing program 4 (id=182):
syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f00000004c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1804810, &(0x7f0000000180)=ANY=[], 0xfe, 0x669, &(0x7f0000000640)="$eJzs3c1vHGcdB/DvrDd2Ni3BTZM2oEq1GgkQFolf5IK5EBBCPlSoKgfOVuI0VjZpsV3kVog6vF576B9QDr4gTkjcIxUOXODWG/KxEhKXXjCnRTs7a6/XL10njb1pP59o9nmeeWae+T2/2Zl9saIN8IW1MJn6gxRZmHxlvd3e2pxtbm3O3u3Wk4wl2UjqSWpJiv+2Wq0Pk+tJsTNM0Vfu8/7y/GsffbL1cadVr5Zy+9pR+/WpttvoW73RXTeRZKQqH8Ge8W488njFTuTXk1ypSjh1Z5K09vjZ35/e6enROGjvsycSI/B4FZ3XzX3Gk3PVhd5+H9B95a2dbHSDGxtwu/53EAAAAPCkGeQz8Je3s5314vwJhAMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACfCxu7v/9fVEutW59I0f39/9FqXar6cHnxeJs/eFxxAAAAAAAAAMAJenE721nP+W67VZR/83+pbFwsH5/KW1nNUlZyNetZzFrWspLpJOM9A42uL66trUwPsOfMgXvOfEqgY1XZ+GzmDQAAAAAAAACfM7/Kwu7f/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYBgUyUinSHG/Z/V4avUkZ5OMtldsJP/s1p9kD047AAAAADgBY8l21nO+224VuZjkufI7gLN5K/eyluWspZml3Cy/F+h86q9tbc42tzZn77aX/eN+/z/HCqMcMZ3vHg4+8uVyi0ZuZblcczU38kaauZlauWfb5Sqe7qh9cd1vx1R8rzJgZDersj3z96pyn3ePNdnDHPPLlPEyI2d2MjJVxdbOxjPdM3PwGTrm2ek/0nRqO8Fe7DvS6N7JPFTOz1Vlez6/Oyznp6I/EzM9z77njs558vW//OmnU1V9eKY0mJGqbJWPjf2ZmO3JxPODZOJ2896d27dWJ5+0TOwzVWbi0k57IT/KTzKZibyalSzn51nMWpYykR+WtcXq5Bc9l/whmbq+p/Xqp0UyWj1DOyfreDG9VO57Psv5cd7IzSzl5fLfTKbz7cxlLvM9Z/jS0We4vOprh1z1rS8dGPyVb1SVRpLfV+VwaOf1mZ689t5zx8u+3jW7WbowQJaOeW+sf7WqtI/x66ocDv2ZmO7JxLNHZ+IP5W1ltXnvzsrtxTcHO9yF96pK+zr6bTIxPDeS9vPlQvtkla29z45237MH9k2XfRd3+mr7+i7t9HWu1I1Dr9TR6j3c/pFmyr7nD+ybLfsu9/Qd9H4LgKF37pvnRhv/bvyj8UHjN43bjVfO/mDsO2MvjObMX898tz418rXaC8Wf80F+ufv5HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeHirb79zZ7HZXFrpq7RarXcP6RqwUq+O8JC7P0IlE/96qn3kA7q6P2d2gvF85enk5OY+rJX/tVqtak1xyDZ//NvQJKpVGYrUnVLl9O5JwMm4tnb3zWurb7/zreW7i68vvb50b35ubn5qfu7l2Wu3lptLU53H044SeBx2X/RPOxIAAAAAAAAAAABgUCfx3wlOe44AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAk21hMvUHKTI9dXWq3d7anG22l259d8t6klqS4hdJ8WFyPZ0l4z3DFYcd5/3l+dc++mTr492x6t3ta0ftN5iNaslEkpFOef+zGu9GVR6pOGoKxc4M2wm70k0cnLb/BwAA//+o5gZ+")
unlink(&(0x7f0000000180)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000002a80)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
chdir(&(0x7f0000000240)='./file0\x00')
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0xa18496, 0x0, 0x1, 0x0, &(0x7f0000000000))
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file2\x00', 0x4b142, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
write$FUSE_GETXATTR(r0, &(0x7f0000000000)={0x18}, 0x18)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r1, &(0x7f0000000200), 0xf000)

3.87098692s ago: executing program 0 (id=238):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@remote, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0xa}}, {{@in6=@ipv4={'\x00', '\xff\xff', @multicast2}, 0x0, 0x2b}, 0x0, @in=@empty}}, 0xe8)
r1 = socket$key(0xf, 0x3, 0x2)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f00000001c0), 0x4)
sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="020b000102"], 0x10}}, 0x0)
sendmsg$key(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={0x0, 0x10}}, 0x0)
close(r0)
socket$kcm(0x10, 0x2, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)={0x80, 0x0, 0x1, 0x401, 0x0, 0x1a14, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x1}, @CTA_SEQ_ADJ_REPLY={0x1c, 0x10, 0x0, 0x1, [@CTA_SEQADJ_CORRECTION_POS={0x8}, @CTA_SEQADJ_OFFSET_BEFORE={0x8}, @CTA_SEQADJ_OFFSET_AFTER={0x8}]}]}, 0x80}}, 0x0)
pipe(&(0x7f0000000080))
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, &(0x7f0000000380)={@multicast2, @multicast2}, 0x0)
r3 = bpf$ITER_CREATE(0x21, &(0x7f0000000400), 0x8)
epoll_ctl$EPOLL_CTL_DEL(r3, 0x2, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'wlan1\x00'})
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x38, 0x3, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x38}}, 0x0)

3.813076555s ago: executing program 2 (id=239):
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000002fc0)={0x0, 0x0, &(0x7f0000002f80)={&(0x7f0000000480)=ANY=[@ANYRESOCT], 0x14}}, 0x20994)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f00000004c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x800810, &(0x7f0000000640)=ANY=[], 0x1, 0x669, &(0x7f0000001000)="$eJzs3c1vHGcdB/DvrDd2Ni3BTZM2oEq1GgkQFolf5IK5EBBCPlSoKgfOVuI0VjZpsV3kVog6vF576B9QDr4gTkjcIxUOXODWG/KxEhKXXjCnRTs7a6/XL10njb1pP59o9nmeeWae+T2/2Zl9saIN8IW1MJn6gxRZmHxlvd3e2pxtbm3O3u3Wk4wl2UjqSWpJiv+2Wq0Pk+tJsTNM0Vfu8/7y/GsffbL1cadVr5Zy+9pR+/WpttvoW73RXTeRZKQqH8Ge8W488njFTuTXk1ypSjh1Z5K09vjZ35/e6enROGjvsycSI/B4FZ3XzX3Gk3PVhd5+H9B95a2dbHSDGxtwu/53EAAAAPCkGeQz8Je3s5314vwJhAMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACfCxu7v/9fVEutW59I0f39/9FqXar6cHnxeJs/eFxxAAAAAAAAAMAJenE721nP+W67VZR/83+pbFwsH5/KW1nNUlZyNetZzFrWspLpJOM9A42uL66trUwPsOfMgXvOfEqgY1XZ+GzmDQAAAAAAAACfM7/Kwu7f/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYBgUyUinSHG/Z/V4avUkZ5OMtldsJP/s1p9kD047AAAAADgBY8l21nO+224VuZjkufI7gLN5K/eyluWspZml3Cy/F+h86q9tbc42tzZn77aX/eN+/z/HCqMcMZ3vHg4+8uVyi0ZuZblcczU38kaauZlauWfb5Sqe7qh9cd1vx1R8rzJgZDersj3z96pyn3ePNdnDHPPLlPEyI2d2MjJVxdbOxjPdM3PwGTrm2ek/0nRqO8Fe7DvS6N7JPFTOz1Vlez6/Oyznp6I/EzM9z77njs558vW//OmnU1V9eKY0mJGqbJWPjf2ZmO3JxPODZOJ2896d27dWJ5+0TOwzVWbi0k57IT/KTzKZibyalSzn51nMWpYykR+WtcXq5Bc9l/whmbq+p/Xqp0UyWj1DOyfreDG9VO57Psv5cd7IzSzl5fLfTKbz7cxlLvM9Z/jS0We4vOprh1z1rS8dGPyVb1SVRpLfV+VwaOf1mZ689t5zx8u+3jW7WbowQJaOeW+sf7WqtI/x66ocDv2ZmO7JxLNHZ+IP5W1ltXnvzsrtxTcHO9yF96pK+zr6bTIxPDeS9vPlQvtkla29z45237MH9k2XfRd3+mr7+i7t9HWu1I1Dr9TR6j3c/pFmyr7nD+ybLfsu9/Qd9H4LgKF37pvnRhv/bvyj8UHjN43bjVfO/mDsO2MvjObMX898tz418rXaC8Wf80F+ufv5HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeHirb79zZ7HZXFrpq7RarXcP6RqwUq+O8JC7P0IlE/96qn3kA7q6P2d2gvF85enk5OY+rJX/tVqtak1xyDZ//NvQJKpVGYrUnVLl9O5JwMm4tnb3zWurb7/zreW7i68vvb50b35ubn5qfu7l2Wu3lptLU53H044SeBx2X/RPOxIAAAAAAAAAAABgUCfx3wlOe44AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAk21hMvUHKTI9dXWq3d7anG22l259d8t6klqS4hdJ8WFyPZ0l4z3DFYcd5/3l+dc++mTr492x6t3ta0ftN5iNaslEkpFOef+zGu9GVR6pOGoKxc4M2wm70k0cnLb/BwAA//+o5gZ+")
r2 = creat(&(0x7f0000000300)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
write(r2, &(0x7f0000000000)='&', 0x1)
unlink(&(0x7f0000000080)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r4, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc)
listen(r4, 0x0)
r5 = socket$vsock_stream(0x28, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x44, '\x00', 0x0, 0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r6, 0x0, 0x10, 0x10, &(0x7f00000002c0)="0000ffffffffa000", &(0x7f0000000300)=""/8, 0xa00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
connect$vsock_stream(r5, &(0x7f0000000080), 0x10)
setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(r5, 0x28, 0x0, &(0x7f0000000180), 0x8)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmsg$unix(r7, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000100000001000000", @ANYRES64=r4], 0x18}, 0x0)
close(r4)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
sendmsg$unix(r8, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[], 0x18}, 0x0)
close_range(r4, 0xffffffffffffffff, 0x0)

3.812533555s ago: executing program 0 (id=240):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000002440)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a7ff070000000000004da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05dfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f9ff86086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace85c370183f23cf0838fb5a1d75c145feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00000000000000000000000000000000000000000000000000000096e4a7b57a867432217cf0be18b96865ee3dca3a03a5e0d3060705c499776bb3e8c442aa1d3b26842c96080c4c251b8cbc5de68938316e95857b0e3cdb14d4a93d49dd4f7a08639ee6943861886fabfac35f9aab09c77bc495b5c7116de70619c5ac798f1974d7a6e9b80ac4bab0f1657488278a40480731b7f51ff921e8ad8a1986b6da1660c40875504d1265679a718dc9a1400ac15ce81696f712a1074ac47de09e95d64eb72a186f11bf360e5841a283841762a0cda06ac7c74520427465c128763e3258169d32bce06dbf95fcf8e19ffdb7c56fb5e236f2422f631ead769969699318140ad2b431b21f88bf824e1590524a0aea10ad2c5f961533e78d8e46da0e6ef484d25bd09f6de08e398485d95c51f3a5dc76dbdea7b2d236d819018b22467116b359e8c38147565203c75a4a2789019e7e4bf06a2b3779cea3206cc2d10e5a458b81"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r1, 0x10e, 0x1, &(0x7f0000000400)=0x1, 0x2c)
r2 = socket$inet6(0xa, 0x80803, 0x84)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@private, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@private, 0x0, 0x32}, 0x0, @in=@local, 0x0, 0x0, 0x0, 0x5}}, 0xe8)
connect$inet6(r2, &(0x7f00000000c0), 0x1c)

3.702295734s ago: executing program 3 (id=241):
mount$fuse(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000002100), 0x0, 0x0)
getuid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000400)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$unix(r1, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000000300)="c1", 0x1}], 0x1}, 0x0)
setsockopt$sock_int(r2, 0x1, 0x200000010, &(0x7f0000000000)=0xfffffffc, 0x4)
sendto$unix(r1, &(0x7f0000000080)='\x00', 0x1, 0xd1, 0x0, 0x0)
recvfrom$unix(r2, 0x0, 0x0, 0x10102, 0x0, 0x0)

3.638907349s ago: executing program 0 (id=242):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r0}, 0x10)
pselect6(0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x0, 0x3938700}, 0x0)
setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0)

3.449190686s ago: executing program 0 (id=243):
syz_mount_image$iso9660(&(0x7f00000001c0), &(0x7f0000000000)='./file0\x00', 0x1a08050, &(0x7f0000000880)=ANY=[], 0x2, 0x5ae, &(0x7f0000001540)="$eJzs3V9v29YZx/EfHTnRvKEYtiEIgiQ9TTbAAVKHkhsFRq846khmK5ECSRf2VREscmFE7oakA2bfzLkJWmx7CwP6Ina7N7PrYtcbsGkgKXryH0lO7Fpt+v0YLY/FR4fPYQQ+OQwpCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyPGbrltz1AnCjU0zmd+Mo+6U9WV/948spmxXcrL/VK3qRvHSjV/8f/X17H93dav47Zaq2aKq/R9f/+mHP68slO+fktCleLG3/+zJYNB/fsb4ytwzvlhtGwZJFHS9tjVBEpm1RsN9uN5KTCvo2GQrSW3X+LH10ig2y/59U1tbWzV2ZSvaCNtNr2PLFx+/X3fdhvlopWe9OInChx+tJP560OkEYTuPyVZnMY+zD+LHQWpS63WN2d4Z9FdnJZkF1Ubt438AB+NB9Vk91d16vVaR1Hh0dfRBrddrtXq91ni09uix61bcY5S/ZTxi7EPb/lfRx2vudHy/XdShGzi3hVH9V0eBQm1oU+bUH19NxYrUnbB+pKz/v3pop253vP6XVf5G9KNy9U3l9f9O8dudSfVfRtcm5HM5Py+0p3090xMNNFBfz8/X30I5/nmOyWQ79+BskW1ZhQqUKFKgrrz8FaNAVUUyWlNDDbn6VOtqKZFRS4E6skq0pUSpbP6J8hXLylOqSLGMluXrvozyaqtVGVmtaEuRNhSqraa8vJdt7eT7fXVKjodBtbME1acEnSjmJ154rfqPH6SLPYAD5zAs6z8AAAAAAHhrOfnZ92z+v6jbeasVdKw777QAAAAAAMAF+rKVX1/vZPN/SbflTJz/H4xOFAAAAAAAgO8ZJ7/HLpvWL+ndolXeCXV4EmBhvikCAAAAAIBzyv9B/062WMpa78o5Of8/Kf/2s+qlJQkAAAAAAM7ly5nfsZ/0rjl//6fieNF52dv8pbPrZXHe7pXifVeO95i2bmp4rWjnfTUqoy59e8sZffvl4ZdgflMsKhoOp+fhTE2gcjQB553Ru48moD/rvSziH3rvaRH7tFxTbGWpFXTsih91PqzJ895ZSO1m+vvPd/6gfPhfhd0syZ1Bf+U3vx08zXN5mfXycnd0X8SJ2yOm5PJFef7k9ukjXsxvxBhtd8nR9s6g746Pf3RZxomrM6Zs85XuFjF3l4rl0tHxV7Nt1lYmjb7IYlHnHPkr3Sti7i3fKxanZFGfkUW/Pp7FG+2LM2SxOiuL1XNmAQDzsp1/68+pVag8pB+vu29wlNue9beM6dX9jFt5peUiZvlmfmCt3DzliO7OOqK7vc2yMhfV7erU6qYD6fQj+uEzkCbV2Gy7fzncbi0f/dd/lPR1WVVPDD/p1J1sF175Yvd3uv5ib//9nd0nn/U/639er6823A9c91Fdi/kwRgtqDwDgFLOfsTMzwvmgmFUrn1X/Z1gYq3g/G11SUJ4VGOipHuR3G+RXHFR17Uivf/prNhMfuwzhwfFZa0XjFXVYFst/D4fDBzNmdUW/pbPEFo+XAQDgbXJ3vA5Prf+juFPq/4PyVMCEeffRWn78CcGTYmsTMv6K2xEBADgnG3/z39GMvfdpbW2t5qXr1sSR/7GJg2bbmiBMbeyve2Hbml4cpZEfXckanwRNm5hko9eL4tS0otj0oiTYzJ/8bkaPfk9s1wvTwE96Hesl1vhRmHp+appB4pvexq87QbJu4/zNSc/6QSvwvTSIQpNEG7FvV4xJrB0LDJo2TINWkDVD04uDrhdvmU+izkbXmqZN/DjopVHRYbmtIGxFcTfr9uq89zUAAN8VL/b2nz0ZDPrPv8XGvMcIAACOep0qzRVjAAAAAAAAAAAAAAAAAAAAAADMx2Xc/ze78befSPNPY1HSd2Fv0KDxxo2qLqjDWUeOg8s5QAH41vwvAAD//6zgX70=")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f0000000280)='./file0\x00', &(0x7f0000000440)='./file0/../file0/file0\x00', 0x0, 0x2809c11, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_emit_ethernet(0x4a, 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x2040, 0x0)
shmget(0x0, 0xa000, 0x2, &(0x7f0000ff3000/0xa000)=nil)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
syz_open_dev$usbfs(0x0, 0x76, 0x101301)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x40}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00'}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x4000)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
io_getevents(0x0, 0x0, 0x0, 0x0, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
unlinkat(0xffffffffffffff9c, &(0x7f0000000040)='./file0/file0\x00', 0x0)
syz_mount_image$udf(&(0x7f0000000f00), &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xa00010, &(0x7f0000000000)={[{@undelete}, {@nostrict}, {@partition={'partition', 0x3d, 0x7c}}, {@noadinicb}, {@uid}, {@umask={'umask', 0x3d, 0x7}}, {@noadinicb}, {@unhide}, {@unhide}]}, 0x1, 0xc43, &(0x7f00000001c0)="$eJzs3U9sHNd9B/DfGy3FldxWTOwqThoHm7ZIZcZy9S+mYhXuqqbZBpBlIhRzC8CVSKkLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBAhQIWMzsW3FJkbYskhIlfz429Z2deW/mvZn1jCzozQsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIOL3Xrl46nTaZsOhh9AYAOCBuDz21VNntnv+AwCPrSs7/f8/AAAAAAAAAAAAAABwUKQo4slIMXd5LU1Unzvql9p9t26PD49sX+1IqmoeqsqXP/XTZ86e+9ILQ+e7eak98wH199pn4rWxKxcbL8/enJufWliYmmyMz7SvzU5O3fMedlt/q8HqBDRuvn5r8vr1hcaZ589u2nx74P3+J44PXBh69uQz3bLjwyMjYxtF6r3la/fdkI6dRngcjiJORornvvfT1IqIInZ/LuoP9tpvdaTqxGDVifHhkaoj0+3WzGK5cbR7IoqIRk+lZvccbX8totb3QPuws2bEUtn8ssGDZffG5lrzravTU43R1vxie7E9OzOaOq0t+9OIIs6niOWIWO2/e3d9UUQtUnzn2Fq6mt/6UZ2HL1YDg3duR7GPfbwHZTsbfRHLxSNwzQ6w/iji1Ujxs3dOxLV8n6nuNV+IeLXMH0S8VeZLEan8YpyLeG+b7xGPploU8efl9b+wliar+0H3vnLpa42vzFyf7Snbva98xOfDXXeKh/R8OLIlH4wDfm+qRxGt6o6/lu7/NzsAAAAAAAAAAAAAAAAA7LUjUcSnI8Ur//ZH1bjiqMalH7sw9PsDv9w7ZvzpD9lPWfb5iFgq7m1M7uE8MHA0jab0kMcSf5zVo4g/zuP/vvWwGwMAAAAAAAAAAAAAAAAAAPCxVsRPIsWL755Iy9E7p3h75kbjSuvqdGdW2O7cv90509fX19cbqZPNnBM5l3Iu51zJuZozilw/ZzPnRM6lnMs5V3Ku5oxDuX7OZs6JnEs5l3Ou5FzNGbVcP2cz50TOpZzLOVdyruaMAzJ3LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA46SIIn4RKb79jbUUKSKaERPRyZX+h906AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDUn4r4fqRo/EHzzrpaRKTq344T5S/nonm4zE9Gc6jMl6J5MWerylrzWw+h/exOXyrix5Giv/72nQuer39f59Odr0G89c2NT5+pdfJQd+PA+/1PHD92YWjkc0/vtJy2a8DgpfbMrduN8eGRkbGe1bV89E/2rBvIxy32putExMIbb77emp6emr//hfIrsIvqj9BCqn1cemqhWojagWjGw+n7JvWHdYNiX5XP//cixW+/++/dB37n+V+PX+p8uvOEj5//ycbz/8WtO7rH539ta738/C+f6ds9/5/sWfdi/t1IXy2ivnhzru94RH3hjTdPtm+2bkzdmJo5d+rUl4eGvnz2VN/hiPr19vRUz9KenC4AAAAAAAAAAAAAAACABycV8buRovXjtdSIiNvVeK2BC0PPnnzmUByqxlttGrf92tiVi42XZ2/OzU8tLExNNsZn2tdmJ6fu9XD1arjX+PDIvnTmQx3Z5/Yfqb88O/fGfPvGHy5uu/1o/eLVhcX51rXtN8eRKCKavWsGqwaPD49UjZ5ut2aqqqPbDqb/6PpSEf8RKa6da6TP53V5/P/WEf6bxv8vbd3RHo7//9zRjfF/n+gpWh4zpSJ+Hil+6y+ejs9X7Twad52zXO5vIsXg+c/mcnG4LNdtQ+e9Ap2RgWXZ/4kU//CLzWW74yGf3Ch7+iOd3EdAef2PRYrv/9l349fzus3vf9j++h/duqN9ev/DUz3rjm56X8Guu06+/icjxUtPvh2/Ua35vw98/0f33RsnOoU33s+xT9f/V3vWDeTj/uZedR4AAAAAAAAAAOAR1peK+NtI8cORWnohr7uXv/83uXVH+/T3vz7Vs25yb+Yr+tCFXZ9UAAAAADgg+lIRP4kUNxbfvjOGevP4757xn7+zMf5zOG3ZWv05369U7w3Yyz//6zWQjzux+24DAAAAAAAAAAAAAAAAAADAgZJSES/k+dQnqvH8kzvOp74SKV75r+dyuXS8LNedB36g+rV+eXbm5MXp6dl6LLauTk81xuZa16bKuk9FirW//myuW1Tzq3fnm+/M8b4xF/t8pBj5u27Zzlzs3bnJn9ooe7os+4lI8Z9/v7lsnpo6zx1dlT1Tlv2rSPH1f9q+7PGNsmfLst+NFD/6eqNb9mhZtvt+1E9tlH3+2myxD1cFAAAAAAAAAAAAAAAAAACAj5u+VMSfRor/vrl8Zyx/nv+/r+dj5a1v9sz3v8Xtap7/gWr+/52W72f+/+q9Aks7HRUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB5PKYp4M1LMXV5LK/3l5476pfbMrdvjwyPbVzuSqpqHqvLlT/30mbPnvvTC0PlufnD9vfbpeG3sysXGy7M35+anFhamJhvjM+1rs5NT97yH3dbfarA6AY2br9+avH59oXHm+bObNt8eeL//ieMDF4aePflMt+z48MjIWE+ZWt99H/0uaYf1h6OIv4wUz33vp+mH/RFF7P5cfMh3Z78dqToxWHVifHik6sh0uzWzWG4c7Z6IIqLRU6nZPUcP4FrsSjNiqWx+2eDBsntjc6351tXpqcZoa36xvdienRlNndaW/WlEEedTxHJErPbfvbu+KOL1SPGdY2vpn/sjDnXPwxcvj3311Jmd21HsYx/vQdnORl/EcvEIXLMDrD+K+MdI8bN3TsS/9EfUovMTX4h4tcwfRLwVneudyi/GuYj3tvke8WiqRRH/W17/C2vpnf7yftC9r1z6WuMrM9dne8p27yuP/PPhQTrg96Z6FPGj6o6/lv7Vf9cAAAAAAAAAAAAAAAAAB0gRvxYpXnz3RKrGB98ZU9yeudG40ro63RnW1x371x0zvb6+vt5InWzmnMi5lHM550rO1ZxR5Po5m2XW19cn8uelnMs5V3Ku5oxDuX7OZs6JnEs5l3Ou5FzNGbVcP2cz50TOpZzLOVdyruaMAzJ2DwAAAAAAAAAAAAAAAAAAeLwU1T8pvv2NtbTe35lfeiI6uWI+0Mfe/wcAAP//dsP5HA==")
r3 = signalfd4(0xffffffffffffffff, &(0x7f0000000080), 0x8, 0x0)
readv(r3, &(0x7f0000000000)=[{&(0x7f0000000200)=""/215, 0x7ffff000}], 0x6)
openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81)
mount_setattr(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x8000, &(0x7f0000000200)={0x7}, 0x20)

3.389953511s ago: executing program 4 (id=244):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000a00)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f75b5f7866907dc6751dfb265a0e3ccae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fd52347125907000000000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc1b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8ad5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f72ab789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0842b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f04c7f0be31491eb8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcbf31c6e82893add48ee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c15fa12313ffbfa7c2730302b66a99f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca20508adb9d278c58630ca0aac4bc02e1460984e85d6aead2f1f3e2bbfadfd9a678195cc175ecd90f215d3167ad6faba1a844d8e1d4cf489f31cac3a93f9009998c873a7a33aef8a05d318cdddaec0bd074c6722b15a527556bd3d8687cbd4f7224d80f96724366b3c92a20c55e814b05afdc3a0f8c051711df5b3a6d1f257938a2ad4431cbe6f1cac71a78ebbd561cc28ca4b35990583d81a7fb2848872"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
openat(0xffffffffffffff9c, 0x0, 0x143042, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xe, &(0x7f0000000080)={[{@nodioread_nolock}, {@jqfmt_vfsold}, {@stripe}, {@noblock_validity}]}, 0x3, 0x451, &(0x7f0000000f80)="$eJzs3M2PU1UbAPDn3k6HlxdwRsQPPtRRNE78mGEAlYULNZq4wMREF7qczAwEKYxhxkQIUTAGV8aYuDcu/Rdc6cYYVyZudW9IiGEDuKq57b1MW9rCdFqq098vuXDOvedyztNzT3vuPS0BjKyp7I8kYntE/B4RE/Vsc4Gp+l/Xr55fuHH1/EIS1erbfyW1cteunl8oihbnbcsz02lE+lkSe9vUu3L23Mn5SmXpTJ6fXT31wezK2XPPnTg1f3zp+NLpg0eOHD409+ILB5/vS5xZm67t+Xh53+433vvqzaNfNMXfEkefTHU7+GS12ufqhmtHQzoZG2JDWJdSRGTdVa6N/4koxVrnTcTrnw61ccBAVavV6rbOhy9UgU0siea8IQ+jovigz+5/i611EvDy4KYfQ3fllfoNUBb39XyrHxmLNC9Tbrm/7aepiHj3wt/fZFsM5jkEAECTH7L5z7Pt5n9pPNBQ7p58bWgyIu6NiJ0RcV9E7IqI+yNqZR+MiIfWWX/rIsmt85/0ck+B3aFs/vdSvrbVPP8rZn8xWcpzO2rxl5NjJypLB/LXZDrKW7L8XJc6fnztty87HWuc/2VbVn8xF8zbcXlsS/M5i/Or8xuJudGVixF7xtrFn9xcCUgiYndE7OmxjhNPf7ev07Hbx99FH9aZqt9GPFXv/wvREn8h6b4+Ofu/qCwdmC2uilv98uultzrVv6H4+yDr//+3vf5vxj+ZNK7Xrqy/jkt/fN7xnqbX6388eaeWHs/3fTS/unpmLmI8OVpvdOP+g2vnFvmifBb/9P72439nrL0SeyMiu4gfjohHIuLRvO2PRcTjEbG/S/w/v/rE+73HP1hZ/Ivr6v+1xHi07mmfKJ386fumSidvif9G9/4/XEtN53vu5P3vTtrV29UMAAAA/z1pRGyPJJ25mU7TmZn69+V3RaSV5ZXVZ44tf3h6sf4bgckop8WTromG56Fz+W19PX8xIupfLSiOH8qfG39d2lrLzywsVxaHHTyMuG0dxn/mz9KwWwcMnN9rwegy/mF0Gf8wuox/GF1txv/WYbQDuPvaff5/MoR2AHdfy/i37AcjxP0/jK6O438z/88/QI3PfxhJK1vj9j+S75oo/qUeT9+0iSj/K5qx8UQ1adu5kQ67YRKDTAz3fQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBf/gkAAP//qmHgTw==")
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000600), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r1, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f0000000000)=ANY=[@ANYBLOB="74020000", @ANYRES16=r2, @ANYBLOB="010000000000000000000100000024000300a05ca84f6c9c8e3853e2fd7a70ae0fb20fa152600cb00845174f08076f8d78430800050001000000140002007767310000000000000000000000000024000300a0cb879a47f5bc644c0e693fa6d031c74a1553b6e901b9ff2f518c78042fb542fc010880"], 0x274}, 0x1, 0x0, 0x0, 0x4084}, 0x20000010)

2.691084041s ago: executing program 3 (id=248):
openat$uinput(0xffffffffffffff9c, 0x0, 0x802, 0x0)
ioctl$UI_SET_EVBIT(0xffffffffffffffff, 0x40045564, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0xffffffffffffffca, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8, 0x0, r0}, 0x1c)
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000080)={0x1f, 0xffffffffffffffff, 0x1}, 0x6)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x0, &(0x7f0000000380)})
statx(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000400)='global_dirty_state\x00', r3}, 0x10)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r4, &(0x7f0000000180), 0x40001)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00'}, 0x10)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, 0x0)

1.903332758s ago: executing program 4 (id=249):
r0 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
poll(&(0x7f0000000140)=[{r0}], 0x1, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000200)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x16, 0x400009, 0x86, 0x2, 0x490, 0x1, 0x2, '\x00', 0x0, r0, 0x5, 0x3, 0x3}, 0x48)
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x10, &(0x7f0000000140)={[{@norecovery}]}, 0xee, 0x469, &(0x7f0000000ac0)="$eJzs3E1sVEUcAPD/e/3i01bEDxC0ikbiR0vLhxy8aDTxoImJHjCealsIUqihNRFCFD3g0ZB4Nx5NvJt40otRD8bEq94NCTFcQE9rZve9sl12S8tuWXB/v+RtZ96bZua/86Y7O7PbAHrWaHrIIrZExB8RMVzLLi8wWvtx7cq56X+unJvOolJ58++sWu7qlXPTZdHy9zbXMpVKxFBKDjWp98I7EVNzc7Oni/z44sn3xxfOnH3u+MmpY7PHZk9NHj58YP/uwUOTB9uKLy9+priu7vxofteOV9+++Pr0kYvv/vxNau+W4np9HLckRdtgtPbsNno0PTzZVmV3lF/Tw9a6E1l/68Jjt6FBrF5fRKTuGqiO/+Hoi41L14bjlU+72jhgXVUqlUqz1+fC+QrwP5ZFt1sAdEf5Qp/e/5bHbZp63BEuv1h7A5TivlYctSv9S2sHAw3vbztpNCKOnP/3y3REJ9YhAABu4vs0/3m22fwvjwfqyt1T7KGMRMS9EbEtIu6LiO0RcX9EteyDEfHQGutv3CG5cf6TX7qlwFYpzf9eKPa2ls//ytlfjPQVua3V+Aeyo8fnZvcVz8neGBhK+YkV6vjh5d8/L9MbGq7Vz//Skeov54JFOy71NyzQzUwtTrUbd+nyJxE7+5vFn0W5jZNFxI6I2HmLdRx/+utdra7dPP4VrLDPtFqVryKeqvX/+VgW//WuylruT048f2jy4PiGmJvdN17eFTf65bcLb7Sqv634OyD1/6am9//SLvBItiFi4czZE9X92oW113Hhz8/qxvSy3eUUf/5txJrv/8HsrWp6sDj34dTi4umJiMHstRvPT17/3TJflk/x793TfPxvq2vxwxGRbuLdEfFIsYmb+u6xiHg8IvasEP9PLz3xXqtrrft/hVX5Dkrxz9ys/6O+/9ee6Dvx43drj7+U+v9ANbW3OLOav3+rbWA7zx0AAADcLfLqZ+CzfGwpnedjY7XP8G+PTfnc/MLiM0fnPzg1U/us/EgM5OVK13DdeuhEsTZc5icb8vuLdeMv+jZW82PT83Mz3Q4eetzmFuM/+auv260D1l0H9tGAu5TxD73L+IfeZfxD7zL+oXc1G/8fd6EdwO3n9R96l/EPvcv4h95l/ENPavnd+Lytr/x3OVH+74Q7pT1dSmxczyoi736APZHoX+/beKjppS7/YQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiQ/wIAAP//YKPiyQ==")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mkdir(&(0x7f0000000140)='./control\x00', 0x0)
r2 = open(&(0x7f0000022ff6)='./file0\x00', 0x800, 0x8)
r3 = open(&(0x7f00000005c0)='./bus\x00', 0x145842, 0x0)
r4 = open(&(0x7f0000000000)='./bus\x00', 0x14113e, 0x0)
write$binfmt_script(r4, &(0x7f00000009c0)={'#! ', './file1/file1'}, 0x11)
r5 = open(&(0x7f00000005c0)='./bus\x00', 0x0, 0x0)
preadv2(r5, &(0x7f0000000040)=[{&(0x7f0000001200)=""/4096, 0x1000}], 0x1, 0x0, 0x0, 0x9)
getdents64(r2, &(0x7f0000000600)=""/35, 0x23)
lseek(r2, 0x8, 0x1)
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x800000, &(0x7f0000001080)={[{@dax_always}, {@auto_da_alloc}, {@acl}, {@auto_da_alloc}, {@journal_checksum}, {@resgid={'resgid', 0x3d, 0xee01}}, {@i_version}, {@debug}, {@sysvgroups}, {@test_dummy_encryption}]}, 0x1, 0x769, &(0x7f0000000340)="$eJzs3M9rHOUbAPBnptmmP/L9bgQP6kGEFloonSTNpT0ZL+KlUCh4rSGZhJBJtmQ3tYmFtp6F2lwUBNGzHr0Kpf4BXkQKCt4F0RoP4iUym03aptm4bTfZkn4+MNn3nXnffd5nZ/JmBvJuAC+sN8ofScRARFyIiGprfxoRB5ulQxE31tut3r82UW5JrK1d/D0pu8XqWnXzvZLW69FodolXIuJuJeLUh4/HrS8tz44XRb7Qqg815i4P1ZeWT8/MjU/n0/n8yOi54bOjo2eHR7uW6/F3zx2+/f3bKys/ftO49Xrf6STGmnlHK7euBXrI+mdSibEt++d3I1gPJR206duDcQAAsLPyPv9A696sEtU44C4NAAAA9p21/jUAAABg30ui1yMAAAAAdtfG/wFsrO3drXWw7fz2VkQMbhe/r7mGOOJQVCLiyGryyMqEZL0bPJMbNyPiztg211/Suv6e3vCWeidrpNlbd8r5Z2y7+SfdnH9im/mnb+O7E55R+/nvQfwDbea/Cx3G+PbzVytt49+MeK1vu/jJZvykTfz3Oox/a+Wj2+2OrX0ZcWLbvz/JI7F2+H6IoamZYsdfrbv/nLy3U/5HHoufJM2oyc75X+4w/w9W/5xtN5eU8U8e2/n8r8fvf6RfeU183BpHGhG3W69lfWVLjGNzP333eOTkxkb8yTaf//bn/53N/L/oMP9fvu6/2mFTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaEojYiCSNNssp2mWRRyNiJfjSFrU6o1TU7XF+cnyWMRgVNKpmSIfjojqej0p6yPN8oP6mS310Yh46efD60FnijybqBWTvU4eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACATUcjYiCSNIuINCL+qqZplvV6VAAAAEDXDfZ6AAAAAMCu8/wPAAAA+9/TPv8nXR4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsK9dOH++3NZW71+bKOuTV5YWZ2tXTk/m9dlsbnEim6gtXM6ma7XpIs8manP/9X5pRIyci8WrQ4283hiqLy1fmqstzjcuzcyNT+eX8sqeZAUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCTGmhuSZpFRNosp2mWRfwvIgajkkzNFPlwRPw/Iu5VK/1lfaTXgwYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDr6kvLs+NFkS8oPJeFr2LHNpFEPC9DfcELEU/S63p09cT90P28ej0zAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQC/Wl5dnxosgX6r0eCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL2V/ppERLmdqB4f2Hr0YPJ3tfkaEe9/dvGTq+ONxsJIuf+Pzf2NT1v7zzzU8fpe5gAAAAD73ptP0njjOX3jOR4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBT9aXl2fGiyBeesVCJiHZt4mavswQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ7GvwEAAP//lhHByQ==")
chdir(&(0x7f0000000080)='./file0\x00')
r6 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0/file0\x00', 0x2802, 0x26)
ioctl$FS_IOC_ENABLE_VERITY(r6, 0x40806685, &(0x7f00000002c0)={0x1, 0x2, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0})
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r7, 0x0)
ioctl$FS_IOC_READ_VERITY_METADATA(r6, 0xc0046686, 0x0)
getsockopt$MRT6(r3, 0x29, 0xcf, &(0x7f0000000180), &(0x7f0000000240)=0x4)

1.76942555s ago: executing program 1 (id=250):
sched_setaffinity(0x0, 0x5a, &(0x7f0000000100)=0x400000bce)
r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000040), 0xfea7)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r1, 0x0)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f00000000c0))

1.726438523s ago: executing program 2 (id=251):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file1\x00', 0xc8d0, &(0x7f0000000040)=ANY=[], 0x5, 0x2e3, &(0x7f0000000280)="$eJzs3M9LG2kYwPEnMYkxoslh2WUXFh92L7uXQbP3paEolAYq1pT+gNJRJ23INJFMsKSU2p56Lf0jehCP3oTWf8BLbz310puXQg/1UDol8yNGjdXGH/HH9wPyvvq8T+Z9Z1Sed2Bm4+bLh+WiYxTNukSTKhERkU2RjEQlFAnaqNdPSLtn8u/g5/d/Xr91+2ounx+fUp3ITf+XVdXhkTePngwEw1b7ZT1zd+NT9uP6r+u/b3ybflBytORopVpXU2eqH+rmjG3pXMkpG6qTtmU6lpYqjlXz41U/XrSr8/MNNStzQ6n5muU4alYaWrYaWq9qvdZQ875ZqqhhGDqUEuynsDQ1Zea6TJ494sngmNRqObNPRAZ2RQpLPZkQAADoqaD+b1X70WZJ3039H+tY/y//tVYfvLEyHNT/q4lm/S/SVv/f2/qsbfV/UkSOvf7fXRGdL6774/ih6n+cEc36PxX8/Xqe31ke9TrU/wAAAAAAAAAAAAAAAAAAAAAAnAWbrpt2XTcdtuFXv4gkvSdI/O97PU8cD67/xbb14o7YsIj9YqGwUPDbYMCaiNhiyaik5av3+xBo9hOi3iBtyshbezHIX1wo9HmRXFFKXv6YpCWzM991J67kx8fUtz0/Lqn2/Kyk5ZfO+dmd+fFmm5B//m7LNyQt72alKrbMBU/GhflPx1QvX8vvOP6ANw4AAAAAgPPA0JbW/r2/PW7sjvv7Yz/e2l93vD/g769HO+7vY/JHrFerBgAAAADgYnEaj8umbVu1c9cJV3jQrPC9xnuMiUhkr9ARdMKDn4JTFz/QGYt2NdWRxE9elI6d8LbRXmNksptPdtMihz2Hv716/eXorsX/K8l9VtptJ7HfSuMn9x8IAAAAwEnZKvrDn1zq7YQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALiATuLFcr1eIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHBafA8AAP//ohEIjg==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='blkio.bfq.io_serviced_recursive\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)

1.64698429s ago: executing program 1 (id=252):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'batadv_slave_0\x00', <r1=>0x0})
sendmsg$BATADV_CMD_GET_DAT_CACHE(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x2c, 0x0, 0x100, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r1}, @BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x9}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20008011}, 0xc000010)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETSF(r2, 0x5404, &(0x7f0000000280)={0x81, 0x0, 0x0, 0x7, 0x15, "cd2c683c06000081a0f200b7fc380eb6f86d22"})
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x4, &(0x7f0000001300)=ANY=[@ANYBLOB="180800000000000000000000000000007919a800000000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x80)
ioctl$TIOCL_PASTESEL(r2, 0x541c, &(0x7f0000000040))
sendmsg$MPTCP_PM_CMD_SUBFLOW_CREATE(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=ANY=[@ANYBLOB="2c000000bd997454afdfdc8053d0b18f6b82364c7a87389da4095927acd21fe320a70dc09c0b8a18f1ad36f31221b0a8aeef79e09c9a2252856eef55b89ba8c69ed07ea2e8f24561070000000000000052bc3bff7069020b26afba76c14261e0c60593f583b5947a209f4f2f1e9982cf430d26fdcfb6d1292d924b4c7429406342fda7792bc09620e4737d7c938b6663e0b3c24c3752746f5e63fc3cb222db9c449651d237199e4016e48c3088175030fb86eefffc3b282c4d7dcf615aa3a2279f39a5376ec525d281c6a7ab28a4134e05f157a9d58c194073a9dc4fd9955b8b007512f012ad004fb86914edbfa38ec07064c61ea13cf5930a474c9707fd77a45c7a2e039cac066a05404fd8a82c047d719b9e714e4639a1072f25d1eaae8b0aa98b7d55f0460280be4e1db58d941a6ebae9d3ec0bc695945d725f1d5cd410310df401f448f0263bcc0ebfebe9171c29f5225b68c6128c9555d1aeb515315fbb9bcf248aad829430b83aa53a60dd2f5f52fa8ceaff055e47f7ba76f1ec67ff430ec6c4063cd8ffb638fab06ddd573531ed26ae2bc2772cbd82f58880374dd6a8eea8d0e49d412df9d8f9d8d07b7cf9aaf919d592229cfab81acc863308e69feaa909fe19e1f4ca39a65386ae06b8160d85075fdfd6ecee06dfb4f7a49ee20d8f2cca59b68beefabfa63a445fbaa84342d450d26763891823f499bce940319cd2d794fca8c918b84f580c3a937903f0efde56686caedddec00fe44ab75622e7978b6ec82e7c2930366d225f5ef2f8602cc0cf9a68ee19f584103129e1741efb646e2c16d94fcad5a6feb07af65cb05a900948560c7f2c6167137edb91fdc68f45aeed3402e14df17974", @ANYRES16=0x0, @ANYBLOB="000000000000000000000a000000080002000200000008000300000000000800040001000000"], 0x2c}}, 0x0)
io_submit(0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0xc, 0x4, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x2}, 0x90)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
r4 = socket$igmp6(0xa, 0x3, 0x2)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000180)=[{{&(0x7f00000000c0)={0xa, 0x0, 0x0, @local}, 0x1c, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYRES32=r4, @ANYBLOB="63bc084aabf366ecb4c4b2802533d4e4d392040ef9b2b6e5be86d42da0068c52c6c05710eed9abd958347f0fd735c5f95045b0a9cfd917c0466c94a5c3bae1493db529129487ed6f4f0694", @ANYRES64=r3, @ANYRES16=r4], 0x30}}], 0x1, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
lseek(r5, 0x80000001, 0x0)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r6, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r7, &(0x7f0000000240)={0x1f, 0x0, @any, 0xfffa}, 0xe)
setsockopt$bt_l2cap_L2CAP_LM(r7, 0x6, 0x3, &(0x7f0000000080), 0x4)
connect$bt_l2cap(r7, &(0x7f0000000100)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
write$binfmt_misc(r6, &(0x7f0000000200)=ANY=[@ANYBLOB='&\x00\x00\x00\a'], 0xd)
r8 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r8, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)

1.370405323s ago: executing program 2 (id=253):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r1, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000540)={0x0, 0x0, 0x0, &(0x7f00000002c0)=""/138, 0x0})
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f0000000140)={0x1, r1})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000940))
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x20000)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0x3, 0x0, 0x0}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)

989.378006ms ago: executing program 2 (id=254):
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket(0x0, 0x0, 0x0)
socket$inet(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000001540)=ANY=[@ANYBLOB="b702000008000000bfa300000000000007030000ffffffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000001404000001007d60b7030000000000006a0a00fe40000900850000001f000000b70000000000000095000000000000006623848adf1dc9a764ab51a064caff0c9b27a26293fddf0180000071ff31f1622271d5518193e09483c5a020c334f8c76334d8ce8303b81ddaa52e8756ad60a07d6f27c125e16d024098f755d8583da60f27c162dbba0700002ac9170f50f2568836077b7f711a18ebf608d87b885297b6b6981978d51514b00dcc4a2748b376358c33c9753beab62bdf27dc04e4cb4bc598affd989b1ca58949a54d5827df14feecea46408a05d572077f1252fbb72c3d099c501bc4ded6fca17a3447222c95edb47b770009524edd5fa5c53e9c37251709f1ff7f0000f07bf7f53ce129a9ecd3b4dd15100f2b450f98526a0d8cac7c97fc2f64015306a1bd88345710fb6379b4c53cf55eefb4c0974486a8d25a363adbd83b49e13fbd1757b27020bd9b8cff3f48c9411670c34f23ab8caf7851b290feb3045a1b622f20c4383a0280f040de7667f8b1d0842835e81c35af41e5b5b924275cb1749289b44e9728e7a73f148ac8206afe120c1437490d9900000011000003971b32fdffffffffffffffaf580278e1342aabd1b623f6c4f128858e4eb6b42f2173184c2b99b645f6ec0e14e5d7c95a0008000000f30f6c0000000000ff0000b8f5001a1d2a34dc0973ec302bc23211d3e3b6e6dad65a51e5497a3419cecec38126247b27113ad4c7915c8f82c333a7b350802f0311807010d1ed50c18411aa6900daccc02f4ba4b078f07e41f781eee222c7d071d5a94d82ca9a0846c1af59cee16639b4970f8f0a82c6a712fd5722d677d406160ffaffffffb4e0bde6749aa52c408b74251914c5d3255fd88a42e7ebb69ebcd8eee623e51dbb1f1b548c91a6825c0686fdc16be1cbb72c217fda18bd746253ca66093daf35923300b600000000ac376e0a4649a8a84e1d293a6b109c5e59b366bca5cc3d936c53d4a48c05099e6fc37e5aa23bff8cce0600000000000300a568a8532623d12b40b50ac26f2e8255470a04bfbe7acb581b90991d965a01d1f84cb6b973558e1e3f8118c77ccf0b3c6eb6443870004da10c75723b65f83769ad1f0e4ef6b9ef1cec23264fd8fdac6264af1cb467020bdc12b797b6c156c439105829d2ae1c45f7cfa40df68f536a03353a55a8a8e176e5d48887d31c8e0f77f2c1e68ec7c01bd5a2028a8fc107007f5f4c67600a6ade3deb1f200abe1f753754678dae8b4e3ba3d086d4b95dfc5817e3dafae2d38b522f942cc750399d9029f071fdb1e05882f8a4b8fbd219ccac3a895828b4f22b6527ce31ceb02b7b2b4492510134552f0b076b168394f8417f25cc82ae04007193cbe69de8bf35e4bebd15412426b2020ab1f05fc44ae9ae094c1b81d3ef947692b44d2afb09c7498dedf0f87c38bbcab7357836f03e8a7c392e535694a3ead2de11e6b1781e2a017ac341fda2e563ee95085742f5fee9f95f4741b226e428d20b00bc140000e4b2f5efd0a0b1ceba000830ba8634b5aa26bdbe91614e92fae3c7349531df9bf4c01ebf5d8eb7d53e5f30647661623fbdb3f6c3652c423ce6ecc1be5d4e8133fc32f68ea86a2df1e7df98a0ae216c405d0ae9eed114ff2d6fe27dfdff1cf9194849c4cc0da9533e5983863e526a7dc0d8728f3b573ca4427bdb44df9341e9b8420e896598a156c935c800436a312e7ae3c011e46851ac599f0427729ab9c55ae0ab4c0000000000000000000000000000c87bcc2ac5aed9467b51d92e0993"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x90)
r1 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000000840), 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r1, 0xc010640c, &(0x7f0000000880)={0x6})
r2 = getpid()
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
syz_emit_ethernet(0x2e, 0x0, 0x0)
syz_open_dev$vcsu(&(0x7f00000002c0), 0x4, 0x100)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950"], 0x15)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$fou(0x0, 0xffffffffffffffff)
sendmsg$FOU_CMD_ADD(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)={0x1c, r5, 0x1, 0x0, 0x0, {}, [@FOU_ATTR_TYPE={0x5, 0x4, 0x1}]}, 0x1c}}, 0x0)
open_tree(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x1000)
syz_genetlink_get_family_id$fou(&(0x7f0000000a00), 0xffffffffffffffff)
sendmsg$FOU_CMD_GET(0xffffffffffffffff, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)={&(0x7f00000007c0)={0x14, 0x0, 0xb05}, 0x14}}, 0x0)
write$FUSE_DIRENTPLUS(0xffffffffffffffff, 0x0, 0xb0)
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x36}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{0x0}], 0x1, 0x0)
ioctl$FBIOBLANK(r0, 0x4611, 0x2)

863.005647ms ago: executing program 3 (id=255):
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(0xffffffffffffffff, 0xc08c5335, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x5, 0x100004, 0x220104, 0xb, 0x1}, 0x48)
bpf$MAP_LOOKUP_ELEM(0x15, &(0x7f00000000c0)={r1, 0x0, 0x0}, 0x20)

586.77391ms ago: executing program 2 (id=256):
r0 = userfaultfd(0x1)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000480))
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f00000001c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r1, 0x0)
r2 = fcntl$dupfd(r0, 0x0, r0)
ioctl$UFFDIO_CONTINUE(r2, 0xc020aa08, &(0x7f00000000c0)={{&(0x7f000020b000/0x3000)=nil, 0x3000}})

381.545548ms ago: executing program 1 (id=257):
ioctl$BTRFS_IOC_START_SYNC(0xffffffffffffffff, 0x80089418, &(0x7f0000000240))
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
getpid()
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$usbfs(0x0, 0x76, 0x101301)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r0, 0x8108551b, 0x0)
ftruncate(0xffffffffffffffff, 0x1f00)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000180)='./file0\x00', 0x18000, &(0x7f0000000540)=ANY=[], 0x14, 0x2fd, &(0x7f0000000e40)="$eJzs3MtrE18UwPGTR9MkpU0XP36iIL3oRjdDG11Lg7QgBiy1ER8gTNuJhoxJyYRKRGwFwa34R7goXXZX0P4D3bjTjRt33Qgu7EIcyWQmafNobZpHtd8PlDnMuWdyb6Yp54YmO3ffPMmmLS2tF8UfVuITEdkVGRW/eHzu0e/EIdlrVS4Pff90/va9+zcTyeTUrFLTibkrcaXUyNj7p88j7rDNQdkefbjzLf51+//tszu/5h5nLJWxVC5fVLqaz38p6vOmoRYzVlZTasY0dMtQmZxlFCr5fCWfNvNLSyWl5xaHo0sFw7KUniuprFFSxbwqFkoq8EjP5JSmaWo4KjhMam12Vk+0WbzQ4cmgSwqFhB4QkUhDJrXWlwkBAIC+qu///aI62f+vX9gqDt3ZGHH7/81Qs/7/6ufKtfb1/2ERadr/e4/ftP/Xj9b/N3ZEp8ux+n+cDGOhhlO+WlhOFhJ61H39Ol4+WB93Avp/AAAAAAAAAAAAAAAAAAAAAAD+Bru2HbNtO+Yeg+7p2KCIhEXEdvMNhXbFSs9njE6qu//Vn+r9l9V+TxFdVPvgXnBExHy9nFpOVY7ugC0RMcWQcYnJz+rL3rbtcux98kiVjcoHc8WtX1lOBZxMIi0Zp35CYgNSX2/b0zeSUxOqYn/9gET31sclJv81r483rQ/JpYt76jWJyccFyYspi848avUvJpS6fitZVx9xxgEAAAAA8C/QVFXT/bumtcpX6qv76/r3BwK1/fV40/15UM4F+7t2AAAAAABOC6v0LKubplE4IIjI4WPaD4JdurK3wj+t8v6XoXsrPSDwHnxfKuye7PjT4jvC09Ii8Es7VWPl1ajjrsJ726jVGJmZ7P0ddIIzb9/96NwFr22ED1lp+0Hg4F+AgZ79AQIAAADQM7Wm3zsz2d8JAQAAAAAAAAAAAAAAAAAAAAAAAAAAAABwCrX+hrBX9V9H13bQ7zUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ8XvAAAA///zVACC")
socket$key(0xf, 0x3, 0x2)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB="9feb010018"], &(0x7f0000000000)=""/140, 0x42, 0x8c, 0x1}, 0x20)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCSIFBR(r1, 0x890c, &(0x7f0000000000)=@generic={0x0, 0x2000000000002})

351.79208ms ago: executing program 2 (id=258):
mount$fuse(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000002100), 0x0, 0x0)
getuid()
sched_setaffinity(0x0, 0x0, 0x0)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000400)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$unix(r1, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000000300)="c1", 0x1}], 0x1}, 0x0)
setsockopt$sock_int(r2, 0x1, 0x200000010, &(0x7f0000000000)=0xfffffffc, 0x4)
sendto$unix(r1, &(0x7f0000000080)='\x00', 0x1, 0xd1, 0x0, 0x0)
recvfrom$unix(r2, 0x0, 0x0, 0x10102, 0x0, 0x0)

283.550836ms ago: executing program 1 (id=259):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x3, 0x4, &(0x7f0000001240)=ANY=[@ANYBLOB="85000000610000003500000000000020850000000500000095000000000000000001000000000000200ffa95b2c8c037c5a142c9a8d76287066c51adde96fcc309926fa3b4b87b3e0cc7444a2391511c97fabd5f9810e81ae0b737136ea6f7be39cd34d5ae35de38dde54704d25c79949c00a7c09cc28d7673294f42a5f0a8761b30d64b741a226de7bad76402320e13822c45c0f8612c10b1f3c075ff1ebb755a2dd5760903000000000000006c6386d7ec7209d031f40f3012e9576e51a7f578602f5807785b92e544fc46c744aeeee4418d6af3e4195cc03710212436a4ff3274cac948d85cec074c6949e1298901ebb39522f6649dd76d067a82f5fe47fe5f17f99ab1e394ab800f4104dbffff0000000000005c6d1d224b64be6c4d7f47ef21eb7e46f9aa4a9779f8555eaea768c1f2c221c410ef4b253d110ee282ab94de93d928cf95846be6277c04b4c5324812696aa89e393c941d9541c86238d0703394a90231ccca9c3499c9a4cd3cd8a4f8070000000b0800000000000000087b5efabf84960ba0e3c4c00322de328c10752a42dca52fb98c1452b6518a6ef7297f7b2744419a2f238f173d0cd46daf2fcb5500f53e7309ec91d83cf4fbf975d9c07d8d3c76e65760ff000000b78863e629b3b200000000000000000000000000008b0000000a449c810d3174c87ee545867a3126af7a8b20744ea9875b9cba735b9594aa904e5a4bb2c3dfa8ea63e3e7000860000000004a2147c1128c697d9966b3c9f0e9e203911a3fac929a4fc6e625247510bc24e20ad88d4fe6a3ae2f7967546c4aae83352106057ab9cd4b3442a5d10451b95e22f30a85f5681ca3000000000000000000000396e7b6e1aa007018f6d93e79fce95d405b809238cca421c82c96f10dfa978bee51f581d124216e8bd9b1855f77138e438bdc037865f07f98c068be4c6155ec27365410866059475714844a3ea4cbe37e0000000000ef6dc4dd63bb928ff58b3bd2a600089d172a884dcdb8b9f9050297815a371deec596838e38068b5e438cbcd585a8cf37c496a8d2dab79d4242a353917ebdf2dc7926d80260898d4e1ca5e3a833f8f65429845bc3c3092af2bc4ee7263d3cbd9cab24eafd961a2d0c7bbfca952475c7e6158bfbb32f187d18f977117101076bad4167d5559ac12ff1473fa0ac0c0e71925a25933bfe309a040034b0cc8f69074670efc8101b89477d23823605dfa8e5945c31a0225b50d18a010ecf3c349cbac4d5191c3d78726b9ab4bff5e05027ca5b338a62e955e514da8ca2846919b7b56c192bb43f7032e485cc664921b7f9133bdbc2ba3cd845997b0dd103c784a53ad0243624566e0dacfe4029ffbe59e7e7751b3a9e619107bde39bfa81791ff0e4577055528aef46891c3c49afda8137d03cf6893db7b0f1fe95f8a096159869db71853b6bb5c08ce5fc61353f1e659d7ac53f54a7e2c94cba21994930a423ac7f84ed873a76b0dda0a4b4c5f87eef3164a0c03bc2a7f08290ddf300b298de3fd9167fb8b9c2f26e27f97cf5e90586ea50b85eb5b420eebe171893782b8326148ef5f5408e4dbfdb2fbfec699e4a241291c2f43e9edbf44c0ffb8ee32a18b6e8f0b61836146e2eab9a767800c2c91190c96cf88466adf775b4cf517dc5e39be99c4ab471f381c3915203cd2f27466c8943a80ba03150699c787696de272affa4e4940e59d8b7c69f804d6d3fa7543176a4df033532e5053d72521d097dda0c7a70bd1278c61513c1b87b01d9a9ec4d5ef793096dab53d3224f245fd5d87984d58dc09d11ba0094ba8c39942be41f362e29bba1cdcf8068a4d8d67d2d6d79aa2d089bc4d475097d7523860ec41dab4fa4b0cfe674c163ad419753bd73882336d42036a179bb33162b31f2a58436ea88fba598fad987a60b1847cc63a77c2bb30477ecbeaaa590cde56be4102d0365987eed64bdf01bbd9aaeb77dde491845e612557f"], &(0x7f0000000140)='GPL\x00', 0x0, 0xe0, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffc1a}, 0x15)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x0, 0x0, 0x0, 0x0, 0x428, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2f00}, 0x50)

89.316843ms ago: executing program 1 (id=260):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000047b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000007b"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x5, 0x4, 0x8, 0xa}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000220000001801000020207025000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0x8, 0xb}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0xffffffdd, 0xa}, [@ldst={0x3, 0x0, 0x3, 0x1c10a1, 0x0, 0xa4}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xb5}, 0x48)

68.925974ms ago: executing program 4 (id=261):
r0 = socket$inet6(0xa, 0x3, 0x88)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x12, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = syz_open_dev$sndctrl(&(0x7f0000000080), 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
socket$packet(0x11, 0x2, 0x300)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r2, 0xc1105517, &(0x7f00000012c0)={{0x6, 0x3, 0x0, 0x0, 'syz0\x00', 0x1}, 0x4, 0x0, 0x1, 0xffffffffffffffff, 0x0, 0x0, 'syz0\x00', 0x0})
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r3 = epoll_create1(0x80000)
close(r3)
r4 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x10)
fcntl$setsig(r4, 0xa, 0x2f)
fcntl$setlease(r4, 0x400, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
truncate(&(0x7f0000000040)='./file0\x00', 0x0)
getpid()
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in6=@empty, 0x4e20, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1}, {}, {}, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2}, {{@in6=@mcast1, 0x0, 0x32}, 0x0, @in=@multicast1, 0x0, 0x2, 0x0, 0x4, 0x1}}, 0xe8)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)

45.343387ms ago: executing program 0 (id=262):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)={0x90, r1, 0x5, 0x70bd2b, 0x25dfdbff, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x4c, 0xe, {{{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @val={0x25, 0x3, {0x0, 0xac, 0x9}}, @val={0x2a, 0x1, {0x0, 0x1}}, @void, @val={0x2d, 0x1a, {0x1000, 0x1, 0x1, 0x0, {0x0, 0x7, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1}, 0x6, 0x7, 0x7}}, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_TX_RATES={0x10, 0x5a, 0x0, 0x1, [@NL80211_BAND_6GHZ={0xc, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HT={0x5, 0x2, [{0x7, 0x2}]}]}]}]}, 0x90}}, 0x0)

0s ago: executing program 1 (id=263):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file1\x00', 0xc8d0, &(0x7f0000000040)=ANY=[], 0x5, 0x2e3, &(0x7f0000000280)="$eJzs3M9LG2kYwPEnMYkxoslh2WUXFh92L7uXQbP3paEolAYq1pT+gNJRJ23INJFMsKSU2p56Lf0jehCP3oTWf8BLbz310puXQg/1UDol8yNGjdXGH/HH9wPyvvq8T+Z9Z1Sed2Bm4+bLh+WiYxTNukSTKhERkU2RjEQlFAnaqNdPSLtn8u/g5/d/Xr91+2ounx+fUp3ITf+XVdXhkTePngwEw1b7ZT1zd+NT9uP6r+u/b3ybflBytORopVpXU2eqH+rmjG3pXMkpG6qTtmU6lpYqjlXz41U/XrSr8/MNNStzQ6n5muU4alYaWrYaWq9qvdZQ875ZqqhhGDqUEuynsDQ1Zea6TJ494sngmNRqObNPRAZ2RQpLPZkQAADoqaD+b1X70WZJ3039H+tY/y//tVYfvLEyHNT/q4lm/S/SVv/f2/qsbfV/UkSOvf7fXRGdL6774/ih6n+cEc36PxX8/Xqe31ke9TrU/wAAAAAAAAAAAAAAAAAAAAAAnAWbrpt2XTcdtuFXv4gkvSdI/O97PU8cD67/xbb14o7YsIj9YqGwUPDbYMCaiNhiyaik5av3+xBo9hOi3iBtyshbezHIX1wo9HmRXFFKXv6YpCWzM991J67kx8fUtz0/Lqn2/Kyk5ZfO+dmd+fFmm5B//m7LNyQt72alKrbMBU/GhflPx1QvX8vvOP6ANw4AAAAAgPPA0JbW/r2/PW7sjvv7Yz/e2l93vD/g769HO+7vY/JHrFerBgAAAADgYnEaj8umbVu1c9cJV3jQrPC9xnuMiUhkr9ARdMKDn4JTFz/QGYt2NdWRxE9elI6d8LbRXmNksptPdtMihz2Hv716/eXorsX/K8l9VtptJ7HfSuMn9x8IAAAAwEnZKvrDn1zq7YQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALiATuLFcr1eIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHBafA8AAP//ohEIjg==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='blkio.bfq.io_serviced_recursive\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)

kernel console output (not intermixed with test programs):

nterface activated: batadv_slave_1
[   45.555628][ T3582] device veth1_macvtap entered promiscuous mode
[   45.571864][ T1246] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   45.579671][ T1246] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   45.588490][ T1246] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   45.599851][ T3569] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   45.609050][ T3569] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   45.617945][ T3569] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   45.626665][ T3569] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   45.655312][ T3582] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   45.666441][ T3582] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   45.677129][ T3582] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   45.687844][ T3582] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   45.697921][ T3582] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   45.708622][ T3582] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   45.720655][ T3582] batman_adv: batadv0: Interface activated: batadv_slave_0
[   45.732471][ T3571] device veth1_vlan entered promiscuous mode
[   45.752970][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   45.771288][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   45.783212][ T3582] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   45.795724][ T3582] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   45.805828][ T3582] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   45.816922][ T3582] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   45.827018][ T3582] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   45.839433][ T3582] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   45.851636][ T3582] batman_adv: batadv0: Interface activated: batadv_slave_1
[   45.890593][ T1246] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   45.899113][ T1246] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   45.916885][ T1246] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   45.931981][ T1246] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   45.951044][ T3582] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   45.960156][ T3582] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   45.975084][ T3582] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   45.984400][ T3582] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   46.024205][ T1241] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   46.043667][ T1241] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   46.059226][ T1246] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   46.068654][ T1246] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   46.080006][ T3616] Bluetooth: hci4: command 0x040f tx timeout
[   46.086498][ T3616] Bluetooth: hci1: command 0x040f tx timeout
[   46.091832][ T3571] device veth0_macvtap entered promiscuous mode
[   46.092997][ T3616] Bluetooth: hci0: command 0x040f tx timeout
[   46.104957][ T3616] Bluetooth: hci2: command 0x040f tx timeout
[   46.123629][ T1241] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   46.131940][ T1241] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   46.139816][ T1241] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   46.152301][ T3619] Bluetooth: hci3: command 0x040f tx timeout
[   46.804107][ T3571] device veth1_macvtap entered promiscuous mode
[   46.831553][ T3571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   46.845633][ T3571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.860175][ T3571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   46.874839][ T3571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.885001][ T3571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   46.895824][ T3571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.911367][ T3571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   46.922109][ T3571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   46.933446][ T3571] batman_adv: batadv0: Interface activated: batadv_slave_0
[   47.046346][ T3571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   47.058333][ T3571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.088793][ T3571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   47.100274][ T3571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.112231][ T3571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   47.391369][   T26] audit: type=1326 audit(1724976646.619:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3655 comm="syz.4.5" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff75fda1ef9 code=0x7ffc0000
[   47.527675][ T3571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.604638][   T26] audit: type=1326 audit(1724976646.639:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3655 comm="syz.4.5" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff75fda1ef9 code=0x7ffc0000
[   47.627575][ T3571] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   47.631512][   T26] audit: type=1326 audit(1724976646.749:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3655 comm="syz.4.5" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff75fda1ef9 code=0x7ffc0000
[   47.638434][ T3571] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   47.665983][   T26] audit: type=1326 audit(1724976646.789:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3655 comm="syz.4.5" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff75fda1ef9 code=0x7ffc0000
[   47.671169][ T3571] batman_adv: batadv0: Interface activated: batadv_slave_1
[   47.699765][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   47.709466][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   47.718437][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   47.729611][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   47.749549][  T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   47.779861][  T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   47.807261][   T26] audit: type=1326 audit(1724976646.829:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3655 comm="syz.4.5" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7ff75fda1ef9 code=0x7ffc0000
[   47.837575][   T26] audit: type=1326 audit(1724976646.879:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3655 comm="syz.4.5" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff75fda1ef9 code=0x7ffc0000
[   47.842012][ T3571] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   47.860210][   T26] audit: type=1326 audit(1724976646.879:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3655 comm="syz.4.5" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff75fda1ef9 code=0x7ffc0000
[   47.898261][ T3571] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   47.907354][ T3571] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   47.925803][ T3571] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   47.930172][ T3661] loop0: detected capacity change from 0 to 512
[   47.943015][ T1246] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   47.945223][ T1241] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   47.958557][ T1241] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   47.977923][ T1246] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   47.986262][ T1246] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.000291][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   48.014923][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   48.064237][ T3661] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   48.077276][ T3661] ext4 filesystem being mounted at /2/file0 supports timestamps until 2038 (0x7fffffff)
[   48.112359][ T1241] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.132211][ T1241] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.133318][   T26] audit: type=1800 audit(1724976647.399:9): pid=3661 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.7" name="bus" dev="loop0" ino=18 res=0 errno=0
[   48.161835][ T3559] Bluetooth: hci2: command 0x0419 tx timeout
[   48.173496][ T3559] Bluetooth: hci0: command 0x0419 tx timeout
[   48.176612][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   48.189079][ T3559] Bluetooth: hci1: command 0x0419 tx timeout
[   48.199529][ T3559] Bluetooth: hci4: command 0x0419 tx timeout
[   48.230987][ T3619] Bluetooth: hci3: command 0x0419 tx timeout
[   48.277127][ T3672] netlink: 'syz.4.8': attribute type 21 has an invalid length.
[   48.298240][ T1246] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.338182][ T1246] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.365841][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   48.387028][ T1246] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   48.453335][ T3674] netlink: 'syz.3.11': attribute type 10 has an invalid length.
[   48.462448][ T1246] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   48.504183][ T3674] 8021q: adding VLAN 0 to HW filter on device batadv0
[   48.577487][ T3674] bond0: (slave batadv0): Enslaving as an active interface with an up link
[   48.586897][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   48.605254][ T3674] syz.3.11 (3674) used greatest stack depth: 19576 bytes left
[   48.686717][ T3682] xt_CT: You must specify a L4 protocol and not use inversions on it
[   49.429402][ T3687] netlink: 4 bytes leftover after parsing attributes in process `syz.0.13'.
[   49.469035][ T3687] netlink: 4 bytes leftover after parsing attributes in process `syz.0.13'.
[   49.550977][ T3691] IPv6: ADDRCONF(NETDEV_CHANGE): bpq0: link becomes ready
[   49.671021][ T3559] usb 4-1: new full-speed USB device number 2 using dummy_hcd
[   49.910809][ T3618] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   49.960704][ T3651] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   49.980812][ T3614] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   50.030640][ T3559] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64
[   50.043058][ T3559] usb 4-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xBA, skipping
[   50.160970][ T3618] usb 2-1: Using ep0 maxpacket: 8
[   50.210660][ T3559] usb 4-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[   50.219799][ T3559] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   50.220552][ T3651] usb 1-1: Using ep0 maxpacket: 16
[   50.233565][ T3559] usb 4-1: Product: syz
[   50.233588][ T3614] usb 3-1: Using ep0 maxpacket: 32
[   50.237729][ T3559] usb 4-1: Manufacturer: syz
[   50.247909][ T3559] usb 4-1: SerialNumber: syz
[   50.258489][ T3559] usb 4-1: config 0 descriptor??
[   50.281526][ T3685] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[   50.288833][ T3685] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[   50.300876][ T3618] usb 2-1: config 0 has no interfaces?
[   50.305708][ T3559] usb 4-1: ucan: probing device on interface #0
[   50.316684][ T3559] usb 4-1: ucan: invalid EP count (1)
[   50.342436][ T3559] usb 4-1: ucan: probe failed; try to update the device firmware
[   50.401055][ T3614] usb 3-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[   50.410367][ T3651] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   50.416466][ T3707] loop4: detected capacity change from 0 to 512
[   50.428800][ T3614] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   50.436528][ T3707] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   50.437128][ T3651] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   50.463206][ T3614] usb 3-1: config 0 descriptor??
[   50.468458][ T3651] usb 1-1: New USB device found, idVendor=056a, idProduct=0300, bcdDevice= 0.00
[   50.478997][ T3651] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   50.484291][ T3707] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   50.490139][ T3651] usb 1-1: config 0 descriptor??
[   50.504507][ T3614] gspca_main: vc032x-2.14.0 probing 0ac8:0321
[   50.522218][ T3618] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   50.532474][ T3618] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   50.534167][ T3707] EXT4-fs (loop4): 1 truncate cleaned up
[   50.544865][ T3618] usb 2-1: Product: syz
[   50.546839][ T3707] EXT4-fs (loop4): mounted filesystem without journal. Opts: nodioread_nolock,jqfmt=vfsold,stripe=0x0000000000000000,noblock_validity,,errors=continue. Quota mode: none.
[   50.558312][ T3618] usb 2-1: Manufacturer: syz
[   50.598447][ T3618] usb 2-1: SerialNumber: syz
[   50.605213][ T3618] usb 2-1: config 0 descriptor??
[   50.858264][ T3617] usb 2-1: USB disconnect, device number 2
[   51.000584][ T3651] wacom 0003:056A:0300.0001: Unknown device_type for 'HID 056a:0300'. Assuming pen.
[   51.014846][ T3651] wacom 0003:056A:0300.0001: hidraw0: USB HID v0.00 Device [HID 056a:0300] on usb-dummy_hcd.0-1/input0
[   51.027560][ T3651] input: Wacom Bamboo One S Pen as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:056A:0300.0001/input/input5
[   51.210119][   T21] usb 1-1: USB disconnect, device number 2
[   51.439240][ T3714] xt_CT: You must specify a L4 protocol and not use inversions on it
[   52.129763][ T3726] loop4: detected capacity change from 0 to 256
[   52.181312][ T3726] =======================================================
[   52.181312][ T3726] WARNING: The mand mount option has been deprecated and
[   52.181312][ T3726]          and is ignored by this kernel. Remove the mand
[   52.181312][ T3726]          option from the mount to silence this warning.
[   52.181312][ T3726] =======================================================
[   52.231711][ T3614] gspca_vc032x: reg_w err -71
[   52.236406][ T3614] gspca_vc032x: I2c Bus Busy Wait 00
[   52.241993][ T3614] gspca_vc032x: I2c Bus Busy Wait 00
[   52.247283][ T3614] gspca_vc032x: I2c Bus Busy Wait 00
[   52.252695][ T3614] gspca_vc032x: I2c Bus Busy Wait 00
[   52.257977][ T3614] gspca_vc032x: I2c Bus Busy Wait 00
[   52.263493][ T3614] gspca_vc032x: I2c Bus Busy Wait 00
[   52.268785][ T3614] gspca_vc032x: I2c Bus Busy Wait 00
[   52.274240][ T3614] gspca_vc032x: I2c Bus Busy Wait 00
[   52.279525][ T3614] gspca_vc032x: I2c Bus Busy Wait 00
[   52.282493][ T3726] FAT-fs (loop4): Directory bread(block 64) failed
[   52.284951][ T3617] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[   52.297412][ T3726] FAT-fs (loop4): Directory bread(block 65) failed
[   52.299875][ T3614] gspca_vc032x: I2c Bus Busy Wait 00
[   52.310330][ T3726] FAT-fs (loop4): Directory bread(block 66) failed
[   52.324666][ T3614] gspca_vc032x: I2c Bus Busy Wait 00
[   52.329976][ T3614] gspca_vc032x: I2c Bus Busy Wait 00
[   52.345880][ T3614] gspca_vc032x: I2c Bus Busy Wait 00
[   52.354637][ T3614] gspca_vc032x: I2c Bus Busy Wait 00
[   52.358897][ T3726] FAT-fs (loop4): Directory bread(block 67) failed
[   52.360112][ T3614] gspca_vc032x: I2c Bus Busy Wait 00
[   52.368325][ T3726] FAT-fs (loop4): Directory bread(block 68) failed
[   52.373042][ T3614] gspca_vc032x: I2c Bus Busy Wait 00
[   52.381693][ T3726] FAT-fs (loop4): Directory bread(block 69) failed
[   52.384688][ T3614] gspca_vc032x: I2c Bus Busy Wait 00
[   52.395290][ T3726] FAT-fs (loop4): Directory bread(block 70) failed
[   52.397071][ T3614] gspca_vc032x: I2c Bus Busy Wait 00
[   52.403364][ T3726] FAT-fs (loop4): Directory bread(block 71) failed
[   52.407912][ T3614] gspca_vc032x: Unknown sensor...
[   52.419552][ T3614] vc032x: probe of 3-1:0.0 failed with error -22
[   52.422054][ T3726] FAT-fs (loop4): Directory bread(block 72) failed
[   52.429127][ T3614] usb 3-1: USB disconnect, device number 2
[   52.440962][ T3618] usb 4-1: USB disconnect, device number 2
[   52.448548][ T3726] FAT-fs (loop4): Directory bread(block 73) failed
[   52.450557][   T21] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[   52.651812][ T3617] usb 2-1: Using ep0 maxpacket: 32
[   52.950687][ T3618] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[   53.040983][ T3617] usb 2-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[   53.050036][ T3617] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   53.093067][ T3617] usb 2-1: Product: syz
[   53.099659][ T3617] usb 2-1: Manufacturer: syz
[   53.112399][ T3617] usb 2-1: SerialNumber: syz
[   53.140645][ T3617] usb 2-1: config 0 descriptor??
[   53.202358][ T3617] gspca_main: ov534_9-2.14.0 probing 05a9:1550
[   53.230614][   T21] usb 1-1: Using ep0 maxpacket: 32
[   53.281890][ T3618] usb 4-1: Using ep0 maxpacket: 16
[   53.350634][   T21] usb 1-1: config 0 has an invalid interface number: 120 but max is 0
[   53.358902][   T21] usb 1-1: config 0 has no interface number 0
[   53.365151][   T21] usb 1-1: config 0 interface 120 altsetting 128 bulk endpoint 0xF has invalid maxpacket 32
[   53.375283][   T21] usb 1-1: config 0 interface 120 altsetting 128 endpoint 0xB has an invalid bInterval 184, changing to 7
[   53.386609][   T21] usb 1-1: config 0 interface 120 altsetting 128 bulk endpoint 0x9 has invalid maxpacket 16
[   53.396743][   T21] usb 1-1: config 0 interface 120 has no altsetting 0
[   53.410914][ T3618] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   53.422596][ T3618] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   53.433072][ T3618] usb 4-1: New USB device found, idVendor=05ac, idProduct=027d, bcdDevice= 0.00
[   53.442149][ T3618] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   53.451842][ T3618] usb 4-1: config 0 descriptor??
[   53.540571][ T3614] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   53.560700][   T21] usb 1-1: New USB device found, idVendor=11ca, idProduct=0201, bcdDevice=9c.fb
[   53.569829][   T21] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   53.577855][   T21] usb 1-1: Product: syz
[   53.582078][   T21] usb 1-1: Manufacturer: syz
[   53.586691][   T21] usb 1-1: SerialNumber: syz
[   53.596053][   T21] usb 1-1: config 0 descriptor??
[   53.620752][ T3724] raw-gadget.2 gadget: fail, usb_ep_enable returned -22
[   53.628665][ T3724] raw-gadget.2 gadget: fail, usb_ep_enable returned -22
[   53.790649][ T3614] usb 5-1: Using ep0 maxpacket: 8
[   53.885270][   T21] usb 1-1: USB disconnect, device number 3
[   53.933333][ T3614] usb 5-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping
[   53.954602][ T3618] hid-generic 0003:05AC:027D.0002: hidraw0: USB HID v0.00 Device [HID 05ac:027d] on usb-dummy_hcd.3-1/input0
[   53.966259][ T3614] usb 5-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x93, skipping
[   53.978926][ T3614] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[   54.070965][ T3617] gspca_ov534_9: reg_w failed -71
[   54.134422][   T21] usb 4-1: USB disconnect, device number 3
[   54.190732][ T3614] usb 5-1: New USB device found, idVendor=15c2, idProduct=003b, bcdDevice=66.3e
[   54.200478][ T3614] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   54.208463][ T3614] usb 5-1: Product: syz
[   54.212663][ T3614] usb 5-1: Manufacturer: syz
[   54.217334][ T3614] usb 5-1: SerialNumber: syz
[   54.223670][ T3614] usb 5-1: config 0 descriptor??
[   54.263058][ T3614] imon:imon_find_endpoints: no valid input (IR) endpoint found
[   54.270996][ T3614] imon 5-1:0.0: unable to initialize intf0, err -19
[   54.277589][ T3614] imon:imon_probe: failed to initialize context!
[   54.284427][ T3614] imon 5-1:0.0: unable to register, err -19
[   54.400107][ T3736] loop0: detected capacity change from 0 to 512
[   54.466643][ T3734] udc-core: couldn't find an available UDC or it's busy
[   54.473800][ T3734] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[   54.482905][ T3734] udc-core: couldn't find an available UDC or it's busy
[   54.490910][ T3736] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   54.504201][ T3734] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[   54.508229][ T3736] EXT4-fs (loop0): 1 truncate cleaned up
[   54.511848][ T3617] gspca_ov534_9: Unknown sensor 0000
[   54.517662][ T3736] EXT4-fs (loop0): mounted filesystem without journal. Opts: nodioread_nolock,jqfmt=vfsold,stripe=0x0000000000000000,noblock_validity,,errors=continue. Quota mode: none.
[   54.521650][ T3617] ov534_9: probe of 2-1:0.0 failed with error -22
[   54.559720][ T3617] usb 2-1: USB disconnect, device number 3
[   54.854717][ T3744] loop1: detected capacity change from 0 to 16
[   54.945871][ T3744] erofs: Unknown parameter '����t�5�;�
�}	�7_c��������N���
[   54.945871][ T3744] b��aH.w��w����"L������a�m)p�������'6~�'
[   56.055921][ T3751] vhci_hcd: default hub control req: 4012 v0007 i0006 l0
[   56.063552][ T3614] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[   56.163238][ T3757] netlink: 56 bytes leftover after parsing attributes in process `syz.2.40'.
[   56.201379][ T3761] loop1: detected capacity change from 0 to 256
[   56.209639][ T3757] loop2: detected capacity change from 0 to 512
[   56.264079][ T3757] EXT4-fs (loop2): filesystem is read-only
[   56.269185][   T21] usb 5-1: USB disconnect, device number 2
[   56.281742][ T3757] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[   56.309100][ T3757] EXT4-fs (loop2): filesystem is read-only
[   56.316839][ T3757] EXT4-fs (loop2): orphan cleanup on readonly fs
[   56.337217][ T3614] usb 4-1: Using ep0 maxpacket: 32
[   56.344393][ T3757] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.40: bg 0: block 64: padding at end of block bitmap is not set
[   56.364659][ T3761] FAT-fs (loop1): Directory bread(block 64) failed
[   56.367103][ T3757] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6185: Corrupt filesystem
[   56.371714][ T3761] FAT-fs (loop1): Directory bread(block 65) failed
[   56.381598][ T3757] EXT4-fs (loop2): 1 orphan inode deleted
[   56.388427][ T3761] FAT-fs (loop1): Directory bread(block 66) failed
[   56.400306][ T3757] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpjquota=,noblock_validity,auto_da_alloc=0x0000000000000000,inode_readahead_blks=0x0000000000001000,user_xattr,nombcache,resuid=0x000000000000ee00,data_err=abort,grpid,noauto_da_alloc,,errors=continue. Quota mode: none.
[   56.407094][ T3761] FAT-fs (loop1): Directory bread(block 67) failed
[   56.437238][ T3761] FAT-fs (loop1): Directory bread(block 68) failed
[   56.443854][ T3761] FAT-fs (loop1): Directory bread(block 69) failed
[   56.450431][ T3761] FAT-fs (loop1): Directory bread(block 70) failed
[   56.457020][ T3761] FAT-fs (loop1): Directory bread(block 71) failed
[   56.463696][ T3761] FAT-fs (loop1): Directory bread(block 72) failed
[   56.470231][ T3761] FAT-fs (loop1): Directory bread(block 73) failed
[   56.478337][ T3619] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[   56.681532][   T21] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   56.931445][ T3614] usb 4-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed
[   56.966415][ T3614] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   57.066354][ T3614] usb 4-1: Product: syz
[   57.070896][ T3614] usb 4-1: Manufacturer: syz
[   57.080729][ T3614] usb 4-1: SerialNumber: syz
[   57.098145][ T3614] usb 4-1: config 0 descriptor??
[   57.400628][ T3619] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   57.412076][ T3619] usb 1-1: New USB device found, idVendor=1d34, idProduct=0004, bcdDevice= 0.00
[   57.421863][ T3619] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   57.445661][ T3619] usb 1-1: config 0 descriptor??
[   57.606275][   T21] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   57.617898][   T21] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   57.634345][   T21] usb 5-1: New USB device found, idVendor=18d1, idProduct=9400, bcdDevice= 0.00
[   57.645066][   T21] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   57.660609][ T3651] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[   57.662848][   T21] usb 5-1: config 0 descriptor??
[   57.850340][ T3614] rtl8150 4-1:0.0: eth1: rtl8150 is detected
[   57.933604][ T3619] hid-led 0003:1D34:0004.0003: unknown main item tag 0x0
[   58.044384][ T3616] usb 4-1: USB disconnect, device number 4
[   58.061105][ T3651] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   58.087592][ T3651] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[   58.150883][ T3619] hid-led: probe of 0003:1D34:0004.0003 failed with error -71
[   58.176683][   T21] hid-generic 0003:18D1:9400.0004: hidraw0: USB HID v0.00 Device [HID 18d1:9400] on usb-dummy_hcd.4-1/input0
[   58.195852][ T3651] usb 2-1: New USB device found, idVendor=1d50, idProduct=606f, bcdDevice=9f.d4
[   58.198900][ T3619] usb 1-1: USB disconnect, device number 4
[   58.212226][ T3651] usb 2-1: New USB device strings: Mfr=188, Product=0, SerialNumber=0
[   58.251252][ T3651] usb 2-1: Manufacturer: syz
[   58.264018][ T3651] usb 2-1: config 0 descriptor??
[   58.370933][ T3764] udc-core: couldn't find an available UDC or it's busy
[   58.377913][ T3764] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[   58.422486][ T3617] usb 5-1: USB disconnect, device number 3
[   58.679151][ T3800] loop2: detected capacity change from 0 to 512
[   58.712323][ T3800] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   58.725654][ T3800] EXT4-fs (loop2): 1 truncate cleaned up
[   58.731946][ T3800] EXT4-fs (loop2): mounted filesystem without journal. Opts: nodioread_nolock,jqfmt=vfsold,stripe=0x0000000000000000,noblock_validity,,errors=continue. Quota mode: none.
[   58.867510][ T3651] usb 2-1: USB disconnect, device number 4
[   58.944267][ T3619] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[   59.020549][ T3572] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[   59.076987][ T3812] loop2: detected capacity change from 0 to 16
[   59.148209][ T3812] erofs: (device loop2): mounted with root inode @ nid 36.
[   59.193705][ T3812] erofs: (device loop2): find_target_block_classic: corrupted dir block 0 @ nid 36
[   59.381173][ T3572] usb 1-1: Using ep0 maxpacket: 8
[   59.387882][ T3619] usb 4-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping
[   59.450116][ T3619] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   59.480046][ T3619] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   59.489699][ T3619] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   59.504952][ T3619] usb 4-1: config 0 descriptor??
[   59.520790][ T3572] usb 1-1: config 1 interface 0 altsetting 9 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   59.534102][ T3572] usb 1-1: config 1 interface 0 has no altsetting 0
[   59.553783][ T3619] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[   59.841478][ T3572] usb 1-1: New USB device found, idVendor=05ac, idProduct=030a, bcdDevice= 0.40
[   59.861470][ T3572] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   59.869581][ T3572] usb 1-1: Product: syz
[   59.912152][ T3572] usb 1-1: Manufacturer: syz
[   60.008635][ T3572] usb 1-1: SerialNumber: syz
[   60.452377][ T3825] vhci_hcd: default hub control req: 4012 v0007 i0006 l0
[   60.519456][   T26] audit: type=1326 audit(1724976659.779:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3826 comm="syz.2.54" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbeec3bef9 code=0x7ffc0000
[   60.544100][ T3572] input: appletouch as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/input/input8
[   60.570030][   T26] audit: type=1326 audit(1724976659.829:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3826 comm="syz.2.54" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbeec3bef9 code=0x7ffc0000
[   60.608824][ T3572] usb 1-1: USB disconnect, device number 5
[   60.614760][    C1] appletouch 1-1:1.0: atp_complete: usb_submit_urb failed with result -19
[   60.620527][   T26] audit: type=1326 audit(1724976659.829:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3826 comm="syz.2.54" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fdbeec3bef9 code=0x7ffc0000
[   60.687383][   T26] audit: type=1326 audit(1724976659.829:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3826 comm="syz.2.54" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbeec3bef9 code=0x7ffc0000
[   60.725967][   T26] audit: type=1326 audit(1724976659.829:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3826 comm="syz.2.54" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fdbeec3bef9 code=0x7ffc0000
[   60.772059][   T26] audit: type=1326 audit(1724976659.829:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3826 comm="syz.2.54" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbeec3bef9 code=0x7ffc0000
[   60.795314][   T26] audit: type=1326 audit(1724976659.829:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3826 comm="syz.2.54" exe="/root/syz-executor" sig=0 arch=c000003e syscall=295 compat=0 ip=0x7fdbeec3bef9 code=0x7ffc0000
[   60.822565][   T26] audit: type=1326 audit(1724976659.829:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3826 comm="syz.2.54" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbeec3bef9 code=0x7ffc0000
[   60.845146][   T26] audit: type=1326 audit(1724976659.829:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3826 comm="syz.2.54" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fdbeec3bef9 code=0x7ffc0000
[   60.848448][ T3572] appletouch 1-1:1.0: input: appletouch disconnected
[   60.878295][   T26] audit: type=1326 audit(1724976659.829:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3826 comm="syz.2.54" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbeec3bef9 code=0x7ffc0000
[   61.051256][ T3839] loop0: detected capacity change from 0 to 512
[   61.060587][ T3651] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[   61.060870][ T3619] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[   61.138322][ T3839] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   61.153499][ T3839] EXT4-fs (loop0): 1 truncate cleaned up
[   61.159161][ T3839] EXT4-fs (loop0): mounted filesystem without journal. Opts: nodioread_nolock,jqfmt=vfsold,stripe=0x0000000000000000,noblock_validity,,errors=continue. Quota mode: none.
[   61.320622][ T3619] usb 2-1: Using ep0 maxpacket: 8
[   61.340631][ T3651] usb 3-1: Using ep0 maxpacket: 16
[   61.440632][ T3619] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   61.451365][ T3619] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2
[   61.460228][ T3619] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[   61.471435][ T3619] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[   61.482635][ T3619] usb 2-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[   61.491701][ T3619] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   61.520580][ T3572] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[   61.541999][ T3619] hub 2-1:1.0: bad descriptor, ignoring hub
[   61.548059][ T3619] hub: probe of 2-1:1.0 failed with error -5
[   61.554558][ T3619] cdc_wdm 2-1:1.0: skipping garbage
[   61.559771][ T3619] cdc_wdm 2-1:1.0: skipping garbage
[   61.569425][ T3619] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device
[   61.575892][ T3619] cdc_wdm 2-1:1.0: Unknown control protocol
[   61.670769][ T3651] usb 3-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5
[   61.679922][ T3651] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   61.687963][ T3651] usb 3-1: Product: syz
[   61.692232][ T3651] usb 3-1: Manufacturer: syz
[   61.696837][ T3651] usb 3-1: SerialNumber: syz
[   61.703670][ T3651] usb 3-1: config 0 descriptor??
[   61.747466][ T3651] visor 3-1:0.0: Sony Clie 3.5 converter detected
[   61.747982][ T3837] udc-core: couldn't find an available UDC or it's busy
[   61.761178][ T3837] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[   61.780693][ T3617] usb 4-1: USB disconnect, device number 5
[   61.815418][ T3844] loop3: detected capacity change from 0 to 1024
[   61.822989][ T3845] udc-core: couldn't find an available UDC or it's busy
[   61.830065][ T3845] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[   61.839596][ T3845] udc-core: couldn't find an available UDC or it's busy
[   61.847038][ T3845] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[   61.856155][ T3844] EXT4-fs (loop3): Ignoring removed orlov option
[   61.866428][ T3844] EXT4-fs (loop3): Ignoring removed nomblk_io_submit option
[   61.890836][ T3572] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   61.898043][ T3844] EXT4-fs (loop3): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none.
[   61.901883][ T3572] usb 1-1: New USB device found, idVendor=1d34, idProduct=0004, bcdDevice= 0.00
[   61.934150][ T3572] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   61.960267][ T3572] usb 1-1: config 0 descriptor??
[   61.971931][ T3844] syz.3.60 (3844) used greatest stack depth: 19440 bytes left
[   62.184856][ T3651] usb 3-1: clie_3_5_startup: get interface number bad return length: 0
[   62.195186][ T3651] visor: probe of 3-1:0.0 failed with error -5
[   62.340690][   T21] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[   62.387894][ T3617] usb 3-1: USB disconnect, device number 3
[   62.402436][ T3651] usb 2-1: USB disconnect, device number 5
[   62.511373][ T3572] hid-led 0003:1D34:0004.0005: unknown main item tag 0x0
[   62.613384][   T21] usb 4-1: Using ep0 maxpacket: 8
[   62.731174][   T21] usb 4-1: config 0 has an invalid interface number: 33 but max is 1
[   62.779229][ T3572] hid-led 0003:1D34:0004.0005: hidraw0: USB HID v0.00 Device [HID 1d34:0004] on usb-dummy_hcd.0-1/input0
[   62.849181][   T21] usb 4-1: config 0 has no interface number 1
[   63.175624][ T3572] hid-led 0003:1D34:0004.0005: Dream Cheeky Webmail Notifier initialized
[   63.250952][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #300!!!
[   63.260064][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #300!!!
[   63.269061][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #302!!!
[   63.274057][   T21] usb 4-1: New USB device found, idVendor=2040, idProduct=2950, bcdDevice=85.f1
[   63.303568][ T3572] usb 1-1: USB disconnect, device number 6
[   63.310198][   T21] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   63.335398][   T21] usb 4-1: Product: syz
[   63.340249][   T21] usb 4-1: Manufacturer: syz
[   63.348462][   T21] usb 4-1: SerialNumber: syz
[   63.404060][   T21] usb 4-1: config 0 descriptor??
[   63.446265][   T21] pvrusb2: Hardware description: WinTV PVR USB2 Model 29xxx
[   63.481654][ T3875] loop4: detected capacity change from 0 to 512
[   63.514723][ T3875] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   63.539425][ T3875] EXT4-fs (loop4): 1 truncate cleaned up
[   63.545475][ T3875] EXT4-fs (loop4): mounted filesystem without journal. Opts: nodioread_nolock,jqfmt=vfsold,stripe=0x0000000000000000,noblock_validity,,errors=continue. Quota mode: none.
[   63.570864][ T3651] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[   63.663048][   T21] pvrusb2: Hardware description: WinTV PVR USB2 Model 29xxx
[   63.672918][ T2149] usb 4-1: Direct firmware load for v4l-pvrusb2-29xxx-01.fw failed with error -2
[   63.682868][ T2149] usb 4-1: Falling back to sysfs fallback for: v4l-pvrusb2-29xxx-01.fw
[   63.709753][   T21] usb 4-1: USB disconnect, device number 6
[   63.760666][ T3617] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[   63.940761][ T3614] usb 5-1: new full-speed USB device number 4 using dummy_hcd
[   64.000688][ T3651] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[   64.009377][ T3651] usb 2-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[   64.019653][ T3617] usb 3-1: Using ep0 maxpacket: 8
[   64.024817][ T3651] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66
[   64.033847][ T3651] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[   64.045067][ T3651] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[   64.161032][ T3617] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[   64.183293][ T3617] usb 3-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[   64.196237][ T3617] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[   64.205710][ T3617] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   64.220816][ T3651] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[   64.231754][ T3651] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[   64.245902][ T3651] usb 2-1: Product: syz
[   64.250997][ T3651] usb 2-1: Manufacturer: syz
[   64.331762][ T3651] cdc_wdm 2-1:1.0: skipping garbage
[   64.338417][ T3651] cdc_wdm 2-1:1.0: skipping garbage
[   64.359189][ T3651] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device
[   64.368671][ T3651] cdc_wdm 2-1:1.0: Unknown control protocol
[   64.510855][ T3614] usb 5-1: New USB device found, idVendor=2013, idProduct=025d, bcdDevice=f5.0f
[   64.523985][ T3614] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   64.541232][ T3614] usb 5-1: Product: syz
[   64.545529][ T3614] usb 5-1: Manufacturer: syz
[   64.550134][ T3614] usb 5-1: SerialNumber: syz
[   64.559917][ T3614] usb 5-1: config 0 descriptor??
[   64.600088][ T3893] loop3: detected capacity change from 0 to 128
[   64.645401][ T3617] usb 2-1: USB disconnect, device number 6
[   64.673668][ T3893] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[   64.747601][ T3569] FAT-fs (loop3): error, invalid access to FAT (entry 0x0affffff)
[   64.757287][ T3569] FAT-fs (loop3): Filesystem has been set read-only
[   64.766064][ T3569] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[   64.810714][ T3614] dvb-usb: found a 'PCTV 2002e SE' in cold state, will try to load a firmware
[   64.869935][ T3614] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw'
[   64.878139][ T3614] dib0700: firmware download failed at 7 with -22
[   64.887293][ T3614] usb 5-1: USB disconnect, device number 4
[   65.548990][   T26] kauditd_printk_skb: 103 callbacks suppressed
[   65.548999][   T26] audit: type=1326 audit(1724976664.809:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3906 comm="syz.1.80" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1743b85ef9 code=0x7ffc0000
[   65.584707][   T26] audit: type=1326 audit(1724976664.849:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3906 comm="syz.1.80" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1743b85ef9 code=0x7ffc0000
[   65.610704][ T3614] usb 5-1: new full-speed USB device number 5 using dummy_hcd
[   65.612130][   T26] audit: type=1326 audit(1724976664.849:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3906 comm="syz.1.80" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f1743b85ef9 code=0x7ffc0000
[   65.643656][   T26] audit: type=1326 audit(1724976664.849:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3906 comm="syz.1.80" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1743b85ef9 code=0x7ffc0000
[   65.666546][   T26] audit: type=1326 audit(1724976664.849:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3906 comm="syz.1.80" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1743b85ef9 code=0x7ffc0000
[   65.702056][ T3911] loop1: detected capacity change from 0 to 512
[   65.709601][   T26] audit: type=1326 audit(1724976664.849:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3906 comm="syz.1.80" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1743b85ef9 code=0x7ffc0000
[   65.732086][   T26] audit: type=1326 audit(1724976664.849:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3906 comm="syz.1.80" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1743b85ef9 code=0x7ffc0000
[   65.755710][   T26] audit: type=1326 audit(1724976664.849:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3906 comm="syz.1.80" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1743b85ef9 code=0x7ffc0000
[   65.778061][   T26] audit: type=1326 audit(1724976664.849:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3906 comm="syz.1.80" exe="/root/syz-executor" sig=0 arch=c000003e syscall=295 compat=0 ip=0x7f1743b85ef9 code=0x7ffc0000
[   65.788916][ T3911] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   65.803287][   T26] audit: type=1326 audit(1724976664.849:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3906 comm="syz.1.80" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1743b85ef9 code=0x7ffc0000
[   65.828332][ T3911] EXT4-fs (loop1): 1 truncate cleaned up
[   65.837836][ T3911] EXT4-fs (loop1): mounted filesystem without journal. Opts: nodioread_nolock,jqfmt=vfsold,stripe=0x0000000000000000,noblock_validity,,errors=continue. Quota mode: none.
[   66.050618][ T3614] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[   66.061791][ T3614] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   66.071630][ T3614] usb 5-1: New USB device found, idVendor=1e7d, idProduct=3138, bcdDevice= 0.00
[   66.080947][ T3614] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   66.093936][ T3614] usb 5-1: config 0 descriptor??
[   66.250664][ T3617] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[   66.501396][ T3703] usb 3-1: USB disconnect, device number 4
[   66.572902][ T3614] ryos 0003:1E7D:3138.0006: unknown main item tag 0x0
[   66.584657][ T3614] ryos 0003:1E7D:3138.0006: hidraw0: USB HID v0.00 Device [HID 1e7d:3138] on usb-dummy_hcd.4-1/input0
[   66.663794][ T3617] usb 2-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.32
[   66.682393][ T3617] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   66.701647][ T3617] usb 2-1: config 0 descriptor??
[   66.752248][ T3617] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state.
[   66.784051][ T3900] udc-core: couldn't find an available UDC or it's busy
[   66.807488][ T3900] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[   66.828464][ T3874] usb 5-1: USB disconnect, device number 5
[   66.850089][ T3923] loop0: detected capacity change from 0 to 1024
[   66.960731][ T3617] gp8psk: usb in 128 operation failed.
[   67.230904][ T3617] gp8psk: usb in 146 operation failed.
[   67.236383][ T3617] gp8psk: failed to get FW version
[   67.290798][ T3617] gp8psk: FPGA Version = 216
[   67.310683][ T3703] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[   67.443170][ T3941] loop4: detected capacity change from 0 to 512
[   67.480779][ T3614] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[   67.506762][ T3941] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   67.516988][ T3617] gp8psk: usb in 138 operation failed.
[   67.521477][ T3941] EXT4-fs (loop4): 1 truncate cleaned up
[   67.523123][ T3617] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[   67.533536][ T3941] EXT4-fs (loop4): mounted filesystem without journal. Opts: nodioread_nolock,jqfmt=vfsold,stripe=0x0000000000000000,noblock_validity,,errors=continue. Quota mode: none.
[   67.573207][ T3617] dvbdev: DVB: registering new adapter (Genpix SkyWalker-1 DVB-S receiver)
[   67.585233][ T3617] usb 2-1: media controller created
[   67.590780][ T3703] usb 1-1: Using ep0 maxpacket: 32
[   67.607675][ T3617] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[   67.637152][ T3617] gp8psk_fe: Frontend attached
[   67.642638][ T3617] usb 2-1: DVB: registering adapter 1 frontend 0 (Genpix DVB-S)...
[   67.652090][ T3617] dvbdev: dvb_create_media_entity: media entity 'Genpix DVB-S' registered.
[   67.720842][ T3703] usb 1-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping
[   67.731649][ T3614] usb 3-1: Using ep0 maxpacket: 8
[   67.737536][ T3703] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[   67.747522][ T3703] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   67.758082][ T3703] usb 1-1: config 0 descriptor??
[   67.763351][ T3617] gp8psk: usb in 138 operation failed.
[   67.768865][ T3617] dvb-usb: Genpix SkyWalker-1 DVB-S receiver successfully initialized and connected.
[   67.778790][ T3617] gp8psk: found Genpix USB device pID = 203 (hex)
[   67.787633][ T3617] usb 2-1: USB disconnect, device number 7
[   67.793833][ T3928] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[   67.821835][ T3703] hub 1-1:0.0: bad descriptor, ignoring hub
[   67.827765][ T3703] hub: probe of 1-1:0.0 failed with error -5
[   67.845746][ T3703] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[   67.876820][ T3617] dvb-usb: Genpix SkyWalker-1 DVB-S receiver successfully deinitialized and disconnected.
[   67.887371][ T3614] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   67.915168][ T3614] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   68.060534][   T23] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[   68.100646][ T3614] usb 3-1: New USB device found, idVendor=0b05, idProduct=19b6, bcdDevice= 0.40
[   68.109833][ T3614] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   68.126419][ T3614] usb 3-1: Product: syz
[   68.144889][ T3614] usb 3-1: Manufacturer: syz
[   68.149516][ T3614] usb 3-1: SerialNumber: syz
[   68.219924][ T3952] loop1: detected capacity change from 0 to 1024
[   68.300602][   T23] usb 5-1: Using ep0 maxpacket: 16
[   68.420647][   T23] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   68.592327][   T23] usb 5-1: New USB device found, idVendor=045e, idProduct=0721, bcdDevice=90.c4
[   68.601560][   T23] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   68.609677][   T23] usb 5-1: Product: syz
[   68.614393][   T23] usb 5-1: Manufacturer: syz
[   68.618986][   T23] usb 5-1: SerialNumber: syz
[   68.620593][ T3617] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[   68.626162][   T23] usb 5-1: config 0 descriptor??
[   68.641722][ T3935] udc-core: couldn't find an available UDC or it's busy
[   68.648858][ T3935] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[   68.871250][ T3614] hid (null): report_id 2668810406 is invalid
[   68.879833][ T3614] asus 0003:0B05:19B6.0007: report_id 2668810406 is invalid
[   68.888628][ T3614] asus 0003:0B05:19B6.0007: item 0 4 1 8 parsing failed
[   68.896079][ T3614] asus 0003:0B05:19B6.0007: Asus hid parse failed: -22
[   68.902991][ T3617] usb 2-1: Using ep0 maxpacket: 32
[   68.908160][ T3614] asus: probe of 0003:0B05:19B6.0007 failed with error -22
[   69.040679][ T3617] usb 2-1: config index 0 descriptor too short (expected 156, got 27)
[   69.048959][ T3617] usb 2-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[   69.060068][ T3617] usb 2-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[   69.071455][ T3617] usb 2-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[   69.084972][ T3617] usb 2-1: config 0 interface 0 has no altsetting 0
[   69.096890][ T3572] usb 3-1: USB disconnect, device number 5
[   69.110823][   T23] usb 5-1: Found UVC 0.00 device syz (045e:0721)
[   69.117323][   T23] usb 5-1: No valid video chain found.
[   69.271857][ T3617] usb 2-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[   69.281117][ T3617] usb 2-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[   69.289558][ T3617] usb 2-1: Product: syz
[   69.294433][ T3617] usb 2-1: Manufacturer: syz
[   69.299027][ T3617] usb 2-1: SerialNumber: syz
[   69.308343][ T3617] usb 2-1: config 0 descriptor??
[   69.324173][ T3572] usb 5-1: USB disconnect, device number 6
[   69.362579][ T3617] ldusb 2-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[   69.373881][ T3617] ldusb 2-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[   69.582826][ T3617] usb 2-1: USB disconnect, device number 8
[   69.591151][ T3617] ldusb 2-1:0.0: LD USB Device #0 now disconnected
[   70.065651][ T3974] loop0: detected capacity change from 0 to 512
[   70.120715][ T3974] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   70.151157][ T3572] usb 1-1: USB disconnect, device number 7
[   70.167673][ T3974] EXT4-fs (loop0): 1 truncate cleaned up
[   70.177471][ T3974] EXT4-fs (loop0): mounted filesystem without journal. Opts: nodioread_nolock,jqfmt=vfsold,stripe=0x0000000000000000,noblock_validity,,errors=continue. Quota mode: none.
[   70.347091][ T3989] loop0: detected capacity change from 0 to 1024
[   70.440624][ T3614] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[   70.460744][ T3617] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[   70.481050][ T3651] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[   70.717839][ T3572] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[   70.720679][ T3617] usb 3-1: Using ep0 maxpacket: 32
[   70.730626][ T3614] usb 2-1: Using ep0 maxpacket: 8
[   70.890703][ T3614] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[   70.900700][ T3614] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x9 has invalid maxpacket 0
[   70.928504][ T3651] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023
[   70.939592][ T3651] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[   70.949912][ T3651] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[   70.960696][ T3572] usb 1-1: Using ep0 maxpacket: 8
[   71.080602][ T3572] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   71.090946][ T3572] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2
[   71.099816][ T3572] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[   71.100713][ T3614] usb 2-1: New USB device found, idVendor=7392, idProduct=d611, bcdDevice=e7.bb
[   71.120392][ T3617] usb 3-1: New USB device found, idVendor=0cf2, idProduct=6250, bcdDevice=10.ae
[   71.123282][ T3572] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[   71.129750][ T3617] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   71.146991][ T3572] usb 1-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[   71.149677][ T3614] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   71.158703][ T3572] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   71.166320][ T3651] usb 5-1: New USB device found, idVendor=1199, idProduct=b000, bcdDevice=e5.38
[   71.183382][ T3617] usb 3-1: Product: syz
[   71.187545][ T3617] usb 3-1: Manufacturer: syz
[   71.194028][ T1074] cfg80211: failed to load regulatory.db
[   71.195816][ T1389] ieee802154 phy0 wpan0: encryption failed: -22
[   71.195943][ T1389] ieee802154 phy1 wpan1: encryption failed: -22
[   71.215758][ T3614] usb 2-1: Product: syz
[   71.219918][ T3614] usb 2-1: Manufacturer: syz
[   71.224562][ T3651] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   71.232601][ T3614] usb 2-1: SerialNumber: syz
[   71.237619][ T3651] usb 5-1: Product: syz
[   71.243322][ T3614] usb 2-1: config 0 descriptor??
[   71.248401][ T3651] usb 5-1: Manufacturer: syz
[   71.251622][ T3572] hub 1-1:1.0: bad descriptor, ignoring hub
[   71.253255][ T3651] usb 5-1: SerialNumber: syz
[   71.263831][ T3617] usb 3-1: SerialNumber: syz
[   71.269161][ T3572] hub: probe of 1-1:1.0 failed with error -5
[   71.276397][ T3617] usb 3-1: config 0 descriptor??
[   71.299961][ T3572] cdc_wdm 1-1:1.0: skipping garbage
[   71.301481][ T3651] usb 5-1: config 0 descriptor??
[   71.318018][ T3572] cdc_wdm 1-1:1.0: skipping garbage
[   71.334080][ T3984] raw-gadget.2 gadget: fail, usb_ep_enable returned -22
[   71.346901][ T3572] cdc_wdm 1-1:1.0: cdc-wdm0: USB WDM device
[   71.347360][ T3617] ums_eneub6250 3-1:0.0: USB Mass Storage device detected
[   71.356364][ T3572] cdc_wdm 1-1:1.0: Unknown control protocol
[   71.504044][ T3703] usb 2-1: USB disconnect, device number 9
[   71.526933][ T3992] udc-core: couldn't find an available UDC or it's busy
[   71.541825][ T3617] usb 3-1: USB disconnect, device number 6
[   71.547976][ T3992] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[   71.590203][ T3572] usb 5-1: USB disconnect, device number 7
[   71.601862][ T3997] udc-core: couldn't find an available UDC or it's busy
[   71.618028][ T3997] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[   72.279051][ T4007] binder: 3998:4007 ioctl c0306201 0 returned -14
[   72.569575][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #140!!!
[   72.578931][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #40!!!
[   72.590478][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #82!!!
[   72.599545][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #82!!!
[   72.608575][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #82!!!
[   72.617560][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #82!!!
[   72.626570][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #82!!!
[   72.836697][ T4004] netlink: 4 bytes leftover after parsing attributes in process `syz.4.113'.
[   73.032599][   T26] kauditd_printk_skb: 175 callbacks suppressed
[   73.032612][   T26] audit: type=1326 audit(1724976672.299:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4019 comm="syz.2.116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbeec3bef9 code=0x7ffc0000
[   73.079428][ T4023] sch_fq: defrate 0 ignored.
[   73.095243][   T26] audit: type=1326 audit(1724976672.339:309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4019 comm="syz.2.116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fdbeec3bef9 code=0x7ffc0000
[   73.170223][   T26] audit: type=1326 audit(1724976672.339:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4019 comm="syz.2.116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbeec3bef9 code=0x7ffc0000
[   73.190631][ T3572] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[   73.201678][   T26] audit: type=1326 audit(1724976672.339:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4019 comm="syz.2.116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fdbeec3bef9 code=0x7ffc0000
[   73.233310][   T26] audit: type=1326 audit(1724976672.339:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4019 comm="syz.2.116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbeec3bef9 code=0x7ffc0000
[   73.239895][ T4026] loop2: detected capacity change from 0 to 1024
[   73.261345][   T26] audit: type=1326 audit(1724976672.339:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4019 comm="syz.2.116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=295 compat=0 ip=0x7fdbeec3bef9 code=0x7ffc0000
[   73.294808][   T26] audit: type=1326 audit(1724976672.339:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4019 comm="syz.2.116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbeec3bef9 code=0x7ffc0000
[   73.324383][   T26] audit: type=1326 audit(1724976672.339:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4019 comm="syz.2.116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fdbeec3bef9 code=0x7ffc0000
[   73.363631][   T26] audit: type=1326 audit(1724976672.339:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4019 comm="syz.2.116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbeec3bef9 code=0x7ffc0000
[   73.390144][   T26] audit: type=1326 audit(1724976672.339:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4019 comm="syz.2.116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=64 compat=0 ip=0x7fdbeec3bef9 code=0x7ffc0000
[   73.464426][ T3572] usb 2-1: Using ep0 maxpacket: 8
[   73.511494][ T3650] usb 1-1: USB disconnect, device number 8
[   73.600765][ T3572] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 69, changing to 10
[   73.619447][ T3572] usb 2-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[   73.839622][ T3874] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[   73.870618][ T3572] usb 2-1: string descriptor 0 read error: -22
[   73.876892][ T3572] usb 2-1: New USB device found, idVendor=05ac, idProduct=0252, bcdDevice= 0.40
[   73.887141][ T3572] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   73.945706][ T3572] input: bcm5974 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/input/input9
[   73.960526][ T3650] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[   74.272714][ T4042] binder: 4039:4042 ioctl c0306201 0 returned -14
[   74.282832][ T3650] usb 1-1: Using ep0 maxpacket: 16
[   74.481774][ T3650] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   74.518588][ T3650] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   74.542694][ T3874] usb 3-1: New USB device found, idVendor=055f, idProduct=c420, bcdDevice=45.87
[   74.588174][ T4015] udc-core: couldn't find an available UDC or it's busy
[   74.624861][ T3874] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   74.648473][ T4015] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[   74.679730][ T3650] usb 1-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00
[   74.727623][ T3874] usb 3-1: Product: syz
[   74.768546][ T3874] usb 3-1: Manufacturer: syz
[   74.775373][ T3650] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   74.786004][ T3874] usb 3-1: SerialNumber: syz
[   74.798288][ T3874] usb 3-1: config 0 descriptor??
[   74.804600][ T3650] usb 1-1: config 0 descriptor??
[   74.842028][ T3874] gspca_main: sunplus-2.14.0 probing 055f:c420
[   74.967165][ T4015] udc-core: couldn't find an available UDC or it's busy
[   74.975256][ T4015] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[   74.984641][ T4015] udc-core: couldn't find an available UDC or it's busy
[   74.991609][ T4015] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[   75.000930][ T4015] udc-core: couldn't find an available UDC or it's busy
[   75.008089][ T4015] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[   75.032195][ T3012] bcm5974 2-1:1.0: could not write to device
[   75.050249][ T3572] usb 2-1: USB disconnect, device number 10
[   75.060706][ T3874] gspca_sunplus: reg_w_riv err -71
[   75.060948][ T3012] bcm5974 2-1:1.0: could not read from device
[   75.065892][ T3874] sunplus: probe of 3-1:0.0 failed with error -71
[   75.080013][ T3874] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[   75.080108][ T3560] bcm5974 2-1:1.0: could not read from device
[   75.101211][ T3874] usb 3-1: USB disconnect, device number 7
[   75.121046][ T3560] udevd[3560]: Error opening device "/dev/input/event4": No such file or directory
[   75.131090][ T3560] udevd[3560]: Unable to EVIOCGABS device "/dev/input/event4"
[   75.138752][ T3560] udevd[3560]: Unable to EVIOCGABS device "/dev/input/event4"
[   75.146805][ T3560] udevd[3560]: Unable to EVIOCGABS device "/dev/input/event4"
[   75.154749][ T3560] udevd[3560]: Unable to EVIOCGABS device "/dev/input/event4"
[   75.262196][   T23] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[   75.292184][ T3650] hid-multitouch 0003:1FD2:6007.0008: unknown main item tag 0x0
[   75.300170][ T3650] hid-multitouch 0003:1FD2:6007.0008: unknown main item tag 0x0
[   75.311029][ T3650] hid-multitouch 0003:1FD2:6007.0008: item fetching failed at offset 4/5
[   75.319670][ T3650] hid-multitouch: probe of 0003:1FD2:6007.0008 failed with error -22
[   75.619541][ T4051] netlink: 4 bytes leftover after parsing attributes in process `syz.1.127'.
[   75.694618][ T4053] sch_fq: defrate 0 ignored.
[   75.695746][   T23] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[   75.703030][ T3618] usb 1-1: USB disconnect, device number 9
[   75.708217][   T23] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[   75.733208][   T23] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[   75.750072][   T23] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[   75.765986][   T23] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[   75.925212][   T23] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[   75.934605][   T23] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[   75.942644][   T23] usb 5-1: Product: syz
[   75.946823][   T23] usb 5-1: Manufacturer: syz
[   75.994805][   T23] cdc_wdm 5-1:1.0: skipping garbage
[   76.000046][   T23] cdc_wdm 5-1:1.0: skipping garbage
[   76.006572][   T23] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[   76.012860][   T23] cdc_wdm 5-1:1.0: Unknown control protocol
[   76.080667][ T3572] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[   76.330537][ T3572] usb 3-1: Using ep0 maxpacket: 32
[   76.480774][ T3572] usb 3-1: config 0 has no interfaces?
[   76.680745][ T3572] usb 3-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[   76.689964][ T3572] usb 3-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[   76.698526][ T3572] usb 3-1: Product: syz
[   76.703316][ T3572] usb 3-1: Manufacturer: syz
[   76.707988][ T3572] usb 3-1: SerialNumber: syz
[   76.714613][ T3572] usb 3-1: config 0 descriptor??
[   76.977481][   T23] usb 3-1: USB disconnect, device number 8
[   77.566972][   T23] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[   77.798345][ T4085] netlink: 4 bytes leftover after parsing attributes in process `syz.1.138'.
[   77.820565][   T23] usb 3-1: Using ep0 maxpacket: 32
[   77.960575][   T23] usb 3-1: config 0 has no interfaces?
[   77.990319][ T3618] usb 5-1: USB disconnect, device number 8
[   78.056057][ T4088] sch_fq: defrate 0 ignored.
[   78.131921][   T23] usb 3-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[   78.148043][   T26] kauditd_printk_skb: 122 callbacks suppressed
[   78.148055][   T26] audit: type=1326 audit(1724976677.409:440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4091 comm="syz.0.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00c1c09ef9 code=0x7ffc0000
[   78.181092][   T26] audit: type=1326 audit(1724976677.439:441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4091 comm="syz.0.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f00c1c09ef9 code=0x7ffc0000
[   78.182592][   T23] usb 3-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[   78.238735][ T4097] loop4: detected capacity change from 0 to 1024
[   78.264771][   T26] audit: type=1326 audit(1724976677.439:442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4091 comm="syz.0.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00c1c09ef9 code=0x7ffc0000
[   78.306650][   T23] usb 3-1: Product: syz
[   78.308309][   T26] audit: type=1326 audit(1724976677.439:443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4091 comm="syz.0.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f00c1c09ef9 code=0x7ffc0000
[   78.338654][   T26] audit: type=1326 audit(1724976677.439:444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4091 comm="syz.0.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00c1c09ef9 code=0x7ffc0000
[   78.340399][   T23] usb 3-1: Manufacturer: syz
[   78.387348][   T26] audit: type=1326 audit(1724976677.439:445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4091 comm="syz.0.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=295 compat=0 ip=0x7f00c1c09ef9 code=0x7ffc0000
[   78.438740][   T23] usb 3-1: SerialNumber: syz
[   78.454663][   T26] audit: type=1326 audit(1724976677.439:446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4091 comm="syz.0.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00c1c09ef9 code=0x7ffc0000
[   78.482151][   T26] audit: type=1326 audit(1724976677.439:447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4091 comm="syz.0.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f00c1c09ef9 code=0x7ffc0000
[   78.504398][   T26] audit: type=1326 audit(1724976677.439:448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4091 comm="syz.0.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00c1c09ef9 code=0x7ffc0000
[   78.527296][   T26] audit: type=1326 audit(1724976677.439:449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4091 comm="syz.0.141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=64 compat=0 ip=0x7f00c1c09ef9 code=0x7ffc0000
[   78.588300][   T23] usb 3-1: config 0 descriptor??
[   78.617232][ T4108] loop1: detected capacity change from 0 to 512
[   78.875264][ T4108] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   79.271375][ T4108] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2815: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   79.273925][   T23] usb 3-1: USB disconnect, device number 9
[   79.286989][ T4108] EXT4-fs (loop1): 1 truncate cleaned up
[   79.303165][ T4108] EXT4-fs (loop1): mounted filesystem without journal. Opts: noload,resuid=0x000000000000ee01,debug_want_extra_isize=0x0000000000000068,lazytime,block_validity,quota,,errors=continue. Quota mode: writeback.
[   79.465913][ T4119] sch_fq: defrate 0 ignored.
[   79.490109][ T4121] netlink: 20 bytes leftover after parsing attributes in process `syz.1.150'.
[   79.528331][ T4121] netlink: 20 bytes leftover after parsing attributes in process `syz.1.150'.
[   79.688535][ T4125] loop1: detected capacity change from 0 to 1024
[   79.948152][ T4117] Cannot find set identified by id 0 to match
[   79.964422][ T4117] loop2: detected capacity change from 0 to 1024
[   80.013719][ T4117] EXT4-fs (loop2): Quota format mount options ignored when QUOTA feature is enabled
[   80.023344][ T4117] EXT4-fs (loop2): Ignoring removed nomblk_io_submit option
[   80.030671][ T4117] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   80.061079][ T4117] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[   80.074483][ T4117] System zones: 0-1, 3-36
[   80.080012][ T4117] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,delalloc,resuid=0x0000000000000000,debug,dioread_nolock,jqfmt=vfsold,nomblk_io_submit,noauto_da_alloc,,errors=continue. Quota mode: writeback.
[   80.117673][ T4117] EXT4-fs (loop2): shut down requested (0)
[   80.128388][ T4142] netlink: 4 bytes leftover after parsing attributes in process `syz.3.158'.
[   80.137798][   T23] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[   80.200761][ T3617] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[   80.261981][ T3874] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[   80.291655][ T4144] loop3: detected capacity change from 0 to 8192
[   80.386405][ T4148] loop2: detected capacity change from 0 to 128
[   80.402973][   T23] usb 1-1: Using ep0 maxpacket: 32
[   80.436402][ T4148] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[   80.450707][ T3617] usb 2-1: Using ep0 maxpacket: 16
[   80.500956][ T4148] loop2: detected capacity change from 128 to 64
[   80.529758][ T3571] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 0, start 202e2020)
[   80.540489][ T3874] usb 5-1: Using ep0 maxpacket: 32
[   80.551842][   T23] usb 1-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[   80.570777][ T3617] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   80.575516][ T3571] FAT-fs (loop2): Filesystem has been set read-only
[   80.590893][   T23] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   80.592166][ T3617] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   80.601964][   T23] usb 1-1: config 0 descriptor??
[   80.620617][ T3617] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[   80.630320][ T3571] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 0, start 202e2020)
[   80.657609][ T3617] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[   80.667913][ T3617] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   80.726461][ T3617] usb 2-1: config 0 descriptor??
[   80.799327][   T23] gspca_main: vc032x-2.14.0 probing 0ac8:0321
[   81.051144][ T3874] usb 5-1: New USB device found, idVendor=0cde, idProduct=0023, bcdDevice=21.32
[   81.090247][ T3874] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   81.139403][ T3874] usb 5-1: Product: syz
[   81.164571][ T3874] usb 5-1: Manufacturer: syz
[   81.197244][ T3874] usb 5-1: SerialNumber: syz
[   81.311683][ T3874] usb 5-1: config 0 descriptor??
[   81.473739][ T3617] microsoft 0003:045E:07DA.0009: unknown main item tag 0x0
[   81.481900][ T3617] microsoft 0003:045E:07DA.0009: unknown main item tag 0x0
[   81.544486][  T144] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   81.557709][ T3617] microsoft 0003:045E:07DA.0009: unknown main item tag 0x0
[   81.565718][ T3617] microsoft 0003:045E:07DA.0009: unknown main item tag 0x0
[   81.573020][ T3617] microsoft 0003:045E:07DA.0009: unknown main item tag 0x0
[   81.580235][ T3617] microsoft 0003:045E:07DA.0009: unknown main item tag 0x0
[   81.600553][ T3617] microsoft 0003:045E:07DA.0009: unknown main item tag 0x0
[   81.607775][ T3617] microsoft 0003:045E:07DA.0009: unknown main item tag 0x0
[   81.616163][ T3617] microsoft 0003:045E:07DA.0009: unknown main item tag 0x0
[   81.624119][ T3617] microsoft 0003:045E:07DA.0009: unknown main item tag 0x0
[   81.644549][ T3617] input: HID 045e:07da as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:045E:07DA.0009/input/input10
[   81.716714][  T144] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   81.776617][ T3874] usb 5-1: reset high-speed USB device number 9 using dummy_hcd
[   81.801470][ T3617] microsoft 0003:045E:07DA.0009: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0
[   81.843352][ T3617] usb 2-1: USB disconnect, device number 11
[   81.863404][  T144] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   82.011045][  T144] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   82.222407][ T4160] chnl_net:caif_netlink_parms(): no params data found
[   82.273697][ T4166] loop1: detected capacity change from 0 to 512
[   82.387678][ T4166] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpquota,min_batch_time=0x0000000000000029,minixdf,,errors=continue. Quota mode: writeback.
[   82.424574][ T4166] ext4 filesystem being mounted at /36/bus supports timestamps until 2038 (0x7fffffff)
[   82.629981][ T4160] bridge0: port 1(bridge_slave_0) entered blocking state
[   82.681206][ T3874] usb 5-1: USB disconnect, device number 9
[   82.690114][ T4160] bridge0: port 1(bridge_slave_0) entered disabled state
[   82.717626][ T4160] device bridge_slave_0 entered promiscuous mode
[   82.754658][ T4182] netlink: 4 bytes leftover after parsing attributes in process `syz.1.169'.
[   82.773460][ T4160] bridge0: port 2(bridge_slave_1) entered blocking state
[   82.791050][ T4160] bridge0: port 2(bridge_slave_1) entered disabled state
[   82.808446][ T4160] device bridge_slave_1 entered promiscuous mode
[   82.838024][ T4197] loop4: detected capacity change from 0 to 1024
[   82.876010][ T4160] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   82.910641][ T4160] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   82.997120][ T4160] team0: Port device team_slave_0 added
[   83.017312][ T4160] team0: Port device team_slave_1 added
[   83.056805][ T4160] batman_adv: batadv0: Adding interface: batadv_slave_0
[   83.073157][ T4160] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   83.128193][ T4160] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   83.141027][ T4160] batman_adv: batadv0: Adding interface: batadv_slave_1
[   83.148048][ T4160] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   83.174457][ T4160] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   83.494051][ T4160] device hsr_slave_0 entered promiscuous mode
[   83.507533][ T4160] device hsr_slave_1 entered promiscuous mode
[   83.521530][   T26] kauditd_printk_skb: 106 callbacks suppressed
[   83.521543][   T26] audit: type=1800 audit(1724976682.579:556): pid=4207 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.171" name="file1" dev="loop4" ino=26 res=0 errno=0
[   83.590266][ T4160] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   83.598416][ T4160] Cannot create hsr debugfs directory
[   83.689662][ T4212] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   83.809064][ T4212] loop1: detected capacity change from 0 to 1764
[   83.895648][ T4218] loop4: detected capacity change from 0 to 128
[   83.920541][ T3874] Bluetooth: hci3: command 0x0409 tx timeout
[   83.939346][ T4212] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4091629214 (65466067424 ns) > initial count (185248 ns). Using initial count to start timer.
[   83.986102][ T4218] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[   83.991640][ T4212] loop1: detected capacity change from 0 to 1024
[   84.034387][ T4212] EXT4-fs (loop1): test_dummy_encryption requires encrypt feature
[   84.056624][   T26] audit: type=1800 audit(1724976683.319:557): pid=4218 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.173" name="bus" dev="loop4" ino=1048649 res=0 errno=0
[   84.101621][ T4218] loop4: detected capacity change from 128 to 64
[   84.157257][ T3568] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 0, start 202e2020)
[   84.184404][ T3568] FAT-fs (loop4): Filesystem has been set read-only
[   84.193118][ T3568] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 0, start 202e2020)
[   84.315941][ T4224] sch_fq: defrate 0 ignored.
[   84.750975][   T23] gspca_vc032x: reg_r err -71
[   84.775842][   T23] gspca_vc032x: I2c Bus Busy Wait 00
[   84.942636][   T23] gspca_vc032x: I2c Bus Busy Wait 00
[   85.033120][   T23] gspca_vc032x: I2c Bus Busy Wait 00
[   85.109782][   T23] gspca_vc032x: I2c Bus Busy Wait 00
[   85.202362][   T23] gspca_vc032x: I2c Bus Busy Wait 00
[   85.306976][   T23] gspca_vc032x: I2c Bus Busy Wait 00
[   85.312735][   T23] gspca_vc032x: I2c Bus Busy Wait 00
[   85.318110][   T23] gspca_vc032x: I2c Bus Busy Wait 00
[   85.323796][   T23] gspca_vc032x: I2c Bus Busy Wait 00
[   85.329177][   T23] gspca_vc032x: I2c Bus Busy Wait 00
[   85.334861][   T23] gspca_vc032x: I2c Bus Busy Wait 00
[   85.340356][   T23] gspca_vc032x: I2c Bus Busy Wait 00
[   85.355662][   T23] gspca_vc032x: I2c Bus Busy Wait 00
[   85.365039][   T23] gspca_vc032x: I2c Bus Busy Wait 00
[   85.377926][   T23] gspca_vc032x: I2c Bus Busy Wait 00
[   85.385212][   T23] gspca_vc032x: I2c Bus Busy Wait 00
[   85.397146][   T23] gspca_vc032x: I2c Bus Busy Wait 00
[   85.403227][   T23] gspca_vc032x: Unknown sensor...
[   85.420032][   T23] vc032x: probe of 1-1:0.0 failed with error -22
[   85.433940][   T23] usb 1-1: USB disconnect, device number 10
[   85.751912][  T144] device hsr_slave_0 left promiscuous mode
[   85.810819][ T3617] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[   85.855396][  T144] device hsr_slave_1 left promiscuous mode
[   85.991811][  T144] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   86.070873][ T3617] usb 2-1: Using ep0 maxpacket: 16
[   86.134123][ T3874] Bluetooth: hci3: command 0x041b tx timeout
[   86.148009][  T144] batman_adv: batadv0: Removing interface: batadv_slave_0
[   86.189482][  T144] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   86.199611][  T144] batman_adv: batadv0: Removing interface: batadv_slave_1
[   86.214833][  T144] device bridge_slave_1 left promiscuous mode
[   86.225986][  T144] bridge0: port 2(bridge_slave_1) entered disabled state
[   86.241261][ T3617] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   86.269546][ T3617] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   86.281102][ T3617] usb 2-1: New USB device found, idVendor=1b96, idProduct=0008, bcdDevice= 0.00
[   86.291425][ T3617] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   86.306320][ T3617] usb 2-1: config 0 descriptor??
[   86.331588][  T144] device bridge_slave_0 left promiscuous mode
[   86.337870][  T144] bridge0: port 1(bridge_slave_0) entered disabled state
[   86.388663][  T144] device veth1_macvtap left promiscuous mode
[   86.396522][  T144] device veth0_macvtap left promiscuous mode
[   86.402857][  T144] device veth1_vlan left promiscuous mode
[   86.409085][  T144] device veth0_vlan left promiscuous mode
[   86.684018][  T144] team0 (unregistering): Port device team_slave_1 removed
[   86.700106][  T144] team0 (unregistering): Port device team_slave_0 removed
[   86.735295][  T144] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   86.755461][  T144] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   86.793361][ T3617] ntrig 0003:1B96:0008.000A: item fetching failed at offset 5/7
[   86.814439][ T3617] ntrig 0003:1B96:0008.000A: parse failed
[   86.820199][ T3617] ntrig: probe of 0003:1B96:0008.000A failed with error -22
[   86.885745][  T144] bond0 (unregistering): Released all slaves
[   86.997198][ T3568] syz-executor (3568) used greatest stack depth: 18744 bytes left
[   87.054609][ T4248] udc-core: couldn't find an available UDC or it's busy
[   87.078132][ T4248] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[   87.102779][ T3618] usb 2-1: USB disconnect, device number 12
[   87.164682][ T4160] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   87.178196][ T4160] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   87.204434][ T4160] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   87.230979][ T4260] loop3: detected capacity change from 0 to 128
[   87.251061][ T4160] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   87.306744][ T4260] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[   87.360708][   T26] audit: type=1800 audit(1724976686.619:558): pid=4260 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.183" name="bus" dev="loop3" ino=1048656 res=0 errno=0
[   87.441303][ T4260] loop3: detected capacity change from 128 to 64
[   87.543286][ T3569] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 0, start 202e2020)
[   87.545055][ T4160] 8021q: adding VLAN 0 to HW filter on device bond0
[   87.578549][ T3569] FAT-fs (loop3): Filesystem has been set read-only
[   87.590313][ T3768] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   87.604442][ T3768] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   87.612526][ T3569] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 0, start 202e2020)
[   87.616753][ T4160] 8021q: adding VLAN 0 to HW filter on device team0
[   87.692740][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   87.707910][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   87.764626][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[   87.772038][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[   87.785896][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   87.795421][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   87.810083][    T9] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.817200][    T9] bridge0: port 2(bridge_slave_1) entered forwarding state
[   87.832810][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   87.846074][ T4275] sch_fq: defrate 0 ignored.
[   87.936951][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   87.955331][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   87.967659][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   87.978574][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   87.996400][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   88.009441][ T4287] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[   88.013799][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   88.069109][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   88.106273][ T4160] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   88.117436][ T4160] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   88.129876][ T1246] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   88.143100][ T1246] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   88.152094][   T23] Bluetooth: hci3: command 0x040f tx timeout
[   88.158971][ T1246] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   88.186747][ T1246] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   88.235154][ T1246] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   88.510259][ T4264] chnl_net:caif_netlink_parms(): no params data found
[   89.206154][ T3717] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   89.228935][ T3717] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   89.339159][ T4160] 8021q: adding VLAN 0 to HW filter on device batadv0
[   89.534825][ T3703] Bluetooth: hci0: command 0x0409 tx timeout
[   90.244385][ T1077] Bluetooth: hci3: command 0x0419 tx timeout
[   90.407959][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   90.446892][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   90.472286][ T4327] loop1: detected capacity change from 0 to 1024
[   90.640795][ T4264] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.679660][ T4264] bridge0: port 1(bridge_slave_0) entered disabled state
[   90.702312][ T4264] device bridge_slave_0 entered promiscuous mode
[   90.742448][ T1246] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   90.763622][ T1246] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   90.785161][ T4264] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.820954][ T4264] bridge0: port 2(bridge_slave_1) entered disabled state
[   90.837079][ T4338] loop1: detected capacity change from 0 to 512
[   90.841527][ T4264] device bridge_slave_1 entered promiscuous mode
[   90.918069][ T1246] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   90.929980][ T1246] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   90.942875][ T4338] EXT4-fs (loop1): Unrecognized mount option "seclabel" or missing value
[   90.961811][ T4160] device veth0_vlan entered promiscuous mode
[   91.009977][ T4160] device veth1_vlan entered promiscuous mode
[   91.021371][ T4264] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   91.063611][ T4338] loop1: detected capacity change from 0 to 8
[   91.070064][ T4338] squashfs: Unknown parameter '0xffffffffffffffff����.Q��d�躧W�'
[   91.114434][ T4264] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   91.199433][ T4310] chnl_net:caif_netlink_parms(): no params data found
[   91.407321][ T3572] Bluetooth: hci1: command 0x0409 tx timeout
[   91.440532][ T3768] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   91.451852][ T3768] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   91.494519][ T3768] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   94.714498][ T3768] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   94.722649][ T3572] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[   94.753693][ T1077] Bluetooth: hci0: command 0x041b tx timeout
[   94.773756][ T4264] team0: Port device team_slave_0 added
[   94.800919][ T3614] Bluetooth: hci1: command 0x041b tx timeout
[   94.852742][ T4264] team0: Port device team_slave_1 added
[   94.860169][ T4160] device veth0_macvtap entered promiscuous mode
[   95.634962][ T4372] hub 6-0:1.0: USB hub found
[   95.643120][ T4372] hub 6-0:1.0: 1 port detected
[   95.662335][ T3768] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   96.205739][ T4310] bridge0: port 1(bridge_slave_0) entered blocking state
[   96.213911][ T4310] bridge0: port 1(bridge_slave_0) entered disabled state
[   96.222536][ T4310] device bridge_slave_0 entered promiscuous mode
[   96.233171][ T4310] bridge0: port 2(bridge_slave_1) entered blocking state
[   96.240311][ T4310] bridge0: port 2(bridge_slave_1) entered disabled state
[   96.248847][ T4310] device bridge_slave_1 entered promiscuous mode
[   96.261579][ T4160] device veth1_macvtap entered promiscuous mode
[   96.307137][ T4376] loop1: detected capacity change from 0 to 128
[   96.367529][ T4264] batman_adv: batadv0: Adding interface: batadv_slave_0
[   96.375212][ T4264] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   96.404525][ T4264] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   96.415721][ T4378] loop0: detected capacity change from 0 to 128
[   96.444574][ T4264] batman_adv: batadv0: Adding interface: batadv_slave_1
[   96.455610][ T4264] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   96.540873][ T4264] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   96.581744][  T144] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   96.595951][ T4160] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   96.608180][ T4160] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   96.618618][ T4160] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   96.635628][ T4160] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   96.646100][ T4160] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   96.656817][ T4160] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   96.667074][ T4160] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   96.677772][ T4160] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   96.689508][ T4160] batman_adv: batadv0: Interface activated: batadv_slave_0
[   96.704047][ T4310] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   96.718395][ T4376] kvm [4375]: vcpu0, guest rIP: 0x1be ignored wrmsr: 0x11e data 0xfe000000a0
[   96.728907][ T3717] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   96.747308][ T3717] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   96.764323][ T4383] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   96.782228][ T4383] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   96.789622][ T4383] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   96.797515][ T1077] Bluetooth: hci0: command 0x040f tx timeout
[   96.860149][ T4160] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   96.871092][ T1077] Bluetooth: hci1: command 0x040f tx timeout
[   96.900371][ T4160] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   96.913994][ T4160] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   96.925378][ T4160] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   96.935502][ T4160] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   96.947989][ T4160] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   96.971027][ T4160] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   96.983343][ T4160] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   97.002828][ T4160] batman_adv: batadv0: Interface activated: batadv_slave_1
[   97.012258][ T4310] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   97.024940][ T3717] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   97.039095][ T3717] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   97.098315][ T4310] team0: Port device team_slave_0 added
[   97.131927][ T4264] device hsr_slave_0 entered promiscuous mode
[   97.142871][ T4264] device hsr_slave_1 entered promiscuous mode
[   97.150042][ T4264] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   97.176465][ T4264] Cannot create hsr debugfs directory
[   97.196752][  T144] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   97.213072][ T4160] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   97.222716][ T4160] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   97.231916][ T4160] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   97.241930][ T4160] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   97.276825][ T4310] team0: Port device team_slave_1 added
[   97.357737][  T144] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   97.387156][ T4310] batman_adv: batadv0: Adding interface: batadv_slave_0
[   97.400554][ T4310] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   97.453722][ T4310] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   97.526491][  T144] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   97.557131][ T4310] batman_adv: batadv0: Adding interface: batadv_slave_1
[   97.575535][ T4310] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   97.612365][ T4310] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   97.803703][ T3768] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.823656][ T4310] device hsr_slave_0 entered promiscuous mode
[   97.839374][ T3768] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   97.881210][ T4310] device hsr_slave_1 entered promiscuous mode
[   97.890217][ T4310] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   97.906160][ T4310] Cannot create hsr debugfs directory
[   97.926162][ T3768] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   98.012050][  T144] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.057500][ T1246] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   98.074096][ T1246] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   98.098252][  T144] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.146613][ T3768] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   98.246926][  T144] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.313122][   T26] audit: type=1326 audit(1724976697.579:559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4400 comm="syz.2.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadcdd79ef9 code=0x7ffc0000
[   98.378042][  T144] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.379980][   T26] audit: type=1326 audit(1724976697.579:560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4400 comm="syz.2.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fadcdd79ef9 code=0x7ffc0000
[   98.531852][   T26] audit: type=1326 audit(1724976697.579:561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4400 comm="syz.2.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadcdd79ef9 code=0x7ffc0000
[   98.610481][   T26] audit: type=1326 audit(1724976697.579:562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4400 comm="syz.2.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadcdd79ef9 code=0x7ffc0000
[   98.735892][   T26] audit: type=1326 audit(1724976697.579:563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4400 comm="syz.2.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fadcdd79ef9 code=0x7ffc0000
[   98.796317][   T26] audit: type=1326 audit(1724976697.579:564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4400 comm="syz.2.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadcdd79ef9 code=0x7ffc0000
[   98.856105][   T26] audit: type=1326 audit(1724976697.599:565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4400 comm="syz.2.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadcdd79ef9 code=0x7ffc0000
[   98.871238][ T3617] Bluetooth: hci0: command 0x0419 tx timeout
[   98.909220][   T26] audit: type=1326 audit(1724976697.599:566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4400 comm="syz.2.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=295 compat=0 ip=0x7fadcdd79ef9 code=0x7ffc0000
[   98.960916][ T1077] Bluetooth: hci1: command 0x0419 tx timeout
[   98.987929][   T26] audit: type=1326 audit(1724976697.599:567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4400 comm="syz.2.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadcdd79ef9 code=0x7ffc0000
[   99.080573][   T26] audit: type=1326 audit(1724976697.599:568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4400 comm="syz.2.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fadcdd79ef9 code=0x7ffc0000
[   99.972497][ T4264] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  100.031642][ T4264] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  100.056092][ T4264] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  100.094003][ T4310] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  100.119859][ T4310] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  100.197709][ T4264] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  100.223356][ T4310] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  100.329574][ T4310] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  100.497676][ T4436] loop1: detected capacity change from 0 to 512
[  100.577594][  T144] device hsr_slave_0 left promiscuous mode
[  100.589161][  T144] device hsr_slave_1 left promiscuous mode
[  100.598962][  T144] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  100.618279][ T4436] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  100.624948][  T144] batman_adv: batadv0: Removing interface: batadv_slave_0
[  100.664305][ T4436] EXT4-fs (loop1): 1 truncate cleaned up
[  100.669962][ T4436] EXT4-fs (loop1): mounted filesystem without journal. Opts: nodioread_nolock,jqfmt=vfsold,stripe=0x0000000000000000,noblock_validity,,errors=continue. Quota mode: none.
[  100.709320][  T144] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  100.738700][  T144] batman_adv: batadv0: Removing interface: batadv_slave_1
[  100.791080][  T144] device bridge_slave_1 left promiscuous mode
[  100.797326][  T144] bridge0: port 2(bridge_slave_1) entered disabled state
[  100.833663][  T144] device bridge_slave_0 left promiscuous mode
[  100.839864][  T144] bridge0: port 1(bridge_slave_0) entered disabled state
[  100.861880][  T144] device hsr_slave_0 left promiscuous mode
[  100.868293][  T144] device hsr_slave_1 left promiscuous mode
[  100.886055][  T144] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  100.896297][  T144] batman_adv: batadv0: Removing interface: batadv_slave_0
[  100.910225][  T144] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  100.920199][  T144] batman_adv: batadv0: Removing interface: batadv_slave_1
[  100.933969][  T144] device bridge_slave_1 left promiscuous mode
[  100.945770][  T144] bridge0: port 2(bridge_slave_1) entered disabled state
[  100.959354][  T144] device bridge_slave_0 left promiscuous mode
[  100.970396][  T144] bridge0: port 1(bridge_slave_0) entered disabled state
[  100.998544][  T144] device veth1_macvtap left promiscuous mode
[  101.008116][  T144] device veth0_macvtap left promiscuous mode
[  101.020739][  T144] device veth1_vlan left promiscuous mode
[  101.026534][  T144] device veth0_vlan left promiscuous mode
[  101.044029][  T144] device veth1_macvtap left promiscuous mode
[  101.050057][  T144] device veth0_macvtap left promiscuous mode
[  101.064255][  T144] device veth1_vlan left promiscuous mode
[  101.070067][  T144] device veth0_vlan left promiscuous mode
[  101.458278][  T144] team0 (unregistering): Port device team_slave_1 removed
[  101.483318][  T144] team0 (unregistering): Port device team_slave_0 removed
[  101.498838][  T144] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  101.518508][  T144] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  101.583964][  T144] bond0 (unregistering): (slave batadv0): Releasing backup interface
[  101.623772][  T144] bond0 (unregistering): Released all slaves
[  101.723943][ T4447] loop0: detected capacity change from 0 to 4096
[  101.794438][ T4447] NILFS (loop0): invalid segment: Checksum error in segment payload
[  101.829807][ T4447] NILFS (loop0): trying rollback from an earlier position
[  101.897014][ T4447] NILFS (loop0): recovery complete
[  101.907410][  T144] team0 (unregistering): Port device team_slave_1 removed
[  101.924818][ T4448] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  101.945003][  T144] team0 (unregistering): Port device team_slave_0 removed
[  101.975537][  T144] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  102.016215][  T144] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  102.128105][ T4447] loop_set_status: loop0 () has still dirty pages (nrpages=2)
[  102.171286][  T144] bond0 (unregistering): Released all slaves
[  102.309788][ T4264] 8021q: adding VLAN 0 to HW filter on device bond0
[  102.414434][ T4310] 8021q: adding VLAN 0 to HW filter on device bond0
[  102.435705][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  102.454676][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  102.501324][ T4264] 8021q: adding VLAN 0 to HW filter on device team0
[  102.557171][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  102.569767][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  102.632216][ T4310] 8021q: adding VLAN 0 to HW filter on device team0
[  102.646928][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  102.666819][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  102.837534][  T154] bridge0: port 1(bridge_slave_0) entered blocking state
[  102.844689][  T154] bridge0: port 1(bridge_slave_0) entered forwarding state
[  102.984236][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  103.109379][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  103.225036][  T154] bridge0: port 2(bridge_slave_1) entered blocking state
[  103.232159][  T154] bridge0: port 2(bridge_slave_1) entered forwarding state
[  103.415033][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  103.436532][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  103.451483][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  103.460394][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  103.489447][  T154] bridge0: port 1(bridge_slave_0) entered blocking state
[  103.496635][  T154] bridge0: port 1(bridge_slave_0) entered forwarding state
[  103.508398][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  103.620510][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  103.629237][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  103.671455][ T1212] bridge0: port 2(bridge_slave_1) entered blocking state
[  103.678543][ T1212] bridge0: port 2(bridge_slave_1) entered forwarding state
[  103.721952][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  103.731508][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  103.749982][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  103.781456][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  103.813448][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  103.857653][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  103.883824][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  103.928129][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  103.959165][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  103.969764][ T4471] loop1: detected capacity change from 0 to 32768
[  103.978221][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  104.008131][ T4471] XFS: attr2 mount option is deprecated.
[  104.008906][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  104.076883][ T4264] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  104.130987][ T4471] XFS (loop1): Mounting V5 Filesystem
[  104.148213][ T4264] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  104.172085][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  104.212270][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  104.232438][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  104.312796][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  104.353946][ T4471] XFS (loop1): Ending clean mount
[  104.363334][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  104.389262][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  104.393271][ T4471] XFS (loop1): Quotacheck needed: Please wait.
[  104.417752][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  104.456722][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  104.469043][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  104.479487][ T4471] XFS (loop1): Quotacheck: Done.
[  104.486460][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  104.771145][ T3582] XFS (loop1): Unmounting Filesystem
[  104.896467][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  104.923522][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  104.981276][ T4310] 8021q: adding VLAN 0 to HW filter on device batadv0
[  104.998238][ T4264] 8021q: adding VLAN 0 to HW filter on device batadv0
[  105.034396][ T4506] loop0: detected capacity change from 0 to 32768
[  105.055538][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  105.066217][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  105.145958][ T3822] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  105.177373][ T3822] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  105.272404][ T1246] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  105.311150][ T1246] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  105.361233][ T1246] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  105.389909][ T4506] jfs: Unrecognized mount option "�����������	Z*��� m�.Dc�8�'�@��C9G�9���?�9�S�{�1��J���լ��5æ�Ԍ�����qq���Y�糔����" or missing value
[  105.401008][ T1246] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  105.426815][ T4310] device veth0_vlan entered promiscuous mode
[  105.471655][ T4310] device veth1_vlan entered promiscuous mode
[  105.542961][ T3822] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  105.562248][ T3822] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  105.603383][ T4310] device veth0_macvtap entered promiscuous mode
[  105.653168][ T3822] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  105.662985][ T3822] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  105.700398][ T4310] device veth1_macvtap entered promiscuous mode
[  105.750169][ T3822] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  105.781241][ T3822] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  105.818278][ T4310] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  105.860081][ T4310] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  105.904122][ T4310] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  105.950061][ T4310] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  105.994895][ T4310] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  106.024858][ T4551] loop0: detected capacity change from 0 to 512
[  106.045508][ T4310] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  106.084284][ T4310] batman_adv: batadv0: Interface activated: batadv_slave_0
[  106.120252][ T3717] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  106.138976][ T3717] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  106.152787][ T4551] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  106.210025][ T3717] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  106.227151][ T4551] EXT4-fs (loop0): 1 truncate cleaned up
[  106.250457][ T4551] EXT4-fs (loop0): mounted filesystem without journal. Opts: nodioread_nolock,jqfmt=vfsold,stripe=0x0000000000000000,noblock_validity,,errors=continue. Quota mode: none.
[  106.269843][ T3717] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  106.283924][ T4310] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  106.319652][ T4310] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  106.355042][ T4310] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  106.390171][ T4310] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  106.401065][ T4310] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  106.411857][ T4310] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  106.423090][ T4310] batman_adv: batadv0: Interface activated: batadv_slave_1
[  106.459831][ T4310] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  106.489494][ T4310] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  106.498507][ T4310] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  106.508560][ T4310] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  106.671744][ T3717] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  106.682593][ T4557] loop1: detected capacity change from 0 to 16
[  106.686948][ T3717] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  106.721387][ T3717] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  106.754065][ T3717] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  106.782724][ T4264] device veth0_vlan entered promiscuous mode
[  106.798139][ T4557] erofs: (device loop1): mounted with root inode @ nid 36.
[  106.807986][ T4557] erofs: (device loop1): find_target_block_classic: corrupted dir block 0 @ nid 36
[  106.896841][ T3717] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  106.907572][ T3717] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  106.940371][ T4560] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  106.963267][ T4264] device veth1_vlan entered promiscuous mode
[  107.039006][   T26] kauditd_printk_skb: 71 callbacks suppressed
[  107.039017][   T26] audit: type=1326 audit(1724976706.299:640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4563 comm="syz.1.226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1743b85ef9 code=0x7ffc0000
[  107.151150][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  107.159656][ T1212] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  107.176333][   T26] audit: type=1326 audit(1724976706.299:641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4563 comm="syz.1.226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1743b85ef9 code=0x7ffc0000
[  107.234516][ T4264] device veth0_macvtap entered promiscuous mode
[  107.253510][   T26] audit: type=1326 audit(1724976706.339:642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4563 comm="syz.1.226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f1743b85ef9 code=0x7ffc0000
[  107.277685][  T154] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  107.322873][ T4264] device veth1_macvtap entered promiscuous mode
[  107.331883][  T154] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  107.373392][ T3822] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  107.384278][ T3822] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  107.403897][   T26] audit: type=1326 audit(1724976706.339:643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4563 comm="syz.1.226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1743b85ef9 code=0x7ffc0000
[  107.446718][ T3822] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  107.487379][  T154] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  107.527695][ T4264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  107.535763][  T154] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  107.576108][   T26] audit: type=1326 audit(1724976706.339:644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4563 comm="syz.1.226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1743b85ef9 code=0x7ffc0000
[  107.601990][ T4264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  107.630466][ T4264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  107.661605][   T26] audit: type=1326 audit(1724976706.339:645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4563 comm="syz.1.226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1743b85ef9 code=0x7ffc0000
[  107.675585][ T4264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  107.735200][ T4264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  107.758776][ T4264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  107.785457][   T26] audit: type=1326 audit(1724976706.339:646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4563 comm="syz.1.226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1743b85ef9 code=0x7ffc0000
[  107.824998][ T4264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  107.855028][ T3703] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  107.890700][   T26] audit: type=1326 audit(1724976706.339:647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4563 comm="syz.1.226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1743b85ef9 code=0x7ffc0000
[  107.891910][ T4264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  107.920509][   T26] audit: type=1326 audit(1724976706.349:648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4563 comm="syz.1.226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=295 compat=0 ip=0x7f1743b85ef9 code=0x7ffc0000
[  108.076086][   T26] audit: type=1326 audit(1724976706.349:649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4563 comm="syz.1.226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1743b85ef9 code=0x7ffc0000
[  108.582227][ T4264] batman_adv: batadv0: Interface activated: batadv_slave_0
[  108.620745][ T3717] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  108.662128][ T3717] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  108.680378][ T3717] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  108.711617][ T4264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  108.753239][ T4264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  108.788392][ T3703] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  108.794320][ T4264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  108.812089][ T4586] loop0: detected capacity change from 0 to 512
[  108.836019][ T4264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  108.850116][ T4264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  108.863867][ T3703] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  108.865883][ T4264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  108.983915][ T3703] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  109.002348][ T4264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  109.274160][ T4264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  109.296942][ T3703] usb 2-1: config 0 descriptor??
[  109.325576][ T4264] batman_adv: batadv0: Interface activated: batadv_slave_1
[  109.335709][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  109.342494][ T3703] pwc: Askey VC010 type 2 USB webcam detected.
[  109.353853][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  109.365198][ T4586] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  109.377163][ T4264] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  109.389986][ T4586] EXT4-fs (loop0): 1 truncate cleaned up
[  109.405404][ T4264] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  109.415854][ T4586] EXT4-fs (loop0): mounted filesystem without journal. Opts: nodioread_nolock,jqfmt=vfsold,stripe=0x0000000000000000,noblock_validity,,errors=continue. Quota mode: none.
[  109.473988][ T4264] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  109.482989][ T4264] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  109.550645][ T3703] pwc: send_video_command error -71
[  109.555873][ T3703] pwc: Failed to set video mode CIF@30 fps; return code = -71
[  109.579644][ T3703] Philips webcam: probe of 2-1:0.0 failed with error -71
[  109.598969][ T3703] usb 2-1: USB disconnect, device number 13
[  109.710382][ T4596] loop2: detected capacity change from 0 to 16
[  109.757040][ T4596] erofs: (device loop2): mounted with root inode @ nid 36.
[  109.767950][ T4596] erofs: (device loop2): find_target_block_classic: corrupted dir block 0 @ nid 36
[  109.857025][ T4589] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  109.883214][ T3717] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  109.911367][ T4589] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  109.983123][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  110.004597][ T3717] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  110.078724][ T4589] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  110.240632][ T3703] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  110.325080][ T4613] loop4: detected capacity change from 0 to 1024
[  110.636001][ T3703] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  110.658324][ T3703] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  110.682140][ T4631] loop0: detected capacity change from 0 to 164
[  110.696516][ T4628] loop2: detected capacity change from 0 to 1024
[  110.703056][ T3703] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  110.741336][ T3703] usb 2-1: config 0 descriptor??
[  110.761530][  T144] hfsplus: b-tree write err: -5, ino 3
[  110.794355][ T3703] pwc: Askey VC010 type 2 USB webcam detected.
[  110.860810][ T3703] pwc: send_video_command error -71
[  110.868086][ T3703] pwc: Failed to set video mode CIF@30 fps; return code = -71
[  110.908001][ T4635] loop4: detected capacity change from 0 to 512
[  110.914631][ T3703] Philips webcam: probe of 2-1:0.0 failed with error -71
[  110.990929][ T3703] usb 2-1: USB disconnect, device number 14
[  111.026438][ T4635] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  111.143275][ T4635] EXT4-fs (loop4): 1 truncate cleaned up
[  111.188102][ T4635] EXT4-fs (loop4): mounted filesystem without journal. Opts: nodioread_nolock,jqfmt=vfsold,stripe=0x0000000000000000,noblock_validity,,errors=continue. Quota mode: none.
[  112.318339][   T26] kauditd_printk_skb: 527 callbacks suppressed
[  112.318352][   T26] audit: type=1326 audit(1724976711.579:1177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4630 comm="syz.0.243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00c1c09ef9 code=0x7fc00000
[  112.355982][   T26] audit: type=1326 audit(1724976711.619:1178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4630 comm="syz.0.243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00c1c09ef9 code=0x7fc00000
[  112.553398][   T26] audit: type=1326 audit(1724976711.619:1179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4630 comm="syz.0.243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00c1c09ef9 code=0x7fc00000
[  112.577109][ T4659] loop2: detected capacity change from 0 to 128
[  112.597255][   T26] audit: type=1326 audit(1724976711.619:1180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4630 comm="syz.0.243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00c1c09ef9 code=0x7fc00000
[  112.597294][   T26] audit: type=1326 audit(1724976711.619:1181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4630 comm="syz.0.243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00c1c09ef9 code=0x7fc00000
[  112.597323][   T26] audit: type=1326 audit(1724976711.619:1182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4630 comm="syz.0.243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00c1c09ef9 code=0x7fc00000
[  112.597352][   T26] audit: type=1326 audit(1724976711.619:1183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4630 comm="syz.0.243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00c1c09ef9 code=0x7fc00000
[  112.597381][   T26] audit: type=1326 audit(1724976711.619:1184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4630 comm="syz.0.243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00c1c09ef9 code=0x7fc00000
[  112.597411][   T26] audit: type=1326 audit(1724976711.619:1185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4630 comm="syz.0.243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00c1c09ef9 code=0x7fc00000
[  112.597440][   T26] audit: type=1326 audit(1724976711.619:1186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4630 comm="syz.0.243" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00c1c09ef9 code=0x7fc00000
[  112.612958][ T4660] loop4: detected capacity change from 0 to 512
[  112.716445][ T4660] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  112.743533][ T4660] EXT4-fs (loop4): invalid journal inode
[  112.743677][ T4660] EXT4-fs (loop4): can't get journal size
[  113.012765][ T4660] EXT4-fs (loop4): 1 truncate cleaned up
[  113.012791][ T4660] EXT4-fs (loop4): mounted filesystem without journal. Opts: norecovery,,errors=continue. Quota mode: none.
[  113.750325][ T4681] loop1: detected capacity change from 0 to 128
[  114.157545][ T3617] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  114.711414][ T3617] ==================================================================
[  114.719770][ T3617] BUG: KASAN: use-after-free in hci_ncmd_timeout+0x7c/0x200
[  114.727078][ T3617] Read of size 8 at addr ffff888015bf40a8 by task kworker/0:4/3617
[  114.734945][ T3617] 
[  114.737251][ T3617] CPU: 0 PID: 3617 Comm: kworker/0:4 Not tainted 5.15.165-syzkaller #0
[  114.745480][ T3617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  114.755512][ T3617] Workqueue: events hci_ncmd_timeout
[  114.760780][ T3617] Call Trace:
[  114.764045][ T3617]  <TASK>
[  114.766956][ T3617]  dump_stack_lvl+0x1e3/0x2d0
[  114.771618][ T3617]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  114.777248][ T3617]  ? _printk+0xd1/0x120
[  114.781395][ T3617]  ? __wake_up_klogd+0xcc/0x100
[  114.786232][ T3617]  ? panic+0x860/0x860
[  114.790280][ T3617]  ? _raw_spin_lock_irqsave+0xdd/0x120
[  114.795717][ T3617]  ? bt_err+0x123/0x170
[  114.799856][ T3617]  print_address_description+0x63/0x3b0
[  114.805396][ T3617]  ? hci_ncmd_timeout+0x7c/0x200
[  114.810327][ T3617]  kasan_report+0x16b/0x1c0
[  114.814816][ T3617]  ? hci_ncmd_timeout+0x7c/0x200
[  114.819740][ T3617]  kasan_check_range+0x27e/0x290
[  114.824665][ T3617]  hci_ncmd_timeout+0x7c/0x200
[  114.829417][ T3617]  process_one_work+0x8a1/0x10c0
[  114.834353][ T3617]  ? worker_detach_from_pool+0x260/0x260
[  114.839971][ T3617]  ? _raw_spin_lock_irqsave+0x120/0x120
[  114.845507][ T3617]  ? kthread_data+0x4e/0xc0
[  114.850009][ T3617]  ? wq_worker_running+0x97/0x170
[  114.855026][ T3617]  worker_thread+0xaca/0x1280
[  114.859713][ T3617]  kthread+0x3f6/0x4f0
[  114.863769][ T3617]  ? rcu_lock_release+0x20/0x20
[  114.868603][ T3617]  ? kthread_blkcg+0xd0/0xd0
[  114.873174][ T3617]  ret_from_fork+0x1f/0x30
[  114.877582][ T3617]  </TASK>
[  114.880578][ T3617] 
[  114.882886][ T3617] Allocated by task 3570:
[  114.887187][ T3617]  ____kasan_kmalloc+0xba/0xf0
[  114.891932][ T3617]  __kmalloc+0x168/0x300
[  114.896154][ T3617]  hci_alloc_dev_priv+0x23/0x1d60
[  114.901157][ T3617]  vhci_create_device+0x120/0x590
[  114.906164][ T3617]  vhci_write+0x382/0x430
[  114.910470][ T3617]  vfs_write+0xacd/0xe50
[  114.914689][ T3617]  ksys_write+0x1a2/0x2c0
[  114.918994][ T3617]  do_syscall_64+0x3b/0xb0
[  114.923387][ T3617]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  114.929258][ T3617] 
[  114.931562][ T3617] Freed by task 3570:
[  114.935515][ T3617]  kasan_set_track+0x4b/0x80
[  114.940083][ T3617]  kasan_set_free_info+0x1f/0x40
[  114.944996][ T3617]  ____kasan_slab_free+0xd8/0x120
[  114.949994][ T3617]  slab_free_freelist_hook+0xdd/0x160
[  114.955343][ T3617]  kfree+0xf1/0x270
[  114.959125][ T3617]  hci_release_dev+0x149e/0x1620
[  114.964042][ T3617]  bt_host_release+0x7f/0x90
[  114.968606][ T3617]  device_release+0x91/0x1c0
[  114.973173][ T3617]  kobject_put+0x224/0x460
[  114.977567][ T3617]  vhci_release+0x7b/0xc0
[  114.981874][ T3617]  __fput+0x3fe/0x8e0
[  114.985834][ T3617]  task_work_run+0x129/0x1a0
[  114.990399][ T3617]  do_exit+0x6a3/0x2480
[  114.994538][ T3617]  do_group_exit+0x144/0x310
[  114.999103][ T3617]  __x64_sys_exit_group+0x3b/0x40
[  115.004106][ T3617]  do_syscall_64+0x3b/0xb0
[  115.008503][ T3617]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  115.014374][ T3617] 
[  115.016677][ T3617] Last potentially related work creation:
[  115.022364][ T3617]  kasan_save_stack+0x36/0x60
[  115.027018][ T3617]  kasan_record_aux_stack+0xba/0x100
[  115.032279][ T3617]  insert_work+0x54/0x3e0
[  115.036585][ T3617]  __queue_work+0x963/0xd00
[  115.041062][ T3617]  call_timer_fn+0x16d/0x560
[  115.045627][ T3617]  __run_timers+0x6a8/0x890
[  115.050105][ T3617]  run_timer_softirq+0x63/0xf0
[  115.054848][ T3617]  handle_softirqs+0x3a7/0x930
[  115.059587][ T3617]  __irq_exit_rcu+0x157/0x240
[  115.064239][ T3617]  irq_exit_rcu+0x5/0x20
[  115.068455][ T3617]  sysvec_apic_timer_interrupt+0x91/0xb0
[  115.074068][ T3617]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[  115.080027][ T3617] 
[  115.082326][ T3617] Second to last potentially related work creation:
[  115.088883][ T3617]  kasan_save_stack+0x36/0x60
[  115.093539][ T3617]  kasan_record_aux_stack+0xba/0x100
[  115.098802][ T3617]  insert_work+0x54/0x3e0
[  115.103108][ T3617]  __queue_work+0x963/0xd00
[  115.107590][ T3617]  queue_work_on+0x14b/0x250
[  115.112154][ T3617]  hci_recv_frame+0x18a/0x1e0
[  115.116809][ T3617]  vhci_write+0x31a/0x430
[  115.121118][ T3617]  vfs_write+0xacd/0xe50
[  115.125342][ T3617]  ksys_write+0x1a2/0x2c0
[  115.129646][ T3617]  do_syscall_64+0x3b/0xb0
[  115.134039][ T3617]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  115.139909][ T3617] 
[  115.142208][ T3617] The buggy address belongs to the object at ffff888015bf4000
[  115.142208][ T3617]  which belongs to the cache kmalloc-8k of size 8192
[  115.156236][ T3617] The buggy address is located 168 bytes inside of
[  115.156236][ T3617]  8192-byte region [ffff888015bf4000, ffff888015bf6000)
[  115.169572][ T3617] The buggy address belongs to the page:
[  115.175186][ T3617] page:ffffea000056fc00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x15bf0
[  115.185312][ T3617] head:ffffea000056fc00 order:3 compound_mapcount:0 compound_pincount:0
[  115.193610][ T3617] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[  115.201576][ T3617] raw: 00fff00000010200 0000000000000000 0000000100000001 ffff888011c42280
[  115.210136][ T3617] raw: 0000000000000000 0000000000020002 00000001ffffffff 0000000000000000
[  115.218693][ T3617] page dumped because: kasan: bad access detected
[  115.225084][ T3617] page_owner tracks the page as allocated
[  115.230772][ T3617] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 3561, ts 38032675983, free_ts 38028161499
[  115.249148][ T3617]  get_page_from_freelist+0x322a/0x33c0
[  115.254676][ T3617]  __alloc_pages+0x272/0x700
[  115.259243][ T3617]  new_slab+0xbb/0x4b0
[  115.263291][ T3617]  ___slab_alloc+0x6f6/0xe10
[  115.267856][ T3617]  kmem_cache_alloc_trace+0x1a0/0x290
[  115.273205][ T3617]  tomoyo_init_log+0x1140/0x1fe0
[  115.278126][ T3617]  tomoyo_supervisor+0x3b8/0x12c0
[  115.283127][ T3617]  tomoyo_env_perm+0x174/0x210
[  115.287871][ T3617]  tomoyo_find_next_domain+0x137e/0x1cf0
[  115.293480][ T3617]  tomoyo_bprm_check_security+0xdb/0x120
[  115.299089][ T3617]  security_bprm_check+0x5f/0xa0
[  115.304031][ T3617]  bprm_execve+0x84e/0x17c0
[  115.308511][ T3617]  do_execveat_common+0x583/0x720
[  115.313513][ T3617]  __x64_sys_execve+0x8e/0xa0
[  115.318167][ T3617]  do_syscall_64+0x3b/0xb0
[  115.322559][ T3617]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  115.328430][ T3617] page last free stack trace:
[  115.333088][ T3617]  free_unref_page_prepare+0xc34/0xcf0
[  115.338643][ T3617]  free_unref_page+0x95/0x2d0
[  115.343310][ T3617]  __unfreeze_partials+0x1b7/0x210
[  115.348409][ T3617]  put_cpu_partial+0x132/0x1a0
[  115.353150][ T3617]  ___cache_free+0xe3/0x100
[  115.357635][ T3617]  qlist_free_all+0x36/0x90
[  115.362113][ T3617]  kasan_quarantine_reduce+0x162/0x180
[  115.367550][ T3617]  __kasan_slab_alloc+0x2f/0xc0
[  115.372376][ T3617]  slab_post_alloc_hook+0x53/0x380
[  115.377465][ T3617]  __kmalloc+0x120/0x300
[  115.381682][ T3617]  tomoyo_realpath_from_path+0xd8/0x5e0
[  115.387203][ T3617]  tomoyo_path_perm+0x273/0x6b0
[  115.392033][ T3617]  security_inode_getattr+0xcf/0x120
[  115.397298][ T3617]  vfs_getattr+0x26/0x360
[  115.401603][ T3617]  vfs_statx+0x18f/0x3b0
[  115.405820][ T3617]  __x64_sys_newfstatat+0x12c/0x1b0
[  115.410997][ T3617] 
[  115.413384][ T3617] Memory state around the buggy address:
[  115.418989][ T3617]  ffff888015bf3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  115.427026][ T3617]  ffff888015bf4000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  115.435063][ T3617] >ffff888015bf4080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  115.443096][ T3617]                                   ^
[  115.448440][ T3617]  ffff888015bf4100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  115.456474][ T3617]  ffff888015bf4180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  115.464690][ T3617] ==================================================================
[  115.472734][ T3617] Disabling lock debugging due to kernel taint
[  115.500956][ T4693] loop1: detected capacity change from 0 to 128
[  115.536778][ T3617] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  115.544071][ T3617] CPU: 0 PID: 3617 Comm: kworker/0:4 Tainted: G    B             5.15.165-syzkaller #0
[  115.553678][ T3617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  115.563712][ T3617] Workqueue: events hci_ncmd_timeout
[  115.568977][ T3617] Call Trace:
[  115.572231][ T3617]  <TASK>
[  115.575136][ T3617]  dump_stack_lvl+0x1e3/0x2d0
[  115.579790][ T3617]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  115.585407][ T3617]  ? panic+0x860/0x860
[  115.589451][ T3617]  ? preempt_schedule_common+0xa6/0xd0
[  115.594884][ T3617]  ? preempt_schedule+0xd9/0xe0
[  115.599709][ T3617]  panic+0x318/0x860
[  115.603575][ T3617]  ? check_panic_on_warn+0x1d/0xa0
[  115.608659][ T3617]  ? fb_is_primary_device+0xd0/0xd0
[  115.613830][ T3617]  ? _raw_spin_unlock_irqrestore+0x128/0x130
[  115.619782][ T3617]  ? _raw_spin_unlock+0x40/0x40
[  115.624602][ T3617]  check_panic_on_warn+0x7e/0xa0
[  115.629510][ T3617]  ? hci_ncmd_timeout+0x7c/0x200
[  115.634419][ T3617]  end_report+0x6d/0xf0
[  115.638544][ T3617]  kasan_report+0x18e/0x1c0
[  115.643020][ T3617]  ? hci_ncmd_timeout+0x7c/0x200
[  115.647965][ T3617]  kasan_check_range+0x27e/0x290
[  115.652876][ T3617]  hci_ncmd_timeout+0x7c/0x200
[  115.657612][ T3617]  process_one_work+0x8a1/0x10c0
[  115.662526][ T3617]  ? worker_detach_from_pool+0x260/0x260
[  115.668136][ T3617]  ? _raw_spin_lock_irqsave+0x120/0x120
[  115.673650][ T3617]  ? kthread_data+0x4e/0xc0
[  115.678126][ T3617]  ? wq_worker_running+0x97/0x170
[  115.683129][ T3617]  worker_thread+0xaca/0x1280
[  115.687790][ T3617]  kthread+0x3f6/0x4f0
[  115.691983][ T3617]  ? rcu_lock_release+0x20/0x20
[  115.696839][ T3617]  ? kthread_blkcg+0xd0/0xd0
[  115.701399][ T3617]  ret_from_fork+0x1f/0x30
[  115.705791][ T3617]  </TASK>
[  115.708980][ T3617] Kernel Offset: disabled
[  115.717617][ T3617] Rebooting in 86400 seconds..