last executing test programs:

21m15.661317519s ago: executing program 32 (id=352):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
socket(0x11, 0x4, 0x9)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000038c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da97e22f4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ad0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bff3b89c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c2ed01faa7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497dad64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6fba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd2310801570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb414c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a000000000000000000000000000000000000000000000000000000a0cc2b89ce1525748ce167cbabb881f060599a6a59f645edca1d5c24b2f6b8c997a8f3e1b7679984a566d98d4d31198ee4c5ea7be0d99cf89bba4a6fd0bec12e7792bec3c5038e13b1982f80cdecd07f8908a983a7c9fb81c2ba7f7e87c991f30e50d1b3bbe4cf2a2f5d4571b6568ada51bc121c9139d2a8e0638c84066b1759081802"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r1}, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, 0x0}, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x0)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r2, 0x0, 0x1a, 0x0, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/96, 0x2329000, 0x800}, 0x20)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f00000004c0)=ANY=[@ANYBLOB="9feb010018000000000000003c0000003c00000002000000000000000000000203000000000000000000000d00"/54], &(0x7f0000000140)=""/240, 0x56, 0xf0, 0x1}, 0x28)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000180)={0x26, 'aead\x00', 0x0, 0x0, 'rfc4309(aegis128-aesni)\x00'}, 0x58)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r4, &(0x7f0000000240)={0x1f, 0xffff, 0x2}, 0x6)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r5, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
write(r5, &(0x7f0000000040)="18000000010005", 0x7)
recvmmsg(r4, &(0x7f0000000600), 0x204083acb88ff8b, 0x2, 0x0)
mmap(&(0x7f0000200000/0x4000)=nil, 0x4000, 0x4, 0x200000006c832, 0xffffffffffffffff, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x0, 0x0)
accept4$ax25(r6, &(0x7f00000000c0)={{0x3, @rose}, [@rose, @default, @bcast, @rose, @remote, @null, @bcast, @netrom]}, &(0x7f0000000140)=0x48, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x16, &(0x7f0000000040), 0xfffffceb)
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
unshare(0x62040200)

17m2.57142817s ago: executing program 33 (id=1286):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000380), 0x0)
ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r0, 0x40485404, &(0x7f00000000c0)={{0x2, 0x0, 0xd, 0x0, 0x2}, 0x7f, 0x1})

15m32.167924189s ago: executing program 34 (id=1583):
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e)
sendmmsg(r0, &(0x7f00000008c0)=[{{0x0, 0x0, 0x0}}], 0x34000, 0x0)

10m13.822252419s ago: executing program 35 (id=3029):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x64}, 0x1, 0x0, 0x0, 0x4004001}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000240), 0x5000, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000580)={0x550, 0x300, 0xf00, 0x6dd015af66a29e36, 0xffff, 0x10001, 0x20, 0x2, {0xe9, 0x7}, {0x1, 0xb}, {0x5, 0x2, 0x4}, {0x570a, 0x2, 0x1}, 0x0, 0x10, 0x2, 0xfffffffd, 0x0, 0x0, 0x431, 0x7, 0x8001, 0x6, 0x0, 0x400, 0x10, 0x2, 0x1, 0xa})
r1 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0)
sched_setaffinity(0x0, 0xfffffdca, &(0x7f0000000200)=0x400000bce)
sendmsg$RDMA_NLDEV_CMD_RES_CQ_GET(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000002a80)=""/102400, 0x19000)
add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd)
dup(0xffffffffffffffff)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r3, 0x0, 0x482, &(0x7f0000000040)={0x84, @dev={0xac, 0x14, 0x14, 0xb}, 0x15, 0x3, 'sh\x00', 0x1, 0x4, 0x72}, 0x2c)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_ADDDEST(r4, 0x0, 0x487, &(0x7f0000000000)={{0x84, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x4e1f, 0x3, 'lc\x00', 0x4, 0x81, 0xf}, {@rand_addr=0x64010102, 0x4e26, 0x0, 0xcb, 0x12d5c, 0x12d5c}}, 0x44)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000007, 0x38011, r1, 0x0)
getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, 0x0, 0x0)
openat$zero(0xffffffffffffff9c, 0x0, 0x2, 0x0)
timer_create(0x4, 0x0, &(0x7f0000000380)=<r5=>0x0)
timer_settime(r5, 0x0, 0x0, &(0x7f0000000440))
bind$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)

6m54.062861793s ago: executing program 36 (id=3565):
r0 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
fchdir(r0)
syz_open_procfs$namespace(0x0, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
readlink(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)=""/211, 0xd3)

5m32.720048644s ago: executing program 37 (id=3750):
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48)
syz_open_procfs(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18060000001a0000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000000c000000b707000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000300)={r4, 0x20, &(0x7f00000000c0)={0x0, 0x0, 0x0, &(0x7f00000009c0)=""/4096, 0x1000}}, 0x10)

5m20.845781388s ago: executing program 9 (id=3791):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
socket$inet(0x2, 0xa, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000001c0)=ANY=[@ANYBLOB="010000000000000001000080020000008004f6b1c8ecd500005af3"])

5m19.209473369s ago: executing program 9 (id=3794):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @nat={{0x8}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_NAT_TYPE={0x8}, @NFTA_NAT_FAMILY={0x8, 0x2, 0x1, 0x0, 0x2}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x78}}, 0x0)

5m18.324293869s ago: executing program 9 (id=3796):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000140000e5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x101042, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r3 = eventfd2(0x200, 0x0)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000000)={0x0, r3})
close(0x3)

5m17.489695719s ago: executing program 9 (id=3798):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="00222200000096231306e53f070c0000002a9401070800000083"], 0x0}, 0x0)

5m13.669827316s ago: executing program 9 (id=3801):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0)
sendmsg$TIPC_NL_BEARER_SET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000880)={0x28, r1, 0x1, 0x70bd28, 0x25dfdbfb, {}, [@TIPC_NLA_BEARER={0x14, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x48c05}, 0x4040140)
r2 = socket(0x2b, 0x80801, 0x1)
sendmmsg(r2, 0x0, 0x0, 0x20000090)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000600))
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
connect$netlink(0xffffffffffffffff, 0x0, 0x0)
close(0x3)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, 0x0, 0x0)
sendmsg$can_raw(0xffffffffffffffff, 0x0, 0x20000000)
r4 = socket$xdp(0x2c, 0x3, 0x0)
ioctl$int_in(0xffffffffffffffff, 0x5421, &(0x7f0000000100)=0x5)
connect$netrom(0xffffffffffffffff, 0x0, 0x0)
setsockopt$XDP_UMEM_REG(r4, 0x11b, 0x4, 0x0, 0x0)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000300)='wg1\x00', 0x10)
syz_init_net_socket$ax25(0x3, 0x5, 0x1)
socket$igmp(0x2, 0x3, 0x2)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2000006, 0x4ca31, 0xffffffffffffffff, 0xd1d1d000)

5m2.871052299s ago: executing program 9 (id=3812):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec8500000075000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
timer_create(0x0, &(0x7f00000003c0)={0x0, 0x21, 0x800000000004}, &(0x7f0000000380))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f0000000100)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @multicast1}, 0xffffffff}, 0x1c)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x1c)
fcntl$getownex(r3, 0x10, 0x0)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r6=>0x0})
r7 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="440000001300290a00000000000000", @ANYRES32=r6], 0x44}, 0x1, 0x0, 0x0, 0x40}, 0x40000)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000180)='./file0\x00', 0x818, &(0x7f0000000580)={[{@noblock_validity}, {@min_batch_time={'min_batch_time', 0x3d, 0x1}}, {@errors_remount}, {@sb={'sb', 0x3d, 0x8}}, {@data_ordered, 0x0}, {@nogrpid}, {@grpjquota}, {@prjquota}, {@block_validity}, {@nouid32}, {@noinit_itable}, {@noblock_validity}, {@noauto_da_alloc}, {@barrier}], [{@uid_eq}, {@fscontext={'fscontext', 0x3d, 'unconfined_u'}}, {@audit}, {@dont_hash}, {@mask={'mask', 0x3d, '^MAY_WRITE'}}], 0x2c}, 0x0, 0x502, &(0x7f0000002680)="$eJzs3ctrXNUfAPDvTB5Nfn1kfvXZh3a0isFH06TPhRtFoRtBUKQuY5KW2rSVJkJbgokiFQSV/gU+doJ/gSvdiLpS3CpuRSiSTaMLGblz700nnWSSaTKZNvl8YNJz7z13zjn33JM5j95JAJtWOflRiNgWEb9GRF+6uTBCOf1nbnZq5O/ZqZFCVCqv/FWoxrsxOzWSR83P25pt9Bcjiu8XYs8i6U5cvnJ2eHx87GK2PTBZzELnhk+PnR47P3T8+OFDvceODh1Zk3Imebqx+50Le3edeP3aSyMnr73xw1dJfivZ8dpypEpNptBRt6cc5YXXssbjTb77nW57TbjQ2caM0JTkrk1aXle1/fdFR9ysvL548b22Zg5oqUqlUtlSt3f+s2ymUqtQSE8ANojCypt00iduaV6A9ZR/0N+YTUaqUyP14+CN7fpzyc/O6vh/LnulRzqr46JyKR0bdbUo/Xsj4uTMP58mr6ibh2hVqgDAZvZN0v95Ou135K/0SDHur4m3I1sbKkXE/yNiZ0Tck/Vf7ouoxn0gIh6M7vlzkh5l/dzSQuVbtuv7nz/3rrKIDSX9v2fTta3Swv5fvh4VpXyOfHu1/F2FU2fGxw5m16Q/urYk24P1bz1f9G9f+OWTpdIv1/T/kleSft4XzPLxZ+ctF3F0eHJ4teXOXX+3OqSfTtKdydb40iOF+ZWApB53RcTulbxhz8LN5JqdefLLvUtFX778Hy+d1hqsM1U+j3giLfdMLKj/dOWuOwsNTJ57a2Di8pVnztSuTw4eOzp0ZKAnxscODuR3Rb0ff7r6chas69AvX/7WSur/f1m9zy1S/uSWL9Su1040n8bV3z5Yckx5u/d/d+HVajipn48i4tLw5OTFwYjuwsz8/sj3D90899Jw7839g2n5+/cvVv5i8jvu38+y8/ZERHITPxQRD0fEvizvj0TEoxGxv0H5v3/+sTeXGszdCfU/2lT9Nx/oOPvd13UJf1heYfmT+j9cDfVne0aHJ3uWK9dKM7jqCwgAAAB3gX0RsS0KxQPpHGdlOqJ44EDE1vkZlInJp05dePv8aPqMQCm6ivlMV1/NfOhgNjecbCdnDUV0lmqOH6rOG1cqlUpvsp2M38e3t7fosOltzdp/T7bGsS2K1faf+KP+kRZgo2lqHW2pJ9qAu9JtrKMf3dGKjADrzvPasHml7b+73dkA2mDFn/+eR4MN55b2X23l0xFzbcoOsI4W+/x/rQ35ANaf+T/YvLR/2Ly0f9iUVvNcf6PAzhMN4hQ6W5Po0oFiNP4WgFJEvif/D46N3/D3YsTa5LBjTUvau4I67Ym1SCuKy8bpbOKLGLJA/rcDlotcXEGcRqev7+3XOLAlIpa5e+dvtuk8cKXVGatWwxdt/NUEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwJv4LAAD//0DOyR8=")
socket$nl_netfilter(0x10, 0x3, 0xc)

4m47.154211774s ago: executing program 38 (id=3812):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec8500000075000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
timer_create(0x0, &(0x7f00000003c0)={0x0, 0x21, 0x800000000004}, &(0x7f0000000380))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f0000000100)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @multicast1}, 0xffffffff}, 0x1c)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x1c)
fcntl$getownex(r3, 0x10, 0x0)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r6=>0x0})
r7 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="440000001300290a00000000000000", @ANYRES32=r6], 0x44}, 0x1, 0x0, 0x0, 0x40}, 0x40000)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000180)='./file0\x00', 0x818, &(0x7f0000000580)={[{@noblock_validity}, {@min_batch_time={'min_batch_time', 0x3d, 0x1}}, {@errors_remount}, {@sb={'sb', 0x3d, 0x8}}, {@data_ordered, 0x0}, {@nogrpid}, {@grpjquota}, {@prjquota}, {@block_validity}, {@nouid32}, {@noinit_itable}, {@noblock_validity}, {@noauto_da_alloc}, {@barrier}], [{@uid_eq}, {@fscontext={'fscontext', 0x3d, 'unconfined_u'}}, {@audit}, {@dont_hash}, {@mask={'mask', 0x3d, '^MAY_WRITE'}}], 0x2c}, 0x0, 0x502, &(0x7f0000002680)="$eJzs3ctrXNUfAPDvTB5Nfn1kfvXZh3a0isFH06TPhRtFoRtBUKQuY5KW2rSVJkJbgokiFQSV/gU+doJ/gSvdiLpS3CpuRSiSTaMLGblz700nnWSSaTKZNvl8YNJz7z13zjn33JM5j95JAJtWOflRiNgWEb9GRF+6uTBCOf1nbnZq5O/ZqZFCVCqv/FWoxrsxOzWSR83P25pt9Bcjiu8XYs8i6U5cvnJ2eHx87GK2PTBZzELnhk+PnR47P3T8+OFDvceODh1Zk3Imebqx+50Le3edeP3aSyMnr73xw1dJfivZ8dpypEpNptBRt6cc5YXXssbjTb77nW57TbjQ2caM0JTkrk1aXle1/fdFR9ysvL548b22Zg5oqUqlUtlSt3f+s2ymUqtQSE8ANojCypt00iduaV6A9ZR/0N+YTUaqUyP14+CN7fpzyc/O6vh/LnulRzqr46JyKR0bdbUo/Xsj4uTMP58mr6ibh2hVqgDAZvZN0v95Ou135K/0SDHur4m3I1sbKkXE/yNiZ0Tck/Vf7ouoxn0gIh6M7vlzkh5l/dzSQuVbtuv7nz/3rrKIDSX9v2fTta3Swv5fvh4VpXyOfHu1/F2FU2fGxw5m16Q/urYk24P1bz1f9G9f+OWTpdIv1/T/kleSft4XzPLxZ+ctF3F0eHJ4teXOXX+3OqSfTtKdydb40iOF+ZWApB53RcTulbxhz8LN5JqdefLLvUtFX778Hy+d1hqsM1U+j3giLfdMLKj/dOWuOwsNTJ57a2Di8pVnztSuTw4eOzp0ZKAnxscODuR3Rb0ff7r6chas69AvX/7WSur/f1m9zy1S/uSWL9Su1040n8bV3z5Yckx5u/d/d+HVajipn48i4tLw5OTFwYjuwsz8/sj3D90899Jw7839g2n5+/cvVv5i8jvu38+y8/ZERHITPxQRD0fEvizvj0TEoxGxv0H5v3/+sTeXGszdCfU/2lT9Nx/oOPvd13UJf1heYfmT+j9cDfVne0aHJ3uWK9dKM7jqCwgAAAB3gX0RsS0KxQPpHGdlOqJ44EDE1vkZlInJp05dePv8aPqMQCm6ivlMV1/NfOhgNjecbCdnDUV0lmqOH6rOG1cqlUpvsp2M38e3t7fosOltzdp/T7bGsS2K1faf+KP+kRZgo2lqHW2pJ9qAu9JtrKMf3dGKjADrzvPasHml7b+73dkA2mDFn/+eR4MN55b2X23l0xFzbcoOsI4W+/x/rQ35ANaf+T/YvLR/2Ly0f9iUVvNcf6PAzhMN4hQ6W5Po0oFiNP4WgFJEvif/D46N3/D3YsTa5LBjTUvau4I67Ym1SCuKy8bpbOKLGLJA/rcDlotcXEGcRqev7+3XOLAlIpa5e+dvtuk8cKXVGatWwxdt/NUEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwJv4LAAD//0DOyR8=")
socket$nl_netfilter(0x10, 0x3, 0xc)

4m39.625258982s ago: executing program 4 (id=3848):
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0x1d64, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_usb_connect(0x1, 0xfffffffffffffd22, 0x0, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, 0x0, 0x0)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xc)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f0000000300)=""/87, 0x0, 0xf000})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000c40)={0x1, 0x0, [{0x0, 0x0, 0x0}]})
ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000002c0)={0x1, r1})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
unshare(0x64000600)
syncfs(0xffffffffffffffff)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50265a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3590], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r2}, 0x10)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)
socket(0xa, 0x2400000001, 0x0)

4m36.694679576s ago: executing program 5 (id=3842):
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000110000000000"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
mount(&(0x7f00000001c0)=@filename='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000001200)='vfat\x00', 0x0, 0x0)

4m36.140786633s ago: executing program 5 (id=3843):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0)
sendmsg$TIPC_NL_BEARER_SET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000880)={0x28, r1, 0x1, 0x70bd28, 0x25dfdbfb, {}, [@TIPC_NLA_BEARER={0x14, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x48c05}, 0x4040140)
r2 = socket(0x2b, 0x80801, 0x1)
sendmmsg(r2, 0x0, 0x0, 0x20000090)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000600))
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
connect$netlink(0xffffffffffffffff, 0x0, 0x0)
close(0x3)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, 0x0, 0x0)
sendmsg$can_raw(0xffffffffffffffff, 0x0, 0x20000000)
r4 = socket$xdp(0x2c, 0x3, 0x0)
ioctl$int_in(0xffffffffffffffff, 0x5421, &(0x7f0000000100)=0x5)
connect$netrom(0xffffffffffffffff, 0x0, 0x0)
setsockopt$XDP_UMEM_REG(r4, 0x11b, 0x4, 0x0, 0x0)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000300)='wg1\x00', 0x10)
syz_init_net_socket$ax25(0x3, 0x5, 0x1)
socket$igmp(0x2, 0x3, 0x2)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2000006, 0x4ca31, 0xffffffffffffffff, 0xd1d1d000)

4m35.364284332s ago: executing program 4 (id=3846):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x2000c16, &(0x7f0000000040)={[{@nobh}, {@usrjquota}]}, 0xff, 0x240, &(0x7f00000002c0)="$eJzs3T1oO2UcB/DvXRL/tg1SdRHEFxARLZS6CS51UShIKSKCChURF6UVaotb6+TioLNKJ5ciblZH6VJcFMGpaoe6CFocLA46RJJrpbYRX1Jz4n0+cLm75J77Pcfd97kQOBKgsaaTzCdpJZlJ0klSnN/gzmqaPl3dnthfTnq9x34oBttV65WzdlNJtpI8kGSvLPJCO9nYferop4NH7nl9vXP3u7tPToz1IE8dHx0+evLO4msfLNy/8dkX3y0WmU/3d8d19Yoh77WL5KZ/o9h/RNGuuwf8FUuvvP9lP/c3J7lrkP9OylQn74216/Y6ue/tP2r75vef3zrOvgJXr9fr9O+BWz2gccok3RTlbJJquSxnZ6vv8F+1JssXV9dennl+dX3lubpHKuCqdJPDhz+69uHUhfx/26ryD/xPVT9KHT6+tPN1f+GkVXeHgLG4rZr17/8zz2zeG/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmH5pJ/aC75h+aSf2iu8/kHAJqld63uJ5CButQ9/gAAAAAAAAAAAAAAAAAAAJdtT+wvn03jqvnJW8nxQ0naw+q3Bv9HnFw/eJ38sehv9puiajaSp+8YcQcjeq/mp69v+Kbe+p/eXm/9zZVk69Ukc+325euvOL3+/rkb/+TzzrMjFvibigvrDz4x3voX/bJTb/2Fg+Tj/vgzN2z8KXPLYD58/On2z9+I9V/6ecQdAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDa/BgAA//8YZW08")
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000680)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x804071, 0x0, 0x0, 0x0, &(0x7f0000000140))
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
creat(0x0, 0x0)
rename(&(0x7f00000003c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000180)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000340)='.\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000)

4m33.57453583s ago: executing program 4 (id=3847):
r0 = openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)
recvmsg(r0, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = syz_usb_connect(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x141, 0x48, 0x13, 0x44, 0x20, 0x424, 0x7500, 0x69ee, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0xb8, 0x7, 0x2, 0x96, 0xd1, 0xca, 0x0, [], [{{0x9, 0x5, 0x6, 0x2, 0x200, 0xd, 0x0, 0x6}}, {{0x9, 0x5, 0x82, 0x2, 0x200, 0x0, 0x1, 0x10}}]}}]}}]}}, 0x0)
syz_usb_control_io$uac1(r1, 0x0, 0x0)
syz_usb_control_io(r1, 0x0, &(0x7f0000000900)={0x84, &(0x7f00000003c0)={0x0, 0x5, 0x4, "abdc2e2e"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r1, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r1, 0x0, &(0x7f0000000740)={0x44, &(0x7f0000000180)=ANY=[@ANYBLOB="601004000000cf"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r1, 0x0, &(0x7f0000000300)={0x1c, &(0x7f0000001480)=ANY=[@ANYBLOB="200104"], 0x0, 0x0})
syz_usb_control_io$printer(r1, 0x0, 0x0)
syz_usb_control_io$uac1(r1, 0x0, &(0x7f00000013c0)={0x44, &(0x7f00000011c0)={0x20, 0x14, 0x4, "0426fd98"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r1, 0x0, &(0x7f0000000fc0)={0x84, &(0x7f0000000c80)={0x20, 0x0, 0x4, "f670e000"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r1, 0x0, 0x0)
syz_usb_control_io$printer(r1, 0x0, &(0x7f0000000580)={0x1c, &(0x7f0000000240)={0x40, 0x16}, 0x0, 0x0, 0x0, 0x0, 0x0})

4m25.612416623s ago: executing program 5 (id=3853):
syz_mount_image$nilfs2(&(0x7f0000000a40), &(0x7f0000000200)='./file0\x00', 0x10, &(0x7f0000000480)=ANY=[], 0x5, 0xa5a, &(0x7f0000001b40)="$eJzs3U1sHFcBAOA3a6/z22ZTHGrS0CYU2vJTu3FM+ImAVM2FqKm4Vaq4RElaIpyASCVI1UOSEzdaVeHK76mX8qNK5IKinrhUopG49FQ4cCAKUiUO0JC48vq99e7zbmbt2J6s9/uk2bdv3tt9b3ZnZmdn5r0XgKFVaz7OzEwUIVy+8saRfz32zy0hXBlfzNFoPo62xeohhCLGR7P3+2BkIbz14asnuoVFmG4+pnh47kbrtdtCCBfC3nA1NMLuy9def3f62WMXj17a996bh66vzdIDAMBw+c7VQzO7/v7Xh3Z+9NbDh8Om1vx0fN6I8e3xuP9wPPBPx/+10Bkv2qZ2Y1m+0TjVsnwjXfK1l1PP8o32KH8se996j3ybSsofaZvXbblhkKX1uBGK2mRHvFabnFz4Tx6a/+vHismzp2dfPFdRRYFV959HQgh7Taahny42N4jq67Gu09yOqvdAAAvy64VLXMjPLNyd1ruN9lf+jadr3V8Pq2C913/lD1b5v71oj8Pq2ahrU1qutB1tj/G26whnQpf7l/Ltby5/42z7T++XX4+o91nPXtcRBuX6Qq96jqxzPVaqV/3z9WKj+kYM0+fwzSy9ffvJv9NB+Y6B7v7r/L/JNLTTkuPbO8jvlQE2tvy+ubkopef39eXpm0rSN5ekbylJ39qRa2n6tpLXwzD748s/C68Vi//z8//0yz0fns6z3RfD+5dZn/x85HLLH7tDbD3Kd4zEIPnT8edPffXkC9cW7v8vWuv/7bi+743xRtyarsYM6Xxhfl69de9/o7OcWo98D2T1ua9L/ubz8c58xfji+4S2/cySekx0vm5Hr3x7OvM1snxb4rQ5q29+fLI1e106/kj71fR5jWbLW8+WYyyrR9qv7IxhXg9YibQ+9rr/P62fE6FevHh69tRTMZ7W07+M1DfNz99fXtTvVrvuwN3pt/3PROhs/7O9Nb9ea98v7FicX7TvFxrZ/Oke8w/EePqd+97Ilub8yRM/mD252gsPQ+7c+Ve+f3x29tSPPPHEE09aT6reMwFrberlMz+cOnf+lSdPnzn+0qmXTp09cPDggenpg187MDPVPK6faj+6BzaSxR/9qmsCAAAAAAAAAAAA9OvHR49c+9s7X3l/of3/Yvu/1P4/3fmb2v//tFho615rmx+6jAOY2gHu7JLezJN1sDqW5avH6RNZfcezcnZlr/tkDFvj+MX2/6m4vF/XVJ8Hs/l5/70pX9adwJL+UsayXkfy8QI/E8NLMfx1gAoVW7rPjmFZ/9ZpXU/9UyyjX4ruBVOJ9L2lLyX1Y5Laf/fq1ynt/3euQx1ZfevRnLDqZQS6+/cQ9//dPHZZw/f/zf3VL+Pm3mmbqq6bqfppbs4oHsC9oerxP9N5zxSe/fO3N89PKduNpzv3l3n/pXA37vXxJ5W/scb/bI1/19f+7+bS0RMaKyv3f7+4/n5bsWF3v/vffPlTP9DjeQl3PhP90Xz5NxcX5fHQX/lzv8rKzy8I9elmXP70+W/ts/wly7+nrKTzb3eb+/9YfvrYnni03/IXalzUOuuRnzdO1//y88bJrWz5T650+Vc4UOPtWD4Ms0EZZ3a5+hj/t6ls/N8lVnn8317y+zC+HONpR5juc8hHOFlm/VuR9DuwK3v/ouT3zfi/g+3rMSzbHtL4v2l9bHSJ19ri9S6f7Ubd18Cg+uDevf63+ENVfV1M/X5f1dfDtIxpbm5ubU9olai0cCr//Kv+n1B1+VV//mXy8X/zY/h8/N88PR//N0/Px//N0/Px9fL0rVl6/nnm4//m6Q9m75uPDzyR/cHO0z9V8vrdJekPlaTvKUn/dEn6vpL0h0vSHylJf6Ak/dGS9M+WpH+uJP2xkvQnStI/X5K+0aX2KMO6/DDM8vZ5tn8YHql9ba/tf7wkHRhcP39r/zMv/OG7jYX2/2Ot8yHpOt7hGK/H/84/ifH8undoi8+nvRPj/8jS7/XzHTBM8v4z8t/3x0vSgcGV7vOyfcMQKrq3k+i336pex/kMli/E8Isx/FIMn4zhZAynYrg/htPrVD/WxjO/f/vQa8Xi//0dWXq/95Pn7YHyfqIO9Fmf/PzAcu/Hz/vxW667LX+FzcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAqU2s+zsxMFCFcvvLGkeePnZ6an/OtVo5G83G0LVZvvS6Ep2I4EsNfxie3Pnz1RHt4O4ZFmA5FKFrzw3M3WiVtCyFcCHvD1dAIuy9fe/3d6WePXTx6ad97bx66vnafAAAAAGx8HwcAAP//V88c0Q==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42042, 0x14a)
pwritev2(r0, &(0x7f0000000100)=[{&(0x7f0000000080)='\x00', 0x1}], 0x1, 0x2005012, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x2, 0x11, r1, 0x0)
read(r1, 0x0, 0x0)

4m24.21016354s ago: executing program 5 (id=3855):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
write$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000040)={'some', 0x20, 0x1, 0x20, 0xffffffffffffff3c}, 0x2f)
setsockopt$inet_tcp_int(r0, 0x6, 0x19, &(0x7f00000001c0)=0x1, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e24, @multicast2}, 0x10)
sendmmsg$inet(r0, &(0x7f0000002300)=[{{&(0x7f0000000000)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x31}}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000080)="640ff055597e8a84a48d3992e3974f87b2d89479f0e1ffe80b43e8531e73949246afb7aa676caca71ac8782d5be684b4f6c10efcb9049e36f94b776ac633e6081674a0f404132191df2e91c764c71c3d5c", 0x51}], 0x1}}], 0x1, 0x2000c000)
setsockopt$inet_tcp_int(r0, 0x6, 0x19, &(0x7f0000000180)=0x8, 0x4)
socket$qrtr(0x2a, 0x2, 0x0)
r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f00000000000000"], &(0x7f0000000140)='GPL\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r1, 0x8, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="3400000010000108006400000020000000000000", @ANYRES32=0x0, @ANYBLOB="00000000000000000c002b8008000100", @ANYRES32=r1, @ANYBLOB="08001b"], 0x34}}, 0x0)

4m22.555377991s ago: executing program 5 (id=3857):
socket$nl_route(0x10, 0x3, 0x0)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000300)='./file1\x00', 0x10, &(0x7f0000000680), 0x1, 0x254, &(0x7f00000006c0)="$eJzs3T1oJGUcBvBnZnc9c7fIqY0gfoCIaCCcnWBzNgoHchwiggonojbKRYgJdomVjYXWKqlsgtgZLSVNsFEEq6gpYiNosDBYaLGyOxvJx+qqm+zIze8HszPvzsd/Zneed7bY2Q3QWOeTXEzSSjKbpJOkOLjA3dVwfthcndm8mvR6T/xcDJar2pX99c4lWUnyUJKNssjL7WRp/ZmdX7ceu++txc69H6w/PTPVgxza3dl+fO/9y29+fOnBpS+//vFykYvpHjquk1eMeK5dJLecRrH/iaJd9x7wT1x5/aNv+rm/Nck9g/x3UqZ6895euGGjkwfe+6t13/npq9unua/Ayev1Ov1r4EoPaJwySTdFOZekmi7LubnqM/y3rbPlK/MLr82+NL947YW6eyrgpHST7Uc/PfPJuSP5/6FV5X+oVetOAqein/8nr6x915/ek3JohjuqUT//s88t3x/5h8aRf2iQFw+1SvmH5hqf/1q+ogNMges/NJf8Q3PJP1zHOn8/W/6hueQfmkv+obkO5h8AaJbembrvQAbqUnf/AwAAAAAAAAAAAAAAAAAAHLc6s3l1f5hWzc/fTXYfSdIeVb81+D/i5MbB49lfiv5ifyqq1Sby7F0TbmBCH9Z89/VN30/8Ek7kizvrrJ4sX0tW3khyod0+fv4Vw/Pvv7t5zPzO8xMW+JeKI+2Hn5pu/aN+X6u3/qWt5LN+/3NhVP9T5rbBeHT/0x3/E8tjvfrbhBsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgav4IAAD//7ANbcM=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x141042, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000000000001d8500000007000000850000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r1}, 0x10)
pipe2$9p(&(0x7f0000000240), 0x0)
pwritev2(r0, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0)
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
ioctl$EXT4_IOC_CLEAR_ES_CACHE(r0, 0x6628)

4m21.633504633s ago: executing program 4 (id=3859):
openat(0xffffffffffffffff, 0x0, 0x0, 0x45)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000080)={[{@nodelalloc}, {@nobarrier}, {@errors_remount}]}, 0x1, 0x57c, &(0x7f00000129c0)="$eJzs3c9rG8ceAPDvynZ+Oe/Fgbzw3jsUQw5NSSPHdn+k0EN6LG1ooL2nwlZMsBwFSw6xG2hyaC69lFAopYHSP6D3HkP/gf4VgTYQSjDtoReVlVeOYkmWfyiRGn0+sPbM7sgzo90Zz2i0bABDazL9kYv4X0R8lUQcazo2GtnByY10609uzaVbErXax78nkWT7GumT7Pd4FvlvRPz8RcSZXGu+ldW1xUKpVFzO4lPVpetTldW1s1eXCgvFheK1mdnZ82/Ozrzz9ls9q+trl/789qMH75//8tT6Nz8+On4viQtxNDvWXI99uN0cmYzJ7D0ZiwtbEk73ILNBkvS7AOzJSNbOxyLtA47FSNbqgZff5xFRA4ZUov3DkGqMAxpz+x7Ng/8xHr+3MQFqrX+y8dlIHKrPjY6sJ8/MjNL57kQP8k/z+Om3+/fSLXr3OQRAV7fvRMS50dHO/d/endtBmq156P/gxXmQjn9ebzf+yW2Of6LN+Ge8Tdvdi+7tP/eoB9l0lI7/3m07/t1ctJoYyWL/qo/5xpIrV0vFtG/7d0ScjrGDaXy79Zzz6w9rnY41j//SLc2/MRbMyvFo9OCzr5kvVAv7qXOzx3ci/t9l/Ju0Of/p+3Fph3mcLN5/pdOx7vV/vmo/RLza9vw/XdFKtl+fnKpfD1ONq6LVH3dP/tIp/13X/z/7qm6L9Pwf2b7+E0nzem1l93l8f+ivYqdjk0m2aLrL6/9A8kk9fCDbd7NQrS5PRxxIPmzdP/P0tY14I31a/9Ontu//2l3/hyPi0x3W/+6Jux2T7vn678XkMzv/87s6/7sPPPzgs+/2Xv/0/L9RD53O9uyk/9tpAffz3gEAAAAAAMCgyUXE0Uhy+c1wLpfPb3y/40QcyZXKleqZK+WVa/NRv1d2IsZyjZXu8abvQ0xnS5KN+MyW+GxEHI+Ir0cO1+P5uXJpvt+VBwAAAAAAAAAAAAAAAAAAgAEx3rj//+Dm/f+bj7H+daTfpQOeuy2P/B7rVzmAF6/rI/978aQnYCB1bf/AS2s06XcJgH7x/x+Gl/YPw0v7h+Gl/cPw0v5heGn/AAAAAAAAAAAAAAAAAAAAAAAAAAAA0FOXLl5Mt9r6k1tzaXz+xurKYvnG2fliZTG/tDKXnysvX88vlMsLpWJ+rrzU7e+VyuXr0zOxcnOqWqxUpyqra5eXyivXqpevLhUWipeLni0OAAAAAAAAAAAAAAAAAAAArSqra4uFUqm4LDCggUODUYyOgdHBKMYgBWojG42rNDoY5WkNjEVElzT97pkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Km/AwAA//9MAjET")
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x4)
read$FUSE(r0, &(0x7f00000089c0)={0x2020}, 0x2020)

4m21.004868031s ago: executing program 5 (id=3861):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$VHOST_VSOCK_SET_RUNNING(0xffffffffffffffff, 0x8008af00, 0x0)
fsopen(0x0, 0x0)
pipe2(0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x2c, r6, 0xc4fc9e906872338b, 0x70bd29, 0x0, {{0x5}, {@val={0x8}, @void}}, [@NL80211_ATTR_TID_CONFIG={0x10, 0x11d, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x4}]}]}]}, 0x2c}}, 0x0)
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r4, 0x0, 0x0)

4m20.415783452s ago: executing program 4 (id=3863):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
r2 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
fchmodat(r2, &(0x7f00000000c0)='./file1\x00', 0x0)
link(&(0x7f0000000080)='./file1\x00', &(0x7f0000000240)='./file2/file0\x00')
truncate(&(0x7f0000000180)='./file0/../file0/file0\x00', 0x0)

4m16.423985846s ago: executing program 4 (id=3867):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$nl_generic(0x11, 0x3, 0x10)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@local, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x3, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @rand_addr, @multicast1}, @address_reply={0x12, 0x0, 0x0, 0xff}}}}}, 0x0)
sendmsg(r2, &(0x7f0000000640)={&(0x7f00000000c0)=@caif=@dgm={0x25, 0xd}, 0x2c, &(0x7f00000005c0)=[{&(0x7f0000000000)="4ba72c4cfd81685544f46c3f0800", 0x3e}], 0x2, 0x0, 0x0, 0x11000000}, 0x0)

4m12.815865863s ago: executing program 39 (id=3867):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$nl_generic(0x11, 0x3, 0x10)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@local, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x3, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @rand_addr, @multicast1}, @address_reply={0x12, 0x0, 0x0, 0xff}}}}}, 0x0)
sendmsg(r2, &(0x7f0000000640)={&(0x7f00000000c0)=@caif=@dgm={0x25, 0xd}, 0x2c, &(0x7f00000005c0)=[{&(0x7f0000000000)="4ba72c4cfd81685544f46c3f0800", 0x3e}], 0x2, 0x0, 0x0, 0x11000000}, 0x0)

4m5.498306359s ago: executing program 40 (id=3861):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$VHOST_VSOCK_SET_RUNNING(0xffffffffffffffff, 0x8008af00, 0x0)
fsopen(0x0, 0x0)
pipe2(0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x2c, r6, 0xc4fc9e906872338b, 0x70bd29, 0x0, {{0x5}, {@val={0x8}, @void}}, [@NL80211_ATTR_TID_CONFIG={0x10, 0x11d, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x4}]}]}]}, 0x2c}}, 0x0)
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r4, 0x0, 0x0)

3m46.069155356s ago: executing program 3 (id=3906):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000001d40)=[{{0x0, 0x0, &(0x7f0000000e40)=[{&(0x7f0000000240)="af", 0x1}], 0x1}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f00000014c0)=[@cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [r2]}}], 0x38}}], 0x2, 0x801)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r1)
sendmsg$NLBL_MGMT_C_ADDDEF(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[], 0x4c}, 0x1, 0x0, 0x0, 0x8004}, 0x4040000)
r3 = syz_genetlink_get_family_id$ieee802154(0x0, r1)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, &(0x7f0000000380)={<r6=>0x0, 0xc4}, &(0x7f00000003c0)=0x8)
getsockopt$inet_sctp6_SCTP_MAXSEG(r5, 0x84, 0xd, &(0x7f0000000400)=@assoc_id=r6, &(0x7f0000000440)=0x4)
syz_genetlink_get_family_id$nfc(&(0x7f0000000180), r4)
sendmsg$NFC_CMD_GET_TARGET(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x0)
sendmsg$NFC_CMD_GET_SE(r1, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x10)
sendmsg$IEEE802154_LLSEC_LIST_SECLEVEL(r1, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r3, 0x100, 0x70bd29, 0x25dfdbfd, {}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0xc1}, 0x850)
sendmsg$NLBL_MGMT_C_ADDDEF(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[], 0x4c}, 0x1, 0x0, 0x0, 0x24008000}, 0x4040000)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x4, 0x4, 0x2}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r8}, &(0x7f0000000040), &(0x7f0000000140)=r7}, 0x20)
recvmsg$unix(r2, &(0x7f0000000880)={&(0x7f0000000280)=@abs, 0x6e, &(0x7f0000000800)=[{&(0x7f0000000940)=""/200, 0xc8}, {&(0x7f0000000480)=""/138, 0x8a}, {&(0x7f0000000080)}, {&(0x7f0000000540)=""/75, 0x4b}, {&(0x7f0000000300)=""/31, 0x1f}, {&(0x7f0000000080)=""/62, 0x3e}, {&(0x7f0000000600)=""/241, 0xf1}, {&(0x7f0000000700)=""/218, 0xda}], 0x8}, 0x40002020)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000008c0)=ANY=[@ANYBLOB], 0x68}}, 0x0)

3m44.646872632s ago: executing program 3 (id=3910):
r0 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f00000000c0)={[{@noinit_itable}, {@dax_inode}, {@nolazytime}, {@abort}, {@dax_inode}, {@lazytime}, {@noload}, {}, {@noauto_da_alloc}]}, 0xfe, 0x558, &(0x7f0000000c00)="$eJzs3U1rG0cfAPD/ynbenOeJAyG0PRRDDk1JI8d2X1LoIT2WNjTQ3lNhb0ywHAVLDrEbaHJoLr2UUCilgdIP0HuPoV+gnyLQBkIJpj30orLyylFsyZZtpVaq3w82mdldaXY0+x/PaCQUwMAaz/4pRLwcEV8nEcdajg1HfnB87bzVJ7dmsi2Jev2TP5JI8n3N85P8/9E881JE/PJlxJnC5nKryyvzpXI5XczzE7WF6xPV5ZWzVxdKc+lcem1qevr8W9NT777zds/q+vqlv777+MEH5786tfrtT4+O30viQhzNj7XWYw9ut2bGYzx/TUbiwoYTJ3tQWD9J9vsC2JWhPM5HIusDjsVQHvXAf98XEVEHBlQi/mFANccBzbl9j+bBL4zH769NgDbXf3jtvZE41JgbHVlNnpkZZfPdsR6Un5Xx8+/372Vb9O59CIBt3b4TEeeGhzf3f0ne/+3euS7O2VjGDvu/+g4vCWjxIBv/vNFu/FNYH/9Em/HPaJvY3Y3t47/wqAfFdJSN/95rO/5dX7QaG8pz/2uM+UaSK1fLada3/T8iTsfIwSy/1XrO+dWHHfup1vFftmXlN8eC+XU8Gj747GNmS7XSXurc6vGdiFfajn+T9fZP2rR/9npc6rKMk+n9Vzsd277+z1f9x4jX2rb/0xWtZOv1yYnG/TDRvCs2+/PuyV87lb/f9c/a/8jW9R9LWtdrqzsv44dDf6edju32/j+QfNpIH8j33SzVaouTEQeSjzbvn3r62Ga+eX5W/9Ontu7/2t3/hyPisy7rf/fE3Y6n9kP7z+6o/XeeePjh5993Kr+79n+zkTqd7+mm/+v2Avfy2gEAAAAAAEC/KUTE0UgKxfV0oVAsrn2+40QcKZQr1dqZK5Wla7PR+K7sWIwUmivdoy2fh5jMPw/bzE9tyE9HxPGI+GbocCNfnKmUZ/e78gAAAAAAAAAAAAAAAAAAANAnRjt8/z/z29B+Xx3w3PnJbxhc28Z/L37pCehL/v7D4BL/MLjEPwwu8Q+DS/zD4BL/MLjEPwwu8Q8AAAAAAAAAAAAAAAAAAAAAAAAAAAA9denixWyrrz65NZPlZ28sL81XbpydTavzxYWlmeJMZfF6ca5SmSunxZnKwnbPV65Urk9OxdLNiVparU1Ul1cuL1SWrtUuX10ozaWX05F/pVYAAAAAAAAAAAAAAAAAAADwYqkur8yXyuV0UUJiV4nh/rgMibVEM7D3/IT72y8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQKt/AgAA//+jgjYy")
mount$overlay(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000002c0)={[{@workdir={'workdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}], [], 0x2c})
syz_mount_image$msdos(&(0x7f0000000400), &(0x7f0000001cc0)='.\x00', 0x1aca4b8, &(0x7f0000000a80)=ANY=[@ANYRES16=r0, @ANYRESHEX=r0, @ANYBLOB="29ab3b30df7d75af6a66b0358c15235889ce2a0584d8b2ef4a21a27c9af13b6657ff207e1c5d58aea9c00a00ca049d3d367df0c23e00000000fdff00000639e695cecd9d0c27f3bd893e78c469110da7a3f6e2a787693f16be9dccc8aa22db6946d10cc6f04f5ca3a1a1d4a66bf1109fb12822f5e2a37bdd6dfdc5a2a86a95ba2a86dc0f5b5567f70a01d8aa78820a5dfb853c8562ce313972cf4af2e04803755d0068705559237f9a063c2c24ed23c25b8f4aab53efd1c9ced5045e9b88cfe32f33119a4bc01d3d73afd037dedde8aa4600c93c71e78ab732db07cba921af5f6b88c9b5ceccf4c71a4e74dca34e9c482904efbc2ea3d7ec2ec12cdae77d039aa63a344714995b27f961e81b2a68e073361ac1380aa8a2f3298c0807e1fe47f57e88e1a7ed753c1afbdda398eb521c9bc74429", @ANYRESHEX=r0, @ANYRESHEX, @ANYRES32=r0], 0xb, 0x0, &(0x7f0000000000))
chdir(&(0x7f0000000440)='./file0\x00')
link(&(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)='./bus\x00')

3m42.88117505s ago: executing program 3 (id=3912):
r0 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000180)=ANY=[@ANYBLOB="1201000000000040ac054382408b0b00000109022400010000002009040000fd0301000009210000000122010009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000003c0)={0xfffffffffffffd78, 0x0, 0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="002281"], 0x0}, 0x0)
r1 = syz_open_dev$hiddev(&(0x7f00000000c0), 0x0, 0x0)
ioctl$HIDIOCGDEVINFO(r1, 0x801c4803, &(0x7f0000000100)=""/95)

3m39.151884857s ago: executing program 3 (id=3919):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000001d40)=[{{0x0, 0x0, &(0x7f0000000e40)=[{&(0x7f0000000240)="af", 0x1}], 0x1}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f00000014c0)=[@cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [r2]}}], 0x38}}], 0x2, 0x801)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r1)
sendmsg$NLBL_MGMT_C_ADDDEF(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[], 0x4c}, 0x1, 0x0, 0x0, 0x8004}, 0x4040000)
r3 = syz_genetlink_get_family_id$ieee802154(0x0, r1)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, &(0x7f0000000380)={<r6=>0x0, 0xc4}, &(0x7f00000003c0)=0x8)
getsockopt$inet_sctp6_SCTP_MAXSEG(r5, 0x84, 0xd, &(0x7f0000000400)=@assoc_id=r6, &(0x7f0000000440)=0x4)
syz_genetlink_get_family_id$nfc(&(0x7f0000000180), r4)
sendmsg$NFC_CMD_GET_TARGET(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x0)
sendmsg$NFC_CMD_GET_SE(r1, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x10)
sendmsg$IEEE802154_LLSEC_LIST_SECLEVEL(r1, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r3, 0x100, 0x70bd29, 0x25dfdbfd, {}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0xc1}, 0x850)
sendmsg$NLBL_MGMT_C_ADDDEF(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[], 0x4c}, 0x1, 0x0, 0x0, 0x24008000}, 0x4040000)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x4, 0x4, 0x2}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r8}, &(0x7f0000000040), &(0x7f0000000140)=r7}, 0x20)
recvmsg$unix(r2, &(0x7f0000000880)={&(0x7f0000000280)=@abs, 0x6e, &(0x7f0000000800)=[{&(0x7f0000000940)=""/200, 0xc8}, {&(0x7f0000000480)=""/138, 0x8a}, {&(0x7f0000000080)}, {&(0x7f0000000540)=""/75, 0x4b}, {&(0x7f0000000300)=""/31, 0x1f}, {&(0x7f0000000080)=""/62, 0x3e}, {&(0x7f0000000600)=""/241, 0xf1}, {&(0x7f0000000700)=""/218, 0xda}], 0x8}, 0x40002020)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000008c0)=ANY=[@ANYBLOB], 0x68}}, 0x0)

3m37.751903978s ago: executing program 3 (id=3922):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000980), &(0x7f0000000300)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
syz_emit_ethernet(0xbe, &(0x7f00000014c0)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x3e, 0xb0, 0x1000, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x4e21, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x4, "44cb6d37c6818e519c60ca92b05c8ad4ae74ea79fdb58e2b7f29fa51c12f5cbb", "529ce0c19fb809804c2ff3c5412218a7d847fbc93cfef70c00506d947ea54e7f53d1fdc46c7f32f5461c69dbb12ae334", "93789889a9e2835b672961b74d925e86afc527fa482ea332ce27b8a5", {"2e5da89a0ace8edabc766b388285d39f", "375c5bef000000000d4600"}}}}}}}, 0x0)

3m36.764992376s ago: executing program 3 (id=3923):
sched_setscheduler(0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000240)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
mkdirat(0xffffffffffffffff, &(0x7f0000000440)='./file0\x00', 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180500000000c800000000004b64ffec850000007d000000850000002a00000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x40)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02030609100000000000004c9e0000000200130002000000da16c167d803f1f805000600200000000a00060000000000ff0000000000000000001ffeff0001000003f1dc7f7c6e7c0200010000000000004000020000000005000500000000000a"], 0x80}}, 0x0)
sendmmsg(r3, &(0x7f0000000180), 0x400008a, 0x0)
sendmsg$key(r3, &(0x7f0000000000)={0x9, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)={0x2, 0x9, 0x0, 0x9, 0x2, 0x0, 0xffffffff, 0x25dfdbfe}, 0x10}}, 0x0)

3m21.285335717s ago: executing program 41 (id=3923):
sched_setscheduler(0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000240)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
mkdirat(0xffffffffffffffff, &(0x7f0000000440)='./file0\x00', 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180500000000c800000000004b64ffec850000007d000000850000002a00000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x40)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02030609100000000000004c9e0000000200130002000000da16c167d803f1f805000600200000000a00060000000000ff0000000000000000001ffeff0001000003f1dc7f7c6e7c0200010000000000004000020000000005000500000000000a"], 0x80}}, 0x0)
sendmmsg(r3, &(0x7f0000000180), 0x400008a, 0x0)
sendmsg$key(r3, &(0x7f0000000000)={0x9, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)={0x2, 0x9, 0x0, 0x9, 0x2, 0x0, 0xffffffff, 0x25dfdbfe}, 0x10}}, 0x0)

2m42.80991056s ago: executing program 8 (id=4020):
r0 = openat$comedi(0xffffff9c, &(0x7f0000000040)='/dev/comedi1\x00', 0x2180, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f0000000080)={'pcl818\x00', [0x2f00, 0x5, 0xd09a, 0x2, 0x2, 0xfffffffe, 0x1, 0x6, 0xffe, 0x1, 0xc, 0x1, 0x4, 0x4, 0xffff, 0x6, 0xffffffa7, 0x40000009, 0x832, 0x30000, 0x3ff, 0x9, 0x800, 0xe2df, 0x2, 0x1, 0x9, 0x3, 0x4, 0x5, 0x2070f]})

2m41.687461732s ago: executing program 8 (id=4025):
socket$packet(0x11, 0x3, 0x300)
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000380)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ptype\x00')
preadv(r3, &(0x7f0000001540)=[{&(0x7f0000000000)=""/89, 0x59}, {&(0x7f0000001600)=""/70, 0x46}, {0x0}, {0x0}], 0x4, 0x1a, 0x0)

2m40.503424963s ago: executing program 8 (id=4028):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0xa0000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_X86_SETUP_MCE(r2, 0x4008ae9c, &(0x7f0000000000)={0x1b, 0x5, 0xc})
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000080)={0x1, 0x0, [{0x17b, 0x0, 0xffffffffffffffff}]})

2m39.476164708s ago: executing program 8 (id=4033):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000180), 0xfc, 0x564, &(0x7f00000008c0)="$eJzs3c9rHFUcAPDvbJI2/aFJoRT1IIEerNRumsQfFTzUo2ixoPe6JNNQsumW7KY0sWB7sBcvUgQRC6J37x6L/4B/RUELRUrQg5eV2cym22Y32aSbJu1+PjDJezOzee+7M9+XNzu7bAB9ayz7UYh4NSK+TSJGWrYNRr5xbHW/lYfXp7MliXr9s7+TSPJ1zf2T/PehvPJKRPz+dcTJwvp2q0vLc6VyOV3I6+O1+Svj1aXlU5fmS7PpbHp5cmrqzDtTk++/927PYn3z/L8/fHr3ozPfHF/5/tf7R24ncTYO59ta43gKN1orYzGWPydDcfaJHSd60Nhekux2B9iWgTzPhyIbA0ZiIM/6tuojz7JrwA77KktroE8l8h/6VHMe0Ly279F18HPjwYerF0Dr4x9cfW0khhvXRgdXkseujLLr3dEetJ+18dtfd25nS/TudQiATd24GRGnBwfXj39JPv5t3+ku9nmyDeMfPDt3s/nPW+3mP4W1+U+0mf8capO727F5/hfu96CZjrL53wdt579rN61GB/LaS40531By8VI5zca2lyPiRAztz+ob3M/5orByr95pY+v8L1uy9ptzwbwf9wf3P/6YmVKt9FRBt3hwM+K1tvPfZO34J22Of/Z8nO+yjWPpndc7bds8/p1V/znijbbH/9EdrWTj+5PjjfNhvHlWrPfPrWN/dGp/t+PPjv/BjeMfTVrv11a33sZPw/+lnbZt9/zfl3zeKO/L110r1WoLExH7kk/Wr5989Nhmvbl/Fv+J4xuPf+3O/wNZYncZ/62jt1p3Hd5a/Dsri39mS8d/64V7H3/5Y6f2uzv+bzdKJ/I13Yx/3XbwaZ47AAAAAAAA2GsKEXE4kkJxrVwoFIur7+84GgcL5Uq1dvJiZfHyTDQ+KzsaQ4Xmne6RlvdDTOTvh23WJ5+oT0XEkYj4buBAo16crpRndjt4AAAAAAAAAAAAAAAAAAAA2CMORQy3+/x/5s+B3e4dsOM2+Mpv4AXXOf/zLb34pidgT/L/H/qX/If+Jf+hf8l/6F/yH/qX/If+Jf+hf20l/385t4MdAQAAAAAAAAAAAAAAAAAAAAAAAAAAgBfD+XPnsqW+8vD6dFafubq0OFe5emomrc4V5xeni9OVhSvF2UpltpwWpyvzm/29cqVyZWIyFq+N19Jqbby6tHxhvrJ4uXbh0nxpNr2QDj2TqAAAAAAAAAAAAAAAAAAAAOD5Ul1aniuVy+mCgsK2CoN7oxsKPS7s9sgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI/8HwAA///F1Dry")
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1e5)
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1, 0x8005, 0x0, 0x0, 0x19, 0x1c, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204]})
r1 = open(&(0x7f0000000040)='./file1\x00', 0x80242, 0x0)
write$binfmt_aout(r1, &(0x7f0000000300)=ANY=[], 0x20)

2m37.800743049s ago: executing program 8 (id=4035):
read$FUSE(0xffffffffffffffff, &(0x7f0000005180)={0x2020}, 0x2020)

2m36.634865983s ago: executing program 8 (id=4038):
socket$packet(0x11, 0x3, 0x300)
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000380)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ptype\x00')
preadv(r3, &(0x7f0000001540)=[{&(0x7f0000000000)=""/89, 0x59}, {&(0x7f0000001600)=""/70, 0x46}, {0x0}, {0x0}], 0x4, 0x1a, 0x0)

2m33.681159075s ago: executing program 42 (id=4038):
socket$packet(0x11, 0x3, 0x300)
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000380)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r2, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ptype\x00')
preadv(r3, &(0x7f0000001540)=[{&(0x7f0000000000)=""/89, 0x59}, {&(0x7f0000001600)=""/70, 0x46}, {0x0}, {0x0}], 0x4, 0x1a, 0x0)

19.704741044s ago: executing program 6 (id=4574):
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000040)={'wlan0\x00', &(0x7f00000007c0)=@ethtool_per_queue_op={0x4b, 0xe, [0x8, 0x483f, 0x200, 0x8, 0xfae5, 0x9, 0x9, 0x8, 0x43, 0x3, 0x1, 0x9de, 0x8de, 0x8000, 0x54, 0x81, 0xd80, 0x9, 0x8, 0x6, 0x8, 0x6e20, 0x2, 0x6, 0xb99, 0x3, 0x3, 0x1, 0xc, 0x9, 0x5, 0x100, 0x3, 0x800, 0xfffffff9, 0x9, 0x8, 0x2, 0x7fff, 0x60000, 0x0, 0x5104, 0x3, 0xcb1, 0x9, 0x80000001, 0x5, 0x7932, 0x7, 0x2, 0x8, 0x401, 0x5, 0x800, 0x6, 0x1, 0x3, 0x8, 0x0, 0xf8000000, 0x40, 0xaa1, 0x4, 0x3, 0x4b, 0x1, 0x9, 0x8, 0x2, 0x8, 0xf8, 0x6, 0x2, 0xd1d1, 0x10001, 0x5, 0x800, 0x0, 0x7, 0x2, 0x0, 0x8, 0x389, 0x100, 0x6, 0xdc, 0x10001, 0xff, 0x5b, 0x7, 0x406, 0x10000, 0x0, 0x4, 0x40, 0x58d7, 0x6, 0x3, 0x49c4, 0x0, 0x9, 0xa4c, 0xfffffffc, 0x3, 0x88f, 0x7, 0xfffffdd1, 0x3, 0xc, 0x81, 0x3ff, 0x5, 0x0, 0x7, 0xfd2, 0x0, 0x9, 0x3, 0xf0, 0x7, 0x800, 0x80000001, 0xf383, 0x47db4311, 0x9, 0x3, 0x1ff, 0x2], "9da09e4d2ed7b2a44aefbfb7d39f0bb44583a1e456e9b09f4ce0ba31cd3ce5f652a3c87f02e67800fac0eaebb1e5f5eb3a31b8705bd1799e2b6e3fe16295fc09f80f60d212e4b556e4b7a3efe39f"}})
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'gretap0\x00'})
r1 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, 0x0, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000340)=@raw={'raw\x00', 0x9, 0x3, 0x268, 0xa8, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x1d0, 0xffffffff, 0xffffffff, 0x1d0, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0x70, 0xa8}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0x1, 0x0, 0x5}, {0x2, 0x3, 0x3}, {0x0, 0x2}, 0x10000, 0x8}}}, {{@ip={@empty, @remote, 0xffffff00, 0xffffff00, 'ip6gretap0\x00', 'gretap0\x00', {}, {0xef9d7dc27ebb7536}, 0x0, 0x1, 0x2}, 0x0, 0xe0, 0x128, 0x0, {}, [@inet=@rpfilter={{0x28}, {0x1}}, @common=@unspec=@nfacct={{0x48}, {'syz0\x00', 0x8000000000000001}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x1, 0x6, 0x51ea, 0x0, 'pptp\x00', {0x3461}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2c8)
socket(0x2, 0xa, 0x200)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f00000004c0)='contention_end\x00', 0xffffffffffffffff, 0x0, 0xfffffffffffffffc}, 0x18)
r2 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800"/13], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x0, 0x0, 0xa}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x48, 0x0, &(0x7f0000000000)='\x00', 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000040)=ANY=[@ANYBLOB="e40000000201010800000000000000000a000000d00001800c000280050001000000000014000180080001000000000008000200000000002c000180"], 0xe4}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r4, 0x84, 0x13, &(0x7f00000002c0)={0x0, 0x3}, &(0x7f0000000640)=0x8)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', <r6=>0x0})
sendmsg$nl_route(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="380000005400e501000000000000000007000000", @ANYRES32, @ANYBLOB="20000100", @ANYRES32=r6, @ANYBLOB="01000400ffffffff00000000000000000000e00000000000"], 0x38}}, 0x20044050)

18.849118491s ago: executing program 6 (id=4579):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000003bc0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWRULE={0x44, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2, 0x0, 0x2}, [@NFTA_RULE_EXPRESSIONS={0x18, 0x4, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, @target={{0xb}, @val={0x4}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x6c}}, 0x0)

18.142809191s ago: executing program 6 (id=4584):
mkdir(&(0x7f0000000000)='./file0\x00', 0x40)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, 0x0, &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
fchmodat(r0, &(0x7f00000000c0)='./file1\x00', 0x0)
close(0x3)
unlink(&(0x7f0000000180)='./file1\x00')
mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', 0x0, 0x20, 0x0)

17.343477917s ago: executing program 6 (id=4589):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000180), 0xfc, 0x564, &(0x7f00000008c0)="$eJzs3c9rHFUcAPDvbJI2/aFJoRT1IIEerNRumsQfFTzUo2ixoPe6JNNQsumW7KY0sWB7sBcvUgQRC6J37x6L/4B/RUELRUrQg5eV2cym22Y32aSbJu1+PjDJezOzee+7M9+XNzu7bAB9ayz7UYh4NSK+TSJGWrYNRr5xbHW/lYfXp7MliXr9s7+TSPJ1zf2T/PehvPJKRPz+dcTJwvp2q0vLc6VyOV3I6+O1+Svj1aXlU5fmS7PpbHp5cmrqzDtTk++/927PYn3z/L8/fHr3ozPfHF/5/tf7R24ncTYO59ta43gKN1orYzGWPydDcfaJHSd60Nhekux2B9iWgTzPhyIbA0ZiIM/6tuojz7JrwA77KktroE8l8h/6VHMe0Ly279F18HPjwYerF0Dr4x9cfW0khhvXRgdXkseujLLr3dEetJ+18dtfd25nS/TudQiATd24GRGnBwfXj39JPv5t3+ku9nmyDeMfPDt3s/nPW+3mP4W1+U+0mf8capO727F5/hfu96CZjrL53wdt579rN61GB/LaS40531By8VI5zca2lyPiRAztz+ob3M/5orByr95pY+v8L1uy9ptzwbwf9wf3P/6YmVKt9FRBt3hwM+K1tvPfZO34J22Of/Z8nO+yjWPpndc7bds8/p1V/znijbbH/9EdrWTj+5PjjfNhvHlWrPfPrWN/dGp/t+PPjv/BjeMfTVrv11a33sZPw/+lnbZt9/zfl3zeKO/L110r1WoLExH7kk/Wr5989Nhmvbl/Fv+J4xuPf+3O/wNZYncZ/62jt1p3Hd5a/Dsri39mS8d/64V7H3/5Y6f2uzv+bzdKJ/I13Yx/3XbwaZ47AAAAAAAA2GsKEXE4kkJxrVwoFIur7+84GgcL5Uq1dvJiZfHyTDQ+KzsaQ4Xmne6RlvdDTOTvh23WJ5+oT0XEkYj4buBAo16crpRndjt4AAAAAAAAAAAAAAAAAAAA2CMORQy3+/x/5s+B3e4dsOM2+Mpv4AXXOf/zLb34pidgT/L/H/qX/If+Jf+hf8l/6F/yH/qX/If+Jf+hf20l/385t4MdAQAAAAAAAAAAAAAAAAAAAAAAAAAAgBfD+XPnsqW+8vD6dFafubq0OFe5emomrc4V5xeni9OVhSvF2UpltpwWpyvzm/29cqVyZWIyFq+N19Jqbby6tHxhvrJ4uXbh0nxpNr2QDj2TqAAAAAAAAAAAAAAAAAAAAOD5Ul1aniuVy+mCgsK2CoN7oxsKPS7s9sgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI/8HwAA///F1Dry")
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1e5)
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1, 0x8005, 0x0, 0x0, 0x19, 0x1c, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204]})
r1 = open(&(0x7f0000000040)='./file1\x00', 0x80242, 0x0)
write$binfmt_aout(r1, &(0x7f0000000300)=ANY=[], 0x20)

16.157390982s ago: executing program 6 (id=4594):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000003bc0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWRULE={0x44, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2, 0x0, 0x2}, [@NFTA_RULE_EXPRESSIONS={0x18, 0x4, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, @target={{0xb}, @val={0x4}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x6c}}, 0x0)

15.050680065s ago: executing program 6 (id=4601):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x7, 0xfff2}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x14, 0x2, [@TCA_FQ_FLOW_MAX_RATE={0x8, 0x7, 0x8}, @TCA_FQ_RATE_ENABLE={0x8}]}}]}, 0x40}}, 0x0)

13.178427981s ago: executing program 43 (id=4601):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x7, 0xfff2}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x14, 0x2, [@TCA_FQ_FLOW_MAX_RATE={0x8, 0x7, 0x8}, @TCA_FQ_RATE_ENABLE={0x8}]}}]}, 0x40}}, 0x0)

6.515365745s ago: executing program 0 (id=4627):
openat$snapshot(0xffffffffffffff9c, &(0x7f00000002c0), 0x40040, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x240, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xf)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000040)=0x30)

5.671107836s ago: executing program 7 (id=4631):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000180), 0xfc, 0x564, &(0x7f00000008c0)="$eJzs3c9rHFUcAPDvbJI2/aFJoRT1IIEerNRumsQfFTzUo2ixoPe6JNNQsumW7KY0sWB7sBcvUgQRC6J37x6L/4B/RUELRUrQg5eV2cym22Y32aSbJu1+PjDJezOzee+7M9+XNzu7bAB9ayz7UYh4NSK+TSJGWrYNRr5xbHW/lYfXp7MliXr9s7+TSPJ1zf2T/PehvPJKRPz+dcTJwvp2q0vLc6VyOV3I6+O1+Svj1aXlU5fmS7PpbHp5cmrqzDtTk++/927PYn3z/L8/fHr3ozPfHF/5/tf7R24ncTYO59ta43gKN1orYzGWPydDcfaJHSd60Nhekux2B9iWgTzPhyIbA0ZiIM/6tuojz7JrwA77KktroE8l8h/6VHMe0Ly279F18HPjwYerF0Dr4x9cfW0khhvXRgdXkseujLLr3dEetJ+18dtfd25nS/TudQiATd24GRGnBwfXj39JPv5t3+ku9nmyDeMfPDt3s/nPW+3mP4W1+U+0mf8capO727F5/hfu96CZjrL53wdt579rN61GB/LaS40531By8VI5zca2lyPiRAztz+ob3M/5orByr95pY+v8L1uy9ptzwbwf9wf3P/6YmVKt9FRBt3hwM+K1tvPfZO34J22Of/Z8nO+yjWPpndc7bds8/p1V/znijbbH/9EdrWTj+5PjjfNhvHlWrPfPrWN/dGp/t+PPjv/BjeMfTVrv11a33sZPw/+lnbZt9/zfl3zeKO/L110r1WoLExH7kk/Wr5989Nhmvbl/Fv+J4xuPf+3O/wNZYncZ/62jt1p3Hd5a/Dsri39mS8d/64V7H3/5Y6f2uzv+bzdKJ/I13Yx/3XbwaZ47AAAAAAAA2GsKEXE4kkJxrVwoFIur7+84GgcL5Uq1dvJiZfHyTDQ+KzsaQ4Xmne6RlvdDTOTvh23WJ5+oT0XEkYj4buBAo16crpRndjt4AAAAAAAAAAAAAAAAAAAA2CMORQy3+/x/5s+B3e4dsOM2+Mpv4AXXOf/zLb34pidgT/L/H/qX/If+Jf+hf8l/6F/yH/qX/If+Jf+hf20l/385t4MdAQAAAAAAAAAAAAAAAAAAAAAAAAAAgBfD+XPnsqW+8vD6dFafubq0OFe5emomrc4V5xeni9OVhSvF2UpltpwWpyvzm/29cqVyZWIyFq+N19Jqbby6tHxhvrJ4uXbh0nxpNr2QDj2TqAAAAAAAAAAAAAAAAAAAAOD5Ul1aniuVy+mCgsK2CoN7oxsKPS7s9sgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI/8HwAA///F1Dry")
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1e5)
r0 = open(&(0x7f0000000040)='./file1\x00', 0x80242, 0x0)
write$binfmt_aout(r0, &(0x7f0000000300)=ANY=[], 0x20)

5.303128147s ago: executing program 1 (id=4632):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000001d40)=[{{0x0, 0x0, &(0x7f0000000e40)=[{&(0x7f0000000240)="af", 0x1}], 0x1}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f00000014c0)=[@cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [r2]}}], 0x38}}], 0x2, 0x801)
r3 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r1)
sendmsg$NLBL_MGMT_C_ADDDEF(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01000000000000000000040000001400050003030000000a0000005dc00000000001080002000500000014000600ff01000a00f2f3f31f000a0000000001060001"], 0x4c}, 0x1, 0x0, 0x0, 0x8004}, 0x4040000)
r4 = syz_genetlink_get_family_id$ieee802154(0x0, r1)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, &(0x7f0000000380)={<r7=>0x0, 0xc4}, 0x0)
getsockopt$inet_sctp6_SCTP_MAXSEG(r6, 0x84, 0xd, &(0x7f0000000400)=@assoc_id=r7, &(0x7f0000000440)=0x4)
syz_genetlink_get_family_id$nfc(&(0x7f0000000180), r5)
sendmsg$NFC_CMD_GET_TARGET(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x0)
sendmsg$NFC_CMD_GET_SE(r1, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x10)
sendmsg$IEEE802154_LLSEC_LIST_SECLEVEL(r1, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r4, 0x100, 0x70bd29, 0x25dfdbfd, {}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0xc1}, 0x850)
sendmsg$NLBL_MGMT_C_ADDDEF(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[], 0x4c}, 0x1, 0x0, 0x0, 0x24008000}, 0x4040000)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x4, 0x4, 0x2}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r9}, &(0x7f0000000040), &(0x7f0000000140)=r8}, 0x20)
recvmsg$unix(r2, &(0x7f0000000880)={&(0x7f0000000280)=@abs, 0x6e, &(0x7f0000000800)=[{&(0x7f0000000940)=""/200, 0xc8}, {&(0x7f0000000480)=""/138, 0x8a}, {&(0x7f0000000080)}, {&(0x7f0000000540)=""/75, 0x4b}, {&(0x7f0000000300)=""/31, 0x1f}, {&(0x7f0000000080)=""/62, 0x3e}, {&(0x7f0000000600)=""/241, 0xf1}, {&(0x7f0000000700)=""/218, 0xda}], 0x8}, 0x40002020)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000008c0)=ANY=[@ANYBLOB], 0x68}}, 0x0)

5.022598117s ago: executing program 0 (id=4633):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000003bc0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2, 0x0, 0x2}, [@NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @target={{0xb}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_TARGET_REV={0x8}, @NFTA_TARGET_INFO={0x6, 0x3, "02b5"}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x7c}}, 0x0)

4.856854795s ago: executing program 7 (id=4634):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x1, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000500)={'syzkaller0\x00', 0x7101})
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0xa802, 0x0)
close(r1)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x4}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0xc, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, [@ringbuf_output={{0x18, 0x2, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xc}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x43}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000001640)='kfree\x00', r3}, 0x10)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0xb, 0xd}, {}, {0x8, 0xfff1}}}, 0x24}, 0x1, 0x0, 0x0, 0x48050}, 0x40004)

4.833389954s ago: executing program 2 (id=4635):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r0, &(0x7f0000003580)={0x2, 0x0, @dev}, 0x10)

4.192990332s ago: executing program 0 (id=4636):
mkdir(&(0x7f0000000000)='./file0\x00', 0x40)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
fchmodat(r0, &(0x7f00000000c0)='./file1\x00', 0x0)

4.140875646s ago: executing program 2 (id=4637):
ioctl$COMEDI_LOCK(0xffffffffffffffff, 0x6405)
ioctl$COMEDI_LOCK(0xffffffffffffffff, 0x6405)

4.010016672s ago: executing program 1 (id=4638):
mkdir(&(0x7f0000000000)='./file0\x00', 0x40)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}], [], 0x2c})
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
fchmodat(r0, &(0x7f00000000c0)='./file1\x00', 0x0)
close(0x3)
unlink(&(0x7f0000000180)='./file1\x00')
mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', 0x0, 0x20, 0x0)
getdents(r0, &(0x7f0000001080)=""/4096, 0x1000)

3.983103552s ago: executing program 7 (id=4639):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x1, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000500)={'syzkaller0\x00', 0x7101})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa802, 0x0)
close(r1)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0xb, 0xd}, {}, {0x8, 0xfff1}}}, 0x24}, 0x1, 0x0, 0x0, 0x48050}, 0x40004)
recvmmsg(r4, &(0x7f0000005140)=[{{0x0, 0x0, &(0x7f0000001a80)=[{&(0x7f0000000640)=""/216, 0xd8}, {&(0x7f00000052c0)=""/235, 0xeb}, {&(0x7f0000003080)=""/4096, 0x1000}], 0x3}, 0x3}], 0x1b00, 0x0, 0x0)

3.71654724s ago: executing program 2 (id=4640):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32}, 0x9c)
bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1, 0x0, 0x0, 0x0)
sendmmsg$inet6(r0, &(0x7f0000004900)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000240)="af", 0x8980}], 0x1}}, {{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000b80)="bda033176eb146b36ef41f221a4e7ce4a02598d750606488520915c6806affc0a913781c7211ce1fcd59a12b5d5afdaf9d723f092ce9d1eed16e208f2e79831ca049e8979ad94621175c2c48c10e33b29f2def51498743b057efc21efe4be4d9f02e9d236f27190c29c5da0f3799452f5e3640340502fde4ae8c56b303e1b79b3d1842bf6277771bef544c745e7a80c9e7efdd1c619f69b9d01839aa326776d335689e4db7cb7e32fad8f4c40e943b43eb4ea173d720bf5998149625a731643636c8ddbe61e1d7d4736f8414a84acc40557012c82697d8a59c873424aefb3c7ff0dba302efaaf887a477b1ab7ea6c1def9db3514e444c1ef36c6cf42cde90d4bbb2e923a5d16a1bb191ad91cab867cd55037d507a12803f3df1b81f1857fad085dbc5c46aac14230d7a4f8b36d6bc63b4a16cd309b7697b421a662b83001b5ce5ab3ff80800243107df7aa6cae9a5db6a8f2a53ef7d6c6aeac76b83a15466c74a9cdbcde8505e3d14c0c3a47a36bf464168202dc88e25f4c1da57faf0eaa7ff16bdd751c2ae5778e169c8ffba57c9a20e24ad51e6e8e02b721e8ca94f131cc98e03b34b615a1db4080362de4ef215d5a0541aeb0c742a2636ac5af8538ceb3585ef9dca8037df55baa072096073b005b53eff0b899de59bc2b5d687d109520571eeacb30124c4012fe6cb9e3bf451be3d219206ddc35099101533cff5aee6c4783e00e6dd391f664052a6c66c62f62a49fde8fbe336543bf99b55e53b801e54c1d0a292da83db26a8a870ac1d8751c4bc0d495277295cd3a17f9e9a25d70214a17b981b62d5c75356ed025df3557a8b59648edd9d1dbdf169d91f9d85cfac11a57db0a14f03e8934a2cc98d389912a0d9942a40c3ee98d35da61d3bab1a32c9d788e9f74ee57012ca5bfd0dc090b591c64aae6a205fbd349fc372bbd7429983a69cae26ff8b5b019144d318ba225e46bc6cf8d7d3e5952333042542b2fd4fb4d88a3651dd8e14ecc2845d4e71f7dfd128e9e2ee2ab0062a3e701bb2477bfd73d7396ae522f11fa481078d1c7f7905e0846fb072dcf7c06102b3816ec4a3518514c7166d7385b680469f5184a93953258952554e68d93ea8f789c4f13982b65996d7d9cf19f0b39b72e1dc9079d84413bbc30d24fc481e24ef1beacb8bc15f50c2663d684d16a1c71b2c8a568481f4f1b254ccd66fbef4cacfc3e13f2c943a264e429824bef7297f93076aea55ed9cf12512ce3ac3df331695024bd1e53369a87caf6894fce811a64dad315402678de76", 0x390}, {&(0x7f00000003c0)="439e9c06fc666cabc8569d63a866b31ff3ceda1e28f23f455e96a02001fc3fb089ed9e5234", 0x25}], 0x2}}], 0x2, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x0, 0xfc, 0x0, 0x1, 0xffffffff}}}}]}, 0x4c}}, 0x0)

3.444212207s ago: executing program 0 (id=4641):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2, &(0x7f0000000280)={[{@jqfmt_vfsold}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x4000000}}, {@nombcache}, {@noload}, {@debug}, {@max_batch_time={'max_batch_time', 0x3d, 0x1}}, {@init_itable_val={'init_itable', 0x3d, 0x601}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@bsdgroups}, {@barrier_val={'barrier', 0x3d, 0x53}}]}, 0xfa, 0x477, &(0x7f0000001380)="$eJzs3M9vFFUcAPDvTH/w21bEHyBIFY3EHy0tP+TgRaMJB01M9IDxVNtCKgs1tCZCiFYPeDQk3o3/hfGkF6NeNPGqd0NCDBdQL2tmZwaWZbfd0m0X2M8nme57M6/73ndm3u6bebsbQM8ayf4kEVsj4o+IGMqztxYYyR+uX70w9c/VC1NJVKtv/53Uyl27emGqLFr+35Y8U60W+Q1N6r34XsRkpTJztsiPLZz+cGz+3PkXZ09Pnpw5OXNm4ujRQwf3DB6ZONyROLO4ru36ZG73zmPvXnpz6vil939O0sjjjoY4OmUk37tNPdPpyrpsW1066a/fsvfXm+lmZwLd1BcR2eEaqPX/oeiLTTe2DcXrn3e1ccCaqlar1SVelRerwH0siW63AOiO8o0+u/4tl3UaetwVrrySXwBlcV8vlnxLf6R5Yu9Aw/Xt1g7WPxIRxxf//TpbYo3uQwAA1Ps+G/+80Gz8l8YjeWIw+/NAMYcyHBEPRsT2iHgoInZExMMRtbKPRsRjK6y/cYbk9vFPevmOg2tDNv57uZjbunX8l5ZFhvuK3LZa/APJidnKzIFin+yPgQ0nZpOZ8SXq+OG1379sta1+/JctWf3lWLBox+X+hht005MLk6uJud6VzyJ29TeLP4lyGieJiJ0RsesO65h9rr/ltuXjX0Lrp21b9ZuIZ/PjvxgN8ZeSlvOT4y8dmTg8tjEqMwfGyrPidr/8dvGtVvWvKv4OyI7/5qbn/434h5ONEfPnzp+qzdfOr+jps64TF//8ouU1TRF/1r3aOf+PbSvO/8HkndqKwWLDx5MLC2fHIwaTN25fP3Hz2cp8WT6Lf/++5v1/e9zcE49HxO6I2BMRT2QXhUXbn4yIpyJi3xI74adXn/5gmfibHP/1mSvN4p9e7vhH/fFfeaLv1I/fLR//xohodfwP1VL7izXtvP6128DV7DsAAAC4V+SfgU/S0RvpNB0dzT/DvyM2p5W5+YXnT8x9dGY6n/cejoG0vNM1VHc/dLy4N1zmJxryB4v7xl/1barlR6fmKtPdDh563JYW/T/zV1+3WwesuQ7MowH3KP0fepf+D70p0f+hp+n/0Lua9f9PW5Ye/XZNGwOsK+//0Lva6P+L+UPrUQFwb/L+D71L/4ee1PK78emqvvK/7on/it8zvFvac/8nIr0rmnH/J/rb/jGLFSSqQ3n/z9ZsaFqm269MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnfF/AAAA//8Qi+Nc")
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x9)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
symlink(&(0x7f0000000440)='./cgroup.cpu/cgroup.procs\x00', &(0x7f0000000980)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
rename(0x0, &(0x7f0000001900)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

3.159804786s ago: executing program 2 (id=4642):
mkdir(&(0x7f0000000000)='./file0\x00', 0x40)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
fchmodat(r0, &(0x7f00000000c0)='./file1\x00', 0x0)
close(0x3)
unlink(&(0x7f0000000180)='./file1\x00')
mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', 0x0, 0x20, 0x0)

2.969130904s ago: executing program 1 (id=4643):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xe, &(0x7f00000002c0)={[{@init_itable}, {@resuid}, {@stripe={'stripe', 0x3d, 0x40}}]}, 0x3, 0x463, &(0x7f0000000340)="$eJzs281vFOUfAPDvTLvlxw+wFfGFF7WKxsaXlgIqBw9qNPGAiYke9Ni0C0EWatqaCCEKxuDJGBPvxqP/gie9GOPJxKveDQkxXABPa2Z3BnaX3aUsu11gP59k4Hnmpc/325mn+8w8OwGMrOnsnyRia0T8GRGT9WrzDtP1/65cOrN49dKZxSSq1Xf/SWr7Xb50ZrHYtThuS16ZSSPSL5LY3abd1VOnjy9UKuWVvD63duKjudVTp184dmLhaPlo+eT+Q4cOHph/+aX9L/Ylzyymy7s+Xd6z860Pvnn78FdN+bfk0SfT3TY+Xa32ubnh2tZQTsaHGAi3ZCwistNVqvX/yRiL6ydvMt78fKjBAQNVrVarWzpvPlsF7mFJNNd1eRgVxQd9dv9bLK2DgFcHN/wYuouv1W+Asryv5Et9y3ik+T6llvvbfpqOiPfP/vtdtsRgnkMAADT5KRv/PN9u/JfGQw373ZfPDU1FxP0RsT0iHoiIHRHxYERt34cj4pFbbL91kuTG8U96oafE1ikb/72Sz201j/+K0V9MjeW1bbX8S8mRY5Xyvvx3MhOlTVl9vksbP7/xx9edtjWO/7Ila78YC+ZxXBjf1HzM0sLawu3k3OjiuYhd4+3yT67NBCQRsTMidvXYxrFnf9jTadvN8++iD/NM1e8jnqmf/7PRkn8h6T4/Ofe/qJT3zRVXxY1++/38O53av638+yA7//9ve/1fy38qKeZr0yivrN56G+f/+rLjPU2v1/9E8l6tPJGv+2RhbW1lPmIiOVwPunH9/uvHFvVi/yz/mb3t+//2uP6b2B0R2UX8aEQ8FhGP57E/ERFPRsTeLvn/+vpTH/ae/2Bl+S+t9/xXKuWVhsJEtK5pXxg7/suPTY1O3ZD/1e7n/2CtNJOvWc/fv/XEVenpagYAAIC7TxoRWyNJZ6+V03R2tv59+R0RaWV5de25I8sfn1yqvyMwFaW0eNI12fA8dD6/ra/Xz0VE/asFxfYD+XPjb8c21+qzi8uVpWEnDyNuS4f+n/l7bNjRAQPnfS0YXfo/jK519v977JV1IHz+w0hr0/83DyMOYOO1+/z/bAhxABuvpf+b9oMR4v4fRlen/l+d3OBAgA1X7/+G/TBiVjfHzV+S71ooflKPh9+zhSjdEWEMrBDpHRFGa6EUEXdAGHd/Ybh/lwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPrlvwAAAP//HArhUQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r0, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)

2.521701407s ago: executing program 2 (id=4644):
r0 = syz_clone(0x20300000, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000300)='task\x00')
syz_usb_connect(0x1, 0x2d, 0x0, 0x0)
fchdir(r1)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r2 = syz_open_procfs(r0, 0x0)
readv(r2, &(0x7f0000000340)=[{&(0x7f0000000140)=""/85, 0x55}], 0x1)

2.340213972s ago: executing program 7 (id=4645):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000003bc0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2, 0x0, 0x2}, [@NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @target={{0xb}, @val={0x18, 0x2, 0x0, 0x1, [@NFTA_TARGET_REV={0x8}, @NFTA_TARGET_NAME={0xc, 0x1, 'NFQUEUE\x00'}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x80}}, 0x0)

2.225017432s ago: executing program 0 (id=4646):
openat$snapshot(0xffffffffffffff9c, &(0x7f00000002c0), 0x40040, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x240, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xf)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000040)=0x30)

1.723523997s ago: executing program 7 (id=4647):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000001d40)=[{{0x0, 0x0, &(0x7f0000000e40)=[{&(0x7f0000000240)="af", 0x1}], 0x1}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f00000014c0)=[@cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [r2]}}], 0x38}}], 0x2, 0x801)
r3 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r1)
sendmsg$NLBL_MGMT_C_ADDDEF(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01000000000000000000040000001400050003030000000a0000005dc00000000001080002000500000014000600ff01000a00f2f3f31f000a0000000001060001"], 0x4c}, 0x1, 0x0, 0x0, 0x8004}, 0x4040000)
r4 = syz_genetlink_get_family_id$ieee802154(0x0, r1)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, &(0x7f0000000380)={<r7=>0x0, 0xc4}, 0x0)
getsockopt$inet_sctp6_SCTP_MAXSEG(r6, 0x84, 0xd, &(0x7f0000000400)=@assoc_id=r7, &(0x7f0000000440)=0x4)
syz_genetlink_get_family_id$nfc(&(0x7f0000000180), r5)
sendmsg$NFC_CMD_GET_TARGET(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x0)
sendmsg$NFC_CMD_GET_SE(r1, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x10)
sendmsg$IEEE802154_LLSEC_LIST_SECLEVEL(r1, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r4, 0x100, 0x70bd29, 0x25dfdbfd, {}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0xc1}, 0x850)
sendmsg$NLBL_MGMT_C_ADDDEF(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[], 0x4c}, 0x1, 0x0, 0x0, 0x24008000}, 0x4040000)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x4, 0x4, 0x2}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r9}, &(0x7f0000000040), &(0x7f0000000140)=r8}, 0x20)
recvmsg$unix(r2, &(0x7f0000000880)={&(0x7f0000000280)=@abs, 0x6e, &(0x7f0000000800)=[{&(0x7f0000000940)=""/200, 0xc8}, {&(0x7f0000000480)=""/138, 0x8a}, {&(0x7f0000000080)}, {&(0x7f0000000540)=""/75, 0x4b}, {&(0x7f0000000300)=""/31, 0x1f}, {&(0x7f0000000080)=""/62, 0x3e}, {&(0x7f0000000600)=""/241, 0xf1}, {&(0x7f0000000700)=""/218, 0xda}], 0x8}, 0x40002020)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000008c0)=ANY=[@ANYBLOB], 0x68}}, 0x0)

1.521879234s ago: executing program 1 (id=4648):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x7, 0xfff2}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x14, 0x2, [@TCA_FQ_FLOW_MAX_RATE={0x8, 0x7, 0x8}, @TCA_FQ_RATE_ENABLE={0x8}]}}]}, 0x40}}, 0x0)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r3, &(0x7f0000003580)={0x2, 0x0, @dev}, 0x10)
connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e21, @empty}, 0x10)

1.096357798s ago: executing program 2 (id=4649):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x1, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000500)={'syzkaller0\x00', 0x7101})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa802, 0x0)
close(r1)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x4}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0xc, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, [@ringbuf_output={{0x18, 0x2, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xc}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x43}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000001640)='kfree\x00', r3}, 0x10)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0xb, 0xd}, {}, {0x8, 0xfff1}}}, 0x24}, 0x1, 0x0, 0x0, 0x48050}, 0x40004)

833.536276ms ago: executing program 1 (id=4650):
mkdir(&(0x7f0000000000)='./file0\x00', 0x40)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
fchmodat(r0, &(0x7f00000000c0)='./file1\x00', 0x0)

616.881007ms ago: executing program 0 (id=4651):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32}, 0x9c)
bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r0, 0x0, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x0, 0xfc, 0x0, 0x1, 0xffffffff}}}}]}, 0x4c}}, 0x0)

282.37078ms ago: executing program 7 (id=4652):
mkdir(&(0x7f0000000000)='./file0\x00', 0x40)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}], [], 0x2c})
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
fchmodat(r0, &(0x7f00000000c0)='./file1\x00', 0x0)
close(0x3)
unlink(&(0x7f0000000180)='./file1\x00')
mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', 0x0, 0x20, 0x0)
getdents(r0, &(0x7f0000001080)=""/4096, 0x1000)

0s ago: executing program 1 (id=4653):
mkdir(&(0x7f0000000000)='./file0\x00', 0x40)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[], [], 0x2c})
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
fchmodat(r0, &(0x7f00000000c0)='./file1\x00', 0x0)
close(0x3)
unlink(&(0x7f0000000180)='./file1\x00')
mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', 0x0, 0x20, 0x0)

kernel console output (not intermixed with test programs):

14292] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1593.261734][T14292] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1593.273623][T14292] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1593.481324][   T30] audit: type=1800 audit(1752026598.465:161): pid=17293 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.4046" name="file2" dev="loop6" ino=16 res=0 errno=0
[ 1593.677381][ T7966] team0 (unregistering): Port device team_slave_1 removed
[ 1593.707972][ T7966] team0 (unregistering): Port device team_slave_0 removed
[ 1594.107785][ T9832] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1594.875208][T17307] loop0: detected capacity change from 0 to 1024
[ 1594.949605][T17307] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1595.192780][T17307] EXT4-fs error (device loop0): __ext4_remount:6736: comm syz.0.4049: Abort forced by user
[ 1595.214343][T17307] EXT4-fs (loop0): Remounting filesystem read-only
[ 1595.221670][T17307] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000.
[ 1595.375621][T14292] Bluetooth: hci0: command tx timeout
[ 1595.455964][T17298] chnl_net:caif_netlink_parms(): no params data found
[ 1596.030929][T16728] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1596.596318][T17320] syzkaller0: entered promiscuous mode
[ 1596.602202][T17320] syzkaller0: entered allmulticast mode
[ 1596.834361][T17327] overlayfs: failed to get index nlink (file2/file1, err=-61)
[ 1597.271270][T17333] overlayfs: failed to resolve './file2': -2
[ 1597.458957][T14292] Bluetooth: hci0: command tx timeout
[ 1597.710429][T17298] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1597.718434][T17298] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1597.726410][T17298] bridge_slave_0: entered allmulticast mode
[ 1597.736572][T17298] bridge_slave_0: entered promiscuous mode
[ 1597.862572][T17298] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1597.870777][T17298] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1597.882147][T17298] bridge_slave_1: entered allmulticast mode
[ 1597.895115][T17298] bridge_slave_1: entered promiscuous mode
[ 1598.204711][ T9147] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[ 1598.216604][T17339] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4059'.
[ 1598.288814][T17298] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1598.357737][T17298] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1598.404853][ T9147] usb 3-1: Using ep0 maxpacket: 16
[ 1598.418226][ T9147] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1598.429644][ T9147] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1598.439988][ T9147] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1598.453359][ T9147] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1598.462837][ T9147] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1598.669132][ T9147] usb 3-1: config 0 descriptor??
[ 1598.806033][T17298] team0: Port device team_slave_0 added
[ 1598.885489][T17298] team0: Port device team_slave_1 added
[ 1599.158275][ T9147] usbhid 3-1:0.0: can't add hid device: -71
[ 1599.166114][ T9147] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[ 1599.207740][ T9147] usb 3-1: USB disconnect, device number 19
[ 1599.270045][T17298] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1599.277458][T17298] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1599.296201][ T5876] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[ 1599.305467][T17298] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1599.422046][T17349] syzkaller0: entered promiscuous mode
[ 1599.435731][T17349] syzkaller0: entered allmulticast mode
[ 1599.460533][T17298] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1599.467947][T17298] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1599.495014][T17298] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1599.552248][T14292] Bluetooth: hci0: command tx timeout
[ 1599.638818][ T5876] usb 1-1: config 0 has no interfaces?
[ 1599.645010][ T5876] usb 1-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[ 1599.654717][ T5876] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1599.668517][ T5876] usb 1-1: config 0 descriptor??
[ 1599.925520][T17347] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1599.935161][T17347] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1599.999392][T17347] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1600.009936][T17347] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1600.366221][T17298] hsr_slave_0: entered promiscuous mode
[ 1600.377291][T17298] hsr_slave_1: entered promiscuous mode
[ 1600.797646][T17357] overlayfs: failed to get index nlink (file2/file1, err=-61)
[ 1600.927719][T17360] overlayfs: failed to resolve './file2': -2
[ 1601.517659][T17363] netlink: 60 bytes leftover after parsing attributes in process `syz.1.4068'.
[ 1601.616271][T14292] Bluetooth: hci0: command tx timeout
[ 1601.673306][T17368] loop2: detected capacity change from 0 to 512
[ 1601.902517][T17368] EXT4-fs (loop2): 1 truncate cleaned up
[ 1601.911831][T17368] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1602.451750][T17298] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1602.461676][T17000] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1602.478111][T17298] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1602.506573][T17298] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1602.531543][T17298] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1603.175431][ T5876] usb 1-1: USB disconnect, device number 10
[ 1603.757810][T17298] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1603.991858][T17298] 8021q: adding VLAN 0 to HW filter on device team0
[ 1604.079901][ T3622] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1604.087672][ T3622] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1604.174647][ T3622] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1604.182294][ T3622] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1604.608644][T17388] loop0: detected capacity change from 0 to 512
[ 1604.774736][T13746] usb 7-1: new high-speed USB device number 39 using dummy_hcd
[ 1604.798698][T17388] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.4076: bg 0: block 5: invalid block bitmap
[ 1604.861377][T17388] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6548: Corrupt filesystem
[ 1604.891286][T17388] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.4076: invalid indirect mapped block 3 (level 2)
[ 1604.944893][T13746] usb 7-1: Using ep0 maxpacket: 16
[ 1605.017739][T17388] EXT4-fs (loop0): 1 orphan inode deleted
[ 1605.023900][T17388] EXT4-fs (loop0): 1 truncate cleaned up
[ 1605.032621][T17388] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1605.049178][T13746] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1605.066895][T13746] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1605.078777][T13746] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1605.092362][T13746] usb 7-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1605.102007][T13746] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1605.207880][T13746] usb 7-1: config 0 descriptor??
[ 1605.252466][T17388] Buffer I/O error on dev loop0, logical block 7, lost sync page write
[ 1605.261696][T17388] EXT4-fs error (device loop0): ext4_write_inode:5680: inode #11: block 7: comm syz.0.4076: IO error syncing inode
[ 1605.282602][T17388] Buffer I/O error on dev loop0, logical block 1, lost sync page write
[ 1605.291601][T17388] EXT4-fs (loop0): I/O error while writing superblock
[ 1605.481188][T17391] loop2: detected capacity change from 0 to 4096
[ 1605.647415][T13746] usbhid 7-1:0.0: can't add hid device: -71
[ 1605.647457][T17397] loop1: detected capacity change from 0 to 1024
[ 1605.661719][T13746] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[ 1605.737158][T17398] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1605.739427][T16728] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1605.766796][T13746] usb 7-1: USB disconnect, device number 39
[ 1605.905217][T16728] Buffer I/O error on dev loop0, logical block 1, lost sync page write
[ 1605.913830][T16728] EXT4-fs (loop0): I/O error while writing superblock
[ 1606.335238][T17298] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1606.979152][T17412] loop2: detected capacity change from 0 to 512
[ 1607.025064][ T9147] usb 1-1: new low-speed USB device number 11 using dummy_hcd
[ 1607.041799][T17412] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[ 1607.055847][T17412] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[ 1607.206353][T17412] EXT4-fs (loop2): 1 truncate cleaned up
[ 1607.221024][T17412] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1607.225052][ T9147] usb 1-1: config 0 has no interfaces?
[ 1607.240917][ T9147] usb 1-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1607.245105][ T5876] usb 7-1: new high-speed USB device number 40 using dummy_hcd
[ 1607.250920][ T9147] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1607.438182][ T5876] usb 7-1: config 0 has no interfaces?
[ 1607.444343][ T5876] usb 7-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[ 1607.453906][ T5876] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1607.486090][ T9147] usb 1-1: config 0 descriptor??
[ 1607.568816][ T5876] usb 7-1: config 0 descriptor??
[ 1607.726641][ T9147] usb 1-1: USB disconnect, device number 11
[ 1607.796262][T17413] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1607.805933][T17413] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1607.865250][T17413] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1607.875039][T17413] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1608.068721][T17000] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1609.079095][T17298] veth0_vlan: entered promiscuous mode
[ 1609.265609][T17298] veth1_vlan: entered promiscuous mode
[ 1609.544109][T17298] veth0_macvtap: entered promiscuous mode
[ 1609.654904][T17298] veth1_macvtap: entered promiscuous mode
[ 1609.800353][T17432] syzkaller0: entered promiscuous mode
[ 1609.806777][T17432] syzkaller0: entered allmulticast mode
[ 1609.998226][T17298] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1610.272625][T17298] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1610.371361][T17298] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1610.382342][T17298] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1610.398864][T17298] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1610.410095][T17298] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1611.258740][T17444] loop1: detected capacity change from 0 to 1024
[ 1611.325894][T13746] usb 7-1: USB disconnect, device number 40
[ 1613.068624][T17452] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1613.075537][T17452] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1613.157165][T17452] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1613.163701][T17452] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1613.226875][T17460] loop0: detected capacity change from 0 to 1024
[ 1613.247617][T17452] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1613.268199][T17452] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1613.274949][T17452] Bluetooth: hci5: Opcode 0x0406 failed: -4
[ 1613.287464][T17452] Bluetooth: hci5: Opcode 0x0406 failed: -4
[ 1613.363911][T17452] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[ 1613.370805][T17452] Bluetooth: hci6: Opcode 0x0406 failed: -4
[ 1613.407933][T17460] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1613.462004][T17452] Bluetooth: hci6: Opcode 0x0406 failed: -4
[ 1613.552268][T17452] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1613.565866][T17452] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 1613.648315][T17452] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 1613.702937][ T7966] Bluetooth: hci1: Frame reassembly failed (-84)
[ 1613.831517][T16728] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1613.954802][T13926] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[ 1613.986263][ T9147] usb 7-1: new low-speed USB device number 41 using dummy_hcd
[ 1614.155095][T13926] usb 3-1: Using ep0 maxpacket: 32
[ 1614.220569][ T9147] usb 7-1: config 0 has no interfaces?
[ 1614.227526][ T9147] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1614.238389][ T9147] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1614.259413][ T9147] usb 7-1: config 0 descriptor??
[ 1614.264715][ T4745] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1614.287096][T13926] usb 3-1: config 1 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1614.298061][T13926] usb 3-1: config 1 interface 0 altsetting 254 bulk endpoint 0x82 has invalid maxpacket 608
[ 1614.308779][T13926] usb 3-1: config 1 interface 0 altsetting 254 endpoint 0x3 has invalid wMaxPacketSize 0
[ 1614.319018][T13926] usb 3-1: config 1 interface 0 altsetting 254 bulk endpoint 0x3 has invalid maxpacket 0
[ 1614.329302][T13926] usb 3-1: config 1 interface 0 altsetting 254 has 3 endpoint descriptors, different from the interface descriptor's value: 22
[ 1614.343667][T13926] usb 3-1: config 1 interface 0 has no altsetting 0
[ 1614.361938][T13926] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1614.371878][T13926] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1614.382342][T13926] usb 3-1: SerialNumber: syz
[ 1614.399237][T17470] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1614.413633][T13926] cdc_acm 3-1:1.0: probe with driver cdc_acm failed with error -12
[ 1614.495014][ T4745] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1614.573317][T13926] usb 7-1: USB disconnect, device number 41
[ 1614.622580][ T4745] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1614.672578][ T5876] usb 3-1: USB disconnect, device number 20
[ 1614.770704][ T4745] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1615.230156][T17480] syzkaller0: entered promiscuous mode
[ 1615.236291][T17480] syzkaller0: entered allmulticast mode
[ 1615.250106][T17001] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1615.268887][ T4745] bridge_slave_1: left allmulticast mode
[ 1615.275211][ T4745] bridge_slave_1: left promiscuous mode
[ 1615.282006][ T4745] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1615.300988][T17001] Bluetooth: hci5: command 0x0c1a tx timeout
[ 1615.351193][ T4745] bridge_slave_0: left allmulticast mode
[ 1615.357811][ T4745] bridge_slave_0: left promiscuous mode
[ 1615.364649][ T4745] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1615.388218][T17001] Bluetooth: hci6: command 0x0c1a tx timeout
[ 1615.626994][T17001] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1615.797610][T17001] Bluetooth: hci1: command 0x1003 tx timeout
[ 1615.804093][T14292] Bluetooth: hci1: Opcode 0x1003 failed: -110
[ 1615.978018][ T4745] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1616.052655][ T4745] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1616.105734][ T4745] bond0 (unregistering): Released all slaves
[ 1616.930639][ T4745] hsr_slave_0: left promiscuous mode
[ 1616.975521][ T4745] hsr_slave_1: left promiscuous mode
[ 1616.984022][ T4745] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1616.992052][ T4745] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1617.080530][ T4745] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1617.088657][ T4745] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1617.210321][ T4745] veth1_macvtap: left promiscuous mode
[ 1617.216479][ T4745] veth0_macvtap: left promiscuous mode
[ 1617.222485][ T4745] veth1_vlan: left promiscuous mode
[ 1617.228332][ T4745] veth0_vlan: left promiscuous mode
[ 1617.294816][T14292] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1617.385134][T14292] Bluetooth: hci5: command 0x0c1a tx timeout
[ 1617.455122][T14292] Bluetooth: hci6: command 0x0c1a tx timeout
[ 1617.701741][T14292] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1618.324057][ T4745] team0 (unregistering): Port device team_slave_1 removed
[ 1618.360569][ T4745] team0 (unregistering): Port device team_slave_0 removed
[ 1619.309290][T17506] infiniband syz1: set active
[ 1619.314313][T17506] infiniband syz1: added syz_tun
[ 1619.385949][ T3684] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1619.397776][ T3684] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1619.404649][T14292] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1619.458014][T14292] Bluetooth: hci5: command 0x0c1a tx timeout
[ 1619.483574][ T3684] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1619.491941][ T3684] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1619.551912][T14292] Bluetooth: hci6: command 0x0c1a tx timeout
[ 1619.594185][T17506] RDS/IB: syz1: added
[ 1619.604918][T17506] smc: adding ib device syz1 with port count 1
[ 1619.612849][T17506] smc:    ib device syz1 port 1 has pnetid 
[ 1619.786721][T14292] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1621.120450][T17517] loop7: detected capacity change from 0 to 1024
[ 1621.289056][T17517] EXT4-fs: Ignoring removed i_version option
[ 1621.295923][T17517] EXT4-fs: inline encryption not supported
[ 1621.408597][T17517] EXT4-fs (loop7): Test dummy encryption mode enabled
[ 1621.718533][T17525] loop6: detected capacity change from 0 to 512
[ 1621.735791][T17517] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1621.891289][ T5876] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[ 1621.909669][T17525] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842c11d, mo2=0002]
[ 1621.921748][T17525] System zones: 1-12
[ 1622.008507][T17525] EXT4-fs error (device loop6): ext4_iget_extra_inode:5035: inode #15: comm syz.6.4111: corrupted in-inode xattr: e_value size too large
[ 1622.072552][ T5876] usb 2-1: Using ep0 maxpacket: 16
[ 1622.122057][ T5876] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1622.133746][ T5876] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1622.144269][ T5876] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1622.163864][ T5876] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1622.174956][ T5876] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1622.194854][T17525] EXT4-fs error (device loop6): ext4_orphan_get:1398: comm syz.6.4111: couldn't read orphan inode 15 (err -117)
[ 1622.248126][T17525] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1622.693472][ T5876] usb 2-1: config 0 descriptor??
[ 1622.707423][ T9832] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1622.760835][T17517] fscrypt (loop7): Missing crypto API support for AES-256-XTS (API name: "xts(aes)")
[ 1622.857819][T17532] loop2: detected capacity change from 0 to 4096
[ 1622.946953][T17527] fscrypt (loop7): Missing crypto API support for AES-256-XTS (API name: "xts(aes)")
[ 1623.245412][T17541] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1623.345337][ T5876] usbhid 2-1:0.0: can't add hid device: -71
[ 1623.352098][ T5876] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[ 1623.416838][ T5876] usb 2-1: USB disconnect, device number 8
[ 1623.613896][T17298] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1624.127447][T14292] Bluetooth: hci6: unexpected event for opcode 0x1003
[ 1624.652587][T17557] loop1: detected capacity change from 0 to 512
[ 1625.688008][T17569] loop0: detected capacity change from 0 to 16
[ 1625.723006][T17569] erofs (device loop0): mounted with root inode @ nid 36.
[ 1626.310503][T17573] loop1: detected capacity change from 0 to 4096
[ 1626.478900][T17579] loop6: detected capacity change from 0 to 1024
[ 1626.580561][T17579] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1626.979868][ T9832] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1627.125023][T13926] usb 8-1: new high-speed USB device number 36 using dummy_hcd
[ 1627.253985][T17593] loop2: detected capacity change from 0 to 512
[ 1627.356367][T13926] usb 8-1: config 0 has no interfaces?
[ 1627.362389][T13926] usb 8-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[ 1627.372048][T13926] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1627.434275][T17593] EXT4-fs (loop2): 1 truncate cleaned up
[ 1627.442786][T17593] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1627.472342][T13926] usb 8-1: config 0 descriptor??
[ 1627.606533][T17600] netlink: 'syz.6.4135': attribute type 21 has an invalid length.
[ 1627.614910][T17600] netlink: 'syz.6.4135': attribute type 22 has an invalid length.
[ 1627.623011][T17600] netlink: 'syz.6.4135': attribute type 23 has an invalid length.
[ 1627.631571][T17600] netlink: 'syz.6.4135': attribute type 25 has an invalid length.
[ 1627.639884][T17600] netlink: 'syz.6.4135': attribute type 26 has an invalid length.
[ 1627.648216][T17600] netlink: 16 bytes leftover after parsing attributes in process `syz.6.4135'.
[ 1627.738194][T13926] usb 8-1: USB disconnect, device number 36
[ 1628.077617][T17000] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1628.204602][T14292] Bluetooth: hci6: Controller not accepting commands anymore: ncmd = 0
[ 1628.213501][T14292] Bluetooth: hci6: Injecting HCI hardware error event
[ 1628.220970][T13926] usb 8-1: new high-speed USB device number 37 using dummy_hcd
[ 1628.233158][T14292] Bluetooth: hci6: hardware error 0x00
[ 1628.415255][T13926] usb 8-1: config 0 has no interfaces?
[ 1628.421278][T13926] usb 8-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[ 1628.430953][T13926] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1628.500836][T13926] usb 8-1: config 0 descriptor??
[ 1628.551881][T17609] loop2: detected capacity change from 0 to 16
[ 1628.605797][T17609] erofs (device loop2): mounted with root inode @ nid 36.
[ 1629.999807][ T5876] usb 8-1: USB disconnect, device number 37
[ 1630.136851][T17621] loop0: detected capacity change from 0 to 4096
[ 1630.278188][T14292] Bluetooth: hci6: Opcode 0x0c03 failed: -110
[ 1630.297558][T17629] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1630.553358][T17633] loop7: detected capacity change from 0 to 512
[ 1630.613120][T17636] netlink: 'syz.1.4149': attribute type 21 has an invalid length.
[ 1630.621909][T17636] netlink: 'syz.1.4149': attribute type 22 has an invalid length.
[ 1630.630303][T17636] netlink: 'syz.1.4149': attribute type 23 has an invalid length.
[ 1630.638891][T17636] netlink: 'syz.1.4149': attribute type 25 has an invalid length.
[ 1630.647215][T17636] netlink: 'syz.1.4149': attribute type 26 has an invalid length.
[ 1630.655628][T17636] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4149'.
[ 1630.705795][T17633] EXT4-fs (loop7): 1 truncate cleaned up
[ 1630.714226][T17633] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1631.125292][T17298] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1631.383639][T17646] loop0: detected capacity change from 0 to 16
[ 1631.470333][T17646] erofs (device loop0): mounted with root inode @ nid 36.
[ 1631.504989][ T5876] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[ 1631.695210][ T5876] usb 2-1: Using ep0 maxpacket: 16
[ 1631.743587][ T5876] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1631.756126][ T5876] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1631.769676][ T5876] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1631.783268][ T5876] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1631.798542][ T5876] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1631.818344][ T5876] usb 2-1: config 0 descriptor??
[ 1632.258487][ T5876] usbhid 2-1:0.0: can't add hid device: -71
[ 1632.265494][ T5876] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[ 1632.284130][ T5876] usb 2-1: USB disconnect, device number 9
[ 1633.095070][ T5876] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[ 1633.287547][ T5876] usb 3-1: Using ep0 maxpacket: 16
[ 1633.349110][ T5876] usb 3-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[ 1633.359829][ T5876] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1633.400538][ T5876] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 1.40
[ 1633.410356][ T5876] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1633.418833][ T5876] usb 3-1: Product: syz
[ 1633.427735][ T5876] usb 3-1: Manufacturer: syz
[ 1633.432622][ T5876] usb 3-1: SerialNumber: syz
[ 1633.921224][T17660] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1633.931592][T17660] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1633.983961][ T5876] usb 3-1: 0:2 : does not exist
[ 1633.995411][T13926] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[ 1634.023675][ T5876] usb 3-1: 5:0: failed to get current value for ch 0 (-22)
[ 1634.042177][T17676] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4166'.
[ 1634.099785][ T5876] usb 3-1: 5:0: cannot get min/max values for control 3 (id 5)
[ 1634.126370][T17676] sctp: [Deprecated]: syz.1.4166 (pid 17676) Use of int in maxseg socket option.
[ 1634.126370][T17676] Use struct sctp_assoc_value instead
[ 1634.126715][ T5876] usb 3-1: 5:0: cannot get min/max values for control 4 (id 5)
[ 1634.185637][T13926] usb 1-1: Using ep0 maxpacket: 16
[ 1634.214567][T13926] usb 1-1: config 0 has an invalid interface number: 128 but max is 0
[ 1634.223117][T13926] usb 1-1: config 0 has no interface number 0
[ 1634.229925][T13926] usb 1-1: config 0 interface 128 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1634.236903][ T5876] usb 3-1: 5:0: cannot get min/max values for control 3 (id 5)
[ 1634.243902][T13926] usb 1-1: config 0 interface 128 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1634.244126][T13926] usb 1-1: New USB device found, idVendor=5543, idProduct=0781, bcdDevice= 0.00
[ 1634.244281][T13926] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1634.250859][T17676] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4166'.
[ 1634.325664][T13926] usb 1-1: config 0 descriptor??
[ 1634.326885][ T5876] usb 3-1: USB disconnect, device number 21
[ 1634.764981][T17679] loop6: detected capacity change from 0 to 4096
[ 1634.896202][T17680] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1635.000551][T13926] usbhid 1-1:0.128: can't add hid device: -71
[ 1635.007886][T13926] usbhid 1-1:0.128: probe with driver usbhid failed with error -71
[ 1635.021251][T13926] usb 1-1: USB disconnect, device number 12
[ 1635.560830][T17691] syzkaller0: entered promiscuous mode
[ 1635.566772][T17691] syzkaller0: entered allmulticast mode
[ 1636.516184][T17695] syzkaller0: entered promiscuous mode
[ 1636.521991][T17695] syzkaller0: entered allmulticast mode
[ 1636.864768][T13926] usb 7-1: new high-speed USB device number 42 using dummy_hcd
[ 1637.055598][T13926] usb 7-1: Using ep0 maxpacket: 16
[ 1637.096609][T13926] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1637.110684][T13926] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1637.121591][T13926] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1637.135059][T13926] usb 7-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1637.144570][T13926] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1637.297534][T13926] usb 7-1: config 0 descriptor??
[ 1637.358464][T17706] Bluetooth: MGMT ver 1.23
[ 1637.740723][T17712] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4180'.
[ 1637.768404][T13926] usbhid 7-1:0.0: can't add hid device: -71
[ 1637.775343][T13926] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[ 1637.801928][T17712] sctp: [Deprecated]: syz.7.4180 (pid 17712) Use of int in maxseg socket option.
[ 1637.801928][T17712] Use struct sctp_assoc_value instead
[ 1637.816295][T13926] usb 7-1: USB disconnect, device number 42
[ 1637.846459][ T5876] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[ 1637.877875][T17714] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4180'.
[ 1637.906659][T17715] loop2: detected capacity change from 0 to 128
[ 1637.936287][T17715] EXT4-fs (loop2): Test dummy encryption mode enabled
[ 1637.965387][T17715] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1637.993773][T17715] ext4 filesystem being mounted at /34/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1638.024844][ T5876] usb 2-1: Using ep0 maxpacket: 16
[ 1638.050221][ T5876] usb 2-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[ 1638.061111][ T5876] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1638.087554][ T5876] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 1.40
[ 1638.097539][ T5876] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1638.106063][ T5876] usb 2-1: Product: syz
[ 1638.110514][ T5876] usb 2-1: Manufacturer: syz
[ 1638.115613][ T5876] usb 2-1: SerialNumber: syz
[ 1638.231508][T17000] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1638.474154][T13926] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[ 1638.556714][T17710] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1638.566979][T17710] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1638.612551][ T5876] usb 2-1: 0:2 : does not exist
[ 1638.669818][ T5876] usb 2-1: 5:0: failed to get current value for ch 0 (-22)
[ 1638.695253][T13926] usb 1-1: Using ep0 maxpacket: 16
[ 1638.739736][T13926] usb 1-1: config 0 has an invalid interface number: 128 but max is 0
[ 1638.742325][ T5876] usb 2-1: 5:0: cannot get min/max values for control 3 (id 5)
[ 1638.752456][T13926] usb 1-1: config 0 has no interface number 0
[ 1638.752621][T13926] usb 1-1: config 0 interface 128 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1638.752799][T13926] usb 1-1: config 0 interface 128 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1638.753006][T13926] usb 1-1: New USB device found, idVendor=5543, idProduct=0781, bcdDevice= 0.00
[ 1638.753167][T13926] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1638.827990][T13926] usb 1-1: config 0 descriptor??
[ 1638.861095][ T5876] usb 2-1: 5:0: cannot get min/max values for control 4 (id 5)
[ 1639.225355][ T5876] usb 2-1: 5:0: cannot get min/max values for control 3 (id 5)
[ 1639.329936][ T5876] usb 2-1: USB disconnect, device number 10
[ 1639.523223][T17728] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4185'.
[ 1639.562408][T13926] usbhid 1-1:0.128: can't add hid device: -71
[ 1639.573613][T13926] usbhid 1-1:0.128: probe with driver usbhid failed with error -71
[ 1639.623774][T13926] usb 1-1: USB disconnect, device number 13
[ 1641.295440][T13926] usb 8-1: new high-speed USB device number 38 using dummy_hcd
[ 1641.347436][T17750] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4196'.
[ 1641.415339][T17750] sctp: [Deprecated]: syz.1.4196 (pid 17750) Use of int in maxseg socket option.
[ 1641.415339][T17750] Use struct sctp_assoc_value instead
[ 1641.469651][T17750] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4196'.
[ 1641.486006][T13926] usb 8-1: Using ep0 maxpacket: 16
[ 1641.528285][T13926] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1641.539781][T13926] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1641.550203][T13926] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1641.563615][T13926] usb 8-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1641.573155][T13926] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1641.599363][T13926] usb 8-1: config 0 descriptor??
[ 1641.620338][T13746] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[ 1641.775800][T13746] usb 3-1: Using ep0 maxpacket: 16
[ 1641.810138][T13746] usb 3-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[ 1641.825346][T13746] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1641.940296][T13746] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 1.40
[ 1641.950198][T13746] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1641.959454][T13746] usb 3-1: Product: syz
[ 1641.963988][T13746] usb 3-1: Manufacturer: syz
[ 1641.972131][T13746] usb 3-1: SerialNumber: syz
[ 1642.160524][T13926] usbhid 8-1:0.0: can't add hid device: -71
[ 1642.168080][T13926] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[ 1642.207023][T13926] usb 8-1: USB disconnect, device number 38
[ 1642.471252][T17752] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1642.481663][T17752] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1642.542504][T13746] usb 3-1: 0:2 : does not exist
[ 1642.566263][ T9147] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[ 1642.599324][T13746] usb 3-1: 5:0: failed to get current value for ch 0 (-22)
[ 1642.677699][T13746] usb 3-1: 5:0: cannot get min/max values for control 3 (id 5)
[ 1642.732283][T17764] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4201'.
[ 1642.755066][ T9147] usb 1-1: Using ep0 maxpacket: 16
[ 1642.785404][ T1285] ieee802154 phy0 wpan0: encryption failed: -22
[ 1642.785731][ T1285] ieee802154 phy1 wpan1: encryption failed: -22
[ 1642.823009][ T9147] usb 1-1: config 0 has an invalid interface number: 128 but max is 0
[ 1642.829207][T13746] usb 3-1: 5:0: cannot get min/max values for control 4 (id 5)
[ 1642.832699][ T9147] usb 1-1: config 0 has no interface number 0
[ 1642.849546][ T9147] usb 1-1: config 0 interface 128 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1642.861792][ T9147] usb 1-1: config 0 interface 128 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1642.872226][ T9147] usb 1-1: New USB device found, idVendor=5543, idProduct=0781, bcdDevice= 0.00
[ 1642.881850][ T9147] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1642.885166][T13746] usb 3-1: 5:0: cannot get min/max values for control 3 (id 5)
[ 1642.910896][T13746] usb 3-1: USB disconnect, device number 22
[ 1643.061309][ T9147] usb 1-1: config 0 descriptor??
[ 1643.721872][ T9147] usbhid 1-1:0.128: can't add hid device: -71
[ 1643.728899][ T9147] usbhid 1-1:0.128: probe with driver usbhid failed with error -71
[ 1643.802703][ T9147] usb 1-1: USB disconnect, device number 14
[ 1644.157508][T17777] loop7: detected capacity change from 0 to 512
[ 1644.211756][T17777] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842c11d, mo2=0002]
[ 1644.221575][T17777] System zones: 1-12
[ 1644.236190][T17777] EXT4-fs error (device loop7): ext4_iget_extra_inode:5035: inode #15: comm syz.7.4207: corrupted in-inode xattr: e_value size too large
[ 1644.266371][T17777] EXT4-fs error (device loop7): ext4_orphan_get:1398: comm syz.7.4207: couldn't read orphan inode 15 (err -117)
[ 1644.296751][T17777] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1644.446433][T17298] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1644.983712][T17787] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4211'.
[ 1645.077968][T17787] sctp: [Deprecated]: syz.2.4211 (pid 17787) Use of int in maxseg socket option.
[ 1645.077968][T17787] Use struct sctp_assoc_value instead
[ 1645.216482][T17787] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4211'.
[ 1645.442319][T17796] binder_alloc: 17794: binder_alloc_buf, no vma
[ 1645.508003][T13926] usb 7-1: new high-speed USB device number 43 using dummy_hcd
[ 1645.675338][T13926] usb 7-1: Using ep0 maxpacket: 16
[ 1645.699345][T13926] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1645.713679][T13926] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1645.724725][T13926] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1645.738636][T13926] usb 7-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1645.749833][T13926] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1645.775096][ T9147] usb 8-1: new high-speed USB device number 39 using dummy_hcd
[ 1645.801259][T13926] usb 7-1: config 0 descriptor??
[ 1645.901273][T17801] loop1: detected capacity change from 0 to 512
[ 1645.958602][ T9147] usb 8-1: config 0 has no interfaces?
[ 1645.965607][ T9147] usb 8-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[ 1645.975476][ T9147] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1646.011232][ T9147] usb 8-1: config 0 descriptor??
[ 1646.281724][T13926] usbhid 7-1:0.0: can't add hid device: -71
[ 1646.288611][T13926] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[ 1646.318831][T17799] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1646.330446][T13926] usb 7-1: USB disconnect, device number 43
[ 1646.341522][T17799] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1646.408092][ T9147] usb 8-1: USB disconnect, device number 39
[ 1646.486917][T17805] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4217'.
[ 1646.885380][ T9147] usb 8-1: new high-speed USB device number 40 using dummy_hcd
[ 1647.063959][T17810] loop0: detected capacity change from 0 to 512
[ 1647.076011][ T9147] usb 8-1: Using ep0 maxpacket: 16
[ 1647.130950][ T9147] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1647.142432][ T9147] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1647.196815][T17810] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842c11d, mo2=0002]
[ 1647.228872][ T9147] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 1.40
[ 1647.238522][ T9147] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1647.249230][ T9147] usb 8-1: Product: syz
[ 1647.253693][ T9147] usb 8-1: Manufacturer: syz
[ 1647.259382][ T9147] usb 8-1: SerialNumber: syz
[ 1647.261483][T17810] System zones: 1-12
[ 1647.319512][T17810] EXT4-fs error (device loop0): ext4_iget_extra_inode:5035: inode #15: comm syz.0.4220: corrupted in-inode xattr: e_value size too large
[ 1647.376098][T17810] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.4220: couldn't read orphan inode 15 (err -117)
[ 1647.419637][T17810] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1647.599781][T13926] usb 7-1: new high-speed USB device number 44 using dummy_hcd
[ 1647.715169][ T9147] usb 8-1: 0:2 : does not exist
[ 1647.782481][T16728] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1647.814691][T13926] usb 7-1: Using ep0 maxpacket: 16
[ 1647.827084][T13926] usb 7-1: config 0 has an invalid interface number: 128 but max is 0
[ 1647.835807][T13926] usb 7-1: config 0 has no interface number 0
[ 1647.842309][T13926] usb 7-1: config 0 interface 128 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1647.854877][T13926] usb 7-1: config 0 interface 128 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1647.872791][T13926] usb 7-1: New USB device found, idVendor=5543, idProduct=0781, bcdDevice= 0.00
[ 1647.886714][T13926] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1647.903410][T13926] usb 7-1: config 0 descriptor??
[ 1648.226278][T17822] binder_alloc: 17821: binder_alloc_buf, no vma
[ 1648.574289][T13926] usbhid 7-1:0.128: can't add hid device: -71
[ 1648.585599][T13926] usbhid 7-1:0.128: probe with driver usbhid failed with error -71
[ 1648.626644][T13926] usb 7-1: USB disconnect, device number 44
[ 1648.713920][T17829] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4227'.
[ 1648.734217][T17829] sctp: [Deprecated]: syz.2.4227 (pid 17829) Use of int in maxseg socket option.
[ 1648.734217][T17829] Use struct sctp_assoc_value instead
[ 1648.776137][T17829] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4227'.
[ 1649.231648][T13926] usb 8-1: USB disconnect, device number 40
[ 1649.947749][T17846] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4234'.
[ 1649.964900][T13926] usb 7-1: new high-speed USB device number 45 using dummy_hcd
[ 1650.069218][T17848] loop2: detected capacity change from 0 to 512
[ 1650.132362][T17848] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842c11d, mo2=0002]
[ 1650.146235][T13926] usb 7-1: Using ep0 maxpacket: 16
[ 1650.163024][T13926] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1650.174720][T13926] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1650.177171][T17848] System zones: 
[ 1650.184886][T13926] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1650.185145][T13926] usb 7-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1650.185298][T13926] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1650.191010][T13926] usb 7-1: config 0 descriptor??
[ 1650.203344][T17848] 1-12
[ 1650.292691][T17848] EXT4-fs error (device loop2): ext4_iget_extra_inode:5035: inode #15: comm syz.2.4235: corrupted in-inode xattr: e_value size too large
[ 1650.334052][T17853] binder_alloc: 17852: binder_alloc_buf, no vma
[ 1650.345860][T17848] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.4235: couldn't read orphan inode 15 (err -117)
[ 1650.389098][T17848] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1650.705032][T13926] usbhid 7-1:0.0: can't add hid device: -71
[ 1650.711787][T13926] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[ 1650.756807][T13926] usb 7-1: USB disconnect, device number 45
[ 1650.922534][T17000] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1651.481086][T17865] loop7: detected capacity change from 0 to 512
[ 1651.586454][T17865] EXT4-fs error (device loop7): ext4_validate_block_bitmap:432: comm syz.7.4242: bg 0: block 5: invalid block bitmap
[ 1651.634957][T13926] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[ 1651.645838][T17865] EXT4-fs error (device loop7) in ext4_mb_clear_bb:6548: Corrupt filesystem
[ 1651.700560][T17865] EXT4-fs error (device loop7): ext4_free_branches:1023: inode #11: comm syz.7.4242: invalid indirect mapped block 3 (level 2)
[ 1651.727901][T17865] EXT4-fs (loop7): 1 orphan inode deleted
[ 1651.733973][T17865] EXT4-fs (loop7): 1 truncate cleaned up
[ 1651.742488][T17865] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1651.780828][T17871] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4245'.
[ 1651.826638][T13926] usb 3-1: config 0 has no interfaces?
[ 1651.832752][T13926] usb 3-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[ 1651.843095][T13926] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1652.032437][T17871] sctp: [Deprecated]: syz.1.4245 (pid 17871) Use of int in maxseg socket option.
[ 1652.032437][T17871] Use struct sctp_assoc_value instead
[ 1652.095851][T17871] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4245'.
[ 1652.129678][T13926] usb 3-1: config 0 descriptor??
[ 1652.236561][T17298] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1652.364158][T17863] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1652.376832][T17863] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1652.435758][T13926] usb 3-1: USB disconnect, device number 23
[ 1652.895082][T13746] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[ 1653.088669][T13746] usb 3-1: Using ep0 maxpacket: 16
[ 1653.109427][T13746] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1653.120641][T13746] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1653.222623][T13746] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 1.40
[ 1653.232452][T13746] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1653.240977][T13746] usb 3-1: Product: syz
[ 1653.245552][T13746] usb 3-1: Manufacturer: syz
[ 1653.250434][T13746] usb 3-1: SerialNumber: syz
[ 1653.296091][T17885] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4250'.
[ 1653.448670][T17887] loop7: detected capacity change from 0 to 512
[ 1653.542118][T17887] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842c11d, mo2=0002]
[ 1653.566869][T17887] System zones: 1-12
[ 1653.606951][T17887] EXT4-fs error (device loop7): ext4_iget_extra_inode:5035: inode #15: comm syz.7.4251: corrupted in-inode xattr: e_value size too large
[ 1653.674315][T17887] EXT4-fs error (device loop7): ext4_orphan_get:1398: comm syz.7.4251: couldn't read orphan inode 15 (err -117)
[ 1653.716820][T17887] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1653.796036][T13746] usb 3-1: 0:2 : does not exist
[ 1654.143529][T17298] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1654.228221][T17897] overlayfs: failed to resolve './file2': -2
[ 1654.385102][T13926] usb 7-1: new high-speed USB device number 46 using dummy_hcd
[ 1654.568769][T13926] usb 7-1: Using ep0 maxpacket: 16
[ 1654.608017][T17904] loop7: detected capacity change from 0 to 512
[ 1654.637531][T13926] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1654.648992][T13926] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1654.659345][T13926] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1654.673252][T13926] usb 7-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1654.682879][T13926] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1654.898416][T17904] EXT4-fs (loop7): 1 truncate cleaned up
[ 1654.907288][T17904] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1655.004781][T13926] usb 7-1: config 0 descriptor??
[ 1655.268079][T17298] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1655.329691][T13746] usb 3-1: USB disconnect, device number 24
[ 1655.526582][T13926] microsoft 0003:045E:07DA.0018: unknown main item tag 0x0
[ 1655.534554][T13926] microsoft 0003:045E:07DA.0018: unknown main item tag 0x0
[ 1655.546133][T13926] microsoft 0003:045E:07DA.0018: unknown main item tag 0x0
[ 1655.553760][T13926] microsoft 0003:045E:07DA.0018: unknown main item tag 0x0
[ 1655.564793][T13926] microsoft 0003:045E:07DA.0018: unknown main item tag 0x0
[ 1655.572504][T13926] microsoft 0003:045E:07DA.0018: unknown main item tag 0x0
[ 1655.580552][T13926] microsoft 0003:045E:07DA.0018: unknown main item tag 0x0
[ 1655.588268][T13926] microsoft 0003:045E:07DA.0018: unknown main item tag 0x0
[ 1655.595963][T13926] microsoft 0003:045E:07DA.0018: unknown main item tag 0x0
[ 1655.603576][T13926] microsoft 0003:045E:07DA.0018: unknown main item tag 0x0
[ 1655.611408][T13926] microsoft 0003:045E:07DA.0018: unknown main item tag 0x0
[ 1655.619161][T13926] microsoft 0003:045E:07DA.0018: unknown main item tag 0x0
[ 1655.626851][T13926] microsoft 0003:045E:07DA.0018: unknown main item tag 0x0
[ 1655.634661][T13926] microsoft 0003:045E:07DA.0018: unknown main item tag 0x0
[ 1655.642267][T13926] microsoft 0003:045E:07DA.0018: unknown main item tag 0x0
[ 1655.653714][T13926] microsoft 0003:045E:07DA.0018: unknown main item tag 0x0
[ 1655.662274][T13926] microsoft 0003:045E:07DA.0018: unknown main item tag 0x0
[ 1655.670046][T13926] microsoft 0003:045E:07DA.0018: unknown main item tag 0x0
[ 1655.677743][T13926] microsoft 0003:045E:07DA.0018: unknown main item tag 0x0
[ 1655.685416][T13926] microsoft 0003:045E:07DA.0018: unknown main item tag 0x0
[ 1655.693006][T13926] microsoft 0003:045E:07DA.0018: unknown main item tag 0x0
[ 1655.700871][T13926] microsoft 0003:045E:07DA.0018: unknown main item tag 0x0
[ 1655.708634][T13926] microsoft 0003:045E:07DA.0018: unknown main item tag 0x0
[ 1655.822738][T13926] microsoft 0003:045E:07DA.0018: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.6-1/input0
[ 1655.834790][T13926] microsoft 0003:045E:07DA.0018: no inputs found
[ 1655.841448][T13926] microsoft 0003:045E:07DA.0018: could not initialize ff, continuing anyway
[ 1655.879968][T13926] usb 7-1: USB disconnect, device number 46
[ 1655.981110][T17916] sctp: [Deprecated]: syz.7.4260 (pid 17916) Use of int in maxseg socket option.
[ 1655.981110][T17916] Use struct sctp_assoc_value instead
[ 1656.767857][T17931] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4266'.
[ 1656.885182][T17930] loop6: detected capacity change from 0 to 512
[ 1656.998213][T17930] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842c11d, mo2=0002]
[ 1657.070641][T17930] System zones: 1-12
[ 1657.094803][T17930] EXT4-fs error (device loop6): ext4_iget_extra_inode:5035: inode #15: comm syz.6.4267: corrupted in-inode xattr: e_value size too large
[ 1657.111953][T17930] EXT4-fs error (device loop6): ext4_orphan_get:1398: comm syz.6.4267: couldn't read orphan inode 15 (err -117)
[ 1657.136639][T17930] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1657.269327][T17938] overlayfs: failed to resolve './file2': -2
[ 1657.514277][ T9832] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1657.785862][T13926] usb 8-1: new high-speed USB device number 41 using dummy_hcd
[ 1657.907787][T17944] loop0: detected capacity change from 0 to 512
[ 1657.995012][T17944] EXT4-fs (loop0): 1 truncate cleaned up
[ 1658.006873][T17944] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1658.060422][T13926] usb 8-1: config 0 has no interfaces?
[ 1658.066624][T13926] usb 8-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[ 1658.076444][T13926] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1658.192502][T13926] usb 8-1: config 0 descriptor??
[ 1658.400599][T16728] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1658.439256][T17940] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1658.448915][T17940] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1658.535205][T13746] usb 8-1: USB disconnect, device number 41
[ 1658.895014][ T5876] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[ 1658.985172][T13746] usb 8-1: new high-speed USB device number 42 using dummy_hcd
[ 1659.095867][ T5876] usb 1-1: Using ep0 maxpacket: 16
[ 1659.115973][ T5876] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1659.131817][ T5876] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1659.143404][ T5876] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1659.157075][ T5876] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1659.167412][ T5876] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1659.194288][ T5876] usb 1-1: config 0 descriptor??
[ 1659.205405][T13746] usb 8-1: Using ep0 maxpacket: 16
[ 1659.234104][T13746] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1659.245071][T13746] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1659.266365][T17965] sctp: [Deprecated]: syz.1.4280 (pid 17965) Use of int in maxseg socket option.
[ 1659.266365][T17965] Use struct sctp_assoc_value instead
[ 1659.324729][T13746] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 1.40
[ 1659.338986][T13746] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1659.348897][T13746] usb 8-1: Product: syz
[ 1659.353651][T13746] usb 8-1: Manufacturer: syz
[ 1659.358903][T13746] usb 8-1: SerialNumber: syz
[ 1659.645402][ T5876] microsoft 0003:045E:07DA.0019: unknown main item tag 0x0
[ 1659.653354][ T5876] microsoft 0003:045E:07DA.0019: unknown main item tag 0x0
[ 1659.661394][ T5876] microsoft 0003:045E:07DA.0019: unknown main item tag 0x0
[ 1659.669451][ T5876] microsoft 0003:045E:07DA.0019: unknown main item tag 0x0
[ 1659.677971][ T5876] microsoft 0003:045E:07DA.0019: unknown main item tag 0x0
[ 1659.686066][ T5876] microsoft 0003:045E:07DA.0019: unknown main item tag 0x0
[ 1659.693944][ T5876] microsoft 0003:045E:07DA.0019: unknown main item tag 0x0
[ 1659.702111][ T5876] microsoft 0003:045E:07DA.0019: unknown main item tag 0x0
[ 1659.710478][ T5876] microsoft 0003:045E:07DA.0019: unknown main item tag 0x0
[ 1659.718474][ T5876] microsoft 0003:045E:07DA.0019: unknown main item tag 0x0
[ 1659.726613][ T5876] microsoft 0003:045E:07DA.0019: unknown main item tag 0x0
[ 1659.734821][ T5876] microsoft 0003:045E:07DA.0019: unknown main item tag 0x0
[ 1659.749741][ T5876] microsoft 0003:045E:07DA.0019: unknown main item tag 0x0
[ 1659.759649][ T5876] microsoft 0003:045E:07DA.0019: unknown main item tag 0x0
[ 1659.767626][ T5876] microsoft 0003:045E:07DA.0019: unknown main item tag 0x0
[ 1659.775676][ T5876] microsoft 0003:045E:07DA.0019: unknown main item tag 0x0
[ 1659.783646][ T5876] microsoft 0003:045E:07DA.0019: unknown main item tag 0x0
[ 1659.791688][ T5876] microsoft 0003:045E:07DA.0019: unknown main item tag 0x0
[ 1659.800112][ T5876] microsoft 0003:045E:07DA.0019: unknown main item tag 0x0
[ 1659.808384][ T5876] microsoft 0003:045E:07DA.0019: unknown main item tag 0x0
[ 1659.816168][ T5876] microsoft 0003:045E:07DA.0019: unknown main item tag 0x0
[ 1659.823768][ T5876] microsoft 0003:045E:07DA.0019: unknown main item tag 0x0
[ 1659.832091][ T5876] microsoft 0003:045E:07DA.0019: unknown main item tag 0x0
[ 1659.847783][T13746] usb 8-1: 0:2 : does not exist
[ 1659.959831][T17968] loop2: detected capacity change from 0 to 512
[ 1659.987504][ T5876] microsoft 0003:045E:07DA.0019: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.0-1/input0
[ 1660.000918][ T5876] microsoft 0003:045E:07DA.0019: no inputs found
[ 1660.007706][ T5876] microsoft 0003:045E:07DA.0019: could not initialize ff, continuing anyway
[ 1660.026934][T17968] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842c11d, mo2=0002]
[ 1660.042680][T17968] System zones: 1-12
[ 1660.082126][T17968] EXT4-fs error (device loop2): ext4_iget_extra_inode:5035: inode #15: comm syz.2.4283: corrupted in-inode xattr: e_value size too large
[ 1660.097477][ T5876] usb 1-1: USB disconnect, device number 15
[ 1660.115333][T17968] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.4283: couldn't read orphan inode 15 (err -117)
[ 1660.140800][T17968] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1660.459683][T17000] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1660.580147][T17976] overlayfs: failed to resolve './file2': -2
[ 1661.093411][T17985] overlayfs: failed to resolve './file2': -2
[ 1661.328306][ T5876] usb 8-1: USB disconnect, device number 42
[ 1661.405159][T17988] binder: BINDER_SET_CONTEXT_MGR already set
[ 1661.411656][T17988] binder: 17987:17988 ioctl 4018620d 80000040 returned -16
[ 1661.744531][T17993] loop7: detected capacity change from 0 to 512
[ 1661.800700][T17993] EXT4-fs error (device loop7): ext4_validate_block_bitmap:432: comm syz.7.4291: bg 0: block 5: invalid block bitmap
[ 1661.839330][T17993] EXT4-fs error (device loop7) in ext4_mb_clear_bb:6548: Corrupt filesystem
[ 1661.865691][T17993] EXT4-fs error (device loop7): ext4_free_branches:1023: inode #11: comm syz.7.4291: invalid indirect mapped block 3 (level 2)
[ 1661.930065][T17993] EXT4-fs (loop7): 1 orphan inode deleted
[ 1661.938554][T17993] EXT4-fs (loop7): 1 truncate cleaned up
[ 1661.947415][T17993] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1662.197288][T17298] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1662.224702][ T5876] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[ 1662.338782][T18002] sctp: [Deprecated]: syz.1.4295 (pid 18002) Use of int in maxseg socket option.
[ 1662.338782][T18002] Use struct sctp_assoc_value instead
[ 1662.416638][ T5876] usb 3-1: Using ep0 maxpacket: 16
[ 1662.453155][ T5876] usb 3-1: config 0 has an invalid interface number: 128 but max is 0
[ 1662.462194][ T5876] usb 3-1: config 0 has no interface number 0
[ 1662.468956][ T5876] usb 3-1: config 0 interface 128 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1662.480572][ T5876] usb 3-1: config 0 interface 128 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1662.491105][ T5876] usb 3-1: New USB device found, idVendor=5543, idProduct=0781, bcdDevice= 0.00
[ 1662.500856][ T5876] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1662.570996][ T5876] usb 3-1: config 0 descriptor??
[ 1662.590904][T18004] loop6: detected capacity change from 0 to 512
[ 1662.693528][T18004] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842c11d, mo2=0002]
[ 1662.704074][T18004] System zones: 1-12
[ 1662.719901][T18004] EXT4-fs error (device loop6): ext4_iget_extra_inode:5035: inode #15: comm syz.6.4296: corrupted in-inode xattr: e_value size too large
[ 1662.739365][T18004] EXT4-fs error (device loop6): ext4_orphan_get:1398: comm syz.6.4296: couldn't read orphan inode 15 (err -117)
[ 1662.759494][T18004] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1662.904764][T13926] usb 8-1: new high-speed USB device number 43 using dummy_hcd
[ 1663.034684][ T9832] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1663.090278][T13926] usb 8-1: Using ep0 maxpacket: 16
[ 1663.116821][T13926] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1663.131004][T13926] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1663.141934][T13926] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1663.155562][T13926] usb 8-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1663.165233][T13926] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1663.216045][T13926] usb 8-1: config 0 descriptor??
[ 1663.225892][ T5876] usbhid 3-1:0.128: can't add hid device: -71
[ 1663.232799][ T5876] usbhid 3-1:0.128: probe with driver usbhid failed with error -71
[ 1663.281689][ T5876] usb 3-1: USB disconnect, device number 25
[ 1663.663226][T13926] microsoft 0003:045E:07DA.001A: unknown main item tag 0x0
[ 1663.671086][T13926] microsoft 0003:045E:07DA.001A: unknown main item tag 0x0
[ 1663.678793][T13926] microsoft 0003:045E:07DA.001A: unknown main item tag 0x0
[ 1663.686467][T13926] microsoft 0003:045E:07DA.001A: unknown main item tag 0x0
[ 1663.694072][T13926] microsoft 0003:045E:07DA.001A: unknown main item tag 0x0
[ 1663.701855][T13926] microsoft 0003:045E:07DA.001A: unknown main item tag 0x0
[ 1663.710052][T13926] microsoft 0003:045E:07DA.001A: unknown main item tag 0x0
[ 1663.717903][T13926] microsoft 0003:045E:07DA.001A: unknown main item tag 0x0
[ 1663.725721][T13926] microsoft 0003:045E:07DA.001A: unknown main item tag 0x0
[ 1663.737095][T13926] microsoft 0003:045E:07DA.001A: unknown main item tag 0x0
[ 1663.746016][T13926] microsoft 0003:045E:07DA.001A: unknown main item tag 0x0
[ 1663.753640][T13926] microsoft 0003:045E:07DA.001A: unknown main item tag 0x0
[ 1663.761529][T13926] microsoft 0003:045E:07DA.001A: unknown main item tag 0x0
[ 1663.769311][T13926] microsoft 0003:045E:07DA.001A: unknown main item tag 0x0
[ 1663.778246][T13926] microsoft 0003:045E:07DA.001A: unknown main item tag 0x0
[ 1663.786525][T13926] microsoft 0003:045E:07DA.001A: unknown main item tag 0x0
[ 1663.794241][T13926] microsoft 0003:045E:07DA.001A: unknown main item tag 0x0
[ 1663.802009][T13926] microsoft 0003:045E:07DA.001A: unknown main item tag 0x0
[ 1663.809730][T13926] microsoft 0003:045E:07DA.001A: unknown main item tag 0x0
[ 1663.817517][T13926] microsoft 0003:045E:07DA.001A: unknown main item tag 0x0
[ 1663.825191][T13926] microsoft 0003:045E:07DA.001A: unknown main item tag 0x0
[ 1663.832890][T13926] microsoft 0003:045E:07DA.001A: unknown main item tag 0x0
[ 1663.844284][T13926] microsoft 0003:045E:07DA.001A: unknown main item tag 0x0
[ 1663.916646][T13926] microsoft 0003:045E:07DA.001A: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.7-1/input0
[ 1663.928693][T13926] microsoft 0003:045E:07DA.001A: no inputs found
[ 1663.935476][T13926] microsoft 0003:045E:07DA.001A: could not initialize ff, continuing anyway
[ 1663.988096][T18016] loop1: detected capacity change from 0 to 1024
[ 1663.994968][T13926] usb 8-1: USB disconnect, device number 43
[ 1664.129855][T18018] overlayfs: failed to resolve './file2': -2
[ 1664.315663][T18021] binder: BINDER_SET_CONTEXT_MGR already set
[ 1664.321944][T18021] binder: 18020:18021 ioctl 4018620d 80000040 returned -16
[ 1665.059278][T18034] loop6: detected capacity change from 0 to 512
[ 1665.177369][T18034] EXT4-fs (loop6): 1 truncate cleaned up
[ 1665.185975][T18034] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1665.536411][ T9832] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1665.579826][T18041] loop1: detected capacity change from 0 to 512
[ 1665.916107][T18044] sctp: [Deprecated]: syz.2.4311 (pid 18044) Use of int in maxseg socket option.
[ 1665.916107][T18044] Use struct sctp_assoc_value instead
[ 1666.093507][ T5876] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[ 1666.235279][T18052] overlayfs: failed to resolve './file2': -2
[ 1666.278818][ T5876] usb 1-1: Using ep0 maxpacket: 16
[ 1666.313960][ T5876] usb 1-1: config 0 has an invalid interface number: 128 but max is 0
[ 1666.323200][ T5876] usb 1-1: config 0 has no interface number 0
[ 1666.329852][ T5876] usb 1-1: config 0 interface 128 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1666.342189][ T5876] usb 1-1: config 0 interface 128 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1666.352737][ T5876] usb 1-1: New USB device found, idVendor=5543, idProduct=0781, bcdDevice= 0.00
[ 1666.362315][ T5876] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1666.445898][ T5876] usb 1-1: config 0 descriptor??
[ 1666.692267][T18054] loop6: detected capacity change from 0 to 1024
[ 1666.775068][T18054] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1666.802730][T18056] binder: BINDER_SET_CONTEXT_MGR already set
[ 1666.811622][T18056] binder: 18055:18056 ioctl 4018620d 80000040 returned -16
[ 1667.076111][T13746] usb 8-1: new high-speed USB device number 44 using dummy_hcd
[ 1667.098787][ T5876] usbhid 1-1:0.128: can't add hid device: -71
[ 1667.106480][ T5876] usbhid 1-1:0.128: probe with driver usbhid failed with error -71
[ 1667.147528][ T5876] usb 1-1: USB disconnect, device number 16
[ 1667.285692][T13746] usb 8-1: Using ep0 maxpacket: 16
[ 1667.308608][T13746] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1667.324733][T13746] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1667.336638][T13746] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1667.350029][T13746] usb 8-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1667.359700][T13746] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1667.474127][T13746] usb 8-1: config 0 descriptor??
[ 1667.503286][ T9832] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1667.751794][T18068] loop2: detected capacity change from 0 to 512
[ 1667.887966][T18068] EXT4-fs (loop2): 1 truncate cleaned up
[ 1667.897704][T18068] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1667.946849][T13746] microsoft 0003:045E:07DA.001B: unknown main item tag 0x0
[ 1667.955631][T13746] microsoft 0003:045E:07DA.001B: unknown main item tag 0x0
[ 1667.963272][T13746] microsoft 0003:045E:07DA.001B: unknown main item tag 0x0
[ 1667.971197][T13746] microsoft 0003:045E:07DA.001B: unknown main item tag 0x0
[ 1667.979124][T13746] microsoft 0003:045E:07DA.001B: unknown main item tag 0x0
[ 1667.986992][T13746] microsoft 0003:045E:07DA.001B: unknown main item tag 0x0
[ 1667.994792][T13746] microsoft 0003:045E:07DA.001B: unknown main item tag 0x0
[ 1668.002466][T13746] microsoft 0003:045E:07DA.001B: unknown main item tag 0x0
[ 1668.010339][T13746] microsoft 0003:045E:07DA.001B: unknown main item tag 0x0
[ 1668.018129][T13746] microsoft 0003:045E:07DA.001B: unknown main item tag 0x0
[ 1668.026537][T13746] microsoft 0003:045E:07DA.001B: unknown main item tag 0x0
[ 1668.041521][T13746] microsoft 0003:045E:07DA.001B: unknown main item tag 0x0
[ 1668.050814][T13746] microsoft 0003:045E:07DA.001B: unknown main item tag 0x0
[ 1668.058537][T13746] microsoft 0003:045E:07DA.001B: unknown main item tag 0x0
[ 1668.066404][T13746] microsoft 0003:045E:07DA.001B: unknown main item tag 0x0
[ 1668.073994][T13746] microsoft 0003:045E:07DA.001B: unknown main item tag 0x0
[ 1668.081741][T13746] microsoft 0003:045E:07DA.001B: unknown main item tag 0x0
[ 1668.089514][T13746] microsoft 0003:045E:07DA.001B: unknown main item tag 0x0
[ 1668.097360][T13746] microsoft 0003:045E:07DA.001B: unknown main item tag 0x0
[ 1668.105141][T13746] microsoft 0003:045E:07DA.001B: unknown main item tag 0x0
[ 1668.215461][T13746] microsoft 0003:045E:07DA.001B: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.7-1/input0
[ 1668.228435][T13746] microsoft 0003:045E:07DA.001B: no inputs found
[ 1668.235330][T13746] microsoft 0003:045E:07DA.001B: could not initialize ff, continuing anyway
[ 1668.418922][T13746] usb 8-1: USB disconnect, device number 44
[ 1668.579807][T17000] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1668.652846][T18078] loop0: detected capacity change from 0 to 512
[ 1668.784465][T18078] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842c11d, mo2=0002]
[ 1668.793215][T18078] System zones: 1-12
[ 1668.927495][T18078] EXT4-fs error (device loop0): ext4_iget_extra_inode:5035: inode #15: comm syz.0.4324: corrupted in-inode xattr: e_value size too large
[ 1668.973605][T18078] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.4324: couldn't read orphan inode 15 (err -117)
[ 1669.041924][T18078] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1669.541821][T16728] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1670.078652][T18090] sctp: [Deprecated]: syz.0.4329 (pid 18090) Use of int in maxseg socket option.
[ 1670.078652][T18090] Use struct sctp_assoc_value instead
[ 1670.339286][T18094] loop6: detected capacity change from 0 to 1024
[ 1670.504326][T18094] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1670.886111][T18108] loop2: detected capacity change from 0 to 512
[ 1670.906328][ T9832] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1670.983148][T18108] EXT4-fs (loop2): 1 truncate cleaned up
[ 1670.991711][T18108] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1671.014846][T13746] usb 8-1: new high-speed USB device number 45 using dummy_hcd
[ 1671.260886][T13746] usb 8-1: config 0 has no interfaces?
[ 1671.267178][T13746] usb 8-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[ 1671.276725][T13746] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1671.288241][T17000] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1671.407896][T13746] usb 8-1: config 0 descriptor??
[ 1671.562056][T18118] loop1: detected capacity change from 0 to 512
[ 1671.577728][T18120] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4338'.
[ 1671.631574][T18106] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1671.641331][T18106] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1671.690106][T13746] usb 8-1: USB disconnect, device number 45
[ 1672.184692][T13926] usb 8-1: new high-speed USB device number 46 using dummy_hcd
[ 1672.348021][T13926] usb 8-1: Using ep0 maxpacket: 16
[ 1672.370040][T13926] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1672.381053][T13926] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1672.443503][T13926] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 1.40
[ 1672.453471][T13926] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1672.461881][T13926] usb 8-1: Product: syz
[ 1672.466444][T13926] usb 8-1: Manufacturer: syz
[ 1672.471306][T13926] usb 8-1: SerialNumber: syz
[ 1672.962815][T13926] usb 8-1: 0:2 : does not exist
[ 1673.574002][T18139] sctp: [Deprecated]: syz.2.4348 (pid 18139) Use of int in maxseg socket option.
[ 1673.574002][T18139] Use struct sctp_assoc_value instead
[ 1673.599250][T18138] loop6: detected capacity change from 0 to 1024
[ 1673.662054][T18138] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1673.888198][T13746] usb 2-1: new low-speed USB device number 11 using dummy_hcd
[ 1674.000284][ T9832] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1674.073472][T13746] usb 2-1: config 0 has no interfaces?
[ 1674.085519][T13746] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1674.096272][T13746] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1674.129730][T13746] usb 2-1: config 0 descriptor??
[ 1674.331440][T13746] usb 8-1: USB disconnect, device number 46
[ 1674.400017][   T11] usb 2-1: USB disconnect, device number 11
[ 1674.413029][T18150] loop6: detected capacity change from 0 to 512
[ 1674.556514][T18150] EXT4-fs (loop6): 1 truncate cleaned up
[ 1674.565273][T18150] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1674.697532][ T9832] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1675.428071][T18164] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4356'.
[ 1676.593279][T18180] sctp: [Deprecated]: syz.6.4363 (pid 18180) Use of int in maxseg socket option.
[ 1676.593279][T18180] Use struct sctp_assoc_value instead
[ 1676.723934][T18183] overlayfs: failed to resolve './file2': -2
[ 1677.609396][T18192] loop2: detected capacity change from 0 to 512
[ 1677.791933][T18192] EXT4-fs (loop2): 1 truncate cleaned up
[ 1677.800513][T18192] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1678.102476][T17000] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1678.450151][T18206] binder: BINDER_SET_CONTEXT_MGR already set
[ 1678.457350][T18206] binder: 18204:18206 ioctl 4018620d 80000040 returned -16
[ 1678.651859][T18209] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4374'.
[ 1678.812526][T18211] netlink: 60 bytes leftover after parsing attributes in process `syz.7.4375'.
[ 1679.054147][T18216] overlayfs: failed to resolve './file2': -2
[ 1679.878778][T18225] sctp: [Deprecated]: syz.0.4381 (pid 18225) Use of int in maxseg socket option.
[ 1679.878778][T18225] Use struct sctp_assoc_value instead
[ 1680.757878][T18243] binder: BINDER_SET_CONTEXT_MGR already set
[ 1680.764271][T18243] binder: 18241:18243 ioctl 4018620d 80000040 returned -16
[ 1680.815583][T18242] loop6: detected capacity change from 0 to 512
[ 1680.885601][T18242] EXT4-fs (loop6): 1 truncate cleaned up
[ 1680.894141][T18242] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1681.204186][T18248] overlayfs: failed to resolve './file2': -2
[ 1681.351825][ T9832] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1681.499431][T18252] netlink: 60 bytes leftover after parsing attributes in process `syz.7.4392'.
[ 1682.096210][T18263] netlink: 20 bytes leftover after parsing attributes in process `syz.6.4393'.
[ 1682.286534][T13926] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[ 1682.486931][T13926] usb 3-1: Using ep0 maxpacket: 16
[ 1682.522240][T13926] usb 3-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[ 1682.533287][T13926] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1682.589020][T13926] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 1.40
[ 1682.598747][T13926] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1682.607145][T13926] usb 3-1: Product: syz
[ 1682.611729][T13926] usb 3-1: Manufacturer: syz
[ 1682.616756][T13926] usb 3-1: SerialNumber: syz
[ 1683.135324][T18275] binder: BINDER_SET_CONTEXT_MGR already set
[ 1683.141990][T18275] binder: 18273:18275 ioctl 4018620d 80000040 returned -16
[ 1683.158821][T18260] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1683.169109][T18260] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1683.227476][T13926] usb 3-1: 0:2 : does not exist
[ 1683.299013][T13926] usb 3-1: 5:0: failed to get current value for ch 0 (-22)
[ 1683.379449][T13926] usb 3-1: 5:0: cannot get min/max values for control 3 (id 5)
[ 1683.439928][T13926] usb 3-1: 5:0: cannot get min/max values for control 4 (id 5)
[ 1683.530453][T13926] usb 3-1: 5:0: cannot get min/max values for control 3 (id 5)
[ 1683.576527][T13926] usb 3-1: USB disconnect, device number 26
[ 1684.143799][T18288] netlink: 60 bytes leftover after parsing attributes in process `syz.6.4407'.
[ 1684.295566][T18290] netlink: 60 bytes leftover after parsing attributes in process `syz.2.4408'.
[ 1685.086675][T13746] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[ 1685.198215][T18301] netlink: 20 bytes leftover after parsing attributes in process `syz.7.4413'.
[ 1685.304849][T13746] usb 2-1: Using ep0 maxpacket: 16
[ 1685.346137][T13746] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1685.357917][T13746] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1685.368233][T13746] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1685.381849][T13746] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1685.391383][T13746] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1685.522484][T13746] usb 2-1: config 0 descriptor??
[ 1685.756066][T17001] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1685.766847][T17001] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1685.812543][T17001] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1685.888068][T17001] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1685.910125][T17001] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1685.989460][T13746] microsoft 0003:045E:07DA.001C: unknown main item tag 0x0
[ 1685.997420][T13746] microsoft 0003:045E:07DA.001C: unknown main item tag 0x0
[ 1686.005561][T13746] microsoft 0003:045E:07DA.001C: unknown main item tag 0x0
[ 1686.013155][T13746] microsoft 0003:045E:07DA.001C: unknown main item tag 0x0
[ 1686.020977][T13746] microsoft 0003:045E:07DA.001C: unknown main item tag 0x0
[ 1686.028721][T13746] microsoft 0003:045E:07DA.001C: unknown main item tag 0x0
[ 1686.036613][T13746] microsoft 0003:045E:07DA.001C: unknown main item tag 0x0
[ 1686.044632][T13746] microsoft 0003:045E:07DA.001C: unknown main item tag 0x0
[ 1686.052241][T13746] microsoft 0003:045E:07DA.001C: unknown main item tag 0x0
[ 1686.067721][T13746] microsoft 0003:045E:07DA.001C: unknown main item tag 0x0
[ 1686.077141][T13746] microsoft 0003:045E:07DA.001C: unknown main item tag 0x0
[ 1686.084887][T13746] microsoft 0003:045E:07DA.001C: unknown main item tag 0x0
[ 1686.092482][T13746] microsoft 0003:045E:07DA.001C: unknown main item tag 0x0
[ 1686.101144][T13746] microsoft 0003:045E:07DA.001C: unknown main item tag 0x0
[ 1686.108885][T13746] microsoft 0003:045E:07DA.001C: unknown main item tag 0x0
[ 1686.355739][T13746] microsoft 0003:045E:07DA.001C: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0
[ 1686.377038][T13746] microsoft 0003:045E:07DA.001C: no inputs found
[ 1686.383684][T13746] microsoft 0003:045E:07DA.001C: could not initialize ff, continuing anyway
[ 1686.401442][T13746] usb 2-1: USB disconnect, device number 12
[ 1687.440358][T13926] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[ 1687.539459][T18304] chnl_net:caif_netlink_parms(): no params data found
[ 1687.624864][T13926] usb 3-1: Using ep0 maxpacket: 16
[ 1687.688454][T13926] usb 3-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[ 1687.701413][T13926] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1687.828814][T13926] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 1.40
[ 1687.838865][T13926] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1687.847623][T13926] usb 3-1: Product: syz
[ 1687.852076][T13926] usb 3-1: Manufacturer: syz
[ 1687.857216][T13926] usb 3-1: SerialNumber: syz
[ 1687.896168][T18323] netlink: 60 bytes leftover after parsing attributes in process `syz.0.4421'.
[ 1688.015977][T14292] Bluetooth: hci1: command tx timeout
[ 1688.082958][T18327] netlink: 60 bytes leftover after parsing attributes in process `syz.7.4422'.
[ 1688.479839][T18316] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1688.490079][T18316] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1688.599822][T13926] usb 3-1: 0:2 : does not exist
[ 1688.681669][T13926] usb 3-1: 5:0: failed to get current value for ch 0 (-22)
[ 1688.851957][T13926] usb 3-1: 5:0: cannot get min/max values for control 3 (id 5)
[ 1688.975139][T13926] usb 3-1: 5:0: cannot get min/max values for control 4 (id 5)
[ 1689.080372][T18335] loop7: detected capacity change from 0 to 512
[ 1689.135240][T13926] usb 3-1: 5:0: cannot get min/max values for control 3 (id 5)
[ 1689.228173][T13926] usb 3-1: USB disconnect, device number 27
[ 1689.269724][T18335] EXT4-fs error (device loop7): ext4_validate_block_bitmap:432: comm syz.7.4425: bg 0: block 5: invalid block bitmap
[ 1689.386393][T18335] EXT4-fs error (device loop7) in ext4_mb_clear_bb:6548: Corrupt filesystem
[ 1689.411138][ T3664] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1689.515208][T18335] EXT4-fs error (device loop7): ext4_free_branches:1023: inode #11: comm syz.7.4425: invalid indirect mapped block 3 (level 2)
[ 1689.548099][T18335] EXT4-fs (loop7): 1 orphan inode deleted
[ 1689.554176][T18335] EXT4-fs (loop7): 1 truncate cleaned up
[ 1689.563487][T18335] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1689.660573][ T3664] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1689.692767][T18339] loop0: detected capacity change from 0 to 1024
[ 1689.755472][T18304] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1689.763247][T18304] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1689.771638][T18304] bridge_slave_0: entered allmulticast mode
[ 1689.781605][T18304] bridge_slave_0: entered promiscuous mode
[ 1689.795442][T18339] EXT4-fs (loop0): unable to set blocksize
[ 1689.902965][ T3664] team0: Port device netdevsim1 removed
[ 1689.918102][ T3664] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1690.059682][T18304] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1690.069811][T18304] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1690.079274][T18304] bridge_slave_1: entered allmulticast mode
[ 1690.089263][T18304] bridge_slave_1: entered promiscuous mode
[ 1690.111554][T14292] Bluetooth: hci1: command tx timeout
[ 1690.287372][ T3664] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1690.483363][T17298] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1690.551518][T18304] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1690.672416][T18304] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1690.861724][ T3664] bridge_slave_1: left allmulticast mode
[ 1690.868058][ T3664] bridge_slave_1: left promiscuous mode
[ 1690.881394][ T3664] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1690.915973][ T3664] bridge_slave_0: left allmulticast mode
[ 1690.921941][ T3664] bridge_slave_0: left promiscuous mode
[ 1690.930272][ T3664] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1691.185058][T13926] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[ 1691.396461][T13926] usb 1-1: Using ep0 maxpacket: 16
[ 1691.426510][T13926] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1691.438135][T13926] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1691.448499][T13926] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1691.461987][T13926] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1691.471490][T13926] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1691.513845][T13926] usb 1-1: config 0 descriptor??
[ 1691.758396][ T3664] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1691.825779][ T3664] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1691.871254][ T3664] bond0 (unregistering): Released all slaves
[ 1691.903034][ T3664] bond1 (unregistering): Released all slaves
[ 1691.926931][ T3664] bond2 (unregistering): Released all slaves
[ 1692.158541][T13926] microsoft 0003:045E:07DA.001D: unknown main item tag 0x0
[ 1692.166506][T13926] microsoft 0003:045E:07DA.001D: unknown main item tag 0x0
[ 1692.174110][T13926] microsoft 0003:045E:07DA.001D: unknown main item tag 0x0
[ 1692.182397][T14292] Bluetooth: hci1: command tx timeout
[ 1692.190264][T13926] microsoft 0003:045E:07DA.001D: unknown main item tag 0x0
[ 1692.198280][T13926] microsoft 0003:045E:07DA.001D: unknown main item tag 0x0
[ 1692.209530][T13926] microsoft 0003:045E:07DA.001D: unknown main item tag 0x0
[ 1692.217990][T13926] microsoft 0003:045E:07DA.001D: unknown main item tag 0x0
[ 1692.225733][T13926] microsoft 0003:045E:07DA.001D: unknown main item tag 0x0
[ 1692.233345][T13926] microsoft 0003:045E:07DA.001D: unknown main item tag 0x0
[ 1692.241159][T13926] microsoft 0003:045E:07DA.001D: unknown main item tag 0x0
[ 1692.249032][T13926] microsoft 0003:045E:07DA.001D: unknown main item tag 0x0
[ 1692.256786][T13926] microsoft 0003:045E:07DA.001D: unknown main item tag 0x0
[ 1692.264565][T13926] microsoft 0003:045E:07DA.001D: unknown main item tag 0x0
[ 1692.272532][T13926] microsoft 0003:045E:07DA.001D: unknown main item tag 0x0
[ 1692.280936][T13926] microsoft 0003:045E:07DA.001D: unknown main item tag 0x0
[ 1692.293891][T18367] netlink: 60 bytes leftover after parsing attributes in process `syz.7.4434'.
[ 1692.327927][T18304] team0: Port device team_slave_0 added
[ 1692.352625][T13926] microsoft 0003:045E:07DA.001D: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.0-1/input0
[ 1692.364794][T13926] microsoft 0003:045E:07DA.001D: no inputs found
[ 1692.371440][T13926] microsoft 0003:045E:07DA.001D: could not initialize ff, continuing anyway
[ 1692.389317][T13926] usb 1-1: USB disconnect, device number 17
[ 1692.439513][T18304] team0: Port device team_slave_1 added
[ 1692.473383][ T3664] tipc: Left network mode
[ 1692.741507][T18304] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1692.749734][T18304] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1692.776803][T18304] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1692.796050][T18304] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1692.803516][T18304] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1692.835947][T18304] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1693.004816][T13926] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[ 1693.219534][T13926] usb 2-1: Using ep0 maxpacket: 16
[ 1693.286567][T13926] usb 2-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[ 1693.297482][T13926] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1693.382473][T13926] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 1.40
[ 1693.392241][T13926] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1693.400740][T13926] usb 2-1: Product: syz
[ 1693.405968][T13926] usb 2-1: Manufacturer: syz
[ 1693.410842][T13926] usb 2-1: SerialNumber: syz
[ 1693.795113][ T3664] hsr_slave_0: left promiscuous mode
[ 1693.834894][ T3664] hsr_slave_1: left promiscuous mode
[ 1693.848653][ T3664] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1693.857607][ T3664] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1693.878101][T18379] netlink: 60 bytes leftover after parsing attributes in process `syz.0.4439'.
[ 1693.911497][T18378] loop2: detected capacity change from 0 to 512
[ 1693.921227][ T3664] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1693.929634][ T3664] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1693.987297][T18378] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.4440: bg 0: block 5: invalid block bitmap
[ 1694.013007][T18378] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6548: Corrupt filesystem
[ 1694.039524][T18370] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1694.052542][T18370] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1694.061003][ T3664] veth1_macvtap: left promiscuous mode
[ 1694.067117][ T3664] veth0_macvtap: left promiscuous mode
[ 1694.073493][ T3664] veth1_vlan: left promiscuous mode
[ 1694.079444][ T3664] veth0_vlan: left promiscuous mode
[ 1694.087558][T18378] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.4440: invalid indirect mapped block 3 (level 2)
[ 1694.153387][T18378] EXT4-fs (loop2): 1 orphan inode deleted
[ 1694.160801][T18378] EXT4-fs (loop2): 1 truncate cleaned up
[ 1694.170942][T18378] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1694.257390][T14292] Bluetooth: hci1: command tx timeout
[ 1694.460918][T13926] usb 2-1: 0:2 : does not exist
[ 1694.520117][T13926] usb 2-1: 5:0: failed to get current value for ch 0 (-22)
[ 1694.648143][T13926] usb 2-1: 5:0: cannot get min/max values for control 3 (id 5)
[ 1694.747725][T13926] usb 2-1: 5:0: cannot get min/max values for control 4 (id 5)
[ 1694.867314][T13926] usb 2-1: 5:0: cannot get min/max values for control 3 (id 5)
[ 1694.911950][T13926] usb 2-1: USB disconnect, device number 13
[ 1695.083135][T17000] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1695.174929][ T3664] team0 (unregistering): Port device team_slave_1 removed
[ 1695.203458][ T3664] team0 (unregistering): Port device team_slave_0 removed
[ 1695.549622][T18304] hsr_slave_0: entered promiscuous mode
[ 1695.571940][T18304] hsr_slave_1: entered promiscuous mode
[ 1695.590950][T18304] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1695.600111][T18304] Cannot create hsr debugfs directory
[ 1696.677951][T13926] usb 1-1: new low-speed USB device number 18 using dummy_hcd
[ 1696.852882][T13926] usb 1-1: config 0 has no interfaces?
[ 1696.859129][T13926] usb 1-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1696.868708][T13926] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1696.917395][T13926] usb 1-1: config 0 descriptor??
[ 1697.102358][T18408] netlink: 60 bytes leftover after parsing attributes in process `syz.7.4448'.
[ 1697.142107][T13926] usb 1-1: USB disconnect, device number 18
[ 1697.210699][T18409] loop2: detected capacity change from 0 to 512
[ 1697.266043][T18409] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842c11d, mo2=0002]
[ 1697.308115][T18409] System zones: 1-12
[ 1697.367068][T18409] EXT4-fs error (device loop2): ext4_iget_extra_inode:5035: inode #15: comm syz.2.4449: corrupted in-inode xattr: e_value size too large
[ 1697.443183][T18304] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 1697.455157][T18409] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.4449: couldn't read orphan inode 15 (err -117)
[ 1697.470666][T18304] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 1697.506864][T18304] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 1697.541719][T18409] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1697.567391][T18304] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 1697.961183][T18418] loop7: detected capacity change from 0 to 512
[ 1697.982397][T17000] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1698.120109][T18418] EXT4-fs error (device loop7): ext4_validate_block_bitmap:432: comm syz.7.4451: bg 0: block 5: invalid block bitmap
[ 1698.158940][T13926] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[ 1698.213206][T18418] EXT4-fs error (device loop7) in ext4_mb_clear_bb:6548: Corrupt filesystem
[ 1698.236017][T18418] EXT4-fs error (device loop7): ext4_free_branches:1023: inode #11: comm syz.7.4451: invalid indirect mapped block 3 (level 2)
[ 1698.328307][T18418] EXT4-fs (loop7): 1 orphan inode deleted
[ 1698.334754][T18418] EXT4-fs (loop7): 1 truncate cleaned up
[ 1698.336367][T13926] usb 2-1: device descriptor read/64, error -71
[ 1698.343209][T18418] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1698.386333][T18304] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1698.455686][T18304] 8021q: adding VLAN 0 to HW filter on device team0
[ 1698.563110][ T4180] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1698.571090][ T4180] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1698.627729][ T4180] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1698.635488][ T4180] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1698.663649][T13926] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[ 1698.845561][T13926] usb 2-1: device descriptor read/64, error -71
[ 1698.897319][T17298] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1698.964089][T13926] usb usb2-port1: attempt power cycle
[ 1699.367023][T13926] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[ 1699.443623][T13926] usb 2-1: device descriptor read/8, error -71
[ 1699.566593][T18434] netlink: 60 bytes leftover after parsing attributes in process `syz.7.4456'.
[ 1699.724946][T13926] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[ 1699.783322][T13926] usb 2-1: device descriptor read/8, error -71
[ 1699.896745][T13926] usb usb2-port1: unable to enumerate USB device
[ 1700.559944][T18304] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1701.437953][T18460] loop7: detected capacity change from 0 to 512
[ 1701.500477][T18463] loop1: detected capacity change from 0 to 512
[ 1701.563315][T18460] EXT4-fs error (device loop7): ext4_validate_block_bitmap:432: comm syz.7.4465: bg 0: block 5: invalid block bitmap
[ 1701.582090][T13746] usb 3-1: new low-speed USB device number 28 using dummy_hcd
[ 1701.639122][T18460] EXT4-fs error (device loop7) in ext4_mb_clear_bb:6548: Corrupt filesystem
[ 1701.685092][T18460] EXT4-fs error (device loop7): ext4_free_branches:1023: inode #11: comm syz.7.4465: invalid indirect mapped block 3 (level 2)
[ 1701.752396][T18460] EXT4-fs (loop7): 1 orphan inode deleted
[ 1701.760274][T18460] EXT4-fs (loop7): 1 truncate cleaned up
[ 1701.769578][T18460] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1701.813698][T13746] usb 3-1: config 0 has no interfaces?
[ 1701.819996][T13746] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1701.834122][T13746] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1701.856927][T13746] usb 3-1: config 0 descriptor??
[ 1702.086545][T13746] usb 3-1: USB disconnect, device number 28
[ 1702.196011][T17298] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1702.495646][T18304] veth0_vlan: entered promiscuous mode
[ 1702.602516][T18304] veth1_vlan: entered promiscuous mode
[ 1702.821589][T18479] netlink: 60 bytes leftover after parsing attributes in process `syz.7.4468'.
[ 1703.013779][T18304] veth0_macvtap: entered promiscuous mode
[ 1703.101655][T18304] veth1_macvtap: entered promiscuous mode
[ 1703.293601][T18304] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1703.400360][T18304] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1703.471914][T18304] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1703.481302][T18304] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1703.490795][T18304] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1703.500189][T18304] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1703.911556][T18492] loop0: detected capacity change from 0 to 128
[ 1703.986230][T18492] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1704.025728][T18492] ext4 filesystem being mounted at /121/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1704.180054][ T9147] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[ 1704.215917][ T1285] ieee802154 phy0 wpan0: encryption failed: -22
[ 1704.222711][ T1285] ieee802154 phy1 wpan1: encryption failed: -22
[ 1704.335391][T18492] syz.0.4473 (pid 18492) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[ 1704.397750][ T9147] usb 2-1: device descriptor read/64, error -71
[ 1704.656104][ T9147] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[ 1704.718377][T18492] fscrypt (loop0, inode 12): Missing crypto API support for Adiantum (API name: "adiantum(xchacha12,aes)")
[ 1704.733879][T18492] fscrypt (loop0, inode 12): Missing crypto API support for Adiantum (API name: "adiantum(xchacha12,aes)")
[ 1704.856285][ T9147] usb 2-1: device descriptor read/64, error -71
[ 1704.997610][ T9147] usb usb2-port1: attempt power cycle
[ 1705.208596][T18511] loop7: detected capacity change from 0 to 512
[ 1705.226065][T18512] loop2: detected capacity change from 0 to 512
[ 1705.241778][T16728] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1705.287359][T18511] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842c11d, mo2=0002]
[ 1705.303177][T18511] System zones: 1-12
[ 1705.318221][T18512] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.4477: bg 0: block 5: invalid block bitmap
[ 1705.321821][T18511] EXT4-fs error (device loop7): ext4_iget_extra_inode:5035: inode #15: comm syz.7.4476: corrupted in-inode xattr: e_value size too large
[ 1705.348404][T18512] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6548: Corrupt filesystem
[ 1705.373777][T18512] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.4477: invalid indirect mapped block 3 (level 2)
[ 1705.389358][ T9147] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[ 1705.406461][T18512] EXT4-fs (loop2): 1 orphan inode deleted
[ 1705.416510][T18512] EXT4-fs (loop2): 1 truncate cleaned up
[ 1705.424771][T18511] EXT4-fs error (device loop7): ext4_orphan_get:1398: comm syz.7.4476: couldn't read orphan inode 15 (err -117)
[ 1705.424941][T18512] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1705.457602][ T9147] usb 2-1: device descriptor read/8, error -71
[ 1705.478311][T18511] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1705.736741][ T9147] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[ 1705.796884][ T9147] usb 2-1: device descriptor read/8, error -71
[ 1705.884137][T17000] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1705.901190][T17298] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1705.928577][ T9147] usb usb2-port1: unable to enumerate USB device
[ 1706.322640][ T9147] usb 1-1: new low-speed USB device number 19 using dummy_hcd
[ 1706.356442][T18528] netlink: 60 bytes leftover after parsing attributes in process `syz.2.4480'.
[ 1706.599004][ T9147] usb 1-1: config 0 has no interfaces?
[ 1706.605889][ T9147] usb 1-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1706.615640][ T9147] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1706.738357][ T9147] usb 1-1: config 0 descriptor??
[ 1707.003633][ T9147] usb 1-1: USB disconnect, device number 19
[ 1708.636676][T18560] netlink: 60 bytes leftover after parsing attributes in process `syz.7.4488'.
[ 1708.787376][T18562] loop0: detected capacity change from 0 to 512
[ 1708.873833][T18562] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.4489: bg 0: block 5: invalid block bitmap
[ 1708.936756][T18562] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6548: Corrupt filesystem
[ 1708.955335][T18566] loop1: detected capacity change from 0 to 512
[ 1708.981670][T18562] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.4489: invalid indirect mapped block 3 (level 2)
[ 1709.103584][T18562] EXT4-fs (loop0): 1 orphan inode deleted
[ 1709.109952][T18562] EXT4-fs (loop0): 1 truncate cleaned up
[ 1709.119169][T18562] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1709.217895][T18568] netlink: 60 bytes leftover after parsing attributes in process `syz.7.4491'.
[ 1709.377743][ T4180] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1709.386194][ T4180] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1709.459362][ T4745] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1709.467741][ T4745] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1709.661983][T16728] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1709.965094][   T11] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[ 1710.194770][   T11] usb 2-1: device descriptor read/64, error -71
[ 1710.343488][T18585] overlayfs: missing 'lowerdir'
[ 1710.464808][   T11] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[ 1710.644646][   T11] usb 2-1: device descriptor read/64, error -71
[ 1710.756662][   T11] usb usb2-port1: attempt power cycle
[ 1711.150387][   T11] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[ 1711.201758][   T11] usb 2-1: device descriptor read/8, error -71
[ 1711.456256][   T11] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[ 1711.501077][   T11] usb 2-1: device descriptor read/8, error -71
[ 1711.516930][T18596] netlink: 60 bytes leftover after parsing attributes in process `syz.0.4500'.
[ 1711.621285][T18598] loop6: detected capacity change from 0 to 512
[ 1711.630170][   T11] usb usb2-port1: unable to enumerate USB device
[ 1711.713386][T18598] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842c11d, mo2=0002]
[ 1711.740186][T18598] System zones: 1-12
[ 1711.753147][T18598] EXT4-fs error (device loop6): ext4_iget_extra_inode:5035: inode #15: comm syz.6.4501: corrupted in-inode xattr: e_value size too large
[ 1711.784735][T18598] EXT4-fs error (device loop6): ext4_orphan_get:1398: comm syz.6.4501: couldn't read orphan inode 15 (err -117)
[ 1711.842583][T18604] netlink: 60 bytes leftover after parsing attributes in process `syz.7.4503'.
[ 1711.876272][T18598] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1711.924629][T18606] loop0: detected capacity change from 0 to 512
[ 1711.957354][T18606] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.4504: bg 0: block 5: invalid block bitmap
[ 1712.015197][T18606] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6548: Corrupt filesystem
[ 1712.053130][T18606] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.4504: invalid indirect mapped block 3 (level 2)
[ 1712.110513][T18606] EXT4-fs (loop0): 1 orphan inode deleted
[ 1712.116759][T18606] EXT4-fs (loop0): 1 truncate cleaned up
[ 1712.125158][T18606] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1712.158616][T18304] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1712.462136][T16728] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1712.512837][T16728] Buffer I/O error on dev loop0, logical block 1, lost sync page write
[ 1712.522955][T16728] EXT4-fs (loop0): I/O error while writing superblock
[ 1712.999361][T18615] overlayfs: missing 'lowerdir'
[ 1714.186942][T18635] netlink: 60 bytes leftover after parsing attributes in process `syz.2.4514'.
[ 1714.389328][T18639] loop0: detected capacity change from 0 to 512
[ 1714.460316][T18639] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842c11d, mo2=0002]
[ 1714.491158][T18639] System zones: 1-12
[ 1714.496728][T18642] loop6: detected capacity change from 0 to 512
[ 1714.502705][T18639] EXT4-fs error (device loop0): ext4_iget_extra_inode:5035: inode #15: comm syz.0.4516: corrupted in-inode xattr: e_value size too large
[ 1714.535048][T18639] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.4516: couldn't read orphan inode 15 (err -117)
[ 1714.609475][T18642] EXT4-fs error (device loop6): ext4_validate_block_bitmap:432: comm syz.6.4517: bg 0: block 5: invalid block bitmap
[ 1714.647725][T18639] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1714.676435][T18642] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6548: Corrupt filesystem
[ 1714.720407][T18642] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #11: comm syz.6.4517: invalid indirect mapped block 3 (level 2)
[ 1714.758053][T18646] loop1: detected capacity change from 0 to 1024
[ 1714.806428][T18642] EXT4-fs (loop6): 1 orphan inode deleted
[ 1714.812506][T18642] EXT4-fs (loop6): 1 truncate cleaned up
[ 1714.821039][T18642] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1715.018231][T16728] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1715.087039][T16728] Buffer I/O error on dev loop0, logical block 1, lost sync page write
[ 1715.096250][T16728] EXT4-fs (loop0): I/O error while writing superblock
[ 1715.323186][T18304] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1715.520913][T18656] sctp: [Deprecated]: syz.1.4522 (pid 18656) Use of int in maxseg socket option.
[ 1715.520913][T18656] Use struct sctp_assoc_value instead
[ 1715.748484][T18662] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4523'.
[ 1715.804040][   T11] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[ 1715.955112][   T11] usb 1-1: device descriptor read/64, error -71
[ 1716.245063][   T11] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[ 1716.405326][   T11] usb 1-1: device descriptor read/64, error -71
[ 1716.523047][   T11] usb usb1-port1: attempt power cycle
[ 1716.925426][   T11] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[ 1716.989570][   T11] usb 1-1: device descriptor read/8, error -71
[ 1717.155363][T18682] binder: 18681:18682 ioctl 4018620d 0 returned -22
[ 1717.235320][   T11] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[ 1717.287147][   T11] usb 1-1: device descriptor read/8, error -71
[ 1717.418931][   T11] usb usb1-port1: unable to enumerate USB device
[ 1717.619724][T18686] loop1: detected capacity change from 0 to 512
[ 1717.789287][T18690] loop7: detected capacity change from 0 to 64
[ 1717.841646][T18690] BFS-fs: bfs_fill_super(): loop7 is unclean, continuing
[ 1718.846416][T18704] sctp: [Deprecated]: syz.7.4538 (pid 18704) Use of int in maxseg socket option.
[ 1718.846416][T18704] Use struct sctp_assoc_value instead
[ 1719.692336][T18720] binder: 18719:18720 ioctl 4018620d 0 returned -22
[ 1720.392745][T18733] loop2: detected capacity change from 0 to 512
[ 1720.429874][T18732] loop7: detected capacity change from 0 to 512
[ 1720.479586][T18733] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842c11d, mo2=0002]
[ 1720.489879][T18732] EXT4-fs error (device loop7): ext4_validate_block_bitmap:432: comm syz.7.4544: bg 0: block 5: invalid block bitmap
[ 1720.504894][T18733] System zones: 1-12
[ 1720.516315][T18733] EXT4-fs error (device loop2): ext4_iget_extra_inode:5035: inode #15: comm syz.2.4545: corrupted in-inode xattr: e_value size too large
[ 1720.526837][T18732] EXT4-fs error (device loop7) in ext4_mb_clear_bb:6548: Corrupt filesystem
[ 1720.538630][T18733] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.4545: couldn't read orphan inode 15 (err -117)
[ 1720.552976][T18732] EXT4-fs error (device loop7): ext4_free_branches:1023: inode #11: comm syz.7.4544: invalid indirect mapped block 3 (level 2)
[ 1720.587816][T18733] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1720.605253][T18732] EXT4-fs (loop7): 1 orphan inode deleted
[ 1720.611305][T18732] EXT4-fs (loop7): 1 truncate cleaned up
[ 1720.619938][T18732] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1720.744635][T18739] loop6: detected capacity change from 0 to 64
[ 1720.832993][T18739] BFS-fs: bfs_fill_super(): loop6 is unclean, continuing
[ 1720.957756][T17298] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1721.103478][T17000] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1721.509429][T18748] netlink: 60 bytes leftover after parsing attributes in process `syz.7.4550'.
[ 1721.535900][   T11] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[ 1721.684680][   T11] usb 1-1: device descriptor read/64, error -71
[ 1721.851173][T18755] sctp: [Deprecated]: syz.6.4554 (pid 18755) Use of int in maxseg socket option.
[ 1721.851173][T18755] Use struct sctp_assoc_value instead
[ 1721.935329][   T11] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[ 1722.090233][T18762] binder: 18760:18762 ioctl 4018620d 0 returned -22
[ 1722.105287][   T11] usb 1-1: device descriptor read/64, error -71
[ 1722.225133][   T11] usb usb1-port1: attempt power cycle
[ 1722.605136][   T11] usb 1-1: new high-speed USB device number 26 using dummy_hcd
[ 1722.658628][   T11] usb 1-1: device descriptor read/8, error -71
[ 1722.687001][T18771] overlayfs: missing 'lowerdir'
[ 1722.905157][   T11] usb 1-1: new high-speed USB device number 27 using dummy_hcd
[ 1722.960386][   T11] usb 1-1: device descriptor read/8, error -71
[ 1723.090606][   T11] usb usb1-port1: unable to enumerate USB device
[ 1723.317787][T18775] loop7: detected capacity change from 0 to 512
[ 1723.390680][T18775] EXT4-fs error (device loop7): ext4_validate_block_bitmap:432: comm syz.7.4560: bg 0: block 5: invalid block bitmap
[ 1723.498967][T18783] loop1: detected capacity change from 0 to 512
[ 1723.503556][T18775] EXT4-fs error (device loop7) in ext4_mb_clear_bb:6548: Corrupt filesystem
[ 1723.520587][T18775] EXT4-fs error (device loop7): ext4_free_branches:1023: inode #11: comm syz.7.4560: invalid indirect mapped block 3 (level 2)
[ 1723.561364][T18775] EXT4-fs (loop7): 1 orphan inode deleted
[ 1723.567839][T18775] EXT4-fs (loop7): 1 truncate cleaned up
[ 1723.576520][T18775] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1723.854122][T17298] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1724.058731][T18787] loop1: detected capacity change from 0 to 64
[ 1724.838159][T18797] sctp: [Deprecated]: syz.7.4569 (pid 18797) Use of int in maxseg socket option.
[ 1724.838159][T18797] Use struct sctp_assoc_value instead
[ 1726.118438][T18818] loop2: detected capacity change from 0 to 512
[ 1726.209103][T18818] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842c11d, mo2=0002]
[ 1726.239370][T18818] System zones: 1-12
[ 1726.273658][T18818] EXT4-fs error (device loop2): ext4_iget_extra_inode:5035: inode #15: comm syz.2.4575: corrupted in-inode xattr: e_value size too large
[ 1726.325909][T18818] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.4575: couldn't read orphan inode 15 (err -117)
[ 1726.354799][T18818] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1726.562423][T18824] loop7: detected capacity change from 0 to 2048
[ 1726.670834][T18824] NILFS (loop7): invalid segment: Magic number mismatch
[ 1726.678455][T18824] NILFS (loop7): trying rollback from an earlier position
[ 1726.750588][T18824] NILFS (loop7): recovery complete
[ 1726.771973][T17000] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1726.781533][T18833] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1726.863670][   T30] audit: type=1800 audit(1752026731.845:162): pid=18824 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.4577" name="bus" dev="loop7" ino=12 res=0 errno=0
[ 1726.884984][   T30] audit: type=1800 audit(1752026731.855:163): pid=18824 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.4577" name="bus" dev="loop7" ino=12 res=0 errno=0
[ 1728.177058][T18849] sctp: [Deprecated]: syz.1.4588 (pid 18849) Use of int in maxseg socket option.
[ 1728.177058][T18849] Use struct sctp_assoc_value instead
[ 1728.313768][T18851] loop6: detected capacity change from 0 to 1024
[ 1728.415982][T18851] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1728.530884][T18860] loop0: detected capacity change from 0 to 512
[ 1728.580870][T18860] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842c11d, mo2=0002]
[ 1728.604211][T18860] System zones: 1-12
[ 1728.609211][T18851] loop6: detected capacity change from 1024 to 64
[ 1728.611215][T18860] EXT4-fs error (device loop0): ext4_iget_extra_inode:5035: inode #15: comm syz.0.4592: corrupted in-inode xattr: e_value size too large
[ 1728.646848][T18851]  loop6: [CUMANA/ADFS] p1 [ADFS] p1
[ 1728.653018][T18851] loop6: partition table partially beyond EOD, truncated
[ 1728.665231][T18851] loop6: p1 size 4294967295 extends beyond EOD, truncated
[ 1728.701845][T18860] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.4592: couldn't read orphan inode 15 (err -117)
[ 1728.725427][T18862] EXT4-fs error (device loop6): xattr_find_entry:333: inode #15: comm syz.6.4589: corrupted xattr entries
[ 1728.765439][T18860] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1729.046660][T18304] EXT4-fs error (device loop6): ext4_readdir:264: inode #2: block 16: comm syz-executor: path /23/file1: bad entry in directory: inode out of bounds - offset=0, inode=201326592, rec_len=256, size=1024 fake=0
[ 1729.257667][T16728] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1729.341050][T18304] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1729.483144][T18856] kmmpd-loop6: attempt to access beyond end of device
[ 1729.483144][T18856] loop6: rw=14337, sector=128, nr_sectors = 2 limit=64
[ 1729.497440][T18856] Buffer I/O error on dev loop6, logical block 64, lost sync page write
[ 1729.500694][T18868] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[ 1729.516062][T18868] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1729.954205][T18873] loop0: detected capacity change from 0 to 2048
[ 1729.979995][   T35] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1730.048478][T18873] NILFS (loop0): invalid segment: Magic number mismatch
[ 1730.056338][T18873] NILFS (loop0): trying rollback from an earlier position
[ 1730.161188][   T35] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1730.225574][T18873] NILFS (loop0): recovery complete
[ 1730.262546][T18882] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1730.310591][T18879] overlayfs: missing 'lowerdir'
[ 1730.412900][   T35] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1730.492361][   T30] audit: type=1800 audit(1752026735.485:164): pid=18873 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.4597" name="bus" dev="loop0" ino=12 res=0 errno=0
[ 1730.517617][   T30] audit: type=1800 audit(1752026735.495:165): pid=18873 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.4597" name="bus" dev="loop0" ino=12 res=0 errno=0
[ 1730.558382][   T35] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1730.863204][   T35] bridge_slave_1: left allmulticast mode
[ 1730.869407][   T35] bridge_slave_1: left promiscuous mode
[ 1730.876739][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1730.913454][   T35] bridge_slave_0: left allmulticast mode
[ 1730.921594][   T35] bridge_slave_0: left promiscuous mode
[ 1730.928503][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1731.547181][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1731.585548][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1731.617852][   T35] bond0 (unregistering): Released all slaves
[ 1732.492538][T18892] sctp: [Deprecated]: syz.0.4606 (pid 18892) Use of int in maxseg socket option.
[ 1732.492538][T18892] Use struct sctp_assoc_value instead
[ 1732.534206][T18891] loop1: detected capacity change from 0 to 1024
[ 1732.636324][   T35] hsr_slave_0: left promiscuous mode
[ 1732.715353][   T35] hsr_slave_1: left promiscuous mode
[ 1732.728609][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1732.737111][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1732.841524][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1732.849737][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1732.892546][   T35] veth1_macvtap: left promiscuous mode
[ 1732.899159][   T35] veth0_macvtap: left promiscuous mode
[ 1732.905869][   T35] veth1_vlan: left promiscuous mode
[ 1732.911548][   T35] veth0_vlan: left promiscuous mode
[ 1733.437612][T18895] loop2: detected capacity change from 0 to 512
[ 1733.629429][T18895] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842c11d, mo2=0002]
[ 1733.748254][T17001] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1733.748304][T18895] System zones: 
[ 1733.751080][T17001] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1733.755590][T18895] 1-12
[ 1733.772075][T17001] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1733.789952][T17001] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1733.803143][T17001] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1733.842417][   T35] team0 (unregistering): Port device team_slave_1 removed
[ 1733.899791][T18895] EXT4-fs error (device loop2): ext4_iget_extra_inode:5035: inode #15: comm syz.2.4607: corrupted in-inode xattr: e_value size too large
[ 1733.933000][   T35] team0 (unregistering): Port device team_slave_0 removed
[ 1734.059758][T18895] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.4607: couldn't read orphan inode 15 (err -117)
[ 1734.154885][T18895] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1734.625115][T17000] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1735.391435][T18912] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[ 1735.402157][T18912] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1735.776117][T18916] overlayfs: missing 'lowerdir'
[ 1735.865356][T17001] Bluetooth: hci1: command tx timeout
[ 1736.273068][T18897] chnl_net:caif_netlink_parms(): no params data found
[ 1736.565506][T18928] loop0: detected capacity change from 0 to 1024
[ 1736.573319][T18931] sctp: [Deprecated]: syz.1.4618 (pid 18931) Use of int in maxseg socket option.
[ 1736.573319][T18931] Use struct sctp_assoc_value instead
[ 1736.596649][T18932] loop7: detected capacity change from 0 to 512
[ 1736.631744][T18932] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842c11d, mo2=0002]
[ 1736.647171][T18932] System zones: 1-12
[ 1736.686873][T18932] EXT4-fs error (device loop7): ext4_iget_extra_inode:5035: inode #15: comm syz.7.4619: corrupted in-inode xattr: e_value size too large
[ 1736.716444][T18928] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1736.741693][T18932] EXT4-fs error (device loop7): ext4_orphan_get:1398: comm syz.7.4619: couldn't read orphan inode 15 (err -117)
[ 1736.788215][T18932] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1737.132736][T16728] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1737.140978][T17298] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1737.340501][T18897] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1737.348392][T18897] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1737.356368][T18897] bridge_slave_0: entered allmulticast mode
[ 1737.369784][T18897] bridge_slave_0: entered promiscuous mode
[ 1737.396795][T18897] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1737.404856][T18897] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1737.412741][T18897] bridge_slave_1: entered allmulticast mode
[ 1737.422933][T18897] bridge_slave_1: entered promiscuous mode
[ 1737.934827][T17001] Bluetooth: hci1: command tx timeout
[ 1738.065358][T18897] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1738.206916][T18897] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1738.391179][T18954] overlayfs: missing 'lowerdir'
[ 1738.450000][T18897] team0: Port device team_slave_0 added
[ 1738.491102][T18897] team0: Port device team_slave_1 added
[ 1738.662756][T18897] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1738.670264][T18897] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1738.701839][T18897] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1738.730727][T18897] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1738.739755][T18897] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1738.766882][T18897] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1738.838944][T18958] overlayfs: missing 'lowerdir'
[ 1739.062354][T18897] hsr_slave_0: entered promiscuous mode
[ 1739.073182][T18897] hsr_slave_1: entered promiscuous mode
[ 1739.082570][T18897] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1739.090646][T18897] Cannot create hsr debugfs directory
[ 1739.630841][T18969] loop1: detected capacity change from 0 to 512
[ 1739.793492][T18971] loop7: detected capacity change from 0 to 1024
[ 1739.930942][T18961] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1739.938135][T18961] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1739.945368][T18961] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1739.952193][T18961] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1739.958888][T18961] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1739.978990][T18971] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1740.001250][T18961] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1740.251024][T18976] sctp: [Deprecated]: syz.1.4632 (pid 18976) Use of int in maxseg socket option.
[ 1740.251024][T18976] Use struct sctp_assoc_value instead
[ 1740.324105][T17298] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1740.750250][T18897] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 1740.779941][T18897] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 1740.856913][T18897] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 1740.951111][T18897] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 1741.235407][T14292] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1741.401818][T18988] overlayfs: missing 'lowerdir'
[ 1741.648364][T18990] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[ 1741.658052][T18990] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1741.958115][T18897] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1742.015464][T14292] Bluetooth: hci1: command 0x0419 tx timeout
[ 1742.022415][T14292] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1742.023879][T17001] Bluetooth: hci5: command 0x0c1a tx timeout
[ 1742.210421][T18897] 8021q: adding VLAN 0 to HW filter on device team0
[ 1742.211793][T18998] loop0: detected capacity change from 0 to 512
[ 1742.266487][T19000] overlayfs: missing 'lowerdir'
[ 1742.288404][T18998] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842c11d, mo2=0002]
[ 1742.305845][ T3664] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1742.313649][ T3664] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1742.342824][T18998] System zones: 1-12
[ 1742.381470][ T3684] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1742.389379][ T3684] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1742.407028][T18998] EXT4-fs error (device loop0): ext4_iget_extra_inode:5035: inode #15: comm syz.0.4641: corrupted in-inode xattr: e_value size too large
[ 1742.423910][T18998] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.4641: couldn't read orphan inode 15 (err -117)
[ 1742.456568][T18998] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1742.601008][T19003] loop1: detected capacity change from 0 to 512
[ 1742.959888][T16728] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1743.851828][T19019] sctp: [Deprecated]: syz.7.4647 (pid 19019) Use of int in maxseg socket option.
[ 1743.851828][T19019] Use struct sctp_assoc_value instead
[ 1744.095791][T18996] Bluetooth: hci1: command 0x0419 tx timeout
[ 1744.236530][T19013] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1744.243624][T19013] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1744.251907][T19013] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1744.259033][T19013] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1744.290949][T18897] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1744.848331][T19030] overlayfs: missing 'lowerdir'
[ 1745.215284][T19033] =====================================================
[ 1745.222902][T19033] BUG: KMSAN: uninit-value in sctp_assoc_bh_rcv+0x34e/0xbc0
[ 1745.232574][T19033]  sctp_assoc_bh_rcv+0x34e/0xbc0
[ 1745.239132][T19033]  sctp_inq_push+0x2a3/0x350
[ 1745.249147][T19033]  sctp_backlog_rcv+0x3c7/0xda0
[ 1745.255992][T19033]  sk_backlog_rcv+0x142/0x420
[ 1745.260968][T19033]  __release_sock+0x1d3/0x330
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 1745.266094][T19033]  release_sock+0x6b/0x270
[ 1745.270775][T19033]  sctp_wait_for_connect+0x458/0x820
[ 1745.276718][T19033]  sctp_sendmsg_to_asoc+0x223a/0x2260
[ 1745.282474][T19033]  sctp_sendmsg+0x3910/0x49f0
[ 1745.287638][T19033]  inet_sendmsg+0x26c/0x2a0
[ 1745.292528][T19033]  __sock_sendmsg+0x278/0x3d0
[ 1745.298882][T19033]  __sys_sendto+0x593/0x720
[ 1745.303678][T19033]  __ia32_sys_sendto+0x12f/0x200
[ 1745.309188][T19033]  ia32_sys_call+0x1397/0x42c0
[ 1745.314182][T19033]  __do_fast_syscall_32+0xb0/0x150
[ 1745.320065][T19033]  do_fast_syscall_32+0x38/0x80
[ 1745.325368][T19033]  do_SYSENTER_32+0x1f/0x30
[ 1745.330137][T19033]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1745.336939][T19033] 
[ 1745.339403][T19033] Uninit was created at:
[ 1745.344017][T19033]  __kmalloc_node_track_caller_noprof+0x96d/0x12f0
[ 1745.356090][T19033]  kmalloc_reserve+0x22f/0x4b0
[ 1745.361150][T19033]  __alloc_skb+0x347/0x7d0
[ 1745.367316][T19033]  sctp_packet_transmit+0x18a1/0x46d0
[ 1745.373005][T19033]  sctp_outq_flush+0x1c7d/0x67c0
[ 1745.379228][T19033]  sctp_outq_uncork+0x9e/0xc0
[ 1745.384153][T19033]  sctp_do_sm+0x8c8e/0x9720
[ 1745.389173][T19033]  sctp_assoc_bh_rcv+0x88b/0xbc0
[ 1745.394567][T19033]  sctp_inq_push+0x2a3/0x350
[ 1745.399391][T19033]  sctp_backlog_rcv+0x3c7/0xda0
[ 1745.404756][T19033]  sk_backlog_rcv+0x142/0x420
[ 1745.409710][T19033]  __release_sock+0x1d3/0x330
[ 1745.414864][T19033]  release_sock+0x6b/0x270
[ 1745.419521][T19033]  sctp_wait_for_connect+0x458/0x820
[ 1745.425306][T19033]  sctp_sendmsg_to_asoc+0x223a/0x2260
[ 1745.430975][T19033]  sctp_sendmsg+0x3910/0x49f0
[ 1745.436196][T19033]  inet_sendmsg+0x26c/0x2a0
[ 1745.440991][T19033]  __sock_sendmsg+0x278/0x3d0
[ 1745.446121][T19033]  __sys_sendto+0x593/0x720
[ 1745.456007][T19033]  __ia32_sys_sendto+0x12f/0x200
[ 1745.461244][T19033]  ia32_sys_call+0x1397/0x42c0
[ 1745.461531][T18996] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1745.468603][T19033]  __do_fast_syscall_32+0xb0/0x150
[ 1745.478042][T19033]  do_fast_syscall_32+0x38/0x80
[ 1745.483189][T19033]  do_SYSENTER_32+0x1f/0x30
[ 1745.488302][T19033]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1745.495633][T19033] 
[ 1745.498149][T19033] CPU: 0 UID: 0 PID: 19033 Comm: syz.0.4651 Tainted: G        W           6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(none) 
[ 1745.512320][T19033] Tainted: [W]=WARN
[ 1745.516441][T19033] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1745.527034][T19033] =====================================================
[ 1745.534144][T19033] Disabling lock debugging due to kernel taint
[ 1745.541690][T19033] Kernel panic - not syncing: kmsan.panic set ...
[ 1745.548371][T19033] CPU: 0 UID: 0 PID: 19033 Comm: syz.0.4651 Tainted: G    B   W           6.16.0-rc5-syzkaller-00025-gd006330be3f7 #0 PREEMPT(none) 
[ 1745.562323][T19033] Tainted: [B]=BAD_PAGE, [W]=WARN
[ 1745.567515][T19033] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1745.577784][T19033] Call Trace:
[ 1745.581236][T19033]  <TASK>
[ 1745.584334][T19033]  __dump_stack+0x26/0x30
[ 1745.588940][T19033]  dump_stack_lvl+0x53/0x270
[ 1745.593815][T19033]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1745.599934][T19033]  dump_stack+0x1e/0x25
[ 1745.604341][T19033]  panic+0x4bd/0xd50
[ 1745.608559][T19033]  kmsan_report+0x31c/0x320
[ 1745.613346][T19033]  ? __msan_warning+0x1b/0x30
[ 1745.618287][T19033]  ? sctp_assoc_bh_rcv+0x34e/0xbc0
[ 1745.623647][T19033]  ? sctp_inq_push+0x2a3/0x350
[ 1745.628645][T19033]  ? sctp_backlog_rcv+0x3c7/0xda0
[ 1745.633891][T19033]  ? sk_backlog_rcv+0x142/0x420
[ 1745.638963][T19033]  ? __release_sock+0x1d3/0x330
[ 1745.644000][T19033]  ? release_sock+0x6b/0x270
[ 1745.648808][T19033]  ? sctp_wait_for_connect+0x458/0x820
[ 1745.654626][T19033]  ? sctp_sendmsg_to_asoc+0x223a/0x2260
[ 1745.660449][T19033]  ? sctp_sendmsg+0x3910/0x49f0
[ 1745.665538][T19033]  ? inet_sendmsg+0x26c/0x2a0
[ 1745.670634][T19033]  ? __sock_sendmsg+0x278/0x3d0
[ 1745.675685][T19033]  ? __sys_sendto+0x593/0x720
[ 1745.680583][T19033]  ? __ia32_sys_sendto+0x12f/0x200
[ 1745.685932][T19033]  ? ia32_sys_call+0x1397/0x42c0
[ 1745.691066][T19033]  ? __do_fast_syscall_32+0xb0/0x150
[ 1745.696619][T19033]  ? do_fast_syscall_32+0x38/0x80
[ 1745.701889][T19033]  ? do_SYSENTER_32+0x1f/0x30
[ 1745.706810][T19033]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1745.713561][T19033]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1745.719643][T19033]  ? rdpkru+0x1/0x40
[ 1745.723883][T19033]  ? kmsan_get_metadata+0xfb/0x160
[ 1745.729287][T19033]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1745.735617][T19033]  ? kmsan_get_metadata+0xfb/0x160
[ 1745.740975][T19033]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1745.747092][T19033]  ? sctp_inq_pop+0x15ea/0x19e0
[ 1745.752161][T19033]  ? kmsan_get_metadata+0xfb/0x160
[ 1745.757640][T19033]  __msan_warning+0x1b/0x30
[ 1745.762374][T19033]  sctp_assoc_bh_rcv+0x34e/0xbc0
[ 1745.767658][T19033]  ? __pfx_sctp_assoc_bh_rcv+0x10/0x10
[ 1745.773331][T19033]  sctp_inq_push+0x2a3/0x350
[ 1745.778140][T19033]  sctp_backlog_rcv+0x3c7/0xda0
[ 1745.783206][T19033]  ? kmsan_get_metadata+0xfb/0x160
[ 1745.788669][T19033]  ? __pfx_sctp_backlog_rcv+0x10/0x10
[ 1745.794354][T19033]  sk_backlog_rcv+0x142/0x420
[ 1745.799364][T19033]  __release_sock+0x1d3/0x330
[ 1745.804264][T19033]  release_sock+0x6b/0x270
[ 1745.808926][T19033]  sctp_wait_for_connect+0x458/0x820
[ 1745.814504][T19033]  ? __pfx_autoremove_wake_function+0x10/0x10
[ 1745.820979][T19033]  sctp_sendmsg_to_asoc+0x223a/0x2260
[ 1745.826626][T19033]  ? kmsan_get_metadata+0xfb/0x160
[ 1745.831989][T19033]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1745.838119][T19033]  sctp_sendmsg+0x3910/0x49f0
[ 1745.843077][T19033]  ? __pfx_kmsan_save_stack_with_flags+0x10/0x10
[ 1745.849743][T19033]  ? __pfx_sctp_sendmsg+0x10/0x10
[ 1745.855028][T19033]  inet_sendmsg+0x26c/0x2a0
[ 1745.859823][T19033]  __sock_sendmsg+0x278/0x3d0
[ 1745.864740][T19033]  __sys_sendto+0x593/0x720
[ 1745.869956][T19033]  ? do_futex+0x416/0x480
[ 1745.874686][T19033]  ? kmsan_get_metadata+0xfb/0x160
[ 1745.880056][T19033]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1745.886154][T19033]  __ia32_sys_sendto+0x12f/0x200
[ 1745.891362][T19033]  ia32_sys_call+0x1397/0x42c0
[ 1745.896773][T19033]  __do_fast_syscall_32+0xb0/0x150
[ 1745.902198][T19033]  ? irqentry_exit_to_user_mode+0x82/0xa0
[ 1745.908274][T19033]  do_fast_syscall_32+0x38/0x80
[ 1745.913639][T19033]  do_SYSENTER_32+0x1f/0x30
[ 1745.918381][T19033]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1745.924951][T19033] RIP: 0023:0xf7f04539
[ 1745.929179][T19033] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1745.949036][T19033] RSP: 002b:00000000f502655c EFLAGS: 00000206 ORIG_RAX: 0000000000000171
[ 1745.957691][T19033] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080847fff
[ 1745.965850][T19033] RDX: 000000000000fee4 RSI: 0000000000000000 RDI: 000000008005ffe4
[ 1745.974026][T19033] RBP: 000000000000001c R08: 0000000000000000 R09: 0000000000000000
[ 1745.982182][T19033] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1745.990454][T19033] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1745.998726][T19033]  </TASK>
[ 1746.002419][T19033] Kernel Offset: disabled
[ 1746.006957][T19033] Rebooting in 86400 seconds..