last executing test programs:

14.491206574s ago: executing program 0 (id=320):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x2b, 0x1, 0x1)
r4 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
ioctl$EXT4_IOC_GROUP_ADD(r4, 0x80405880, 0x0)
syz_io_uring_setup(0x239, &(0x7f0000000080)={0x0, 0x0, 0x10100, 0x0, 0x0, 0x0, r4}, &(0x7f0000000000), 0x0)
openat$vsock(0xffffffffffffff9c, 0x0, 0x16200, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r6 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="380000000314010000070000000000000900020073797a310000000008004100736977001400330073797a6b616c6c657230000000000000"], 0x38}}, 0x0)
sendmmsg$sock(r3, 0x0, 0x0, 0x20000001)

13.047004344s ago: executing program 0 (id=324):
r0 = socket(0xa, 0x1, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000001c0), r2)
sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r3, 0x1, 0x0, 0x0, {0x3, 0x74, 0x600}, [@NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'ip6gre0\x00'}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x7}]}, 0x30}, 0x1, 0xffffffff00000003}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f00000000c0)={0x44, r5, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_FRAME={0x26, 0x33, @action={{{}, {}, @device_b}, @channel_switch={0xd, 0x4, {{0x25, 0x3}, @val={0x3e, 0x1}, @void}}}}]}, 0x44}}, 0x0)
sendmsg$NL80211_CMD_SET_PMK(r0, &(0x7f0000000280)={&(0x7f0000000100), 0xc, &(0x7f0000000200)={&(0x7f0000000140)={0x7c, r5, 0x711, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_PMKR0_NAME={0x14, 0x102, "879ac2faaef6b6aea37487501ed0a4f7"}, @NL80211_ATTR_PMKR0_NAME={0x14, 0x102, "ab4b97508fa4a66be791be9c081edb24"}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_PMK={0x14, 0xfe, "62642ccf566a16b1aa74b2a1159de7dd"}, @NL80211_ATTR_PMKR0_NAME={0x14, 0x102, "27b498c2ad672415284bae869d692d9f"}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x7c}, 0x1, 0x0, 0x0, 0x4810}, 0x40040)
close(r0)
r7 = socket$inet_sctp(0x2, 0x5, 0x84)
r8 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r8, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f00000027c0)={0x2, 0x9, 0x0, 0x2, 0x5, 0x0, 0x0, 0x0, [@sadb_key={0x1, 0x8}, @sadb_sa={0x2}]}, 0x28}, 0x1, 0x7}, 0x8000)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r7, 0x84, 0x6f, &(0x7f0000002f00)={0x0, 0x10, &(0x7f0000002ec0)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000002f40)=0x10)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r7, 0x84, 0x1d, &(0x7f0000000000)={0x1, [<r9=>0x0]}, &(0x7f0000000080)=0x8)
sendmmsg$inet_sctp(r0, &(0x7f00000019c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="4900000000000000840000000100000000000000080200000000000000000000000000000000060000000000", @ANYRES32=r9], 0x30}], 0x1, 0x0)
r10 = socket$inet6_sctp(0xa, 0x0, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r10, 0x84, 0x6f, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000400)={r9, 0x8e, "7a8bd591f7f5ffcf25116ca93f8485947253593f7cafbbe4475881fd897ff38f246d24a70ddfc077c17f882f681153be24db98eba6ba509fcb9813452118dc4e1b6720392ea2d3fb8c095e7e885f1808df0be6baf01837a43c8ca3bc9ed875bc1393b0376effac6fa5b13081356b85ddb1b37f3d14e3c12ba12e365621bb5b9cbb45c1a964231f73742ea092b1c6"}, &(0x7f00000001c0)=0x96)

13.039521714s ago: executing program 2 (id=325):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
write$UHID_INPUT(r1, &(0x7f0000001040)={0xfc, {"a2e3ad09ed1a09f91b44090987f70e06d038e7ff7fc6e5539b0d3d0e8b089b3f363b68090890e0879b0a0ac6e70a9b3361959b509a240d5b0af3988f7ef319520100ffe8d178708c523c921b1b5b31070d07640936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2afffbd85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787f007a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b40866a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6f651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de592587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0xffffffffffffff5a}}, 0x1006)
syz_io_uring_setup(0x0, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(0xffffffffffffffff, 0x2def, 0x0, 0x0, 0x0, 0x0)
r2 = socket$kcm(0x2, 0x5, 0x84)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{0x2, 0x0, 0xfffffffe}, {0x10000002}]}, 0x90)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000080)=0x1)
capset(&(0x7f0000000c00)={0x20080522}, &(0x7f0000000140))
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000140)=0x2)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
close(r4)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x0, 0x0, 0x0, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
setsockopt$sock_attach_bpf(r2, 0x84, 0x64, &(0x7f0000000000), 0x10)
r5 = syz_open_dev$vim2m(&(0x7f0000000140), 0x500000001, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r5, 0xc0d05605, &(0x7f0000000040)={0x1, @win={{0x0, 0x0, 0x33524742}, 0x0, 0x0, 0x0, 0x0, 0x0}})
openat$cuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)

11.784596458s ago: executing program 0 (id=328):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, 0x0, 0x0)
write(r0, &(0x7f0000000340)="05", 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$PPPIOCSMAXCID(0xffffffffffffffff, 0x40047451, &(0x7f0000000100))
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r3, &(0x7f0000000080), 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x2, &(0x7f0000000b80)=@gcm_128={{0x303}, "cfc85eb51b0ace6a", "4617a9f6040839230fb7fead776dd8dc", "3f4051c4", "a44a889722b66244"}, 0x28)
recvfrom$inet6(r3, 0x0, 0x1000000, 0x0, 0x0, 0x0)

10.890531621s ago: executing program 2 (id=330):
r0 = socket$netlink(0x10, 0x3, 0x9)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, 0x0, 0x0}, 0x90)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000340)={'wlan0\x00', <r3=>0x0})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r6, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[], 0x68}}, 0x0)
sendmsg$NL80211_CMD_GET_MPP(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000380)={0x1c, r4, 0x301, 0x0, 0x0, {{0x5}, {@val={0x8, 0x3, r3}, @void}}}, 0x1c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={{0x14, 0x3ed}, [], {0x14, 0x3ed}}, 0x28}}, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x0)
r8 = dup(0xffffffffffffffff)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$batadv(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_NEIGHBORS(r9, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)={0x1c, r10, 0x305, 0x0, 0x0, {}, [@BATADV_ATTR_ORIG_INTERVAL={0x8}]}, 0x1c}}, 0x0)
gettid()
ioctl$NS_GET_OWNER_UID(r8, 0xb704, &(0x7f0000000000))
syz_clone3(&(0x7f0000000440)={0x100080000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

10.804754418s ago: executing program 1 (id=331):
semctl$SEM_INFO(0xffffffffffffffff, 0x0, 0x13, &(0x7f0000000000)=""/237)
syz_open_procfs(0x0, &(0x7f00000001c0)='ns\x00')
syz_io_uring_setup(0x24f5, &(0x7f0000000080), 0x0, 0x0)
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000400)='./file1\x00', 0xa08006, &(0x7f0000000100)=ANY=[@ANYRES32=0x0], 0xfe, 0x687, &(0x7f0000000fc0)="$eJzs3c1vHGcdB/DvrNeOHaTUfUlaUCWsRioIi8QvcsFcGjggHypUhUOFxMVKnMbKxq1sF7kVAvN+5dA/oBx8QOICEvdIReKAgFvFzeKAKiFx6cm3oJmdtdfxS9Ybv8Tw+Viz+8w8r/PbmWd3dmVNgP9bc+NpPkiRufE31sr1zY3p1ubG9IU6u5WkTDeSZvspxVJSfJzcSHvJ58uNdfnioH4+XJy9+clnm5+215r1UpVvHFavN+v1krEkA/XzXoN9tXfrwPYON7+dKrb3sAzY1U7g4Kw93GP9KNWf8LwFngZF+31zj9HkYpLh+nNA6tmhcbqjO35HmuUAAADgnHpmK1tZy6WzHgcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcJ/X9/4t6aXTSYyk69/8fqrelTt9snPGYn8SDsx4AAAAAAAAAAByDL25lK2u5lPrH/YftX/ZfqR5fqB4/l/eykoUs51rWMp/VrGY5k0lGuxoaWptfXV2e7KHm1L41p/ob/+/7qwYAAAAAAAAA/2t+mrn27/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPC0KJKB9lO1vNBJj6bRTDKcZKgst578vZM+J4r9Nj44/XEAAADAExnuo84zW9nKWi511h8W1TX/lep6eTjvZSmrWcxqWlnI7foaurzqb2xuTLc2N6bvb25MVx1//2Fbu51v/udIw6haTPu7h/17fqkqMZI7Way2XMutajC306hqll6qx7O97O7kJ+WYRl6v9Tiy2/Vz2dmvD/oW4Tg0jlphtKo0uB2RiXpsZUPPHh6Jx746zUN7mkxj+5ufFw7pqbNLxRFjfrFTL8kvH4n56//67fd6bOYEbEeikSoSU11H35XDY5586Y+/e+tua+ne3Tsr4yd2GJ2WR4+J6a5IvHiuI9E8YvmJKhKXt9fn8u18N+MZy5tZzmJ+kPmsZiH1zJj5+nguH0e7opTsidSNXWtvPm4kQ/Xr0p5FexnTWC5Uqfm8UtW9lMUUeSe3s5DXqr+pTOZrmclMZrte4csHvsLVvlUzbeNoZ/3VL2fnVP9VOVP3Vi/5c68Fj679llrG9dmuuHbPuaNVXveWnSg918P70RHnxuYX6kTZx8/6eds4MY9GYrIrEs8fHonfVOfGSmvp3vLd+XcPaH/9kfVXB3fSv+jrnfmkpp7yeHkuw/VMsvvoKPOe355ldsdrqP7FpZ3X2JN3ucoris6Z+p19ztQy4rNV6Sv7tjRV5b24N2+gHvk//tmVt+vzVt756wkFDIDjdfErF4dG/j3yt5GPRn4+cnfkjeFvXfj6hZeHMvinwW80JwZebbxc/CEf5Uc71/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAED/Vt7/4N58q7WwvH+icXDW8SaK+rY8B5VpZiSnMIzTTBTJ+rG3nLPfrx4SnZsIPmk7b914KnbnXCcGktRbfpzsHD/1S9TPzUWBc+H66v13r6+8/8FXF+/Pv73w9sLS4MzM7MTszGvT1+8sthYm2o9nPUrgJOx8HuixwuAJDwgAAAAAAAAAAAB4rP3+MeAvx/yfBl3djZ3hrgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADn1Nx4moMpMjlxbaJc39yYbpVLJ71Tspmk0UiKHybFx8mNtJeMdjVXHNTPh4uzNz/5bPPTnbaanfKNw+r1Zr1eMpZkoH7eY6i/9m4d1F7Piu09LAN2tRM4OGv/DQAA//+iHAcm")
lgetxattr(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000300)=@random={'osx.', 'system.posix_acl_default\x00'}, 0x0, 0x0)
r0 = syz_io_uring_setup(0x110, &(0x7f0000000140), &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x77359400}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f00000004c0)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x43, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
write$uinput_user_dev(0xffffffffffffffff, 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES_UPDATE(r0, 0x18, &(0x7f0000000100)={0x8e, 0x0, &(0x7f00000000c0)=[0xffffffffffffffff]}, 0x1)

10.767976762s ago: executing program 3 (id=332):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000b40), 0x2b842ac, 0x0)
unshare(0x0)
socket$netlink(0x10, 0x3, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$sock_inet_SIOCSIFNETMASK(0xffffffffffffffff, 0x891c, 0x0)
syz_clone(0x40040000, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x2c, r4, 0x1, 0x0, 0x0, {0x1d}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}]}, 0x2c}}, 0x0)

10.388131503s ago: executing program 0 (id=333):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
syz_emit_ethernet(0x32, &(0x7f0000001500)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x10, 0x0, @gue={{0x2}}}}}}}, 0x0)
recvmmsg(r0, &(0x7f0000008880), 0x45b, 0x44000102, 0x0)
syz_mount_image$udf(&(0x7f0000000f00), &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xa00010, &(0x7f0000000e40)=ANY=[@ANYBLOB='iocharset=iso8859-1,nostrict,uid=forget,anchor=0000000000000145,gid=', @ANYRESDEC=0x0, @ANYBLOB=',dmode=00000000000000000002004,undelete,partition=00000000000000000001,unhide,\x00'], 0x1, 0xc43, &(0x7f00000001c0)="$eJzs3U9sHNd9B/DfGy3FldxWTOwqThoHm7ZIZcZy9S+mYhXuqqbZBpBlIhRzC8CVSKkLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBAhQIWMzsW3FJkbYskhIlfz429Z2deW/mvZn1jCzozQsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIOL3Xrl46nTaZsOhh9AYAOCBuDz21VNntnv+AwCPrSs7/f8/AAAAAAAAAAAAAABwUKQo4slIMXd5LU1Unzvql9p9t26PD49sX+1IqmoeqsqXP/XTZ86e+9ILQ+e7eak98wH199pn4rWxKxcbL8/enJufWliYmmyMz7SvzU5O3fMedlt/q8HqBDRuvn5r8vr1hcaZ589u2nx74P3+J44PXBh69uQz3bLjwyMjYxtF6r3la/fdkI6dRngcjiJORornvvfT1IqIInZ/LuoP9tpvdaTqxGDVifHhkaoj0+3WzGK5cbR7IoqIRk+lZvccbX8totb3QPuws2bEUtn8ssGDZffG5lrzravTU43R1vxie7E9OzOaOq0t+9OIIs6niOWIWO2/e3d9UUQtUnzn2Fq6mt/6UZ2HL1YDg3duR7GPfbwHZTsbfRHLxSNwzQ6w/iji1Ujxs3dOxLV8n6nuNV+IeLXMH0S8VeZLEan8YpyLeG+b7xGPploU8efl9b+wliar+0H3vnLpa42vzFyf7Snbva98xOfDXXeKh/R8OLIlH4wDfm+qRxGt6o6/lu7/NzsAAAAAAAAAAAAAAAAA7LUjUcSnI8Ur//ZH1bjiqMalH7sw9PsDv9w7ZvzpD9lPWfb5iFgq7m1M7uE8MHA0jab0kMcSf5zVo4g/zuP/vvWwGwMAAAAAAAAAAAAAAAAAAPCxVsRPIsWL755Iy9E7p3h75kbjSuvqdGdW2O7cv90509fX19cbqZPNnBM5l3Iu51zJuZozilw/ZzPnRM6lnMs5V3Ku5oxDuX7OZs6JnEs5l3Ou5FzNGbVcP2cz50TOpZzLOVdyruaMAzJ3LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA46SIIn4RKb79jbUUKSKaERPRyZX+h906AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDUn4r4fqRo/EHzzrpaRKTq344T5S/nonm4zE9Gc6jMl6J5MWerylrzWw+h/exOXyrix5Giv/72nQuer39f59Odr0G89c2NT5+pdfJQd+PA+/1PHD92YWjkc0/vtJy2a8DgpfbMrduN8eGRkbGe1bV89E/2rBvIxy32putExMIbb77emp6emr//hfIrsIvqj9BCqn1cemqhWojagWjGw+n7JvWHdYNiX5XP//cixW+/++/dB37n+V+PX+p8uvOEj5//ycbz/8WtO7rH539ta738/C+f6ds9/5/sWfdi/t1IXy2ivnhzru94RH3hjTdPtm+2bkzdmJo5d+rUl4eGvnz2VN/hiPr19vRUz9KenC4AAAAAAAAAAAAAAACABycV8buRovXjtdSIiNvVeK2BC0PPnnzmUByqxlttGrf92tiVi42XZ2/OzU8tLExNNsZn2tdmJ6fu9XD1arjX+PDIvnTmQx3Z5/Yfqb88O/fGfPvGHy5uu/1o/eLVhcX51rXtN8eRKCKavWsGqwaPD49UjZ5ut2aqqqPbDqb/6PpSEf8RKa6da6TP53V5/P/WEf6bxv8vbd3RHo7//9zRjfF/n+gpWh4zpSJ+Hil+6y+ejs9X7Twad52zXO5vIsXg+c/mcnG4LNdtQ+e9Ap2RgWXZ/4kU//CLzWW74yGf3Ch7+iOd3EdAef2PRYrv/9l349fzus3vf9j++h/duqN9ev/DUz3rjm56X8Guu06+/icjxUtPvh2/Ua35vw98/0f33RsnOoU33s+xT9f/V3vWDeTj/uZedR4AAAAAAAAAAOAR1peK+NtI8cORWnohr7uXv/83uXVH+/T3vz7Vs25yb+Yr+tCFXZ9UAAAAADgg+lIRP4kUNxbfvjOGevP4757xn7+zMf5zOG3ZWv05369U7w3Yyz//6zWQjzux+24DAAAAAAAAAAAAAAAAAADAgZJSES/k+dQnqvH8kzvOp74SKV75r+dyuXS8LNedB36g+rV+eXbm5MXp6dl6LLauTk81xuZa16bKuk9FirW//myuW1Tzq3fnm+/M8b4xF/t8pBj5u27Zzlzs3bnJn9ooe7os+4lI8Z9/v7lsnpo6zx1dlT1Tlv2rSPH1f9q+7PGNsmfLst+NFD/6eqNb9mhZtvt+1E9tlH3+2myxD1cFAAAAAAAAAAAAAAAAAACAj5u+VMSfRor/vrl8Zyx/nv+/r+dj5a1v9sz3v8Xtap7/gWr+/52W72f+/+q9Aks7HRUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB5PKYp4M1LMXV5LK/3l5476pfbMrdvjwyPbVzuSqpqHqvLlT/30mbPnvvTC0PlufnD9vfbpeG3sysXGy7M35+anFhamJhvjM+1rs5NT97yH3dbfarA6AY2br9+avH59oXHm+bObNt8eeL//ieMDF4aePflMt+z48MjIWE+ZWt99H/0uaYf1h6OIv4wUz33vp+mH/RFF7P5cfMh3Z78dqToxWHVifHik6sh0uzWzWG4c7Z6IIqLRU6nZPUcP4FrsSjNiqWx+2eDBsntjc6351tXpqcZoa36xvdienRlNndaW/WlEEedTxHJErPbfvbu+KOL1SPGdY2vpn/sjDnXPwxcvj3311Jmd21HsYx/vQdnORl/EcvEIXLMDrD+K+MdI8bN3TsS/9EfUovMTX4h4tcwfRLwVneudyi/GuYj3tvke8WiqRRH/W17/C2vpnf7yftC9r1z6WuMrM9dne8p27yuP/PPhQTrg96Z6FPGj6o6/lv7Vf9cAAAAAAAAAAAAAAAAAB0gRvxYpXnz3RKrGB98ZU9yeudG40ro63RnW1x371x0zvb6+vt5InWzmnMi5lHM550rO1ZxR5Po5m2XW19cn8uelnMs5V3Ku5oxDuX7OZs6JnEs5l3Ou5FzNGbVcP2cz50TOpZzLOVdyruaMAzJ2DwAAAAAAAAAAAAAAAAAAeLwU1T8pvv2NtbTe35lfeiI6uWI+0Mfe/wcAAP//dsP5HA==")
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
r2 = open_tree(r1, &(0x7f0000000640)='\x00', 0x81000)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)={0x30, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_RETRY_TIMEOUT={0x6, 0x1, 0xf4}, @NL80211_MESHCONF_CONFIRM_TIMEOUT={0x6, 0x2, 0x8e}]}]}, 0x30}}, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', r2, &(0x7f0000000980)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
unlink(0x0)
linkat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0)
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
creat(&(0x7f0000000040)='./bus\x00', 0x0)
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000001140)={&(0x7f0000001040)={0x10, 0x0, 0x0, 0x1000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r4 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r4, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x7a00, 0x0, 0x3)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents64(r5, &(0x7f0000000540)=""/239, 0xef)

10.351929176s ago: executing program 2 (id=334):
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x18, 0x4, &(0x7f0000002880)=ANY=[@ANYBLOB="b4000000000b00007910000000000000db100003a10000009500740000000000079c69dc7ded5dbe11b62ac5ea9fca11027d19e93adb605feb92de3145e8ed7ac5b8902070213cdfdc646c4890cdeb50347c32060581172b94c6dd22a2b589b6cbad46ed6ef79f7468f5e603950c4f67581c92ef8a7e000017d5f1110ed29d3b2aaf153bcf69bebf18262352ba68d39942c3b567e06411d8879622f74cc431dabd332c4c4702e4c3d41bfb54b574e8947309c7503c3e8ea23e12e064f442e8cbeab77cdf1ebd8465593c0000000000000000000000000000006f429b14459ffd88bee4b9d894ddad0980af53a1feb155f1010400bfb5b81b73035fd5a76985d4710fb6fbfb2a933a09dd6317e77ca962327022fb34017197ff712a35c63cdd0dec053fdbc310f29c6b8be788b559a80135bb7369351b952ade2339eddde60eb16301b0f4640be5852e1cef861b861b7b19ea03dfc83f729d02e9e73db24dd5dfb09d4b1bbbd5dd5daa4615b0845f264f229f9806862e116612ade616b1769e97549d095b0a4d02801406491d77a65fe74f8aa67391e8cb3c000020000000000083b92cdfc143ceba1c18cab05100ecc4"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
fcntl$setstatus(r1, 0x4, 0x44400)
socket$alg(0x26, 0x5, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="b8000000190001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0xb8}}, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0x7, &(0x7f00000000c0)={0xfffffffa, 0x55, 0x7, 0x100}, 0x10)
syz_mount_image$squashfs(&(0x7f0000000380), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f00000002c0)=ANY=[], 0x1, 0x18c, &(0x7f00000003c0)="$eJzsVT1PIkEYfgYGlrtcQU175OCKO3aXO+I/kMrKHyCBFYmLHyyJQkhcK34Kib/Cwv9gYWKDBYUWWJqYMTPzsszWJAaTeRJ4nved92umePcoOo8cAO/LSRtFKDD8wANj4AAqTPv2HM2vec0Nshdcs0f+G+In4mg0Pm6FYTBQIr8S4QZCUOvEs3HF7RfiaivGsMKKjYQQHJ/YdG3uXmfwonbZ/XLSluIAgBBCSF9H/5gZkwVwZ8SUOFBCgWUhkhiutiVQAVAb9s9q0Wj8p9dvdYNucOL79Yb7z3X/+7XDXhi4+p8ZLTJ6kUHybwBysX0zznMAHmnBfkcazBiNzpmZK/fvItYB1Z/p3IyRa9bQdW+TGrRoIZ9iH79QAHARM8NbVtU41NWaYMiS4XFjTt2zoA7+tk/DzhQMbJU2A09qeHPkEsM3jfpOvBpxSlwmbhLPiOfEDkt/k7iq8ExWNV5fWrouW8PhwJNaKT/x+cXYfDjZ9S2fvlzZgYWFhYWFhYXFF8FHAAAA//+W12GD")
llistxattr(&(0x7f0000000000)='./file1\x00', 0x0, 0x8)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x20081e, &(0x7f0000000040)={[{@nodelalloc}, {@grpid}, {@auto_da_alloc}]}, 0x1, 0x4ef, &(0x7f00000003c0)="$eJzs3U1vW1kZAODXzpeTyUwywywAAVOGgYKqOonbRlUXUFYIoUqILkFqQ+JGUew4ip3ShC7S/4BEJVaw5Aew7oo9GwQ7NmWBxEcEaiqxMLrXN6mb2k1oEjuKn0e6uvfcY/s9J849x36d+AQwsC5FxE5EjEbE/YiYys7nsi1ut7bkdi92Hy/u7T5ezEWzefefubQ+ORdt90m8lz1mISJ+9L2In+bejFvf2l5dqFTKG63i+Eyjuj5T39q+ulJdWC4vl9dKpfm5+dmb126UTq2vn1RHs6MvP//Dzrd+njRrMjvT3o/T1Or6yEGcxHBE/OAsgvXBUNaf0X43hHeSj4iPIuLT9PqfiqH02QQALrJmcyqaU+1lAOCiy6c5sFy+mOUCJiOfLxZbObyPYyJfqdUbVx7UNteWWrmy6RjJP1iplGezXOF0jOSS8lx6/KpcOlS+FhEfRsQvxsbTcnGxVlnq5wsfABhg7x2a//8z1pr/AYALrtDvBgAAPWf+B4DBY/4HgMFj/geAwWP+B4DBY/4HgMFj/geAgfLDO3eSrbmXff/10sOtzdXaw6tL5fpqsbq5WFysbawXl2u15fQ7e6pHPV6lVlufux6bj6a/vV5vzNS3tu9Va5trjXvp93rfK4/0pFcAwNt8+MmzP+ciYufWeLpF21oO5mq42PL9bgDQN0P9bgDQN1b7gsF1gvf40gNwQXRYovc1hYgYP3yy2Ww2z65JwBm7/AX5fxhUbfl/fwUMA0b+HwaX/D8MrmYzd9w1/+O4NwQAzjc5fqDL5/8fZfvfZh8O/GTp8C2enmWrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4HzbX/+3mK0FPhn5fLEY8X5ETMdI7sFKpTwbER9ExJ/GRsaS8lyf2wwAnFT+b7ls/a/LU59NHq4dzb0cS/cR8bNf3f3lo4VGY+OPyfl/HZxvPM3Ol/rRfgDgKPvzdLpveyP/Yvfx4v7Wy/b8/bsRUWjF39sdjb2D+MMxnO4LMRIRE//OZeWWXFvu4iR2nkTE5zv1PxeTaQ6ktfLp4fhJ7Pd7Gj//Wvx8WtfaJz+Lz51CW2DQPEvGn9udrr98XEr3na//QjpCnVw2/iUPtbiXjoGv4u+Pf0Ndxr9Lx41x/fffbx2Nv1n3JOKLwxH7sffaxp/9+Lku8T87Zvy/fOkrn3ara/464nJ0jt8ea6ZRXZ+pb21fXakuLJeXy2ul0vzc/OzNazdKM2mOeqb7bPCPW1c+6FaX9H+iS/zCEf3/+jH7/5v/3v/xV98S/5tf6xQ/Hx+/JX4yJ37jmPEXJn5X6FaXxF/q0v+jnv8rx4z//K/bbywbDgD0T31re3WhUilv9PJg/4VET4M6uAAHyW/NOWhGx4Pv9CrWaPxf92o23ylWtxHjNLJuwHlwcNFHxMt+NwYAAAAAAAAAAAAAAOioF/+x1O8+AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcHH9LwAA//89fM7W")
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cgroup.controllers\x00', 0x275a, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x46, &(0x7f0000002140)=ANY=[@ANYBLOB="1800000000000000000000000000000018400000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000d90500000800000085000600a500000018110000", @ANYRES32, @ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8946, &(0x7f0000000900)={'bridge0\x00', @broadcast})
ftruncate(r3, 0x2ff8)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f00000002c0)=ANY=[@ANYRESDEC=r0, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r5 = dup(r4)
ioctl$TIOCL_SETSEL(r5, 0x541c, &(0x7f0000001900)={0x2, {0xc, 0xa00, 0x0, 0x0, 0x100}})

8.869858628s ago: executing program 1 (id=335):
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
io_submit(0x0, 0x11, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
mlock2(&(0x7f0000006000/0x3000)=nil, 0x3000, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5423, 0x0)
r1 = openat$vicodec1(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$binfmt_aout(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="c701080782020000b501000017330000600000000000000000000000000000001b2f7169618362ae660ca48a1d8e9db338ec9c444f4033dbfda27e7eb8efa79dd99f7b4a271e768d03d27fdbd2b8849beae1033c0cb44bd0f801a6f552dfd020753a833e04e065b86d2b8b4e46f2ddb25dbb769080e44ae165d333d16dec826cd360602e714f472844d9a5da648a4738478699a4548fe04b26bcfabd27db863bd7e37a30985406602c012c55ba2fe36a37000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007800"/1661], 0x6b1)
remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x0)

8.712731331s ago: executing program 3 (id=336):
r0 = syz_open_procfs(0x0, &(0x7f000001f680)='net/mcfilter6\x00')
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r2, 0x2285, &(0x7f00000005c0)={0x0, 0xfffffffffffffffc, 0x0, 0x0, @buffer={0x0, 0x3e, &(0x7f0000000300)=""/62}, 0x0, 0x0, 0x44, 0x10006, 0x0, 0x0})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x0, &(0x7f0000000180)=0x400)
r3 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_PIT(r4, 0xaea3, 0x0)
gettid()
socket$rds(0x15, 0x5, 0x0)
ioctl$BINDER_GET_FROZEN_INFO(0xffffffffffffffff, 0xc00c620f, &(0x7f0000000200))
socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x12, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800"/12], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x90)
syz_genetlink_get_family_id$smc(&(0x7f0000000080), 0xffffffffffffffff)
readv(r0, &(0x7f0000004880)=[{&(0x7f0000002680)=""/148, 0x94}], 0x1)
read$FUSE(r0, &(0x7f0000006480)={0x2020}, 0xfffffd35)

7.928900806s ago: executing program 0 (id=337):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kmem_cache_free\x00'}, 0x10)
open$dir(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x3, 0x1, &(0x7f0000000280)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0xc}], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x3)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
openat2(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)={0x1c8, r6, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_LISTEN_PORT={0x6}, @WGDEVICE_A_PRIVATE_KEY={0x24, 0x3, @c}, @WGDEVICE_A_PEERS={0x16c, 0x8, 0x0, 0x1, [{0xf4, 0x0, 0x0, 0x1, [@WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @neg}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "1bc715ee4868b12a49f4df11bc05475489f6a27c4d6483ad2fa5e45903b0ce85"}, @WGPEER_A_ENDPOINT4={0xa0, 0x4, {0x2, 0x0, @local}}, @WGPEER_A_ALLOWEDIPS={0x8c, 0x9, 0x0, 0x1, [{0x28, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @mcast2}, {0x5}}]}, {0x28, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5}}]}, {0x1c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5}}]}, {0x1c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @dev}, {0x5}}]}]}]}, {0x74, 0x0, 0x0, 0x1, [@WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x0, 0x0, @private0}}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @neg}, @WGPEER_A_FLAGS={0x8}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "cde20bc0d9b90ac13642d7b66459dd9db5e20b4b16d3d23f2cb03a8aa417dce6"}]}]}, @WGDEVICE_A_FWMARK={0x8}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg0\x00'}]}, 0x1c8}}, 0x0)

7.928668376s ago: executing program 2 (id=338):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r2=>0x0})
r3 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x15, 0x17, 0xee, 0x40, 0xaf0, 0x7a05, 0x0, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xff, 0x5, 0x49}}]}}]}}, 0x0)
syz_usb_control_io$printer(r3, 0x0, &(0x7f0000000380)={0x34, &(0x7f0000000080)=ANY=[@ANYBLOB="27086b8154e09da26d6b0c73000011000000434b3238547ce2d2200c54fb38762a7b2f"], 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_CONNECT(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)={0x50, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @crypto_settings=[@NL80211_ATTR_CONTROL_PORT_NO_PREAUTH={0x4}, @NL80211_ATTR_CIPHER_SUITES_PAIRWISE={0x4}, @NL80211_ATTR_AKM_SUITES={0x10, 0x4c, [0xfac06, 0x0, 0x0]}, @NL80211_ATTR_CONTROL_PORT_OVER_NL80211={0x4}, @NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_WPA_VERSIONS={0x8}]]}, 0x50}}, 0x0)
socket$netlink(0x10, 0x3, 0x8000000004)
unshare(0x8000400)
fremovexattr(0xffffffffffffffff, 0x0)
timer_settime(0x0, 0x0, &(0x7f00000000c0), 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x24, 0x2, 0x3, 0x3, 0x0, 0x0, {}, [@NFQA_CFG_FLAGS={0x8, 0x5, 0x1, 0x0, 0x2}, @NFQA_CFG_MASK={0x8, 0x4, 0x1, 0x0, 0x13}]}, 0x24}}, 0x0)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f0000000140)={0x26, 'hash\x00', 0x0, 0x0, 'sha224-generic\x00'}, 0x58)
r7 = accept4(r6, 0x0, 0x0, 0x0)
r8 = accept$alg(r7, 0x0, 0x0)
recvmmsg(r8, &(0x7f000000a6c0)=[{{0x0, 0x1f000000, 0x0}}], 0x500, 0x0, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000000c0)=@ipv6_newaddrlabel={0x44, 0x18, 0x1, 0x0, 0x0, {0xa, 0x37}, [@IFAL_ADDRESS={0x14, 0x5, @remote}, @IFAL_ADDRESS={0x4, 0x1, @remote}]}, 0x44}}, 0x0)
r9 = socket(0x2, 0x3, 0x6)
setsockopt$inet_int(r9, 0x0, 0x1a, &(0x7f0000000340), 0x4)

7.602470803s ago: executing program 1 (id=339):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = socket(0x10, 0x803, 0x0)
sendto(r4, &(0x7f00000000c0), 0x0, 0x0, 0x0, 0x0)
recvmmsg(r4, 0x0, 0x0, 0x0, &(0x7f0000003700)={0x77359400})
syz_mount_image$msdos(&(0x7f00000001c0), &(0x7f0000000200)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x210052, &(0x7f0000000040)={[{@fat=@debug}, {}, {@dots}, {@nodots}, {@fat=@tz_utc}, {@fat=@usefree}, {@fat=@codepage={'codepage', 0x3d, '936'}}, {@dots}, {@dots}, {@nodots}, {@fat=@codepage={'codepage', 0x3d, '863'}}, {@fat=@discard}, {@dots}, {@dots}, {@dots}, {@dots}, {@fat=@tz_utc}, {@nodots}, {@fat=@allow_utime={'allow_utime', 0x3d, 0x4}}, {@fat=@time_offset={'time_offset', 0x3d, 0xfffffffffffffb65}}, {@nodots}, {@fat=@quiet}]}, 0xfd, 0x1b2, &(0x7f00000005c0)="$eJzs3cGqElEYB/Bv7Ha1Nt1dEC0G2rSS6gluxA2igaBwUauCaxsnAt1MbbK36AF7gHDlJiZyTFM0RNIx+/02fvg/h/OdzZnVnHl9+13v8v3g7debX6LVSqJxHucxTuIsGvHLMACAYzIuy/hWVuruBQDYjw2e/9/33BIAsGMvXr56+jDLLp6naStiNCw6Raf6rfLHT7KLe+nE2XzWqCg6V2b5/SpPF/OrcX2aP1iZn8bdO5P888/s0bNsKW/G5e63DwAAAAAAAAAAAAAAAAAAAAAAtWinMyvv92m31+VV9dv9QEv395zErZO9bQMAAAAAAAAAAAAAAAAAAAD+aYMPH3tv8rzbnxfNiFj8Z7uivLF2icMpGnEQbSj+apEeRht5bDf9NCL+POZaROy4+fkZ0aztdAIAAAAAAAAAAAAAAAAAgP/L9F3fpD+ouxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAqE/1/f+829+m+BQRGwyeLpXUvFUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACO2I8AAAD//0mHLc8=")
r5 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x81000)
renameat2(r5, &(0x7f0000000140)='./file1\x00', r5, &(0x7f0000000980)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)

7.602190533s ago: executing program 4 (id=340):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00'}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1802000000000000000000000000000085000000bc000000850000000500000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000002080)={<r0=>0xffffffffffffffff})
close(r0)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000100)={0x1f, 0xffff, 0x4}, 0x6)
getgroups(0x0, 0x0)
write$binfmt_misc(r1, &(0x7f0000000200)=ANY=[@ANYBLOB="0000ffff07"], 0xd)
io_setup(0x7, &(0x7f0000000280)=<r2=>0x0)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
io_submit(r2, 0x1, &(0x7f0000000080)=[&(0x7f0000000540)={0x4c5, 0x0, 0x0, 0x800000000001, 0x0, r0, &(0x7f0000000040), 0x4}])
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x338, 0x180, 0x111, 0x4b4, 0x8, 0xd4feffff, 0x290, 0x20a, 0x278, 0x290, 0x278, 0x3, 0x0, {[{{@ipv6={@loopback, @empty, [], [], 'ipvlan0\x00', 'team_slave_0\x00'}, 0x0, 0xf0, 0x158, 0x0, {}, [@common=@unspec=@helper={{0x48}, {0x0, 'ftp-20000\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, '\x00', 'syz0\x00'}}}, {{@ipv6={@mcast1, @empty, [], [], 'xfrm0\x00', 'pim6reg1\x00'}, 0x0, 0xa8, 0x110}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'pptp\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x398)
r4 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f0000000600)={'team0\x00', <r5=>0x0})
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000200)=@newqdisc={0x30, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r5, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x0)
getsockopt$inet_IP_XFRM_POLICY(r4, 0x0, 0x11, &(0x7f000000bb00)={{{@in=@private, @in6=@remote}}, {{@in6=@dev}, 0x0, @in=@private}}, &(0x7f000000bc00)=0xe8)
r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r7, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r7, &(0x7f0000000200)=ANY=[@ANYBLOB='\'\x00\x00\x00\a'], 0xd)

7.461255365s ago: executing program 0 (id=341):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdirat(r0, &(0x7f0000000040)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8}, 0x0)
sched_setscheduler(0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
getpid()
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00'}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
ioctl$sock_SIOCBRDELBR(0xffffffffffffffff, 0x89a2, &(0x7f0000000200)='bridge0\x00')
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000180)={'wg2\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000006280)={0x0, 0x0, &(0x7f0000001100)={&(0x7f00000002c0)=@newtaction={0x68, 0x30, 0x1, 0x0, 0x0, {0x0, 0x0, 0x6a00}, [{0x54, 0x1, [@m_mirred={0x50, 0x0, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{}, 0x4, r6}}]}, {0x4, 0xa}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x3, 0x4, &(0x7f00000013c0)=ANY=[@ANYBLOB="850000002f000000350000000000ba00850000007d00000095000000000000004cf12aa56cd902e2bcccc7933216c775f4ca019700f81f06a9dd64f5e02033a141d524581835d8050864d20000000201000000fa22beb5cf918d4aec7520ea98165b61a3cf5fc6dd8442230e7953f91136aa1f7035175135230163cf09494997cb4269fc9c7d49313ad360e5158a10861aaac07bdef9798e1c8fee9ed0f9dce435554bc34e6bdea4217ce4a98af8ad0887c697acd962000a9c13ecee6156c599c7b293de0019b27de967bfb3fe241454a04080bf668ce021879c820f9b80fe2338a894113532b18ac1440000000000000000000000000000004daac70ad892dd079b9f63237fd1fb7172e92af51bd123e665aa5424d28b055f23e9775ae17049b7226f795d551790818818d2e1f186ebe23a35de0ebd349f8beb513280d5b8a7b9cccb27410a89620327793f99679039d37fa96fa8cb3fd78b070afd8bc7a37634af7bd689b7f75092de7591983e7ba1e7b3f9dc15b63b6e81e227c8fb99723ed9647ba254d883177c4c9a1da0ab8345ddab5e07ee21b4740e44a496a7be9c70de1eb2f9cfc0d94011eb789d8be98b9498a400d0aeda40ac5c882bb9bd60990c03179028a4d683520ea53c4aeaba8f16c7a7486f457b4cdfcc502600905305500b4c40fb679cd9f0f5f2f33f28a66928f7e1919f9d74ee754ea9241996800dc1b76381f1ac1465f8f783aa0e7c089cddc4781ce925ca8dba83e6a7a2aab0fb91672804c14d3f156ea3556d4eb1918fabca116293f6f5a80f5172326902a03127ecd7971361b1bf0c4a3158ba33e167c948cb60a30927ef92c9d5eb82ebf41fa2067db03cf81ef1509a4ebf9fa8ff24d7a31bd2a8c9f9219b33c569e899e1fd70b8214f0bd619cd044c436911f55bd2b52fb8ae305055be6bf93ce035b854a5518b146b4f057e3a6ea9a94cf98fcb44fa6b7911f580c64072a1c6eab7d3d831e68fdb9b25c3fc5867428f601adbbaa24da54b64a66163244e52d3"], &(0x7f0000000140)='GPL\x00', 0x0, 0x27, &(0x7f00000004c0)=""/153}, 0x15)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r7, 0x0, 0xe, 0xfffffffffffffd85, &(0x7f00000000c0)="61df712bc884fed5722780b6c2a7", 0x0, 0x739d}, 0x28)

6.339857947s ago: executing program 1 (id=343):
syz_open_dev$ptys(0xc, 0x3, 0x1)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
getsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
ioctl$HIDIOCGCOLLECTIONINDEX(0xffffffffffffffff, 0x40184810, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x11})
socket$nl_xfrm(0x10, 0x3, 0x6)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000088b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = socket$inet6(0xa, 0x80002, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000040)=[{0x0}], 0x1, 0x40000000, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000900)={0x0, 0x254}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x49, &(0x7f0000000200)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x48, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}, @NFTA_CHAIN_TYPE={0x8, 0x7, 'nat\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_HOOKNUM={0x8}, @NFTA_HOOK_PRIORITY={0x8}]}]}, @NFT_MSG_DELTABLE={0x14, 0x2, 0xa, 0x3}], {0x14}}, 0xa4}}, 0x0)
ioctl$BTRFS_IOC_START_SYNC(r4, 0x80089418, &(0x7f0000003b80))
sendmsg$NFT_BATCH(r0, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4010}, 0x40000)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000009280)=[{{&(0x7f0000000040)={0xa, 0x4e22, 0x0, @remote}, 0x1c, 0x0, 0x0, &(0x7f00000000c0)=[@dontfrag={{0x14}}], 0x18}}], 0x1, 0x8000)

6.339260507s ago: executing program 4 (id=344):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, 0x0, 0x0)
write(r0, &(0x7f0000000340)="05", 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$PPPIOCSMAXCID(0xffffffffffffffff, 0x40047451, &(0x7f0000000100))
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r3, &(0x7f0000000080), 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x2, &(0x7f0000000b80)=@gcm_128={{0x303}, "cfc85eb51b0ace6a", "4617a9f6040839230fb7fead776dd8dc", "3f4051c4", "a44a889722b66244"}, 0x28)
recvfrom$inet6(r3, 0x0, 0x1000000, 0x0, 0x0, 0x0)

5.544156132s ago: executing program 3 (id=345):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x3ffffffffffffda, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000740)={'tunl0\x00', &(0x7f00000006c0)={'tunl0\x00', 0x0, 0x48, 0x40, 0x0, 0xfffffb1a, {{0x13, 0x4, 0x0, 0x3a, 0x4c, 0x0, 0x0, 0x0, 0x29, 0x0, @loopback, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@ra={0x94, 0x4, 0x1}, @cipso={0x86, 0x1f, 0x0, [{0x6, 0xf, "9d73b0557bb795bf2db3e62e8c"}, {0x0, 0xa, "68700359c4070417"}]}, @timestamp={0x44, 0x14, 0xd3, 0x0, 0x3, [0x3, 0x7, 0x4, 0x5]}, @noop]}}}}})
sendmsg$ETHTOOL_MSG_RINGS_GET(0xffffffffffffffff, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0}, 0x1, 0x0, 0x0, 0x20000881}, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB="110b200000000000000013"], 0x14}}, 0x0)
syz_mount_image$nilfs2(&(0x7f0000000ec0), &(0x7f0000000100)='./file1\x00', 0x2008054, &(0x7f00000005c0)=ANY=[], 0x1, 0xf43, &(0x7f0000002d80)="$eJzs3U9sHNX9APA367+JTbwGfj8ClDiF0kDaOsHJgd6CFLUSQohL76CQQFRD04YeQEQJPQWpBypED1Q9UMGtUnqoVFClClWq1D8cem0PFWovrapUioRUNVXiyvZ76/WLJ7ser2fX3s9H+vrtmzc73+94HWffevZtAIZWY+Xr8eP7ixDe+ejtk1+/ePMXy9vmWnscXPlaxF4zhDDW1i+y430aN9y49vqp5fZm1oawsHyv0TQenr7auu9UCOFSOBg+Ds0wd7j52eWRp8588O4nhy6ce/LFbTl5AAAYMld+v/jnR//+uy/PXr9y4ESYaG1Pz8+bsT8Vn/cfLcL1pVUr2xtxvH0+UGwwLxjP9huJ0cj2G8n2G41tI+vn+cay44yV7DfeId9I27b27XmdAAAAsJOkeW0zFI35df1GY35+dd6/7NOZ8WL+5bOLZ873qVAAAACgss8urlx0K3ZETA5ADUIIIYQQQggxDDE30f8aehtLM/1+BQIAAAAYNmndgdb6YLlL+coCW9M6WrO7/FefaGx8f+iBTj9/2/3zVve/P/k3l//9N/zGAQCgut36bDKdV3oePfXmnpV+vo7gSHa/zT7/b2THGd1knWXrCu6U9QbL6sy/r4OqrP7NPo79UlZ/vh7moCqrP1+nc1CV1T9Rcx1VldU/uUN+B5XVuKfmOqoqq39vzXVUVVb/VM11VFVW/3TNdVRVVv8dNddRVVn9+2quo6qy+nfKZbVl9TdrrqOqsvpna66jqrL676y5jqrK6r+r5jqqKqv/7prr6JcHYpu+Dwey8db8eYM53U6Z4wEAAMCw+4/1/0QPY24AahBCbDlGBqAGIYQQQoi6ojEANdQSF/v9AgQAAADQd+l9Aeld70tRGh/pMD7aYXzstuMjrfcBl91/osP4rf7dcQ8AAADYbX55+cy9bxVr7/Pf6np4k7FN6y9tdh2jfD3Czebf6rpnW82/U9YtAwAAYLgUX/v45uGT770ye/3KgRNts9+bcb6b1gEdja8NfBj76bqA6axfpDn0ifV5GiX75a8P3FF2vGe2eKIAAAAwxNL8vRmKxnzbvLsZGo35+bX5+P4wVpw5u3j6aOynz2f57cxkCGHx9GM11w0AAAB0b22+X+wJG8z/0+f47g/jxfzLZxfPnF/tT7e2jzXaXxeYWdu+8nrBY63jrd++ULL9WOynz+98cWbPyvb5U99afL7H5w4AAADD4vyrr33zucXF099xw42SGxc3da+DIfw3LrE4CMW7UfFGv38zAQAAvfbB397+w3ePTf9q9f3/a+vfpff/H4z9Zlzb749xh3SdQHofwC3v1392fZ6Zsv3Ord+vme03EmMiq3uy7Tjti+6l+82W5WuuP854Sb6pLN90e74N1ikYzfZP+fZl2/P1CdN+M9n2fB3G0SxHkeV/MNv/hwEAAADWHHnlpXNHzr/62lfOvvTcC6dfOP3ysaMLX114fGHh+MKRlev6j7Rf3Q8AAADsRGsX/fa7EgAAAAAAAAAAAAAAAAAAABhedXycWL/PEQAAAIbdvy6GEC4JIYQQQggh6on4CdQ9PGbR93MSYhjiLz3/t1t3LC3lnzQPAAAAsL1uXHv9VHt7i0tFT/O1jtZcbW7GvKn9zcM/fng50m5Xn1j/esnenlbDsKv75//2+Uf7nH8DQ57//Td6m38y3ej6919j/QFOVMv7xR/845H2/PeNdpk/P/9nquU/lOU/FLrLv/Relv/ZavkfyfLv7TL/Led/rlr+R2P+/ameh7rNv/7xn4htOo89XeY/nJ3/86Hb/Nn5N7tMmPlSzA8Aw6jR7wK2SXqWkJ5HT8V+Ot80s8mvftjs8/9GdpwNZkyVpOOm50H3xH56vjSd5U02W/9Udrw7KtaZ2ylXlZTV36vHcbuV1T9Wcx1VldU/XnMdVZXVP1FzHVWV1T9Zcx1VldXf7Ty038rq3ymvK5fVP1VzHVWV1T9dcx1VldW/2f/H+6Ws/n0111FVWf0zt7nPIP3fVlZ/xZfValdW/2zNdVRVVv+dNddRVVn9d9VcR1Vl9d9dcx39cn9sy+bDaf45E8dSv5n1Jzb4Xrb1l6JtOw8AAACg3D+t/yfE4MTYANQgNh+NAahB7NrYMwA17IRYbvpdw7DGt//U/xpqjmL1Rt/rEGJ7Y2mp/zWInoc/yQ+37X03MwCDyu//4ebxH24e/+Hm8ed20jX8RdZPRjqMj3YYH+swPp6N5z+vEx3G78qOm78R4e4O4//XYXxfh/F7Oozv7zB+b4fx+zqM399hHAAAgOHw/7E1PwQAAIDd68JPP/z+zw89e232+pUDJ8L4LevOH439ifi39cuxn697n4zFv/l/L/Z/Ettfx/av2f6uPwEAAIDtlz4nxt//AQAAYPdKn1Nq/g8AAAC712xszf8BAABg97oztub/AAAAsIsVkxtvjm16XeDB2Ha7rh8AMPg+F9sHYnsgtnOx/Xxs0/OAh2L7hZrqAwB650ffePPxt4q19f6PZeM34vbU3uLS6isFRWP9Sv57Yrs3tg93WU/+eQDd5k/2dZlnu/LPbDE/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALB7NFa+Hj++vwjhnY/ePjlz4eQLy9vmWnscXPlaxF4zhDDWul8aXev/LO5449rrp5bbm7Fdim0RFkIRitZ4ePpqK9NUCOFSOBg+Ds0wd7j52eWRp8588O4nhy6ce/LFbfwWAAAAwK73vwAAAP//LTxGDA==")
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0xf, 0x4, &(0x7f0000000140)=@framed={{}, [@generic={0x71, 0x2, 0x1}]}, &(0x7f00000000c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd}, 0x90)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000440)={0x28, 0x0, 0x100, 0x2000000, 0x0, {{}, {@void, @val={0xc, 0x99, {0x9f28, 0x59}}}}, [@beacon, @NL80211_ATTR_BEACON_INTERVAL={0x8, 0xc, @random=0xd}]}, 0x28}}, 0x20048001)

4.495674288s ago: executing program 3 (id=346):
ioprio_get$pid(0x1, 0xffffffffffffffff)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000000000))
r1 = openat$ptp0(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
readv(r1, &(0x7f00000018c0)=[{&(0x7f0000000840)=""/4096, 0x1000}], 0x1)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
futex(0x0, 0x80000000000b, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$inet(0x2, 0x0, 0x0)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000000000))
r4 = openat$ptp0(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
readv(r4, &(0x7f00000018c0)=[{&(0x7f0000000840)=""/4096, 0x1000}], 0x1)
timer_settime(0x0, 0x0, 0x0, 0x0)
futex(0x0, 0x80000000000b, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file1\x00', 0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="00ea2eb34e7ea51c9446c55a2d1e0be39af9faf44ad59cb6ad1c94490d970e811439edddc71c9b18946b559ce53bee0a1abe562fc3f3898e5826eda1962ef6e3c4c0ade52151923a70b46eacfc1aaaebcf156e549e884bcabc1333f344f31cd30cd93cb2814e0dbc24a7a107e295e86e09283c825fe177c89c6385f68f2c843cffffffff15539bab6142ceed9265ba989d1a283fc4ffc83f3a7a6c746823e656ad78f7b5a336cdbd83dad59e0debb36b4ea5e658e253f01637cc03f704a08019f95b92fffffffff8dd21552d6967ab1b01e5d52a5793eb179deee4572770a5197127b090297bca2a4eaa1705b42c16968d0201d3ba3cc8000000657ea095f152b1b6a1e6ad8d23ad17f649ccc23d4ecbcdb5620cc48f95f563c2230f859d196e6c4f00b8e3a7b01fcb1d79dcc09b7a854ec8c31dd27ff9b4a2864e1dcaf719d20b56769d51228ecc1915fb8c8b598c11b3c296b05f9c5355fc6f19a7b28f5ae9a0d0804ccc5716cfac0246ddffa2f12077a02a959aa1b74373c38b2bcc90743b80666eae25dea73e127263b8fdbc64fe862b994ca8473d0000000000000000"], 0x0, 0x19e, &(0x7f0000000900)="$eJzsmD1PKkEUht/Z5ePem5vcW9NoIglQuOwuaqQw0dpCE79iJ5GVoIsY2ELo/BXW/gJrYkNi7x/QQq1stLOyWDM7AzsgfhRKSDhPcfad2bMzZw7wkiwIghhb7u+eb89TyUsdwF8kEZfzDyzM0ZT81r+XzHV55eLUfLpptZfz/evxx3z/6/tHALSXdHhy7Pu9TyfldR1aV29AQ0bqLTAYUu9Aw6bUDhi2pd5XdJXnG8Ze2XWM3apb5MLkweLB5iHXX9/jCUNRqU9pDeqN5kHBdZ3aD4rP+segYUGpT/28Or0xlf5Z0GBJnVsE1qSeR7zTG9ES5fyJSLi+PuTzj4v41fnujkg9JN4TTP4a5EwUwGgU9lbEB9xKDGP30J/8M4aU4k8RxT+yXuUoW280p8uVQskpOYe2nZszZ0xz1s4GRiTiB/73O/CnP8r60b6cq0lxjbEYjgueV7NE7I5tEQc5boz7n64hPSXGTM6pBP8H/1mwS1qXY4IgCIIgCIIgCIIgCIIgiG9nAix4C9pDPpyCuG+vBtmvAQAA///iz2iO")

4.035704357s ago: executing program 4 (id=347):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r4 = epoll_create1(0x0)
r5 = epoll_create1(0x0)
r6 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r5, &(0x7f0000000080))
r7 = getpid()
kcmp$KCMP_EPOLL_TFD(r7, r7, 0x7, r4, &(0x7f00000000c0)={r6, r5, 0x1})

2.889600701s ago: executing program 4 (id=348):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x8927, &(0x7f0000000900)={'ip6_vti0\x00', 0x0})
r1 = socket$inet(0x2, 0x4000000805, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000400)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_TID_CONFIG(r2, &(0x7f0000000480)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000440)={&(0x7f0000019580)={0x208, 0x0, 0x8, 0x70bd29, 0x0, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x0, 0x59}}}}, [@NL80211_ATTR_TID_CONFIG={0x14, 0x11d, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE={0x4}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5}]}]}, @NL80211_ATTR_TID_CONFIG={0xb8, 0x11d, 0x0, 0x1, [{0x94, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x59}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x85}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0xcd}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x50, 0xd, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x34, 0x3, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x2, 0x1, 0x88d5, 0x2, 0x6385, 0x0, 0x5, 0x9]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x5, 0x0, 0x3, 0x0, 0x2]}}, @NL80211_TXRATE_LEGACY={0x7, 0x1, [0x0, 0x9, 0x0]}]}, @NL80211_BAND_5GHZ={0x18, 0x1, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x50, 0x0, 0x0, 0x8, 0x0, 0x0, 0x2059]}}]}]}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x9}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x1}]}, {0x14, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x4c}]}]}, @NL80211_ATTR_TID_CONFIG={0x114, 0x11d, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x8}]}, {0x88, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_NOACK={0x5}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x1}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0xbb}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x5c, 0xd, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x40, 0x1, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x20, 0x1, [0x5, 0x48, 0x60, 0x30, 0x6c, 0x2, 0x5, 0x2, 0x16, 0x5e, 0x0, 0x4, 0x16, 0x4, 0x18, 0x9, 0x6c, 0x1b, 0x48, 0x0, 0xb, 0x3, 0x0, 0x18, 0x60, 0x4, 0x3, 0x38]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x0, 0x0, 0x0, 0xe1, 0x0, 0x400]}}, @NL80211_TXRATE_GI={0x5}]}, @NL80211_BAND_2GHZ={0x18, 0x0, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0xe6, 0x1, 0xfffb, 0x9b, 0x7, 0x6, 0xe, 0x3]}}]}]}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}]}, {0x18, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x2}]}, {0x24, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xf0}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x52}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x2}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x1}]}, {0x14, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x4d}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x1}]}, {0x14, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TIDS={0x6}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}]}, {0x14, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_NOACK={0x5}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5}]}]}]}, 0x208}, 0x1, 0x0, 0x0, 0x10}, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETSW(0xffffffffffffffff, 0x5403, 0x0)
ioctl$TIOCL_GETMOUSEREPORTING(r4, 0x5412, &(0x7f0000000040)=0xd)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x0)
syz_genetlink_get_family_id$ieee802154(0x0, 0xffffffffffffffff)
r5 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r5, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
bind$inet(r5, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x10)
r6 = socket(0x15, 0x5, 0x0)
sendto$inet(r5, 0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt(r6, 0x200000000114, 0x2713, &(0x7f0000000580)=""/102393, &(0x7f0000000040)=0x18ff9)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x1)

2.873859623s ago: executing program 2 (id=349):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc000ff}]})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0)
gettid()
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
read(r0, &(0x7f0000000200)=""/209, 0xd1)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000080)={0x335})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r0, 0x404c534a, &(0x7f0000000400))
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r0, 0x402c5342, &(0x7f00000000c0))
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f00000003c0))
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f0000000100)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
timer_create(0x0, &(0x7f0000000100)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r1=>0x0)
timer_settime(r1, 0x0, &(0x7f0000000140)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
r2 = socket$igmp6(0xa, 0x3, 0x2)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r2, 0x8937, &(0x7f00000014c0)={'wg1\x00'})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000061123000000000009500000800000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, &(0x7f0000000200)={0x71e5b314})
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000040)={0x4001}, 0xfea3)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=@getstats={0x1c, 0x5e, 0x201, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2}}, 0x1c}}, 0x0)

2.596453436s ago: executing program 4 (id=350):
r0 = syz_open_procfs(0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@bloom_filter={0x1e, 0x177, 0xfc0, 0x80, 0x296, 0xffffffffffffffff, 0xffffff9c, '\x00', 0x0, r0, 0x0, 0x5, 0x3, 0xf}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0xb, 0x1b, &(0x7f0000001f80)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70200000200000085000000860000001801000020756c0c00000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
process_mrelease(0xffffffffffffffff, 0x0)
io_uring_setup(0x614c, &(0x7f0000000000)={0x0, 0x4db0, 0x4, 0x100, 0x1be})
openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000080)='cgroup.threads\x00', 0x2, 0x0)
r3 = socket$tipc(0x1e, 0x2, 0x0)
getsockopt$sock_timeval(r3, 0x1, 0x1c, 0x0, &(0x7f0000000040))
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f00000003c0)={0x2, 0x200000000004e23, @broadcast}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0x20000000, &(0x7f0000000540)={0x2, 0x4e23, @local}, 0x10)
recvmsg(r4, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd571012c}, 0x12e)
write$binfmt_elf64(r4, &(0x7f00000000c0)=ANY=[], 0x100000530)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r2, 0xfca804a0, 0x10, 0x38, &(0x7f00000002c0)="b800000500000000", &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x4, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0xfffffffa, 0x7}, 0x48)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r6, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)

1.540570623s ago: executing program 4 (id=351):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/disk', 0x169a82, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000000)={[{0x0, 'cpuset'}]}, 0x8)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x0, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581", @ANYRES16], 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_control_io$hid(r1, &(0x7f0000001540)={0x24, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x22, 0xf, {[@local=@item_4={0x3, 0x2, 0x0, 'WNib'}, @local=@item_4={0x3, 0x2, 0x0, "f85edaca"}, @main=@item_4]}}, 0x0}, 0x0)
r2 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0)
ioctl$HIDIOCSFLAG(r2, 0xc00c4809, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0xc, 0x0, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000240)='ext4_fc_commit_stop\x00', r3}, 0x10)
r4 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r4, 0xaf01, 0x0)
eventfd(0x0)
write$sndseq(0xffffffffffffffff, 0x0, 0x0)
ioctl$VHOST_SET_VRING_ERR(0xffffffffffffffff, 0x4008af22, &(0x7f0000000180)={0x1})
ioctl$VHOST_SET_VRING_KICK(r4, 0x4008af20, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000005e00)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$F2FS_IOC_MOVE_RANGE(r5, 0x541b, &(0x7f0000000000)={<r6=>0xffffffffffffffff})
close_range(r6, 0xffffffffffffffff, 0x0)

1.539858093s ago: executing program 2 (id=360):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
r2 = open(&(0x7f0000000240)='./file0\x00', 0x145142, 0x0)
ftruncate(r2, 0x2007ffc)
sendfile(r2, r2, 0x0, 0x800000009)
ioctl$FS_IOC_FSSETXATTR(r2, 0x6609, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000140)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x2, [@int]}}, 0x0, 0x2a}, 0x20)
pipe(&(0x7f00000000c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
write$P9_RGETLOCK(r4, &(0x7f00000002c0)=ANY=[], 0x200002e6)
fcntl$setpipe(r4, 0x407, 0x7000000)
fcntl$setpipe(r4, 0x407, 0x100000)
setsockopt$netlink_NETLINK_CAP_ACK(r4, 0x10e, 0xa, &(0x7f0000000080)=0x8000, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@bloom_filter={0x1e, 0x7, 0xb4, 0x101, 0x41, 0xffffffffffffffff, 0x2, '\x00', 0x0, r3, 0x4, 0x1, 0x3, 0x6}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0x3, 0x6}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='mm_page_alloc\x00'}, 0x10)
r6 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da0700000000000109022400010000000009040000090300000009210000000122220009058103"], 0x0)
syz_usb_control_io$hid(r6, 0x0, 0x0)
syz_usb_control_io$hid(r6, &(0x7f0000000280)={0x24, 0x0, 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="00222200000096231306f7940ef7070c0093edd82fef0a1a7083"], 0x0}, 0x0)

1.463343449s ago: executing program 1 (id=352):
mount(0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)='o]\x00')
r0 = gettid()
mkdirat(0xffffffffffffffff, 0x0, 0x0)
renameat2(0xffffffffffffffff, &(0x7f0000000240)='./bus/file0\x00', 0xffffffffffffffff, 0x0, 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r1, 0x4008af00, &(0x7f0000000080)=0x200000000)
preadv(r1, &(0x7f0000000600)=[{&(0x7f0000000280)=""/117, 0x75}], 0x1, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
fanotify_init(0x0, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_pidfd_open(0x0, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)

1.306290292s ago: executing program 3 (id=353):
syz_mount_image$exfat(&(0x7f0000000040), &(0x7f0000000180)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0xa1000a, &(0x7f00000003c0)=ANY=[], 0x21, 0x1506, &(0x7f0000001b00)="$eJzs3AvYTdX2MPAx5pyLl6Sd5D7HHIudXkyXJLkkySVJkiNJbgkhSZKQ3G9JSELuSe4huYXkfr/lniRJkiQkJJnfo9P5Oud0/v++8//3fZ7v/47f86xnz7HXGnPNucf7vnvN9T57f9NhSOW6VSrUZmb4b8G/PnQHgBQA6A8A1wFABAAlspTIcmV/Bo3d/3snEX+uh6Zf7RGIq0nqn7ZJ/dM2qX/aJvVP26T+aZvUP22T+qdtUn8h0rLtM3JeL1va3eT+f1om7///gxwtPPaLjYVv7PhvpEj90zapf9om9U/bpP5pm9Q/bZP6p21S/7RN6i9EWvZfv3cs/zv4n7Bd7Z8/IYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBpw4XwGwMAf2tf7XEJIYQQQgghhBDizxPSX+0RCCGEEEIIIYQQ4v8+BAUaDESQDtJDCmSAjHANZIJrITNcBwm4HrLADZAVboRskB1yQE7IBbkhD1ggcMAQQ17IB0m4CfLDzZAKBaAgFAIPhaEIFIVicAsUh1uhBNwGJeF2KAWloQyUhTugHNwJ5eEuqAB3Q0WoBJWhCtwDVeFeqAb3QXW4H2rAA1ATHoRa8BeoDQ9BHXgY6sIjUA8ehfrQABpCI2j8X8p/AbrAi9AVukF36AE9oRf0hj7QF/pBf3gJBsDLMBBegUEwGIbAqzAUXoNh8DoMhxG/vGKjYDSMgbEwDsbDBHgTJsJbMAnehskwBabCNJgOM2AmvAOzYDbMgXdhLrwH82A+LICFsAjeh8WwBJbCB7AMPoTlsAJWwipYDWtgLayD9bABNsIm2AxbYCtsg+3wEeyAnbALdsMe2Av74GPYD5/AAfgUDsJn/2b++X/K74iAgAoVGjSYDtNhCqZgRsyImTATZsbMmMAEZsEsmBWzYjbMhjkwB+bCXJgH8yAhISNjXsyLSUxifsyPqZiKBbEgevRYBItgMbwFi2NxLIElsCSWxFJYGktjWSyL5bAclsfyWAErYEWsiJWxMt6D9+C9WA2rYXWsjjWwBtbEmlgLa2FtrI11sA7WxbpYD+thfayPDbEhNsbG2ASbYFNsis2xObbAFtgKW2FrbI1tsA22xbbYDtthe2yPHbADdsRO2AlfwBfwRXwRu2FF1QN7Yk/sjb2xL/bDfvgSDsCX8WV8BQfhYByCr+Kr+BoOw3M4HEfgSByJ5dRoHINjkdV4nIATcCJOxEk4CSfjFJyC03A6zsCZOBNn4Wycje/iXHwP38P5OB8X4iJchItxCS7FpbgMz+NyXIErcRWuxjW4GtfhelyHG3ETbsQtuAW34Tb8CD/CnbgTd+Nu3IsGAD/GT/ATHIQH8SAewkN4GA/jETyCR/EoHsNjeByP4wk8gSfxJJ7C03gGT+NZPIvn8DxewAt4ES/iJXwu11d19hbYMAjUFUYZlU6lUykqRWVUGVUmlUllVplVQiVUFpVFZVVZVTaVTeVQOVQulUvlUXkUKVKsYpVX5VVJlVT5VX6VqlJVQVVQeeVVEVVEFVPFVHFVXJVQt6mS6nZVSpVWzXxZVVaVU819eXWXqqAqqIqqkqqsqqgqqqqqqqqpaqq6qq5qqBqqpnpQ1VI9sC8+pK5Upq4ajPXUEKyvGqiGqpF6DR9TTdQwbKqaqebqCTUCh2Mr1cS3Vk+pNmoMtlXPqLH4rGqvxmMH9bzqqDqpzuoF1UU19V1VNzUZe6ieahr2Vn1UX9VPzcJK6krFKqtX1CA1WA1Rr6qF+Joapl5Xw9UINVK9oUap0WqMGqvGqfFqgnpTTVRvqUnqbTVZTVFT1TQ1Xc1QM9U7apaareaod9Vc9Z6ap+arBWqhWqTeV4vVErVUfaCWqQ/VcrVCrVSr1Gq1Rq1V69R6tUFtVJvUZrVFbVXb1Hb1kdqhdqpdarfao/aqfepjtV99og6oT9VB9Zk6pD5Xh9UX6oj6Uh1VX6lj6mt1XH2jTqhv1Un1nTqlTqsz6nt1Vv2gzqnz6oL6UV1UP6lL6md1WQUFGrXSWhsd6XQ6vU7RGXRGfY3OpK/VmfV1OqGv11n0DTqrvlFn09l1Dp1T59K5dR5tNWmnWcc6r86nk/omnV/frFN1AV1QF9JeF9ZFdFFdTN+ii+tbdQl9my6pb9eldGldRpfVd+hy+k5dXt+lK+i7dUVdSVfWVfQ9uqq+V1fT9+nq+n5dQz+ga+oHdS39F11bP6Tr6Id1Xf2Irqcf1fV1A91QN9KN9WO6iX5cN9XNdHP9hG6hW+pW+kndWj+l2+indVv9jG6nn9Xt9XO6g35ed9SddGf9s76sg+6qu+nuuofuqXvp3rqP7qv76f76JT1Av6wH6lf0ID1YD9Gv6qH6NT1Mv66H6xF6pH5Dj9Kj9Rg9Vo/T4/UE/aaeqN/Sk/TberKeoqfqaXq6nqH7/trTnP+D/Lf+Rf7AX86+TW/XH+kdeqfepXfrPXqv3qf36f16vz6gD+iD+qA+pA/pw/qwPqKP6KP6qD6mj+nj+rg+oU/ok/qkPqVP6x/19/qs/kGf0+f1ef2jvqgv6ku/vgZg0CijjTGRSWfSmxSTwWQ015hM5lqT2VxnEuZ6k8XcYLKaG002k93kMDlNLpPb5DHWkHGGTWzymnwmaW7CXy8oTEFTyHhT2BQxRf+dfJPf3GxSTYF/yP+j8TU2jU0T08Q0NU1Nc9PctDAtTCvTyrQ2rU0b08a0NW1NO9POtDftTQfTwXQ0HU1n09l0MV1MV9PVdDfdTU/Ty/Q2fUxf08/0Ny+ZAWaAGWgGmkFmkBlihpihZqgZZoaZ4Wa4GWlGmlFmlBljxphxZpyZYCaYiWaimWQmmclmsplqpprpZrqZaWaaWWaWmWPmmLlmrpln5pkFZoFZZBaZxWaxWWqWmmVmmVluVpgVZpVZZdaYNWadWWc2mA1mk9lktpgtZrnZbrabHWaH2WV2mT1mj9ln9pn9Zr85YA6Yg+agOWQOmcPmsDlijpij5qg5Zo6Z4+a4OWFOmJPmpDllTpkz5ow5a86ac+acuWAumIvmorlkLpnL5vKVy75IRSoykYnSRemilCglyhhljDJFmaLMUeYoESWiLFGWKGt0Y5Qtyh7liHJGuaLcUZ7IRhS5iKM4yhvli5LRTVH+6OYoNSoQFYwKRT4qHBWJikbFolui4tGtUYnotqhkdHtUKiodlYnKRndE5aI7o/LRXVGF6O6oYlQpqhxVie6Jqkb3RtWi+6Lq0f1RjeiBqGb0YFQr+ktUO3ooqhM9HNWNHonqRY9G9aMGUcOoUdT4T+0/hHPZH/ddbTfb3fawPW0v29v2sX1tP9vfvmQH2JftQPuKHWQH2yH2VTvUvmaH2dftcDvCjrRv2FF2tB1jx9pxdrydYN+0E+1bdpJ92062U+xUO81OtzPsTPuOnWVn2zn2XTvXvmfn2fl2gV1oF9n37WK7xC61H9hl9kO73K6wK+0qu9qusWvtOrvebrAb7Sa72W6xW+02u91+ZHfYnXaX3W332L12n/3Y7ref2AP2U3vQfmYP2c/tYfuFPWK/tEftV/aY/doet9/YE/Zbe9J+Z0/Z0/aM/d6etT/Yc/a8vWB/tBftT/aS/dletuHKxf2Vt3cyZCgdpaMUSqGMlJEyUSbKTJkpQQnKQlkoK2WlbJSNclAOykW5KA/loSuYmPJSXkpSkvJTfkqlVCpIBcmTpyJUhIpRMSpOxakElaCSVJJKUSkqQ2XoDrqD7qQ76S66i+6mu6kSVaIqVIWqUlWqRtWoOlWnGlSDalJNqkW1qDbVpjpUh+pSXapH9ag+1aeG1JAaU2NqQk2oKTWl5tScWlALakWtqDW1pjbUhtpSW2pH7ag9tacO1IE6UkfqTJ2pC3WhrtSVulN36kk9qTf1pr7Ul/pTfxpAA2ggDaRBNIiG0BAaSkNpGA2j4TSCRtIbNIpG0xgaS+NoPE2gCTSRJtIkmkSTaTJNpak0nabTTJpJs2gWzaE5NJfm0jyaRwtoAS2iRbSYFtNSWkrLaBktp+W0klbSalpNa2ktraf1tJE20mbaTFtpK22n7bSDdtAu2kV7aA/to320n/bTATpAB+kgHaJDAQHoCB2ho3SUjtExOk7H6QSdoJN0kk7RKTpDZ+gsnaVzdI4u0AW6SD/RJfqZLlOgFJfBZXTXuEzuWpfZXef+Oc7hcrpcLrfL46zL5rL/Q0zOuVRXwBX82xLTFXWpKVceCznvCrsirqgr5Uq7Mq6su8OVc3e68r+Lq7p7XTV3n6vu7ndV3D3/ENdwD7ia7hFXyz3qarsGro5r5Oq6R1w996ir7xq4hq6Ra+FaulbuSdfaPeXauKd/Fy92S9x6t8FtdJvcfveJu+B+dMfdN+6i+8l1dd1cf/eSG+BedgPdK26QG/y7eKR7w41yo90YN9aNc+N/F09109x0N8PNdO+4WW727+JF7n031y1189x8t8At/CW+Mqal7gO3zH3olrsVbqVb5Va7NW6tW/e/x7rKbXFb3Ta3z33sdridbpfb7fa4vb/EV+ZxwH3qDrrP3DH3tTvsvnBH3Al31H31S3xlfifct+6k+86dcqfdGfe9O+t+cOfc+SvzD1fm/r372V12wQEjK9ZsOOJ0nJ5TOANn5Gs4E1/Lmfk6TvD1nIVv4Kx8I2fj7JyDc3Iuzs152DKxY+aY83I+TvJNnJ9v5lQuwAW5EHsuzEW4KBfjW7g438ol+DYuybdzKS7NZbgs38Hl+E4uz3dxBb6bK3IlrsxV+B6uyvdyNb6Pq/P9XIMf4Jr8INfiv3Btfojr8MNclx/hevwo1+cG3JAbcWN+jJvw49yUm3FzfoJbcEtuxU9ya36K2/DT3Jaf4Xb8LLfn57gDP88duRN35he4C7/IXbkbd+ce3JN7cW/uw325H/fnl3gAv8wD+RUexIN5CL/KQ/k1Hsav83AewSP5DR7Fo3kMj+VxPJ4n8Js8kd/iSfw2T+YpPJWn8XSewTP5HZ7Fs3kOv8tz+T2ex/N5AS/kRfw+L+YlvJQ/4GX8IS/nFbySV/FqXsNreR2v5w28kTfxZt7CW3kbb+ePeAfv5F28m/fwXt7HH/N+zvDrL9xnfIg/58P8BR/hL/kof8XH+Gs+zt/wCf6WT/J3fIpP8xn+ns/yD3yOz/MF/pEv8k98iX/myxwYYoxVrGMTR3G6OH2cEmeIM8bXxJnia+PM8XVxIr4+zhLfEGeNb4yzxdnjHHHOOFecO84T25hiF3Mcx3njfHEyvinOH98cp8YF4oJxodjHheMicdG4WHxLXDy+NS4R3xaXjG+PS8Wl40fuLxvfEZeL74zLx3fFFeK744pxpbhyXCW+J64a3xtXi++Lq8f3x8XjB+Ka8YMx/Pp5lTrxw3Hd+JG4XvxoXD9uEDeMG8WN48fiJvHjcdO4Wdw8fiJuEbeMW8VPxq3jp+I28dN/uL973CPuGfeKe8Uh3KcXJBcmFyXfTy5OLkkuTX6QXJb8MLk8uSK5MrkquTq5Jrk2uS65PrkhuTG5Kbk5uSW5NbktGUKV9ODRK6+98ZFP59P7FJ/BZ/TX+Ez+Wp/ZX+cT/nqfxd/gs/obfTaf3efwOX0un9vn8daTd5597PP6fD7pb/L5/c0+1RfwBX0h731hX8Q38o19Y9/EP+6b+ma+uX/CP+Fb+pb+Sf+kf8q38U/7tv4Z384/69v75/xz/nnf0Xfynf0Lvot/0Xf13Xx339339D19b9/b9/V9fX/f3w/wA/xAP9AP8oP8ED/ED/VD/TA/zA/3w/1IP9KP8qP8GD/Gj/Pj/AQ/wU/0E/0kP8lHADDVT/XT/XQ/08/0s/wsP8fP8XNT5/p5fp5f4Bf4RX6RX+wX+6V+qV/ml/nlfrlf6Vf61X61X+vX+vV+vd/oN/rNfrPf6rf67X673+F3+F1+l9/j9/h9fp/f7/f7A/6AP+gP+kP+kD/sD/sj/kt/1H/lj/mv/XH/jT/hv/Un/Xf+lD/tz/jv/Vn/gz/nz/sL/kd/0f/kL/mf/WUf/ITEm4mJibcSkxJvJyYnpiSmJqYlpidmJGYm3knMSsxOzEm8m5ibeC8xLzE/sSCxMLEo8X5icWJJYmnig8SyxIeJ5YkViZWJVYnViTUGQu4dccgb8oVkuCnkDzeH1FAgFAyFgg+FQ5FQNBQLt4Ti4dZQItwWSobbQ6lQOpQJj4b6oUFoGBqFxuGx0CQ8HpqGZqF5eCK0CC1Dq/BkaB2eCm3C06FteCa0C8+G9uG50CE8HzqGTqFzeCF0CS+GrqFb6B56hJ6hV+gd+oS+oV/oH14KA8LLYWB4JQwKg8OQ8GoYGl4Lw8LrYXgYEUaGN8KoMDqMCWPDuDA+TAhvhonhrTApvB0mhylhapgWpocZYWZ4J8wKs8Oc8G6YG94L88L8sCAsDIvC+2FxWBKWhg/CsvBhWB5WhJVhVVgd1oS1YV1YHzaEjWFT2By2hK1hW9gePgo7ws6wK+wOe8LesC98HPaHT8KB8Gk4GD4Lh8Ln4XD4IhwJX4aj4atwLHwdjodvwonwbTgZvgunwulwJnwfzoYfwrlwPlwIP4aL4adwKfwcLv+bn1mr9OfdQBdCCCGE+P9Krz/Y3+NfPGcAQP3a/imEcO3OnEf/fr8GgM3Z/truo3K1SADAU906PPS3rWLF7t27/3rscg1RvvkAkPinE/war4Dm0BJaQzMo9i/H10d1ush/0H/yNoCMf5eTAr/Fv/X/+X/Q/2NPjFxcMr6Q5T/pfz5Aar7fcq6swv8Wr4DmV2YDzaD4f9B/9iZ/MP4MX0wAaPp3OZkAoGmGfx5/EXgcnobW/3CkEEIIIYQQQgjxV31UmXZ/tH6+sj7PZX7LSQ+/xX+0PhdCCCGEEEIIIcTV92ynzk8+1rp1s3bSkIY00lij5X9yzNX+yySEEEIIIYT4s/120f/bcxmu5oCEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQog06P/FN41d7TkKIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQV9v/CgAA//+LZDZM")
openat(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
openat$uinput(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
socket(0x2a, 0x802, 0x0)
bind$unix(0xffffffffffffffff, &(0x7f0000000000)=@abs, 0x6e)
r4 = syz_open_procfs(0x0, &(0x7f00000001c0)='sessionid\x00')
preadv(r4, &(0x7f0000000280)=[{&(0x7f00000008c0)=""/221, 0xdd}], 0x1, 0x2, 0x0)

163.999466ms ago: executing program 3 (id=354):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, 0x0, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0)
r1 = socket$inet_dccp(0x2, 0x6, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000200)={'wlan1\x00'})
socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
r3 = accept4(r2, 0x0, 0x0, 0x0)
sendmmsg$inet(r3, 0x0, 0x0, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TCSETS(r5, 0x40045431, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, "810000cc2b000000000000fa25ffff00ffffff"})
r6 = syz_open_pts(r5, 0x0)
write(r6, 0x0, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000180)=0x14)
syz_open_dev$media(0x0, 0x7, 0x0)
bind$bt_hci(r3, 0x0, 0x0)
close_range(r4, 0xffffffffffffffff, 0x0)

0s ago: executing program 1 (id=355):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0)
add_key$keyring(&(0x7f0000000280), &(0x7f00000002c0)={'syz', 0x1}, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = openat$apparmor_thread_current(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$apparmor_current(r3, &(0x7f0000000040)=@profile={'permprofile ', ':proc/thrr/current\x00\x03\x89vO\x9f\xc9oR8\xaaNU{\x1eC\x06\b\x00\x00\x14\xb5.\xbd\x97\xfa\xe4\xfcT@\xc7\x12\xc6\xcb\x19\xee:]\xc2\x80'}, 0x46)
socket$nl_netfilter(0x10, 0x3, 0xc)
memfd_secret(0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x4, &(0x7f00000001c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
mkdir(0x0, 0x0)
ioctl$sock_inet6_SIOCADDRT(r4, 0x890b, &(0x7f0000000140)={@mcast2, @mcast1, @private2})

kernel console output (not intermixed with test programs):

avoid problems!
[   58.203949][    T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   58.220576][    T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   58.225446][ T3636] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   58.239282][ T3636] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   58.249146][ T3636] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   58.260407][ T3636] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   58.272060][ T3636] batman_adv: batadv0: Interface activated: batadv_slave_0
[   58.284715][ T3636] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   58.295676][ T3636] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   58.305876][ T3636] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   58.318345][ T3636] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   58.329387][ T3636] batman_adv: batadv0: Interface activated: batadv_slave_1
[   58.337949][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   58.345959][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   58.354899][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   58.363568][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   58.374868][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   58.383495][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   58.392218][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   58.406791][ T3637] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   58.417360][ T3637] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   58.429594][ T3637] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   58.441414][ T3637] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   58.451650][ T3637] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   58.462417][ T3637] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   58.473840][ T3637] batman_adv: batadv0: Interface activated: batadv_slave_1
[   58.494644][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   58.506533][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   58.525818][ T3636] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   58.535568][ T3636] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   58.545129][ T3636] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   58.553867][ T3636] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   58.570698][ T3634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   58.581657][ T3634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   58.591990][ T3634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   58.603137][ T3634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   58.613180][ T3634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   58.623683][ T3634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   58.633759][ T3634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   58.644356][ T3634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   58.655930][ T3634] batman_adv: batadv0: Interface activated: batadv_slave_0
[   58.691176][ T3637] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   58.701222][ T3637] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   58.714201][ T3637] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   58.722930][ T3637] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   58.733161][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   58.742379][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   58.757258][ T3634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   58.767843][ T3634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   58.782349][ T3634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   58.793118][ T3634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   58.803494][ T3634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   58.814042][ T3634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   58.826107][ T3634] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   58.837463][ T3634] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   58.849049][ T3634] batman_adv: batadv0: Interface activated: batadv_slave_1
[   58.885129][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   58.893823][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   58.903176][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   58.912504][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   58.913978][ T3634] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   58.931906][ T3634] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   58.943429][ T3634] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   58.952404][ T3634] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   58.977670][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   59.058410][   T56] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   59.092130][   T56] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   59.119104][ T3693] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   59.139798][ T3693] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   59.177195][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   59.186927][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   59.227913][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   59.238731][ T3693] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   59.250236][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   59.264795][ T3693] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   59.279391][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   59.300324][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   59.333502][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   59.349402][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   59.367034][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   59.375736][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   59.400068][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   59.432851][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   59.441134][ T3717] capability: warning: `syz.3.4' uses deprecated v2 capabilities in a way that may be insecure
[   59.500263][   T56] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   59.518561][   T56] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   59.531264][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   59.548525][ T3693] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   59.558324][ T3717] mmap: syz.3.4 (3717) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   59.571936][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   59.594077][ T3693] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   59.964290][ T3649] Bluetooth: hci0: command tx timeout
[   59.969867][ T3649] Bluetooth: hci3: command tx timeout
[   60.001661][ T3731] loop4: detected capacity change from 0 to 64
[   60.035024][ T3649] Bluetooth: hci2: command tx timeout
[   60.045074][ T3649] Bluetooth: hci1: command tx timeout
[   60.050509][ T3649] Bluetooth: hci4: command tx timeout
[   61.114320][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   61.181993][ T3729] hfs: request for non-existent node 1286 in B*Tree
[   61.193798][ T3729] hfs: request for non-existent node 1286 in B*Tree
[   61.201486][ T3729] hfs: request for non-existent node 1286 in B*Tree
[   61.218008][ T3729] hfs: request for non-existent node 1286 in B*Tree
[   61.252853][ T3737] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   61.565913][    T0] NOHZ tick-stop error: local softirq work is pending, handler #18a!!!
[   61.606173][    T0] NOHZ tick-stop error: local softirq work is pending, handler #18a!!!
[   61.614515][    T0] NOHZ tick-stop error: local softirq work is pending, handler #18a!!!
[   61.622781][    T0] NOHZ tick-stop error: local softirq work is pending, handler #18a!!!
[   61.631089][    T0] NOHZ tick-stop error: local softirq work is pending, handler #18a!!!
[   61.639382][    T0] NOHZ tick-stop error: local softirq work is pending, handler #18a!!!
[   61.647675][    T0] NOHZ tick-stop error: local softirq work is pending, handler #18a!!!
[   61.694328][    T0] NOHZ tick-stop error: local softirq work is pending, handler #18a!!!
[   61.702792][    T0] NOHZ tick-stop error: local softirq work is pending, handler #18a!!!
[   63.622376][ T3760] MTD: Couldn't look up './file0': -15
[   64.812047][   T26] audit: type=1326 audit(1723876164.635:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3749 comm="syz.1.9" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3934579e79 code=0x0
[   64.911563][ T3768] loop3: detected capacity change from 0 to 512
[   65.004537][ T3768] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (45895!=33349)
[   65.052962][ T3768] EXT4-fs (loop3): group descriptors corrupted!
[   65.077624][ T3765] loop0: detected capacity change from 0 to 40427
[   65.104773][ T3765] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[   65.125849][ T3765] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[   65.233238][ T3765] F2FS-fs (loop0): Found nat_bits in checkpoint
[   65.433863][ T3765] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[   65.450283][ T3765] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   65.458399][ T3678] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[   65.992652][ T3785] autofs4:pid:3785:autofs_fill_super: called with bogus options
[   66.577483][ T3788] syz.0.13: attempt to access beyond end of device
[   66.577483][ T3788] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   67.587758][ T3678] usb 4-1: Using ep0 maxpacket: 32
[   67.725660][ T3678] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   67.772490][ T3678] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   67.794872][ T3651] Bluetooth: hci4: command tx timeout
[   67.908494][ T3678] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   68.028033][ T3678] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[   68.159196][ T3678] usb 4-1: New USB device found, idVendor=1b96, idProduct=9f0a, bcdDevice= 0.15
[   68.179628][ T3678] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   68.197068][ T3678] usb 4-1: config 0 descriptor??
[   68.199635][ T3792] loop2: detected capacity change from 0 to 256
[   68.236495][ T3678] usb 4-1: can't set config #0, error -71
[   68.265196][ T3678] usb 4-1: USB disconnect, device number 2
[   69.345679][ T3809] loop3: detected capacity change from 0 to 256
[   69.535844][ T3806] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   69.552920][ T3812] loop2: detected capacity change from 0 to 512
[   69.635038][ T3812] EXT4-fs: Ignoring removed nomblk_io_submit option
[   69.946546][ T3812] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   70.466228][ T3801] loop4: detected capacity change from 0 to 1024
[   70.473017][ T3801] EXT4-fs: Ignoring removed orlov option
[   70.477562][   T26] audit: type=1804 audit(1723876170.295:3): pid=3812 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.26" name="/newroot/4/file0/bus" dev="loop2" ino=19 res=1 errno=0
[   70.479386][ T3801] EXT4-fs: Ignoring removed oldalloc option
[   70.548349][ T3801] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   70.594994][ T3801] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   70.782462][ T3801] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (12914!=20869)
[   70.792505][ T3801] EXT4-fs (loop4): invalid journal inode
[   70.814541][ T3801] EXT4-fs (loop4): can't get journal size
[   70.829651][ T3636] EXT4-fs (loop2): unmounting filesystem.
[   70.870075][ T3801] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   71.011851][ T3801] EXT4-fs (loop4): unmounting filesystem.
[   71.478473][ T1266] ieee802154 phy0 wpan0: encryption failed: -22
[   71.485202][ T1266] ieee802154 phy1 wpan1: encryption failed: -22
[   72.153969][ T3836] netlink: 8 bytes leftover after parsing attributes in process `syz.1.30'.
[   72.167270][ T3836] netlink: 8 bytes leftover after parsing attributes in process `syz.1.30'.
[   72.203769][ T3829] loop2: detected capacity change from 0 to 512
[   72.293539][ T3829] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   72.364592][ T3829] ext4 filesystem being mounted at /5/file0 supports timestamps until 2038 (0x7fffffff)
[   73.344048][ T3636] EXT4-fs (loop2): unmounting filesystem.
[   73.460384][ T3855] loop2: detected capacity change from 0 to 512
[   73.592030][ T3857] loop1: detected capacity change from 0 to 512
[   73.602107][ T3857] EXT4-fs: Ignoring removed orlov option
[   74.298138][ T3855] EXT4-fs: Ignoring removed nobh option
[   74.308695][ T3857] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=6000e09c, mo2=0002]
[   74.316761][ T3857] System zones: 1-12
[   74.322460][ T3857] EXT4-fs error (device loop1): ext4_orphan_get:1396: inode #15: comm syz.1.34: casefold flag without casefold feature
[   74.348046][ T3857] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: inode #12: comm syz.1.34: missing EA_INODE flag
[   74.360517][ T3857] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.34: error while reading EA inode 12 err=-117
[   74.373043][ T3857] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2816: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   74.373357][ T3855] [EXT4 FS bs=4096, gc=1, bpg=71, ipg=32, mo=a842c09c, mo2=0000]
[   74.386749][ T3857] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: inode #12: comm syz.1.34: missing EA_INODE flag
[   74.409525][ T3857] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.34: error while reading EA inode 12 err=-117
[   74.425516][ T3857] EXT4-fs (loop1): 1 orphan inode deleted
[   74.431304][ T3857] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   74.447857][ T3855] System zones: 0-2, 18-18, 34-34
[   74.492090][ T3855] EXT4-fs (loop2): 1 orphan inode deleted
[   74.519219][ T3856] EXT4-fs error (device loop1): ext4_add_entry:2484: inode #2: comm syz.1.34: Directory hole found for htree leaf block 0
[   74.543023][ T3855] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   74.575291][ T3855] ext4 filesystem being mounted at /6/file1 supports timestamps until 2038 (0x7fffffff)
[   74.638734][ T3863] loop4: detected capacity change from 0 to 256
[   74.700411][ T3635] EXT4-fs (loop1): unmounting filesystem.
[   74.721090][ T3865] loop0: detected capacity change from 0 to 164
[   74.798691][ T3771] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   74.821416][   T26] audit: type=1800 audit(1723876174.645:4): pid=3863 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.36" name="bus" dev="loop4" ino=1048601 res=0 errno=0
[   75.125406][ T3678] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   75.664325][ T3678] usb 1-1: Using ep0 maxpacket: 16
[   75.948083][ T3678] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 64
[   75.978571][ T3678] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[   76.018774][ T3678] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[   76.060200][ T3678] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[   76.111151][ T3678] usb 1-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22
[   76.400677][ T3678] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   76.434394][ T3678] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[   76.442507][ T3678] usb 1-1: SerialNumber: syz
[   76.528053][ T3865] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[   76.630119][ T3888] xt_cgroup: invalid path, errno=-2
[   76.697432][  T151] cfg80211: failed to load regulatory.db
[   76.745568][ T3678] cdc_acm 1-1:1.0: Control and data interfaces are not separated!
[   76.889907][ T3887] loop4: detected capacity change from 0 to 128
[   77.248839][ T3678] usb 1-1: USB disconnect, device number 2
[   77.275489][ T3803] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   78.215346][ T3900] x_tables: unsorted entry at hook 2
[   78.463581][ T3636] EXT4-fs (loop2): unmounting filesystem.
[   78.522972][ T3909] ip6_tunnel: non-ECT from 0000:0000:0000:0000:0000:ffff:0000:0000 with DS=0xd
[   79.526420][   T26] audit: type=1326 audit(1723876179.355:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3892 comm="syz.1.42" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3934579e79 code=0x0
[   81.744585][ T3934] netlink: 'syz.4.51': attribute type 3 has an invalid length.
[   81.752223][ T3934] netlink: 8 bytes leftover after parsing attributes in process `syz.4.51'.
[   81.840975][ T3934] loop4: detected capacity change from 0 to 512
[   81.865951][ T3934] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[   81.896763][ T3934] EXT4-fs (loop4): warning: checktime reached, running e2fsck is recommended
[   81.911314][ T3934] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c01c, mo2=0002]
[   81.922936][ T3934] System zones: 0-2, 18-18, 34-34
[   81.981118][ T3934] EXT4-fs error (device loop4): ext4_orphan_get:1422: comm syz.4.51: bad orphan inode 15
[   82.000783][ T3932] kvm [3931]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0x186 data 0x4500004b00
[   82.022516][ T3932] kvm [3931]: vcpu0, guest rIP: 0x18e disabled perfctr wrmsr: 0xc2 data 0x3600004300
[   82.042587][ T3934] ext4_test_bit(bit=14, block=18) = 1
[   82.048630][ T3934] is_bad_inode(inode)=0
[   82.064326][ T3934] NEXT_ORPHAN(inode)=2264924160
[   82.069334][ T3934] max_ino=32
[   82.072539][ T3934] i_nlink=0
[   82.088874][ T3934] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1085: updating to rev 1 because of new feature flag, running e2fsck is recommended
[   82.151198][ T3934] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.51: bg 0: block 80: padding at end of block bitmap is not set
[   82.202237][ T3934] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6172: Corrupt filesystem
[   82.227573][ T3934] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   82.349503][ T3941] SET target dimension over the limit!
[   82.386169][ T3941] netlink: 40 bytes leftover after parsing attributes in process `syz.1.54'.
[   82.482089][ T3945] loop2: detected capacity change from 0 to 1024
[   82.546108][ T3945] EXT4-fs: Ignoring removed orlov option
[   82.587287][ T3634] EXT4-fs (loop4): unmounting filesystem.
[   82.643698][ T3945] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   82.656683][ T3948] loop1: detected capacity change from 0 to 16
[   82.716183][ T3948] MTD: Attempt to mount non-MTD device "/dev/loop1"
[   84.120108][ T3636] EXT4-fs (loop2): unmounting filesystem.
[   84.803383][ T3964] loop2: detected capacity change from 0 to 16
[   84.836216][ T3964] erofs: (device loop2): mounted with root inode @ nid 36.
[   85.008163][ T3971] syz.2.60: attempt to access beyond end of device
[   85.008163][ T3971] loop2: rw=0, sector=8, nr_sectors = 16 limit=16
[   86.438013][ T3981] loop3: detected capacity change from 0 to 64
[   86.825285][ T3986] loop1: detected capacity change from 0 to 32768
[   86.825620][ T3986] =======================================================
[   86.825620][ T3986] WARNING: The mand mount option has been deprecated and
[   86.825620][ T3986]          and is ignored by this kernel. Remove the mand
[   86.825620][ T3986]          option from the mount to silence this warning.
[   86.825620][ T3986] =======================================================
[   86.933285][ T3986] XFS (loop1): Mounting V5 Filesystem
[   87.034779][ T3989] syz.3.65: attempt to access beyond end of device
[   87.034779][ T3989] loop3: rw=34817, sector=39, nr_sectors = 30 limit=64
[   87.034849][ T3989] syz.3.65: attempt to access beyond end of device
[   87.034849][ T3989] loop3: rw=34817, sector=72, nr_sectors = 2 limit=64
[   87.108546][ T3989] syz.3.65: attempt to access beyond end of device
[   87.108546][ T3989] loop3: rw=34817, sector=76, nr_sectors = 500 limit=64
[   87.207173][ T3986] XFS (loop1): Ending clean mount
[   87.219694][ T3986] XFS (loop1): Quotacheck needed: Please wait.
[   87.263179][ T3986] XFS (loop1): Quotacheck: Done.
[   88.069247][ T3984] loop0: detected capacity change from 0 to 32768
[   88.183207][ T3635] XFS (loop1): Unmounting Filesystem
[   88.976702][ T4010] loop0: detected capacity change from 0 to 4096
[   89.017157][ T4010] ntfs3: loop0: Different NTFS' sector size (1024) and media sector size (512)
[   89.507945][ T4016] netlink: 36 bytes leftover after parsing attributes in process `syz.3.72'.
[   89.607801][ T4017] loop3: detected capacity change from 0 to 512
[   89.645767][ T4017] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   89.660499][ T4017] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[   89.691317][ T4017] EXT4-fs (loop3): ea_inode feature is not supported for Hurd
[   90.984596][    C0] eth0: bad gso: type: 1, size: 1408
[   91.118029][ T4027] Driver unsupported XDP return value 0 on prog  (id 29) dev N/A, expect packet loss!
[   91.203585][ T4032] loop3: detected capacity change from 0 to 512
[   91.214107][ T4032] EXT4-fs: Ignoring removed oldalloc option
[   91.338822][ T4032] EXT4-fs error (device loop3): ext4_xattr_inode_iget:400: comm syz.3.77: Parent and EA inode have the same ino 15
[   91.473774][ T4032] EXT4-fs error (device loop3): ext4_xattr_inode_iget:400: comm syz.3.77: Parent and EA inode have the same ino 15
[   91.518204][ T4032] EXT4-fs (loop3): 1 orphan inode deleted
[   91.532342][ T4032] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   91.905217][ T4037] loop0: detected capacity change from 0 to 256
[   92.364540][ T3643] EXT4-fs (loop3): unmounting filesystem.
[   95.887255][ T4046] sched: RT throttling activated
[   95.926755][ T3693] Bluetooth: hci5: Frame reassembly failed (-84)
[   96.597921][ T3651] Bluetooth: hci5: Opcode 0x1003 failed: -110
[   96.597977][ T3649] Bluetooth: hci5: command 0x1003 tx timeout
[   97.513797][ T4069] loop3: detected capacity change from 0 to 1024
[   99.621449][ T4081] loop3: detected capacity change from 0 to 256
[  100.809946][ T4081] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104b5, chksum : 0x6646eacc, utbl_chksum : 0xe619d30d)
[  100.854909][ T4083] syz.4.88 uses obsolete (PF_INET,SOCK_PACKET)
[  101.058048][ T4083] netlink: 'syz.4.88': attribute type 10 has an invalid length.
[  101.239386][ T4088] kvm: vcpu 0: requested 128 ns lapic timer period limited to 200000 ns
[  101.248773][ T4088] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  101.730225][ T4083] team0: Port device wlan1 added
[  102.045797][ T3651] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  102.447901][ T3651] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  102.477563][ T3651] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  102.502804][ T3651] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  102.555525][ T3651] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  102.578228][ T3651] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  102.841159][ T3651] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  102.850424][ T3651] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  102.857792][ T4099] device batadv0 entered promiscuous mode
[  102.859379][ T3651] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  102.877086][ T3651] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  102.885957][ T3651] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  102.893238][ T3651] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  102.941687][ T4104] loop0: detected capacity change from 0 to 256
[  102.948812][ T4104] exfat: Deprecated parameter 'utf8'
[  102.954760][ T4104] exfat: Bad value for 'errors'
[  102.964524][ T4099] device batadv0 left promiscuous mode
[  103.269820][ T3771] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  104.674650][ T3649] Bluetooth: hci5: command tx timeout
[  104.821687][ T4117] loop3: detected capacity change from 0 to 128
[  104.832767][ T4117] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[  105.010241][   T48] Bluetooth: hci6: command tx timeout
[  106.562220][ T4127] loop3: detected capacity change from 0 to 164
[  106.752362][ T4129] loop0: detected capacity change from 0 to 128
[  106.767114][  T154] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  106.794075][ T4129] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x00067272 (sector = 1)
[  106.992810][ T4129] syz.0.100: attempt to access beyond end of device
[  106.992810][ T4129] loop0: rw=3, sector=6950, nr_sectors = 2 limit=128
[  107.006896][ T4129] syz.0.100: attempt to access beyond end of device
[  107.006896][ T4129] loop0: rw=2051, sector=6952, nr_sectors = 942 limit=128
[  107.121718][ T3649] Bluetooth: hci5: command tx timeout
[  107.128414][   T48] Bluetooth: hci6: command tx timeout
[  107.182051][ T4130] FAT-fs (loop0): FAT read failed (blocknr 128)
[  107.550238][ T3694] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  107.597295][ T4127] netlink: 'syz.3.101': attribute type 4 has an invalid length.
[  107.667243][ T3694] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  107.804328][  T154] usb 5-1: unable to read config index 0 descriptor/start: -71
[  107.812102][  T154] usb 5-1: can't read configurations, error -71
[  108.477545][ T4093] chnl_net:caif_netlink_parms(): no params data found
[  108.614086][ T3694] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  108.657090][ T4141] loop3: detected capacity change from 0 to 512
[  108.718949][ T4145] netlink: 6 bytes leftover after parsing attributes in process `syz.0.105'.
[  108.747570][ T4149] netlink: 6 bytes leftover after parsing attributes in process `syz.0.105'.
[  108.759182][ T4149] netlink: 6 bytes leftover after parsing attributes in process `syz.0.105'.
[  108.775454][ T4141] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  108.776638][ T4101] chnl_net:caif_netlink_parms(): no params data found
[  108.798406][ T4141] ext4 filesystem being mounted at /29/file0 supports timestamps until 2038 (0x7fffffff)
[  108.841962][ T4149] netlink: 6 bytes leftover after parsing attributes in process `syz.0.105'.
[  108.851131][ T4149] netlink: 6 bytes leftover after parsing attributes in process `syz.0.105'.
[  108.956864][ T3694] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  108.977527][ T3643] EXT4-fs (loop3): unmounting filesystem.
[  109.146890][ T4093] bridge0: port 1(bridge_slave_0) entered blocking state
[  109.154046][ T4093] bridge0: port 1(bridge_slave_0) entered disabled state
[  109.161319][ T3651] Bluetooth: hci5: command tx timeout
[  109.166812][ T3651] Bluetooth: hci6: command tx timeout
[  109.176681][ T4156] loop0: detected capacity change from 0 to 4096
[  109.192549][ T4156] ntfs: (device loop0): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel.
[  109.197106][ T4093] device bridge_slave_0 entered promiscuous mode
[  109.236696][ T4156] ntfs: (device loop0): ntfs_is_extended_system_file(): Non-resident file name. You should run chkdsk.
[  109.275008][ T4156] ntfs: (device loop0): ntfs_read_locked_inode(): $DATA attribute is missing.
[  109.324474][ T4156] ntfs: (device loop0): ntfs_read_locked_inode(): Failed with error code -2.  Marking corrupt inode 0x1 as bad.  Run chkdsk.
[  109.359269][ T4156] ntfs: (device loop0): load_system_files(): Failed to load $MFTMirr.  Mounting read-only.  Run ntfsfix and/or chkdsk.
[  109.370942][ T4163] loop3: detected capacity change from 0 to 512
[  109.379810][ T4093] bridge0: port 2(bridge_slave_1) entered blocking state
[  109.394819][ T4093] bridge0: port 2(bridge_slave_1) entered disabled state
[  109.407690][ T4156] ntfs: volume version 3.1.
[  109.413268][ T4093] device bridge_slave_1 entered promiscuous mode
[  109.441040][ T4156] ntfs: (device loop0): load_and_init_quota(): Failed to find inode number for $Quota.
[  109.445677][ T4163] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  109.453953][ T4156] ntfs: (device loop0): load_system_files(): Failed to load $Quota.  Will not be able to remount read-write.  Run chkdsk.
[  109.488548][ T4101] bridge0: port 1(bridge_slave_0) entered blocking state
[  109.505038][ T4101] bridge0: port 1(bridge_slave_0) entered disabled state
[  109.521133][ T4163] ext4 filesystem being mounted at /31/file1 supports timestamps until 2038 (0x7fffffff)
[  109.537174][ T4101] device bridge_slave_0 entered promiscuous mode
[  109.575070][ T4101] bridge0: port 2(bridge_slave_1) entered blocking state
[  109.577903][ T4163] netlink: 'syz.3.108': attribute type 16 has an invalid length.
[  109.601701][ T4163] netlink: 28074 bytes leftover after parsing attributes in process `syz.3.108'.
[  109.606560][ T4101] bridge0: port 2(bridge_slave_1) entered disabled state
[  109.633977][ T4101] device bridge_slave_1 entered promiscuous mode
[  109.672861][ T4093] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  109.733859][ T4093] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  109.933660][ T4093] team0: Port device team_slave_0 added
[  109.967353][ T4101] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  110.005584][ T4093] team0: Port device team_slave_1 added
[  110.067167][ T4101] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  110.249432][ T4183] loop4: detected capacity change from 0 to 256
[  110.402766][ T4183] FAT-fs (loop4): Unrecognized mount option "fÙÒu:<ïnF¥Bñshortname=mixed" or missing value
[  110.535278][ T4188] syz.4.111[4188] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  110.535782][ T4188] syz.4.111[4188] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  111.234334][ T3649] Bluetooth: hci6: command tx timeout
[  111.251087][ T3651] Bluetooth: hci5: command tx timeout
[  111.272045][ T4093] batman_adv: batadv0: Adding interface: batadv_slave_0
[  111.287468][ T4093] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  111.324365][ T4093] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  111.374895][ T3643] EXT4-fs (loop3): unmounting filesystem.
[  111.376026][ T4101] team0: Port device team_slave_0 added
[  111.554812][ T4093] batman_adv: batadv0: Adding interface: batadv_slave_1
[  111.613381][ T4093] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  111.948699][ T4093] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  112.052508][ T4201] cgroup: release_agent respecified
[  112.126843][ T4101] team0: Port device team_slave_1 added
[  112.303347][ T4093] device hsr_slave_0 entered promiscuous mode
[  112.311925][ T4208] loop4: detected capacity change from 0 to 512
[  112.319207][ T4093] device hsr_slave_1 entered promiscuous mode
[  112.333632][ T4093] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  112.355328][ T4093] Cannot create hsr debugfs directory
[  113.000167][ T4208] loop4: detected capacity change from 0 to 256
[  113.059738][ T4208] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  113.077125][ T4101] batman_adv: batadv0: Adding interface: batadv_slave_0
[  113.131774][ T4101] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  113.144983][ T4208] exFAT-fs (loop4): hint_cluster is invalid (17)
[  113.176511][   T26] audit: type=1800 audit(1723876213.005:6): pid=4208 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.115" name="file1" dev="loop4" ino=1048604 res=0 errno=0
[  113.189274][ T4101] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  113.209828][ T4208] exFAT-fs (loop4): error, broken FAT chain.
[  113.220327][ T4208] exFAT-fs (loop4): Filesystem has been set read-only
[  113.229338][ T4208] exFAT-fs (loop4): error, failed to bmap (inode : ffff888058e314e0 iblock : 8, err : -5)
[  113.284247][ T4215] loop3: detected capacity change from 0 to 1024
[  113.295640][ T4101] batman_adv: batadv0: Adding interface: batadv_slave_1
[  113.302657][ T4101] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  113.329640][ T4215] EXT4-fs: Ignoring removed oldalloc option
[  113.330152][ T4215] EXT4-fs: Invalid want_extra_isize 4096
[  113.359370][ T4101] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  113.657455][ T4101] device hsr_slave_0 entered promiscuous mode
[  113.682653][ T4101] device hsr_slave_1 entered promiscuous mode
[  113.723015][ T4101] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  113.743562][ T4101] Cannot create hsr debugfs directory
[  114.029326][ T4093] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  114.163591][ T4093] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  114.314747][ T4093] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  114.326164][   T26] audit: type=1326 audit(1723876214.155:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4234 comm="syz.3.119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f016ed79e79 code=0x7ffc0000
[  114.375167][ T4235] loop3: detected capacity change from 0 to 128
[  114.413724][   T26] audit: type=1326 audit(1723876214.185:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4234 comm="syz.3.119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=226 compat=0 ip=0x7f016ed79e79 code=0x7ffc0000
[  114.439918][ T3694] device hsr_slave_0 left promiscuous mode
[  114.491147][ T3694] device hsr_slave_1 left promiscuous mode
[  114.503786][   T26] audit: type=1326 audit(1723876214.185:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4234 comm="syz.3.119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f016ed79e79 code=0x7ffc0000
[  114.557763][   T26] audit: type=1326 audit(1723876214.195:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4234 comm="syz.3.119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f016ed79e79 code=0x7ffc0000
[  114.567081][ T4243] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  114.590554][ T3694] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  114.607543][ T3694] batman_adv: batadv0: Removing interface: batadv_slave_0
[  114.618769][   T26] audit: type=1326 audit(1723876214.195:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4234 comm="syz.3.119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f016ed79eb3 code=0x7ffc0000
[  114.642291][ T3694] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  114.660503][ T3694] batman_adv: batadv0: Removing interface: batadv_slave_1
[  114.670640][ T3694] device bridge_slave_1 left promiscuous mode
[  114.684296][   T26] audit: type=1326 audit(1723876214.195:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4234 comm="syz.3.119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f016ed7895f code=0x7ffc0000
[  114.694610][ T3694] bridge0: port 2(bridge_slave_1) entered disabled state
[  114.744289][   T26] audit: type=1326 audit(1723876214.195:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4234 comm="syz.3.119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f016ed79f07 code=0x7ffc0000
[  114.771028][ T3694] device bridge_slave_0 left promiscuous mode
[  114.781207][   T26] audit: type=1326 audit(1723876214.205:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4234 comm="syz.3.119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f016ed78810 code=0x7ffc0000
[  114.812166][ T3694] bridge0: port 1(bridge_slave_0) entered disabled state
[  114.815152][   T26] audit: type=1326 audit(1723876214.205:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4234 comm="syz.3.119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f016ed79a7b code=0x7ffc0000
[  114.894751][   T26] audit: type=1326 audit(1723876214.215:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4234 comm="syz.3.119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f016ed78b0a code=0x7ffc0000
[  114.901960][ T4253] netlink: 12 bytes leftover after parsing attributes in process `syz.4.121'.
[  114.964558][ T3694] device veth1_macvtap left promiscuous mode
[  114.971046][ T3694] device veth0_macvtap left promiscuous mode
[  114.981274][ T3694] device veth1_vlan left promiscuous mode
[  114.987689][ T3694] device veth0_vlan left promiscuous mode
[  115.032408][ T4257] usb usb8: usbfs: process 4257 (syz.3.123) did not claim interface 0 before use
[  115.993595][ T4265] loop3: detected capacity change from 0 to 2048
[  116.051808][ T4265] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  116.754874][ T3649] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  116.756067][ T4265] syz.3.125: attempt to access beyond end of device
[  116.756067][ T4265] loop3: rw=524288, sector=33554430, nr_sectors = 2 limit=2048
[  116.763631][ T3649] Bluetooth: hci3: Injecting HCI hardware error event
[  116.780876][ T4267] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  116.786665][ T3649] Bluetooth: hci3: hardware error 0x00
[  117.272551][ T3694] team0 (unregistering): Port device team_slave_1 removed
[  117.332785][ T3694] team0 (unregistering): Port device team_slave_0 removed
[  117.417456][ T4274] kAFS: unparsable volume name
[  117.538042][ T3694] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  117.651380][ T3694] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  117.709348][   T33] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  118.215193][   T33] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  118.645025][   T33] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  118.699285][   T33] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  118.914472][ T3649] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  118.949174][   T33] usb 4-1: New USB device found, idVendor=28bd, idProduct=0055, bcdDevice= 0.00
[  118.958578][   T33] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  118.978983][   T33] usb 4-1: config 0 descriptor??
[  119.002510][ T3694] bond0 (unregistering): Released all slaves
[  119.116769][ T4093] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.534500][   T33] usbhid 4-1:0.0: can't add hid device: -71
[  119.549492][   T33] usbhid: probe of 4-1:0.0 failed with error -71
[  119.608690][   T33] usb 4-1: USB disconnect, device number 3
[  121.237105][ T4317] loop4: detected capacity change from 0 to 8
[  121.262056][ T4314] loop3: detected capacity change from 0 to 4096
[  121.275125][ T4317] SQUASHFS error: zlib decompression failed, data probably corrupt
[  121.283266][ T4317] SQUASHFS error: Failed to read block 0x13e: -5
[  121.289803][ T4317] SQUASHFS error: Unable to read metadata cache entry [13c]
[  121.297128][ T4317] SQUASHFS error: Unable to read directory block [13c:26]
[  121.462454][ T4101] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  121.495892][ T4318] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  121.503691][ T4101] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  121.572276][ T4101] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  121.635499][ T4101] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  121.652652][   T26] kauditd_printk_skb: 29 callbacks suppressed
[  121.652668][   T26] audit: type=1800 audit(1723876221.475:46): pid=4314 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.135" name="bus" dev="loop3" ino=18 res=0 errno=0
[  121.718338][ T4093] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  121.734743][ T4314] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[  121.741632][ T4314] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  121.764722][   T26] audit: type=1800 audit(1723876221.475:47): pid=4320 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.135" name="bus" dev="loop3" ino=18 res=0 errno=0
[  121.787060][ T4093] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  121.832325][ T4314] vhci_hcd vhci_hcd.0: Device attached
[  121.853987][ T4093] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  121.866461][ T4320] vhci_hcd vhci_hcd.0: pdev(3) rhport(1) sockfd(11)
[  121.873104][ T4320] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  121.884035][ T4093] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  121.930419][ T4325] vhci_hcd vhci_hcd.0: pdev(3) rhport(2) sockfd(17)
[  121.937066][ T4325] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  121.980002][ T4320] vhci_hcd vhci_hcd.0: Device attached
[  122.024293][   T33] vhci_hcd: vhci_device speed not set
[  122.088626][ T4325] vhci_hcd vhci_hcd.0: Device attached
[  122.104412][   T33] usb 15-1: new full-speed USB device number 2 using vhci_hcd
[  122.240841][ T4101] 8021q: adding VLAN 0 to HW filter on device bond0
[  122.259192][ T4314] vhci_hcd vhci_hcd.0: pdev(3) rhport(3) sockfd(10)
[  122.265849][ T4314] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  122.303845][ T4101] 8021q: adding VLAN 0 to HW filter on device team0
[  122.314668][ T4314] vhci_hcd vhci_hcd.0: Device attached
[  122.349994][ T4326] vhci_hcd: connection closed
[  122.350957][ T4323] vhci_hcd: connection closed
[  122.356077][ T4321] vhci_hcd: connection reset by peer
[  122.360369][   T56] vhci_hcd: stop threads
[  122.380898][ T4093] 8021q: adding VLAN 0 to HW filter on device bond0
[  122.395894][   T56] vhci_hcd: release socket
[  122.402793][ T3877] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  122.416619][ T3877] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  122.431532][   T56] vhci_hcd: disconnect device
[  122.443838][   T56] vhci_hcd: stop threads
[  122.473080][   T56] vhci_hcd: release socket
[  122.496746][ T4330] vhci_hcd: connection closed
[  122.511834][ T3877] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  122.533978][   T56] vhci_hcd: disconnect device
[  122.551987][   T56] vhci_hcd: stop threads
[  122.564022][ T3877] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  122.573716][   T56] vhci_hcd: release socket
[  122.584766][ T3877] bridge0: port 1(bridge_slave_0) entered blocking state
[  122.591896][ T3877] bridge0: port 1(bridge_slave_0) entered forwarding state
[  122.604949][   T56] vhci_hcd: disconnect device
[  122.614761][ T3877] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  122.619213][   T56] vhci_hcd: stop threads
[  122.635090][ T3877] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  122.643242][   T56] vhci_hcd: release socket
[  122.652940][   T56] vhci_hcd: disconnect device
[  122.654878][ T3877] bridge0: port 2(bridge_slave_1) entered blocking state
[  122.664776][ T3877] bridge0: port 2(bridge_slave_1) entered forwarding state
[  122.704644][ T3877] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  122.724950][ T3877] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  122.783665][ T4093] 8021q: adding VLAN 0 to HW filter on device team0
[  122.816929][ T4335] xt_CT: You must specify a L4 protocol and not use inversions on it
[  122.829702][ T3878] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  122.842103][ T3878] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  122.902846][ T3878] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  122.982672][ T3878] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  123.056173][ T3878] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  123.107530][ T3878] bridge0: port 1(bridge_slave_0) entered blocking state
[  123.114737][ T3878] bridge0: port 1(bridge_slave_0) entered forwarding state
[  123.145234][ T3878] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  123.156332][ T3878] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  123.166262][ T3878] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  123.176352][ T3878] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  123.185273][ T3878] bridge0: port 2(bridge_slave_1) entered blocking state
[  123.192409][ T3878] bridge0: port 2(bridge_slave_1) entered forwarding state
[  123.320319][ T3878] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  123.343369][ T3878] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  124.192748][ T4101] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  124.237863][ T4343] loop3: detected capacity change from 0 to 64
[  124.244198][ T4101] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  124.324738][ T3878] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  124.332879][ T3878] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  124.384853][ T3878] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  124.434961][ T3878] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  124.474593][ T3878] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  124.538504][ T3878] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  124.615373][ T3878] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  124.634648][ T3878] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  125.018944][ T3878] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  125.265734][ T3878] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  125.380490][ T3878] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  125.441238][ T3878] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  125.477090][ T3878] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  125.516364][ T4357] loop3: detected capacity change from 0 to 512
[  125.523683][ T3878] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  125.555175][ T4357] EXT4-fs: Ignoring removed oldalloc option
[  125.561130][ T4357] EXT4-fs: Ignoring removed oldalloc option
[  125.584672][ T3878] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  125.604974][ T3878] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  125.619472][ T3878] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  125.630116][ T4357] EXT4-fs (loop3): orphan cleanup on readonly fs
[  125.656481][ T4357] EXT4-fs error (device loop3): ext4_xattr_inode_iget:400: comm syz.3.141: Parent and EA inode have the same ino 15
[  125.686206][ T3878] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  125.732832][ T4093] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  125.748045][ T4357] EXT4-fs (loop3): Remounting filesystem read-only
[  125.820709][ T4357] EXT4-fs (loop3): 1 orphan inode deleted
[  125.838446][ T4357] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  126.808690][ T4378] input: syz1 as /devices/virtual/input/input6
[  126.963644][ T3965] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  126.989294][ T3965] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  127.041314][ T4101] 8021q: adding VLAN 0 to HW filter on device batadv0
[  127.061305][ T4383] xt_connbytes: Forcing CT accounting to be enabled
[  127.068628][ T4383] xt_time: invalid argument - start or stop time greater than 23:59:59
[  127.221756][ T3965] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  127.234758][   T33] vhci_hcd: vhci_device speed not set
[  127.264880][ T3965] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  127.312398][ T3643] EXT4-fs (loop3): unmounting filesystem.
[  127.363174][ T4388] loop3: detected capacity change from 0 to 512
[  127.427776][ T4388] EXT4-fs error (device loop3): __ext4_fill_super:5399: inode #2: comm syz.3.144: casefold flag without casefold feature
[  127.447269][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  127.456346][ T4388] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[  127.489961][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  127.510663][ T4101] device veth0_vlan entered promiscuous mode
[  127.524549][ T4101] device veth1_vlan entered promiscuous mode
[  127.549665][ T4101] device veth0_macvtap entered promiscuous mode
[  127.559949][ T4101] device veth1_macvtap entered promiscuous mode
[  127.633528][ T4388] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  127.652569][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  127.697300][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  127.721952][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  128.538682][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  128.547138][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  128.555919][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  128.565039][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  128.576876][ T4101] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  128.609217][ T4101] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  128.667323][ T4101] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  128.819847][ T4101] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  128.861843][ T4101] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  131.425036][ T3649] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  131.433628][ T3649] Bluetooth: hci0: Injecting HCI hardware error event
[  131.443118][ T3651] Bluetooth: hci0: hardware error 0x00
[  131.468229][ T4101] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  131.484741][ T4101] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  131.500498][ T4101] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  131.566065][ T3643] EXT4-fs (loop3): unmounting filesystem.
[  131.584469][ T4101] batman_adv: batadv0: Interface activated: batadv_slave_0
[  131.633100][ T4426] loop4: detected capacity change from 0 to 64
[  131.644364][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  131.652715][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  131.661907][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  131.685250][ T4093] 8021q: adding VLAN 0 to HW filter on device batadv0
[  131.701588][ T4101] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  131.771381][ T4101] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  131.791468][ T4431] loop0: detected capacity change from 0 to 512
[  131.829245][ T4101] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  131.853875][ T4431] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  131.881030][ T4101] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  131.917309][ T4433] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  131.920132][ T4431] EXT4-fs (loop0): can't mount with commit=9, fs mounted w/o journal
[  131.933234][ T4101] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  131.963580][ T4101] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  131.980177][ T4101] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  131.991222][ T4101] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  132.009800][ T4101] batman_adv: batadv0: Interface activated: batadv_slave_1
[  132.031918][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  132.050371][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  132.082979][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  132.144796][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  132.738915][ T4101] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  132.825003][ T4101] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  132.829621][ T4440] 9pnet_fd: Insufficient options for proto=fd
[  132.833728][ T4101] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  132.871280][ T4101] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  132.910847][ T4449] sctp: [Deprecated]: syz.4.153 (pid 4449) Use of int in max_burst socket option.
[  132.910847][ T4449] Use struct sctp_assoc_value instead
[  132.927521][ T1266] ieee802154 phy0 wpan0: encryption failed: -22
[  132.933860][ T1266] ieee802154 phy1 wpan1: encryption failed: -22
[  132.978028][ T3877] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  132.978681][ T3877] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  132.980400][ T4445] netlink: 4 bytes leftover after parsing attributes in process `syz.3.151'.
[  133.063018][ T4093] device veth0_vlan entered promiscuous mode
[  133.083587][ T3694] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  133.084970][ T3694] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  133.100261][ T3694] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  133.100944][ T3694] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  133.106723][ T4093] device veth1_vlan entered promiscuous mode
[  133.123241][ T3877] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  133.123302][ T3877] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  133.127626][ T3877] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  133.131634][ T3877] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  133.135576][ T3877] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  133.169998][ T3877] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  133.170803][ T3877] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  133.173830][ T4093] device veth0_macvtap entered promiscuous mode
[  133.181048][ T4093] device veth1_macvtap entered promiscuous mode
[  133.226987][ T3877] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  133.227048][ T3877] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  133.231630][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  133.232300][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  133.232897][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  133.258973][ T4093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  133.258995][ T4093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  133.259005][ T4093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  133.259018][ T4093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  133.259028][ T4093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  133.259040][ T4093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  133.259049][ T4093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  133.259061][ T4093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  133.259076][ T4093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  133.259088][ T4093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  133.260440][ T4093] batman_adv: batadv0: Interface activated: batadv_slave_0
[  133.273542][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  133.274690][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  133.389120][ T4093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  133.389142][ T4093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  133.389152][ T4093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  133.389164][ T4093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  133.389174][ T4093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  133.389186][ T4093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  133.389195][ T4093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  133.389206][ T4093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  133.389220][ T4093] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  133.389232][ T4093] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  133.390445][ T4093] batman_adv: batadv0: Interface activated: batadv_slave_1
[  133.415707][ T3965] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  133.417433][ T3965] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  133.467535][ T4093] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  133.467559][ T4093] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  133.467575][ T4093] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  133.467590][ T4093] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  133.704609][ T3651] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  134.261594][ T4463] loop1: detected capacity change from 0 to 512
[  134.709849][ T4463] EXT4-fs error (device loop1): ext4_orphan_get:1396: inode #15: comm syz.1.89: casefold flag without casefold feature
[  134.710666][ T4463] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: inode #2: comm syz.1.89: missing EA_INODE flag
[  134.710865][ T4463] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.89: error while reading EA inode 2 err=-117
[  134.712143][ T4463] EXT4-fs (loop1): 1 orphan inode deleted
[  134.712176][ T4463] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  134.913640][    C0] eth0: bad gso: type: 1, size: 1408
[  134.938558][ T4446] loop0: detected capacity change from 0 to 40427
[  134.993155][ T3694] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  134.994491][ T4446] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  135.017970][    C0] eth0: bad gso: type: 1, size: 1408
[  135.020287][ T4446] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  135.044892][ T3877] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  135.054955][ T3877] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  135.066522][ T3694] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  135.072998][ T4481] loop4: detected capacity change from 0 to 1024
[  135.104805][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  135.116339][ T4446] F2FS-fs (loop0): invalid crc value
[  135.180105][ T4101] EXT4-fs (loop1): unmounting filesystem.
[  135.221395][ T4446] F2FS-fs (loop0): Found nat_bits in checkpoint
[  135.233550][ T4481] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  135.278521][ T3877] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  135.561052][ T4481] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  136.073673][ T4446] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  136.096741][    C0] eth0: bad gso: type: 1, size: 1408
[  136.117519][ T4446] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  138.928405][ T3634] EXT4-fs (loop4): unmounting filesystem.
[  139.052796][ T4519] loop1: detected capacity change from 0 to 512
[  139.074212][  T154] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  139.169282][ T4524] loop0: detected capacity change from 0 to 512
[  139.270903][ T4519] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found
[  139.300118][ T4519] UDF-fs: Scanning with blocksize 512 failed
[  139.309412][ T4524] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  139.344617][ T4524] ext4 filesystem being mounted at /37/file0 supports timestamps until 2038 (0x7fffffff)
[  139.366992][ T4519] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found
[  139.404921][ T4519] UDF-fs: Scanning with blocksize 1024 failed
[  139.446410][  T154] usb 4-1: config 0 has an invalid interface descriptor of length 3, skipping
[  139.470845][ T4519] UDF-fs: warning (device loop1): udf_load_vrs: No VRS found
[  139.489403][  T154] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  139.520526][ T4519] UDF-fs: Scanning with blocksize 2048 failed
[  139.536704][  T154] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  139.554624][ T4519] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  139.564764][  T154] usb 4-1: New USB device found, idVendor=04d8, idProduct=c002, bcdDevice= 0.00
[  139.573829][  T154] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  139.591187][ T4519] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  139.613462][  T154] usb 4-1: config 0 descriptor??
[  139.764255][  T151] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  139.873147][ T4542] loop4: detected capacity change from 0 to 2048
[  139.915922][ T4542] UDF-fs: error (device loop4): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  139.980275][ T4519] input: syz1 as /devices/virtual/input/input7
[  139.988855][ T4542] UDF-fs: error (device loop4): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  140.011301][ T4542] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found
[  140.012810][ T4506] loop3: detected capacity change from 0 to 512
[  140.024423][ T4542] UDF-fs: Scanning with blocksize 512 failed
[  140.048785][  T151] usb 1-1: Using ep0 maxpacket: 16
[  140.084400][ T4542] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  140.156926][ T4506] EXT4-fs (loop3): orphan cleanup on readonly fs
[  140.184552][  T151] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  140.191816][ T4506] Quota error (device loop3): dq_insert_tree: Quota tree root isn't allocated!
[  140.196273][  T151] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  140.216321][  T151] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  140.216371][  T151] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  140.216394][  T151] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  140.231886][  T151] usb 1-1: config 0 descriptor??
[  140.331184][ T4506] Quota error (device loop3): qtree_write_dquot: Error -5 occurred while creating quota
[  140.331380][ T4506] EXT4-fs error (device loop3): ext4_acquire_dquot:6777: comm syz.3.161: Failed to acquire dquot type 0
[  140.332937][ T4506] Quota error (device loop3): dq_insert_tree: Quota tree root isn't allocated!
[  140.332961][ T4506] Quota error (device loop3): qtree_write_dquot: Error -5 occurred while creating quota
[  140.332994][ T4506] EXT4-fs error (device loop3): ext4_acquire_dquot:6777: comm syz.3.161: Failed to acquire dquot type 0
[  140.333708][ T4506] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.161: bg 0: block 64: padding at end of block bitmap is not set
[  140.371687][ T4506] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6172: Corrupt filesystem
[  140.372557][ T4506] Quota error (device loop3): dq_insert_tree: Quota tree root isn't allocated!
[  140.372662][ T4506] Quota error (device loop3): qtree_write_dquot: Error -5 occurred while creating quota
[  140.372778][ T4506] EXT4-fs error (device loop3): ext4_acquire_dquot:6777: comm syz.3.161: Failed to acquire dquot type 0
[  140.373452][ T4506] EXT4-fs (loop3): 1 orphan inode deleted
[  140.376765][ T4506] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  140.377857][ T4506] EXT4-fs (loop3): unmounting filesystem.
[  140.529691][  T154] usb 4-1: USB disconnect, device number 4
[  140.736039][  T151] microsoft 0003:045E:07DA.0001: unknown main item tag 0x0
[  140.736108][  T151] microsoft 0003:045E:07DA.0001: unknown main item tag 0x0
[  140.736124][  T151] microsoft 0003:045E:07DA.0001: unknown main item tag 0x0
[  140.736138][  T151] microsoft 0003:045E:07DA.0001: unknown main item tag 0x0
[  140.736152][  T151] microsoft 0003:045E:07DA.0001: unknown main item tag 0x0
[  140.736166][  T151] microsoft 0003:045E:07DA.0001: unknown main item tag 0x0
[  140.736180][  T151] microsoft 0003:045E:07DA.0001: unknown main item tag 0x0
[  140.736195][  T151] microsoft 0003:045E:07DA.0001: unknown main item tag 0x0
[  140.736209][  T151] microsoft 0003:045E:07DA.0001: unknown main item tag 0x0
[  140.736223][  T151] microsoft 0003:045E:07DA.0001: unknown main item tag 0x0
[  140.737714][  T151] microsoft 0003:045E:07DA.0001: No inputs registered, leaving
[  140.762374][  T151] microsoft 0003:045E:07DA.0001: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.0-1/input0
[  140.762407][  T151] microsoft 0003:045E:07DA.0001: no inputs found
[  140.762421][  T151] microsoft 0003:045E:07DA.0001: could not initialize ff, continuing anyway
[  141.019715][  T154] usb 1-1: USB disconnect, device number 3
[  141.323599][ T4566] loop1: detected capacity change from 0 to 512
[  141.340741][ T4553] tty tty1: ldisc open failed (-12), clearing slot 0
[  141.359628][ T4566] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  141.369269][ T4566] ext4 filesystem being mounted at /5/bus supports timestamps until 2038 (0x7fffffff)
[  141.464227][   T33] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  141.513860][ T4570] loop4: detected capacity change from 0 to 128
[  141.881752][ T3637] EXT4-fs (loop0): unmounting filesystem.
[  141.914805][   T33] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  141.981305][   T33] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  142.139449][   T33] usb 4-1: New USB device found, idVendor=046d, idProduct=c086, bcdDevice= 0.09
[  142.228177][   T33] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  142.245910][   T33] usb 4-1: config 0 descriptor??
[  142.405163][ T4101] EXT4-fs (loop1): unmounting filesystem.
[  142.946505][ T4570]  loop4:
[  143.817398][   T33] logitech-hidpp-device 0003:046D:C086.0002: unbalanced collection at end of report description
[  143.831859][ T3634] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000074f)
[  143.846826][ T3634] FAT-fs (loop4): Filesystem has been set read-only
[  143.870406][   T33] logitech-hidpp-device 0003:046D:C086.0002: hidpp_probe:parse failed
[  143.894997][ T3634] FAT-fs (loop4): error, invalid access to FAT (entry 0x0000074f)
[  143.899603][   T33] logitech-hidpp-device: probe of 0003:046D:C086.0002 failed with error -22
[  144.133832][ T3714] usb 4-1: USB disconnect, device number 5
[  145.149135][ T4599] loop1: detected capacity change from 0 to 2048
[  145.159922][ T4599] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  145.821350][ T3890] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.221935][   T26] audit: type=1326 audit(1723876246.985:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4608 comm="syz.2.183" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40bc379e79 code=0x7ffc0000
[  147.404843][ T4616] netlink: 'syz.0.182': attribute type 3 has an invalid length.
[  147.679892][   T26] audit: type=1326 audit(1723876246.985:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4608 comm="syz.2.183" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f40bc379e79 code=0x7ffc0000
[  147.756000][ T4616] netlink: 8 bytes leftover after parsing attributes in process `syz.0.182'.
[  147.773385][ T4617] loop0: detected capacity change from 0 to 512
[  147.774027][ T4615] loop3: detected capacity change from 0 to 2048
[  147.789523][ T3890] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  147.802039][ T4617] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  147.844673][   T26] audit: type=1326 audit(1723876246.985:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4608 comm="syz.2.183" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40bc379e79 code=0x7ffc0000
[  147.877608][ T4615] UDF-fs: error (device loop3): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  147.898176][ T4615] UDF-fs: error (device loop3): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  147.914476][ T4617] EXT4-fs (loop0): warning: checktime reached, running e2fsck is recommended
[  147.922162][ T4619] loop1: detected capacity change from 0 to 512
[  147.936166][ T4617] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c01c, mo2=0002]
[  147.937280][ T4615] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found
[  147.952053][ T4615] UDF-fs: Scanning with blocksize 512 failed
[  147.961228][   T26] audit: type=1326 audit(1723876246.995:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4608 comm="syz.2.183" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f40bc379e79 code=0x7ffc0000
[  147.983763][   T26] audit: type=1326 audit(1723876247.035:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4608 comm="syz.2.183" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40bc379e79 code=0x7ffc0000
[  148.006060][   T26] audit: type=1326 audit(1723876247.045:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4608 comm="syz.2.183" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f40bc379e79 code=0x7ffc0000
[  148.028779][   T26] audit: type=1326 audit(1723876247.045:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4608 comm="syz.2.183" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40bc379e79 code=0x7ffc0000
[  148.034536][ T4617] System zones: 
[  148.054591][   T26] audit: type=1326 audit(1723876247.045:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4608 comm="syz.2.183" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40bc379e79 code=0x7ffc0000
[  148.091306][ T4615] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  148.099732][ T4619] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  148.144328][ T4619] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  148.211429][ T4617] 0-2, 18-18, 34-34
[  148.278678][ T3649] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  148.289653][ T3649] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  148.302040][ T3649] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  148.308337][ T4619] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 18 vs 41 free clusters
[  148.328966][   T48] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  148.336726][ T4619] Quota error (device loop1): write_blk: dquota write failed
[  148.351747][ T4617] EXT4-fs error (device loop0): ext4_orphan_get:1422: comm syz.0.182: bad orphan inode 15
[  148.450006][   T48] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  148.457461][   T48] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  148.484530][ T4617] ext4_test_bit(bit=14, block=18) = 1
[  148.491098][ T4617] is_bad_inode(inode)=0
[  148.494766][ T4619] Quota error (device loop1): find_free_dqentry: Can't write quota data block 5
[  148.500693][ T4617] NEXT_ORPHAN(inode)=2264924160
[  148.510573][ T3890] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  148.519005][ T4619] EXT4-fs error (device loop1): ext4_acquire_dquot:6777: comm syz.1.186: Failed to acquire dquot type 1
[  148.521103][ T4617] max_ino=32
[  148.538478][ T4617] i_nlink=0
[  148.543180][ T4617] EXT4-fs warning (device loop0): ext4_update_dynamic_rev:1085: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  148.558500][ T4617] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.182: bg 0: block 80: padding at end of block bitmap is not set
[  148.578122][ T4617] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6172: Corrupt filesystem
[  148.595231][ T4617] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  148.622857][ T4619] EXT4-fs (loop1): 1 truncate cleaned up
[  148.651619][ T4619] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  148.694178][ T3890] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  148.766731][ T4619] syz.1.186 (4619) used greatest stack depth: 19872 bytes left
[  148.917422][ T3637] EXT4-fs (loop0): unmounting filesystem.
[  148.975057][ T4101] EXT4-fs (loop1): unmounting filesystem.
[  149.177844][ T4623] chnl_net:caif_netlink_parms(): no params data found
[  150.514496][ T3651] Bluetooth: hci0: command tx timeout
[  151.169823][ T4661] loop3: detected capacity change from 0 to 512
[  151.231210][ T4623] bridge0: port 1(bridge_slave_0) entered blocking state
[  151.254789][ T4623] bridge0: port 1(bridge_slave_0) entered disabled state
[  151.264048][ T4661] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  151.337559][ T4646] loop0: detected capacity change from 0 to 32768
[  151.352190][ T4661] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  151.368660][ T4661] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  151.383106][ T4661] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  151.402414][ T4661] [EXT4 FS bs=4096, gc=2, bpg=34, ipg=32, mo=e040e01c, mo2=0000]
[  151.415068][ T4661] EXT4-fs (loop3): failed to initialize system zone (-117)
[  151.422536][ T4661] EXT4-fs (loop3): mount failed
[  151.448449][ T4623] device bridge_slave_0 entered promiscuous mode
[  151.466850][ T4646] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.192 (4646)
[  151.633192][ T4623] bridge0: port 2(bridge_slave_1) entered blocking state
[  151.649920][ T4623] bridge0: port 2(bridge_slave_1) entered disabled state
[  151.668428][ T4623] device bridge_slave_1 entered promiscuous mode
[  151.739460][ T4670] process 'syz.2.195' launched './file0' with NULL argv: empty string added
[  152.561280][ T4646] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  152.594361][ T3651] Bluetooth: hci0: command tx timeout
[  152.614415][ T4646] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  152.645857][ T4646] BTRFS info (device loop0): using free space tree
[  152.694223][ T4623] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  152.709849][ T4623] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  152.886342][ T4692] netlink: 'syz.3.198': attribute type 3 has an invalid length.
[  152.909719][ T4692] netlink: 8 bytes leftover after parsing attributes in process `syz.3.198'.
[  152.950566][ T4692] loop3: detected capacity change from 0 to 512
[  152.967310][ T4623] team0: Port device team_slave_0 added
[  152.973630][ T4687] loop1: detected capacity change from 0 to 4096
[  152.976088][ T4623] team0: Port device team_slave_1 added
[  153.061624][ T4692] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  153.126051][ T4692] EXT4-fs (loop3): warning: checktime reached, running e2fsck is recommended
[  153.143593][ T4623] batman_adv: batadv0: Adding interface: batadv_slave_0
[  153.157707][ T4705] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  153.167331][ T4692] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842c01c, mo2=0002]
[  153.183500][ T4646] BTRFS info (device loop0): enabling ssd optimizations
[  153.192988][ T4692] System zones: 0-2, 18-18, 34-34
[  153.228208][ T4623] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  153.277558][ T4692] EXT4-fs error (device loop3): ext4_orphan_get:1422: comm syz.3.198: bad orphan inode 15
[  153.286914][   T26] kauditd_printk_skb: 2 callbacks suppressed
[  153.286927][   T26] audit: type=1800 audit(1723876253.105:56): pid=4687 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.197" name="bus" dev="loop1" ino=18 res=0 errno=0
[  153.316953][ T4711] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[  153.323524][ T4711] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  153.333268][ T4692] ext4_test_bit(bit=14, block=18) = 1
[  153.338984][ T4623] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  153.368795][ T4711] vhci_hcd vhci_hcd.0: Device attached
[  153.374405][   T26] audit: type=1800 audit(1723876253.115:57): pid=4707 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.197" name="bus" dev="loop1" ino=18 res=0 errno=0
[  153.384400][ T4692] is_bad_inode(inode)=0
[  153.407853][ T4687] vhci_hcd vhci_hcd.0: pdev(1) rhport(1) sockfd(11)
[  153.414498][ T4687] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  153.415199][ T4692] NEXT_ORPHAN(inode)=2264924160
[  153.462912][ T4692] max_ino=32
[  153.504375][ T4692] i_nlink=0
[  153.507598][ T4692] EXT4-fs warning (device loop3): ext4_update_dynamic_rev:1085: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  153.525801][ T4623] batman_adv: batadv0: Adding interface: batadv_slave_1
[  153.538783][ T4687] vhci_hcd vhci_hcd.0: Device attached
[  153.587800][ T4623] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  153.621731][ T4707] vhci_hcd vhci_hcd.0: pdev(1) rhport(2) sockfd(16)
[  153.625992][ T4692] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.198: bg 0: block 80: padding at end of block bitmap is not set
[  153.628357][ T4707] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  153.642269][ T4707] vhci_hcd vhci_hcd.0: Device attached
[  153.664429][ T3714] vhci_hcd: vhci_device speed not set
[  153.704838][ T4692] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6172: Corrupt filesystem
[  153.719253][ T4724] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  153.745586][ T4724] CIFS mount error: No usable UNC path provided in device string!
[  153.745586][ T4724] 
[  153.755914][ T4724] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  153.976736][ T4692] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  153.986444][ T4687] vhci_hcd vhci_hcd.0: pdev(1) rhport(3) sockfd(13)
[  153.993068][ T4687] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  154.034418][ T4623] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  154.121925][ T4687] vhci_hcd vhci_hcd.0: Device attached
[  154.127676][ T3637] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  154.139645][ T4722] vhci_hcd: connection closed
[  154.139854][ T4718] vhci_hcd: connection closed
[  154.144270][ T4712] vhci_hcd: connection closed
[  154.149441][ T4716] vhci_hcd: connection closed
[  154.155042][ T3877] vhci_hcd: stop threads
[  154.164007][ T3877] vhci_hcd: release socket
[  154.184382][ T3714] usb 11-1: new full-speed USB device number 2 using vhci_hcd
[  154.192008][ T3877] vhci_hcd: disconnect device
[  154.209412][ T4714] vhci_hcd: sendmsg failed!, ret=-32 for 48
[  154.250048][ T3877] vhci_hcd: stop threads
[  154.256464][ T3877] vhci_hcd: release socket
[  154.268554][ T3877] vhci_hcd: disconnect device
[  154.300558][ T3877] vhci_hcd: stop threads
[  154.305175][ T3877] vhci_hcd: release socket
[  154.318978][ T3877] vhci_hcd: disconnect device
[  154.334900][ T3877] vhci_hcd: stop threads
[  154.354449][ T3877] vhci_hcd: release socket
[  154.360783][ T3877] vhci_hcd: disconnect device
[  154.665652][ T3643] EXT4-fs (loop3): unmounting filesystem.
[  155.170850][ T4623] device hsr_slave_0 entered promiscuous mode
[  155.214668][ T4623] device hsr_slave_1 entered promiscuous mode
[  155.240015][ T4623] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  155.320057][ T4623] Cannot create hsr debugfs directory
[  155.527098][ T4749] loop0: detected capacity change from 0 to 8
[  155.602990][ T4749] SQUASHFS error: zlib decompression failed, data probably corrupt
[  155.611672][ T4749] SQUASHFS error: Failed to read block 0x13e: -5
[  155.618226][ T4749] SQUASHFS error: Unable to read metadata cache entry [13c]
[  155.625598][ T4749] SQUASHFS error: Unable to read directory block [13c:26]
[  157.169016][ T3890] team0: Port device wlan1 removed
[  157.870430][ T4763] netlink: 'syz.0.205': attribute type 3 has an invalid length.
[  157.967648][ T4763] netlink: 8 bytes leftover after parsing attributes in process `syz.0.205'.
[  158.593292][ T4771] loop3: detected capacity change from 0 to 512
[  158.707108][ T4771] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  158.716206][ T4771] ext4 filesystem being mounted at /55/bus supports timestamps until 2038 (0x7fffffff)
[  158.717004][ T4763] netlink: 'syz.0.205': attribute type 4 has an invalid length.
[  158.754638][ T4770] netlink: 'syz.0.205': attribute type 4 has an invalid length.
[  158.912632][ T4763] syz.0.205 (4763) used greatest stack depth: 18976 bytes left
[  159.114434][ T4736] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  159.374557][ T4736] usb 3-1: Using ep0 maxpacket: 16
[  159.664512][ T4736] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  159.721397][ T4736] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  159.763235][ T4736] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  159.784421][ T3714] vhci_hcd: vhci_device speed not set
[  159.801008][ T4736] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  159.821013][ T4736] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  159.855339][ T4736] usb 3-1: config 0 descriptor??
[  159.868123][ T3643] EXT4-fs (loop3): unmounting filesystem.
[  159.908042][ T3890] device hsr_slave_0 left promiscuous mode
[  159.943688][ T3890] device hsr_slave_1 left promiscuous mode
[  160.054166][ T3890] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  160.072006][ T3890] batman_adv: batadv0: Removing interface: batadv_slave_0
[  160.100365][ T3890] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  160.201806][ T4798] loop0: detected capacity change from 0 to 256
[  160.308690][ T4798] exFAT-fs (loop0): failed to load upcase table (idx : 0x000104b5, chksum : 0x6646eacc, utbl_chksum : 0xe619d30d)
[  160.329092][ T3890] batman_adv: batadv0: Removing interface: batadv_slave_1
[  160.495644][ T3890] device bridge_slave_1 left promiscuous mode
[  160.533962][ T3890] bridge0: port 2(bridge_slave_1) entered disabled state
[  160.778686][ T3890] device bridge_slave_0 left promiscuous mode
[  160.824360][ T3890] bridge0: port 1(bridge_slave_0) entered disabled state
[  160.836828][ T4796] loop3: detected capacity change from 0 to 1024
[  160.898821][ T4796] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  160.973071][ T4796] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  160.991889][ T4736] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0
[  160.999316][ T4736] microsoft 0003:045E:07DA.0003: unknown main item tag 0x0
[  161.006658][ T4736] microsoft 0003:045E:07DA.0003: item fetching failed at offset 30/34
[  161.015362][ T4736] microsoft 0003:045E:07DA.0003: parse failed
[  161.021511][ T4736] microsoft: probe of 0003:045E:07DA.0003 failed with error -22
[  161.053965][ T3890] device veth1_macvtap left promiscuous mode
[  161.070132][ T3890] device veth0_macvtap left promiscuous mode
[  161.123984][ T3890] device veth1_vlan left promiscuous mode
[  161.163907][ T3890] device veth0_vlan left promiscuous mode
[  161.196772][ T4808] EXT4-fs error (device loop3): ext4_expand_extra_isize_ea:2746: inode #2: comm syz.3.220: corrupted in-inode xattr
[  161.284709][ T4796] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2219: inode #2: comm syz.3.220: corrupted in-inode xattr
[  161.286165][ T4786] loop1: detected capacity change from 0 to 32768
[  161.314037][ T4805] loop0: detected capacity change from 0 to 4096
[  161.346819][ T4786] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.210 (4786)
[  161.428069][ T4786] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  161.467556][ T3643] EXT4-fs (loop3): unmounting filesystem.
[  161.471032][ T4812] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  161.478969][ T4786] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  161.541530][ T4786] BTRFS info (device loop1): using free space tree
[  161.558488][   T26] audit: type=1800 audit(1723876261.375:58): pid=4805 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.213" name="bus" dev="loop0" ino=18 res=0 errno=0
[  161.609695][ T4805] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(8)
[  161.616262][ T4805] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  161.653779][   T26] audit: type=1800 audit(1723876261.385:59): pid=4813 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.213" name="bus" dev="loop0" ino=18 res=0 errno=0
[  161.653827][ T4786] BTRFS info (device loop1): enabling ssd optimizations
[  161.673853][    C1] vkms_vblank_simulate: vblank timer overrun
[  161.932486][ T3714] vhci_hcd: vhci_device speed not set
[  162.032557][ T4805] vhci_hcd vhci_hcd.0: Device attached
[  162.121815][   T26] audit: type=1326 audit(1723876261.585:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4816 comm="syz.3.214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f016ed79e79 code=0x7ffc0000
[  162.186566][ T3678] vhci_hcd: vhci_device speed not set
[  162.305251][ T3678] usb 9-1: new full-speed USB device number 2 using vhci_hcd
[  162.356065][ T4813] vhci_hcd vhci_hcd.0: pdev(0) rhport(1) sockfd(11)
[  162.361845][   T26] audit: type=1326 audit(1723876261.585:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4816 comm="syz.3.214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f016ed79e79 code=0x7ffc0000
[  162.362696][ T4813] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  162.403381][   T26] audit: type=1326 audit(1723876261.595:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4816 comm="syz.3.214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f016ed79e79 code=0x7ffc0000
[  162.403505][ T4805] vhci_hcd vhci_hcd.0: pdev(0) rhport(2) sockfd(16)
[  162.427272][   T26] audit: type=1326 audit(1723876261.595:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4816 comm="syz.3.214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f016ed79e79 code=0x7ffc0000
[  162.432029][ T4805] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  162.462137][   T26] audit: type=1326 audit(1723876261.635:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4816 comm="syz.3.214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f016ed79e79 code=0x7ffc0000
[  162.522022][ T4101] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  162.543253][   T26] audit: type=1326 audit(1723876261.645:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4816 comm="syz.3.214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f016ed79e79 code=0x7ffc0000
[  162.565443][   T26] audit: type=1326 audit(1723876261.645:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4816 comm="syz.3.214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f016ed79e79 code=0x7ffc0000
[  162.592912][ T4805] vhci_hcd vhci_hcd.0: Device attached
[  162.607445][ T4813] vhci_hcd vhci_hcd.0: Device attached
[  162.610663][   T26] audit: type=1326 audit(1723876261.645:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4816 comm="syz.3.214" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f016ed79e79 code=0x7ffc0000
[  162.711234][ T4838] vhci_hcd vhci_hcd.0: pdev(0) rhport(3) sockfd(19)
[  162.717883][ T4838] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  162.838062][ T4850] loop3: detected capacity change from 0 to 8
[  162.910087][ T4850] SQUASHFS error: zlib decompression failed, data probably corrupt
[  162.918273][ T4850] SQUASHFS error: Failed to read block 0x13e: -5
[  162.924801][ T4850] SQUASHFS error: Unable to read metadata cache entry [13c]
[  162.932135][ T4850] SQUASHFS error: Unable to read directory block [13c:26]
[  163.024556][ T4838] vhci_hcd vhci_hcd.0: Device attached
[  163.213168][ T4845] vhci_hcd: connection closed
[  163.215338][ T3878] vhci_hcd: stop threads
[  163.244474][ T4814] vhci_hcd: connection reset by peer
[  163.244506][ T4837] vhci_hcd: connection closed
[  163.244530][ T4841] vhci_hcd: connection closed
[  163.256142][ T3878] vhci_hcd: release socket
[  163.313238][ T3878] vhci_hcd: disconnect device
[  163.364885][ T3878] vhci_hcd: stop threads
[  163.369371][ T3878] vhci_hcd: release socket
[  163.392707][ T3878] vhci_hcd: disconnect device
[  163.476339][ T3878] vhci_hcd: stop threads
[  163.480642][ T3878] vhci_hcd: release socket
[  163.485218][ T3878] vhci_hcd: disconnect device
[  163.490694][ T3878] vhci_hcd: stop threads
[  163.496465][ T3878] vhci_hcd: release socket
[  163.502012][ T3878] vhci_hcd: disconnect device
[  164.080289][ T3890] team0 (unregistering): Port device team_slave_1 removed
[  164.162439][ T3890] team0 (unregistering): Port device team_slave_0 removed
[  164.169958][ T3681] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  164.205759][ T3890] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  165.052840][ T3890] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  165.356381][ T3681] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  165.373058][ T3681] usb 4-1: config 0 has no interfaces?
[  165.379463][ T3681] usb 4-1: New USB device found, idVendor=056a, idProduct=00dd, bcdDevice= 0.00
[  165.389155][ T3681] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  165.403803][ T3681] usb 4-1: config 0 descriptor??
[  165.455795][ T3890] bond0 (unregistering): Released all slaves
[  165.576750][ T4737] usb 3-1: USB disconnect, device number 2
[  166.024197][ T4880] ubi0: attaching mtd0
[  166.091819][ T4880] ubi0: scanning is finished
[  166.096739][ T4880] ubi0: empty MTD device detected
[  166.771338][ T4735] usb 4-1: USB disconnect, device number 6
[  167.045874][ T4880] ubi0 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt0d", error -4
[  167.474301][ T3678] vhci_hcd: vhci_device speed not set
[  168.777849][ T4623] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  168.873002][ T4623] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  168.945788][ T4623] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  169.013996][   T26] audit: type=1326 audit(1723876268.835:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4913 comm="syz.0.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6501b79e79 code=0x7ffc0000
[  169.052651][ T4914] loop0: detected capacity change from 0 to 512
[  169.072886][ T4623] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  169.088984][   T26] audit: type=1326 audit(1723876268.865:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4913 comm="syz.0.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=282 compat=0 ip=0x7f6501b79e79 code=0x7ffc0000
[  169.149206][   T26] audit: type=1326 audit(1723876268.865:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4913 comm="syz.0.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6501b79e79 code=0x7ffc0000
[  169.319163][ T4914] EXT4-fs error (device loop0): ext4_clear_blocks:883: inode #13: comm syz.0.238: attempt to clear invalid blocks 1 len 1
[  169.676105][ T4914] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.238: bg 0: block 343: padding at end of block bitmap is not set
[  169.843877][   T26] audit: type=1326 audit(1723876268.865:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4913 comm="syz.0.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=280 compat=0 ip=0x7f6501b79e79 code=0x7ffc0000
[  169.995082][ T4914] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6172: Corrupt filesystem
[  170.004244][ T3680] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  170.078224][ T4914] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz.0.238: invalid indirect mapped block 1819239214 (level 0)
[  170.109042][   T26] audit: type=1326 audit(1723876268.865:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4913 comm="syz.0.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6501b79e79 code=0x7ffc0000
[  170.135707][ T4914] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz.0.238: invalid indirect mapped block 1819239214 (level 1)
[  170.174654][ T4623] 8021q: adding VLAN 0 to HW filter on device bond0
[  170.223357][ T4623] 8021q: adding VLAN 0 to HW filter on device team0
[  170.230251][   T26] audit: type=1326 audit(1723876268.865:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4913 comm="syz.0.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f6501b79e79 code=0x7ffc0000
[  170.272738][ T4914] EXT4-fs (loop0): 1 truncate cleaned up
[  170.590644][ T4914] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  170.959642][ T3680] usb 2-1: device not accepting address 2, error -71
[  171.408671][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  171.437712][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  171.511074][ T4914] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2219: inode #15: comm syz.0.238: corrupted in-inode xattr
[  171.528954][   T26] audit: type=1326 audit(1723876268.865:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4913 comm="syz.0.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6501b79e79 code=0x7ffc0000
[  171.552186][   T26] audit: type=1326 audit(1723876268.865:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4913 comm="syz.0.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f6501b79e79 code=0x7ffc0000
[  171.595456][ T4941] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2219: inode #15: comm syz.0.238: corrupted in-inode xattr
[  171.597444][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  171.624939][   T26] audit: type=1326 audit(1723876268.865:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4913 comm="syz.0.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6501b79e79 code=0x7ffc0000
[  171.867359][ T3637] EXT4-fs (loop0): unmounting filesystem.
[  171.870155][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  171.892182][   T26] audit: type=1326 audit(1723876268.865:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4913 comm="syz.0.238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=105 compat=0 ip=0x7f6501b79e79 code=0x7ffc0000
[  172.527302][ T4947] loop1: detected capacity change from 0 to 2048
[  172.766182][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  172.773295][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  172.782989][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  172.807778][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  172.831669][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  172.838865][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  172.854659][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  172.924601][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  173.416747][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  173.431532][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  174.385507][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  174.520061][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  174.531269][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  174.558121][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  174.608867][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  174.733359][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  175.677064][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  175.736292][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  175.764663][ T4623] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  177.275369][ T4993] ptm ptm0: ldisc open failed (-12), clearing slot 0
[  180.551511][ T3662] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  180.576057][ T3662] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  180.611709][ T4623] 8021q: adding VLAN 0 to HW filter on device batadv0
[  180.804286][ T4735] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  181.054287][ T4735] usb 2-1: Using ep0 maxpacket: 32
[  181.180527][ T4735] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 36
[  181.279842][ T4936] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  181.291510][ T4936] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  181.328052][ T3694] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  181.339354][ T3694] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  181.348537][ T3694] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  181.357008][ T3694] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  181.366619][ T4735] usb 2-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[  181.378341][ T4623] device veth0_vlan entered promiscuous mode
[  181.384559][ T4735] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  181.392556][ T4735] usb 2-1: Product: syz
[  181.403937][ T4623] device veth1_vlan entered promiscuous mode
[  181.412365][ T4735] usb 2-1: Manufacturer: syz
[  181.425616][ T4735] usb 2-1: SerialNumber: syz
[  181.448317][ T4735] usb 2-1: config 0 descriptor??
[  181.485166][ T4623] device veth0_macvtap entered promiscuous mode
[  181.492509][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  181.500528][ T5016] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  181.509405][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  181.518047][ T4735] hub 2-1:0.0: bad descriptor, ignoring hub
[  181.524571][ T4735] hub: probe of 2-1:0.0 failed with error -5
[  181.537530][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  181.547766][ T4735] input: syz syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input9
[  181.567077][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  181.595681][ T4623] device veth1_macvtap entered promiscuous mode
[  181.626128][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  181.635368][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  181.681521][ T4623] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  181.706841][ T4623] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  181.724285][ T4623] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  181.756063][ T5016] loop1: detected capacity change from 0 to 512
[  181.788636][ T4623] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  181.799692][ T5016] EXT4-fs: Ignoring removed oldalloc option
[  181.811440][ T4623] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  181.833138][ T4623] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  181.853911][ T5016] EXT4-fs error (device loop1): ext4_xattr_inode_iget:400: comm syz.1.251: Parent and EA inode have the same ino 15
[  181.868940][ T4623] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  181.874781][ T5016] EXT4-fs error (device loop1): ext4_xattr_inode_iget:400: comm syz.1.251: Parent and EA inode have the same ino 15
[  181.901993][ T5016] EXT4-fs (loop1): 1 orphan inode deleted
[  181.903335][ T4623] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  181.907819][ T5016] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  181.939313][ T4623] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  181.957812][ T4623] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  181.991473][ T4623] batman_adv: batadv0: Interface activated: batadv_slave_0
[  182.019294][   T28] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  182.037106][   T28] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  182.055329][ T4623] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  182.073611][ T4623] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  182.084013][ T4623] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  182.098264][ T4623] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  182.109195][ T4623] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  182.126246][ T4623] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  182.141763][ T4623] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  182.158878][ T4623] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  182.170140][ T4623] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  182.188445][ T4623] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  182.202696][ T4623] batman_adv: batadv0: Interface activated: batadv_slave_1
[  182.217970][ T4936] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  182.230927][ T4936] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  182.246808][ T4623] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  182.281793][ T4623] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  182.300251][ T4623] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  182.309227][ T4623] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  182.449137][ T3662] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  182.467604][ T3662] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  182.491240][ T4936] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  182.543996][ T3662] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  182.556830][ T3662] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  182.578133][   T28] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  182.904885][   T26] kauditd_printk_skb: 33 callbacks suppressed
[  182.904899][   T26] audit: type=1326 audit(1723876282.735:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5061 comm="syz.0.261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6501b79e79 code=0x7fc00000
[  184.418999][   T26] audit: type=1326 audit(1723876282.735:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5061 comm="syz.0.261" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6501b79e79 code=0x0
[  184.504158][   T26] audit: type=1326 audit(1723876284.275:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5061 comm="syz.0.261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f6501b79e79 code=0x7fc00000
[  184.542461][ T3680] usb 2-1: USB disconnect, device number 4
[  184.554233][    C1] usbtouchscreen 2-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19
[  184.611622][ T5079] loop4: detected capacity change from 0 to 1024
[  184.659796][   T26] audit: type=1326 audit(1723876284.475:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5061 comm="syz.0.261" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6501b79e79 code=0x7fc00000
[  184.747811][ T4101] EXT4-fs (loop1): unmounting filesystem.
[  184.845005][ T5084] loop3: detected capacity change from 0 to 2048
[  189.958369][ T5133] loop0: detected capacity change from 0 to 4096
[  190.002174][ T5133] ntfs: (device loop0): check_mft_mirror(): $MFT and $MFTMirr (record 0) do not match.  Run ntfsfix or chkdsk.
[  190.014259][ T5133] ntfs: (device loop0): load_system_files(): $MFTMirr does not match $MFT.  Mounting read-only.  Run ntfsfix and/or chkdsk.
[  190.127514][ T5133] ntfs: volume version 3.1.
[  190.132578][ T5133] ntfs: (device loop0): ntfs_check_logfile(): Did not find any restart pages in $LogFile and it was not empty.
[  190.144593][ T5133] ntfs: (device loop0): load_system_files(): Failed to load $LogFile.  Will not be able to remount read-write.  Mount in Windows.
[  190.235016][ T5138] Cannot find add_set index 0 as target
[  192.504376][ T5142] loop4: detected capacity change from 0 to 256
[  192.762659][ T5145] loop1: detected capacity change from 0 to 1024
[  192.798928][ T5145] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  192.892742][ T5145] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  193.116597][ T5145] EXT4-fs error (device loop1): ext4_expand_extra_isize_ea:2746: inode #2: comm syz.1.267: corrupted in-inode xattr
[  193.312251][ T5165] loop3: detected capacity change from 0 to 64
[  194.921494][ T5165] Trying to free block not in datazone
[  195.032003][ T1266] ieee802154 phy0 wpan0: encryption failed: -22
[  195.052673][ T1266] ieee802154 phy1 wpan1: encryption failed: -22
[  195.122417][ T5163] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2219: inode #2: comm syz.1.267: corrupted in-inode xattr
[  195.178951][ T5169] loop0: detected capacity change from 0 to 256
[  195.463543][ T4101] EXT4-fs (loop1): unmounting filesystem.
[  196.528682][ T5195] Zero length message leads to an empty skb
[  198.122251][ T5201] loop0: detected capacity change from 0 to 4096
[  198.175106][ T5201] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
[  198.821925][ T5201] ntfs3: loop0: Mark volume as dirty due to NTFS errors
[  199.212110][ T5225] loop1: detected capacity change from 0 to 64
[  199.956770][  T151] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  199.969794][ T5223] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  200.014192][ T4736] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  200.050862][ T5222] Trying to free block not in datazone
[  200.118489][ T5201] kvm: pic: non byte read
[  200.123251][ T5201] kvm: pic: non byte read
[  200.404680][ T4736] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  200.425137][ T4736] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  200.451127][ T4736] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  200.548813][ T4736] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  200.856342][ T5232] loop3: detected capacity change from 0 to 256
[  201.229054][ T4736] usb 3-1: config 0 descriptor??
[  201.880585][ T4736] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  201.913401][ T4736] plantronics 0003:047F:FFFF.0004: No inputs registered, leaving
[  201.935495][ T4736] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  203.035330][ T5250] loop4: detected capacity change from 0 to 256
[  203.592493][  T151] usb 3-1: USB disconnect, device number 3
[  203.642657][ T5253] loop0: detected capacity change from 0 to 256
[  203.672366][ T5253] MINIX-fs: mounting file system with errors, running fsck is recommended
[  204.799743][ T5261] Trying to free block not in datazone
[  205.357159][ T5269] loop3: detected capacity change from 0 to 16
[  205.495197][ T5261] Trying to free block not in datazone
[  205.854435][ T5269] erofs: (device loop3): mounted with root inode @ nid 36.
[  206.837263][   T26] audit: type=1800 audit(1723876306.665:115): pid=5269 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.294" name="file1" dev="loop3" ino=86 res=0 errno=0
[  207.492357][ T4736] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  212.682940][   T26] audit: type=1326 audit(1723876312.505:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5303 comm="syz.1.303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac2ad79e79 code=0x7ffc0000
[  212.906293][   T26] audit: type=1326 audit(1723876312.585:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5303 comm="syz.1.303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac2ad79e79 code=0x7ffc0000
[  212.928471][    C1] vkms_vblank_simulate: vblank timer overrun
[  213.072319][   T26] audit: type=1326 audit(1723876312.595:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5303 comm="syz.1.303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7fac2ad79e79 code=0x7ffc0000
[  213.094629][    C1] vkms_vblank_simulate: vblank timer overrun
[  213.104172][ T4736] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  213.148644][   T26] audit: type=1326 audit(1723876312.605:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5303 comm="syz.1.303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac2ad79e79 code=0x7ffc0000
[  213.334186][   T26] audit: type=1326 audit(1723876312.605:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5303 comm="syz.1.303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac2ad79e79 code=0x7ffc0000
[  213.416507][   T26] audit: type=1326 audit(1723876312.605:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5303 comm="syz.1.303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fac2ad79e79 code=0x7ffc0000
[  213.510435][   T26] audit: type=1326 audit(1723876312.655:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5303 comm="syz.1.303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac2ad79e79 code=0x7ffc0000
[  213.533945][ T4736] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  213.555075][ T4736] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  213.584228][ T4736] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  213.593527][ T4736] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  213.601957][   T26] audit: type=1326 audit(1723876312.655:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5303 comm="syz.1.303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac2ad79e79 code=0x7ffc0000
[  213.624147][    C1] vkms_vblank_simulate: vblank timer overrun
[  213.647977][ T4736] usb 4-1: config 0 descriptor??
[  213.687769][   T26] audit: type=1326 audit(1723876312.675:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5303 comm="syz.1.303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=25 compat=0 ip=0x7fac2ad79e79 code=0x7ffc0000
[  213.709847][    C1] vkms_vblank_simulate: vblank timer overrun
[  213.764222][   T26] audit: type=1326 audit(1723876312.685:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5303 comm="syz.1.303" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac2ad79e79 code=0x7ffc0000
[  213.915398][ T5331] loop4: detected capacity change from 0 to 764
[  213.953932][ T5331] rock: directory entry would overflow storage
[  213.953955][ T5331] rock: sig=0x4654, size=5, remaining=4
[  214.119341][ T5328] Falling back ldisc for ttyS3.
[  214.127830][ T4736] plantronics 0003:047F:FFFF.0005: unknown main item tag 0x0
[  214.128376][ T4736] plantronics 0003:047F:FFFF.0005: No inputs registered, leaving
[  214.161088][ T4736] plantronics 0003:047F:FFFF.0005: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  214.468637][ T3680] usb 4-1: USB disconnect, device number 8
[  214.608403][ T5342] loop0: detected capacity change from 0 to 1024
[  214.616478][ T5326] loop1: detected capacity change from 0 to 32768
[  214.701798][ T3803] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  214.733015][ T5326] XFS (loop1): Mounting V5 Filesystem
[  214.961965][ T5326] XFS (loop1): Ending clean mount
[  215.035823][ T5326] XFS (loop1): Quotacheck needed: Please wait.
[  215.178414][ T5326] XFS (loop1): Quotacheck: Done.
[  215.191425][ T5370] loop3: detected capacity change from 0 to 736
[  217.398887][ T4101] XFS (loop1): Unmounting Filesystem
[  217.797282][ T5386] loop0: detected capacity change from 0 to 64
[  217.868786][ T5386] Trying to free block not in datazone
[  218.562380][ T5388] loop4: detected capacity change from 0 to 17
[  218.720412][ T5388] BFS-fs: bfs_fill_super(): loop4 is unclean, continuing
[  218.747047][ T5388] BFS-fs: bfs_fill_super(): Impossible last inode number 229432 > 513 on loop4
[  219.379983][ T5396] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  219.396306][ T5396] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  220.806642][ T5408] loop4: detected capacity change from 0 to 512
[  220.897440][ T5408] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  221.022151][ T5420] loop3: detected capacity change from 0 to 2048
[  221.084936][ T5420] UDF-fs: error (device loop3): udf_process_sequence: Primary Volume Descriptor not found!
[  221.089651][ T5420] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  221.204867][ T5408] EXT4-fs (loop4): 1 orphan inode deleted
[  221.204894][ T5408] EXT4-fs (loop4): 1 truncate cleaned up
[  221.204914][ T5408] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  221.385838][ T5423] Falling back ldisc for ttyS3.
[  222.303621][ T5444] loop1: detected capacity change from 0 to 1024
[  222.355171][ T4623] EXT4-fs (loop4): unmounting filesystem.
[  223.192642][ T5450] loop4: detected capacity change from 0 to 64
[  223.330947][ T5450] hfs: unable to parse mount options
[  223.975024][ T5454] loop0: detected capacity change from 0 to 2048
[  224.138376][    C0] eth0: bad gso: type: 1, size: 1408
[  224.183087][ T5454] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  224.338872][ T5450] loop4: detected capacity change from 0 to 1024
[  224.395153][ T5450] ext2: Unknown parameter 'dont_hash'
[  224.491641][ T3803] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  225.095129][ T3637] UDF-fs: error (device loop0): udf_read_inode: (ino 1440) failed !bh
[  225.155046][ T3637] UDF-fs: error (device loop0): udf_read_inode: (ino 1440) failed !bh
[  225.374379][   T22] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  225.621200][ T5474] Bluetooth: MGMT ver 1.22
[  225.887458][ T5476] loop1: detected capacity change from 0 to 256
[  226.511742][   T22] usb 3-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00
[  226.612407][   T22] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  226.650814][   T22] usb 3-1: Product: syz
[  226.664319][   T22] usb 3-1: Manufacturer: syz
[  226.686370][   T22] usb 3-1: SerialNumber: syz
[  226.705464][   T22] usb 3-1: config 0 descriptor??
[  226.964487][   T22] usb-storage 3-1:0.0: USB Mass Storage device detected
[  227.441581][ T5488] netlink: 16 bytes leftover after parsing attributes in process `syz.2.338'.
[  228.017891][ T5493] loop3: detected capacity change from 0 to 4096
[  228.052509][ T5493] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  228.068463][ T5493] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 4096)
[  228.150253][ T5494] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  228.683416][   T48] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  228.696355][   T48] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  228.705551][   T48] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  228.713948][   T48] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  228.722471][   T48] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  228.732175][   T48] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  229.238425][ T3680] usb 3-1: USB disconnect, device number 4
[  229.282052][ T5507] loop3: detected capacity change from 0 to 16
[  230.209256][ T5507] erofs: (device loop3): erofs_superblock_csum_verify: invalid checksum 0x5ac3cbcf, 0xc32427af expected
[  230.434919][ T5495] chnl_net:caif_netlink_parms(): no params data found
[  230.717703][ T5495] bridge0: port 1(bridge_slave_0) entered blocking state
[  230.762383][ T5495] bridge0: port 1(bridge_slave_0) entered disabled state
[  230.777669][ T5495] device bridge_slave_0 entered promiscuous mode
[  230.787035][ T5495] bridge0: port 2(bridge_slave_1) entered blocking state
[  230.795813][ T5495] bridge0: port 2(bridge_slave_1) entered disabled state
[  230.814440][ T5495] device bridge_slave_1 entered promiscuous mode
[  230.834340][   T48] Bluetooth: hci1: command tx timeout
[  230.905671][ T5495] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  230.958171][ T5495] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  231.020314][   T26] kauditd_printk_skb: 21 callbacks suppressed
[  231.020328][   T26] audit: type=1326 audit(1723876330.845:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5516 comm="syz.2.349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40bc379e79 code=0x7fc00000
[  231.122588][ T5495] team0: Port device team_slave_0 added
[  231.196528][ T5495] team0: Port device team_slave_1 added
[  231.311566][ T5495] batman_adv: batadv0: Adding interface: batadv_slave_0
[  231.337558][ T5495] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  231.433825][ T5495] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  231.507050][ T5495] batman_adv: batadv0: Adding interface: batadv_slave_1
[  231.514025][ T5495] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  231.664498][ T5495] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  231.906949][ T5540] loop3: detected capacity change from 0 to 256
[  231.994220][ T4737] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  232.331361][ T5495] device hsr_slave_0 entered promiscuous mode
[  232.388790][ T5495] device hsr_slave_1 entered promiscuous mode
[  232.414239][ T4737] usb 3-1: Using ep0 maxpacket: 16
[  232.674488][ T4737] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  232.834959][ T3678] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  232.884679][ T4737] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  232.914366][   T48] Bluetooth: hci1: command tx timeout
[  232.920631][ T4737] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  232.934254][ T4737] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  232.943360][ T4737] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  232.954889][ T4737] usb 3-1: config 0 descriptor??
[  233.197640][   T26] audit: type=1400 audit(1723876333.015:148): apparmor="DENIED" operation="change_profile" info="label not found" error=-2 profile="unconfined" name=":proc/thrr/current" pid=5549 comm="syz.1.355"
[  233.255915][ T3678] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  233.424747][   T27] INFO: task syz.2.60:3964 blocked for more than 144 seconds.
[  233.445562][ T3678] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  233.501359][   T27]       Not tainted 6.1.105-syzkaller #0
[  233.646297][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  233.756029][ T3678] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  233.786906][   T27] task:syz.2.60        state:D stack:25752 pid:3964  ppid:3636   flags:0x00004004
[  233.796343][   T27] Call Trace:
[  233.799741][   T27]  <TASK>
[  233.802762][   T27]  __schedule+0x143f/0x4570
[  233.807580][   T27]  ? release_firmware_map_entry+0x186/0x186
[  233.813753][   T27]  ? blk_check_plugged+0x250/0x250
[  233.819288][   T27]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  233.824278][ T3678] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  233.831665][   T27]  ? blk_check_plugged+0x250/0x250
[  233.839809][   T27]  ? print_irqtrace_events+0x210/0x210
[  233.852499][   T27]  ? _raw_spin_lock_irq+0xdb/0x110
[  233.917313][ T3678] usb 5-1: config 0 descriptor??
[  233.972380][   T27]  schedule+0xbf/0x180
[  233.977996][   T27]  io_schedule+0x88/0x100
[  233.982370][   T27]  folio_wait_bit_common+0x878/0x1290
[  234.037783][   T27]  ? folio_wait_bit+0x20/0x20
[  234.042536][   T27]  ? migration_entry_wait_on_locked+0x1160/0x1160
[  234.064132][   T27]  ? erofs_map_blocks+0x14d0/0x14d0
[  234.069392][   T27]  ? bio_add_page+0x3a4/0x750
[  234.084162][   T27]  z_erofs_runqueue+0x993/0x1ca0
[  234.089188][   T27]  ? z_erofs_do_read_page+0x3bd0/0x3bd0
[  234.104126][   T27]  ? __lock_acquire+0x1f80/0x1f80
[  234.109235][   T27]  ? z_erofs_pcluster_readmore+0x41a/0x450
[  234.133723][   T27]  z_erofs_readahead+0xc26/0x1030
[  234.140555][   T27]  ? z_erofs_read_folio+0x760/0x760
[  234.159293][   T27]  ? __lock_acquire+0x1f80/0x1f80
[  234.167406][   T27]  ? blk_start_plug+0x95/0x110
[  234.172229][   T27]  read_pages+0x17f/0x830
[  234.180643][   T27]  ? folio_add_lru+0x34d/0xd70
[  234.185508][   T27]  ? folio_add_lru+0x34d/0xd70
[  234.190296][   T27]  ? page_cache_ra_unbounded+0x7b0/0x7b0
[  234.196227][   T27]  ? __filemap_add_folio+0x1ba0/0x1ba0
[  234.201758][   T27]  page_cache_ra_unbounded+0x68b/0x7b0
[  234.207769][   T27]  force_page_cache_ra+0x2a3/0x300
[  234.212926][   T27]  generic_fadvise+0x553/0x7b0
[  234.218105][   T27]  ? dump_task+0x620/0x620
[  234.222552][   T27]  ? __fget_files+0x28/0x4a0
[  234.227280][   T27]  ? __fdget+0x182/0x210
[  234.231528][   T27]  __x64_sys_fadvise64+0x138/0x180
[  234.236700][   T27]  do_syscall_64+0x3b/0xb0
[  234.241137][   T27]  ? clear_bhb_loop+0x45/0xa0
[  234.247249][   T27]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  234.253379][   T27] RIP: 0033:0x7fbcaa579e79
[  234.257993][   T27] RSP: 002b:00007fbcab42a038 EFLAGS: 00000246 ORIG_RAX: 00000000000000dd
[  234.266552][   T27] RAX: ffffffffffffffda RBX: 00007fbcaa715f80 RCX: 00007fbcaa579e79
[  234.274603][   T27] RDX: 0000000000000000 RSI: 0000000000e0ffff RDI: 0000000000000005
[  234.282594][   T27] RBP: 00007fbcaa5e7916 R08: 0000000000000000 R09: 0000000000000000
[  234.290630][   T27] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000
[  234.298645][   T27] R13: 0000000000000000 R14: 00007fbcaa715f80 R15: 00007fff27f69578
[  234.307344][   T27]  </TASK>
[  234.310407][   T27] 
[  234.310407][   T27] Showing all locks held in the system:
[  234.318202][   T27] 1 lock held by rcu_tasks_kthre/12:
[  234.325754][   T27]  #0: ffffffff8d32b190 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x29/0xe30
[  234.354173][   T27] 1 lock held by rcu_tasks_trace/13:
[  234.359505][   T27]  #0: ffffffff8d32b990 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x29/0xe30
[  234.384327][   T27] 1 lock held by khungtaskd/27:
[  234.389226][   T27]  #0: ffffffff8d32afc0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x51/0x290
[  234.399588][   T27] 3 locks held by kworker/0:2/151:
[  234.405026][   T27]  #0: ffff888012870938 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  234.420871][   T27]  #1: ffffc90002d9fd20 (ser_release_work){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  234.431167][   T27]  #2: ffffffff8e4f8368 (rtnl_mutex){+.+.}-{3:3}, at: ser_release+0x137/0x240
[  234.440554][   T27] 3 locks held by kworker/0:3/3053:
[  234.447791][   T27]  #0: ffff888012870938 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  234.459043][   T27]  #1: ffffc9000b967d20 (fqdir_free_work){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  234.469328][   T27]  #2: ffffffff8d330480 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0x48/0x5f0
[  234.479654][   T27] 1 lock held by dhcpcd/3306:
[  234.484617][   T27]  #0: ffffffff8e4f8368 (rtnl_mutex){+.+.}-{3:3}, at: netlink_dump+0xce/0xc50
[  234.493541][   T27] 2 locks held by getty/3397:
[  234.501445][   T27]  #0: ffff88814baad098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x21/0x70
[  234.512308][   T27]  #1: ffffc900031332f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a7/0x1db0
[  234.555211][   T27] 1 lock held by syz-executor/3643:
[  234.560915][   T27]  #0: ffffffff8e4f8368 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3a/0x1b0
[  234.601111][   T27] 5 locks held by kworker/0:4/3678:
[  234.616930][   T27]  #0: ffff8880176e8138 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  234.628060][   T27]  #1: ffffc9000420fd20 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  234.639392][   T27]  #2: ffff888145f0f190 (&dev->mutex){....}-{3:3}, at: hub_event+0x1fe/0x5730
[  234.648405][   T27]  #3: ffff888051c7e190 (&dev->mutex){....}-{3:3}, at: __device_attach+0x8a/0x570
[  234.658204][   T27]  #4: ffff888073a2b118 (&dev->mutex){....}-{3:3}, at: __device_attach+0x8a/0x570
[  234.667727][   T27] 2 locks held by kworker/0:5/3680:
[  234.672933][   T27]  #0: ffff888012870938 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  234.685769][   T27]  #1: ffffc9000422fd20 ((work_completion)(&pwq->unbound_release_work)){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  234.698335][   T27] 2 locks held by kworker/0:9/3714:
[  234.703542][   T27]  #0: ffff888012870938 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  234.714142][   T27]  #1: ffffc9000429fd20 ((work_completion)(&pwq->unbound_release_work)){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  234.729125][   T27] 4 locks held by kworker/u4:12/3890:
[  234.734636][   T27]  #0: ffff888012a1e938 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  234.744991][   T27]  #1: ffffc90004ce7d20 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  234.755045][   T27]  #2: ffffffff8e4ec010 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0xf1/0xb60
[  234.764905][   T27]  #3: ffffffff8e4f8368 (rtnl_mutex){+.+.}-{3:3}, at: fib6_rules_net_exit_batch+0x1c/0xc0
[  234.774988][   T27] 1 lock held by syz.2.60/3964:
[  234.779838][   T27]  #0: ffff8880729b8338 (mapping.invalidate_lock#4){.+.+}-{3:3}, at: page_cache_ra_unbounded+0xed/0x7b0
[  234.791052][   T27] 2 locks held by kworker/1:11/4734:
[  234.796491][   T27]  #0: ffff888012870938 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  234.806942][   T27]  #1: ffffc90003dbfd20 ((work_completion)(&pwq->unbound_release_work)){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  234.819429][   T27] 2 locks held by kworker/1:12/4735:
[  234.825039][   T27]  #0: ffff888012872138 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  234.839067][   T27]  #1: ffffc900038ffd20 ((work_completion)(&rew->rew_work)){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  234.850995][   T27] 3 locks held by kworker/1:13/4736:
[  234.856642][   T27]  #0: ffff888012870938 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  234.867842][   T27]  #1: ffffc900035bfd20 (free_ipc_work){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  234.877642][   T27]  #2: ffffffff8d3305b8 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x4f0/0x930
[  234.888601][   T27] 5 locks held by kworker/1:14/4737:
[  234.893883][   T27]  #0: ffff8880176e8138 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  234.904705][   T27]  #1: ffffc900035ffd20 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_one_work+0x7a9/0x11d0
[  234.916027][   T27]  #2: ffff888145b9f190 (&dev->mutex){....}-{3:3}, at: hub_event+0x1fe/0x5730
[  234.927859][   T27]  #3: ffff888027ffc190 (&dev->mutex){....}-{3:3}, at: __device_attach+0x8a/0x570
[  234.937181][   T27]  #4: ffff888028855118 (&dev->mutex){....}-{3:3}, at: __device_attach+0x8a/0x570
[  234.949049][   T27] 1 lock held by syz.2.360/5537:
[  234.954002][   T27]  #0: ffffffff8e4f8368 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3a/0x1b0
[  234.963379][   T27] 1 lock held by syz.4.351/5538:
[  234.969148][   T27]  #0: ffffffff8e4f8368 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3a/0x1b0
[  234.978211][   T27] 1 lock held by syz.1.355/5553:
[  234.983143][   T27]  #0: ffffffff8d3305b8 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x360/0x930
[  234.994381][   T27] 
[  234.994845][   T48] Bluetooth: hci1: command tx timeout
[  234.996710][   T27] =============================================
[  234.996710][   T27] 
[  235.018924][   T27] NMI backtrace for cpu 1
[  235.023303][   T27] CPU: 1 PID: 27 Comm: khungtaskd Not tainted 6.1.105-syzkaller #0
[  235.031209][   T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  235.041277][   T27] Call Trace:
[  235.044563][   T27]  <TASK>
[  235.047494][   T27]  dump_stack_lvl+0x1e3/0x2cb
[  235.052179][   T27]  ? preempt_schedule_thunk+0x16/0x18
[  235.057569][   T27]  ? nf_tcp_handle_invalid+0x642/0x642
[  235.063041][   T27]  ? panic+0x764/0x764
[  235.067116][   T27]  ? vprintk_emit+0x622/0x740
[  235.071813][   T27]  ? printk_sprint+0x490/0x490
[  235.076588][   T27]  ? nmi_cpu_backtrace+0x252/0x560
[  235.081716][   T27]  nmi_cpu_backtrace+0x4e1/0x560
[  235.086672][   T27]  ? nmi_trigger_cpumask_backtrace+0x3f0/0x3f0
[  235.092841][   T27]  ? _printk+0xd1/0x111
[  235.097004][   T27]  ? panic+0x764/0x764
[  235.101076][   T27]  ? __wake_up_klogd+0xcc/0x100
[  235.105930][   T27]  ? panic+0x764/0x764
[  235.109999][   T27]  ? nmi_trigger_cpumask_backtrace+0xe2/0x3f0
[  235.116087][   T27]  ? arch_trigger_cpumask_backtrace+0x10/0x10
[  235.122178][   T27]  nmi_trigger_cpumask_backtrace+0x1b0/0x3f0
[  235.128193][   T27]  watchdog+0xf88/0xfd0
[  235.132378][   T27]  ? watchdog+0x1f8/0xfd0
[  235.137517][   T27]  kthread+0x28d/0x320
[  235.141603][   T27]  ? hungtask_pm_notify+0x50/0x50
[  235.146648][   T27]  ? kthread_blkcg+0xd0/0xd0
[  235.151255][   T27]  ret_from_fork+0x1f/0x30
[  235.155719][   T27]  </TASK>
[  235.159580][   T27] Sending NMI from CPU 1 to CPUs 0:
[  235.165109][    C0] NMI backtrace for cpu 0
[  235.165122][    C0] CPU: 0 PID: 3803 Comm: udevd Not tainted 6.1.105-syzkaller #0
[  235.165138][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  235.165146][    C0] RIP: 0010:lockdep_hardirqs_off+0x82/0x100
[  235.165167][    C0] Code: 85 c0 74 53 65 48 8b 1d 2c 22 5d 75 48 c7 c7 60 02 0c 8b e8 a0 17 00 00 65 c7 05 85 28 5d 75 00 00 00 00 4c 89 b3 88 0a 00 00 <8b> 83 78 0a 00 00 ff c0 89 83 78 0a 00 00 89 83 94 0a 00 00 eb 17
[  235.165181][    C0] RSP: 0018:ffffc900049876e8 EFLAGS: 00000086
[  235.165195][    C0] RAX: 0000000000000000 RBX: ffff888020eb8000 RCX: ffff888020eb8000
[  235.165206][    C0] RDX: 0000000000000000 RSI: ffffffff8b0c0260 RDI: ffffffff8b5d5ec0
[  235.165216][    C0] RBP: ffffc900049877d8 R08: ffffffff81f513a8 R09: fffffbfff20e7445
[  235.165227][    C0] R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff92000930ee4
[  235.165237][    C0] R13: ffff888023a24e48 R14: ffffffff81f513f1 R15: dffffc0000000000
[  235.165248][    C0] FS:  00007fecee8b4c80(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000
[  235.165261][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  235.165272][    C0] CR2: 0000564e42932220 CR3: 0000000026d94000 CR4: 00000000003506f0
[  235.165285][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  235.165294][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  235.165303][    C0] Call Trace:
[  235.165308][    C0]  <NMI>
[  235.165313][    C0]  ? nmi_cpu_backtrace+0x3de/0x560
[  235.165332][    C0]  ? read_lock_is_recursive+0x10/0x10
[  235.165353][    C0]  ? nmi_trigger_cpumask_backtrace+0x3f0/0x3f0
[  235.165371][    C0]  ? nmi_handle+0x25/0x440
[  235.165397][    C0]  ? nmi_cpu_backtrace_handler+0x8/0x10
[  235.165416][    C0]  ? nmi_handle+0x12e/0x440
[  235.165434][    C0]  ? nmi_handle+0x25/0x440
[  235.165452][    C0]  ? lockdep_hardirqs_off+0x82/0x100
[  235.165466][    C0]  ? default_do_nmi+0x62/0x150
[  235.165485][    C0]  ? exc_nmi+0xa8/0x100
[  235.165502][    C0]  ? end_repeat_nmi+0x16/0x31
[  235.165520][    C0]  ? seqcount_lockdep_reader_access+0x111/0x220
[  235.165542][    C0]  ? seqcount_lockdep_reader_access+0xc8/0x220
[  235.165561][    C0]  ? lockdep_hardirqs_off+0x82/0x100
[  235.165576][    C0]  ? lockdep_hardirqs_off+0x82/0x100
[  235.165591][    C0]  ? lockdep_hardirqs_off+0x82/0x100
[  235.165605][    C0]  </NMI>
[  235.165610][    C0]  <TASK>
[  235.165615][    C0]  ? seqcount_lockdep_reader_access+0x111/0x220
[  235.165632][    C0]  trace_hardirqs_off+0xe/0x40
[  235.165650][    C0]  seqcount_lockdep_reader_access+0x111/0x220
[  235.165669][    C0]  ? terminate_walk+0x420/0x420
[  235.165687][    C0]  ? read_lock_is_recursive+0x10/0x10
[  235.165704][    C0]  ? memset+0x1f/0x40
[  235.165719][    C0]  ? lockdep_init_map_type+0x9d/0x900
[  235.165738][    C0]  set_root+0x175/0x3b0
[  235.165757][    C0]  nd_jump_root+0x2a6/0x410
[  235.165775][    C0]  path_init+0x3cd/0x1220
[  235.165792][    C0]  ? percpu_counter_add_batch+0x142/0x160
[  235.165814][    C0]  path_openat+0x178/0x2e60
[  235.165832][    C0]  ? mark_lock+0x9a/0x340
[  235.165855][    C0]  ? mark_lock+0x9a/0x340
[  235.165874][    C0]  ? __lock_acquire+0x125b/0x1f80
[  235.165892][    C0]  ? do_filp_open+0x480/0x480
[  235.165916][    C0]  do_filp_open+0x230/0x480
[  235.165932][    C0]  ? vfs_tmpfile+0x4a0/0x4a0
[  235.165958][    C0]  ? _raw_spin_unlock+0x24/0x40
[  235.165972][    C0]  ? alloc_fd+0x5a0/0x640
[  235.165990][    C0]  do_sys_openat2+0x13b/0x4f0
[  235.166009][    C0]  ? kmem_cache_free+0x292/0x510
[  235.166027][    C0]  ? do_sys_open+0x220/0x220
[  235.166050][    C0]  ? do_unlinkat+0x7a7/0x820
[  235.166070][    C0]  __x64_sys_openat+0x243/0x290
[  235.166089][    C0]  ? __ia32_sys_open+0x270/0x270
[  235.166108][    C0]  ? syscall_enter_from_user_mode+0x2e/0x230
[  235.166123][    C0]  ? lockdep_hardirqs_on+0x94/0x130
[  235.166137][    C0]  ? syscall_enter_from_user_mode+0x2e/0x230
[  235.166153][    C0]  do_syscall_64+0x3b/0xb0
[  235.166170][    C0]  ? clear_bhb_loop+0x45/0xa0
[  235.166187][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  235.166203][    C0] RIP: 0033:0x7fecee5169a4
[  235.166215][    C0] Code: 24 20 48 8d 44 24 30 48 89 44 24 28 64 8b 04 25 18 00 00 00 85 c0 75 2c 44 89 e2 48 89 ee bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 76 60 48 8b 15 55 a4 0d 00 f7 d8 64 89 02 48 83
[  235.166226][    C0] RSP: 002b:00007ffd4da94c40 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  235.166240][    C0] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00007fecee5169a4
[  235.166250][    C0] RDX: 0000000000080000 RSI: 00007ffd4da94d78 RDI: 00000000ffffff9c
[  235.166260][    C0] RBP: 00007ffd4da94d78 R08: 0000000000000008 R09: 0000000000000001
[  235.166269][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000080000
[  235.166278][    C0] R13: 000056315caffb42 R14: 0000000000000001 R15: 000056315d0a7910
[  235.166295][    C0]  </TASK>
[  235.653245][   T27] Kernel panic - not syncing: hung_task: blocked tasks
[  235.660128][   T27] CPU: 0 PID: 27 Comm: khungtaskd Not tainted 6.1.105-syzkaller #0
[  235.668027][   T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  235.678075][   T27] Call Trace:
[  235.681344][   T27]  <TASK>
[  235.684268][   T27]  dump_stack_lvl+0x1e3/0x2cb
[  235.688945][   T27]  ? nf_tcp_handle_invalid+0x642/0x642
[  235.694401][   T27]  ? panic+0x764/0x764
[  235.698453][   T27]  ? llist_add_batch+0x160/0x1d0
[  235.703380][   T27]  ? vscnprintf+0x59/0x80
[  235.707695][   T27]  panic+0x318/0x764
[  235.711577][   T27]  ? nmi_trigger_cpumask_backtrace+0x2c1/0x3f0
[  235.717724][   T27]  ? memcpy_page_flushcache+0xfc/0xfc
[  235.723085][   T27]  ? nmi_trigger_cpumask_backtrace+0x2c1/0x3f0
[  235.729227][   T27]  ? nmi_trigger_cpumask_backtrace+0x33a/0x3f0
[  235.735368][   T27]  ? nmi_trigger_cpumask_backtrace+0x33f/0x3f0
[  235.741513][   T27]  watchdog+0xfc7/0xfd0
[  235.745662][   T27]  ? watchdog+0x1f8/0xfd0
[  235.749980][   T27]  kthread+0x28d/0x320
[  235.754033][   T27]  ? hungtask_pm_notify+0x50/0x50
[  235.759043][   T27]  ? kthread_blkcg+0xd0/0xd0
[  235.763616][   T27]  ret_from_fork+0x1f/0x30
[  235.768029][   T27]  </TASK>
[  235.771253][   T27] Kernel Offset: disabled
[  235.775566][   T27] Rebooting in 86400 seconds..